The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Mobius Forensic Toolkit v0.5.8 Released Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tool Change Log : The Hive (registry viewer) features three new reports:email accounts, TCP/IP interfaces, and computer descriptions. All registry reports can be exported as CSV and the user password report can be exported in a format suitable for John the Ripper as well. Minor improvements were made Installation As root, type: python setup.py install Usage Run mobius_bin.py. Download Here

TDSS rootkit infects 1.5 million US computers Millions of PCs around the world infected by the dangerous TDSS 'super-malware' rootkit as part of a campaign to build a giant new botnet. The report is presented by researchers from security firm Kaspersky Lab. TDSS also known as 'TDL' and sometimes by its infamous rootkit component, Alureon. It has grown into a multi-faceted malware nexus spinning out ever more complex and dangerous elements as it evolves. Kaspersky Lab researchers were able to penetrate three SQL-based command and control (C&C) servers used to control the activities of the malware's latest version, TDL-4, where they discovered the IP addresses of 4.5 million IP PCs infected by the malware in 2011 alone. Almost 1.5 million of these were in the US.If active, this number of compromised computers could make it one of the largest botnets in the world, with the US portion alone worth an estimated $250,000 (£155,000) to the underground economy. The researchers noti

FBI searches LulzSec suspect home in Hamilton, Ohio The investigation into the LulzSec hacking team continues, with news that FBI agents have searched a house in Hamilton, Ohio. FBI investigation believed to have been fuelled by interviews with Ryan Cleary, but did not lead to charges. Federal agents are said to have searched a teenager's home in Jackson Road, Hamilton on Monday 27 June, although no-one was charged after the search warrant was served. Ohio teenager was known within LulzSec as " m_nerva ", who leaked text logs of discussions between the group after they had hacked into the website of an FBI affiliate at the beginning of June. After that, m_nerva's case address was listed by LulzSec as being in Hamilton, Ohio  Last week FBI agents searched the house of a woman in Iowa and questioned her about links with the group. LulzSec said in a statement that it had six members, though it never stated their gender.

SaaS applications are dominating the corporate landscape. Their increased use enables organizations to push the boundaries of technology and business. At the same time, these applications also pose a new security risk that security leaders need to address, since the existing security stack does not enable complete control or comprehensive monitoring of their usage. LayerX has recently released a new guide, " Let There Be Light: Eliminating the Risk of Shadow SaaS " for security and IT teams, which addresses this gap. The guide explains the challenges of shadow SaaS, i.e., the use of unauthorized SaaS apps for work purposes, and suggests practices and controls that can mitigate them. The guide also compares various security controls that attempt to address this risk (CASB, SASE, Secure Browser Extension) and explains how each one operates and its efficacy. Consequently, the guide is a must-read for all security leaders at modern organizations. Here are the main highlights:

Hackers target Al-Qaida Internet communications systems Computer hackers shut down Al-Qaida's ability to communicate its messages to the world through the Internet. Al-Qaida's online communications have been temporarily crippled.The attack was carried out within the past few days by unknown hackers targeting al-Qaida's Internet communications systems. According to Kohlmann," My guess is that it will take them at least several days more to repair the damage and get their network up and functioning again ,". A year ago, Al-Qaida's Internet communications suffered a similar hacker attack. British newspapers reported earlier this month that the the UK government hacked into an al-Qaida website last year and inserted recipes for making cupcakes in place of instructions on how to build bombs. The target was the group's English language magazine, "Inspire," intended for Muslims in the West. The magazine is the product of al-Qaida in the Arabian P

President Obama release National Strategy for Counter terrorism Today President Obama's release National Strategy for Counterterrorism, which was presented by John Brennan, Assistant to the President for Homeland Security and Counterterrorism in a speech at SAIS named " Ensuring al-Qa'ida's Demise ".  The strategy articulates the United States' broad, sustained and integrated campaign against al-Qa'ida, its affiliates and its adherents, consistent with the President's enduring commitment to protect the American people. Download the 26 pages PDF released

Anonymous Antisec leaks Zimbabwe, Australia and Brazil governments data dumps Anonymous Hackers have published a mass of data including passwords that appears to have been stolen from the governments of Brazil, Zimbabwe, Australia and the Caribbean island Anguilla. One of the files released via Twitter appears to contain usernames and encrypted passwords for different areas of the Zimbabwean government's website. These login details include Gmail accounts, as well as gov.zw email accounts. Anonymous also released a file which appears to contain login details to Brazilian government websites. The rest of the release consists of SQL database files from Australian, Zimbabwean and Anguillan government websites, which appear to contain personal details of various individuals. 1.) Zimbabwean government dumps : Click Here  via Tweet 2.) Password files from various Brazilian Government servers : Click Here via Tweet 3.) Australia governments data dumps : Click Here via Tweet

