The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

German Researchers Break RFID Smartcard Encryption Scientists have found a way to circumvent the encryption used to protect a smartcard used to restrict access to buildings and to process public transit system payments. A team of German scientists have demonstrated a hack that lets them make a perfect clone of the kind of magnetic security card used to give access to workers in corporate or government buildings -- including NASA -- and as a daily ticket replacement on buses and subways. The same team broke a previous version of contactless-ID cards from Mifare in 2008.  This prompted the company to upgrade its security to create a card able to be programmed only once and which contained a unique identifying number that could be checked against the programmed content on the card for extra security. The new hack is carried out using a side channel attack, which bypasses the defensive features intended to prevent attacks on the card. To achieve this, the researchers made repeat...

FBI shut down 18 Child Porn Websites A man was recently indicted on federal charges of running 18 Chinese-language child pornography websites out of his apartment in Flushing, New York. The websites were being advertised to Chinese-speaking individuals in China, in the U.S., and other countries. According to the FBI, " Virtually every day, children are lured away from their families by cyber sexual predators. We're committed to stopping these crimes through our Innocent Images National Initiative. Based in Maryland, it joins FBI agents and local police in proactive task forces around the country that work online undercover to stop those who prey on our kids. " In late 2010, the FBI - through their legal attaché office in Beijing - received information from Chinese officials about their investigation of a large-scale child pornography website housed on U.S. servers. One of their main suspects, a Chinese-born man, was living in New York. The FBI's New York office op...

OWASP Mantra - c0c0n 11 and AppSecLatam 11 Release  The third beta of OWASP Mantra Security Toolkit has been released. One of the main features of this version is the multi-language support. Mantra now supports Hindi and Spanish, in addition to English. If you can give us a helping hand by translating Mantra into more languages, feel free to contact us and we will look forward to see you in Team Mantra. This version is based on Firefox 7.0.1 and comes with some new extensions which you will definitely find useful. One of the other changes is renaming the "Ayudha" menu back to "Tools". We all are comfortable with "Tools" and we decided to keep it intact. This is a collection of free and open source tools integrated into a web browser, which can become handy for students, penetration testers, web application developers, security professionals, etc. It is portable, ready-to-run, compact and follows the true spirit of free and open source software. Mantra...

111 Arrested for biggest identity theft and credit card fraud Case One of the biggest identity theft and credit card fraud cases in history has generated millions of dollars in losses to date. 111 individuals have been indicted in the largest identity theft takedown in U.S. history. " This is by far the largest--and certainly among the most sophisticated--identity theft/credit card fraud cases that law enforcement has come across ," said Richard A. Brown, the district attorney of Queens, N.Y., in a statement announcing the arrests. The defendants, members of five organized forged credit card and identity theft rings based in Queens County and having ties to Europe, Asia, Africa and the Middle East, are charged in ten indictments with stealing the personal credit information of thousands of unwitting American and European consumers and costing these individuals, financial institutions and retail businesses more than $13 million in losses over a 16-month period. As part...

U.S. drones affected by Keylogger Virus A keylogger of some sort has infiltrated classified and unclassified computer systems at Creech Air Force Base in Nevada, recording the keystrokes of pilots tasked with operating unmanned drone aircraft in Afghanistan and other international conflict zones. The virus, first detected nearly two weeks ago by the military's Host-Based Security System, has not prevented pilots at Creech Air Force Base in Nevada from flying their missions overseas. Nor have there been any confirmed incidents of classified information being lost or sent to an outside source. But the virus has resisted multiple efforts to remove it from Creech's computers, network security specialists say. And the infection underscores the ongoing security risks in what has become the U.S. military's most important weapons system. Tadd Sholtis, a spokesman for Air Combat Command, which oversees the drones and all other Air Force tactical aircraft said, " We generally do...

SWSE - Most Advanced Wi-Fi Hacking and Security Course online We covered the launch of the SecurityTube Wi-Fi Security Expert in a previous article. As their entire courseware is available online free of charge to evaluate: , I took a look over the weekend and I was very impressed. The instructor assumes you are an absolute n00b to the subject and starts from the very basics of how to get started with creating your own lab for doing Wireless Hacking exercises. He then slowly gains momentum and touches upon a ton of topics - Honeypots, Hotspot attacks, MITM over wireless, WEP/WPA/WPA2 Cracking, WPA/WPA2-Enterprise hacking, PEAP, EAP-TLS, EAP-TTLS cracking, creating backdoors with wireless, Wi-Fi malware etc. All of this is covered in over 12+ hours of HD videos. I would strongly recommend you to download the full courseware here and see for yourself: https://securitytube.net/downloads If you are interested in using this for your job and desire to get a certification then, Security...

[ Call for Article ] The Hacker News Magazine - November 2011 Edition The Hacker News is starting to prepare the next issue of ' The Hacker News Magazine '. Submissions are invited for a 6th up coming special November Issue as " Anniversary Edition ". If you have something interesting to write, please drop us an email at : thehackernews@gmail.com Yes ! We are going to Celebrate ' The Hacker News '  1st Anniversary on 1 November, 2011 . Each Issue/Article of our Magazine and Website aims to spread Awareness and Knowledge about Cyber Security. We gather articles from young minds that deal closely with the topic of Security and Hacking Threats. Topics of interest include, but are not limited to the following: - New Attack and Defense Techniques - Vulnerability discovery - Small Tactics & Techniques - Big Attacks & Impact - Mobile Hacking - Professional Exploit Development - Security and Hacking Events Around The World ...