The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Insecure Magazine :  Issue 28 available for Download ! Database protocol exploits explained Review: MXI M700 Bio Measuring web application security coverage Inside backup and storage: The expert's view Combating the changing nature of online fraud Successful data security programs encompass processes, people, technology Sangria, tapas and hackers: SOURCE Barcelona 2010 What CSOs can learn from college basketball Network troubleshooting 101 America's cyber cold war RSA Conference Europe 2010 Bootkits - a new stage of development Download

Watcher is a Web security testing tool and passive vulnerability scanner. This tool is in continues development and has updated it features and capabilities. Watcher is a runtime passive-analysis tool for HTTP-based Web applications. Being passive means it won't damage production systems, it's completely safe to use in Cloud computing, shared hosting, and dedicated hosting environments. Watcher detects Web-application security issues as well as operational configuration issues. Watcher provides pen-testers hot-spot detection for vulnerabilities, developers quick sanity checks, and auditors PCI compliance auditing. It looks for issues related to mashups, user-controlled payloads (potential XSS), cookies, comments, HTTP headers, SSL, Flash, Silverlight, referrer leaks, information disclosure, Unicode, and more. Major Features: Passive detection  of security, privacy, and PCI compliance issues in HTTP, HTML, Javascript, CSS, and development frameworks (e.g. ASP.NET, JavaServer) Wor

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many approaches offer piecemeal solutions – zeroing in on one particular element of the evolving threat landscape challenge – missing the forest for the trees.  In the last few years, Exposure Management has become known as a comprehensive way of reigning in the chaos, giving organizations a true fighting chance to reduce risk and improve posture. In this article I'll cover what Exposure Management is, how it stacks up against some alternative approaches and why building an Exposure Management program should be on  your 2024 to-do list. What is Exposure Management?  Exposure Management is the systematic identification, evaluation,

HACKERS brought down a website for a health trust serving 700,000 NHS patients in Dorset. The attack, which disabled the site over the weekend, blocked access to the Dorset HealthCare University NHS Foundation Trust website. The trust provides treatment for mental health issues, addiction, dentistry, and some primary care services to patients across the county. Hackers posted a message on the site which read: "Don't mess with me. Site totally hacked" and a cartoon image of a penguin emerging from a shattered computer screen carrying a gun. A jumbled message posted by the hacker on the trust's website read: "You call this security. You must be kidding. If you don't want to get into trouble, patch your admin." Dr Paul Ton de Vrieze, a lecturer in web systems and technologies at  Bournemouth University , said such attacks were often made only for the hacker's satisfaction. "Sometimes people hack sites for their own bravura. They think it is fun to do and show the world that they are abl

Kaspersky Lab has released its forecast for the IT threat landscape for this decade (2011 – 2020). Kaspersky bases this forecast on an analysis of the main changes and issues in the sphere of IT security over the past decade, as well as emerging trends in the development of personal computers, mobile phones and operating systems. According to the company's analysts, the most significant trends of the last ten years (2001-2010) were: Mobility and miniaturisation . Smaller and smaller devices can now access the Internet from virtually any point on the globe; making wireless networks the most popular method of connecting to the web. The transformation of virus writing  into cybercrime (Crime committed using a computer and the internet to steal a person's identity, sell contraband, stalk victims or disrupt organisations with malevolent programs). Windows maintaining its leading position  as a vendor of operating systems for personal computers. Intense competition in the mobile platfor

It's gigantic ! It can handle over 100 simultaneous touch points! It has a curvature of 135 degrees! And best of all, it is NOT the newest, insanely expensive gadget to hit the market. Instead, this touchscreen was hacked together with a bunch of PCs, video cameras, projectors and cheap infrared illuminators at the University of Groningen, in the Netherlands. It works like this: "The cameras, illuminators and projectors are all placed behind a large, cylindrical screen (formally used as a 3D theater). Due to the diffuse layer on the front side of the screen, the cameras cannot see clearly through the screen, however whenever someone touches the screen, enough of the infrared light is reflected back to see the tip of the finger. The difference is very small (on a scale of 0-255 the difference is only 2 or 3), but still big enough to be seen by the computers that analyze the images from the cameras." The display is used to teach mathematics and computer science students

