The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

A Texas man has admitted hacking into servers owned by an e-commerce company and making off with about $275,000. Jeremey Parker of Houston also copped to charges of breaking into servers maintained by NASA's Goddard Space Flight Center in Maryland and causing some $43,000 of damage. The hacking spree spanned a 10-month stretch starting in December 2008 with the breach of systems owned by SWReg. A subsidiary of Digital River of Minnesota, the company manages royalties for independent software developers. “Parker hacked into SWReg's system, created the money by crediting the SWReg accounts, and then caused that money to be wire transferred to his bank account instead of the accounts of several developers,” a press release issued by the US Attorney's office in Minnesota said. The NASA servers Parker hacked gave paying members of the scientific community access to oceanic data being sent to Earth from satellites. Eventually, the data was made available to everyone. Parker...

Twitter post suggests 'The Jester' may have been responsible for knocking controversial church offline A Twitter message from Monday suggests that a seld-proclaimed "hacktivist" using the handle The Jester may have been responsible for knocking the controversial Westboro Baptist Church offline. In the  message , the hacker claimed to have temporarily taken down the public website of the church "for celebrating the death of U.S. troops." The message, however, made no direct mention if The Jester (@th3j35t3r onTwitter) was also responsible for the unavailability today of several other websites affiliated to the WBC. Members of the WBC church, based in Topeka, Kan., are known for their strident anti-gay views and for protests at funerals of slain military personnel and others. Last week, someone purporting to be from the hacking collective known as Anonymous, posted a letter on an Anonymous site, warning WBC members of attacks against their church public webs...

The Libyan government could pull the plug on the country's internet as protests sweep the country. On Friday and Saturday night the country experienced a near black-out, with continued patchy access this week, according to a  Google Transparency Report . Libya has had periods of partial or total unreachability through the weekend. The first night's internet blackout was repeated 24 hours later, with all prefixes unreachable from 1am to just after 8am Sunday morning, said James Cowie from internet monitoring firm Renesys. "At the moment, however, the Libyan prefixes are reachable, traceroutes inbound are completing at normal rates, and key commercial and government websites that we spot-check are responding normally," James Cowie wrote in a  blog post . Libya's access to the international internet is controlled by a single company, which is run by the state,  Cowie told CNN . That would make it easier, in theory, for the country to shut down internet connections ...

The government today said 199 government websites have been defaced by foreign hackers in the last six months.  "The website of Central Bureau of Investigation (CBI) was defaced by a foreign hacker "Pakistan Cyber Army" on December 3, 2010. In addition to this, a total of 198 government websites were defaced by foreign hackers in the past six months," Minister of State for Communications and IT Gurudas Kamat said in a written reply to the Lok Sabha.  He added that several measures have been taken to detect and prevent cyber attacks.  This includes audit of all new government websites and applications and engaging National Informatics Centre (NIC) to improve safety posture etc.  Replying to another query, Kamat said a total of 420 cases were registered under the IT Act 2000 in 2009.  "A total of 217, 288 and 420 cases were registered under IT Act, 2000 during 2007, 2008 and 2009 respectively, thereby showing an increasing trend.  A total of 339, 176 and 276 ...

#anonsec : Anonymous Hackers guide how to Mesh Network ! They Wrote the message : Yes, there is work to do. The idea is to write a how-to on building mesh networks. The n00bs must understand it. Mesh networks are usefull, as they cannot be censored nor shut down. Later on that How-to can become part of Anonymous' uber-secret handbook regarding safety. Version 0.2.0, a downloadable .pdf, can be found there http://goo.gl/SuY0f . Join irc.anonops.ru #anonsec where you find the mesh pad link in the /topic.

Indishell (Indian Hacking Group) Got Hacked By N3t.Crack3R  (Pakistani Hacker) ! Indishell 's Official website Hacked By XSS attack , their forum member ' Chai ' (N3t.Crack3R) . This Hack can be seen within restricted login area so there is no ' zone-h ' Mirror, But ' N3t.Crack3R ' make a video of this hack. Download the Video : Click Here   (File size: 507.47 KB) Note : (Reload Page if 1st time you got error "File Temporarily no avaiblable")

Insecure Magazine :  Issue 28 available for Download ! Database protocol exploits explained Review: MXI M700 Bio Measuring web application security coverage Inside backup and storage: The expert's view Combating the changing nature of online fraud Successful data security programs encompass processes, people, technology Sangria, tapas and hackers: SOURCE Barcelona 2010 What CSOs can learn from college basketball Network troubleshooting 101 America's cyber cold war RSA Conference Europe 2010 Bootkits - a new stage of development Download

Watcher is a Web security testing tool and passive vulnerability scanner. This tool is in continues development and has updated it features and capabilities. Watcher is a runtime passive-analysis tool for HTTP-based Web applications. Being passive means it won’t damage production systems, it’s completely safe to use in Cloud computing, shared hosting, and dedicated hosting environments. Watcher detects Web-application security issues as well as operational configuration issues. Watcher provides pen-testers hot-spot detection for vulnerabilities, developers quick sanity checks, and auditors PCI compliance auditing. It looks for issues related to mashups, user-controlled payloads (potential XSS), cookies, comments, HTTP headers, SSL, Flash, Silverlight, referrer leaks, information disclosure, Unicode, and more. Major Features: Passive detection  of security, privacy, and PCI compliance issues in HTTP, HTML, Javascript, CSS, and development frameworks (e.g. ASP.NET, JavaServer) ...

HACKERS brought down a website for a health trust serving 700,000 NHS patients in Dorset. The attack, which disabled the site over the weekend, blocked access to the Dorset HealthCare University NHS Foundation Trust website. The trust provides treatment for mental health issues, addiction, dentistry, and some primary care services to patients across the county. Hackers posted a message on the site which read: “Don’t mess with me. Site totally hacked” and a cartoon image of a penguin emerging from a shattered computer screen carrying a gun. A jumbled message posted by the hacker on the trust’s website read: “You call this security. You must be kidding. If you don’t want to get into trouble, patch your admin.” Dr Paul Ton de Vrieze, a lecturer in web systems and technologies at  Bournemouth University , said such attacks were often made only for the hacker’s satisfaction. “Sometimes people hack sites for their own bravura. They think it is fun to do and show the world that they are...