#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

FBI raids ISP in Anonymous DDoS investigation !

FBI raids ISP in Anonymous DDoS investigation !

Jan 01, 2011
Authorities in the U.S. and Germany have raided Internet Service Providers in hopes of tracking down the hackers who launched distributed denial of service (DDoS) attacks against Web sites such as Visa.com, PayPal.com, and Mastercard.com earlier this month. In documents posted Wednesday to the Smoking Gun Web site, the U.S. Federal Bureau of Investigation describes the complex path its investigation has taken as it has searched for the computers that served as a central meeting point for the attacks. After Germany's Federal Criminal Police raided service provider Host Europe, they linked one of he IRC servers to Dallas's Tailor Made Services, the documents state. Two hard drives were seized from Dallas's Tailor Made Services on Dec. 16, the Smoking Gun reports. Another IRC server has been traced to Fremont, California's Hurricane Electric. Neither Hurricane Electric nor Tailor Made Services could be reached immediately for comment Thursday. The early-December at
Hackers are exploiting a vulnerability in Microsoft Word to plant malware on Windows !

Hackers are exploiting a vulnerability in Microsoft Word to plant malware on Windows !

Jan 01, 2011
The bug in Microsoft Word 2002, 2003, 2007 and 2010 was patched Nov. 9 as part of Microsoft's monthly security update. Word 2008 and 2011 for the Mac have also been patched, but Microsoft has not yet issued a fix for the same flaw in the older Word 2004. The circulating attacks affect only Windows versions of the suite, however. According to the Microsoft Malware Protection Center (MMPC), the group that investigates attack code and issues signature updates for the company's antivirus software, the first in-the-wild exploits were detected last week. When Microsoft shipped the Word patch last month, it rated the bug as "1" on its exploitability index, meaning it believed a working attack would pop up within 30 days. The attack uses a malicious RTF (Rich Text Format) file to generate a stack overflow in Word on Windows, said MMPC researcher Rodel Finones. Following a successful exploit, the attack code downloads and runs a Trojan horse on the compromised computer
Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu
‘BitTorrent’ exploit could be used to stage massive cyber attacks !

'BitTorrent' exploit could be used to stage massive cyber attacks !

Jan 01, 2011
With the Federal Bureau of Investigations (FBI) treating successful cyber attacks by "Operation Payback" as criminal offenses, a new level of ambiguity is being introduced into the enforcement of cyber crime laws. The FBI was treating efforts by "Anonymous" and "4chan" as an "unauthorized and knowing transmission of code or commands resulting in intentional damage to a protected computer system," according to a search warrant affidavit published online Thursday. Not all distributed denial of service (DDoS) efforts are a crime. This is especially true when systems within the networks staging the attack are placed there voluntarily by their users, with thousands of willing individuals simply flooding a server by asking it to do what it's designed for: loading pages. Botnets of this nature have been compared to cyber "sit-ins": a computer-age echo of civil rights-era protests. However, a newly discovered software exploit in peer-to-pee
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
50 more websites Hacked By Tn-V!Rus and salvana !!

50 more websites Hacked By Tn-V!Rus and salvana !!

Jan 01, 2011
50 more websites Hacked By Tn-V!Rus and salvana !! Hacked Websites : https://browne-smith.com/x.htm https://alanpretsellphotography.co.uk/x.htm https://trinityinvitations.co.uk/x.htm https://tropicsenergyltd.com/x.htm https://sdinst.com/x.htm https://rodiniaglobalproperty.com/x.htm https://showbizinternational.co.uk/x.htm https://rrlpersonnel.com/x.htm https://saawithconfidence.com/x.htm https://provenancecapital.co.uk/x.htm https://quanto.com/x.htm https://pinacle-education.com/x.htm https://pelicanred.com/x.htm https://pedersenhairandbeauty.co.uk/x.htm https://pennyofficial.co.uk/x.htm https://parties2amaze.co.uk/x.htm https://nvmodels.co.uk/x.htm https://noemaltd.co.uk/x.htm https://no-more-escorts.com/x.htm https://mymoaccessories.com/x.htm https://mig7.net/x.htm https://merrillconsultants.co.uk/x.htm https://miadevelopments.com/x.htm https://meredithonline.co.uk/x.htm https://lpi-global-skills.org.uk/x.htm https://loveyouriphone.co.uk/x.htm https://macgregorwilson.co.uk/x.htm
315 Websites hacked By Tunisian Hacker - The 077 ( HamDi HaCKer )

315 Websites hacked By Tunisian Hacker - The 077 ( HamDi HaCKer )

Jan 01, 2011
315 Websites hacked By Tunisian Hacker - The 077 ( HamDi HaCKer ) Websites Hacked : Full List here -  https://pastebin.ca/2035387
Hexjector 1.0.7.5 Rev34 Latest Version Download !

Hexjector 1.0.7.5 Rev34 Latest Version Download !

Jan 01, 2011
"Hexjector is an open-source, multi-platform PHP script to automate site penetration tests for SQL Injection Vulnerabilities." This is the updated change log: * Error_Check, HexDorker, HexaFind, HexDumper, HexaCurD, Hexdumpfile, Hexoutfile, Hexloader, and WAF_Detector have all been updated. * HexaFind is now multithreaded(Credits tDavid Hopkins for his CURL Class). * HexacURL removed. * Information.php is not used anymore. * Code is refined and organized for better view. * Output Buffering removed. * WAF Bypass Module Added. * HTTP Requests are now available. * POST * Interface of Hexjector is changed thanks tJohnburn, and mods from me. * A nonpersistent XSS is patched in HexDorker. * Codename Added. * RCE Test added. * Troubleshoot section added taid users in solving problems. * A new Manual Updater is added. * News Feeds Retriever. * Patch Retriever. * SQL Injection Type Detection is recoded tbe more precise. * Another Series of SQL Injection Type Detection are
Cybersecurity Resources