The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Atlanta IT Worker Hacked Ex-Employers Database An Atlanta man could receive up to five years in prison after pleading guilty Wednesday to hacking into a former employer’s patient database, stealing information and then wiping the database clean. Federal prosecutors said Eric McNeal, 37, used the patient information from a firm identified as “ A.P.A .” for a direct marketing campaign at his new employer in the same building. McNeal was an information technology specialist for the perinatal medical practice in Atlanta in November 2009 when he left to join the competing perinatal practice. McNeal used his home computer to hack into his former employer in April 2010, prosecutors said in a release.He downloaded patients’ names, addresses and telephone numbers and then cleared his former employer’s database, deleting all patient information from its system, prosecutors said. While he used the information for a direct-mail marketing campaign for the benefit of his new employ...

"SecurityTube Wi-Fi Security Expert" (SWSE) online certification Launched SecurityTube released their first fully online certification today - " SecurityTube Wi-Fi Security Expert " (SWSE) .  The most interesting thing and key difference from other certifications, is that they are giving out the entire course material free of charge! You only pay if you need the certification. If you are a hobbyist or a causal security enthusiast, the course material is free for you :) The SWSE is based on the Wi-Fi Security Megaprimer which we posted about a while back: http://www.securitytube.net/downloads Full details of the certification is available here: http://www.securitytube.net/certifications For an introductory price of $200 till October 15th, 2011 (only limited seats), they are providing all of the following: - Lifetime access to the Students Portal - Lifetime access to Bi-Monthly Webinars with Full Course Coverage and Live Doubt Clearing sessions - Lifetime...

Firefox Java update ready to stop BEAST attacks Firefox developers searching for a way to protect users against a new attack that decrypts sensitive web traffic are seriously considering an update that stops the open-source browser from working with Oracle's Java software framework. Johnath, the alias for Firefox Director of Engineering Johnathan Nightingale, weighed in: “ Yeah - this is a hard call. Killing Java means disabling user functionality like facebook video chat, as well as various java-based corporate apps (I feel like Citrix uses Java, for instance?) ” He went on to say that Firefox already has a mechanism for “ soft-blocking ” Java that allows users to re-enable the plugin from the browser's addons manager or in response to a dialogue box that appears in certain cases. “ Click to play or domain-specific whitelisting will provide some measure of benefit, but I suspect that enough users will whitelist, e.g., facebook that even with those mechanisms (which don...

Supreme Court of Pakistan website defaced by Zombie_Ksa The official website of Pakistan's Supreme Court has been hacked.Visitors to the website found derogatory and abusive remarks about the court and Chief Justice Iftikhar Muhammad Chaudhry. Earlier the Supreme Court website was hacked by two boys also in the month of September last year to whom the court had granted bail on April 11 as they were less than 18 years of age. The hacker declared that his intent to deface the site was ideological in nature to send a message to the Chief Justice of Pakistan Iftikhar Muhammad Chaudhry: “ I am here to request you to go out and help the poor, needy and hungry. They don’t have money to eat one-time meal, they don’t have clothes to wear, and they don’t have accommodation … sitting in your royal chair won’t make any changes to our Pakistan. ”. According to the press release and independent website Zone-H, Zombie_Ksa had carried out at least 169 defacements, of which 69 were single I...

Man-in-the-Middle Remote Attack on Diebold Touch-screen Voting Machine The Vulnerability Assessment Team (VAT) at the U.S. Dept. of Energy's Argonne National Laboratory in Illinois has managed to hack a Diebold Accuvote touch-screen voting machine. Voting machines used by as many as a quarter of American voters heading to the polls in 2012 can be hacked with just $10.50 in parts and an 8th grade science education, according to computer science. " This is a national security issue ," VAT team leader Roger Johnston told me, echoing what I've been reporting other computer scientists and security experts telling me for years. " It should really be handled by the Department of Homeland Security. " " The level of sophistication it took to develop the circuit board" used in the attack "was that of basically an 8th grade science shop ," says Argonne's John Warner. " Anybody with an electronics workbench could put this together. ...

Department of Homeland Security Releases Cyber Security Evaluation Tool (CSET) The Cyber Security Evaluation Tool (CSET) is a Department of Homeland Security (DHS) product that assists organizations in protecting their key national cyber assets. It was developed under the direction of the DHS National Cyber Security Division (NCSD) by cybersecurity experts and with assistance from the National Institute of Standards and Technology. This tool provides users with a systematic and repeatable approach for assessing the security posture of their cyber systems and networks. It includes both high-level and detailed questions related to all industrial control and IT systems. The tool is available for download, and the program also offers training and support at no cost to organizations engaged in administering networks that control facilities identified as being crucial to both the nation's economy and national security. CSET is a desktop software tool that guides users through a step...

Anonymous releases 25,000 records of the Austrian police Anonymous Austria post via the official Twitter account about 25,000 records Austrian police officers. Observers suspect that the data from the Austrian section of the " International Police Association " could come. Meanwhile, the far-right Freedom Party tries to take advantage of the data leak. " This violation of the privacy of our policemen have become fair game for possible revenge attacks by criminals. Minister Mikl-Leitner, the political responsibility for this incredible gap in the IT system of their ministry and is increasingly becoming a security risk for our country ," criticizes FPÖ Speak Königsberg.

The Council on Governmental Ethics Laws (COGEL) hacked and complete database dumped Hacker With Name snc0pe claim to hack official website of The Council on Governmental Ethics Laws (COGEL) . He post a message on pastebin , along with the database download link  (1.88MB).