The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Cain & Abel 4.9.40 released , Download now ! Cain & Abel is a password recovery tool for Microsoft operating systems.It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using dictionary and brute force attacks, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols. Changes in this version: Added Proxy support for Cain's Certificate Collector. Added the ability to specify custom proxy authentication credentials for Certificate Collector. Added ProxyHTTPS Man-in-the-Middle Sniffer (TCP port 8080). HTTP, APR-HTTPS and APR-ProxyHTTPS sniffer filters are now separated. Added progress bar indicator in the off-line capture file function. Bug fixed in ProxyHTTPS Man-in-the-Middle Sniffer parsing "Connection Established" string. Bug fixed in VoIP Sniffer creating MP3 Mono files. Bug fixed in RTP Sniffer processing off-line capture files. Wi...

A new exploit for IE9 bypasses all security measures in even the latest fully patched version of Windows 7, according to a French security company Vupen. The exploit uses an unpatched zero-day vulnerability in Internet Explorer 9 and bypasses all the extra security measures of Windows 7. The latest version of Microsoft's operating system, fully up-to-date with service pack 1 (SP1), is vulnerable. The security hole was reported by the French security company Vupen, that previously discovered an IE8 vulnerability in December of last year. Vupen classifies the exploit for IE9 as reliable, which means it's an effective way for cyber attackers to run malicious code of their choosing on Windows 7 PCs. The exploit manages to break through Windows' additional security layers, such as ASLR, DEP and the sandbox (Protected Mode) in IE9. "The exploit uses two distinct vulnerabilities. The first one allows execution of arbitrary code within the IE9 sandbox. The second one allo...

Google Fixing the little things ! Ever since I joined the Gmail team, my friends have been eager to tell me, " I love Gmail ! Except for this one thing... " And every day, Gmail users share their "one thing" that would make Gmail better for them through our  suggestions page . While we enjoy creating new solutions to old problems with features like  Priority Inbox , those little annoyances and missing pieces are important, too. Recently, we've rolled out several small tweaks to Gmail to show it a little extra love.   Here's a rundown: Auto-save contacts setting : Most people like that Gmail automatically saves every email address you send messages to; it can help recover forgotten addresses of former teachers, bosses, and people you contacted once but never thought you'd need to contact again. For some people, though, this feature can cause too much  contacts clutter . Today, we're rolling out a new setting to let you turn off the auto-save option. Yo...

PIZZA HUT Sql vulnerability by Srinivas Kj Vunl Site :  https://pizzahut.co.in/

Progenic.com down with Social Engineering by Saken & Josh of TeamDX ! Method: Social Engineering via LiveChat + Phone + Support Ticket System How: They had a SSN + DOB posted on their forum, Saken & Josh of TeamDX simply played the role of the person that the identity was stolen from, their domain registar which was located in the United States then decided that enough was enough but to shut them off. Remember: Saken & Josh of TeamDX may not be able to get into your server/website, but Saken & Josh of TeamDX sure know the backdoor, your un-secure registars who are easily manipulative. Saken & Josh of TeamDX could of gotten into your box, but Saken & Josh of TeamDX decided to lul about the domain going bye bye.

GNOME 3.0 Released , Available for Download ! GNOME 3.0 is a major milestone in the history of the GNOME Project. The release introduces an exciting new desktop which has been designed for today's users and which is suited to a range of modern computing devices. GNOME's developer technologies have been substantially improved for 3.0. Modernized and streamlined, they will enable developers to provide better user experiences with less time and effort. And GNOME 3.0 comes with the same GNOME applications that users know and trust, many of which have received significant enhancements. Download Now :  https://gnome3.org/tryit.html

Hydra v6.2 with a password bruteforcing mode, xmpp and irc modules, MD5/SHA1/ Support ! A very fast network logon cracker which support many different services. Have a look at the feature sets and services coverage page - including a speed comparison against ncrack and medusa! CHANGELOG for 6.2 * Added a patch by Jan Dlabal which adds password generation bruteforcing (no more password files :-) ) * New module: XMPP with TLS negotiation and LOGIN, PLAIN, CRAM-MD5, DIGEST-MD5, SCRAM-SHA1 support * New module: IRC is not dead ! use to find general server password and /oper credential * Added man pages from debian maintainers * Add support for new syntax: :// [: ][/ ] * Add TLS support for SIP * Add SCRAM-SHA1 auth to IMAP module * Add module usage help (-U) * Add support for RFC 4013: Internationalized Strings in SASL ("SASLPrep") * Add SASL + TLS support for NNTP * Add su...

Hackers steal Dell 1000's customer information ! The personal information of thousands of Australians has been stolen by hackers who raided a US-based database company, in what some experts are calling the biggest data theft in US hist ory. Dell Australia says customer data was "exposed" by an unauthorised entry into the computer system of email service provider Epsilon. The information includes the names and email addresses of Dell Australia's customers. In a statement, Dell assured its customers that credit card, banking and other personally-identifiable information was not at risk and remained secure. Australian Privacy Commissioner Timothy Pilgrim says Dell has informed him of the data breach. "Dell Australia have also advised all of its customers affected by the data breach and have set up an advice service that those customers can use to obtain further information if needed," he said in a statement. Mr Pilgrim has launched an investigati...