The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

One of the most awaited occasions in a year is your birthday, same way we are today celebrating ' The Hacker News ' 2nd Birthday week from on 28th October-3rd November 2012. Originally founded on 1st November 2010 by Mohit Kumar , ' The Hacker News ' was the very First dedicated Hacking and Security News website available on Internet, Now been internationally recognized as a leading news source dedicated to promoting awareness for security experts and hackers. We are happy to announce that this project is now Supported and endorsed by thousands of Security Experts, administrators and members of various underground hacking groups and communities worldwide.  With the need for information security solutions becoming more critical, In these two years we served updates to over 30 Million Readers through various projects including Daily happenings of Hacking & Security community via The Hacker News , A most comprehensive and inf...

Internet Activist and collective hacker group "NullCrew" released a huge dump of 7,000 names-passwords database from US Government websites and 2000 names-passwords database from Military websites. Hacker claimed to hack into five websites, including Montana's Official State Website, United Nations, Louisiana Department of Environmental Quality, Texas Juvenile Justice Department, Force Health Protection & Readiness, domains are -  unescoetxea.org , www.mt.gov , www.la.gov, www.texas.gov and fhpr.osd.mil respectiverly. Few days back two Nullcrew members,  null and 0rbit_g1rl claimed to perform the hack into above sites using few vulnerabilities such as " Unproperly sanitized code, leading to disclosure of all files on a server and Boolean blind SQL injection " and they threatened to release the database soon. Today in a announcement via Twitter, hacker leaked the Database including 2000 and more Military, A...

A high degree of stealthiness over a prolonged duration of operation in order to do a successful cyber attack can be defined as Advanced Persistent Threat. The attack objectives therefore typically extend beyond immediate financial gain, and compromised systems continue to be of service even after key systems have been breached and initial goals reached. Today's successful targeted attacks use a combination of social engineering, malware, and backdoor activities. Nart Villeneuve and James Bennett (Senior Threat Researcher) from Trend Mirco provide an  ultimate guide for Detecting (APT) Advanced Persistent Threat activities with Network Traffic Analysis , that can be used to identify malware command-and control (C&C) communications related to these attacks, illustrating how even the most high-profile and successful attacks of the past few years could have been discovered. Paper cover Detecting Remote Access Trojans like The GhostNet,...

Yesterday, we report about the security breach in US Government computers belongs to NASA  restricted area website and Hacker dump out the complete source code and files from server of the website. Today another hacker claim a quick XSS (Cross site scripting) Vulnerability in NASA's Jet Propulsion Laboratory website (https://onearth.jpl.nasa.gov/) via a pastebin note. Hacker is going by name " Antraxt Hacker " and said about vulnerability exposure that,"I just want to proof that NASA is and never will be secured as human kind thinks they are". The xss vulnerable link is disclosed in pastebin note. I feel this not a offensive hack by hacker, even NASA should take advantage of free of cost Penetration testing services from individual like , who even not looking for Bug Bounties.

Julian Assange publish a book based on his interview " Cypherpunks " on " The World Tomorrow ", his controversial talk show, with the people he believes know the solution to the problems of privacy and freedom. The book called ' Cypherpunks: Freedom and the Future of the Internet ,' was written by Assange with three co-authors: Jacob Appelbaum, Jeremie Zimmermann and Andy Muller-Maguhn. Description of this 192 pages book describes, " Cypherpunks are activists who advocate the widespread use of strong cryptography (writing in code) as a route to progressive change. Julian Assange, the editor-in-chief of and visionary behind WikiLeaks, has been a leading voice in the cypherpunk movement since its inception in the 1980s ." Assange said, " In March 2012 I gathered together three of today's leading cypherpunks to discuss the resistance ,  Two of them, besides myself, have been targeted by law enforcement agencies as a result of their work to safeguard priva...

A number of Israel's government offices have fallen victim to a cyber attack over the past week, one apparently aimed at slipping a "Trojan horse" into the computer servers at these ministries. Israeli police immediately pulled the national computer network from the civilian Internet after this cyber threat . A Trojan horse has been sent as files attached to emails bearing the name of the IDF Chief of Staff Benny Gantz in the subject line. According to the reports from haaretz ,A senior government clerk stressed that the threat facing the police was being investigated by experts. It is also not clear that either breach involved a wide-scale cyber-attack, or a virus infecting only a few computers. Government employees were advised not to open their emails or Facebook messages if such strange activity was noticed. Dozens of identical emails were sent Wednesday to Israel embassies abroad and to Foreign Ministry employees in Israel. The intelligence tip did not ...

" Browser extensions extend the functionality of the web browser. These extensions improve the appearance, functionality, security or other parts of the browser. Extensions were also developed with malicious intent, in order to generate revenue or just spread the code between more and more browsers. The possibility of a malicious browser extension is almost infinite, but we have not seen very powerful malicious extensions yet. " Security researcher Zoltan Balazs has developed a remote-controlled piece of malware that functions as a browser extension. The researcher plans to release the malware's source code on GitHub during a presentation at the Hacker Halted security conference in Miami next Tuesday This Malwaretize Browser extensions is capable of modifying Web pages, downloading and executing files, hijacking accounts, bypassing two-factor authentication security features enforced by some websites, and much more. Balazs is also expected to demonstrate how the proof...