The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Bh-News Has Been Hacked By Dinelson US  Hacked Users : Website : www.bh-news.com

Channel.facebook.com cross-site-scripting (XSS) vulnerability by Edgard Chammas Security researcher Edgard Chammas, has submitted on 02/04/2011 a cross-site-scripting (XSS) vulnerability affecting 1.61.channel.facebook.com, which at the time of submission ranked 2 on the web according to Alexa. It is currently unfixed. Link :  https://1.61.channel.facebook.com/iframe/11?r=https://static.ak.fbcdn.net/rsrc.php/1.js%22%3E%3C/script%3E%3Cscript%3Ealert(%22The%20Hacker%20News%22)%3C/script%3E%3Cscript%3E

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many approaches offer piecemeal solutions – zeroing in on one particular element of the evolving threat landscape challenge – missing the forest for the trees.  In the last few years, Exposure Management has become known as a comprehensive way of reigning in the chaos, giving organizations a true fighting chance to reduce risk and improve posture. In this article I'll cover what Exposure Management is, how it stacks up against some alternative approaches and why building an Exposure Management program should be on  your 2024 to-do list. What is Exposure Management?  Exposure Management is the systematic identification, evaluation,

Crif.org defaced by participants in # Anonymous The website of the Conseil Représentatif des Institutions Juives de France or the Representative Council for Jewish Institutions of France was defaced by the hackers on steroids over in Anonymous' operation palestine or #oppalestine. At the time of this writing the website www.crif.org is still defaced. here's a picture to immortalize the action.

Anonymous successfully taken down https://www.sonypictures.com/ and https://www.sonypictures.co.uk The Sony PS3 console was "hacked" or more appropriately, jail broken, by iPhone hacker, Geohot. Anonymous managed to reverse engineer his own PlayStation 3 to run home brew applications on it.And then later released the method to the public, through his site, geohot.com Sony hit Anonymous with a lawsuit and demanded social media sites, including YouTube to hand over IP addresses of people who visited Geohot's social pages/videos.Pay pal have granted access to Sony for them to view Geohot's Pay Pal account. The judge of the case has given permission to Sony to view the IP addresses of everyone who visited geohot.com Sony are also after another group of hackers for the same case. The PS3 hack which GeoHot released can be compared to the "unlocking" of a phone. i.e. Once you purchase the phone, it's yours, you can do whatever it is you want with it. L

QNet confirmed that E -commerce portal was down due to DDoS attack QNet has confirmed that its e-commerce portal was recently the target of a Distributed Denial of Service (DDoS) attack. This caused its main website to be offline for over 36 hours. QI Group IT Director, TG Kintanar said, "As a global direct selling company with a busy trading portal, it is not unusual for QNet to become a target for such attacks, although this has never happened before." QNet is a subsidiary of the QI Group of Companies. "Let me stress that the cyber-attack on our website was not the work of hackers. The DDoS merely blocked customers' access to our services, causing them great inconvenience. However, as QNet's online security measures were in place, our customer database remained intact throughout the attack. Nothing was compromised." Kintanar said. He added that upon noticing the attack on March 9, the QNet IT team immediately started working round-the-clock to set up an alternate transacti

Kroger Customer Database Hacked ! The company announced in an e-mail to customers their system has been hacked by someone outside the company. This means the hacker had access to customer names and e-mail addresses contained in the Kroger database. Kroger stresses only the names and e-mail addresses of customers who voluntarily submitted those addresses to the company may be affected. Kroger says you may receive spam messages from senders you do not know. So, if you receive an e-mail from an unknown sender, do not open it. For more information, you can call Kroger customer service at 800-KROGERS.

Epsilon' s (Marketing services firm) Customer Lists of Major Brands Compromised ! Due to the growing list of brands disclosing that they have been compromised as a result of this breach, I'm going to go ahead and tag this as a massive breach. And I only expect it to get bigger as more announcements come out from Epsilon customers. Read More :  https://bit.ly/hGrQz2

Comodo hacker claim no relation to Iranian Cyber Army ! The alleged hacker of Comodo stepped forward this weekend to explain how he generated bogus SSL certificates for login.skype.com, mail.google.com, login.live.com and other popular internet websites. His story is that he was able to compromise Comodo's partner GlobalTrust.it and InstantSSL.it. Both sites are currently "under construction." He brags how he decided to bring down the SSL root certificate system and began by attacking the RSA algorithm, but when he found the vulnerabilities in these websites he decided on that approach. On that point I would have to agree with him, as hacking the RSA algorithm seems a significantly more difficult challenge, but the text of his "manifesto" is so full of bravado it is difficult to even read. While he is Iranian, he claims no association with the "Iranian Cyber Army" and insists he is simply a hacker with a 1000 times the knowledge and experienc