The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Prepare your tools, build your team, defend your country and conquer the World. It is well known that the best way to learn security is hands on. It's the kind of experience you earn in pentest labs or CTF competitions based on challenges or defensive and offensive security and it's aimed at improving your security skills. Every important Information Security conference has a CTF competition, the most prestigious universities host CTF competitions and major companies organize CTFs now and then. Just take a look at Stripe or Mozilla. CTF is everywhere and not just in the InfoSec Industry. The World is changing rapidly, and so is the InfoSec industry along with CTFs. It looks like CTF365 took this task seriously and they promise a brand new approach to CTF competitions that will change everything we know about those competitions. Is not a challenge nor scenario based game. They simply promise to build and internet within The Internet and replicate everything that ex...

A Russian hacker going by name - " kOS " hack into the Bulgarian torrent tracker " Arenabg " website ( https://forum.arenabg.com/ ) and leak the complete database of their forum and accused of collecting IP of users like PirateBay. Hacker said, " Why I hack this tracker? Because they store IP information and NO tracker must do, not on any of their service - blog, forum, custom CMS or else. If ARENABG not fix mistake, I dump main tracker information with all IP/username/pass! " Leaked Database include data of 22675 Users with their name, email, encrypted password and IP address and other forum based information. This Torrent site provide links and tracers for downloading movies, music, games, serials, programs, pictures, mobile applications. Hacker upload the complete SQL database on File sharing site .

The FreeBSD team has announced over the weekend that two machines within the FreeBSD.org cluster have been compromised and have been consequently pulled offline for analysis. Security team said on Saturday. " The affected machines were taken offline for analysis. Additionally, a large portion of the remaining infrastructure machines were also taken offline as a precaution, ". However it added that the intruder had sufficient access to modify third party packages, many of which are compiled and installed through FreeBSD's ports system. Audits have been performed to verify the infrastructure and source trees are clean and the suspect machines " are either being re installed  retired, or thoroughly audited before being brought back online ," the cluster administration team said . The FreeBSD Project was gearing up for the FreeBSD 9.1 release, however as it is unable to verify the integrity of the package set, that has been removed and will be rebuilt prior to th...

Along war with airstrikes between Israel and Palestine, Cyber war between hackers from both country on fire. First Hackers from all over world who supporting Palestine start attacking Israeli sites, now a hacker going by name " yourikan " has leaked a complete database from an ISP called PALNET (https://www.palnet.ps). In a statement, hacker told 'The Hacker News', " this is in react of the latest terror from Palestine in the missiles against Israel and the cyber war against us say no to Palestine! say no to terror! " Leaked database has been posted on pastebin and downloadable file on anonfiles and including credit card details and full personal address, numbers, names of various Israeli users and admin password and snmp secrets files.

Where Anonymous declared war on the Israeli websites , today another Pakistani hacking group also came forward in support of GAZA by taking down multiple big Israeli sites and deface all Microsoft related Israeli domains including Bing, MSN, Skype, Live and other. Hacker start with " The Notorious Hackers are Back " , including 1337, H4x0rL1f3 , ZombiE_KsA and Invectus. But we are in contact with ZombiE_KsA (Founder of PakBug Forum) from last 2 years, so I just ask ZombiE_KsA about his involvement in this hack, and he clearly declined his involvement and said that other Pakistani hackers are using his name without permission in the Israeli deface pages to show his support , " and they copied my index as well, " he said. Anyway, deface page said, " on the behalf of all Pakistani and all Muslims," promising that "your war on Gaza will make you cry blood. " Zone-h of all defaced sites are available  here . ...

Yesterday we have reported that How Bug Bounty programs can play unfair with hackers and researchers, where hackers are submitting their legitimate findings to companies and no surprise if they are getting replies that " Someone else already reported this, you are not eligible for Bounty ". But the main issue is, if companies are really aware about the issue , then why they have not fixed it yet ?  Today we are going to Talk about Google, that How a ignored vulnerability can be brilliantly crafted and exploited by Hackers for phishing users. On 11th September this year, I have reported a persistent XSS vulnerability in Google and reply from Google Security Team was," It seems the XSS you reported actually executes on one of our sandboxed domains (googleusercontent.com). The sandboxed domain does not contain any session cookies for google services, nor does it have access to any Google.com data " I said its okay if they are su...