The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

50K Cards Compromised using Credit Card Processor Some 50,000 credit and debit cardholders may have their information exposed following a security breach at Global Payments. The breach occurred sometime between between Jan. 21, 2012 and Feb. 25, 2012. Both Visa and MasterCard have confirmed they have warned U.S. banks that a credit card processor was reportedly breached. Both firms say their own security systems were not compromised. MasterCard said law enforcement has been notified of the matter and an "independent data security organization" is conducting a forensic review of the matter. " MasterCard's own systems have not been compromised in any manner, " a company spokesman said in a statement. The company will " continue to both monitor this event and take steps to safeguard account information ." Because it sits in this middle ground directing where payment information goes, an attack on its system would leave a lot of private financial data...

Why Hackers Can't take down DNS root servers ? Interpol Chief Ronald Noble on Friday warned that a group of hackers might try to shut down internet service tomorrow. The hacking group, Anonymous, is protesting against several reasons including the crash of Wall Street and irresponsible leaders. There are 13 DNS servers that host the core databases for translating IP addresses. Anonymous hackers have announced " Operation Global Blackout ", promising to cause an Internet-wide blackout by disabling the core DNS servers. Anonymous  Hackers wants to bombard those 13 servers with traffic using a distributed denial of service attack. If the servers get too overloaded, they'll crash and therefore be unable to fulfil DNS lookups rendering all domain names useless. But there are lots of Limitations in this type of attack : There are 13 Root Servers out there, It it not possible to shut down every of them. Even every root server is under control of various companies and they h...

CIA Chief : We will Spy on You Through Your TV According to the Central Intelligence Agency, the organization says spies won't have to plant bugs in homes, businesses or other places where they want to spy because of coming advances in computer and Internet technology. The CIA claims that when you download a Netflix film or listen to web radio, they will know exactly what you are doing. Spies will no longer have to plant bugs in your home, the rise of 'connected' gadgets controlled by apps will mean that people 'bug' their own homes, says CIA director David Petraeus. The CIA says it is very possible the agency and others will be able to "read" these and other gadgets from outside the places they want to monitor via the Internet and perhaps even with radio waves outside your home. Once upon a time, spies had to place a bug in your chandelier to hear your conversation. With the rise of the smart home, you'd be sending tagged, geolocated data that a spy...

FBI Cyber Chief Says U.S. Losing War Against Hackers FBI is struggling to combat cyberattacks by hackers. "We're not winning," FBI executive assistant director Shawn Henry said. Four top government cybersecurity officials have basically come out to say America is getting her hiney kicked in cyberattacks by nation state hackers. Shawn Henry, who is getting ready to leave the bureau after more than two decades with the law enforcement agency, says the United States is falling behind in the ongoing fight against cyber ne'er-do-wells. " Your government failed you ," testified Richard Clarke, a former cybersecurity and cyberterrorism advisor for the White House. He said that to Congress about 9/11, but now he's warning the people that we are defenseless when it comes to cybersecurity; our government has failed us again. Clarke stated, " Every major company in the United States has already been penetrated by China ." Who declared this war and ...

Apple Azerbaijan got hacked by Team Nuts The domain Apple.az represents 'Apple Azerbaijan' and it redirect to the Official Reseller of Apple in Arizona ( www.almastore.az ) , Which Got Hacked By Member Of Team Nuts ' YasH' and 'COde InjectOr' today evening. 1st Deface page was uploaded by hacker on Index page, but later they upload it to another location : https://www.almastore.az/news/images/ . Linux kernel on server reported by hackers is 2.6.18-92.el5 #1 SMP Tue Jun 10 18:49:47 EDT 2008 i68 which have Vulnerability of Remote Arbitrary Code Execution. No web-shell was used in this attack.  Hackers added that this was not targetted. Last week same hacker hack into Stanford University website and deface it.

 eCommerce Fraud Detection Tool   - An Anti-fraud solution by MasterCard In the past, a lost wallet, stolen credit card, or misplaced ID were among the paramount culprits of identity theft.Today, one need not lose a thing to eventually lose it all. commerce merchants have a new tool at their disposal to help mitigate the risk of fraud in online transactions, with MasterCard's introduction of Expert Monitoring Fraud Scoring for Merchants. MasterCard will release an e-commerce anti-fraud product for merchants in May, said Mike Plotnick, MasterCard's communications leader. MasterCard announced the product at the Merchant Risk Council show in Las Vegas. The solution is designed for global merchants to assess transactions on U.S.-issued cards. In other words, the service provides merchants with a "predictive fraud score for Card-Not-Present transactions in real time to measure the likelihood that a transaction is fraudulent."Basically, the service looks at the buyer's...

NMAP Script to Check Presence of ms12-020 RDP vulnerability Yesterday   Sam Bowne was working on a NMAP script, which will be able to  Check Presence of ms12-020 RDP vulnerability on a machine via scan only. But unfortunately, it was less in success rate, Later  @ea_foundation joins  Sam Bowne  to develop a working Nmap script. Microsoft bulletin ms12-020 patches two vulnerabilities. CVE-2012-0152 which addresses a DoS vulnerability inside Terminal Server,and CVE-2012-0002 which fixes a vulnerability in Remote Desktop Protocol.Both are part of Remote Desktop Services. The hackers worked quickly on this particular vulnerability and we've already seen attempts to exploit the flaw which exists in a part of Windows called the Remote Desktop Protocol. Script works by checking for a CVE-2012-0152 vulnerability.Patched and unpatched system differ in the  results from whichwe can conclude if the service is vulnerable or not. Download Nmap Scri...