The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

WordPress.Com Hacked, Hacker  Root the Server ! The parent company that operates WordPress, made an announcement this morning that it has hacked, resulting what the company said was a low-level (root) break-in to several of their servers. The company warned that potentially anything on those servers could have been revealed to the attackers, including client source code. WordPress founder, Matt Mullenweg made the following announcement in a blog post this moring. Read here We have been diligently reviewing logs and records about the break-in to determine the extent of the information exposed, and re-securing avenues used to gain access. We presume our source code was exposed and copied. While much of our code is Open Source, there are sensitive bits of our and our partners’ code. Beyond that, however, it appears information disclosed was limited. Based on what we’ve found, we don’t have any specific suggestions for our users beyond reiterating these security fund...

Apollohospitals.com is vulnerable to SQL injection Found and Submitted By : Zero Cool

Supreme Court of Canada vulnerable to xss attack ! Vunl Link :  http://sr.scc-csc.gc.ca/ search?client=SCC-CSC&site= Internet&output=xml_no_dtd& proxystylesheet=SCC-CSC&hl=en& oe=latin1&ie=latin1&q=%3E%22% 3E%3CMARQUEE%3EHACKED+BY+ZERO+ COOL%3C%2FMARQUEE%3E&btnG= Search Found n Submitted by : Zero Cool

Main Advertising vulnerable to SQLI by lionaneesh ! One of the best advertising companies in the world which is even used by megaupload is vulnerable to SQLi.   What I can do [Power]:- Loinaneesh found a database in which the hits to a particular link was entered (this is most probably used for counting the revenue). I can change and increase or decrease the ad revenue of a particular site. Target: http://click1.mainadv.com/ad.asp?id=%Inject_Here%609 DATABASE :  MSSQL 2005 Method: GET DATABASE : portals DATABASE : PDATAortals Table Name Columns Formats domain_new Categories domains bannersImp1 sampleAPP bannersImp change articleGroups t_jiaozhu specialTables TablesLinks tabella1 Gestionale contents Luckypot ...

ESET NOD32 releases Antivirus for Linux 4 ! ESET announced the availability of ESET NOD32 Antivirus 4 Business Edition for Linux Desktop and ESET NOD32 Antivirus 4 for Linux. ESET NOD32 Antivirus 4 for Linux offers protection against cross-platform and emerging threats, enhancing the security of Linux platforms. The scanning engine automatically detects and cleans malicious code, including threats designed for Windows and Mac based systems. ESET NOD32 Antivirus 4 Business Edition for Linux Desktop includes ESET Remote Administrator, which provides IT administrators with a management console to control an entire network from a single screen — supporting tens or thousands of heterogeneous computers. Key benefits and features: Detection and proactive cross-platform protection  – Advanced heuristics technology delivers real-time, proactive protection from malware, hacker attacks and exploits. Product protects against Linux, Windows and Mac malware Small system footprint ...

Malaysiakini - Malaysia's Most Popular News Website Shutdown's after cyber attack ! It has been reported that Malaysia's most popular news website Malaysiakini ( http://www.malaysiakini.com ) has been hit by cyber attack from 11 AM afternoon shutting the website down. The attack created a stir when the website stopped working just before the Sarawak election, making the website inaccessible to the readers. The attack has been diagnosed as Denial-of-service attack which is considered to prevent an Internet site or service from functioning efficiently or at all, temporarily or indefinitely. Denial-of-service attacks are considered violations of the IAB's Internet proper use policy, and also violate the acceptable use policies of virtually all Internet service providers. They also commonly constitute violations of the laws of individual nations. According to the technical team, the cyber attack has resulted in  swarming the Malaysiakini servers...

A French hacker who boasted on TV about hacking into the network of an important defense contractor was arrested and charged with unauthorized access to a computer system, data theft and organized fraud. The hacker appeared on the France 2 television programme "Complément d'enquête" (Further investigation) where he claimed to have hacked into computers belonging to the French Army and Thales Group, an IT contractor for the aerospace, defense and security industries. After the programme aired, the company filed a complaint, claiming the hacker stole confidential information from its internal network. The man, identified in only as Carl, was arrested on April 7 in Paris. When inspecting his computer, police found the details of hundreds of credit cards and bank accounts. The hacker admitted selling the information on underground websites, as well as using them to make fraudulent purchases for himself and others. This led to additional charges of organized fraud bei...