The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Ani-Shell v1.2 - Email-Alerts , Mass Code injector New Features :- Trace-back (Email Alerts) PHP Evaluate Better Command Execution (even supports older version of PHP) Mass Code Injector (Appender and Over-writer) Lock Mode Customization Release Note : 1. Email Traceback is set to Off as default and emails will not be sent , If you are setting  this feature on make sure you change the default email address  (lionaneesh@gmail.com) to Your email  address , Please Change it before using. 2. Username and Passwords are set to lioanneesh and lionaneesh respectively , Please change them for better   security. 3. As a default Lock Mode is set to on! This should not be change unless you want your shell exposed. DOWNLOAD

DOLE website  vulnerable to hackers ! A hacker with Codename  " No.One "  release some vulnerability regarding DOLE via a pastebin post. We analyse it & Explaining the possible Security Breach.  Hackers Find a vulnerable site on  125.5.39.135   , which having two domains on it :   https://www.dole.gov.ph/   Official Website of the Department of Labor and Employment - Republic of Philippines . Is it vulnerable ?   Yes ! see :  https://www.dole.gov.ph/secondpage.php?id=2113'  . Its SQL injection . Now Hacker is able to get database from this site . For example the current database name is " dolews_4a351sd " and Hacker also may be able to upload to upload shell on server using this. This Attack may lead to rooting of  125.5.39.135 Server, Which also other sites. Hackers may be able to deface the site or can steal source code too.  This Report is submitted by " No.One " Hacker and Presented by THN. Thank You !

Super Low RPO with Continuous Data Protection: Dial Back to Just Seconds Before an Attack Zerto , a Hewlett Packard Enterprise company, can help you detect and recover from ransomware in near real-time. This solution leverages continuous data protection (CDP) to ensure all workloads have the lowest recovery point objective (RPO) possible. The most valuable thing about CDP is that it does not use snapshots, agents, or any other periodic data protection methodology. Zerto has no impact on production workloads and can achieve RPOs in the region of 5-15 seconds across thousands of virtual machines simultaneously. For example, the environment in the image below has nearly 1,000 VMs being protected with an average RPO of just six seconds! Application-Centric Protection: Group Your VMs to Gain Application-Level Control   You can protect your VMs with the Zerto application-centric approach using Virtual Protection Groups (VPGs). This logical grouping of VMs ensures that your whole applica

New XSS Vulnerability found on Sony PlayStation by c7-elixir - The C7 Crew YES ! Sony is still Vulnerable to various bugs like XSS. Today a hacker  c7-elixir from The C7 Crew has expose new XSS attack on Sony PlayStation's Website as shown. Sony got hacked 20 times in last two months by number of hackers from all over world. One more REQUEST to Sony : FIX IT BOSS ! Vulnerable Link 

Lulzsec member blog hacked by TeaMp0isoN Personal Blog https://sven-slootweg.nl/ of one of the Lulzsec Member get defaced by TeaMp0isoN . Get more details about  TeaMp0isoN . BREAKING NEWS: TEH LULZBOAT HAS OFFICALY SANK WITH 100S OF ANON MEMBERS ON BOARD!No matter how many bots you gather, no matter how much people you lie to, no matter how much pre-made tools you use, you will _NEVER_ represent the real hacking scene, we warned you, we told you we do not make empty threats, we gave u 48hrs to secure your ircs yet u failed to do so, instead u posted hashes from public forums and then claimed you doxed us and laughed at the fact that i was 17years old. stop telling yourself that u are hackers, putting a ip into a irc is NOT hacking nor is using pre-made tools and scripts to grab databases… you do not represent the anti-sec movement, u are not allowed to greet underground groups like zf0, ab, h0n0, el8 like your member "AnonSabu" was doing, you will never be apart of the underground

Firefox Version 5 release with fix of 5 remote code vulnerabilities Mozilla Delivers New Version of Firefox – First Web Browser to Support Do Not Track on Multiple Platforms Mozilla delivered two things today: Firefox 5 for personal computers and Android phones, and the promise to complete the new browser just a few months after its predecessor. The V5 critical fixes are: *  MFSA 2011-26  Multiple WebGL crashes *  MFSA 2011-22  Integer overflow and arbitrary code execution in Array.reduceRight() *  MFSA 2011-21  Memory corruption due to multipart/x-mixed-replace images *  MFSA 2011-20  Use-after-free vulnerability when viewing XUL document with script disabled *  MFSA 2011-19  Miscellaneous memory safety hazards (rv:3.0/1.9.2.18) Download Firefox 5

