The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Thehacker12 Dumps Logins for 20,000 Customers and U.S. Employees ThEhAcKeR12  has hacked into an events management company and obtained sensitive information belonging to 20,000 individuals, many of whom were United States government employees or contractors. Hacker posted an Excel spreadsheet containing login credentials and personal information for 20,000 people obtained from allianceforbiz.com . Allianceforbiz.com is a professional trade show management company that manages conferences, meetings and trade shows for customers, according to the company Website. The list has been made public on Pastebin and Mediafire and a message posted on Twitter: " 20,000 email-passwords had been leaked consisting mostly of US Mill Army, Govern. & corporate giants ." The spreadsheet contains usernames, passwords, e-mail addresses. company name. The file also contained 17,668 company names, of which 14,739 were unique, and most had only one e-mail address associated with ...

German Gema website hacked by Anonymous Hackers The GEMA website was hacked by Anonymous. Here is a screenshot who was circulating now the whole web presence disappeared. Whoever wants to playback or perform music in public in Germany will become, as a rule by doing this, a customer of GEMA. GEMA (Society for musical performing and mechanical reproduction rights) is a performance rights organization from Germany. It is the only institution in Germany. GEMA represents some 60,000 composers, authors and music publishers and the rights of more than a million copyright owners internationally whose works are used in Germany.

XSS vulnerability in Bing.com Maps One of the Security Researcher " Juan Sacco (runlvl) " - Insecurity Research Labs expose the Cross Site vulnerability (XSS) in Bing.com Search Engine. BING.COM is prone to a XSS vulnerability because the application failsto properly perform adequate boundary checks on user-supplied data.An attacker can exploit this issue to execute arbitrary code in thevictim's browser. Details : The reflected XSS vulnerability is a variant of a cross-site scriptingflaw: it occurs when the data provided by the attacker is exectued bythe browser, and then displayed on "normal" pages returned to otherusers in the course of regular browsing, without proper HTML escaping. Aclassic example of this is with online message boards where users areallowed to post HTML formatted messages for other users to read. Vulnerable Link

Android Trojan GingerMaster  Uses Gingerbread Root Exploit As our smartphones become more ubiquitous and more powerful, they need to be protected in much the same way that you would protect your computer. Further to this, a malicious piece of malware has been discovered for devices powered by Android 2.3.3 Gingerbread, giving the hacker the ability to take complete control of the smartphone remotely. According to Assistant Professor Xuxian Jiang from the NCSU Department of Computer Science, the new threat, which his team has dubbed GingerMaster, is the first malware to use the root exploit for Android 2.3. " As this is the first time such malware has been identified, it is not surprising when our experiments show that it can successfully evade the detection of all tested (leading) mobile anti-virus software, " he writes . Once the GingerMaster malware is installed and has root privileges, it then reaches out to a remote command-and-control server and asks for instr...

Automated HTTPS Vulnerability Testing by Qualys SSL Labs One of main problem in HTTP protocol is encrypting traffic and verifying data security, securing the web application against any threat is very important especially that if hackers conduct a Man-in the middle attack he can get all users information while data are transferred in a clear text form. HTTPS is a combination of the HTTP with SSL/TLS protocol to provide encrypted communication and secure identification of a network web server. HTTPS connections are often used for payment transactions, social network websites and for sensitive transactions in corporate information systems. HTTPS is a huge step forward for website user's safety, but it can also be a huge challenge for the security teams, here we need to test our server to be sure that our users and customers are secure for this purposes we can use Qualys SSL server test SSL Server Test is a free online service that performs a deep analysis of the configuration of ...

F-Secure : Chinese Government Launching Online Attacks According to F-Secure Chinese military documentary shows footage of gov't systems launching attacks against US target. China is often blamed for launching online attacks, but the evidence is almost always circumstantial. Many of the targeted espionage Trojans seem to come from China, but we can't actually prove it. However, some new evidence has just surfaced. On 17th of July, a military documentary program titled "Military Technology: Internet Storm is Coming" was published on the Government-run TV channel CCTV 7, Millitary and Agriculture (at military.cntv.cn ). The program seems to be a fairly standard 20-minute TV documentary about the potential and risks of cyber warfare. However, while they are speaking about theory, they actually show camera footage of Chinese government systems launching attacks against a U.S. target. This is highly unusual. The most likely explanation is that this footage ended ...

Turkish government website Hacked by kurdish hacker for bombarding Kurdistan Regions Today a kurdish hacker " Mn Peshmargem " deface the website of  Turkish government for protest against the bombarding done by the Turkish Military planes in Kurdistan Regions. Message Posted by Hacker : Fuck racism Turkish, fuck acursed Ataturk, fuck you Turkish the fad ended of the Mongolians wait for your non honored soldiers, that they are embarrassed in front of a Peshmarga like me. If a Kurd die, 100 honorless Turks must go to hell afterwards. You coward Turks are always honorless and lost in front of a Peshmarga like me in the battle fronts. Do you want to hide your honorlessness and cowardice by bombing the mountains in Kurdistan??? Be sure that you must pay back a debt for bombing the mountains in Kurdistan. Fuck the honorless Turks, viva Kurds and Kurdistan, viva Peshmarga.