The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Android users who download a pirated copy of the Walk and Text app are strolling smack into trouble. The rogue app, called Android. Walkinwat, is a corrupted version of the legitimate Android Walk and Text app, the security firm Symantec reported. Walk and Text, which can be found in many third-party app stores in North America and China, uses a smartphone's camera to show users what's in front of them as they're walking and texting. Once Walkinwat is downloaded, a dialogue box appears on the user's phone that, according to Symantec, "gives the appearance that the app is in the process of being compromised or cracked, when, in fact, the app is gathering and attempting to send back sensitive data (name, phone number, IMEI information, etc.) to an external server." This is far from the first instance of a corrupted Android app that harvests user data; in early March, a rogue piece of software called DroidDream was found in 58 apps, which were downloaded more than 200,000 times befor

A hacker stole the credit card details of over 800 members of the IEEE (Institute of Electrical and Electronics Engineers) last December, according to its law firm. A team of IEEE-appointed forensic investigators "concluded that a file containing customer credit card information had been deleted on or about November 17, 2010", the institute's law firm told the Attorney General of New Hampshire in February [pdf]. The forensic team believed that 828 members' credit card numbers, associated names, expiration dates and security numbers may have been accessed. It discovered "certain vulnerabilities in the system", but the IEEE had no proof that the exposed credit cards had been used to make fraudulant transactions, according to the letter.

Over the past two years, a shocking  51% of organizations surveyed in a leading industry report have been compromised by a cyberattack.  Yes, over half.  And this, in a world where enterprises deploy  an average of 53 different security solutions  to safeguard their digital domain.  Alarming? Absolutely. A recent survey of CISOs and CIOs, commissioned by Pentera and conducted by Global Surveyz Research, offers a quantifiable glimpse into this evolving battlefield, revealing a stark contrast between the growing risks and the tightening budget constraints under which cybersecurity professionals operate. With this report, Pentera has once again taken a magnifying glass to the state of pentesting to release its annual report about today's pentesting practices. Engaging with 450 security executives from North America, LATAM, APAC, and EMEA—all in VP or C-level positions at organizations with over 1,000 employees—the report paints a current picture of modern security validation prac

Indian Institute Bansal IIT-JEE Hacked, Student Database Leaked by Cyb3R_Shubh4M Hacked Site : https://bansaliitjee.com/ Student Database Leaked, Downlaod : [Link Removed For Safety]

The hacker group that exposed holes in McAfee's website knows it's breaking U.S. law, but vows to continue exposing vulnerabilities, especially on security vendor websites. The hacker group that exposed holes in McAfee's website knows it's breaking U.S. law, but vows to continue exposing vulnerabilities, especially on security vendor websites. "We do understand performing security testings without authorization is illegal under U.S. law," stated YGN Ethical Hacker Group, when contacted by Network World via e-mail. The outfit's own website describes YGN as a "small group of young but mature people" based in the country of Myanmar (Burma) who started working together about three years ago. Based on its website advertising, the group, which seeks to emphasize its goals are "ethical," appears to offer vulnerability-testing services while also working on security testing tools. In response to a question about why it's so secretive,

After the release of FireSheep, Facebook took an important step to help protect Facebook user accounts by allowing users to choose to keep an encrypted connection as long as they used just Facebook and intelligently designed apps. Savvy users immediately discovered that if they tried to use grossly insecure apps such as Farmville, 21 Questions, or a variety of apps by Rockyou then you were switched back to an unencrypted connection. Having an unencrypted connection means that if you are on an unsecured network, such as those frequently found in coffee shops, airports, and many other public places, then another person can mess around with your account and do things like post messages as if they were you. In fact, they are actually logged into your account for the session, but they don't have your password, so there are some security features they can't change. Still it is enough access that they can cause a lot of damage. Facebook has addressed the problem by making it so that if y

