The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

The Metropolitan Police were called in after vandals breached a database maintained by  St George's University of London medical school  and sent obscene mails to the users of the database. The emails claimed that the database was "closed due to Aids", and that university executive board members were involved in child pornography. The Guardian newspaper reported that the breach occurred last week in the Primary Care Electronic Library [PCEL] database, a list of UK based doctors and nurses. PCEL does not contain patient medical records. According to the university, only the PCEL database server was affected and not the main university server. Confidential details of partners, staff and students were not compromised.

POOLE-based cosmetics retailer Lush is back online after it was forced to suspend internet sales after hackers attacked its website. Lush closed the site last month and asked anyone who placed an online order between October 4 and January 20 to contact their bank in case their card details had been compromised. A temporary site was back up and running late on Friday, before the full website re-launches. Shoppers are now being directed away from the Lush site when they come to the checkout, making payments at the Worldpay site. An online message to shoppers reads: "You can shop with confidence knowing that your details will be safe. Meanwhile the rest of the site has been tested by external experts to check that our processes are all as secure as they can be." It adds: "Thank you all for coming back to us and trusting us to serve you again." Lush became aware that its security had been breached on Christmas Day and investigated, but only told customers on January 21 when it shut down i

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many approaches offer piecemeal solutions – zeroing in on one particular element of the evolving threat landscape challenge – missing the forest for the trees.  In the last few years, Exposure Management has become known as a comprehensive way of reigning in the chaos, giving organizations a true fighting chance to reduce risk and improve posture. In this article I'll cover what Exposure Management is, how it stacks up against some alternative approaches and why building an Exposure Management program should be on  your 2024 to-do list. What is Exposure Management?  Exposure Management is the systematic identification, evaluation,

Angel (4d0r4b13) help Admin to fix vulnerabilities of Website ! Mr. Nitin , owner of websites  https://www.lohchab.in/ and https://site2sms.com/  has email us and inform that recently his website was got hacked and after that Mr. Angel (4d0r4b13) , an Indian Hacker help him to find and Patch vulnerabilities in his site. The Personal Suggestion to all Hackers from ' The Hacker News ', that rather than wasting time on hacking others site,Help admins to find and Fix the venerabilities.That will be best use of your knowledge and help in securing your own country. 

Ankit Fadia ( Ethical Hacker and Cyber Security Expert ) is also Not Secure ! Ankit Fadia, 21 years old, is an independent computer security and digital intelligence consultant with definitive experience in the field of Internet security based out of the Silicon Valley in California, USA. He has authored 11 internationally best-selling books on numerous topics related to Computer Security that have been widely appreciated by both professionals and industry leaders the world over. Now the question raised that, is Mr. Ankit Fadia is Secured ? We have Notice that lots of Hackers from various countries are able to access his Site & Ftp , Even some of them are just only 15 years old. Last Days some images was uploaded on Facebook by some hackers, which shows that they access Ankit's Official Website and Ftp. Even they 'Root' The Server via uploading Shell . The guy who earn crores from Seminars ,is he can't audit his own security and can't afford a secure and

A Texas man has admitted hacking into servers owned by an e-commerce company and making off with about $275,000. Jeremey Parker of Houston also copped to charges of breaking into servers maintained by NASA's Goddard Space Flight Center in Maryland and causing some $43,000 of damage. The hacking spree spanned a 10-month stretch starting in December 2008 with the breach of systems owned by SWReg. A subsidiary of Digital River of Minnesota, the company manages royalties for independent software developers. "Parker hacked into SWReg's system, created the money by crediting the SWReg accounts, and then caused that money to be wire transferred to his bank account instead of the accounts of several developers," a press release issued by the US Attorney's office in Minnesota said. The NASA servers Parker hacked gave paying members of the scientific community access to oceanic data being sent to Earth from satellites. Eventually, the data was made available to everyone. Parker

