#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News

Search results for NASA | Breaking Cybersecurity News | The Hacker News

Texas Man admits hacking into e-commerce servers of NASA !

Texas Man admits hacking into e-commerce servers of NASA !

Feb 24, 2011
A Texas man has admitted hacking into servers owned by an e-commerce company and making off with about $275,000. Jeremey Parker of Houston also copped to charges of breaking into servers maintained by NASA's Goddard Space Flight Center in Maryland and causing some $43,000 of damage. The hacking spree spanned a 10-month stretch starting in December 2008 with the breach of systems owned by SWReg. A subsidiary of Digital River of Minnesota, the company manages royalties for independent software developers. "Parker hacked into SWReg's system, created the money by crediting the SWReg accounts, and then caused that money to be wire transferred to his bank account instead of the accounts of several developers," a press release issued by the US Attorney's office in Minnesota said. The NASA servers Parker hacked gave paying members of the scientific community access to oceanic data being sent to Earth from satellites. Eventually, the data was made available to everyone. Parker
20-Year Old Vulnerability in LZO Compression Algorithm Went to Planet Mars

20-Year Old Vulnerability in LZO Compression Algorithm Went to Planet Mars

Jun 27, 2014
A 20 year old critical subtle integer overflow vulnerability has been discovered in Lempel-Ziv-Oberhumer (LZO), an extremely efficient data compression algorithm that focuses on decompression speed, which is almost five times faster than zlib and bzip compression algorithms. Lempel-Ziv-Oberhumer (LZO) was developed in 1994 by Markus Oberhumer and currently it is one of the most popular and widespread compression algorithm used in the Linux kernel , some Samsung Android mobile devices, other embedded devices and several open-source libraries including OpenVPN, MPlayer2, Libav, FFmpeg. 20 YEAR OLD VULNERABILITY IN LZO ALGORITHM Don A. Bailey, founder and CEO of Lab Mouse Security, who disclosed the technical details of the buffer overrun vulnerability in LZO/LZ4 algorithm, explains that if an attacker carefully craft a piece of compressed data that would run malicious code when the software attempted to decompress it. According to advisory, if buffers of 16MB or more
Cyber Story Time: The Boy Who Cried "Secure!"

Cyber Story Time: The Boy Who Cried "Secure!"

Nov 21, 2024Threat Detection / Pentesting
As a relatively new security category, many security operators and executives I've met have asked us "What are these Automated Security Validation (ASV) tools?" We've covered that pretty extensively in the past, so today, instead of covering the " What is ASV?" I wanted to address the " Why ASV?" question. In this article, we'll cover some common use cases and misconceptions of how people misuse and misunderstand ASV tools daily (because that's a lot more fun). To kick things off, there's no place to start like the beginning. Automated security validation tools are designed to provide continuous, real-time assessment of an organization's cybersecurity defenses. These tools are continuous and use exploitation to validate defenses like EDR, NDR, and WAFs. They're more in-depth than vulnerability scanners because they use tactics and techniques that you'll see in manual penetration tests. Vulnerability scanners won't relay hashes or combine vulnerabilities to further attacks, whic
#THN Monthly ( February ) News Archive, If you miss Something !

#THN Monthly ( February ) News Archive, If you miss Something !

Mar 01, 2012
#THN Monthly ( February ) News Archive,If you miss Something ! # Censorship - Global Concern, THN Magazine March Edition :  https://goo.gl/bktRz # Forget terrorists attacks here are 2012's Most Vulnerable Cities At Risk for Cyber Crime (Idiots) : https://goo.gl/4VYGf # Slum Dog India demands Real time monitoring on Indian Gmail & Yahoo Emails. Do they really have nothing better to do?   https://goo.gl/iYO5H # Iran will probably drop nuclear development cause they think they need to Develop their own security Software, No more foreign Solution, they might suggest banning the Burka too! : https://goo.gl/QVheH # Three Greek Anonymous hackers arrested for defacing Government Sites. They couldn't make the street protest! : https://goo.gl/EyMux # Facebook Hacking - Student jailed for eight months. They ought to jail Facebook for having such a stupid site : https://goo.gl/PwkHt # FAQ : DNSChanger Trojan, Impact and Solutions :   https://goo.gl/IE2Qh # How Hackers can Tr
cyber security

Creating, Managing and Securing Non-Human Identities

websitePermisoCybersecurity / Identity Security
A new class of identities has emerged alongside traditional human users: non-human identities (NHIs). Permiso Security's new eBook details everything you need to know about managing and securing non-human identities, and strategies to unify identity security without compromising agility.
Torrent-Finder fighting with Google for Domain !