Bcwars.com & Pokerrpg.com hacked 200k Email and Plain text passwords ! Bcwars.com & Pokerrpg.com hacked 200k Email, also admin used plain text passwords. Used Sql Injection :  https://bcwars.com/forum/category/-3' union select concat(id,'::::',username,':::::::',password,':::::::',email) from tblUsers-- - Bcwars Database :  https://bit.ly/hD6bEE https://rapidshare.com/files/455184098/tblUsers-bc.sql.zip https://www.megaupload.com/?d=P4B30IVR https://depositfiles.com/de/files/u7unbc4vk https://hotfile.com/dl/112676282/bcd44f5/tblUsers-bc.sql.zip.html https://www.zshare.net/download/884416713e3e2044/ https://uploading.com/files/3e13f3be/tblUsers-bc.sql.zip/ Pokerrpg Database :  https://bit.ly/hgCGJx https://rapidshare.com/files/455184096/tblUsers.sql-poker.zip https://www.megaupload.com/?d=T41NF4SV https://depositfiles.com/de/files/8qgnt9gll https://hotfile.com/dl/112676281/bea47ec/tblUsers.sql-poker.zip.html https://www.zshare.net/downloa

Keyloggers in Samsung Laptops , Officials says - Samsung laptops are in fact secure ! We'll start by saying that we've reached out to  Samsung  for a response here, but as of now, no reply has been given -- neither a confirmation nor a refusal of truth. Why bother mentioning that? If this here story proves true, Sammy could have a serious problem on its hands -- a problem that'll definitely start with a rash of negative PR, and a quandary that could  very well end the outfit up in the courtroom . According to a report by Mohamed Hassan over at  Network World , Samsung allegedly took the initiative to install a keylogger into his recently purchased R525 and R540 laptops. The app was noticed right away after a security scan on both systems, with StarLogger popping up with the c:\windows\SL directory. Where things really get strange is on the support line; reportedly, a supervisor informed Mr. Hassan (after an earlier denial) that the company did indeed install the softwar

18 Websites Hacked Hacked Sites : https://tonycleevelandscapes.co.uk/ https://www.qq55765.com/minhal.html https://www.6008765.com/minhal.html https://www.larbresolutions.com/assetmanager/images/minhal.html https://www.m-dev.org/portals/0/minhal.html https://www.vossfotoklubb.com/minebilder/minhal.html https://www.hiku.dk/portals/0/ https://clientvela.pl/portals/1/minhal.html https://www.dnntw.com/portals/0/minhal.html https://www.zjjiashan.lss.gov.cn/portals/0/Cache/minhal.html https://www.wfaic.gov.cn//portals/0/minhal.html https://bc.inter.edu/Portals/0/admisiones_files/indian.html https://www.fril.co.il/Portals/0/skins/indian.txt https://www.dzonny.cz/Portals/0/minhal.html https://www.dnntw.com/portals/0/minhal.html https://med-mali.com/ https://www.allansrealty.com/portals/0/minhal.html https://academy.mytopdog.co.za/assets/upload/image/

40 websites Defaced by SBZ-GHoST [ Team Tunisian Hacker ] Hacked Sites List : www.samsunggalaxy5forum.com https://www.institut-platon.com/ https://www.sexylingeriesites.com/ https://www.themeslingo.com/ https://www.twinpinesantiques.com/ https://garagesaleradio.com/ https://www.crossroads-rpg.com/ https://coopavance.com/ https://www.institut-platon.com/ www.newyorkgraphics.it/ www.veteransforacademicfreedom.org/wp-content/ www.edoardocroci.it/ www.sharmaguesthouse.net/ www.tomasino.it/ www.rockon.it/ www.sfcrestaurant.com/ www.shawls-stoles.com/ www.windtowerjobs.com www.nevernudeblog.com www.loveandblog.com www.greengreenbusiness.com https://politicallycensored.com/home-2/ https://www.stephenholmesonline.com/?page_id=10 https://www.thesolarguy.com/about/ https://www.pcshock.co.il/catalog/images/

EMAIL SERVICE PROVIDER Microsoft will allow companies to run Javascript code within Hotmail users' mailboxes. Microsoft has said that its Hotmail service will analyse email and present certain forms of content in a way that it believes is the "most common things people do when they receive the email". This means that groups of images will automatically be put into a slideshow or videos will be embedded directly in emails from simple Youtube links. In a bid to keep users on Hotmail's website, Microsoft has launched a sandboxed environment that it says will allow partners to "insert dynamic content that is up to date and interactive with common tasks through the use of Javascript". And here we thought HTML emails were bad enough. Microsoft is labeling this as Active Views, a billion of which, it claims, have already been served. The firm is claiming that Active Views increase user interaction with the contents of an email. According to Microsoft, less th