Twitter post suggests 'The Jester' may have been responsible for knocking controversial church offline A Twitter message from Monday suggests that a seld-proclaimed "hacktivist" using the handle The Jester may have been responsible for knocking the controversial Westboro Baptist Church offline. In the  message , the hacker claimed to have temporarily taken down the public website of the church "for celebrating the death of U.S. troops." The message, however, made no direct mention if The Jester (@th3j35t3r onTwitter) was also responsible for the unavailability today of several other websites affiliated to the WBC. Members of the WBC church, based in Topeka, Kan., are known for their strident anti-gay views and for protests at funerals of slain military personnel and others. Last week, someone purporting to be from the hacking collective known as Anonymous, posted a letter on an Anonymous site, warning WBC members of attacks against their church public webs

The Libyan government could pull the plug on the country's internet as protests sweep the country. On Friday and Saturday night the country experienced a near black-out, with continued patchy access this week, according to a  Google Transparency Report . Libya has had periods of partial or total unreachability through the weekend. The first night's internet blackout was repeated 24 hours later, with all prefixes unreachable from 1am to just after 8am Sunday morning, said James Cowie from internet monitoring firm Renesys. "At the moment, however, the Libyan prefixes are reachable, traceroutes inbound are completing at normal rates, and key commercial and government websites that we spot-check are responding normally," James Cowie wrote in a  blog post . Libya's access to the international internet is controlled by a single company, which is run by the state,  Cowie told CNN . That would make it easier, in theory, for the country to shut down internet connections 

The government today said 199 government websites have been defaced by foreign hackers in the last six months.  "The website of Central Bureau of Investigation (CBI) was defaced by a foreign hacker "Pakistan Cyber Army" on December 3, 2010. In addition to this, a total of 198 government websites were defaced by foreign hackers in the past six months," Minister of State for Communications and IT Gurudas Kamat said in a written reply to the Lok Sabha.  He added that several measures have been taken to detect and prevent cyber attacks.  This includes audit of all new government websites and applications and engaging National Informatics Centre (NIC) to improve safety posture etc.  Replying to another query, Kamat said a total of 420 cases were registered under the IT Act 2000 in 2009.  "A total of 217, 288 and 420 cases were registered under IT Act, 2000 during 2007, 2008 and 2009 respectively, thereby showing an increasing trend.  A total of 339, 176 and 276 case

#anonsec : Anonymous Hackers guide how to Mesh Network ! They Wrote the message : Yes, there is work to do. The idea is to write a how-to on building mesh networks. The n00bs must understand it. Mesh networks are usefull, as they cannot be censored nor shut down. Later on that How-to can become part of Anonymous' uber-secret handbook regarding safety. Version 0.2.0, a downloadable .pdf, can be found there https://goo.gl/SuY0f . Join irc.anonops.ru #anonsec where you find the mesh pad link in the /topic.

Indishell (Indian Hacking Group) Got Hacked By N3t.Crack3R  (Pakistani Hacker) ! Indishell 's Official website Hacked By XSS attack , their forum member ' Chai ' (N3t.Crack3R) . This Hack can be seen within restricted login area so there is no ' zone-h ' Mirror, But ' N3t.Crack3R ' make a video of this hack. Download the Video : Click Here   (File size: 507.47 KB) Note : (Reload Page if 1st time you got error "File Temporarily no avaiblable")

Insecure Magazine :  Issue 28 available for Download ! Database protocol exploits explained Review: MXI M700 Bio Measuring web application security coverage Inside backup and storage: The expert's view Combating the changing nature of online fraud Successful data security programs encompass processes, people, technology Sangria, tapas and hackers: SOURCE Barcelona 2010 What CSOs can learn from college basketball Network troubleshooting 101 America's cyber cold war RSA Conference Europe 2010 Bootkits - a new stage of development Download

Watcher is a Web security testing tool and passive vulnerability scanner. This tool is in continues development and has updated it features and capabilities. Watcher is a runtime passive-analysis tool for HTTP-based Web applications. Being passive means it won't damage production systems, it's completely safe to use in Cloud computing, shared hosting, and dedicated hosting environments. Watcher detects Web-application security issues as well as operational configuration issues. Watcher provides pen-testers hot-spot detection for vulnerabilities, developers quick sanity checks, and auditors PCI compliance auditing. It looks for issues related to mashups, user-controlled payloads (potential XSS), cookies, comments, HTTP headers, SSL, Flash, Silverlight, referrer leaks, information disclosure, Unicode, and more. Major Features: Passive detection  of security, privacy, and PCI compliance issues in HTTP, HTML, Javascript, CSS, and development frameworks (e.g. ASP.NET, JavaServer) Wor