Torrent-Finder fighting with Google for Domain !

Jan 02, 2011
The US government - along with organizations like the RIAA and the MPAA - are hitting Torrent sites where it hurts.

 Indeed, due to a slew of recent domain seizures, affected websites are currently experiencing major dips in traffic. 

 However, Torrent-Finder is refusing to throw in the towel. The moment the website's .COM domain was seized by the government, it instantly lost search engine relevance because all links pointed to the old .COM domain, which was no longer functioning. As expected, the broken links not only affected surfers searching and navigating to the site, but the website's SEO ranking as well.

 This is because Google employs an algorithm along with other parameters to determine a site's relevance to a certain term. 

For example, if a website such as NASA.com writes a number of articles about "supernovas," the more relevance it has when people search that particular term. Furthermore, if there are external sites linking to NASA's su
Hacker claims to hack European Space Agency, NASA, US Air Force and  Military, French Ministry of Defence

Hacker claims to hack European Space Agency, NASA, US Air Force and Military, French Ministry of Defence

May 02, 2012
Hacker claims to hack  European Space Agency , NASA, US Air Force and  Military , French Ministry of Defence Hackers with group name " The Unknowns " claimed to Hack European Space Agency, NASA, US military, US Air Force, Harvard.Renault Company, French Ministry of Defence, Bahrain Ministry of Defecene and Thai Royal Navy and Many more. Lots of Data, Screenshot and Login Credentials exposed via a Pastebin Notes : Part 1 and Part 2 . Hackers comment on these hacks " We have hacked this with a reason.The security of those important sites are low.It was very easy to infiltrated the sites.We hope the sites will improve their defence. " Full Message Posted by Hackers: We are The Unknowns; Our Knowledge Talsk and Wisdom Listens... Victims, we have released some of your documents and data, we probably harmed you a bit but that's not really our goal because if it was then all of your websites would be completely defaced but we know that within a week or two, the
100k IEEE site Plain-Text Passwords found on Public FTP

100k IEEE site Plain-Text Passwords found on Public FTP

Sep 25, 2012
A Romanian researcher - Radu Drăgușin  found that 100000 usernames and passwords of the Institute of Electrical and Electronics Engineers (IEEE) was stored in plaint-text on a publicly accessible FTP server. According to him, on Sept. 18 he first discovered a log with usernames and passwords in plaintext, publicly available via IEEE's FTP server for at least a month. He informed them of his find yesterday, and evidently the organization is addressing the issue. On the FTP server, according Dragusin were the logfiles for the offers and ieee.org spectrum.ieee.org - Total data to approximately 376 million HTTP requests. Including 411,308 log entries with login and password in plain text. Among the users who's information was exposed are researchers at NASA, Stanford, IBM, Google, Apple, Oracle and Samsung. IEEE's membership of over 340,000 is roughly half American (49.8 percent as of 2011). " IEEE suffered a data breach which I discovered on September 18. For a few da
It Works! Google's Quantum Computer is '100 Million Times Faster' than a PC

It Works! Google's Quantum Computer is '100 Million Times Faster' than a PC

Dec 09, 2015
Announcing the results of its experiment, Google says Quantum Computer is More than 100 Million times faster than a regular PC. Two years ago, Google and NASA ( National Aeronautics and Space Administration ) bought a D-Wave 2X quantum computer , which they have been experimenting at the U.S. space agency's Ames Research Center in Mountain View, California for the past two years. The goal is to create a better way to solve highly complex problems in seconds rather than years. Also Read:  Fastest Operating System for Quantum Computing Developed By Researchers Now, a Google's Quantum AI team appears to have announced the results of its latest test on D-Wave 2X quantum computer, demonstrating that quantum annealing can outperform simulated annealing by over 108 times – that is 100,000,000 times faster . What is  Quantum Computers? Quantum computers can theoretically be so much faster because they take advantage of quantum mechanics. While traditiona
Philips Electronics got hacked, Database Stolen by Hackers

