The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Underground Security Forums : Poisonhack.info & Team-xpc.com Hacked by 0p3nH4x ! 0p3nH4x Team of Hackers , Hack two big Underground Security websites :  Poisonhack.info & Team-xpc.com , who call them self as " Security Expert ".  0p3nH4x  hack them and provide all Hack details at  http://pastebin.com/peDbvkXz . Submitted By : 0p3nH4x

Indian Congress Party & Ebay Nepal Websites are vulnerable to Hackers ! MaDnI member of Pak Cyber Army found Serious Sql injection vulnerabilities in two famous sites, first is Ebay Nepal sites http://ebay.com.np/ and 2nd is of Indian Congress Party : http://www.congress.org.in  , The Detail of vulnerable links are shown below : 1.)  Ebay Nepal : Target : http://ebay.com.np/index.php?task=cms&id=3 Database : ebaycom_ebay 2.) Indian Congress Party Target : http://www.congress.org.in/new/renunciation-details.php?id=2 Attack Type : SQL Union Injection User :  aiccorg_usr@localhost Database : aiccorg_db

CodeMasters - Gaming Community Compromised, Back-End Users Data Leaked ! CodeMasters - Gaming Community has been hacked by " Kon " . He leak the back-end users login Information as shown below : Technical Details : Encryption: DES(Unix) Method: POST SQLi URL: Not providing Number of member accounts: 2524846 Database version: 4.1.22-max-log

Anonymous leaks PSN SSH Logs , Sony is responsible for Data Theft ? 1.) On the Sony servers running the highly outdated Open SSH version 4.4. 2.) Current version is 5.7. For those of Sony for encrypted version are used for more than five years several known security holes. 3.) Sony server running in part to the long-outdated software Apache 2.2.10. 4.) Current version is 2.2.17. The version used by Sony is vulnerable to damaging Internet attacks, such as overload attacks (DDOS). Outdated server software may have caused outage Allowing PSN hackers to enter PlayStation Network stealing more than 100 million user data sets from PSN and SOE. Since the allegation itself isn't exactly new, correct, there are new proofs that this rumor is. Report even claims that Sony lies when it comes to the statement of outdated servers. Computer Bild got an excerpt showing log files that proof that Sony was, as of the hacking attack, using very outdated server software, sea...

Indian Premier League | IPLT20 Website Defaced by Tyson_08 and Inferno ! Indian Premier League | IPLT20 Website Has been hacked, and some defaced by Tyson_08 and Inferno Hackers. They wrote a short message on deface page that, They have too many times inform about SQLi Vulnerability in T20 website at  http://www.iplt20.com/ , But none of Authority/Admin take it Seriously. They Put copy of Coding of Index Page at  http://pastebin.com/xn7Fe853  and Mirror of hack is available at  http://www.legend-h.org/mirror/166530/iplt20.com  . 

OpenDNSSEC 1.3.0rc2 new Version released ! Version 1.3.0rc2 of OpenDNSSEC  Match the names of the signer pidfile and enforcer pidfile. Include check for resign < resalt in ods-kaspcheck. Bugfixes: Bugfix #231: Fix MySQL version check. ods-ksmutil: Update now sends a HUP to the enforcerd. Signer Engine: Fix assertion failure if zone was just added. Signer Engine: Don’t hsm_close() on setup error. Signer Engine: Fix race condition bug when doing a single run. Signer Engine: In case of failure, also mark zone processed (single run). Signer Engine: Don’t leak backup file descriptor. signconf.rnc now allows NSEC3 Iterations of 0 Download the tarball from:  opendnssec-1.3.0rc2.tar.gz

Facebook Prepares to Launch Bug Bounty Program ! Facebook is working on setting up a bug bounty program that would encourage security researchers to discover vulnerabilities on its platform and report them responsibly. Mr. Joe Sullivan, Facebook's chief security officer, told us today at the Hack in the Box Amsterdam 2011 security conference that the company is currently testing such a system and hopes to launch it soon. Vulnerability reward programs are not new. In fact, they've been around since the Netscape era. In 2004 Mozilla introduced a bug bounty system for vulnerabilities discovered in Firefox, then last year Google did the same for Chromium, the open source project behind Google Chrome. However, it was Google that began rewarding vulnerabilities found in its web services first, a move that was mirrored by Mozilla a month later. Facebook has a pretty good relationship with security researchers already and many of them are reporting vulnerabilities to the ...

RKAnalyzer - kernel level rootkit analyzer ! RKAnalyzer is a kernel level rootkit analyzer and defender using Hardware Virtualization Techniques, based on the BitVisor Project(A VMM developed by Tsukuba University and open-sourced under BSD License). It tries to monitor kernel level rootkits' actions and log them. What differs RKAnalyzer with tranditional detection softwares(i.e. Rootkit Revealer, IceSword) is that RKAnalyzer actively intercepts rootkit actions, rather than reacting to rootkit after already infected. Also, RKAnalyzer support analysis mode, which differs from defend mode by presenting a much more transparent environment, in which rootkit would consider itself running without being monitored. How to Use :  http://code.google.com/p/rkanalyzer/wiki/HowToUse Download :  http://rkanalyzer.googlecode.com/svn/

Red Hat Enterprise Linux 6.1 is now available at http://www.redhat.com/rhel/ . Enhancements provide improvements in system reliability, scalability and performance, coupled with support for upcoming system hardware. This release also delivers patches and security updates, while maintaining application compatibility and OEM/ISV certifications. In addition to performance improvements, Red Hat Enterprise Linux 6.1 also provides numerous technology updates, including: Additional configuration options for advanced storage configurations with improvements in FCoE, Datacenter Bridging and iSCSI offload, which allow networked storage to deliver the quality of service commonly associated with directly connected storage Enhancements in virtualization, file systems, scheduler, resource management and high availability New technologies that enable smoother enterprise deployments and tighter integration with heterogeneous systems A technology preview of Red Hat Enterprise Identity (IPA) se...