The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Evidence, leaked accidentally, points to Chinese based miscreants’ knowledge, and potential exploitation, of the latest  Microsoft Corporation  (NasdaqGS:  MSFT )  Internet Explorer  zero day, via a recently released  Google Inc.’s  (NasdaqGS:  GOOG ) researcher’s( Michal Zalewski ) fuzzer application… Ooops. More, after the jump. A renowned Google researcher who this week released a new free fuzzer that so far has found around 100 vulnerabilities in all browsers says Chinese hackers appear to have gotten their hands on one of the same bugs he discovered with the tool. Google’s Michal Zalewski unleashed the so-called cross_fuzz tool on New Year’s Day and announced the fuzzer to date uncovered more than 100 vulnerabilities, many of them exploitable, in all browsers. In a bizarre twist, Zalewski says an accidental leak of the address of the fuzzer prior to its release helped reveal some unexpected intelligence, namely that “third parties in China” ...

Angel Found Venerability in Alnasir.com.pk ! Link to site :  http://alnasir.com.pk/ News Source : Angel via Email

A former University of Tennessee student convicted of hacking the e-mail account of former Alaskan Governor Sarah Palin during the 2008 presidential campaign has begun his one-year sentence in an unfenced federal prison camp in Kentucky, authorities said Thursday. According to a statement issued by spokesman for the Federal Bureau of Prisons, 23-year-old David Kernell reported at the minimum security camp in Ashland, Kentucky on January 10 to begin serving out his sentence. Kernel's imprisonment at the Kentucky prison camp came despite a recommendation by sentencing Judge Thomas Phillips that he should serve out his term at a halfway house to reflect the "unique circumstances" of the case. In his ruling made in November, Federal Judge Thomas W. Phillips had recommended that David Kernell be allowed to serve out his time at the Midway Rehabilitative Center on Magnolia Avenue in Knoxville, a half way house located near the college where Kernell took classes this summer. In...

5 websites hacked by Pak Cyber Combat Squad ! Hacked List : http://www.4lifecostarica.net/Ibrarz.html http://www.abisdentalcare.com/Ibrarz.html http://www.churchcomplements.com/Ibrarz.html http://www.lafuentedelosmariscos.com/Ibrarz.html http://www.germanruiz.com/Ibrarz.html News Source : Pak Cyber Combat Squad 

Selena Gomez  has warned fans to ignore a series of hateful messages posted on her  Twitter  and  Facebook. com pages, after her online accounts were targeted by hoaxers. The Wizards of Waverly Place star's pages on the social networking sites were taken over by hackers earlier this week. Imposters confused fans with a series of profanity-riddled messages, including, "THE KID ON 4CHAN.ORG IS A LIEN F**KER HE DIDNT HACK S**T!!!!," and, "This message is for puha, YOU SUCK B**CH!!!" The unauthorized posts have since been deleted. And Gomez has taken to her Facebook page to warn fans to ignore the mean messages, assuring them the problem is being fixed. She wrote, "Sorry everyone. My Facebook Page and Twitter account has been hacked and we are cleaning it up." News Source : Om Rathore

DarkComet-RAT (Remote Administration Tool) is software design to control in the best condition and comfort possible any kind of Microsoft Windows machine since Windows 2000. This software allow you to make hundreds of functions stealthy and remotely without any kind of authorization in the remote process. This software is a long time project, started the August 2008, DarkComet-RAT is now one of the best and one of the most stable RAT ever made and totally free. – (that’s what we like more about DarkComet RAT) This RAT provides most of the features provided by others. Download  DarkComet RAT v3.0   here News Source : Dark Commet

“DFF (Digital Forensics Framework) is a simple but powerful tool with a flexible module system which will help you in your digital forensics works, including file recovery due to error or crash, evidence research and analysis, etc. DFF provides a robust architecture and some handy modules.“ This is the change log: Lib EWF support : The LibEWF [1], developed by Joachim Metz, has been included as a connector. It provides support for Encase(R) file format (E01/S01 format). Bookmarks : It is now possible to bookmark interesting nodes and sort them by categories. The aim is to gather relevant files when performing analysis. Bookmarked nodes can then be used by other modules and also extracted. Advanced Hexadecimal viewer : Features used to resolve the DFRWS 2010 challenge [2] have been included. These features are very useful when studying unknown data structures or performing advanced files analysis. This upgraded version of the hexadecimal viewer provides three new visualization mo...

“ Wireshark is the world’s most popular network protocol analyzer. It is used for troubleshooting, analysis, development, and education .” This update fixes many vulnerabilities such as the one with MAC-LTE dissector and the ENTTEC dissector. The following protocols have been updated – AMQP, ASN.1 BER, ASN.1 PER, CFM, CIGI, DHCPv6, Diameter, ENTTEC, GSM A GM, IEEE 802.11, InfiniBand, LTE-PDCP, LTP, MAC-LTE, MP2T, RADIUS, SAMR, SCCP, SIP, SNMP, TCP, TLS, TN3270, UNISTIM and WPS. You can now read captures via the Endace ERF, Microsoft Network Monitor and VMS TCPtrace file formats. For a complete list of changes, please refer to the 1.4.3 release notes. Download Wireshark v1.4.3 & Wireshark v1.2.14 here . News Source : Wireshark

Everyone in the UK will already be familiar with this story with the New Labour’s plan for biometric identity cards.  That plan, which costs billions of pounds and was later shelved by the new coalition government, will now probably never happen in the UK. Now US President Barak Obama wants to increase Internet Security by creating an “identity ecosystem” for the Internet.  The US government is stressing this is not a national identity card system, though it would be hard to see how it would not be used as such by law enforcement and banks. A spokesperson said “We are not talking about a national ID card, we are not talking about a government-controlled system. What we are talking about is enhancing online security and privacy; reducing and perhaps even eliminating the need to memorize a dozen passwords, through creation and use of more trusted digital identities.” Many banking websites already use your existing card with a chip and pin reader to authenticate your usage....