The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Decoys have been present in each and every culture, to capture the unknown as well as the known defaulters. The honey, which was used in turning the heads of bears that we used to find in jungles, well the same honey, but in a revisited version is being implemented and used here and has already proven worthy of its existence. This type of honey lures in a different kind of bears. The bears those are present in the cyber jungle. Yes, we are talking of the black hat hackers which are hell bent on intruding your file systems and scratching out info. Read Complete Tutorial and Guide on Honeypots : Honeypot / Honeynet - Tracking the Hackers ! (Video Tutorial for setup & Usage) : Indian Cyber Army So, we are now going to discuss this very new and amazing feature, which only a few of the countries in world stand to have, including ours. Explaining with examples is always easy. Recently, a very famous Turkish hacker was busted using these techniques of Honeypot. The hacker was

 The number of Britons targeted by cybercrime is expected to overtake conventional crime for the first time next year. Internet security experts claim that up to 19 million people will come under attack from hi-tech criminals, generally involved in identity theft. While at one time, the biggest threat was a burglary or someone smashing a car window to grab a radio, today's Britons are facing up to the growing menace of internet crime which can be carried out from thousands of miles away. The success of "hacktivists" in targeting big businesses, such as the Visa and Mastercard credit card companies in the wake of the Wiki-Leaks furore, has highlighted concerns about cyber security. A survey of UK police officers specialising in hi-tech crime found that 79 percent have noticed a steep increase in cybercrime activity within the past six months. Identity theft and so-called malware attacks, in which spying software is inadvertently downloaded onto a home computer, are considered among the

Imagine a world where the software that powers your favorite apps, secures your online transactions, and keeps your digital life could be outsmarted and taken over by a cleverly disguised piece of code. This isn't a plot from the latest cyber-thriller; it's actually been a reality for years now. How this will change – in a positive or negative direction – as artificial intelligence (AI) takes on a larger role in software development is one of the big uncertainties related to this brave new world. In an era where AI promises to revolutionize how we live and work, the conversation about its security implications cannot be sidelined. As we increasingly rely on AI for tasks ranging from mundane to mission-critical, the question is no longer just, "Can AI  boost cybersecurity ?" (sure!), but also "Can AI  be hacked? " (yes!), "Can one use AI  to hack? " (of course!), and "Will AI  produce secure software ?" (well…). This thought leadership article is about the latter. Cydrill  (a

The faction of Anonymous that launched the anti-Scientology movement Chanology and has more recently been supporting Wikileaks through various information and direct action campaigns has launched an attack on the Tunisian government's web capabilities in retaliation for the censorship policies it has recently put in place. Their main site is down and will remain so for the near future; other actions are imminent. I have been given the following press release from the faction in question and have posted it below the fold; further updates will be added as they occur. Update I have replaced the original version with a better translation (it is available in several languages and I can provide those upon request). PRESS RELASE: "And if all others accepted the lie which the Party imposed—if all  records told the same tale—then the lie passed into history and became  truth. 'Who controls the past' ran the Party slogan, 'controls the  future: who controls the present cont

The US government - along with organizations like the RIAA and the MPAA - are hitting Torrent sites where it hurts.

 Indeed, due to a slew of recent domain seizures, affected websites are currently experiencing major dips in traffic. 

 However, Torrent-Finder is refusing to throw in the towel. The moment the website's .COM domain was seized by the government, it instantly lost search engine relevance because all links pointed to the old .COM domain, which was no longer functioning. As expected, the broken links not only affected surfers searching and navigating to the site, but the website's SEO ranking as well.

 This is because Google employs an algorithm along with other parameters to determine a site's relevance to a certain term. 

For example, if a website such as NASA.com writes a number of articles about "supernovas," the more relevance it has when people search that particular term. Furthermore, if there are external sites linking to NASA's su

Hacktivists have struck a blow against the regime in Zimbabwe by attacking a number of government websites. The cyber-assault appears to have been in support of newspapers who published secret cables in the ongoing WikiLeaks saga, to the annoyance of the-powers-that-be in the country. Grace Mugabe, wife of Zimbabwe president Robert Mugabe, was recently reported to be suing a newspaper for $15 million after it published a WikiLeaks cable that claimed she has benefited from illegal diamond trading. As news spread amongst the loosely-knit group of Anonymous hackers who support WikiLeaks, websites belonging to the Zimbabwe government and Robert Mugabe's ZANU-PF party were hit by distributed denial-of-service (DDoS) attacks and, in the case of the Finance Ministry, defacements. The Zimbabwe government's online portal at www.gta.gov.zw and the official ZANU-PF website continue to be offline, and the Finance Ministry's website now displays a message saying it is under maintenance.