HACKERS brought down a website for a health trust serving 700,000 NHS patients in Dorset. The attack, which disabled the site over the weekend, blocked access to the Dorset HealthCare University NHS Foundation Trust website. The trust provides treatment for mental health issues, addiction, dentistry, and some primary care services to patients across the county. Hackers posted a message on the site which read: "Don't mess with me. Site totally hacked" and a cartoon image of a penguin emerging from a shattered computer screen carrying a gun. A jumbled message posted by the hacker on the trust's website read: "You call this security. You must be kidding. If you don't want to get into trouble, patch your admin." Dr Paul Ton de Vrieze, a lecturer in web systems and technologies at  Bournemouth University , said such attacks were often made only for the hacker's satisfaction. "Sometimes people hack sites for their own bravura. They think it is fun to do and show the world that they are abl

Kaspersky Lab has released its forecast for the IT threat landscape for this decade (2011 – 2020). Kaspersky bases this forecast on an analysis of the main changes and issues in the sphere of IT security over the past decade, as well as emerging trends in the development of personal computers, mobile phones and operating systems. According to the company's analysts, the most significant trends of the last ten years (2001-2010) were: Mobility and miniaturisation . Smaller and smaller devices can now access the Internet from virtually any point on the globe; making wireless networks the most popular method of connecting to the web. The transformation of virus writing  into cybercrime (Crime committed using a computer and the internet to steal a person's identity, sell contraband, stalk victims or disrupt organisations with malevolent programs). Windows maintaining its leading position  as a vendor of operating systems for personal computers. Intense competition in the mobile platfor

It's gigantic ! It can handle over 100 simultaneous touch points! It has a curvature of 135 degrees! And best of all, it is NOT the newest, insanely expensive gadget to hit the market. Instead, this touchscreen was hacked together with a bunch of PCs, video cameras, projectors and cheap infrared illuminators at the University of Groningen, in the Netherlands. It works like this: "The cameras, illuminators and projectors are all placed behind a large, cylindrical screen (formally used as a 3D theater). Due to the diffuse layer on the front side of the screen, the cameras cannot see clearly through the screen, however whenever someone touches the screen, enough of the infrared light is reflected back to see the tip of the finger. The difference is very small (on a scale of 0-255 the difference is only 2 or 3), but still big enough to be seen by the computers that analyze the images from the cameras." The display is used to teach mathematics and computer science students

Many celebrities have fallen prey to Internet pranksters and the latest name added to the list is reality TV star Kim Kardashian, whose Twitter account has been hacked. The 30-year-old socialite has appealed to bosses of the microblogging site to restore the security of her account after she discovered that an imposter had sent fake tweets on her behalf." My twitter has been hacked! Twitter help!!!! I can sign on from my phone app but no where else and see some fake tweets here (sic), " wrote the 30-year-old on her Twitter page." Twitter please help me get my password back! How is it that I can tweet from my cell but my home computer says wrong password! Hacked (sic), " she wrote in a post.Her sister Kourtney added, " Some stalker hacked Kim Kardashian twitter and email... So just beware of her tweets. " Stars who fell victim to Twitter hackers recently are Selena Gomez, rapper Swizz Beatz and British funnyman Matt Lucas.

Anonymous Hackers Call United Nation (UN) for their Responsibilities Regarding Libya ! NOTE :  One More Press Released By Anonymous Hackers on there official site/Facebook/Twitter. We are Publishing This news, just as the Media of "Hacking Field" . These is No relation b/w 'The Hacker News' & 'Anonymous Hackers'. In their Press Release They wrote : Call the responsibilities of the UN Dear United Nations:   Anonymous wishes you to act.   We are watching the developments in Libya and are shocked. Shocked by the images we've seen. Shocked by the things Libya's Anons have told us. Shocked by the fact that one man ignores the voices of his citizens and opens fire on them. Shocked by the fact that even with generals and diplomats deserting, this man is still ignoring the will of his people and unwilling to accept their human rights People ought not have to fear their leaders; leaders ought to fear their people. In too many places, though, this is cur