The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Sony hacked again - 93,000 accounts compromised with brute-force attack Sony has warned users against a massive bruteforce attack against PlayStation and Sony network accounts. The attack – which used password and user ID combinations from an unidentified third-party source – succeeded in compromising 60,000 PlayStation Network and 33,000 Sony Online Entertainment network accounts. These accounts have been locked and passwords reset. The attack took place between October 7 and 10 and succeeded in matching valid sign-in IDs. According to a blog post by Philip Reitinger, Sony's Chief Information Security Officer, credit card details were not compromised. Both the motive for the latest attack against Sony network users and the identity of the perpetrator(s) remains unclear. Sony shut down its PlayStation Network in April in the aftermath of a far more damaging hack attack. The service wasn't restored until a month later. Personal information on 77 million account-holders wa...

WineHQ database compromise - One More Linux Project Fail Jeremy White, Codeweavers Founder has announced that access to the WineHQ database has been compromised. " On the one hand, we saw no evidence of harm to any database. We saw no evidence of any attempt to change the database (and candidly, using the real appdb or bugzilla is the easy way to change the database). Unfortunately, the attackers were able to download the full login database for both the appdb and bugzilla. This means that they have all of those emails, as well as the passwords. The passwords are stored encrypted, but with enough effort and depending on the quality of the password, they can be cracked ." Anybody who has reused a password stored there probably wants to make some changes fairly soon. Attackers have used phpMyAdmin, an open source database administration tool, to access the WineHQ project's database and harvest users' appdb and bugzilla access credentials. Wine (Wine Is Not an Emu...

Your Browser Matters - Microsoft Launches Tool For Checking Browser Security Microsoft launched a website today designed to give users a detailed look at how secure their browser is. The site, called Your Browser Matters , automatically detects the visitor's browser and returns a browser security score on a scale of four points. When you visit the site, called Your Browser Matters, it allows you to see a score for the browser you’re using. Well, if you’re using IE, Chrome, or Firefox—other browsers are excluded. Not surprisingly, Microsoft’s latest release, Internet Explorer 9, gets a perfect 4 out of 4: If you visit the site with the most recent public releases of Firefox or Google Chrome, however, the results are less than perfect. Here, for example, are the detailed results for Chrome 14 and Firefox 7: Microsoft's new site is primarily intended to encourage users of older versions of Internet Explorer to upgrade. The bane of the existence of Web developers everywhere,...

iPad Finally Has a Facebook Application Facebook has just released its official iPad app . The tablet device was unveiled in January 2010, but development and negotiations with Apple stalled the release of Facebook’s app until now. Facebook for iPad is now available in App Store . We’ve been waiting for a Facebook iPad app almost as long as there’s been an iPad, and there has been talk that Facebook has been working on the app for more than a year. The lack of an app for Facebook has been a pretty massive hole in the functionality of the iPad, given the social network’s unrivaled popularity. And tons of third-party apps have sprung up to fill the void – but none of them were the official, sanctioned apps of Mark Zuckerberg, and none included the kind of power that Facebook has baked into its own native app. Here are some of the top Features of the new app: Bigger, better photos: Photos appear bigger and in high-resolution with easy to flip and rotate features in the photo album ...

blueHOMES hacked - 500k users data and Password in Plain text leaked Some Anonymous Hacker hack the French property and property Germany Dealers website blueHOMES.com  . About 500,000 Users data claim to be hacked by Hacker and also database include all customer passwords in plaintext, including full addresses, skype account, and mailboxes of bluehomes. Specified data leaked on pastebin  with sample data of some users.

VeriSign demands Power to takedown non-legitimate website VeriSign, which manages the database of all .com internet addresses, wants powers to shut down "non-legitimate" domain names when asked to by law enforcement. VeriSign should be able to shut down a .com or .net domain, and therefore its associated website and email, " to comply with any applicable court orders, laws, government rules or requirements, requests of law enforcement or other governmental or quasi-governmental agency, or any dispute resolution process ", according to a document it filed today with domain name industry overseer ICANN. The new powers would be international and, according to VeriSign's filing, could enable it to shut down a domain also when it receives " requests from law enforcement ", without a court order." Various law enforcement personnel, around the globe, have asked us to mitigate domain name abuse, and have validated our approach to rapid suspension of...

German Researchers Break RFID Smartcard Encryption Scientists have found a way to circumvent the encryption used to protect a smartcard used to restrict access to buildings and to process public transit system payments. A team of German scientists have demonstrated a hack that lets them make a perfect clone of the kind of magnetic security card used to give access to workers in corporate or government buildings -- including NASA -- and as a daily ticket replacement on buses and subways. The same team broke a previous version of contactless-ID cards from Mifare in 2008.  This prompted the company to upgrade its security to create a card able to be programmed only once and which contained a unique identifying number that could be checked against the programmed content on the card for extra security. The new hack is carried out using a side channel attack, which bypasses the defensive features intended to prevent attacks on the card. To achieve this, the researchers made repeat...

FBI shut down 18 Child Porn Websites A man was recently indicted on federal charges of running 18 Chinese-language child pornography websites out of his apartment in Flushing, New York. The websites were being advertised to Chinese-speaking individuals in China, in the U.S., and other countries. According to the FBI, " Virtually every day, children are lured away from their families by cyber sexual predators. We’re committed to stopping these crimes through our Innocent Images National Initiative. Based in Maryland, it joins FBI agents and local police in proactive task forces around the country that work online undercover to stop those who prey on our kids. " In late 2010, the FBI - through their legal attaché office in Beijing - received information from Chinese officials about their investigation of a large-scale child pornography website housed on U.S. servers. One of their main suspects, a Chinese-born man, was living in New York. The FBI's New York office op...