The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

The simplistic spam campaign that hit around Christmas and purported to be a holiday greeting from the White House not only included a piece of Zeus-related malware that searches hard drives for documents and uploads them to a remote server, but also appears to be connected to a similar attack from early 2010 that exposed a nascent botnet. The holiday e-card scam is a typical year-end spam tactic and often will include malware of one type or another. But the latest incarnation was different in that it included a malicious executable related to the Zeus botnet and it seems that officials in a number of government agencies in the U.S. and elsewhere fell for the scam and ended up exposing gigabytes of government documents. One of the executables being used in the e-card attack is nearly identical to a file that was used in a similar attack in February 2010 that was detailed by security firm NetWitness at the time. In the frst stage of the latest attack, the user clicks on a link in the m

A nearly nine-month investigation by Santa Barbara County Sheriff's detectives has led to the arrest of a former UCSB student as a suspected identity thief who bilked at least five victims out of at least $158,000. Imoukhuede Ohiwerei Ehimika, 26, of Nigeria was arrested Dec. 21 at his home in the 200 block of Mathilda Drive in Goleta, the Sheriff's Department announced Thursday. He was released Tuesday, Dec. 28, after posting $150,000 bail. Detectives began their investigation in April after a Santa Barbara area man reported that someone had used the Internet to transfer more than $5,000 from the his bank account into a fraudulent bank account that had recently been opened under his name. Over the next two months, detectives received similar reports from other Goleta and Santa Barbara residents involving transfers from their home equity accounts. In each case the suspect then bought money orders from various Wal-Mart stores around Southern California. Detectives allege that Ehimi

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many approaches offer piecemeal solutions – zeroing in on one particular element of the evolving threat landscape challenge – missing the forest for the trees.  In the last few years, Exposure Management has become known as a comprehensive way of reigning in the chaos, giving organizations a true fighting chance to reduce risk and improve posture. In this article I'll cover what Exposure Management is, how it stacks up against some alternative approaches and why building an Exposure Management program should be on  your 2024 to-do list. What is Exposure Management?  Exposure Management is the systematic identification, evaluation,

Have you received an email seemingly from Microsoft's security team telling you to " Update your Windows "? Have you been sent a file called KB453396-ENU.zip and told to run it on your Windows computer? Well, think twice before following the instructions. Cybercriminals are up to their old tricks, spreading malware under the disguise of a critical security patch from Microsoft. In the current example, they've spammed out an email containing a worm, which even quotes the real name of a senior member of Microsoft's security team - Steve Lipner - to try to fool you into believing it is genuine. The emails have a subject line of " Update your Windows " and contain the following text: Of course, Mr Lipner has nothing to do with the emails and Microsoft never distributes security updates via email attachments. Nevertheless, there have been a series of attacks that have abused his name in the past. With so much effort being taken by the cybercriminals to hoodw

Chinese website Dlzdjy.com   database hacked by Team Jmc H4x0rs Admin Panel : Database :  News Submitted By : Team Jmc H4x0rs

Manufacturers racing to create HDTVs that can connect to the Web may have rushed over an important step in trying to rush them to market: keeping them safe from hackers. According to the  New York Times , security firm Mocana was able to hack an Internet-connected set "with unsettling ease." The hack allowed them to obtain the owner's credit card numbers and to monitor the data being sent from the TV to various Web sites. Mocana refused to divulge the brand of HDTV into which it easily hacked, though it did say that it was one of the five most popular Web-connected sets. Especially concerning was Mocana's conclusion about how the Internet features were implemented for this particular TV: The things we found were mistakes that an inexperienced device designer would make when connecting something to the Internet for the first time. Security companies are still figuring out the best ways to prevent breaches in new devices that connect to the Internet, including using fingerprint scanning

Saudi Arabia's Ministry of Education has restored its website, weeks after it was taken offline in the latest of a series of hacking attempts on some of the kingdom's most prominent sites. "The website was hacked a few weeks back, but has now been fully restored, and is safe and functional," Mohammed Al Dukhainy, a spokesman for the ministry, told Arab News. The official said that it was a matter of concern that cyber crimes were now becoming more common. The Ministry of Education has been targeted a number of times in the past year. The hackers, who have referred to themselves as the True Promise Organisation, posted a picture of Lebanon's Hezbollah leader Hassan Nasrallah. Other official bodies to have suffered cyber attacks include the website of King Saud University and the Al Watan online news site. Earlier last year, the homepage of Riyad Bank, one of Saudi Arabia's largest financial institutions, was also hacked. However, the bank later said that none of its customer accounts ha

