The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Federal authorities are investigating a computer advance at the aggregation that runs the Nasdaq banal exchange, the Wall Street Journal arise Friday. According to the report, which cites bearding sources, Nasdaq OMX Group computers were compromised ancient over the accomplished year, but the company's trading belvedere was unaffected. "So far, [the perpetrators] arise to accept aloof been attractive around," the Journal quotes one antecedent as saying. Nasdaq OMX Group runs a cardinal of banal exchanges, including the U.S. Nasdaq, and exchanges that barter in Copenhagen, Stockholm, Helsinki, and the Baltic region. The analysis is actuality conducted by the U.S. Federal Bureau of Analysis and the U.S. Secret Service, the address states. Nasdaq assembly could not be accomplished anon for comment. Hacking incidents like this are acceptable added common, as boundless e-mail and Web-based computer attacks abide to beat workers in corporations and in government. In som

Creators of a affected dating armpit accept taken claimed advice from 250,000 Facebook profiles - and reproduced it after the ability of the associates of the accepted amusing networking site. Lovely-faces.com uses the names and photos of Facebook associates and again gives users the advantage to 'arrange a date' with the biting volunteers - which leads them to the aboriginal contour folio of the person. The aimless bodies accept been aggregate into adulatory categories, such as 'Smug Women' and 'Climber Men', which are advised alone by their appearance. The database can be searched by nationality, gender or by character. Users can additionally vote to adjudge what anniversary being is like and amount how 'cool' they are. The creators, Paolo Cirio and Alessandro Ludovic, accept dedicated their armpit by claiming it is an art activity and they are alone accumulative the aperture of aloofness acceptable by Facebook. 'Facebook, an endlessly

Follow this real-life network attack simulation, covering 6 steps from Initial Access to Data Exfiltration. See how attackers remain undetected with the simplest tools and why you need multiple choke points in your defense strategy. Surprisingly, most network attacks are not exceptionally sophisticated, technologically advanced, or reliant on zero-day tools that exploit edge-case vulnerabilities. Instead, they often use commonly available tools and exploit multiple vulnerability points. By simulating a real-world network attack, security teams can test their detection systems, ensure they have multiple choke points in place, and demonstrate the value of networking security to leadership. In this article, we demonstrate a real-life attack that could easily occur in many systems. The attack simulation was developed based on the MITRE ATT&CK framework, Atomic Red Team,  Cato Networks ' experience in the field, and public threat intel. In the end, we explain why a holistic secur

One of the most famous network logon cracker - THC-HYDRA, has been updated! We now have THC-HYDRA version 6.1 in less than a fortnight! "THC-HYDRA is a very fast network logon cracker which support many different services. This tool is a proof of concept code, to give researchers and security consultants the possibility to show how easy it would be to gain unauthorized access from remote to a system. It was tested to compile cleanly on Linux, Windows/Cygwin, Solaris, FreeBSD and OSX." This is the change log: More license updates for the files for the debian guys Fix for the configure script to correctly detect postgresql Add checks for libssh v0.4 and support for ssh v1 Merge all latest crypto code in sasl files Fix SVN compilation issue on openSUSE (tested with v11.3) Download THC-HYDRA v6.1

The Google Hacking Diggity Activity is a analysis and development action committed to investigating the best recent techniques that advantage chase engines, such as Google and Bing, to bound analyze accessible systems and acute abstracts in accumulated networks. The activity folio contains downloads and links to our best recent Google Hacking analysis and chargeless aegis tools. Defensive strategies are additionally introduced, including avant-garde solutions that use Google Alerts to adviser your arrangement and systems. With the retirement of Google's SOAP Chase API on September 7, 2009, best of the aegis utilities accessible for Google Hacking cease to function, abrogation the aegis industry with a charge for fresh and avant-garde tools. GoogleDiggity is a fresh MS Windows command band account advised to advice ample that need. GoogleDiggity leverages the Google AJAX API, so it will not get you blocked by Google bot apprehension while scanning. Also, clashing added Google Hacking

This story was sent to us by email from Luca Fenochietto himself, in which he tries to get his side of the story out there which may well be the truth. The full story goes like this: The Last Friday 21st January, Christian Russo and his partner Luca Fenochietto discovered a vulnerability in  PlentyOfFish  exposing users details, including usernames, addresses, phone numbers, real names, email addresses, passwords in plain text, and in most of cases, paypal accounts, of more than 28,000,000 (twenty eight million users). This vulnerability was under active exploitation by hackers. Their team decided to notify Mr. Markus Frind (founder and CEO of PlentyOfFish Inc.) about these circumstances as soon as possible in order to stop any potential damage which could be done, by the exploitation of this vulnerability. The flaw was reported the same night to Annie Kanciar, his wife, who was very thankful with us, and contacted one of their developers in order to inform about this flaw. The vulner

One affair about The Daily that ashamed me from the additional I aboriginal laid eyes on the iPad bi-weekly that launched bygone is that there is no one abode area you can see a simple account of every news in the issue. There is a table of contents, but it shows alone ten featured stories. Like any acceptable hack, The Daily: Indexed creates a affection that is missing from the aboriginal but is acutely needed. The Tumblr blog put calm by Andy Baio creates a complete table of capacity for The Daily. The Daily: Indexed is causing a activity because The Daily is a subscription-only advertisement meant to be apprehend on the iPad. The Daily's website is not abundant added than brochureware for the iPad app at this point, but there is a backdoor to every story. Whenever a subscriber shares a news via email, Twitter, or Facebook from their iPads—like this one about Amish raw milk smugglers—the recipients get a articulation to the news on thedaily.com. You can't acquisition these belief b

