The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Late last year, activists attacked websites belonging to companies that refused to do business with WikiLeaks, an online group that has disclosed classified U.S. government documents. When the activists, who called themselves Anonymous, found out they were being investigated by the Internet security company HBGary Federal, the group hacked the company's servers and stole thousands of private e-mails. And then it dumped them onto the Internet. It was an embarrassment for the security company to get hacked — but the content of some of those e-mails is raising concerns. 'Brazen' E-mails HBGary Federal was trying to use social networks to unmask the members of Anonymous, so Anonymous struck back. One man, who calls himself Owen, says his Anonymous colleagues broke into the company's servers. Hackers have a name for what they did. "They decided to just rape his servers and take all the information they wanted," he says. "Forgive that term ... 'R...

Cyber Crime has now reached to hacking information from the mobile phones. The 3G technology recently launched by the mobile service providers is in much rage nowadays. The 3G technology allows a user to access internet on a good quality network on the cellphone. As such hackers will now target the 3G users for accessing their personal information and this in turn will result into increased cyber-crime", said Sunny Vaghela, the cyber-crime expert while talking to TOI. When questioned is there any solution to this new problem, Vaghela mentioned that as of now there exists no solution to prevent hacking from taking place from a mobile phone but he added that certain steps can be taken to minimise the cases of hacking. "Never reply to the e-mails that offer lottery prize money. Always keep your anti-virus updated and do not download pictures of celebrities from mails sent by anonymous sender. Also avoid downloading songs from Pakistani wesbites. All these steps if taken can ...

A computer security firm working to expose members of hacker group "Anonymous" pulled out of a premier industry conference here due to threats of real-world attacks on its employees. HBGary personnel have been peppered with threatening messages since Anonymous hackers looted data from its computer systems earlier this month, according to a message on the California firm's website Wednesday. "In addition to the data theft, HBGary individuals have received numerous threats of violence, including threats at our tradeshow booth," the company said. "In an effort to protect our employees, customers and the RSA Conference community, HBGary has decided to remove our booth and cancel all talks." Cyber security specialists and national security officials are in San Francisco this week to share insights on topics ranging from guarding "smart" power grids to blocking attacks on smartphones and computer tablets. Anonymous, the hacker group behind online ...

While phishing and ransomware dominate headlines, another critical risk quietly persists across most enterprises: exposed Git repositories leaking sensitive data. A risk that silently creates shadow access into core systems Git is the backbone of modern software development, hosting millions of repositories and serving thousands of organizations worldwide. Yet, amid the daily hustle of shipping code, developers may inadvertently leave behind API keys, tokens, or passwords in configuration files and code files, effectively handing attackers the keys to the kingdom. This isn't just about poor hygiene; it's a systemic and growing supply chain risk. As cyber threats become more sophisticated, so do compliance requirements. Security frameworks like NIS2, SOC2, and ISO 27001 now demand proof that software delivery pipelines are hardened and third-party risk is controlled. The message is clear: securing your Git repositories is no longer optional, it's essential. Below, we look at the ris...

It has really got to hurt when you run a computer security company and an outlaw hacker group manages to steal and post on the Internet embarrassing emails connecting you to much-publicized plans for crushing the enemies of large corporations through unsavory means like disinformation and cyberattacks. Especially when it happens just before one of the security industry's largest annual conferences, at which you have not only been invited to speak but have rented a booth and set up meetings with numerous executives of potential customers. That was the situation facing Greg Hoglund, CEO of HBGary Inc. of Sacramento, at the start of this week's RSA security conference in San Francisco after a pro-WikiLeaks group of hackers calling themselves "Anonymous" posted tens of thousands of emails detailing, among other things, the fact that a spin-out company called HBGary Federal helped develop proposals to combat critics of Bank of America and the U.S. Chamber of Commerce thr...

Last month's compromise of the UK website of the natural ingredients cosmetic firm Lush and the theft of its customers' credit card details must have hurt the company but unfortunately, its troubles are not over yet. "We are sorry to have to announce that the Lush Australian and New Zealand websites have been hacked," it says in a statement posted on the sites in question, whose contents have been completely removed while security checks are performed. "We have been alerted today to advise us that entry has been gained and customer personal data may have been obtained by the hackers. We urgently advise customers who have placed an online order with Lush Australia and New Zealand to contact their bank to discuss if canceling their credit cards is advisable," encourages the company. Whether that means that Lush hasn't been storing that data in encrypted format or whether it really wants to cover all bases just in case, it's anyone's guess. It...

The exploits of Anonymous to hack the systems of firms providing spying services to governments and corporations suggest that the WikiLeaks mini-era has been surpassed. Much of WikiLeaks promise to protect sources is useless if the sources are not whistleblowers needing a forum for publication. Instead publishers of secret information grab it directly for posting to Torrent for anybody to access without mediation and mark-up by self-esteemed peddlers of protection, interpretationa and authentication, including media cum scholars. Ars Technica descriptions of the how the Anonymous hack are the best technical reading of Internet derring-do yet and far exceeds the much simpler rhetorical version of WikiLeaks security carefully bruited as if invulnerable but is not according to Daniel Domscheit-Berg's revelations. AnonLeaks.ru  is a remarkable advance of WikiLeaks. And promises much more by the same means and methods most associated with official spies -- NSA and CIA have long...

The Anonymous attack on HBGary may have amused some who enjoyed the sight of a security firm left embarrassed and exposed, but it should send a shiver down the spine of any IT administrator responsible for securing their own company. Because can you honestly put your hand on your heart and say a hack like the one against HBGary couldn't happen at your organisation too? As Ars Technica explains, a weakness in a third-party CMS product used by HBGary's website allowed Anonymous hackers to steal passwords that employees used to update the webpages. Unfortunately they were passwords that weren't encrypted strongly enough, and were possible to crack with a rainbow-table based attack. Amongst those exposed were CEO Aaron Barr and COO Ted Vera. Worse still, it appears that Aaron Barr and Ted Vera were using the same passwords for their Twitter and LinkedIn accounts, and even for an account which administered the entire company's email. By exploiting software vulnerabilities,...

The Maldives National Defence Force (MNDF) has confirmed that its website was hacked last night by an unknown attacker. Major Abdul Raheem today confirmed that the MNDF was made aware of an attack this morning after checking its website. "Currently our website is down, and we are trying to fix it," he said. "so far, he have not been able to identify any person related to the case but we are investigating." Cyber Crime has become a growing concern to Maldivian authorities of late; especially in terms of the number of minors thought to be involved in practices like hacking. Earlier this year, Dhiraagu become the latest high profile victim of Maldivian cyber crime after facing continued attacks on its servers. The Maldives Police Service arrested four individuals suspected of involvement with the January attacks after conducting special operations at addresses both in Male' and Addu Atoll. Three of the suspects then arrested were confirmed to be under 18 years of age. Police sai...