LulzSec exposed details of alleged snitches In a Pastebin post, LulzSec explained that the two hackers allegedly tried to "snitch on [them]", and so LulzSec took revenge. LulzSec boasted to the FBI "& other law enforcement clowns", saying: "we just did your job for you with great ease". The first alleged hacker, was named as Marshal Webb, who they claim was "involved in the hacking of the game "[Deus] Ex" and was/is involved in countless other cybercrimes." Read complete Pastebin :  https://pastebin.com/MBEsm5XQ Hi FBI & other law enforcement clowns, LulzSec here with some juicy gossip. This is Marshal Webb, also known as "[redacted]" in the "#pure-elite" IRC logs you no doubt have enjoyed. He was involved in the hacking of the game "Dues Ex" and was/is involved in countless other cybercrimes. Also, he tried to snitch on us. Therefore we just did your job for you with great ease. This moron is trying to flee the country in order to

UK police arrest Suspected LulzSec 19 years old Mastermind British police say they have made a significant arrest in their investigation into hacking attacks on international business and intelligence agencies. Officers from the Metropolitan Police Central e-Crime Unit (PCeU) have arrested a 19-year-old man in a pre-planned intelligence-led operation. The 19-year-old is currently in custody at a central London police station. This arrest comes just before the first major " Operation Anti-Security " information leak was about to take place. Police would not say whether the man is believed to be linked to either the Anonymous or Lulz Security. According to Mikko H. Hypponen , F-Secure CRO " The arrested person in Essex could be Ryan Cleary aka ViraL. Not sure of his relation to LulzSec. " Yes ! This can be Ryan, who hack Anonymous IRC networks - irc.anonops.net & irc.anonops.ru before & Also he was exposed by Anonymous . Name: Mr Ryan Cleary Alias: viraL

LulzSec steal millions of records from the UK 2011 Census According to a Pastebin Link posted by LulzSec , they claimed to steal millions of records from the UK 2011 Census, with a public release coming soon. However, the group did post the a tweet  : Our next step is to categorize and format leaked items we acquire and release them in #AntiSec "payloads" on our website and The Pirate Bay. The release in full via  https://pastebin.com/K1nerhk0 Greetings Internets, We have blissfully obtained records of every single citizen who gave their records to the security-illiterate UK government for the 2011 census We're keeping them under lock and key though… so don't worry about your privacy (…until we finish re-formatting them for release) Myself and the rest of my Lulz shipmates will then embark upon a trip to ThePirateBay with our beautiful records for your viewing pleasure! Ahoy! Bwahahaha… >:] Cap'n Pierre "Lulz" Dubois Leaked Data : LINKS: https://thepirateb

Metasploit Framework 3.7.2 Released - Download  Metasploit Framework 3.7.2 includes 698 exploit modules, 358 auxiliary modules, and 54 post modules, 11 new exploits, 1 new auxiliary module, and 15 new post modules.This release addresses several issues with updating the framework, adds 11 exploit / auxiliary modules and brings a plethora of new features. Modules included are listed below. Notable modules include the Cisco Anyconnect ActiveX bug (which works against recent versions of the Cisco AnyConnect Windows Client), and the SCADA modules by sinn3r and MC. The multi-platform post-exploitation work continues with new modules for Linux and Solaris included in this release thanks to Carlos Perez. A number of password-stealing post modules are also included, courtesy of David Maloney. The updates to the signed_java_applet module are documented on the Metasploit Blog. Additionally, the cachedump module has been improved and merged thanks to great work by Mubix. New features are equal

UK Serious Organised Crime agency website down after LulzSec Ddos attack The UK Serious Organised Crime agency has taken its website offline after ddos attack by hacking group Lulz Security. Soca said it had taken its website offline to limit the impact attack on clients hosted by its service provider. Soca.gov.uk had been unavailable from 1 day. Lulz Security has said it was behind the denial of service attack which had taken the website offline. LulzSec tweeted: " Tango down - in the name of #AntiSec ".

Blizzard's Mobile Server Database Exposed by Warv0x (AKA Kaihoe) Warv0x (AKA Kaihoe) Hacker today expose the Database structure of one of the biggest Company " Blizzard Mobile ". The exposed data can be seen on a pastebin link .  DATABASES EXPOSED LIST : [*] admin [*] egw [*] glpi [*] information_schema [*] lost+found [*] mboost_forum [*] multivea [*] mysql [*] openads [*] phpcollab [*] phpmyadmin [*] pixcatcher Blizzard's Mobile is Ringtone,Logo,Game, Java,Video,Theme,Mobile,Wallpaper,Screensaver etc. etc. Download Site with  Alexa  World Rank 3800.

BrainNET ISP/TV Provider hacked by ProDom Security ProDom Security Hackers Hacks into Brain.net.pk an ISP/TV Provider . Hacker dump data on free file hosting sites : URL: https://www.multiupload.com/0KWDE7ZJBB .  There are 3 file in archive : README = Readme File cracked.txt = Login's Cracked so far. shadow.raw.txt = Shadow file from there server.