#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

XSS Vulnerability found on Sony PlayStation Store Website

XSS Vulnerability found on Sony PlayStation Store Website

May 28, 2011
XSS Vulnerability found on Sony PlayStation Store Website XSS Vulnerability found on Sony PlayStation Store Website at  https://store.playstation.com/ ,This  Vulnerability is posted by someone on a Forum site. The XSS is working on Firefox Browser, Not applicable for Crome Browser. Here in Screenshot you can see that, The backlink Code behind " Back " button has been modified using XSS attack.  Proof of Concept : 1.) Open Url in Firefox : Click Here 2.) Now Click on the Back Button shown at middle of the page. You will be Redirected to Google.com . This XSS Vulnerability can be misused By hackers for Phishing or any Cyber Crime Activity. We have Notice that, almost 70% Sony's websites are Vulnerable with various Flaws. Sony Should Fix it as soon as possible, Before any next hack attack. Thanks.
R00TW0RM Linux Auto rooter for 2010 kernel Coded by CrosS

R00TW0RM Linux Auto rooter for 2010 kernel Coded by CrosS

May 28, 2011
R00TW0RM Linux Auto rooter for 2010 kernel Coded by CrosS Roots linux server Automatically if the Kernel version is still vulnerable to exploit. Previously a 2009 Auto rooter was Released and now 2010 is being released. for more updated like 2011 and other Exploits and Methods stay in touch with https://r00tw0rm.com/forum | R00TW0RM - Private Community Download :  https://r00tw0rm.com/CrosS- 2010.txt Usage : Just upload/fetch/wget and give sommand => perl CrosS-2010.txt Also see :  R00TW0RM Linux Auto rooter for 2009 kernel Coded by CrosS
Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu
Anonymous Takes Down U.S. Chamber Of Commerce for PROTECT IP Act

Anonymous Takes Down U.S. Chamber Of Commerce for PROTECT IP Act

May 28, 2011
Anonymous Takes Down U.S. Chamber Of Commerce  for PROTECT IP Act  Anonymous collective launches DDoS attack against the business lobbying group over it's support for the legislation to fight online infringement that many fear will great expand the govt's ability to filter the Internet. Anonymous began targeting the US Chamber of Commerce for its support of the controversial " Preventing Real Online Threats to Economic Creativity and Theft of Intellectual Property Act of 2011 ." The US Chamber of Commerce has been outspoken about its support for the " PROTECT IP Act. " It believes the legislation is necessary to " cut of rogue sites " and protect US jobs. Anonymous managed to take the site –  uschamber.com  – down.
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
Honda hacked - 283,000 car owners personal data Leaked !

Honda hacked - 283,000 car owners personal data Leaked !

May 28, 2011
While Tokyo-based Sony Corp. battles massive data security breaches, Japanese carmaker Honda is confronting its own online challenge — the theft of personal information from 283,000 Honda and Acura customers in Canada. Jerry Chenkin, executive vice-president and chief compliance officer at Honda Canada Inc., confirmed Thursday that names, addresses and vehicle identification numbers were taken from the company's e-commerce websites myHonda and myAcura, with suspicious activity on the site first detected in late February. In a letter to affected vehicle owners dated May 13 and obtained by the Star, Honda Canada said it was alerted by unusual volume on the sites, including "some unauthorized attempts to access account information." The letter said financial information was not compromised. Honda, which does not sell customer data to third parties, is investigating the incident, which has been reported to police. Perpetrators have not been identified and no group has claimed res
Hackers broke into Lockheed Martin networks & U.S. defense contractors !

Hackers broke into Lockheed Martin networks & U.S. defense contractors !

May 28, 2011
Unknown hackers have broken into the security networks of Lockheed Martin Corp and several other U.S. military contractors, a source with direct knowledge of the attacks told Reuters. They breached security systems designed to keep out intruders by creating duplicates to "SecurID" electronic keys from EMC Corp's RSA security division, said the person who was not authorized to publicly discuss the matter. It was not immediately clear what kind of data, if any, was stolen by the hackers. But the networks of Lockheed and other military contractors contain sensitive data on future weapons systems as well as military technology currently used in battles in Iraq and Afghanistan. Weapons makers are the latest companies to be breached through sophisticated attacks that have pierced the defenses of huge corporations including Sony, Google Inc and EMC Corp. Security experts say that it is virtually impossible for any company or government agency to build a security network th
ICC Twenty20 World Cup 2012 website Hacked !

ICC Twenty20 World Cup 2012 website Hacked !

May 28, 2011
ICC Twenty20 World Cup 2012 website Hacked ! Hacked site link :  https://twenty20worldcup2012.co.in/
Cybersecurity Resources