The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

0-Day SCADA Exploits Publicly Exposed by Italian researchers An Italian researcher has uncovered at least a dozen security flaws in software used in utilities and other critical infrastructure systems, prompting security advisories from the U.S. government. Security researcher Luigi Auriemma disclosed the attacks against six SCADA (Supervisory Control and Data Acquisition) systems including US giant Rockwell Automation.The step-by-step exploits allowed attackers to execute full remote compromises and denial of service attacks.Some of the affected SCADA systems were used in power, water and waste distribution and agriculture.Such zero-day information disclosure was generally frowned upon in the information security industry because it exposed customers to attack while published vulnerabilities remained unpatched.Attacks against SCADA systems were particularly controversial because exploits could affect a host of machinery from lift control mechanisms to power plants. The advisor...

SSHtrix - Fastest Multithreaded SSHv1 and SSH1v2 login cracker sshtrix is a very fast multithreaded SSH login cracker. It supports SSHv1 and SSHv2.sshtrix was designed to automate rapid bruteforce attacks against SSH authentification screens. Unlike other public tools, the aim is to keep it simple, stable, fast and modular. With its clean code design, it is easy to extend the code to a framework or to fork it against protocols of your choice. In fact, sshtrix is a fork of my own generic login cracker framework. Download SSHtrix here

Droidsheep : Android Application for Session Hijacking  Droidsheep is free alternate of faceniff which is available on download droidsheep website for free. Its one click hijacking tool which supports Amazon.de facebook.com flickr.com twitter.com linkdein.com yahoo.com live.com google.de (only the non-encrypted services like "maps") What do you need to run DroidSheep.? You need an android-powered device, running at least version 2.1 of Android You need Root-Access on your phone (link) You need DroidShep (You can get it in the "GET IT" section) Download Droidsheep

Its Fail 2011 - Year of Hacks ! According to IT security experts Year 2011 have labeled as the " Year of the Hack " or " #Fail 2011 ". Hacking has become much easier over the years allowing hackers to hack into systems easier then ever before, which is why 2011 had a lot of hacking happen so far. Hackers are coming up with tools as well as finding new methods to hacking faster then companies can increase their security. Even, Every year is the year of the hacking as long as there are hackers out there ready to execute their malicious programs and attain their goals like gathering important information to the victim's computer, stealing important identities, credit card information, etc. This year 2011 could be another generation of hacking. Since every year there are always forward advancements of the tools and programs that could use by the hackers. The most important is to avoid them if you are a computer user. RSA Hack (3/17/2011) : Motive - Unknown attacker, alth...

Operation OpIndependencia : Anonymous Hit Mexican Government Official websites The websites of several Mexican government ministries, including Defense and Public Security, went offline on Thursday, and a hacker group claimed responsibility. Yesterday's date was significant because it was the symbolic beginning of Mexico's independence from Spain. According to Anonymous, blocking Mexican government sites is part of the operation OpIndependencia, but its essence is not disclosed and could not explain their actions." We are anonymous, we are legion, we don't forgive, we don't forget. Wait for us, " said a statement on a blog linked to a Twitter account for Anonymous Hispano. Meanwhile, X-Ploit's three members say they are tracking senators' Web surfing habits, including visits to porn sites, in addition to initiating hacks against Mexico's Health Ministry, National Water Commission and National Statistics Institute sites." We're only looking to show that we don...

The Sec Indi Security Team has found Multiple major flaws on Clickindia.com - One of the biggest Classifieds network. There is a highly possible chance to damage ClickIndia system or to steal the Database. Hackers Exploit it via SQL Injection Vulnerability.

Linux.com down again due to Security Breach Linux Foundation infrastructure including LinuxFoundation.org, Linux.com, and their subdomains are again down for maintenance due to a security breach that was discovered on September 8, 2011. Investigators yet can't elaborate the source of attack. Regarding coming back online , Linux.com says " Our team is working around the clock to restore these important services. We are working with authorities and exercising both extreme caution and diligence. Services will begin coming back online in the coming days and will keep you informed every step of the way. " The added " We are in the process of restoring services in a secure manner as quickly as possible. As with any intrusion and as a matter of caution, you should consider the passwords and SSH keys that you have used on these sites compromised. If you have reused these passwords on other sites, please change them immediately. We are currently auditing all systems and wil...