The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

The George Washington Institue for Sustainability hacked by Cocain TeaM The George Washington Institue for Sustainability website got hacked and defaced by Cocain TeaM hackers. Mirror of hack available on Zone-H . The George Washington University is located four blocks from the White House and was created by an Act of Congress in 1821. Today, GW is the largest institution of higher education in the nation's capital.

Rootkit Hunter - Rootkit scanning tool Rootkit scanner is scanning tool to ensure you for about 99.9%* you're clean of nasty tools. This tool scans for rootkits, backdoors and local exploits by running tests like: - MD5 hash compare - Look for default files used by rootkits - Wrong file permissions for binaries - Look for suspected strings in LKM and KLD modules - Look for hidden files - Optional scan within plaintext and binary files Download Rootkit Hunter

14 Years in Jail for mass credit card theft A 21 year old man received a 14 year prison sentenced on Friday for running an online business that sold counterfeit credit cards encoded with stolen account information with losses estimated at more than $3 million. Tony Perez III, of Hammond, Indiana, pleaded guilty to the charges on April 4. In his plea, Perez said he sold counterfeit credit cards encoded with stolen account information. Perez found customers through criminal "carding forums," Internet discussion groups set up to aid in the buying and selling of stolen financial account information and related services. When the US Secret Service raided his apartment in June 2010, they found data for 21,000 stolen credit cards and equipment needed to encode them onto blank cards. Credit card companies said losses from the card numbers in Perez's possession topped more than $3 million. In addition to the prison term, Judge Liam O'Grady of U.S. District Court for th...

NBC News Twitter account hacked & post fake news of 9/11 Hackers have broken into the Twitter account of NBC News and posted messages claiming that there has been a terrorist attack at Ground Zero in New York. Coming two days before the tenth anniversary of the 9/11 attacks, the prank by a group calling themselves the ' script kiddies ' was greeted with widespread opprobrium from other twitter users. " Breaking News! Ground Zero has just been attacked. Flight 5736 has crashed into the site, suspected hijacking. More as the story develops ," was the first tweet this afternoon. It was followed by two others, including one that started " This is not a joke ." The fourth tweet said " NBCNEWS hacked by The Script Kiddies. " Luke Russert, who covers politics for NBC News, also tweeted: " Please ignore NOT TRUE tweets coming from @NBCNews . We got hacked by tasteless despicable attention seeking criminals. " Some experts suspect that sc...

Google tells Iranians to Change their Gmail password Google is advising all its users in Iran to change their Gmail passwords, and check that their Google accounts have not been compromised.In a blog post , Google said that it was directly contacting users in Iran who may have been hit by a man-in-the-middle attack. The move follows the compromise of Dutch SSL certificate authority DigiNotar. Hackers created fake SSL certificate credentials for Google.com and many other domains. These fake Google credentials were used to run man-in-the-middle attacks against Gmail users in Iran, according to an examination of authentication look-ups logs at DigiNotar and other evidence. Specifically, Google recommends that users in Iran change their passwords; verify their account recovery options; check the Web sites and applications that are allowed to access their Google account; check Gmail settings for suspicious forwarding addresses or delegated accounts; and pay attention to warnings tha...

Norton Cybercrime Report 2011 For the first time a Norton study calculates the cost of global cybercrime: $114 billion annually.Based on the value victims surveyed placed on time lost due to their cybercrime experiences, an additional $274 billion was lost. With 431 million adult victims globally in the past year and at an annual price of $388 billion globally based on financial losses and time lost, cybercrime costs the world significantly more than the global black market in marijuana, cocaine and heroin combined ($288 billion). Read more on Norton

FBPwn : A Cross-Platform Facebook Profile Dumper tool FBPwn is an open source, cross-platform, Java based Facebook profile dumper. It can send friend requests to a list of Facebook profiles, and poll for their acceptance notification. Once the victim accepts the invitation, it dumps all their information, photos and friend list to a local folder. It supports a lot of modules that can expand its current functionalities. It has a well documented Wiki page explaining the process of building a FBPwn module. Though it has a lot of available modules prebuilt for your use. All modules work on a selected profile URL (we’ll call him Bob), using a valid authenticated account (we’ll call him Mallory). AddVictimFriends: Request to add some or all friends of Bob to increase the chance of Bob accepting any future requests, after he finds that you have common friends. ProfileCloner: A list of all Bob’s friends is displayed, you choose one of them (we’ll call him Andy). FBPwn will change Ma...

Wireshark 1.4.9 & Wireshark 1.6.2 updated version released Wireshark is the world’s most popular network protocol analyzer. It is used for troubleshooting, analysis, development, and education. The following bugs have been fixed: configure ignores (partially) LDFLAGS. (Bug 5607) Build fails when it tries to #include , not present in Solaris 9. (Bug 5608) Unable to configure zero length SNMP Engine ID. (Bug 5731) BACnet who-is request device range values are not decoded correctly in the packet details window. (Bug 5769) H.323 RAS packets missing from packet counts in “Telephony->VoIP Calls” and the “Flow Graph” for the call. (Bug 5848) Wireshark crashes if sercosiii module isn’t installed. (Bug 6006) Editcap could create invalid pcap files when converting from JPEG. (Bug 6010) Timestamp is incorrectly decoded for ICMP Timestamp Response packets from MS Windows. (Bug 6114) Malformed Packet in decode for BGP-AD update. (Bug 6122) Wrong display of CSN_BIT in CSN.1. (...

Google Web History vulnerable to new Firesheep Addon Two researchers have shown how a modded version of the Firesheep Wi-Fi sniffing tool can be used to access most of a victim’s Google Web History, a record of everything an individual has searched for. The core weakness discovered by the proof-of-concept attack devised by Vincent Toubiana and Vincent Verdot lies with what is called a Session ID (SID) cookie, used to identify a user to each service they access while logged in to one of Google’s services. Fortunately, the latest exploit does not allow attackers to take over Google Accounts, but obviously, it can be used to expose private data. " While the direct access to users' data is subject to a strict security policy, using personalized services (which may leak this same personal information) is not, " wrote Vincent Toubiana and Vincent Verdot, the creators of the modded Firesheep. To be sure, the compromised cookies are deployed across more than 20 websites inc...