The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Charlie Miller is a former hacker who has become an information security consultant now working with Department of Defense (DoD) for helping out with cyber security.  He was invited to the conference on cyber conflict held by the NATO Cooperative Cyber Defense Center of Excellence in Tallinn, where he talked about the vulnerability of information systems.  In a recent video released he talks about the ways he works. He spent five years working for the National Security Agency. Miller demonstrated his hacks publicly on products manufactured by Apple. In 2008 he won a $10,000 cash prize at the hacker conference Pwn2Own in Vancouver Canada for being the first to find a critical bug in the ultrathin MacBook Air. The next year, he won $5,000 for cracking Safari. In 2009 he also demonstrated an SMS processing vulnerability that allowed for complete compromise of the Apple iPhone and denial-of-service attacks on other phones. In 2011 h...

Critical Zero-day Vulnerability in Adobe Reader Researchers at the Lockheed Martin Computer Incident Response Team (CRT) and members of the Defense Security Information Exchange informed Adobe that their products were being exploited by hackers. The exploit affects all versions of Adobe Reader and Adobe Acrobat 9.x and higher, including Adobe Reader X and Adobe Acrobat X (10.1.1) for Windows, Macintosh, and UNIX. " This U3D memory corruption vulnerability (CVE-2011-2462) could cause a crash and potentially allow an attacker to take control of the affected system ," wrote Adobe in their incident report, explaining that this essentially a memory-corruption and privilege escalation exploit. " There are reports that the vulnerability is being actively exploited in the wild in limited, targeted attacks against Adobe Reader 9.x on Windows. Adobe Reader X Protected Mode and Acrobat X Protected View mitigations would prevent an exploit of this kind from executing. " According to a blog po...

XSS (Cross site Scripting )  Vulnerability discovered on Google Code website as shown. Claimed to be Discovered by  Vansh Sharma & Vaibhuv Sharma. Proof Of Concept: Just go to https://code.google.com/apis/ajax/playground/  and then click on edit HTML after that remove all the codes and type this script: < img src="< img src=search"/onerror=alert("XSS")//"> And click on DEBUG CODE , and then first it will show you " Sample must have <head> element " click OK and wait for the window to load if nothing happen then try the same thing again or simply you can click on RUN CODE, and you will get a popup which is XSS. Another Similar XSS posted by  +Pirate , as posted on HackForum Community.

Coca-Cola Norway Hacked by Greek Hacking Scene (GHS) An Impressive cyberattack was executed by a ​​Greek hacker against the official website of the multinational company Coca-Cola in Norway with defacement in internal links of the website. In a demonstration of power, the Greek hacker with the pseudonym «Napsterakos», identified weakness in the company's website-giant Coca-Cola, and defaced on purpose to post his own messages. As SecNews was informed by an anonymous reader giving us details about the incident, the attack was made as the first attack of the operation «Greek Hacking Scene vs Corruption», The hacker «Napsterakos», in a message posted on Pastebin states that "when the future is based on lies, then everyone is corrupt ..." and that "~ We were everywhere we see and hear everything in a future based on lies anyone is corrupted, all must pay, and will do so in one way or another. The words acquire value only through their actions. ~ ' See [ here...

Facebook privacy flaw exposes Mark Zuckerberg private photos A flaw in Facebook has granted prying users access to supposedly private photographs, including those of the website's chief executive, Mark Zuckerberg. In total 14 pictures of Mr Zuckerberg were posted to image site Imgur under the headline: " It's time to fix those security flaws Facebook ".The bug in the website's photo reporting tool - which Facebook says was only temporary and has now been fixed - meant that users could access others' pictures even if they were private. The flaw was first reported on the forums of BodyBuilding.com, presumably because the users of that website like taking photos of themselves and putting them online. The bug exploits the way the offensive photograph reporting tool works. Facebook has been heavily criticised in the last few years for matters of privacy and so there are people who will leap on this story as yet another example of how the company simply doesn't take its u...

DNS cache poisoning attack on Google, Gmail, YouTube, Yahoo, Apple Hacker with nickname AlpHaNiX deface Google, Gmail, Youtube, Yahoo, Apple etc domains of Democratic Republic of Congo. Hacker use strategy so-called DNS cache poisoning. DNS cache poisoning is a security or data integrity compromise in the Domain Name System (DNS). The compromise occurs when data is introduced into a DNS name server's cache database that did not originate from authoritative DNS sources. It may be a deliberate attempt of a maliciously crafted attack on a name server. Hacked websites are : https://apple.cd/ https://yahoo.cd/ https://gmail.cd/ https://google.cd/ https://youtube.cd/ https://linux.cd/ https://samsung.cd/ https://hotmail.cd/ https://microsoft.cd/ [ Source ]

MySQL.com Once again Compromised using Sql Flaw A hacker with name " D35M0ND142 " claim to hack MySql.com website using Sql Injection Flaws. In September,  Mysql.com was hacked and it was serving BlackHole exploit malware on the site. In a pastebin dump Hacker Exposes various Admin user credentials and Database info. The Compromised Usernames and Passwords are from  Blog site  of MySql. MySql website is pretty embarrassed for not securing its own database's properly, Even hacker share that " Robin Schumacher is MySQL's Director of Product Management andhas over 20 years of database experience in DB2, MySQL, Oracle, SQLServer and other database engines. Before joining MySQL, Robin wasVice President of Product Management at Embarcadero Technologies. " Besides the hack on MySQL.com, D35M0ND142 also managed to breach the systems of the Urbino University in Italy and the Universal Language & Computer Institute in Nepal and Stream Database.