Flickr initially said that it had assuredly deleted Mirco Wilhelm's five-year old account, but a day afterwards said that it has absolutely adequate the photo collection. It's every Flickr user's affliction nightmare: one day you login to acquisition your accumulating of bags of anxiously organized photos acquire vanished. Permanently. That's absolutely what happened this anniversary to Mirco Wilhem. When Wilhelm, a five-year affiliate of the Yahoo-owned photo-sharing website, approved to log in to his annual he was denied admission and instead prompted to actualize a fresh account. An e-mail from Flickr eventually accepted his fears: Hello, Unfortunately, I have mixed up the accounts and accidentally deleted yours. I am terribly sorry for this grave error and hope that this mistake can be reconciled. Here is what I can do from here: I can restore your account, although we will not be able to retrieve your photos. I know that there is a lot of history on your account–again, pl

A small study by a trending company shows that Facebook addiction is one of the fastest growing searches related to addiction. It is more popular than searches for sex or cigarette addiction. While we already knew that social networks like Facebook produce drugged-up, sex-crazed teenagers, new research shows that Facebook addiction may be soon be more prevalent than offline addictions like sex. The Internet Time Machine, a company that searches for trends across the Web through its extensive cloud computing network, is reporting that Facebook may be more popular than sex. Addiction to social media, specifically Facebook, is one of the top ranked digital addictions, says the trending company. More people are searching for help with Facebook addiction than sex addiction. "The rise of social media and the fear/need to be in constant contact with status updates and tweets has created a problem for people with addictive personalities," says ITM. "The fact that accessing Facebook is so

450 Global Training Centers Nominated, 25 Selected Worldwide, 8 in the USA, 1 in St. Louis (February 2, 2011) St.  Louis, MO – Hacker University is pleased to announce it has been asked by EC-Council, the leading international certification body in information security, to participate in the Global Launch of CEH v7 - the most advanced information security and ethical hacking training program in the world which is not yet publicly available. Only 15 students will be allowed to attend this exclusive, cutting-edge class the week of March 14, 2011 in St. Louis – becoming one of the world's first CEH v7 certified professionals. Hacker University's Global Launch instructor and co-owner, Dave Chronister, is thrilled to be a part of this revolutionary event. "I am excited at the universal recognition this event brings the city of St. Louis as well as Hacker University. CEH version 7 breaks away from its earlier releases with more emphasis on techniques and methodologies hackers use to car

Apparently, one guy managed to hack into social gaming giant Zynga. It transferred 400 billion (!) Poker chips virtual about him and began to sell on the black market. (Yes, apparently, is there a black market for virtual Zynga Poker Chips.) They were worth about $ 12 million. This is how the man was called and has since pleaded guilty and will probably serve a long prison sentence (he was on parole for a first offense of piracy related). Interestingly, there was a debate in the British court, where he was prosecuted for piracy, which is really the flight because of poker chips are good virtual, virtual, and Zynga can create as many as he wants. The Court responded by saying that yes, virtual goods are treated as property and add chips to your account amounts to theft. What we want to know is how the guy managed to hack Zynga, and what they do to ensure it does not recur. We asked for details Zynga and will keep you updated if we learn more. We just ask rogue hackers do not disru

Google will pay $ 20,000 for the first scientist who succeeds in its Chrome browser to exploit this year's competition Pwn2Own piracy. The price is the largest ever to face the annual challenge, which begins for the fifth time in the CanSecWest security conference in Vancouver, British Columbia, March 9. In Pwn2Own this year, researchers sky exploits against machines running Windows 7 or Mac OS X, as they try to download Microsoft Internet Explorer, Mozilla Firefox, Apple Safari and Chrome. The researchers first to hack IE, Firefox and Safari will receive $ 15,000 and the computer running the browser. Prices are $ 5,000 higher than those given for the use of browsers in the last contest Pwn2Own, and three times the 2009 price. "We've raised the bar this time and the total allocated to cash prices rose to a whopping $ 125,000," said Aaron Portnoy, director of HP TippingPoint Security Research Team. TippingPoint, which is once again sponsoring Pwn2Own, set th

Uttar Pradesh Anti Terrorist Squad will investigate piracy Ballia-Etawah Gramin Bank site would have been committed by a Pakistani organization, a police official said today. The survey was delivered to the ATS unit Varanasi as it was a case of cyber crime and there is a suspicion on the involvement of hackers based in Pakistan, said district SP Ram Swaroop here. A message was posted to the website of the bank for a night of self-proclaimed Pakistan. "The bank's site has been hacked ... This is just a trailor ... I'll show you a perfect film," the website message-balls Etawah graminea Bank said, according to police. . "We Luv break the tight security, therefore, the hackers were invited to the Indians ... my next bank target sites if you can not store Gud Luck -.. cyber barrier of Pakistan," the message said. anonymous caller informed the Director-General and banking graminea, Anil Prakash on the message on its website.