The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

The Hacker News (THN) 1st Anniversary Celebration It has been a wonderful "HACK" filled year as we disseminated security and hacking information around the world. We are grateful for our loyal readership and welcome new readers and contributors. Let's face it. Hacking isn't going away and growing security concerns are an issue we all need to stay on top of. Being informed about the latest and newest in security measures and the work of hackers to break into these means is a global issue with tremendous consequences. Hacking and security violations affect us all. Not only big corporations which store your information but the health and welfare of your personal PC's. The Hacker news has tracked the events of the last year and we are amazed and the talent and finesse of techy people who can break into the most complicated and sophisticated systems. You can depend on us for breaking news in the area of computer security. Keep reading and keep checking our daily web news. In c...

Facebook " Trusted friends " Security Feature Easily  Exploitable Last week Facebook announced that in one day 600,000 accounts possibly get hacked. Another possible solution for Facebook to combat security issues is to find 3 to 5 " Trusted friends ". Facebook will be adding two new security features that will allow users to regain control of their account if it gets hijacked. In Facebook's case, the keys are codes, and the user can choose from three to five " Trusted friends " who are then provided with a code. If you ever get locked out of your account (and you can't access your email to follow the link after resetting your Facebook password), you gather all the codes and use them to gain access to it again. Yet This method is used by hackers to hack most of the Facebook account using little bit of Social Engineering from last 5-6 Months according to me. Let us know, how this works... How its Exploitable: This Exploit is 90% Successful on...

Volatility 2.0 - Advanced Memory Forensics [With Video Demonstration] The Volatility Framework is a completely open collection of tools, implemented in Python under the GNU General Public License, for the extraction of digital artifacts from volatile memory (RAM) samples. The extraction techniques are performed completely independent of the system being investigated but offer unprecedented visibilty into the runtime state of the system. The framework is intended to introduce people to the techniques and complexities associated with extracting digital artifacts from volatile memory samples and provide a platform for further work into this exciting area of research. The Volatility Framework demonstrates our committment to and belief in the importance of open source digital investigation tools . Volatile Systems is committed to the belief that the technical procedures used to extract digital evidence should be open to peer analysis and review. We also believe this is in the best i...

I had the honor of hosting the first episode of the Xposure Podcast live from Xposure Summit 2025. And I couldn't have asked for a better kickoff panel: three cybersecurity leaders who don't just talk security, they live it. Let me introduce them. Alex Delay , CISO at IDB Bank, knows what it means to defend a highly regulated environment. Ben Mead , Director of Cybersecurity at Avidity Biosciences, brings a forward-thinking security perspective that reflects the innovation behind Avidity's targeted RNA therapeutics. Last but not least, Michael Francess , Director of Cybersecurity Advanced Threat at Wyndham Hotels and Resorts, leads the charge in protecting the franchise. Each brought a unique vantage point to a common challenge: applying Continuous Threat Exposure Management (CTEM) to complex production environments. Gartner made waves in 2023 with a bold prediction: organizations that prioritize CTEM will be three times less likely to be breached by 2026. But here's the kicker -...

Duqu Trojan found in Indian Server Last week we update you about Duqu when Symantec said it had found a mysterious computer virus that contained code similar to Stuxnet, a piece of malware believed to have wreaked havoc on Iran's nuclear program. Two workers at a web-hosting company called Web Werks told Reuters that officials from India's Department of Information Technology last week took several hard drives and other components from a server that security firm Symantec Corp told them was communicating with computers infected with Duqu. The equipment seized from Web Werks, a privately held company in Mumbai with about 200 employees, might hold valuable data to help investigators determine who built Duqu and how it can be used. But putting the pieces together is a long and difficult process, experts said. " This one is challenging ," said Marty Edwards, director of the US Department of Homeland Security's Industrial Control Systems Cyber Emergency Response...

Torsocks 1.2 Released - Socks friendly ssh and irssi with Tor Torsocks is an application for Linux, BSD and Mac OSX that allows you to use network applications such as ssh and irssi with Tor. Torsocks allows you to use most socks-friendly applications in a safe way with Tor. It ensures that DNS requests are handled safely and explicitly rejects UDP traffic from the application you're using. Enhancements unique to torsocks Torifying reverse dns requests through gethostbyaddr() Blocking of UDP traffic from sendto() and its variants. Use of Tor-friendly defaults if no configuration file available. The addition of all RFC defined private address ranges to the default configuration How to Use TorScocks , Read Here Torsocks allows you to use most socks-friendly applications in a safe way with Tor. Once you have installed torsocks, just launch it like so: usewithtor [application] So, for example you can use ssh to a some.ssh.com by doing: usewithtor ssh username@some.ssh.com or...

Anonymous hackers threatening a Mexican drug cartel Anonymous Mexico is going head-to-head with one of the most dangerous criminal organizations in the world, the Mexican cartel Los Zetas. With this Anonymous Proofs that they are not just a common Internet users as cowards behind a keyboard. Not only has the Anonymous threatened to reveal names, but it has also started making good to its threats. Mexican Anonymous hackers is warning a Mexican drug cartel to release one of its members, kidnapped from a street protest, or it will publish the identities and addresses of the syndicate's associates, from corrupt police to taxi drivers, as well as reveal the syndicates' businesses. The website of a Mexican politician suspected of connections to the cartel and The page is still defaced as we write; here is what it looks like (" es Zeta " meaning " is Zeta "): " You made a huge mistake by taking one of us. Release him, " says a masked man in a video posted online on ...

How Facebook Ticker  exposing your information and behavior without your knowledge Nelson Novaes Neto , a Brazilian (independent) Security and Behavior Research have  analyze  a privacy issue in Facebook  Ticker  that allows any person chasing you without your knowledge or consent . He explain that this is not a code vulnerability, but here the whole issue is related to users privacy. Nelson said on his blog " This tool - monitor others began to run when it introduced a new feature called Ticker. This new feature (Ticker) does not respect the privacy settings and it now Comments (updates), add friends, likes and can be seen by others (friend *) anyone without your permission. * You really know a friend tell me if it is real or fake profile - cloned? " Nelson Give Proof of Concept with a very creative real life scenario. Check out a live demonstration, where a "novel" explains how the issue of privacy (you can use any browser to play it). Descri...