Sony Hiring Information Security Engineers After 14 Hacks, Finally Sony open  job recruitment for " Sr Application Security Analyst ". Sony Estimates 171 Million Dollar Loss due to PSN Hack. Also Sony CEO sorry for PSN hack, offers data theft insurance. Social network Facebook has hired a computer hacker who was recently sued by Sony for hacking the online game system PlayStation 3. Facebook did not reveal what 21-year-old George Hotz will do for the firm.  Hotz - also known by the alias "GeoHot" - gained notoriety in 2008 when he developed a software for unlocking the iPhone and allowing it to be used by other networks. He also released instructions on Sony PlayStation 3 that helped owners modify their consoles to run unauthorized applications and pirated games. It's been two months since the personal details of 100 million PSN and SOE users were stolen and Sony is still dealing with the fall-out. From SONY (Taleo): You will act as a Sr Informat

Indian shopping website  Groupon  leaks Email/Passwords of 300,000 Users Groupon subsidary – Sosata.com  leak the e-mail addresses and plain-text passwords for 300,000 users and also the sql file is index on Google. SoSasta.com offers its services in 11 cities - Kolkata, Hyderabad, Pune, Ahmedabad, Delhi/NCR, Chandigarh, Jaipur, Nagpur, Mumbai, Chennai and Bengaluru - and has mailed customers stating that they were made aware of a security breach. The email sent to the customers says: " Over this weekend, we've been alerted to a security issue potentially affecting subscribers of Sosasta. We wanted to let you know that the issue has been brought under control and your accounts are secure. However, as a precautionary measure, we recommend that you change your SoSasta password immediately, by visiting the SoSasta website (Sign-In using your existing password, then click on Profile followed by Change Password). If you use the same email/password combination at other website

Anonymous Hackers target Orlando websites & #OpOrlando Press Release The next target for the hacktivist group known as Anonymous will be the city of Orlando. Anonymous has reportedly shut down the Orlando Chamber of Commerce website. In One Press Release Anonymous Call To Arms In Op Orlando Greetings Everyone -- Well the City of Orlando violated the cease fire with gusto,arresting not only two more FNB volunteers but additionallyarresting Keith McHenry the world wide President of Food Not Bombs.They are still holding Keith, and we are going to tear up Orlandobut good. Below you will find the latest Press Release. Please joinirc.anonops.li #OpOrlando for the assault at 10:00 AM Eastern Time. YOURS --  Commander X PLF Field Commander Last Press Release was : Anonymous Press Release - Operation  Orlando June 27, 2011 The City of  Orlando  has ignored our warnings, and our generous offer of a cease fire. On Wednesday last you not only arrested two more people f

WWF's Philippine  website hacked Hackers attacked the website of the World Wildlife Fund 's Philippine,They replacing the home page with a YouTube video as shown. Visitors to the WWF Philippines site ( https://www.wwf.org.ph/ ) saw a video and a message that suggested a connection with an attack on the Bureau of Customs website. Message Posted by Hacker " This country is run by mahou shoujo... Powered by: Contract; Puella Magi Madoka Magica Squad ". The " mahou shoujo " was the same anime referred to in the page of a hacker who defaced the Bureau of Customs website earlier this month.

13 Years Jail for Phishing Attack A 27 year old man " Kenneth Joseph Lucas II " from Los Angeles has been sentenced to 13 years in prison for allegedly playing an active role in a phishing attack, aimed at stealing money from consumer bank accounts during the operation "Phish Phry" in 2009. The two year long Operation Phish Phry saw US Federal Bureau of Investigation, the Electronic Crimes Task Force and the US Attorney's Office working in unison with the Egyptian law enforcement agencies. The US District Court for the Central District of Los Angeles had sentenced Lucas to 11 years in prison late last week. Read More Here

u MasterCard again down by Ddos attack in support of Wikileaks & Anonymous Today ibomhacktivist tweet " MasterCard.com DOWN!!!, thats what you get when you mess with @wikileaks @Anon_Central and the enter community of lulz loving individuals :D " We have check that is  MasterCard.com is really down & YEAH , Its down (  Via  ). The Ddos Attack is in support of Wikileaks & Anonymous by Hackers. This can be the part of Operation Antisec started by Lulzsec and Anonymous Together. It's irrelevant if the ip's are traceable or not. It will not be possible for any police or court differentiate between the users who voluntered to the task and the ones who had their computer hijacked (with a virus). This is 2nd time MasterCard becomes the target of Anonymous.

