The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Underground Security Forums : Poisonhack.info & Team-xpc.com Hacked by 0p3nH4x ! 0p3nH4x Team of Hackers , Hack two big Underground Security websites :  Poisonhack.info & Team-xpc.com , who call them self as " Security Expert ".  0p3nH4x  hack them and provide all Hack details at  http://pastebin.com/peDbvkXz . Submitted By : 0p3nH4x

Indian Congress Party & Ebay Nepal Websites are vulnerable to Hackers ! MaDnI member of Pak Cyber Army found Serious Sql injection vulnerabilities in two famous sites, first is Ebay Nepal sites http://ebay.com.np/ and 2nd is of Indian Congress Party : http://www.congress.org.in  , The Detail of vulnerable links are shown below : 1.)  Ebay Nepal : Target : http://ebay.com.np/index.php?task=cms&id=3 Database : ebaycom_ebay 2.) Indian Congress Party Target : http://www.congress.org.in/new/renunciation-details.php?id=2 Attack Type : SQL Union Injection User :  aiccorg_usr@localhost Database : aiccorg_db

CodeMasters - Gaming Community Compromised, Back-End Users Data Leaked ! CodeMasters - Gaming Community has been hacked by " Kon " . He leak the back-end users login Information as shown below : Technical Details : Encryption: DES(Unix) Method: POST SQLi URL: Not providing Number of member accounts: 2524846 Database version: 4.1.22-max-log

Anonymous leaks PSN SSH Logs , Sony is responsible for Data Theft ? 1.) On the Sony servers running the highly outdated Open SSH version 4.4. 2.) Current version is 5.7. For those of Sony for encrypted version are used for more than five years several known security holes. 3.) Sony server running in part to the long-outdated software Apache 2.2.10. 4.) Current version is 2.2.17. The version used by Sony is vulnerable to damaging Internet attacks, such as overload attacks (DDOS). Outdated server software may have caused outage Allowing PSN hackers to enter PlayStation Network stealing more than 100 million user data sets from PSN and SOE. Since the allegation itself isn't exactly new, correct, there are new proofs that this rumor is. Report even claims that Sony lies when it comes to the statement of outdated servers. Computer Bild got an excerpt showing log files that proof that Sony was, as of the hacking attack, using very outdated server software, sea...

Indian Premier League | IPLT20 Website Defaced by Tyson_08 and Inferno ! Indian Premier League | IPLT20 Website Has been hacked, and some defaced by Tyson_08 and Inferno Hackers. They wrote a short message on deface page that, They have too many times inform about SQLi Vulnerability in T20 website at  http://www.iplt20.com/ , But none of Authority/Admin take it Seriously. They Put copy of Coding of Index Page at  http://pastebin.com/xn7Fe853  and Mirror of hack is available at  http://www.legend-h.org/mirror/166530/iplt20.com  . 

OpenDNSSEC 1.3.0rc2 new Version released ! Version 1.3.0rc2 of OpenDNSSEC  Match the names of the signer pidfile and enforcer pidfile. Include check for resign < resalt in ods-kaspcheck. Bugfixes: Bugfix #231: Fix MySQL version check. ods-ksmutil: Update now sends a HUP to the enforcerd. Signer Engine: Fix assertion failure if zone was just added. Signer Engine: Don’t hsm_close() on setup error. Signer Engine: Fix race condition bug when doing a single run. Signer Engine: In case of failure, also mark zone processed (single run). Signer Engine: Don’t leak backup file descriptor. signconf.rnc now allows NSEC3 Iterations of 0 Download the tarball from:  opendnssec-1.3.0rc2.tar.gz

Facebook Prepares to Launch Bug Bounty Program ! Facebook is working on setting up a bug bounty program that would encourage security researchers to discover vulnerabilities on its platform and report them responsibly. Mr. Joe Sullivan, Facebook's chief security officer, told us today at the Hack in the Box Amsterdam 2011 security conference that the company is currently testing such a system and hopes to launch it soon. Vulnerability reward programs are not new. In fact, they've been around since the Netscape era. In 2004 Mozilla introduced a bug bounty system for vulnerabilities discovered in Firefox, then last year Google did the same for Chromium, the open source project behind Google Chrome. However, it was Google that began rewarding vulnerabilities found in its web services first, a move that was mirrored by Mozilla a month later. Facebook has a pretty good relationship with security researchers already and many of them are reporting vulnerabilities to the ...