#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Tunisia under attack by Anonymous Hackers - Press Release !

Tunisia under attack by Anonymous Hackers - Press Release !

Jan 03, 2011
The faction of Anonymous that launched the anti-Scientology movement Chanology and has more recently been supporting Wikileaks through various information and direct action campaigns has launched an attack on the Tunisian government's web capabilities in retaliation for the censorship policies it has recently put in place. Their main site is down and will remain so for the near future; other actions are imminent. I have been given the following press release from the faction in question and have posted it below the fold; further updates will be added as they occur. Update I have replaced the original version with a better translation (it is available in several languages and I can provide those upon request). PRESS RELASE: "And if all others accepted the lie which the Party imposed—if all  records told the same tale—then the lie passed into history and became  truth. 'Who controls the past' ran the Party slogan, 'controls the  future: who controls the present cont
Torrent-Finder fighting with Google for Domain !

Torrent-Finder fighting with Google for Domain !

Jan 02, 2011
The US government - along with organizations like the RIAA and the MPAA - are hitting Torrent sites where it hurts.

 Indeed, due to a slew of recent domain seizures, affected websites are currently experiencing major dips in traffic. 

 However, Torrent-Finder is refusing to throw in the towel. The moment the website's .COM domain was seized by the government, it instantly lost search engine relevance because all links pointed to the old .COM domain, which was no longer functioning. As expected, the broken links not only affected surfers searching and navigating to the site, but the website's SEO ranking as well.

 This is because Google employs an algorithm along with other parameters to determine a site's relevance to a certain term. 

For example, if a website such as NASA.com writes a number of articles about "supernovas," the more relevance it has when people search that particular term. Furthermore, if there are external sites linking to NASA's su
Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu
Pro-WikiLeaks hackers deface Zimbabwe government websites !

Pro-WikiLeaks hackers deface Zimbabwe government websites !

Jan 02, 2011
Hacktivists have struck a blow against the regime in Zimbabwe by attacking a number of government websites. The cyber-assault appears to have been in support of newspapers who published secret cables in the ongoing WikiLeaks saga, to the annoyance of the-powers-that-be in the country. Grace Mugabe, wife of Zimbabwe president Robert Mugabe, was recently reported to be suing a newspaper for $15 million after it published a WikiLeaks cable that claimed she has benefited from illegal diamond trading. As news spread amongst the loosely-knit group of Anonymous hackers who support WikiLeaks, websites belonging to the Zimbabwe government and Robert Mugabe's ZANU-PF party were hit by distributed denial-of-service (DDoS) attacks and, in the case of the Finance Ministry, defacements. The Zimbabwe government's online portal at www.gta.gov.zw and the official ZANU-PF website continue to be offline, and the Finance Ministry's website now displays a message saying it is under maintenance.
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
Nivosb ( Israel Hackers ) Found Venerability in Iran Ministry of Foreign Affairs Website !

Nivosb ( Israel Hackers ) Found Venerability in Iran Ministry of Foreign Affairs Website !

Jan 02, 2011
   Nivosb ( Blue&White Team - Israel Hackers )   Found Venerability in  Iran Ministry of Foreign Affairs's  Website   XSS Venerability Preview :
V@N!$H3R found venerability in 5 biggest Windows IT professionals community Websites !

V@N!$H3R found venerability in 5 biggest Windows IT professionals community Websites !

Jan 02, 2011
V@N!$H3R found venerability in 5 biggest Windows IT professionals community Websites ! V@N!$H3R is an Indian Hacker, who is member of Group " Ethical Pen3trators ". There motto is ' Securing Indian Cyber Space '. They Found venerability in 5 biggest Windows IT professionals community Websites and next step will be to inform their webmaster about these bugs. 1.) Windows IT Pro - The leading independent community for IT pros Venerable Link :   https://www.windowsitpro.com/home/search.aspx?query=%3Chtml%3E%3Cbody%3E%3Cmarquee%3E%3Cfont+color%3Dred+size%3D5%3E--You+Have+been+Hacked+by+V@N!$H3R--%3C/marquee%3E%3C/font%3E%3Cbr%3E%3Cbr%3E%3CIMG%20SRC=%22https://www.boncherry.com/blog/wp-content/uploads/2010/12/happy-new-year-2011-odometer_design.jpg%22%3C/body%3E%3C/html%3E 2.) Paul Thurrott's SuperSite for Windows Venerable Link :   https://www.winsupersite.com/home/search.aspx?query=%3Chtml%3E%3Cbody%3E%3Cmarquee%3E%3Cfont+color%3Dred+size%3D5%3E--You+Have+been+Ha
AVG 2011 Software Pack (All-in-one) +keys Download

