The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Mysql.com hacked, serving BlackHole exploit malware MySQL.com website is currently hacked and compromised with a JavaScript malware (and serving malware to anyone visiting it). The mysql.com website is injected with a script that generates an iFrame that redirects the visitors to http://truruhfhqnviaosdpruejeslsuy.cx.cc/main.php, where the BlackHole exploit pack is hosted. " It exploits the visitor's browsing platform (the browser, the browser plugins like Adobe Flash, Adobe PDF, etc, Java, ...), and upon successful exploitation, permanently installs a piece of malware into the visitor's machine, without the visitor's knowledge ," say the researchers. " The visitor doesn't need to click or agree to anything; simply visiting mysql.com with a vulnerable browsing platform will result in an infection." It is, of course, impossible to say who the attackers are. The domain reached through the iFrame is registered to one Christopher J Klein from Miam...

USA Today Twitter Account Hacked By Script Kiddie A group calling itself “ The Script Kiddies ” hacked USA Today’s Twitter account this weekend and used it to solicit requests for future targets and even to promote its own Facebook page. Although this recent hack seems like more of a childish prank, this group is being taken seriously by the FBI due to its earlier hacks involving false terrorism claims posted to NBC’s Twitter account. USA Today quickly regained control of the compromised feed. " @usatoday was hacked and as a result false tweets were sent. We worked with Twitter to correct it. The account is now back in our control ," it said. " We apologize for any inconvenience or confusion caused to our readers and thank you for reading @usatoday ." It’s possible that the new USA Today hack involved a spyware Trojan horse, like the earlier NBC hack did. For the NBC hack, NBC News’s director of social media Ryan Osborn could have received a Trojan horse conta...

[Hurry Up] Hacker Halted 2011 Special Offer For The Hacker News Readers Special for all The Hacker News subscribers (Offer ends Sep 30, 2011) Attend EC-Council's signature event in Miami - Hacker Halted USA - and  Get an iPad 2 + 2 nights hotel +  an additional 10% discount , when signing up for the conference pass at public prevailing rates, or for selected training. Held at the Intercontinental Miami from Oct 21 - 27, Hacker Halted USA will feature some of the best infosec superstars including  Bruce Schneier (Internationally acclaimed security guru), Philippe Courtot (Chairman - Qualys), Jeremiah Grossman (CTO - WhiteHat Security),  George Kurtz (Global CTO - McAfee), Dr. Charlie Miller (Accuvant), Moxie Marlinspike, Barnaby Jack and many others. There are a total of more than 70 speakers this year, and a very comprehensive agenda covering the major hot topics surrounding information security across 4 dedicated tracks. There is also a wide sele...

Facebook track your cookies even after logout ! According to Australian technologist Nik Cubrilovic: ' Logging out of Facebook is not enough .' He added, Even after you are logged out, Facebook is able to track your browser's page every time you visit a website. He wrote in his blog ' With my browser logged out of Facebook, whenever I visit any page with a Facebook like button, or share button, or any other widget, the information, including my account ID, is still being sent to Facebook. ' After explaining the cookies behavior he also suggested a way to fix the tracking problem: ' The only solution to Facebook not knowing who you are is to delete all Facebook cookies.'

Official websites of 7 major Syrian city hacked by Anonymous for #OpSyria Official websites of 7 major Syrian city hacked by Anonymous hackers as part of hacktivists Anonymous' Operation Syria (  #OpSyria ). Anonymous has replaced the home pages of official Syrian websites with an interactive map of Syria, showing the names, ages and date of deaths of victims of the Syrian regime since the protests started in March. They call it  Martyrs of Freedom (March - October 2011).  The figure 2,316 commemorates the number of Syrians killed by the Syrian regime since anti-Assad protests started in Syria in March. The victims' names, ages and dates of death appear as you hover over the map of Syria. Hacked sites: http://tartous-city.gov.sy/ http://deirezzor-city.gov.sy/ http://palmyra-city.gov.sy/ http://homs-city.gov.sy/ http://aleppo-city.gov.sy/ http://latakia-city.gov.sy/ http://old-damascus.gov.sy/

Ani-Shell v1.4 Released With Python - Bind Shell , Anti-Crawler Feature and MD5 Cracker Ani-Shell is a simple PHP shell with some unique features like Mass Mailer , A simple Web-Server Fuzzer , a DDoser , A MD5 hash Cracker , Python and PHP Bind-Shells , Anti-Crawler Features etc! This shell has immense capabilities and have been written with some coding standards in mind for better editing and customization! New Features :- MD5 Hash Cracker Python Bind-Shell Anti-Crawler Function Shell Support for some Older Servers Better CSS Whole New Logo Ani-Shell Project Page : http://sourceforge.net/projects/ani-shell/ Ani-Shell Homepage : http://ani-shell.sourceforge.net/ Default login : lionaneesh Default password : lionaneesh

700,000 sites on Inmotion Hosting Server hacked by TiGER-M@TE in one shot ! 700,000 websites hosted on InMotion Hosting network hacked by TiGER-M@TE including  Trinity FM, Blast Magazine. It was not just a server hack, actually whole data center got hacked.   List of all hacked 700000 sites are available here .  Hackers copied over the index.php in many directories (public_html, wp-admin), deleted my images directory and added index.php files where they weren’t needed. 2,00,000 websites hack mirror already Submitted to Zone-H by TiGER-M@TE . We ( The Hacker News ) talk with hacker about the hack, He claim " I hack 700000 websites in one shot, this may be a new world Record. After submitting 200,000 domains,zone-h was going down again and again and became almost unresponsive in the end.so i was unable to submit all websites.so i've listed all domains in attachment .   It was not just a server hack, actually whole data center got hacked. " In Moti...

Mac trojan poses as PDF to open botnet backdoor There's another Mac OS X Trojan out in the wild, and it might be heading your way.If you open the file, which could appear as an emailed attachment or as a Web link, the document, written in traditional Chinese ideograms, does indeed display. But a Trojan silently installs itself in the background as you try to sort out centuries-old territorial claims.The Trojan doesn't really do anything yet. But F-Secure, the Finnish security firm that discovered it, notes that it lays the groundwork for much more sophisticated attacks against Macs. The malware in question has been identified as Trojan-Dropper:OSX/Revir.A, which installs a backdoor, Backdoor:OSX/Imuler.A, onto the user's Mac. Currently, however, the backdoor doesn't communicate with anything. The command-and-control center for this particular malware is apparently a bare Apache installation, which has been sitting at its current domain since May of this year. Beca...

Singapore will setup National Cyber Security Centre Singapore has said it will boost its national capability to counter cyber security threats through the setting up of a ' National Cyber Security Centre ' in the coming months. The Centre, which will be headed by the Singapore Infocomm Technology Security Authority, will help the government deal more effectively with cyber security threats and vulnerabilities by enhancing capabilities in early detection and prevention, Deputy Prime Minister Teo Chee Hean said. In his address at the Second Singapore Global Dialogue here yesterday, Teo, who is also coordinating minister for national security and home affairs minister, said a safe and functioning cyberspace was critical to " our society, economy and national security. "