The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

XSS Vulnerability found on Sony PlayStation Store Website XSS Vulnerability found on Sony PlayStation Store Website at  https://store.playstation.com/ ,This  Vulnerability is posted by someone on a Forum site. The XSS is working on Firefox Browser, Not applicable for Crome Browser. Here in Screenshot you can see that, The backlink Code behind " Back " button has been modified using XSS attack.  Proof of Concept : 1.) Open Url in Firefox : Click Here 2.) Now Click on the Back Button shown at middle of the page. You will be Redirected to Google.com . This XSS Vulnerability can be misused By hackers for Phishing or any Cyber Crime Activity. We have Notice that, almost 70% Sony's websites are Vulnerable with various Flaws. Sony Should Fix it as soon as possible, Before any next hack attack. Thanks.

R00TW0RM Linux Auto rooter for 2010 kernel Coded by CrosS Roots linux server Automatically if the Kernel version is still vulnerable to exploit. Previously a 2009 Auto rooter was Released and now 2010 is being released. for more updated like 2011 and other Exploits and Methods stay in touch with https://r00tw0rm.com/forum | R00TW0RM - Private Community Download :  https://r00tw0rm.com/CrosS- 2010.txt Usage : Just upload/fetch/wget and give sommand => perl CrosS-2010.txt Also see :  R00TW0RM Linux Auto rooter for 2009 kernel Coded by CrosS

In today's digital world, where connectivity is rules all, endpoints serve as the gateway to a business's digital kingdom. And because of this, endpoints are one of hackers' favorite targets.  According to the IDC,  70% of successful breaches start at the endpoint . Unprotected endpoints provide vulnerable entry points to launch devastating cyberattacks. With IT teams needing to protect more endpoints—and more kinds of endpoints—than ever before, that perimeter has become more challenging to defend. You need to improve your endpoint security, but where do you start? That's where this guide comes in.  We've curated the top 10 must-know endpoint security tips that every IT and security professional should have in their arsenal. From identifying entry points to implementing EDR solutions, we'll dive into the insights you need to defend your endpoints with confidence.  1. Know Thy Endpoints: Identifying and Understanding Your Entry Points Understanding your network's

Anonymous Takes Down U.S. Chamber Of Commerce  for PROTECT IP Act  Anonymous collective launches DDoS attack against the business lobbying group over it's support for the legislation to fight online infringement that many fear will great expand the govt's ability to filter the Internet. Anonymous began targeting the US Chamber of Commerce for its support of the controversial " Preventing Real Online Threats to Economic Creativity and Theft of Intellectual Property Act of 2011 ." The US Chamber of Commerce has been outspoken about its support for the " PROTECT IP Act. " It believes the legislation is necessary to " cut of rogue sites " and protect US jobs. Anonymous managed to take the site –  uschamber.com  – down.

While Tokyo-based Sony Corp. battles massive data security breaches, Japanese carmaker Honda is confronting its own online challenge — the theft of personal information from 283,000 Honda and Acura customers in Canada. Jerry Chenkin, executive vice-president and chief compliance officer at Honda Canada Inc., confirmed Thursday that names, addresses and vehicle identification numbers were taken from the company's e-commerce websites myHonda and myAcura, with suspicious activity on the site first detected in late February. In a letter to affected vehicle owners dated May 13 and obtained by the Star, Honda Canada said it was alerted by unusual volume on the sites, including "some unauthorized attempts to access account information." The letter said financial information was not compromised. Honda, which does not sell customer data to third parties, is investigating the incident, which has been reported to police. Perpetrators have not been identified and no group has claimed res

Unknown hackers have broken into the security networks of Lockheed Martin Corp and several other U.S. military contractors, a source with direct knowledge of the attacks told Reuters. They breached security systems designed to keep out intruders by creating duplicates to "SecurID" electronic keys from EMC Corp's RSA security division, said the person who was not authorized to publicly discuss the matter. It was not immediately clear what kind of data, if any, was stolen by the hackers. But the networks of Lockheed and other military contractors contain sensitive data on future weapons systems as well as military technology currently used in battles in Iraq and Afghanistan. Weapons makers are the latest companies to be breached through sophisticated attacks that have pierced the defenses of huge corporations including Sony, Google Inc and EMC Corp. Security experts say that it is virtually impossible for any company or government agency to build a security network th