Philips Electronics got hacked, Database Stolen by Hackers

Feb 13, 2012
Philips Electronics got hacked, Database Stolen by Hackers Another big site got hacked today, its Philips Electronics - had revenues of €25.42 billion in 2010, making it one of the largest electronics companies in the world. It employs around 114,500 people across more than 60 countries. The deface page shows the name of Hacker as -  Hacked by bch195 and HaxOr . These hackers belongs from  Team INTRA . Hacker also make a pastebin note ( https://pastebin.com/BDbrcx8b ) about hack. Hacker claim to hack many subdomains of Philips websites as shown. The screenshot is of a php shell uploaded on Philips's Website. Hackers link 3 more Private note in last pastebin note, which include Most of the Hacked Database of Website and List of few emails extracted from their. Also hacker comment that " This is first 100 emails from 200k list.I don't want to share more because i will sell it ." Last week seems to have another interesting Hacks of big websites : "NASA Own
TinKode sentenced by a Romanian court and $120000 Fine

TinKode sentenced by a Romanian court and $120000 Fine

Oct 05, 2012
" Cernaianu Manole Razvan " akka TinKode , the Romanian behind attacks against NASA, Oracle, the Pentagon, and U.S. Army, was sentenced this week to a two-year suspended sentence, according to local media reports and was ordered to pay damages totalling more than US$120,000. He was arrested in January for his part in a number of attacks. According to Cernianu's case file summary on the Romanian Ministry of Justice Web portal, he was sentenced on September 26 and received six prison sentences of one or two years for separate computer-related offenses. The offenses included: gaining unauthorized access to a protected computer system; transferring data from a computer system without authorization; affecting the normal operation of a computer system by deleting, modifying or sending electronic data; creating, selling or distributing a devices or a computer program designed to be used in computer crimes; creating, selling or distributing a password or access cod
British Hacker Wins Legal Battle Over Encryption Keys

British Hacker Wins Legal Battle Over Encryption Keys

May 11, 2016
In Brief Britain's top crime fighting force has failed in a legal attempt to force alleged hacker Lauri Love to hand over his hard disk's encryption keys. In a landmark case, District Judge Nina Tempia said the investigative agency should have used the normal police powers rather than a civil action to obtain the evidence. Lauri Love, a 31-year-old hacker, has been accused of aiding cyber-attacks against U.S. targets, including NASA, FBI, US Army and US Federal Reserve networks. The National Crime Agency (NCA) has failed in a legal attempt to force the British citizen and political hacktivist Lauri Love to hand over the keys to encrypted data that has been seized from his home two years ago. At a Tuesday hearing in Court Seven at Westminster Magistrates' Court, the NCA's application to make Love disclose his encrypted computer passwords was refused by the judge. Hacker Fighting Extradition to U.S. Love, 31, is currently fighting extradition to the Uni
British Court rules Hacktivist 'Lauri Love' can be extradited to USA

British Court rules Hacktivist 'Lauri Love' can be extradited to USA

Sep 17, 2016
British citizen and alleged hacker Lauri Love will be extradited to the United States to face allegations of hacking into United States government computer systems, a UK judge ruled on Friday. Love, 31, is currently facing up to 99 years in prison for allegedly hacking into the FBI, the US Army, the US Missile Defence Agency, the National Aeronautics and Space Administration (NASA), and New York's Federal Reserve Bank during 2012 and 2013. US Prosecutors claim that Love was allegedly involved in #OpLastResort , an online protest linked with the Anonymous collective following the persecution and untimely death of activist Aaron Swartz, who committed suicide in 2013 while under federal charges for data theft. Speaking at Westminster Magistrates' Court in London, District Judge Nina Tempia said : "I'll be extraditing Mr. Love, by which I mean I'll be passing the case to the Secretary of State." Tempia said Love could appeal against the court decisi
British Baptist Minister's son charged with hacking US Army and Nasa Computer Systems

British Baptist Minister's son charged with hacking US Army and Nasa Computer Systems

