The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

What is Wireshark? Wireshark is the world's most popular network protocol analyzer. It is used for troubleshooting, analysis, development and education. What's New Bug Fixes The following vulnerabilities have been fixed. See the security advisory for details and a workaround. o Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered that Wireshark could free an uninitialized pointer while reading a malformed pcap-ng file. (Bug 5652) Versions affected: 1.2.0 to 1.2.14 and 1.4.0 to 1.4.3. CVE-2011-0538 o Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered that a large packet length in a pcap-ng file could crash Wireshark. (Bug 5661) Versions affected: 1.2.0 to 1.2.14 and 1.4.0 to 1.4.3. o Wireshark could overflow a buffer while reading a Nokia DCT3 trace file. (Bug 5661) Versions affected: 1.2.0 to 1.2.14 and 1.4.0 to 1.4.3. CVE-2011-07

Google has just acquired a small German software company called Zynamics. The company, which was founded in 2004, focuses on reverse engineering — that is, analyzing software (malware in particular) for which no source code is available. It's an incredibly interesting and complicated problem to try to solve, which makes the Zynamics team and product a perfect fit for Google, a company that's known for tackling interesting and complicated problems. A Google rep said in an e-mail, "We're delighted to have the Zynamics team aboard and hope their tools and skills in fighting malware will help us better protect Google's users." While we're not completely sure what the fate of the company will be, we do know that its goals and expertise line up particularly well with Google's aims in online security. Currently, Zynamics's offerings focus on the needs of information security specialists and malware analysts. Its products are allegedly both innovative and time-saving. The company's

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many approaches offer piecemeal solutions – zeroing in on one particular element of the evolving threat landscape challenge – missing the forest for the trees.  In the last few years, Exposure Management has become known as a comprehensive way of reigning in the chaos, giving organizations a true fighting chance to reduce risk and improve posture. In this article I'll cover what Exposure Management is, how it stacks up against some alternative approaches and why building an Exposure Management program should be on  your 2024 to-do list. What is Exposure Management?  Exposure Management is the systematic identification, evaluation,

A letter to all Anonymous from Anonymous Hackers : Operation shutdown ! A letter released by Anonymous Hackers for all Anonymous .... as shown below : Anonymous We are anonymous, and we are Legion, for every one of us you find, and everyone you manage to take down, ten shall take his place, we do not forgive, we are many and therefor can't forget. We have conflicting goals and wants, yet we act as one, therefor we are the face of chaos, we are the perfect observer, composed of people from every standpoint and therefor impartial and the only true Harbingers of judgment.  We laugh in the face of tragedy, we mock those in pain, we ruin the lives of other people simply because we can, these things we do for the lolz and we do them with no remorse, no caring, no love, and no sense of morality, we attack all things in this way, we can, we will, and we have destroyed countless that stand to harm anonymous. Our power lies with our numbers. We choice to use loic in our attacks. We do

Nessus 4.4.1 Latest Version Download ! New in this version: Scan Scheduling Nessus 4.4 lets you configure scans to run periodically on a daily/weekly/monthly basis. Configure your scans and let Nessus start them at the most appropriate time Enhanced Reporting Nessus 4.4 lets you compare different scans. It also contains two new report templates: "Executive" and "Detailed". Reload plugins during a scan Nessus 4.4 can reload its plugins and configuration files while scans are on-going. No need to interrupt any scan to make use of the newest plugins distributed through the ProfessionalFeed. Lower memory requirements Nessus 4.4 reduces the per-scan memory requirements to half of what the previous version required. The idle size of the Nessus process can be further reduced by changing the backend memory requirements in the configuration file Download : Cilck Here

Beware : Php Shell By Trick (TeaMp0isoN) was a  Back-doored Shell ! Today we got an email from Pak Cyber Army as shown above...,They Provide us a report also in attachment regarding the  TeaMp0isoN Shell - Private Build [BETA] - v0.1  , Few days back Trick have submit us a own made private shell to publish. But Today PCA email us and show that proofs that this shell is modified form of  FX29 Shell  ( FaTaLisTiCz_Fx Fx29Sh 2.0.09.08 ). , They also said that Trick Include a Backdoor in this shell,So Beware to use this shell > Please Don't Use that shell, Other wise your ftp may be hacked. Here is Trick 's Shell : Click Here Here is FaTaLisTiCz_Fx Fx29Sh 2.0.09.08 Shell : Click Here Fx29 shell Pic :   Trick's Shell pic : Encoded Code, that has been decoded in above pics Code Comparison of Both Shells News Source :  Pakistan Cyber Army

Google Chrome browser version 9.0.597.107 Released and fixes 19 security vulnerabilities ! Google has released version 9.0.597.107 of its Chrome browser, which fixes a total of 19 security vulnerabilities, 16 of them rated as high risk. It was, for example, possible to crash the browser using JavaScript dialogs and SVG files, or to use the address bar for URL spoofing. Also fixed is an integer overflow when handling text areas. As ever, Google is keeping full details of the vulnerabilities under wraps until the bulk of users have switched to the new version. Google's rewards programme pays discoverers of vulnerabilities up to $1,000. Google paid out a total of $14,000 for this particular update. In total, its security bug bounty programme has now paid out more than $100,000. Chrome 9.0.597.107 is available to download for Windows, Mac OS X and Linux from google.com/chrome. Users who currently have Chrome installed can use the built-in update function by clicking Tools, selec

London Stock Exchange website gets hacked with Malware Ads ! THE LONDON STOCK EXCHANGE (LSE) website has been bombarded with fake insecurity software adverts that point to malware. It seems that dodgy security ads have been unknowingly hosted at the LSE website for at least a few months. An analysis of the website revealed that 363 pages had unwittingly hosted the malicious ads over a 90 day period. The LSE told the BBC that the website has now been given a clean bill of health and it suspects that adverts provided by a third party were responsible for the malware. Insecurity expert Paul Mutton ran analyses on the website after clicking on the dodgy links yesterday. Apparently the target website was blocked by Firefox but Mutton got infected through Google's Chrome web browser, in which he was hit with a ridiculous number of pop up ads. Using Google's safe browsing scheme to scan for suspicious code, Mutton found that the LSE website had been listed as hosting dodgy adv

Albanian Cyber Army Hack into Digitalb.al & Top-channel.tv ! Shell on  Top-channel.tv Shell on  Digitalb.al News Source : Albanian Cyber Army

Cairo - Anti-government activists Tuesday accused supporters of Libyan leader Moamer Gaddafi of hacking websites reporting on Libya's pro-democracy demonstrations. In a message posted on the website of Quryna newspaper, activists accused Gaddafi of hacking their sites. 'The Gaddafi regime shut down all Libyan websites that carry the truth of what is happening in Libya, such as Quryna because Saif al-Islam lost control over it,' said the message. The paper, based in the eastern city of Benghazi where protesters seized control, has close ties to Gaddafi's son Saif al-Islam. ' This is why we the youth of February 17 revolution will respond to this strike by regaining control over the sites and close pro-Gaddafi lying websites including the Libyan news agency ,' read the message.

Vulnerability in Dtdc.com and Hrithik 's Website Sqli Vulnerably in  Dtdc.com as shown Below : They Also found Xss on  Hrithik Roshan's Official Website  https://www.hrithikrules.com/ :