The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Rogue Antivirus advertised on 200000 hacked Web pages The Websense has detected a new wave of mass-injections of a well-known rogue antivirus campaign, a new mass injection attack has infected over 200,000 Web pages, amounting to close to 30,000 unique Web hosts. The attack uses SQL injection techniques to insert a rogue script element. Users who land on one of the compromised pages get redirected through several domains and finally land on a scareware site. These sites mimic antivirus scans and tell visitors their computers are infected with malware in an attempt to convince them to download fake security programs. The programs display even more false warnings and ask users to pay for a license in order to clean their machines.  The page looks like a Windows Explorer window with a "Windows Security Alert" dialogue box in it. The fake antivirus then prompts visitors to download and run their "antivirus tool" to remove the supposedly found Trojans. The executab...

Hackers disclose secret Ankara police files password '123456' Hackers from the "RedHack" group who brought down the Ankara Police Department's website and acquired secret information last week said one of the passwords of the secret police files was "123456." A member of the hacking group named " Radikal " saying that " RedHack was founded after deliberating on how to utilize our skills for the oppressed peoples ." " The question is, how serious can a police force be if they save secret files with a password like '123456'? " The group member said the reason for targeting the Ankara Police Department was that it was the center of applications such as "E-State" and "E-Police," and the fact that it was "much more special and better protected" than other police department websites. RedHack had downloaded police files that contained tips from "informant" citizens that told of suspicious activitie...

DarkComet RAT Remover  Released The civil war in Syria rages not only on the ground but also on internet. The opposition has made increasing use of platforms such as Facebook to organize and spread their message. In response the regime have tried to disrupt these activities by defacing websites and spamming Facebook pages. The regime is using the DarkComet RAT (called Backdoor:Win32/Fynloski.A by Microsoft) to spy on their own people.The creator of the DarkComet RAT was disgusted by that behaviour and now has retaliated with a specially created tool to detect and remove his own DarkComet RAT to help the oppressed Syrian people, DarkComet RAT Remover. DarkComet RAT Remover will detect any kind of instance of darkcomet running in memory even if an hacker try to obfuscate the loader to be undetected by common Antivirus softwares, also it detects registry threats and keyloggers logs. Features: [+] Detect DarkComet Even if crypted. [+] Detect DarkComet Even if visualized. [+] De...

#Security Alert : Facebook Two-Factor Authentication fail ! Last year Facebook has launched a security feature called Login Approvals or two-factor authentication. This is a follow-up security update regarding Facebook Login from Facebook. They have already integrated Facebook login email alerts to get notification emails or SMS messages whenever a suspicious person uses your Facebook account from a different location. Christopher Lowson , on his blog explains the Facebook Two-Factor Authentication, which is really another biggest fail of Facebook Security. But that feature is not enough to ensure your account's security and that is why Facebook has launched "Login Approvals". This feature is very similar with Google 2-step verification which associates a mobile device with your Facebook account and authenticates the login by sending a verification code at your mobile phone device. According to this feature, When user will logging into your Facebook accou...

THOR : Another P2P Botnet in development with extra stealth features The research community is now focusing on the integration of peer-to-peer (P2P) concepts as incremental improvements to distributed malicious software networks (now generically referred to as botnets). Because "botnets" can be used for illicit financial gain,they have become quite popular in recent Internet attacks. A " botnet " is a network of computers that are compromised and controlled by an attacker. Each computer is infected witha malicious program called a "bot", which actively communicates with other bots in the botnet or with several "botcontrollers" to receive commands from the botnet owner. Attackers maintain complete control of their botnets, andcan conduct Distributed Denial-of-Service (DDoS) attacks,email spamming, keylogging, abusing online advertisements, spreading new malware, etc. However, the first botnets that use peer-to-peer (P2P) networks for remote control of the compromised machines app...

Twitter, As secondary publisher  could be sued  for an illegal tweet If a Twitter user posts an illegal tweet, they could get sued, but Twitter could be sued itself as a secondary publisher according to  Zack Whittaker . Legal analysis site Out-Law published a very interesting, theoretical piece, which describes how Twitter could fall foul of the law through no apparent fault of its own but by giving its users free reign over what they say. A case of mistaken identity in Australia illustrates the point. Someone wrote a hateful blog about writer and television personality Marieke Hardy. She wrote a blog post accusing Joshua Meggitt of being its author and used her Twitter account to draw attention to her post.Hardy was wrong to finger Meggitt as the author of the original material and she reportedly paid Au$15,000 (£10,000) to settle the case. Will Twitter still be held liable for the libel? One more thing, Those who retweeted are not being pursued....

Anonymous : A Declaration of the Independence of CyberSpace Anonymous declare a Note on Independence of Cyber Space : Governments of the Industrial World, you weary giants of flesh and steel, we come from the Internet, the new home of Mind. On behalf of the future, we ask you of the past to leave us alone. You are not welcome among us. You have no sovereignty where we gather. We have no elected government, nor are we likely to have one; therefore we address you with no greater authority than that with which liberty it always speaks. We declare the global social space we are building to be naturally independent of the tyrannies you seek to impose on us. You have no moral right to rule us, nor do you possess any methods of enforcement we have true reason to fear. You are toothless wolves among rams, reminiscing of days when you ruled the hunt, seeking a return of your bygone power. Governments derive their just powers from the consent of the governed. You have neither solicited nor ...