Oct 30, 2013
Son of a Baptist Minister, 28-year-old British man named Lauri Love has been charged with hacking into the computer systems of the US army, NASA and other federal agencies. He was arrested Friday at his home in Stradishall, England by the National Crime Agency and according to the indictment alleges Love and his unnamed co-conspirators hacked into thousands of computer systems between October 2012 and October 2013. The indictment does not accuse Love of selling information or doing anything else with it for financial gain. His father Alexander Love, 60, a Baptist minister, works as a chaplain at HMP Highpoint North. His mother Sirkka-Liisa Love, 59, also works at the jail as a teacher. He is charged with one count of accessing a U.S. Department or agency computer without authorization and one count of conspiracy. The government said the purpose was to disrupt the operations and infrastructure of the federal government.  They stole data on more than 5,000 individuals, as well as info
Worldview-3 — Satellite That Could Allow Google and U.S Government to See Your Face from Space

Worldview-3 — Satellite That Could Allow Google and U.S Government to See Your Face from Space

Aug 13, 2014
Majority of my articles are related to government spying, privacy and security issues of your online stuffs and also measures that you can adopt in protecting yourself from being spied on. But, your all efforts will soon be of no use - someone is about to secretly track your every footstep. Google will soon get an eye in the space that will be enough powerful to see your face, thanks to the new satellite, WorldView-3 satellite, which is scheduled to launch later today (11:30 a.m. PST) from California's Vandenberg Air Force Base atop an Atlas 5 rocket by Lockheed Martin Commercial Launch Services, according to Motherboard . DIGITAL EYE IN SPACE WorldView-3 satellite is developed by a US-based company DigitalGlobe , one of the world's leading global content providers of high-resolution earth imagery, supplying most online mapping services to the US government and NASA. The satellite contains : Exelis-built 1.1 meter aperture telescope  Primary visible/SWIR sensor B
Elon Musk Plans to Launch 4,425 Satellites to provide Global Internet from Space

Elon Musk Plans to Launch 4,425 Satellites to provide Global Internet from Space

Nov 18, 2016
Big tech companies, including Facebook, Google, and Microsoft, are in the race of bringing Internet connectivity to unconnected parts of the world through wireless devices , flying drones , high-altitude balloons, and laser beams . But, SpaceX founder Elon Musk has big plans for bringing low-cost Internet service worldwide, and it all starts in space. Private rocket launch service SpaceX has asked the U.S. government for permission to launch 4,425 satellites in orbit to beam high-speed Internet down to the world, according to a newly filed application with the Federal Communications Commission (FCC). That's a hell of a lot of satellites; in fact, the figure surpasses the total number of satellites in the Earth's orbit. Here's what the company's 102-page technical document reads: "The system is designed to provide a wide range of broadband and communications services for residential, commercial, institutional, governmental and professional users world
DDoS Attacks originated from thousands of .EDU and .GOV WordPress Blogs

DDoS Attacks originated from thousands of .EDU and .GOV WordPress Blogs

Dec 04, 2013
In a recent cyber attack on a Forum site, thousands of outdated legitimate WordPress blogs were abused to perform DDOS attacks using previously known vulnerabilities . After analyzing the Log file from the victim's server, we have noticed many Wordpress CMS based educational (.EDU) and Government (.GOV) websites from where the attack was originated. In the past we have reported about many such cyber attacks, where attackers hacked into the Wordpress blogs using password brute-force attack or they used the  PINGBACK  vulnerability in older versions of Wordpress without compromising the server. WordPress has a built in functionality called Pingback , which allows anyone to initiate a request from WordPress to an arbitrary site and it can be used for a single machine to originate millions of requests from multiple locations. We have seen more than 100,000 IP addresses involved in the recent DDOS attack and the victim's Forum website received more than 40,000 requests in 7 mi
Chinese Hackers Steal Info from top secret U.S military data

Chinese Hackers Steal Info from top secret U.S military data

May 03, 2013
QinetiQ , a UK-based defense contractor  suffers humiliation as intelligence officials confirmed that China was able to steal the U.S. classified documents and pertinent technological information all this because of QinetiQ's faulty decision-making. QinetiQ North America (QQ) a world leading defense technology and security company providing satellites, drones and software services to the U.S. Special Forces deployed in Afghanistan and Middle East. The hacking was so extensive that external consultants ended up more or less working permanently inside the firm to root out malicious software and compromises on an ongoing basis. In one of the attacks, that took place in 2009, the hackers raided at least 151 machines of the firm's Technology Solutions Group (TSG) over a 251-day period, stealing 20 gigabytes of data before being blocked.  As the White House moves to confront China over its theft of U.S. technology through hacking, policy makers are faced with the questi
Hackers Claims to compromise Intel's Sensitive Data

