The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Thousands of Bank of America customers' account information could be in jeopardy after a major security breach. Christy Clark went to a Royal Oak drug store Friday, but when her debit card was declined, she knew something was wrong. "I was very embarrassed," Clark said. She went straight to the Bank of America branch near 12 Mile Road near Woodward Avenue in Royal Oak to report the problem. When she arrived, she was surprised to see the lobby packed with customers who experienced the same issue. "When I entered the branch, that's when I realized this was a bigger problem," Clark told Local 4. Bank of America told Local 4 this involves more than $100,000 worth of transitions. Bank employees told Clark they issued a number of temporary debit cards to customers who discovered money was missing from their account. Two bank staffers said they were also victims of this crime. A spokesperson for Bank of America said they are trying to figure out exactly how widespread the problem is

XSS Vulnerability in   Zapak(gaming portal) by Milan Milo [ZHC]

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many approaches offer piecemeal solutions – zeroing in on one particular element of the evolving threat landscape challenge – missing the forest for the trees.  In the last few years, Exposure Management has become known as a comprehensive way of reigning in the chaos, giving organizations a true fighting chance to reduce risk and improve posture. In this article I'll cover what Exposure Management is, how it stacks up against some alternative approaches and why building an Exposure Management program should be on  your 2024 to-do list. What is Exposure Management?  Exposure Management is the systematic identification, evaluation,

Security Onion LiveDVD - Intrusion Detection for your Network ! The Security Onion LiveDVD is a bootable DVD that contains software used for installing, configuring, and testing Intrusion Detection Systems. Changelog: All Xubuntu 10.04 updates as of release date. Snort updated to 2.9.0.3. Suricata updated to 1.1beta1. Barnyard2 updated to 1.9 Stable. Vortex updated to 2.9.0. Installed OSSEC for host-based intrusion detection. Installed Squert web interface for Sguil. Installed Armitage GUI interface for Metasploit. Many improvements to Setup script for user-friendliness and capability Download Security Onion LiveDVD &  Presentation

Recently, Director of Information Technology, Per Kristensen stated that, a new type of the Qakbot virus appeared globally on March 15, 2011 and was observed in PCs in Nanaimo (Canada) at noon on March 16, 2011, as reported by Bclocal News on March 12, 2011. To safeguard important information about the city, the system was immediately put on a halt after the staff realized that the virus was swiftly circulating from PC to PC. Commenting on the matter, Per stated that, people can be sure that all their personal information and details are safe. He stated that, safeguarding their private information is their main concern. He added that, the city's system would not be turned on until they are sure that they sorted out the problem, as reported by Vancouver Sun on March 18, 2011. Kristensen stated that, the virus seems extremely complex, altering its signature to transfer through a computer various times. Kristensen stated that, the virus is classified as harmful and they are being

10 pakistan  sites defaced by Hell Hax0r ! Hacked sites : https://esonsind.com/ https://friendsofsialkot.com/ https://pakviewsports.com/ https://www.hard-safety.com/ https://www.badhawaind.com/ https://www.westwearco.com https://www.urbanwearintl.com https://www.kravmagasupplies.com https://lawsonsports.com/ https://www.tackisports.com/

We are pleased to announce the release of version 1.4 (yes 1.3 squeaked by without a blog post) of the Open Pentest Bookmarks Collection. They have added a  large  amount of community submissions, with the addition of  several new sections.  They have also moved around some of the bookmarks to better organize everything.  The new wiki entry should be a mirror of the file. To submit to the project, please use the wikipage at  https://code.google.com/p/pentest-bookmarks/wiki/BookmarksList / and post in the comments section. To download the file for import straight into Firefox or Chrome go here:  https://code.google.com/p/pentest-bookmarks/downloads/list

Google on Thursday patched six vulnerabilities in Chrome, and as usual, silently updated users' copies of the browser. The update to Chrome 10.0.648.204 also included two more blacklisted SSL certificates that may be related to last week's theft of nine digital certificates from a Comodo reseller. All six bugs were rated "high," Google's second-most-serious ranking in its threat scoring system. Of the half-dozen bugs, two were "use after free" flaws -- a type of memory management bug that can be exploited to inject attack code -- while a second pair were pegged by Google as "stale pointer" vulnerabilities, another kind of memory allocation flaw. As is Google's practice, the company locked down its bug-tracking database, blocking access to the technical details of the patched vulnerabilities. Google usually unlocks the bug entries several weeks, sometimes months later, to give users time to update before the information goes public. G

Nasa HaCkeD By The 077 & DinelSon Tunisian HaCker Hacked link by The 077 :  https://blogs.nasa.gov/cm/resource/1015442 Hacked link by DinelSon :  https://blogs.nasa.gov/cm/resource/1015440

Delhi University 's & Pakistani.pk  site is vuln to XSS ! angel (4d0r4b13) Found Xss cross site scripting vulnerability in Delhi University Website, as shown. vulnerable Link :  : https://du.ac.in/index. php?id=276&sitesearch=du.ac. in&client=pub- 017673838153185424638% 3Aoxnjzwaqtce&cof=FORID%3A10& ie=UTF-8&q=%22%3E%3Cscript% 3Ealert%28%22Vuln+found+by+ 4ng31+4k4+4d0r4b13..!+angelws+ here..!+enjoy....!+delhi+ university..!+hehe..!+%3D%29+% 3D%29+%3B%29+%22%29%3C% 2Fscript%3E and  https://pakistani.pk/?s=%22%3E%3Cscript%3Ealert%28%22angel%20w45%20here..!%20heheheh%20pakistani.pk%20vuln%20to%20xss%20yup%20it%20is//!%20greets:Indian%20r00ting%20w1z4rd5..!%20vuln%20found%20n%20executed%20by%20angel%204k4%204d0r4b13%22%29%3C/script%3E

Anonymous Open Letter to Citizens of United States of America ! Just Now another Open Letter by Anonymous hackers released on Twitter m as below : Dear US Citizens,                           We, Anonymous, would like to offer you, America, the opportunity to join and support our movement.We are a group that formed on the internet--one that knows no constructs or absolutes, and one that has recently grown exponentially. We would like to introduce an Operation. An Operation that involves Americans getting our Natural Rights and dreams back. Right now, you can help by passing on the Information. Information is Power. Share the Power of the Information with other like-minded individuals. The more people we represent, the more Power we have, both as individuals and as Anonymous. Thank you for your time and your Power.                                                                                                                                      - Anonymous CITIZENS OF THE UNITED S