AVG 2011 Software Pack (All-in-one) +keys Download

Jan 02, 2011
AVG Anti-Virus 2011 11.20 Build 3152 Final (x86/x64) Anti-Virus 2011 New version of famous anti-virus program from Czech developer to protect your PC from dangerous objects and network threats. Program blocks viruses, trojans, worms, spyware, and a module to deal with rootkits helps get rid of the malicious processes, masking the virus. Compatible with Windows Vista and Windows 7 AVG Internet Security 2011 10.0.0.1120a3152 AVG Internet Security 2011 security solution from all types of Internet threats. The program combines all the necessary safety features: antivirus, antispyware, firewall, antispam and other components AVG PC Tuneup 2011 Final 10.0.0.20 You already know how AVG can protect you online. Now we take that expertise one step further by fixing problems that slow you down. AVG PC Tuneup is your one-stop shop to help you get the most out of your PC. Download Links : https://www.fileserve.com/file/XwGMurN https://www.fileserve.com/file/cnDx82Y https://www.fileserve.co
Geinimi Trojan targets Android devices !

Geinimi Trojan targets Android devices !

Jan 02, 2011
A data-stealing Trojan affecting Android devices has emerged in China. The Geinimi Trojan sends location co-ordinates, unique device identifiers, and a list of installed apps on the infected device to a remote server. Additionally, it can independently download applications and prompts the user to install them, mobile security company Lookout said on Wednesday. "Geinimi's author(s) have raised the sophistication bar significantly over and above previously observed Android malware by employing techniques to obfuscate its activities," Lookout said in a blog post on Wednesday. "In addition to using an off-the-shelf bytecode obfuscator, significant chunks of command-and-control data are encrypted. While the techniques were easily identified and failed to thwart analysis, they did substantially increase the level of effort required to analyse the malware." When an application containing the Trojan is launched on an Android device, the Trojan will run in the backgro
Sony PlayStation 3 hacked, PS3 jailbreak Fail0verflow method !

Sony PlayStation 3 hacked, PS3 jailbreak Fail0verflow method !

Jan 01, 2011
Sony PlayStation 3 hacked, PS3 jailbreak Fail0verflow method. Sony PlayStation 3 has successfully been hacked by a team of hackers named fail0verflow thanks to its poor public key cryptography. The hacker group demonstrated their hacking tricks at the Chaos Communication Conference 27C3 in 45 minutes. Hackers stated that they could crack PS3 through its feeble cryptographic implementation. The hacker team discovered several of Sony's security downfalls with its PS3 after their deep research on the system. They said that it was so easy to get into PS3's innards, if intruded through its weak public key cryptography. They worked with an aim to restore PS3's Linux capability. Sony has removed Linux capability of original PS3 and PS3 Slim. In their presentation, at the Chaos Communication Conference, the PS3 hacker team elaborately explained how they managed to hack the gaming device from Sony. They said they have been working through the device's several security levels that conta
DDOSIM – Layer 7 DDoS Simulator !

DDOSIM – Layer 7 DDoS Simulator !

Jan 01, 2011
ddosim is a tool that can be used in a laboratory environment to simulate a distributed denial of service (DDOS) attack against a target server. The test will show the capacity of the server to handle application specific DDOS attacks. ddosim simulates several zombie hosts (having random IP addresses) which create full TCP connections to the target server. After completing the connection, ddosim starts the conversation with the listening application (e.g. HTTP server). ddosim is written in C++ and runs on Linux. Its current functionalities include: HTTP DDoS with valid requests HTTP DDoS with invalid requests (similar to a DC++ attack) SMTP DDoS TCP connection flood on random port In order to simulate such an attack in a lab environment we need to setup a network like this: Download :   ddosim-0.2.tar.gz More Info : 1)   DDOSIM at Sourceforge
The Blackbuntu Community Edition Download !

The Blackbuntu Community Edition Download !

Jan 01, 2011
The Blackbuntu Community Edition is a Linux Live-CD based on Ubuntu 10.10 which was specially designed for security training students and practitioners of information security.  Another tool for penetration testers collection that could be considered as a competition for  Pentoo . It supports the following list penetration testing methodologies: Information Gathering Network Mapping Vulnerability Assessment Privilege Escalation Maintaining Access Intrusion Detection and Prevention Digital Forensics Web Application Analysis Reverse Engineering Wireless Analysis Security Distributions Malicious Code Analysis AntiSpyware & AntiVirus Tools Password Recovery & Managers To be precise, it contains the following tools: Information Gathering : DNS DnsEnum Dnsmap Dnsrecon DnsTracer Dns-Walk Fierce FindDomains HostMap Lynis Email Harvesting theHarvester Routing 0trace Itrace Lanmap2 Nat Probe Netenum Netmask NMBscan Protos Tctrace TCPtraceroute Search
Cybersecurity Resources