Hackers Claims to compromise Intel's Sensitive Data

Feb 10, 2012
Hackers Claims to compromise Intel 's Sensitive Data A security researcher under the name of " WeedGrower ", or " X-pOSed " has been on a roll since the start of 2012. He has ambushed huge sites such as AOL, NASA, Hotmail, Myspace, Xbox, USBank, Yahoo, and VISA, he has also leaked sensitive data on most of those websites. Hackers today Claiming that he compromise Intel's Sensitive Data like User Base & Credit Cards. He found a way to expose sensitive data via the subscriber section on Intel.com and he also has access to the INTEL.com database which reveals Credit Card Numbers, Social Security Numbers, Emails, Passwords, and more. "WeedGrower", or "X-pOSed" has threatened that he's going to be leaking this soon if he doesn't get a response from Intel.com carriers. Hacker said ," I've got to give some applause to all these pseudo-security technicians out there. I cut Intel a break, I have access to a database and a
Hacker Wanted in the U.S. for Spreading Gozi Virus Arrested in Colombia

Hacker Wanted in the U.S. for Spreading Gozi Virus Arrested in Colombia

Jul 01, 2021
Colombian authorities on Wednesday said they have arrested a Romanian hacker who is wanted in the U.S. for distributing a virus that infected more than a million computers from 2007 to 2012. Mihai Ionut Paunescu (aka "Virus"), the individual in question, was detained at the El Dorado airport in Bogotá, the Office of the Attorney General of Colombia  said . Paunescu was  previously charged  by the U.S. Department of Justice (DoJ) in January 2013 for operating a bulletproof hosting service that "enabled cyber criminals to distribute the Gozi Virus, the Zeus Trojan and other notorious malware, and conduct other sophisticated cyber crimes." He was arrested in Romania in December 2012 but managed to avoid extradition to the U.S. "Through this service, Paunescu, like other bulletproof hosts, knowingly provided critical online infrastructure to cyber criminals that allowed them to commit online criminal activity with little fear of detection by law enforcement,&
U.S. DoJ Indicts North Korean Hacker for Ransomware Attacks on Hospitals

U.S. DoJ Indicts North Korean Hacker for Ransomware Attacks on Hospitals

Jul 26, 2024 Cybercrime / Healthcare
The U.S. Department of Justice (DoJ) on Thursday unsealed an indictment against a North Korean military intelligence operative for allegedly carrying out ransomware attacks against healthcare facilities in the country and funneling the payments to orchestrate additional intrusions into defense, technology, and government entities across the world. " Rim Jong Hyok and his co-conspirators deployed ransomware to extort U.S. hospitals and health care companies, then laundered the proceeds to help fund North Korea's illicit activities," said Paul Abbate, deputy director of the Federal Bureau of Investigation (FBI). "These unacceptable and unlawful actions placed innocent lives at risk." Concurrent with the indictment, the U.S. Department of State announced a reward of up to $10 million for information that could lead to his whereabouts, or the identification of other individuals in connection with the malicious activity. Hyok, part of a hacking crew dubbed Andarie
Password Manager Pro — Easiest Way to Keep Enterprises Secure

Password Manager Pro — Easiest Way to Keep Enterprises Secure

Dec 01, 2016
Recent corporate breaches have taught us something important — the average enterprise user is spectacularly bad at choosing good passwords. As modern enterprise is becoming a hybrid organization with infrastructure spread across on-premises data centers as well as in the cloud, security of information, applications, and assets has become a paramount concern. Cyber security is no longer an optional strategy for businesses, where limited visibility into the password practices of employees and ineffective monitoring of privileged credentials could end up an organization with a serious security breach and identity theft. The first line of defense for any organization or company is passwords, but most organizations grossly underestimate the need to comply with corporate password policies and meet IT regulatory requirements. Large enterprises have a policy in place that requires end users to choose strong passwords that can withstand dictionary and brute-force attacks, but it come
Expert Insights / Articles Videos
Cybersecurity Resources