Many celebrities have fallen prey to Internet pranksters and the latest name added to the list is reality TV star Kim Kardashian, whose Twitter account has been hacked. The 30-year-old socialite has appealed to bosses of the microblogging site to restore the security of her account after she discovered that an imposter had sent fake tweets on her behalf." My twitter has been hacked! Twitter help!!!! I can sign on from my phone app but no where else and see some fake tweets here (sic), " wrote the 30-year-old on her Twitter page." Twitter please help me get my password back! How is it that I can tweet from my cell but my home computer says wrong password! Hacked (sic), " she wrote in a post.Her sister Kourtney added, " Some stalker hacked Kim Kardashian twitter and email... So just beware of her tweets. " Stars who fell victim to Twitter hackers recently are Selena Gomez, rapper Swizz Beatz and British funnyman Matt Lucas.

Anonymous Hackers Call United Nation (UN) for their Responsibilities Regarding Libya ! NOTE :  One More Press Released By Anonymous Hackers on there official site/Facebook/Twitter. We are Publishing This news, just as the Media of "Hacking Field" . These is No relation b/w 'The Hacker News' & 'Anonymous Hackers'. In their Press Release They wrote : Call the responsibilities of the UN Dear United Nations:   Anonymous wishes you to act.   We are watching the developments in Libya and are shocked. Shocked by the images we've seen. Shocked by the things Libya's Anons have told us. Shocked by the fact that one man ignores the voices of his citizens and opens fire on them. Shocked by the fact that even with generals and diplomats deserting, this man is still ignoring the will of his people and unwilling to accept their human rights People ought not have to fear their leaders; leaders ought to fear their people. In too many places, though, this is cur

BackTrack 5 ( BT5 ) Coming Soon ! We're behind schedule with BackTrack 5 , but are working hard to make up for lost time. We thought we'd post a few pictures for your enjoyment of the development BT5 ISO we're working on. The screenshots were taken on a 2.6.38-rc5 kernel. The screenshot above is of the KDE 4 theme currently in development. The screenshot above is of the current OSSIM compatible menu structure (WIP). The screenshot above is of working IEEE r8187 drivers on our new kernel. Take into account that many things may and will change in terms of appearance – these are initial mockups are are creating for various environments. Final release in a couple of months at least. News Source : BackTrack

" OllyDbg is a 32-bit assembler level analysing debugger for Microsoft ®  Windows ® . Emphasis on binary code analysis makes it particularly useful in cases where source is unavailable . " Version 2.01 alpha 2 is an intermediate functional release with many new useful features. The most important novelty is that   this version is compatible with Windows 7 . I have tested it under Win7 Home Premium 32-bit. If you find any problems, please inform me immediately. Don't forget to add the screenshot of the Log window. Other improvements: - Aware of avast! antivirus and modifications it makes to the PE header;   - .NET analysis, very rough yet. .NET debugging is not supported, but at least I can disassemble CIL and parse .NET st reams; - Speech API support. You need SAPI 5.0 or higher installed on your computer. Open Options, select Text-to-speech and check "Activate text-to-speech"; - List of found switches; - List of referenced GUIDs. Internal database keeps ca.

This project was originally unveiled at the recently concluded  ShmooCon . It shows a lot of promise and the authors two years of study and experimentation. The name is  Ubertooth. Ubertooth is an open source 2.4 GHz wireless development platform suitable for passive bluetooth monitoring. It aims to be the world's first open source and affordable bluetooth monitoring and development platform. In reality, the commercial equivalents of such tools are available for 10000$ and above! Since it's inception from almost two years ago, there are two version (both open source) of the Ubertooth platform (if we may call it!). They are as follows: Ubertooth Zero : It was a low power (comparable to a Class 3 bluetooth device) USB dongle, and the first working prototype hardware platform of Project Ubertooth. It has since been superseded by Ubertooth One. Ubertooth One : It is a smaller, higher power (comparable to a Class 1 bluetooth device) USB dongle and is the next generation hardware platform