A U.S. Department of Homeland Security investigation dubbed "Operation eMule" has led federal agents to a pair of 22-year-old foreign-exchange students in Winona who are suspected to be part of a sophisticated cyber crime ring based in Vietnam that has been misusing the identities of countless Americans to bilk online retailers out of millions of dollars. "It's a big one," said Jason Calhoun, a fraud investigator with the Rosetta Stone language software company who has been working on the case with federal agents. Numerous major companies have been stung in the scam, including eBay, PayPal, Amazon, Apple, Dell and Verizon Wireless, according to federal court documents and Calhoun. Authorities say the operation is built around stolen identities that are used to open accounts with eBay, PayPal and U.S. banks. Through those accounts, the fraudsters sell popular, expensive merchandise at discounted prices. The sellers fill the orders by purchasing the goods from oth

Barack Obama Said - I love " The Hacker News " ! Lolz ! Don't get shocked guys , Mr. Barack Obama's official website is venerable with Cross site scripting (Xss). I was just surfing through his site, and as usual my mind said to check the site ! He..he..he..he - I got a bug and create this funny link - see here Link : Click Here

System administrators would surely want to forget the year 2010, which saw a sharp increase in the number of cyber attacks on Indian websites. According to Indian Computer Emergency Response Team (CERT-In), the defacement of websites with India specific domain '.in' tripled in 2010. Around 8,864 websites with domain name '.in' were defaced in 2010 (January to November period) as compared to around 3,000 in the same period in 2009 , CERT-In claims. In 2007, just 1,693 websites with '.in' domain were defaced. According to analysts, the rise in these incidents is because of poor security mechanisms adopted by individuals and small traders, who have been hosting their websites by themselves. Apart from the defacing websites, cyber attacks are now emerging as a new threat to the national security. In December, the website of Central Bureau of Investigation (CBI) was hacked by Pakistani hackers. In 2010, former National Security Adviser (NSA), Mr M.K. Narayanan, had said that Chinese hacke

Kerala Pradesh Congress Committee (KPCC)   website hacked By PakBugs ! The official website of the Kerala Pradesh Congress Committee (KPCC) was found hacked this evening with pro-Pakistan slogans appearing on it. According to Congress sources here, the hackers entered the website www.kpcc.org.in and put on it slogans denouncing the party and the father of the nation Mahatma Gandhi.    The content entered into the website by the hackers included a picture of Pakistan's founder leader MA Jinnah, KPCC sources said.   The KPCC would be lodging a complaint to the cyber cell of the police on the matter, sources said. Zone-h mirror :  https://www.zone-h.org/mirror/id/12838216

Popular Indian news portal www.indiablooms.com, the online version of the national news agency India Blooms News Service (IBNS), was hacked by the Pakistani hackers on Sunday afternoon. " Pakistani Hackers- Your site has been Hacked " said the redirected page of the site which was hacked around Indian time 330 pm. Later the site administrators restored the original index page, but the threat of another attempt looms large. The visitors of India Blooms were directed to the page of a menacing looking woman with a blue eye with some sentences at the bottom in green claiming the site has been hacked. " There was no security on your site, relax admin, nothing was deleted, is this what you call a security? " read the site, hosted by Servage, a hosting company based in Germany. Servage currently hosts 189837 websites. " Of later we face a regular attack from hackers, especially after the popularity of the site soared ," said S Dhar, one of the partners

U.S. intelligence agencies, the FBI, has asked all countries work together to jointly support track hackers who managed to paralyze the site Wikileaks 'enemy' Wikileaks. Reported by Yahoo News from the Smoking Gun website on Saturday (01.01.2011), FBI showed detailed written statement about the operation pro-Wikileaks tracking hackers. This operation will involve U.S. federal investigators in Europe, Canada and the U.S. alone. Along with the discovery of the evidence, the pro-Wikileaks hackers launched its action through the servers in those countries. Cyber attacks were launched from this month, along with the start of the launch of the CableGate documents on the site Wikileaks. This attack is only targeting sites that break with Wikileaks like PayPal, Visa and Mastercard. Mid-December, the FBI track the IP address of the hacker who is in Canada, and later the FBI also found a virtual server in Callifornia. At the same time, a separate investigation by German police show if attacks