The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Facebook is continually changing its privacy settings, trying to give users more control over what they want to share and with whom. Two gay college students were outed on Facebook because of a privacy flaw in Facebook Groups. Users can be added to Facebook Groups by friends without the user’s permission or approval.  University of Texas students Taylor McCormick and Bobbi Duncan came out to the world via Facebook, but not in ways they ever intended. The Wall Street Journal examined how Facebook changed the lives of two gay college students, when a classmate added them to a public group for other gay choir singers at the school an action that was shared on the students’ news feeds.  In another case Bobbi Duncan desperately wanted her father not to know she is lesbian, but Facebook told him anyway. Soon, she learned that another choir member, Taylor McCormick, had been outed the very same way, upsetting his world as well. The two University of Texa...

Two weeks back we reported that Security firm Trend Micro discovered a worm targeting Skype users with spam messages designed to infect machines with the Dorkbot ransomware has been discovered. This malware is spreading through a question/ phrase sent to the users by someone and the question is: “ lol is this your new profile pic? ” Yesterday Security researchers from Avast have intercepted a currently spreading Darkbot malware campaign, that's affecting millions of Skype users. According to him,"  It targets all the major Web browsers, and is also capable of distributing related malware such as Ransomware/LockScreen, as well as steal accounting data for major social networking services such as Facebook, Twitter, as well as related services such as GoDaddy, PayPal and Netflix ." Some of the infected PCs install the malware known as ransomeware which locks your PC and ask you to pay $200 dollars within 48 hours to retrieve your files. " If you click on ...

A huge hack carried out today ! One of the biggest Peru Domain registrar company (punto.pe) hacked by Lulzsecperu (declared by a tweet ) and Complete database of 207116 websites has been leaked on internet.  Leaked database include Domain panel username, encrypted password, Company descriptions. Hacked domains include all .PU domains ie. Banks , Institutes, computer security companies, corporates, colleges, government, personal websites. " We clarify that we have no malicious purposes, only prove that the security of PERU is bad and should be corrected. Greetings to the computer crimes division of the National Police of Peru from March 2012 is nil activity and fail or be close to where we are now ASBANC for trying. " Hacker said in an statement . He upload the database here :  https://anonfiles.com/file/e14504f5033d2a53457af667b686340f Password for file: lulzsecperu 2-3 Hours after  Lulz...

Rapid7 researcher Juan Vazquez recently uncovered a zero-day security flaw in Novell ZENworks Asset Management 7.5. This Vulnerability ( CVE-2012-4933 ) gives access to any files with system privileges and could also allow an attacker to grab configuration parameters, including the backend credentials in clear text. ZENworks Asset Management provides a Web Console, where the user can access the data collected about network devices and edit some information. This web interface provides some maintenance calls, two of them accessible with hardcoded credentials, allowing a remote attacker to retrieve any file from the remote file system with SYSTEM privileges and to get configuration parameters from the ZENworks Asset Management including the backend credentials in clear text. The vulnerability currently remains unpatched and US CERT recommends that users implement firewall rules that will restrict access to the web interface by unauthorised users. Read here , mor...

According to a White House-ordered review , a giant Chinese technology company " Huawei " is not a state-sponsored espionage tool. Huawei Technologies, the world's second-largest supplier of telecommunications equipment. The largely classified investigation, which delved into the security risks posed by suppliers to US telecommunications network operators, found Huawei was risky for other reasons, such as having products that are vulnerable to hackers. The committee, which conducted an 11-month investigation into privately held Huawei and ZTE, found the two companies uncooperative in providing information about their respective ties with Beijing. Some questions remain unanswered. For example, it is unclear if security vulnerabilities found in Huawei equipment were placed there deliberately. It is also not clear whether any critical new intelligence emerged after the inquiry ended. " The White House has not conducted any classified inquiry that res...

The hacker group Anonymous claims that Maxson is the man who drove Amanda Todd to her death last week, but the Canada native says it wasn't him and that he was a friend to the teen. Alleged Amanda Todd blackmailer Kody Maxson outed a second pedophile blackmailer, known as Viper. Maxson appeared in court Monday for unrelated charges of sexual assault and sexual interference of a person under 16. Anonymous traced him to the online handle Kody1206, an active user on teen chat hub Blogtv where Todd was coerced into exposing herself and various forums dedicated to trading jailbait or sexualized images of teens. Maxson said he got some sketchy information about the blackmailer, who he says was 26, lived in New York and goes by an alias of Viper. The man said he passed this information to the RCMP and NYPD, but he couldn’t remember whom he spoke with. He said he only knew Amanda in “ a sense ,” but denied he was one of her cyber-bullies. Here’s a video statement fro...