The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

19 years old iPhone hacker Nicholas Allegra (comex) joins Apple 19 years old iOS hacker Nicholas Allegra, better known online as comex, has taken up an internship position at Apple, the company whose devices he has helped jailbreak for the past several years. Comex is most well known for building the one click iPhone jailbreaking site JailBreakMe.Com . This allows iPhone users to simply visit the site and click “install” to jailBreak and install Cydia . Allegra tweeted the news on Thursday, saying that he’d been pretty bored lately and that he’ll start at Apple in two weeks. Jailbreakers say that they want to have more control over their phones, and programs like those Comex produces help iPhone users circumvent some of the strictures of Apple’s iOS system. The programs also can cause security issues if programmers with more sinister intentions use them. From that angle, it’s a great idea for Apple to take Comex on board. He definitely knows the holes in Apple’s systems a...

Morto Worm spreading via Remote Desktop Protocol Organizations large and small often make use of Remote Desktop or Terminal Services to remotely connect to Windows computers over the Internet and internally. These tools use Microsoft’s RDP protocol to allow the user to operate the remote system almost as if sitting in front of it. Such capabilities are helpful for not only legitimate users, but also for attackers. F-Secure is reporting that the worm is behind a spike in traffic on Port 3389/TCP. Once it’s entered a network, the worm starts scanning for machines that have RDP enabled. Vulnerable machines get Morto copied to their local drives as a DLL, a.dll, which creates other files detailed in the F-Secure post. The emergence of this worm correlates with the increased volumes of TCP port 3389 traffic, reported by SANS Internet Storm Center a few days prior to the F-Secure report: The propagation approach employed by “ Morto ” is often used by penetration testers and human at...

INSECT Pro 2.7 - Penetration testing tool download INSECT Pro 2.7 - Ultimate is here! This penetration security auditing and testing software solutionis designed to allow organizations of all sizes mitigate, monitor and manage the latest security threats vulnerabilities and implement active security policies by performing penetration tests across their infrastructure and applications. This is a partial list of the major changes implanted in version 2.7 - Available targets now has a submenu under right-click button - Check update function added in order to verify current version - Threading support for GET request - Module log added and functional - Sniffer support added - 50 Remote exploits added - Project saved on userland - Application Data special folder - Executed module windows added and functionality for it - AgentConnect now use telnetlib DOWNLOAD INSECT Pro 2.7

Orange.fr hacked, Database and site source code leaked Anonymous Hacker Hack Orange.Fr and upload the database and Site source code backup on file sharing site. Data leaked on twitter. Orange is the brand used by France Télécom for its mobile network operator and Internet service provider subsidiaries. It is the fifth largest telecom operator in the world, with 210 million customers as of 2010. The brand was created in 1994 for Hutchison Telecom's UK mobile phone network, which was acquired by France Télécom in August 2000. In 2006, the company's ISP operations, previously Wanadoo, were also rebranded Orange. Orange is now the unique commercial façade of almost all France Telecom services. Orange France was incorporated in 2005 and has its headquarters in Arcueil, France. Today UK Police has Charge another alleged Anonymous member in Hacking Cases. A student has been charged with involvement in cyber attacks by the hacking group Anonymous against companies that wi...

UK Police Charge another alleged Anonymous member in Hacking Cases A student has been charged with involvement in cyber attacks by the hacking group Anonymous against companies that withdrew online payment services from WikiLeaks. Peter David Gibson, from Hartlepool, will appear before magistrates at Westminster magistrates court in London on 7 September, accused of conspiracy to do an unauthorised act in relation to a computer, Scotland Yard said. Mr. Gibson had been arrested this year along with five others by officers investigating denial-of-service attacks against several companies, the police said. Gibson has been charged with conspiracy to "do an unauthorised act in relation to a computer, with intent to impair the operation of any computer or prevent or hinder access to any program or data held in a computer or to impair the operation of any such program or the reliability of such data," said the Metropolitan police. That is contrary to Section 1(1) of the Crimina...

Borlas.net 14800 Users logins, phone number & Emails Leaked by Division Crew  Division Hackers Crew hack the Database of Borlas.net (Free SMS Site) . Hackers leak the usernames, Passwords, emails and phone numbers of 14800 registered users. Leaked database posted on pastenbin : Part 1: http://pastebin.com/FiKMehCj Part 2: http://pastebin.com/fDKi2iJG Part 3: http://pastebin.com/4z6SjB7p

32 Israel websites defaced by SbZ-GHoST TeaM Tunisia Hackers SbZ-GHoST TeaM Tunisia Hackers today hack into 32 Israel websites and deface them with their message. List of hacked sites posted on pastebin .

Killapache: DDOS tool - Half of the Internet is vulnerable now ! The Apache Software Foundation has announced a denial-of-service vulnerability that affects all versions of the ubiquitous Apache web server, leaving up to 65% of all websites vulnerable. A unknown flaw in the code for processing byte range headers allows versions 2.2.x of the Apache Web Server to be crippled from a single PC. A suitable “ Apache Killer ” Perl script that impressively demonstrates the problem. How does killapache DDOS tool work? killapache sends GET requests with multiple “byte ranges” that will claim large portions of the system’s memory space. A “byte range” statement allows a browser to only load certain parts of a document, for example bytes 500 to 1000. It is normally used while downloading large files. This method is used by programs such as download clients to resume downloads that have been interrupted; it is designed to reduce bandwidth requirements. However, it appears that stating mul...