The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Malware automatically uploading stolen data to the File sharing sites Roland Dela Paz , a threat response engineer with Trend Micro have discovered a piece of malicious software that automatically uploads its stolen data cache to the SendSpace file-sharing service for retrieval. File-storage services offer several advantages for cybercriminals. SendSpace accepts files and then generates a link that can be shared with other people to download the content in the files. The malware has been configured to send files, copy the download link and send it to a command-and-control server along with the password needed to access the archive, Dela Paz wrote. Here is a screenshot of the Sendspace page leading to the archive of collected documents. Malware utilizing free online services are definitely not unheard of. Utilizing a public file hosting site is yet another clever way for cybercriminals to store stolen data as they do not need to set up a server that will store large amou...

In our Last Month Magazine Issue, Lee Ives from London, England and Admin of Security-FAQs - talk about internet security for your children and what to watch out for and how to protect them and yourself. You can Download Here Special The Hacker News Magazine January 2012 Edition. Have a look the interesting Article shared by Lee : The one thing that is great about the internet is that just like many of the other major mediums it has content for all different types of age groups. If you have older people that you need to entertain then you will be able to find something for them to be entertained by on the web. If you have younger kids that you have to entertain then you will find something for them as well. But unlike the other major mediums such as TV, you have a more diverse stock from which to pick from. With the internet you are getting content from all around the world and no matter which age group you need to entertain, you will be able to find something for the...

Citigroup sites hit by Brazilian Anonymous hacker Citigroup has confirmed its consumer banking sites were temporarily offline Friday because of what a bank spokesman referred to as temporary outages. Hackers with Anonymous have claimed to be behind the attacks. The operation behind the attacks waged against banks in Brazil, known as #OpWeeksPayment on Twitter, claims issues with government and capitalism were catalysts for the attacks. Anonymous Brasil said its attacks were only meant to fight corruption in BrazilA group of internet hackers, which calls itself Anonymous Brasil, continued its relentless attacks which began earlier last week by taking down the websites of the Citigroup and Citibank.The group, which is targeting financial institutions, issued a warning message to them, saying Anonymous Brasil does not forget you. Your turn will come. Apart from Citigroup, both in Brazil and in the US, the group had also targeted the websites of four major banks in Brazil, including B...

Joomscan Security Scanner updated to 611 Joomla vulnerabilities Database Another huge update coming from Security Team Web-Center that Joomscan Security Scanner is now updated to 611 Joomla vulnerabilities Database. Last update for this tool was in November, 2011 with 550 vulnerabilities in Database. In joomscan you can check for new updates with command: ./joomscan.pl check or ./joomscan.pl update Download for Windows  (141 KB) Download for Linux  (150 KB )

Mobile Based Wireless Network MiTM Attack Illustration Bilal Bokhari from zer0byte.com Illustrated perfect example of Mobile Based Wireless Network MiTM Attack on his blog. Bilal want to share this article with our Readers at THN, Have a look : If we look at the history of computer development, the computer developers/engineers just 10 years back did not have any clue as to how this industry is going to be, the way this industry we have today. The Computers and its applications nowadays are more powerful and much smarter than ever before. Computer applications are used in every industry like engineering, designing, music programming, web development etc which enables their users to come up with amazing products every day. So far so good the story of the computer development sounds amazing but there is a problem with its development. When computer applications are developed, they are not particularly a complete perfect solution. They contain some flaws or bugs which can be ex...

Sun Microsystems (Print) - Cross Site Scripting Vulnerabilities Today Ucha Gobejishvili ( longrifle0x ) a Pentester from Georgia reported 3 More important Cross Site Scripting Vulnerabilities in Sun Microsystem's and Java Printer Webpages. Java's Vulnerable Link   : Click Here Sun's Vulnerable Link 1 :  Click Here Sun's Vulnerable Link 2 :  Click Here Cross-Site Scripting occurs when an attacker can send a malicious script to a different user by relaying the script from an otherwise trusted or innocuous server. These flaws are extensive on the Web and allow an attacker to place malicious code that can execute attacks against other users in the security context of the web servers of the trusted host. Previous vulnerabilities  reported by longrifle0x : Click here to Read or Mirrors .

ProCredit Bank Georgia hacked by RetnOHacK #AntiSerbs Group of Hackers named - B!JemBeX, RetnOHacK, Weedh0aX, mR.Thg hack into ProCredit Bank of Georgia (procreditbank.ge) . They Deface the Administrator panel page located at  http://www.procreditbank.ge/admin/login.php  as shown in image attached. On Deface page Hacker said " This day have received that much time..when will you accept that you lose the fight ?in this game you do not have no chance to win..you always were and always will be losers remain losersMitrovica do not sell , Mitrovica is ours as alwaysWe do not want peace with you , because I hate slaves.Date of " 28 November " is approaching to unite all Albanians... ". Till now its unclear that Hacker damage anything else rather than site pages.

Anonymous Hacks FBI and Records Conference Call Earlier today, Anonymous released a confidential conference call between the FBI and law enforcement officers in the UK. The 16-minute call discusses ongoing investigations into hackers associated with Anonymous, AntiSec, and LulzSec. From all appearances, Anonymous retrieved the sensitive access code information and a list of attendees from an FBI email account. The group released a roughly 15-minute-long recording of what appears to be a Jan. 17 conference call devoted to tracking and prosecuting members of the loose-knit hacking group. The email, titled “ Anon-Lulz International Coordination Call ”, was published on pastebin earlier today: http://pastebin.com/8G4jLha8  . The email with details for accessing the call was sent to law enforcement officials in Britain, France, the Netherlands and others but the only people who identify themselves on the call are from the FBI and Scotland Yard.In a message on Twitter, An...

Call of Duty , Spider-Man and other 7 Largest Video Game Sites Hacked Today Turkish Hackers from group " GrayHatz " hack and Deface Call of Duty, Spider-Man and other 7 Largest Video Game Sites. Hacked Sites Include: - Call of Duty® Official Video Game Site : Link and Mirror - X-Men Origins: Wolverine Official Video Game Site :  Link  and  Mirror - Spider-Man: Edge of Time Official Game Website - Transformers: Fall of Cybertron Official Video Game Site : Link and Mirror - Prototype 2 Official Video Game Site : Link and Mirror - Infinity Ward Developer of Call of Duty : Link and Mirror - The Quantum Of Solace Game Official Video Game : Link and Mirror - DJ Hero 2 | Available Now Official Site : Link and Mirror - Guitar Hero Official Site : Link and Mirror