The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Sega Pass customer datails hacked, LulzSec wants to Help Sega ! Sega has told gamers that some of their personal information may have been stolen following an attack on its systems. E-mail addresses and dates of birth stored on the Sega Pass database were accessed by hackers. But payment information, such as credit card numbers, remained safe as it was handled elsewhere, Sega said . The hacking group Lulz Security appeared to deny involvement, despite leading a wave of recent cyber attacks. " @Sega - contact us. We want to help you destroy the hackers that attacked you. We love the Dreamcast, these people are going down, " the hacking group posted on its Twitter feed . No hacker group has claimed responsibility for the attack so far. Although, a number of recent attacks on game companies and their online services are credited with LulzSec, its denial of the credit has brought in a twist of events. " We have identified that a subset of SEGA Pass members' ema...

THC-HYDRA v6.4 - Fast network logon cracker  THC-HYDRA is a very fast network logon cracker which support many different services. This tool is a proof of concept code, to give researchers and security consultants the possibility to show how easy it would be to gain unauthorized access from remote to a system. It was tested to compile cleanly on Linux, Windows/Cygwin, Solaris, FreeBSD and OSX. Changelog for thc-hydra v6.4 Update SIP module to extract and use external IP addr return from server error to bypass NAT Update SIP module to use SASL lib Update email modules to check clear mode when TLS mode failed Update Oracle Listener module to work with Oracle DB 9.2 Update LDAP module to support Windows 2008 active directory simple auth Fix to the connection adaptation engine which would loose planned attempts Fix make script for CentOS, reported by ya0wei Print error when a service limits connections and few pairs have to be tested Improved Mysql module to only init/clo...

SAMHAIN v2.8.5  - intrusion detection system The samhain open source host-based intrusion detection system (HIDS) provides file integrity checking and logfile monitoring/analysis, as well as rootkit detection, port monitoring, detection of rogue SUID executables, and hidden processes. It has been designed to monitor multiple hosts with potentially different operating systems, providing centralized logging and maintenance, although it can also be used as standalone application on a single host. The official change log: For the kernel check, the configure script should now detect if /dev/kmem exists but is dysfunctional. Also, a bug in the samhain_kmem kernel module has been fixed. The LogmonMarkSeverity option has been fixed Timeserver response is cached now for one second The Unix entropy gatherer supports /opt/local/bin now A compile time option has been added to disable the expansion of $(shell command) in the configuration file. Also, the signature of a signed ...

HP computers FTP hacked by HexCoder UPDATE : We have verified that this is just a anonymous FTP user access to ftp.hp.com . There is nothing like hack. Pakistani hacker HexCoder may try this to get attention. Anyway the access is available for all with : Host : ftp.hp.com Username : anonymous Password : anonymous Just Now we ( The Hacker News ) got a mail from Pakistani hacker named " HexCoder " . He Claim to hack FTP of HP computers at ftp.hp.com .  Statement about this Hack by Hacker  HexCoder, " I have done this by getting access to FTP successfully.All this by just mere stupidity!Oh and I will not share their database because its too big (9 GB) ". About a month before , ACER hacked because of their own stupidity , and this time HP computers.

ClubHack: CHMag Issue 17th, June 2011 Download Contents of this Issue:- Tech Gyan - Pentesting your own Wireless Network Tool Gyan - Wi-Fi tools Mom's Guide - Wireless Security - Best Practices Legal Gyan - Copyrights and cyber space Matriux Vibhag - Forensics with Matriux Part - 2 Poster of the month - Can you cage a Wi-Fi signanl ? Direct Download

XSS attack on CIA (Central Itelligence Agency) Website by lionaneesh After Ddos attack on CIA (Central Itelligence Agency) website by Lulzsec, lionaneesh , an Indian hacker have found XSS Vulnerability on same site as shown. The Vulnerabile link is here  . You can join Loinaneesh on Twitter . 

LulzSec Leaks 62,000 Email/Passwords of writerspace.com LulzSec Leaks 62,000 Email/Password Combo Internet Goodie Bag. Lulz hasn't said where they got the data, Even they are not sure that, these logins are from which site. They tweet the download link as shown :  http://www.mediafire.com/?9em5xp7r0rd2yod According to  Mikko H. Hypponen ,CRO of F-secure - " The list of 62,000 emails/passwords just released by @LulzSec is probably the user database of writerspace.com. " He also give Reason that " Why writerspace.com? Well, the most common passwords include these: mystery, bookworm, reader, romance, library, booklover and..writerspace.So basically that's why I believe the latest Lulzsec password leak originates from writerspace.com. I'm guessing it's their user database "