774 Websites hacked by ZCOMPANY HACKING CREW (ZHC) Pakistani hackers Group " ZCOMPANY HACKING CREW (ZHC)" Hack 774 more websites. They leave a message on every deface page as shown.  The list of hacked sites , mirrors and Message is posted by them on Pastie at  https://pastie.org/2132590

Double nibble URI decoding XSS Vulnerability on   EC Council website What EC Council is ? They offers certifications in certified ethical hacker ceh, Computer Security, network security, internet security program and computer forensics and penetration testing. Information Security, Ethical Hacking, Computer Forensics, Advanced Penetration Testing, Application Security, Disaster Recovery and other critical Information Security Topics and Security Courses. XSS POC : Link : Click Here Submitted By :  Nulled Byte

2000 Websites defaced by The 077 ( Hamdi HAcKer ) Tunisian HaCker 17 Years old The 077 ( Hamdi HAcKer ) from Tunisia strike again to 2000 websites with mass defacement. List/Mirror of hacked sites are here :  https://www.zone-h.com/archive/notifier=The%20077   (Use proxy to open link, if your are not able to open it directly)

Operations AntiSec : Anonymous takes down Tunisian government site As LulzSec calling it quits, but the hacking via Operations AntiSec continues. Hacker group Anonymous claimed responsibility of taking down Tunisian government's official website moments ago.The seized domain now displays text posted by Anonymous, along with a masked image that signifies the hacker collective as shown. Anonymous said " The internet is the last frontier and we will not let corrupt governments spoil it.We are Anonymous, We are LulzSec, We are People from around the world who are stepping in the name of freedom. " Tunisian government blocks social networking sites Facebook and YouTube. Several other sites filtered which include, porn sites, gay and lesbian sites, dating sites etc.

ThePiratebay removes  50 Days Of Lulz Yesterday Hacker group LulzSec has announced that after 50 days of hacking companies and organizations, it is finally done. The group confirmed its retirement . With this they also Released a Torrent file : https://thepiratebay.org/torrent/6495523/50_Days_of_Lulz Thepiratebay just deleted the lulzsec torrent " 50 days of lulz " , reason theres some virus in it. Check Virus Details here . Thepiratebay does not allow files that are mislabeled, or contain virus/trojan's, or child pornography. Being as how this torrent was extremely popular, it may have infected 100's of thousands of people already. Lulzsec's account on thepiratebay was not banned so they are cleared to upload the same torrent again without the alleged "trojan". @AnonymousIRC said, " We will see to get a clean torrent up ASAP. #AntiSec " . We do have to wonder, what happens now ? Does the Internet go back to normal with websites

Toggle.com [ forum & blog ] hacked by   CYB-IMP [ Cyber Impossibilities ] One of the biggest Software download website  Toggle.com with world rank 10,000 got hacked by a new hackers group called CYB-IMP [ Cyber Impossibilities ]  . They Deface   forum.toggle.com and blog.toggle.com  as shown (Mirrors of hack given below) The groups members are : L0ckreader'z the one who done the most of work & other are : masterSELL ; Oldfacce ; PretoriaN. ; Snnuzz  This Hack was done by 16 P.M. Today and this was as a presentation of new group CYB-IMP ,in the deface page there is shown the Albanian flag so they represented themselves as ALBANIANS . Hackers also leak the database and Server Info on Pastie : //// ### FORUM & BLOG TOGGLE.COM OWNED ### \\\\ blog.toggle.com db : define('DB_NAME', 'blogtog_wordpress'); /** Tu nombre de usuario de MySQL */ define('DB_USER', 'blogtog_blogtog'); /** Tu contraseГѓВ±a de MySQL */ define('D

Lulzsec Exposed, Long Live Anonymous ! Lulz war ! Today Hacking group "Lulzsec" completed their 50th day and also announce the retirement of Lulz boat . What are the Reasons behind this ? Lulz Security's rise to prominence has been extraordinarily fast.The hacking group first emerged in May and in the past few weeks has attacked the websites of some of the world's leading corporations and governments. The group specialises in locating websites with poor security and then stealing information from them and posting it online via Twitter account, well They have 278,429 Followers]in 50days. To understand who/what lulzsec is, you need to understand where they came from. Everything originates from the chan (4chan/711chan/etc.) culture. It's a culture built around the anonymity of the internet. If your anonymous no one can find you. No one can hurt you, so your invincable. According to Anonymous " The problem with Lulzsec is that they lack the skills to kee

50 Days of Lulz - LulzSec Says Goodbye & Operation AntiSec will Continue Hacker group LulzSec has announced that after 50 days of hacking companies and organizations, it is finally done. LulzSec tweet a message which was posted on Pastebin : https://pastebin.com/1znEGmHa The group confirmed its retirement on the LulzSec Twitter feed , which managed to amass 277,540 followers during its short stint online. " For the past 50 days we've been disrupting and exposing corporations, governments, often the general population itself, and quite possibly everything in between, just because we could ," writes LulzSec. " All to selflessly entertain others – vanity, fame, recognition, all of these things are shadowed by our desire for that which we all love. The raw, uninterrupted, chaotic thrill of entertainment and anarchy. " The group was also behind attacks on Sony, attacks on PBS, the US Senate, the CIA, and a slew of gaming sites popular with 4Chan users including EVE Online, Minec