The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Famous Israeli company websites Hacked by OldChildz (Turkish Hackers) Hacked Sites and Mirrors : https://be10.co.il https://www.zero-h.com/mirror/id/66321 https://gagotreafim.com (An Israeli Construction Company) https://www.zero-h.com/mirror/id/66320 https://kasafot.com (A manufacturing company in the Israeli case) https://www.zero-h.com/mirror/id/66319 https://nadlan-plus.com (Nadlan-Plus Jerusalem Real Estate Israel is a leading firm, offering luxury properties) https://www.zero-h.com/mirror/id/66318 https://sick-sensors.co.il (SICK is a technology and market leader in Factory Automation and Logistics, as well as the Process Automation.) https://www.zero-h.com/mirror/id/66317 https://meholelim.org https://www.zero-h.com/mirror/id/66315 https://lama-wordpress.com https://www.zero-h.com/mirror/id/66313 https://backpackingisrael.com (Travel Forums and Tips) https://www.zero-h.com/mirror/id/66311

Live Hacking DVD v1.3 Beta - Download ! Live Hacking DVD is a new Linux distribution packed with tools and utilities for ethical hacking, penetration testing and countermeasure verification. Based on Ubuntu this 'Live CD" runs directly from the DVD and doesn't require installation on your hard-drive. Once booted you can use the included tools to test, check, ethically hack and perform penetration tests on your own network to make sure that it is secure from outside intruders. As well as the standard Linux networking tools like ping, wget, curl, telnet and ssh, the Live Hacking DVD has tools for DNS enumeration and reconnaissance as well as utilities for foot-printing, password cracking and network sniffing. It also has programs for spoofing and a set of wireless networking utilities. The Live Hacking DVD is designed for ethical computer hacking, meaning that it contains the tools and utilities you need to test and hack your own network but using the tools and techniques that mor

In today's digital world, where connectivity is rules all, endpoints serve as the gateway to a business's digital kingdom. And because of this, endpoints are one of hackers' favorite targets.  According to the IDC,  70% of successful breaches start at the endpoint . Unprotected endpoints provide vulnerable entry points to launch devastating cyberattacks. With IT teams needing to protect more endpoints—and more kinds of endpoints—than ever before, that perimeter has become more challenging to defend. You need to improve your endpoint security, but where do you start? That's where this guide comes in.  We've curated the top 10 must-know endpoint security tips that every IT and security professional should have in their arsenal. From identifying entry points to implementing EDR solutions, we'll dive into the insights you need to defend your endpoints with confidence.  1. Know Thy Endpoints: Identifying and Understanding Your Entry Points Understanding your network's

Ubuntu 11.04 Released ! For those of you watching Ubuntu's website recently, you may have noticed a new version of the popular and easy to use variant of Linux has been surfaced - Natty Narwal. It can be downloaded from the previously linked site free of charge. Among the various new features, the Unity interface is set as the default UI, and includes the launcher (an OS X like dock), the dash (a popup menu with user defined shortcuts), and workspaces (a virtual desktop manager). According to the Ubuntu website, the OS can boot in as little as 7 seconds (following POST). Driving all of this eye candy is Gnome 2.32.1 (according to Ubuntu Vibes). If your current equipment is not capable of Unity, the classic desktop experience will kick in as to keep you moving along with minimal lag. Those of you wanting to experiment with Gnome 3, it cannot be installed via the Ubuntu repositories, and there have been reports of system instabilities post installation, though there is a workaroun

Buddie.me (Social Networking) Hacked by Fr0664/FCA , 15809 Users emails/passwords exposed ! A social Networking Site, Buddie.me hacked By some hacker, and about 15809 emails/passwords they have exposed on internet at : https://pastebin.com/4C91WVLN

Ncrack 0.4 Alpha - New Version download ! Ncrack is a high-speed network authentication cracking tool. It was built to help companies secure their networks by proactively testing all their hosts and networking devices for poor passwords. Security professionals also rely on Ncrack when auditing their clients. Ncrack was designed using a modular approach, a command-line syntax similar to Nmap and a dynamic engine that can adapt its behaviour based on network feedback. It allows for rapid, yet reliable large-scale auditing of multiple hosts. Ncrack's features include a very flexible interface granting the user full control of network operations, allowing for very sophisticated bruteforcing attacks, timing templates for ease of use, runtime interaction similar to Nmap's and many more. This is the change log for the current release: Added the VNC module to Ncrack's arsenal. Thanks to rhh of rycon.hu for implementing the module and discussing about it for further improvement. Wrote

