The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

XSS Vulnerability found on Sony PlayStation Store Website XSS Vulnerability found on Sony PlayStation Store Website at  https://store.playstation.com/ ,This  Vulnerability is posted by someone on a Forum site. The XSS is working on Firefox Browser, Not applicable for Crome Browser. Here in Screenshot you can see that, The backlink Code behind " Back " button has been modified using XSS attack.  Proof of Concept : 1.) Open Url in Firefox : Click Here 2.) Now Click on the Back Button shown at middle of the page. You will be Redirected to Google.com . This XSS Vulnerability can be misused By hackers for Phishing or any Cyber Crime Activity. We have Notice that, almost 70% Sony's websites are Vulnerable with various Flaws. Sony Should Fix it as soon as possible, Before any next hack attack. Thanks.

R00TW0RM Linux Auto rooter for 2010 kernel Coded by CrosS Roots linux server Automatically if the Kernel version is still vulnerable to exploit. Previously a 2009 Auto rooter was Released and now 2010 is being released. for more updated like 2011 and other Exploits and Methods stay in touch with https://r00tw0rm.com/forum | R00TW0RM - Private Community Download :  https://r00tw0rm.com/CrosS- 2010.txt Usage : Just upload/fetch/wget and give sommand => perl CrosS-2010.txt Also see :  R00TW0RM Linux Auto rooter for 2009 kernel Coded by CrosS

Identities now transcend human boundaries. Within each line of code and every API call lies a non-human identity. These entities act as programmatic access keys, enabling authentication and facilitating interactions among systems and services, which are essential for every API call, database query, or storage account access. As we depend on multi-factor authentication and passwords to safeguard human identities, a pressing question arises: How do we guarantee the security and integrity of these non-human counterparts? How do we authenticate, authorize, and regulate access for entities devoid of life but crucial for the functioning of critical systems? Let's break it down. The challenge Imagine a cloud-native application as a bustling metropolis of tiny neighborhoods known as microservices, all neatly packed into containers. These microservices function akin to diligent worker bees, each diligently performing its designated task, be it processing data, verifying credentials, or

Anonymous Takes Down U.S. Chamber Of Commerce  for PROTECT IP Act  Anonymous collective launches DDoS attack against the business lobbying group over it's support for the legislation to fight online infringement that many fear will great expand the govt's ability to filter the Internet. Anonymous began targeting the US Chamber of Commerce for its support of the controversial " Preventing Real Online Threats to Economic Creativity and Theft of Intellectual Property Act of 2011 ." The US Chamber of Commerce has been outspoken about its support for the " PROTECT IP Act. " It believes the legislation is necessary to " cut of rogue sites " and protect US jobs. Anonymous managed to take the site –  uschamber.com  – down.

While Tokyo-based Sony Corp. battles massive data security breaches, Japanese carmaker Honda is confronting its own online challenge — the theft of personal information from 283,000 Honda and Acura customers in Canada. Jerry Chenkin, executive vice-president and chief compliance officer at Honda Canada Inc., confirmed Thursday that names, addresses and vehicle identification numbers were taken from the company's e-commerce websites myHonda and myAcura, with suspicious activity on the site first detected in late February. In a letter to affected vehicle owners dated May 13 and obtained by the Star, Honda Canada said it was alerted by unusual volume on the sites, including "some unauthorized attempts to access account information." The letter said financial information was not compromised. Honda, which does not sell customer data to third parties, is investigating the incident, which has been reported to police. Perpetrators have not been identified and no group has claimed res

Unknown hackers have broken into the security networks of Lockheed Martin Corp and several other U.S. military contractors, a source with direct knowledge of the attacks told Reuters. They breached security systems designed to keep out intruders by creating duplicates to "SecurID" electronic keys from EMC Corp's RSA security division, said the person who was not authorized to publicly discuss the matter. It was not immediately clear what kind of data, if any, was stolen by the hackers. But the networks of Lockheed and other military contractors contain sensitive data on future weapons systems as well as military technology currently used in battles in Iraq and Afghanistan. Weapons makers are the latest companies to be breached through sophisticated attacks that have pierced the defenses of huge corporations including Sony, Google Inc and EMC Corp. Security experts say that it is virtually impossible for any company or government agency to build a security network th