The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Spain Police under Anonymous attacks after another Arrests in Spain Anonymous attacks Official Site of the National Police ( https://policia.es/ ) after the arrests of suspected Anonymous hacktivists . The Spanish branch of the group has reported that six hacktivists have been arrested in Spain over the past few days. The police did not confirm the identity of the suspects, but claimed the force's technological investigation brigade is conducting a large operation. Anonymous Tweet : " @AnonOps 6 #Anonymous were caught by the police in spain. They're talking about a big anti-hack operation" We know. Expect uspolicia.es DOWN | #Anonymous #Spain " . Last week, Following the arrest of three young Anonymous hackers in Greece, the collective carried out a second assault on the ministry of justice's website, defacing its homepage. Last June Anonymous launched #OpPolicia, a successful DDoS attack against the Spanish National Police website. The attack was a direc...

Metasploit Framework 4.2.0 : IPv6, VMware, and Tons of Modules! Since last release in October, Metasploit added 54 new exploits, 66 new auxiliary modules, 43 new post-exploitation modules, and 18 new payloads.  Metasploit 4.2 now ships with thirteen brand new payloads, all added to support opening command sessions and shells on IPv6 networks. In addition, Metasploit's existing arsenal of payloads has been updated to support IPv6 as well. With this release comes a pile of new modules targeting VMware vSphere/ESX SOAP interface, as well as a pair of new brute force modules to audit password strength for both vmauthd and Virtual Web Services. Metasploit 4.2 now ships with fourteen new resource scripts, nearly all of which were provided by open source community contributors. These scripts demonstrate the power of Metasploit's extensible architecture, allowing programmatic Metasploit module usage through the powerful Ruby scripting language. Download Metasploit Framework 4.2....

PacketFence 3.2.0 released The PacketFence development team has published version 3.2.0 of its open source network access control (NAC) system. PacketFence allows organisations to increase control over their network by enforcing authentication and registration for newly connected devices. It also enables abnormal network activity detection and the isolation of troublesome devices. New features in 3.2.0 OpenVAS Vulnerability Assessment integration for client-side policy compliance Bandwidth violations based on RADIUS accounting information Billing engine integration for allowing the use of a payment gateway to gain network access. PacketFence 3.2.0  fix Reflected Cross-site scripting (XSS) in Web Admin printing system. Further information about the update, including a full list of changes, can be found in the official release announcement and in the change log . PacketFence 3.2.0 Download

Minister's email hacked by Socialist Workers Party The employment minister claims his email has been hacked by campaigners against a Government work experience scheme, which is continuing to attract controversy. Chris Grayling accused a group of socialist activists of pressuring firms to quit the scheme amid accusations that it was "slave labour" because youngsters worked for nothing, while keeping their benefits. But his claim that his email was hacked as part of the campaign clearly sent alarm bells ringing across Whitehall, and a retraction was hastily issued. He also claimed that firms reportedly pulling out of the programme, including supermarket giant Sainsbury's, had never formally been involved in the Government initiative because they ran their own scheme.  [ Source  to read more]

Skype Cross Site Vulnerabilities , user accounts can be Hijacked The independent security researcher Ucha Gobejishvili has detected a cross site scripting (XSS) vulnerabilities affecting shop.skype.com and api.skype.com . According to a blog post on 1337 Blog , the XSS flaw discovered on these sites could allow an attacker to hijack cookies if he manages to convince the potential victim to click on a specially designed link. If exploited successfully, a hacker could hijack the user's session and even steal his/her account. Skype has been informed of the vulnerabilities and is currently investigating. Other XSS discovered by him are listed  here .

Crime with $50 GPS jammer increasing rapidly in UK Too many are using illegal GPS jamming devices on UK roads, according to a study, and are putting critical emergency systems at risk of failure and it's at extreme risk from criminals, terrorist organizations and rogue states and even someone with a rudimentary GPS jammer that can be bought on the Internet for $50. It's thought that those using GPS jammers could be doing so to block tracking systems installed on the vehicles, suggesting that they might be stolen. Initial findings using six months' worth of data from 20 probes suggests that between 50 and 450 incidents of deliberate GPS jamming take place every day across the UK. Jammers vary wildly in effectiveness and power output. A recent study by GPSWorld of 18 commercially available receives showed an effective range that varied from 300 meters up to 6 kilometers. The danger of such devices affecting critical safety systems is obvious. In 2009 investigators discov...

Lebanese Yellow Pages database Compromised Lebanese Yellow Pages website (https://www.yellowpages.com.lb/) database compromised by Hacking Group known as Mad HackerZ Team. Hackers manage to hack database of site and leaked it on internet.  Leaked database include the usernames, Password hashes and Email Id's of Admin and Few accounts as shown. All this data posted on a pastebin note :  https://pastebin.com/dvBzWCF6 Most probability hackers uses Sql Injection Exploit to get the database . According to Softpedia report, They also gained unauthorized access to other domains which they defaced to host their protest messages. The defaced sites include the ones of a political figure called Rafic Al Hariri, an online store named Dunes, Frontpage-lb, a computer company, and the site of a football team.