The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Iran makes internal email servers Iran's cyber defense headquarters has succeeded in making internal mail servers which would enable Iranian organizations and bodies to use local email addresses. " One of the most important problems in the cyber arena in Iran is that many individuals and even university professors are using email services like Gmail and Yahoo and have no local email, " Rahimi said, Head of Iran's Cyber Defense Headquarters. " Technical infrastructures have been built in the country and mail servers have been made at the cyber defense headquarters to manage Iranian emails ," he added. The Iranian official noted that the body also shoulders the responsibility to promote culture and education. Iran launched a cyber defense headquarters some five months ago. The key task of cyber defense is to prevent computer worms, or as some call it cyber weapons, from breaking into or stealing data from Iran's maximum security networks, including nuclear facilitie...

Dutch News site spread Malware on 100000 Computers Dutch popular news site NU.nl appears to be serving Java exploit (drive-by malware) to users of IE. Nu.nl has approximately one hour long served the Javascript code that attempted to provide visitors to the news site with a trojan to infect. The attackers made use of servers in India which an exploit kit was placed. The Ministry of Security and Justice issue a warning for malware yesterday by Nu.nl estimated to have infected 100,000 computers. Erik Loman, developer at security firm SurfRight, made ​​known on Twitter on the front page of the news javascript code ' g.js ' was blocked. The code triggered by Loman a nuclear exploit pack on a web server in India was placed. The exploit script checked the browser and common plugins like Flash and Adobe Reader security hole. If an exploit was found, the server sent the Sinowal-malware, a trojan of Russian origin, which is continuously updated and attempts to steal bank detail...

[POC] Windows RDP Vulnerability Exploit The vulnerability described by Microsoft as critical is known as MS12-020 or the RDP flaw. The hackers worked quickly on this particular vulnerability and we've already seen attempts to exploit the flaw which exists in a part of Windows called the Remote Desktop Protocol. Proof of concept (POC) exploit of the deadly RDP vulnerability has been shown to trigger blue screens of death on Windows XP and Windows Server 2003 machines. The exploit attacks a RDP (Remote Desktop Protocol) flaw patched by Microsoft on Tuesday. The discovery of proof-of-concept code on a Chinese website less than 72 hours later came as no great surprise. Security firms warned that worse is likely to follow. The vulnerability might easily be exploited to create a worm that spreads automatically between vulnerable computers. Two POC discovered, first POC to emerge was posted briefly on a Chinese website before disappearing. The second, based off the Chinese...

President Assad 's hacked emails reveal isolation of Syria's leader Asad's personal email account was hacked by Anonymous hackers few hours ago and The Guardian then acquired over 3,000 documents from hacked email that according to opposition is the personal email of ruling couple Bashar and Asma al-Assad sam@alshahba.com and ak@alshahba.com The newspaper said it got the trove of e-mails from a member of the Syrian opposition whom it does not identify. The documents are said to have been intercepted by members of the Supreme Council of the Revolution between June and early February. According to the Guardian, the e-mails show that Assad regularly received advice from Iran or advisers to Iran about how he should respond to the crisis in his country. He received a memo from his media consultant with advice that was based on " consultations with a good number of people in addition to the media and political adviser for the Iranian ambassador. " The memo advised ...

Malicious Android application stealing banking credentials A new form of smart Android malware can not only steal your online banking information, but update itself in the future and secretly send contact information stored on your device off to the Bad Guys. Security researchers at McAfee have discovered a malicious Android application capable of grabbing banking passwords from a mobile device without infecting the user's computer. From a McAfee blog post on the subject, penned by Malware Researcher Carlos Castillo: " To get the fake token, the user must enter the first factor of authentication (used to obtain initial access to the banking account). If this action is not performed, the application shows an error. When the user clicks "Generar" (Generate), the malware shows the fake token (which is in fact a random number) and sends the password to a specific cell phone number along with the device identifiers (IMEI and IMSI). The same information is also sent to one of th...

Stanford University defaced by Indian Hackers Stanford University subdomain ( https://scale.stanford.edu/ ) defaced by Indian hackers " Yash " and " C0de Inject0r " from Team Nuts . Stanford is an American private research university located in Stanford, California. Hacker write on page " Everyday Someone Get Hacked , Today is your Day ". " Admin -Good Security ,But Still Failed To Keep Us Out Of Your BOX " They added. Deface page have " Vande Mataram " as background music. Vande Mataram is a patriotic song for Indians. Reason of Defacement is unknown. At time of writing this post, site displaying black colour background with Hackers message on it. Team Nuts Hackers was mostly active last year, you can check their past hacks here .

PS3 hacker Geohot arrested for possession of marijuana George 'GeoHot' Hotz, who you might know as "geohot" who made the Sony console's root key available last year, has been banged up for carrying drugs. He was traveling by car with friends on his way to the SXSW conference in Austin to give a talk titled " The Final Frontier of Reverse Engineering " when he had to stop at a border patrol checkpoint in Sierra Blanca, Texas. Department of Homeland Security officers were using dogs to decide if a vehicle warranted a search, and Hotz's car was barked at. Geohot holds a medical marijuana license in California (for those pesky headaches, clearly) and as such, was legally allowed to tote around a confectionary treat bag of THC-infused sweets. Sadly for Geohot, as he may or may not have noticed, he wasn't in California when a sheriff pulled a 1/4 oz. of Mary Jane from the glove box, alongside a pack of chocolates said to contain less than 1/8 oz. of the same Wa...