Google's Chrome web browser is now at version 11, and its release is marked by a record payout for security fixes as well as a speech translation feature. A total of 27 security vulnerabilities are fixed in the latest stable release for Windows, Mac, Linux and Chrome Frame. Individual rewards were from $500 up to $3,000 for a particularly nasty looking bug that allowed a possible URL bar spoof leading to navigation errors and interrupted page loads. Among the researchers Google gave thanks to was Braden Thomas of Apple Product Security. This is most likely because Chrome's underlying open source browser engine Webkit is the same one that runs Safari. Chrome users will now also be able to play around with speech translation, thanks to a new speech input through HTML feature. Using the Google Translate application, you can speak after clicking a microphone at the bottom right of the input box. You'll be able to read and listen to the translated result. This isn't ne

Election commission & Society of aircraft engineers of pakistan Hacked By Imm0rt4l5 Hacked Url : https://www.ecp.gov.pk/viewpressreleasenotific.aspx?id=1374&typeid=2 Mirror : https://i51.tinypic.com/1zgt9vc.jpg Hacked Url : https://saep.org.pk/documents/immortal.php Mirror : https://turk-h.org/defacement/view/383370/saep.org.pk/documents/

Nikon Image Authentication System Compromised ! ElcomSoft Co. Ltd. researched Nikon's Image Authentication System, a secure suite validating if an image has been altered since capture, and discovered a major flaw. The flaw allows anyone producing forged pictures that will successfully pass validation with Nikon's Image Authentication Software. The weakness lies in the manner the secure image signing key is being handled in Nikon digital cameras. The existence of the weakness allowed ElcomSoft to actually extract the original signing key from a Nikon camera. This, in turn, made it possible to produce manipulated images signed with a fully valid authentication signature. Complete Story :   https://blog.crackpassword.com/2011/04/nikon-image-authentication-system-compromised/

John the Ripper 1.7.7 new version Released ! "John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. It supports several crypt(3) password hash types commonly found on Unix systems, as well as Windows LM hashes." This is the change log for JtR version 1.7.7: Added Intel AVX and AMD XOP instruction sets support for bitslice DES (with C compiler intrinsics). New make targets: linux-x86-64-avx, linux-x86-64-xop, linux-x86-avx, and linux-x86-xop (these require recent versions of GCC and GNU binutils). A "dummy" "format" is now supported (plaintext passwords encoded in hexadecimal and prefixed with "$dummy$") – for faster testing and tuning of custom wordlists, rule sets, .chr files, and external modes on already known or artificial passwords, as well as for testing of future and modified versions of John itself. Apache "$apr1$" MD5-based password hashes are now

Microsoft Windows Malicious Software Removal Tool - Download ! The Microsoft Windows Malicious Software Removal Tool checks Windows Vista, WIndows 7, Windows XP, Windows 2000, and Windows Server 2003 computers for and helps remove infections by specific, prevalent malicious software—including Blaster, Sasser, and Mydoom. When the detection and removal process is complete, the tool displays a report describing the outcome, including which, if any, malicious software was detected and removed. The tool creates a log file named mrt.log in the %WINDIR%\debug folder. To download the x64 version of Malicious Software Removal Tool, click here . This tool is not a replacement for an anti-virus product. To help protect your computer, you should use an anti-virus product. Microsoft will release an updated version of this tool on the second Tuesday of each month. New versions will be made available through this web page, Windows Update, and the Malicious Software Removal Tool Web site on

FBI vs Coreflood botnet The FBI's unprecedented effort to behead the Coreflood botnet—comprised of millions of hacked Windows machines—appears to be working, at least for now. The bureau has tracked a dramatic decline in the number of pings from the botnet since the takedown operation began earlier this month, according to court documents filed by the Justice Department on Monday. The number of pings from infected US systems plummeted from nearly 800,000 to less than 100,000 in about a week after authorities began sending out "stop" commands to those machines—a drop of nearly 90 percent. Pings from infected computers outside the US have also dropped about 75 percent, likely as a result of a parallel outreach effort to foreign ISPs. The government's efforts have "temporarily stopped Coreflood from running on infected computers in the United States," writes the government in its filing, "and have stopped Coreflood from updating itself, thereby enabling anti-virus software vendors

IRC chat of PlayStation Network hacker and How PSN hacked ! Now known that the PlayStation Network has been compromised, there are more details out. First came the log of the hacker who penetrated inside the PlayStation Network and we just had information from Sony itself that the burglary had been working over the PSN taken offline. Now we have for you a chat log between hackers who talk about security and encrypting the PlayStation Network. They say that the known credit card information easily available to hackers that they can not even enter their data via the PSN. The Credit Card encrypted data simply were not enough, so everything is easy to read. Watch the full chat was held on February 16 between hackers. [user1] xxx: I don't think there are many people involved in circumventing PSN access in /this/ channel [ "application/x-i-5-ticket" reason=40 > PSN error 80710101 ] [user2] talk about network stuff? [user2] nice [user2] i just finished decrypting 100