   Nivosb ( Blue&White Team - Israel Hackers )   Found Venerability in  Iran Ministry of Foreign Affairs's  Website   XSS Venerability Preview :

V@N!$H3R found venerability in 5 biggest Windows IT professionals community Websites ! V@N!$H3R is an Indian Hacker, who is member of Group " Ethical Pen3trators ". There motto is ' Securing Indian Cyber Space '. They Found venerability in 5 biggest Windows IT professionals community Websites and next step will be to inform their webmaster about these bugs. 1.) Windows IT Pro - The leading independent community for IT pros Venerable Link :   https://www.windowsitpro.com/home/search.aspx?query=%3Chtml%3E%3Cbody%3E%3Cmarquee%3E%3Cfont+color%3Dred+size%3D5%3E--You+Have+been+Hacked+by+V@N!$H3R--%3C/marquee%3E%3C/font%3E%3Cbr%3E%3Cbr%3E%3CIMG%20SRC=%22https://www.boncherry.com/blog/wp-content/uploads/2010/12/happy-new-year-2011-odometer_design.jpg%22%3C/body%3E%3C/html%3E 2.) Paul Thurrott's SuperSite for Windows Venerable Link :   https://www.winsupersite.com/home/search.aspx?query=%3Chtml%3E%3Cbody%3E%3Cmarquee%3E%3Cfont+color%3Dred+size%3D5%3E--You+Have+been+Ha

AVG Anti-Virus 2011 11.20 Build 3152 Final (x86/x64) Anti-Virus 2011 New version of famous anti-virus program from Czech developer to protect your PC from dangerous objects and network threats. Program blocks viruses, trojans, worms, spyware, and a module to deal with rootkits helps get rid of the malicious processes, masking the virus. Compatible with Windows Vista and Windows 7 AVG Internet Security 2011 10.0.0.1120a3152 AVG Internet Security 2011 security solution from all types of Internet threats. The program combines all the necessary safety features: antivirus, antispyware, firewall, antispam and other components AVG PC Tuneup 2011 Final 10.0.0.20 You already know how AVG can protect you online. Now we take that expertise one step further by fixing problems that slow you down. AVG PC Tuneup is your one-stop shop to help you get the most out of your PC. Download Links : https://www.fileserve.com/file/XwGMurN https://www.fileserve.com/file/cnDx82Y https://www.fileserve.co

A data-stealing Trojan affecting Android devices has emerged in China. The Geinimi Trojan sends location co-ordinates, unique device identifiers, and a list of installed apps on the infected device to a remote server. Additionally, it can independently download applications and prompts the user to install them, mobile security company Lookout said on Wednesday. "Geinimi's author(s) have raised the sophistication bar significantly over and above previously observed Android malware by employing techniques to obfuscate its activities," Lookout said in a blog post on Wednesday. "In addition to using an off-the-shelf bytecode obfuscator, significant chunks of command-and-control data are encrypted. While the techniques were easily identified and failed to thwart analysis, they did substantially increase the level of effort required to analyse the malware." When an application containing the Trojan is launched on an Android device, the Trojan will run in the backgro

Sony PlayStation 3 hacked, PS3 jailbreak Fail0verflow method. Sony PlayStation 3 has successfully been hacked by a team of hackers named fail0verflow thanks to its poor public key cryptography. The hacker group demonstrated their hacking tricks at the Chaos Communication Conference 27C3 in 45 minutes. Hackers stated that they could crack PS3 through its feeble cryptographic implementation. The hacker team discovered several of Sony's security downfalls with its PS3 after their deep research on the system. They said that it was so easy to get into PS3's innards, if intruded through its weak public key cryptography. They worked with an aim to restore PS3's Linux capability. Sony has removed Linux capability of original PS3 and PS3 Slim. In their presentation, at the Chaos Communication Conference, the PS3 hacker team elaborately explained how they managed to hack the gaming device from Sony. They said they have been working through the device's several security levels that conta

ddosim is a tool that can be used in a laboratory environment to simulate a distributed denial of service (DDOS) attack against a target server. The test will show the capacity of the server to handle application specific DDOS attacks. ddosim simulates several zombie hosts (having random IP addresses) which create full TCP connections to the target server. After completing the connection, ddosim starts the conversation with the listening application (e.g. HTTP server). ddosim is written in C++ and runs on Linux. Its current functionalities include: HTTP DDoS with valid requests HTTP DDoS with invalid requests (similar to a DC++ attack) SMTP DDoS TCP connection flood on random port In order to simulate such an attack in a lab environment we need to setup a network like this: Download :   ddosim-0.2.tar.gz More Info : 1)   DDOSIM at Sourceforge

The Blackbuntu Community Edition is a Linux Live-CD based on Ubuntu 10.10 which was specially designed for security training students and practitioners of information security.  Another tool for penetration testers collection that could be considered as a competition for  Pentoo . It supports the following list penetration testing methodologies: Information Gathering Network Mapping Vulnerability Assessment Privilege Escalation Maintaining Access Intrusion Detection and Prevention Digital Forensics Web Application Analysis Reverse Engineering Wireless Analysis Security Distributions Malicious Code Analysis AntiSpyware & AntiVirus Tools Password Recovery & Managers To be precise, it contains the following tools: Information Gathering : DNS DnsEnum Dnsmap Dnsrecon DnsTracer Dns-Walk Fierce FindDomains HostMap Lynis Email Harvesting theHarvester Routing 0trace Itrace Lanmap2 Nat Probe Netenum Netmask NMBscan Protos Tctrace TCPtraceroute Search