The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Wireshark 1.4.7 & Wireshark 1.2.17 Released Wireshark is the world's most popular network protocol analyzer. It is used for troubleshooting, analysis, development, and education.This update fixes many bugs. Supports for the following protocols have been updated – BSSMAP, DMP, GSM SMS, LDSS, NCP, PN/IO, PPP, SIP, SNMP. Download here

PSB.org was hacked with 0day exploit for MoveableType ! Yesterday  Public Broadcasting Service (PBS) was Hacked by Lulzsec, Users data & Database Leaked.  Lulzsec hackers today expose that, how exactly they hack all these database, site and Server. They Use 0day exploit for MoveableType, Using the vulnerability they uploaded php shell on ftp and Then root the server using localroot exploit for kernel 27 2.4.21-37.ELsmp 2005 i686 . Kevin Mitnick (World top hacker) says : " Yeah, they claim it's a bug in mt4... but I doubt they would reveal the vector until much later. " The /etc/passwd file of server is as shown below: They use  Havij 1.14 Pro - Sql injection tool, just to make hack faster and extract whole database. On Tuesday,  LulzSec tweeted on their twitter profile &  included messages directed to both Manning and Wikileaks." @WikiLeaks We hope our hacking gave Bradley Manning a smile. That man deserves something nice ,"  a

In today's digital world, where connectivity is rules all, endpoints serve as the gateway to a business's digital kingdom. And because of this, endpoints are one of hackers' favorite targets.  According to the IDC,  70% of successful breaches start at the endpoint . Unprotected endpoints provide vulnerable entry points to launch devastating cyberattacks. With IT teams needing to protect more endpoints—and more kinds of endpoints—than ever before, that perimeter has become more challenging to defend. You need to improve your endpoint security, but where do you start? That's where this guide comes in.  We've curated the top 10 must-know endpoint security tips that every IT and security professional should have in their arsenal. From identifying entry points to implementing EDR solutions, we'll dive into the insights you need to defend your endpoints with confidence.  1. Know Thy Endpoints: Identifying and Understanding Your Entry Points Understanding your network's

Server with 335 websites got hacked by PakH3X0r   An Indian Server with 335 websites has been hacked by PakH3X0r  and all sites get defaced . The list of sites are given at :   https://pastebin.com/BEChkwD9

Delhi University 's Control Panel & Fashion TV India's Data Hacked by Moofster   Delhi University's ( https://placement.du.ac.in/ ) & Fashion TV India's  ( https://ftv.co.in/ )websites are vulnerable to SQL injection. A hacker " Moofster " has been hack the admin panel of  Delhi University's website and He also extract the database of Fashion TV India's website, as shown below :

md5deep and hashdeep - Latest version 3.9.1 Released md5deep is a set of programs to compute MD5, SHA-1, SHA-256, Tiger, or Whirlpool message digests on an arbitrary number of files. md5deep is similar to the md5sum program found in the GNU Coreutils package. hashdeep is a program to compute, match, and audit hashsets. With traditional matching, programs report if an input file matched one in a set of knows or if the input file did not match. It's hard to get a complete sense of the state of the input files compared to the set of knowns. It's possible to have matched files, missing files, files that have moved in the set, and to find new files not in the set. Hashdeep can report all of these conditions. It can even spot hash collisions, when an input file matches a known file in one hash algorithm but not in others. The results are displayed in an audit report. The programs are distributed as binaries for Microsoft Windows (7, Vista, XP, 2003, and 2000 are supported) an

Exploit Database site - Exploit-ID was under DDOS attack ! On Friday 27 May 2011, exploit-id.com  was down by a lot of packet to our server ( DDoS Packet ) . Then System admin analyze get that server of exploit-id.com was under DDoS attack.  The analyse about attack and Server stats are here :  https://pastebin.com/ijPbL8pb

Shahrukh Khan 's upcoming Movie - Ra One Official Website hacked A hacker with name " Seeker " today hacked into the Cpanel of Shahrukh Khan's upcoming Movie - Ra One Official Website and Deface the main page of site as shown below...

3 websites hacked by Indian Girl Hacker - TriNitY ! Till now we was just listen about that, some Hackers (boys) do hacks and sites defacements, But wait ! Here we have an Indian Girl with codename " TriNitY " .TriNitY is I think 1st Indian hacker who is in news for defacing some websites. The list of websites hacked by her : https://demo-l.jahoma.de/administrator/images/index.html https://www.upes.edu.vn/trinity.htm https://www.xzdm.gov.cn/trinity.htm  Sites may get recover, You can check deface page mirror at : https://mirror.sec-t.net/defacements/?id=28312   https://mirror.sec-t.net/defacements/?id=27353

Pakistani hackers site got hacked by Indishell Yesterday a pakistani hackers websites  https://www.hackerz.pk/forum.php got hacked by Indian hackers group Indishell . Mirror of hack is :  https://www.zone-h.org/mirror/id/14125744

T-Series Media Company & Other Domains of T-Series Hacked By ZHC XtreMist ZHC XtreMist, Hacker group yesterday hack various domains of T-Series Media Company . Such as : https://www.tseries.com/ https://tseriesnew.hungamatech.com/ https://mobiles.tseries.com/ https://webstore.tseries.com/ These websites was got defaced by them, But now company have recover them. You can check mirrors of defaced sites at  https://pastebin.com/s2d10NZT

Sniffjoke 0.4.1 - Anti-sniffing Framework & Tool For Session Scrambling SniffJoke is an application for Linux that handle transparently your TCP connection, delaying, modifying and injecting fake packets inside your transmission, make them almost impossible to be correctly read by a passive wiretapping technology (IDS or sniffer). An Internet client running SniffJoke injects in the transmission flow some packets able to seriously disturb passive analysis like sniffing, interception and low level information theft. No server support is needed! The internet protocols have been developed to allow two elements to communicate, not some third-parts to intercept their communication. This will happen, but the communication system has been not developed with this objective. SniffJoke uses the network protocol in a permitted way, exploiting the implicit difference of network stack present in an operating system respect the sniffers dissector. Download

SQLi vulnerability in United Nation's (UN) Website ! SQLi vulnerability in United Nation's (UN) Website has been exposed on  https://seclists.org/ . This Security flaw allow hackers to extract all Database of Chinese Part of  United Nation's (UN) Website. Proof of Concept is available here .