The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

HDFC Bank Database Hacked by zSecure team using SQL injection vulnerability zSecure team is back in news again, this time they have discovered a critical SQL injection vulnerability in HDFC Bank's Web Portal. Using this critical flaw HDFC Bank's various databases can be accessed and dumped as well. This critical flaw really affects the customer realtions of HDFC Bank's and this really questions the existing security in place within bank. HDFC Bank is the leading bank in India but they lack behind the basic security that needs to be implemented. zSecure team claimed in their blog post that even after sending them complete details about the vulnerability and even after conducting the vulnerability assessment from the third party service provider they were not able to discover this critical falw which existed in their web portal. This really raises a big question on their existing security policy. What would have happened if somone else would have gained acceess to this c...

Anonymous Release Press Release for Operation Tarmageddon Early in July, Anonymous said it planned to attack oil firms and banks supporting the controversial extraction of oil from sand in Alberta, Canada. Exxon Mobil, ConocoPhillips, Canadian Oil Sands, Imperial Oil, and the Royal Bank of Scotland have been put on notice that they are likely to be targeted in Anonymous' latest operation, dubbed Project Tarmageddon. Complete Press Release : Early in July, deep below the radar of the Tar Sands Oil Industry, Anonymous and GreenSec boarded the LulzSub and began a journey of environmental justice. This journey had only one endpoint: success. With all the attention Anonymous recently had received , a sub was the sure choice to ensure maximum impact and minimum damage to the fleet. When Big Brother watches, you go under the surface. All July, we supported a protest against the Tar Sands oil industry, which ended in protesters dancing on the meeting table of the Governor of Montana...

Indian Government Computers are also Corrupted like Government One of the Indian Hacker named " nomcat " claim to hack into the Indian Prime Ministers Office Computers and install R.A.T (remote administration tool ) in them. He also Expose the Vulnerability in Income Tax website and Database Information. Press Release By Hacker : Our team wanted to release this information with interests of the people and to expose out to the world how corrupt the Indian Government and this is one of the best examples ... The IT department of India is vulnerable to SQL injection it allows the "attacker" to view and edit all the databases ,tables ,columns and data stored within them since there a LOT of tables we are not yet done fully exploring them and we are letting out only the data we think is the least affecting to our country's security , But what we should learn is that this is one of the simplest hacking methods and most of the work can be done by point and click ap...

Vulnerability Master 1.0 Released By MaxPain Video Demostartion Download Vulnerability Master 1.0

VBulletin Underground Website Hacked By ' Why So Serious ' Vbteam.info is underground vBulletin Hacking website. It provides free vBulletin. This website is hacked by a new hacker named as " Why So Serious? ". He also hacked EA Game - Battlefield Heroes Accounts . He leaked 1400+ accounts of the Vbteam.info forum in pastebin .

Persistent XSS vulnerability in eBuddy Web Messenger A team member from Virtual Luminous Security , Russian Federation, has discovered a persistent XSS vulnerability in eBuddy (the biggest web IM solution in the world) by transmitting messages with embedded encoded javascript code. In-depth detail eBuddy Web Messenger suffers from an encoded-Persistent XSS vulnerability in the messaging function. (while sendingA message with embedded code to another authorized user in eBuddy WebMessenger). Exploit example Plain XSS (Not going to store, nor execute) <script>alert('eBuddy Persistent XSS');</script> Encoded text=%3Cscript%3Ealert%28'eBuddy%20Persistent%20XSS'%29%3C/script%3E [*] The attacker sends the encoded embedded code in an IM message. [*] The victim receives the message with the encoded embedded code and it executes on the victims browser.

The Hacker News Magazine September Issue - NO ONE IS SECURE Well folks, after this issue and the obvious intensity of the insecurity of the net, I have a few thoughts on the unfettered access to knowledge. It is more than apparent we all live in a time where the extensive dissemination of opinions, thoughts and ideas and information are done through a modern method of transmission. The simplicity and effectiveness by which computers and networks are used to assemble, store, search, associate, recover, and share information make computer technology especially risky to anyone who wishes to keep personal or protect information from the public sphere or out of the clutches of anyone who is perceived as a probable threat. As this issues explores, the evolving and more advanced capabilities of computer viruses, phishing, fraud schemes, spyware, and hacking activity springing up from every corner of the globe and the diversity of privacy-related issues engendered by computer technolo...

Two Suspected Anonymous/LulzSec hackers arrested by British police Officers from the Metropolitan Police Service's Central e-Crime Unit (PCeU) have today, 1 September, arrested two men for conspiring to commit offences under the Computer Misuse Act 1990. Two men, aged 20 and 24, have been arrested by British police in connection with Anonymous and LulzSec Members. The men were arrested separately at addresses in Mexborough, Doncaster, South Yorkshire and Warminster, Wiltshire. The Doncaster address was searched by police and computer equipment was removed for forensic examination. Kayla, alongside the likes of Sabu, Topiary and Tflow is considered to be one of the key figures in the LulzSec hacking gang. DI Mark Raymond from the PCeU said: " The arrests relate to our enquiries into a series of serious computer intrusions and online denial-of-service attacks recently suffered by a number of multi-national companies, public institutions and government and law enforcement ...

EA Game - Battlefield Heroes Accounts Hacked by ' Why So Serious? ' Albanian Hacker One of the most famous games over the world Battlefield Heroes which is created by EA Games is hacked by a new hacker named " Why So Serious? ". The hacker is from Albania. He made a post on Battlefield Heroes site & said: " Hello all Players and Admins. I'm Why So Serious?. Today I hacked some Battlefield Heroes accounts. I'm going to post them on this forum and on my Fan Page on Facebook: Why So Serious? . " Hacker Leaks the User Login passwords on pastebin from Battlefield Site. Hacker claim that he will hack another EA Games accounts and Jagex Games accounts and will post those accounts also today. Hacker also have a facebook page , where he publish the hack details. Hacked Website:  http://www.battlefieldheroes.com/