The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Nikon Image Authentication System Compromised ! ElcomSoft Co. Ltd. researched Nikon's Image Authentication System, a secure suite validating if an image has been altered since capture, and discovered a major flaw. The flaw allows anyone producing forged pictures that will successfully pass validation with Nikon's Image Authentication Software. The weakness lies in the manner the secure image signing key is being handled in Nikon digital cameras. The existence of the weakness allowed ElcomSoft to actually extract the original signing key from a Nikon camera. This, in turn, made it possible to produce manipulated images signed with a fully valid authentication signature. Complete Story :   https://blog.crackpassword.com/2011/04/nikon-image-authentication-system-compromised/

John the Ripper 1.7.7 new version Released ! "John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. It supports several crypt(3) password hash types commonly found on Unix systems, as well as Windows LM hashes." This is the change log for JtR version 1.7.7: Added Intel AVX and AMD XOP instruction sets support for bitslice DES (with C compiler intrinsics). New make targets: linux-x86-64-avx, linux-x86-64-xop, linux-x86-avx, and linux-x86-xop (these require recent versions of GCC and GNU binutils). A "dummy" "format" is now supported (plaintext passwords encoded in hexadecimal and prefixed with "$dummy$") – for faster testing and tuning of custom wordlists, rule sets, .chr files, and external modes on already known or artificial passwords, as well as for testing of future and modified versions of John itself. Apache "$apr1$" MD5-based password hashes are now ...

Microsoft Windows Malicious Software Removal Tool - Download ! The Microsoft Windows Malicious Software Removal Tool checks Windows Vista, WIndows 7, Windows XP, Windows 2000, and Windows Server 2003 computers for and helps remove infections by specific, prevalent malicious software—including Blaster, Sasser, and Mydoom. When the detection and removal process is complete, the tool displays a report describing the outcome, including which, if any, malicious software was detected and removed. The tool creates a log file named mrt.log in the %WINDIR%\debug folder. To download the x64 version of Malicious Software Removal Tool, click here . This tool is not a replacement for an anti-virus product. To help protect your computer, you should use an anti-virus product. Microsoft will release an updated version of this tool on the second Tuesday of each month. New versions will be made available through this web page, Windows Update, and the Malicious Software Removal Tool Web site on...

FBI vs Coreflood botnet The FBI's unprecedented effort to behead the Coreflood botnet—comprised of millions of hacked Windows machines—appears to be working, at least for now. The bureau has tracked a dramatic decline in the number of pings from the botnet since the takedown operation began earlier this month, according to court documents filed by the Justice Department on Monday. The number of pings from infected US systems plummeted from nearly 800,000 to less than 100,000 in about a week after authorities began sending out "stop" commands to those machines—a drop of nearly 90 percent. Pings from infected computers outside the US have also dropped about 75 percent, likely as a result of a parallel outreach effort to foreign ISPs. The government's efforts have "temporarily stopped Coreflood from running on infected computers in the United States," writes the government in its filing, "and have stopped Coreflood from updating itself, thereby enabling anti-virus software vendors...

IRC chat of PlayStation Network hacker and How PSN hacked ! Now known that the PlayStation Network has been compromised, there are more details out. First came the log of the hacker who penetrated inside the PlayStation Network and we just had information from Sony itself that the burglary had been working over the PSN taken offline. Now we have for you a chat log between hackers who talk about security and encrypting the PlayStation Network. They say that the known credit card information easily available to hackers that they can not even enter their data via the PSN. The Credit Card encrypted data simply were not enough, so everything is easy to read. Watch the full chat was held on February 16 between hackers. [user1] xxx: I don't think there are many people involved in circumventing PSN access in /this/ channel [ "application/x-i-5-ticket" reason=40 > PSN error 80710101 ] [user2] talk about network stuff? [user2] nice [user2] i just finished decrypting 100...

Yenepoya University Hacked by The INFERNAL DANTE Hacked Site Link : https://www.yenepoya.edu.in/notice_board.php More Hack Pictures : https://img691.imageshack.us/i/64275385.png/ https://img121.imageshack.us/i/90340593.png/ ​https://img839.imageshack.us/i/51799700.png/ ​https://img833.imageshack.us/i/44978948.png/ ​https://img696.imageshack.us/i/20967849.png/

Cambridge Networks hacked by Shak [PCA] Hacked Site : https://cambridge-networks.co.uk/ Mirror : https://zone-h.org/mirror/id/13556467 Hacked Site : https://cambridgewebworks.com/ Mirror : https://zone-h.org/mirror/id/1355

WordPress 3.1.2 released – Security fixes ! The WordPress team just released a new version of WordPress (3.1.2) to fix a security issue where contributor-level users were allowed to publish posts. It is a small release, and everyone using WordPress should upgrade to it! From the WordPress site: WordPress 3.1.2 is now available and is a security release for all previous WordPress versions. This release addresses a vulnerability that allowed Contributor-level users to improperly publish posts. The issue was discovered by a member of our security team, WordPress developer Andrew Nacin, with Benjamin Balter. We suggest you update to 3.1.2 promptly, especially if you allow users to register as contributors or if you have untrusted users. This release also fixes a few bugs that missed the boat for version 3.1.1. Download 3.1.2 or update automatically from the Dashboard → Updates menu in your site's admin area. So do what they say and upgrade it asap! Download link: https://...