The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

WD TV Live Hub Compromised - Multiple Vulnerabilities Found By Dr. Alberto Fontanella Dr. Alberto Fontanella found on (Western Digital) WD TV Live Hub appliance with the last firmware installed (2.06.10) and 3 exploits to get admin password, deface appliance and get root shell: Author: Dr. Alberto Fontanella E-mail: itsicurezza<0x40>yahoo.it Web: www.fulgursec.com Vendor: Western Digital Vendor Web: www.wdc.com Version: WD TV Live Hub <= 2.06.10 (firmware) ALL VERSIONS Type: Appliance Issues: Storage Anonymous Access, Full Path Disclosure, Bypass Authentication Schema, Appliance Command Execution, DoS, OS , Command Execution, Root Shell ;-) * AF - Owning WD TV Live Hub FILE: AF-Owning_WD_TV_Live_Hub.pdf INFO: Paper that shows all issues found on WD TV Live Hub and how use it to get Root! * AF - PoC/Exploit WD TV Live Hub Get Admin Password FILE: AF-WD_TV_Live_Hub_password.sh INFO: Exploit (Bypass Authentication Schema) to Get Admin Password of We

Association Of American Feed Control Officials (AAFCO) Hacked by  ZHC The Offocial Website of Association Of American Feed Control Officials (AAFCO) Hacked By ZHC TOSHIRO & ZHC MONGOOSE - ZCompany Hacking Crew - [ZHC] . Hacked Domains are  https://www.aafco.org/ and https://www.petfood.aafco.org/  . The Deface pages contain some message related to Their Protest Regarding PALESTINE. Mirrors of Hack available at  https://www.zone-h.com/mirror/id/14445813 and https://www.zone-h.com/mirror/id/14445892

Anonplus.com (Anonymous Social Networking Site)  Hacked by AKINCILAR After several members of Anonymous were reportedly banned from Google+ , the hacker group has announced they will be building their own social network called Anonplus.com  . Today  Anonplus.com  Got defaced by AKINCILAR with page title " The Seal to Anonymous from AKINCILAR ". Message posted on site: We Are TURKIYE We Are AKINCILAR This logo suits you more..How dare you rise against to the World..Do you really think that you are Ottoman Empire?We thought you before that you cannot challenge with the world and we teach you cannot be socialNow all of you go to your doghouse..

SaaS applications are dominating the corporate landscape. Their increased use enables organizations to push the boundaries of technology and business. At the same time, these applications also pose a new security risk that security leaders need to address, since the existing security stack does not enable complete control or comprehensive monitoring of their usage. LayerX has recently released a new guide, " Let There Be Light: Eliminating the Risk of Shadow SaaS " for security and IT teams, which addresses this gap. The guide explains the challenges of shadow SaaS, i.e., the use of unauthorized SaaS apps for work purposes, and suggests practices and controls that can mitigate them. The guide also compares various security controls that attempt to address this risk (CASB, SASE, Secure Browser Extension) and explains how each one operates and its efficacy. Consequently, the guide is a must-read for all security leaders at modern organizations. Here are the main highlights:

FBI Raids Homes of Suspected Anonymous Hackers at New York The FBI executed search warrants at the New York homes of three suspected members of notorious hacking group Anonymous early Tuesday morning. More than 10 FBI agents arrived at the Baldwin. The agents spent an hour and 40 minutes at Jordan's house, other agents investigated a second Long Island, N.Y., home and one in Brooklyn. The targets of the FBI searches are all in their late teens to early 20s. Search warrants were part of an ongoing investigation into Anonymous, which claimed responsibility for attacks against a variety of websites including Visa and Mastercard. Anonymous is a loose collection of cybersavvy activists inspired by WikiLeaks and its flamboyant head Julian Assange to fight for " Internet freedom " along the way defacing websites, shutting down servers, and scrawling messages across screens web-wide.

LulzSec will release Murdoch email archive LulzSec behind a hack on The Sun's website claim to have extracted an email archive which they plan to release later on Tuesday. The Sun's website were redirected towards a fake story on the supposed death of Rupert Murdoch by infamous hacktivist collective LulzSec. The group also redirected visitors to the main News International website to the LulzSec Twitter account. Sabu leader of LulzSec said via Twitter that the group was sitting on emails of News International staffers that it planned to release. Sabu released email login details for former News International chief exec Rebekah Brooks, a central figure in the News of the World voicemail-hacking scandal. The hackers also posted the mobile phone numbers of three News International execs. This information seems to have come from an old database.

FBI arrests AT&T employee for leaking information to Anonymous The Tech Herald reported on information given to us by Ryan Cleary shortly before his arrest. AT&T insider who handed sensitive information and a bootable USB disk over to Anonymous. On Tuesday, the FBI arrested an AT&T employee connected to the leak, during a nationwide sweep targeting Anonymous. The public first learned of the AT&T files from a Torrent release by LulzSec. The documents were included in the group's final release before they disappeared from the public eye. The release also marked the second major data leak under the AntiSec movement, which has targeted both government and private sector organizations since its founding. In addition to documents, the insider leak also included a bootable USB drive used by AT&T. while interviewing Cleary for a separate story, he bragged about the AT&T leak, and the fact an insider delivered the information and software to Anonymous. " …an employe

BackTrack 5 Release 1 will be available on 10th of August,2011 BackTrack 5 R1 (Release one) will be available for download on the 10th of August,2011. This will complete our first 3 month cycle since the last release. With over 100 bug fixes, numerous package updates and the addition of over 30 new tools and scripts.  BackTrack Crew  will have a pre-release event of BackTrack 5 R1 at the BlackHat / Defcon Conference a few days earlier.

Microsoft offers $250,000 reward for information of Rustock Botnet Microsoft is offering a $250,000 reward for providing information of Rustock botnet. The Rustock botnet is responsible for a great deal of cyber crime, spam (the botnet has capacity for 30 billion spam mails every day), dodgy pharmaceuticals, counterfeit stuff and pirated software. The size of the Rustock botnet has already been cut in half, but that still leaves it with hundreds of thousands of systems under its control. In order to bring down the entire botnet Microsoft is now turning to the legal system. Microsoft Declares " Today, we take our pursuit a step further. After publishing notices in two Russian newspapers last month to notify the Rustock operators of the civil lawsuit, we decided to augment our civil discovery efforts to identify those responsible for controlling the notorious Rustock botnet by issuing a monetary reward in the amount of $250,000 for new information that results in the identifi

NetSecL Linux 3.2 released with new XFCE NetSecL 3.2 comes with a brand new XFCE which increased dramatically the performance experience, we closed many bugs and also gained more compatibility to OpenSuse 11.4 – most packages are 11.4 compatible. GrSecurity kernel is updated to 2.6.32.8 please check installation instructions if you wish to use GrSecurity. Features : - Ext4 issue with GrSecurity is resolved - booting in VM with new GrSecurity resolved - New Metasploit - Firefox 5 - Updated Exploit-db repository - GrSecurity Kernel – locked from zypper – you can update the whole system without worrying - Snort-inline reintegrated (get snort rules and change them to drop – if you use the advanced firewall) - Size of the ISO smaller with 200 MB this allowed us to have a sub project NetSecL Toolset a minimal VM with console, webshell and all pentesting tools! Minimal System Requirements for running the live DVD: 512 MB of RAM Minimal System Requiremen

Auth3ntiQ & shika01 found local file include on numericable.be & numericable.lu Hackers named " Auth3ntiQ and shika01 " found local file include on numericable.be & numericable.lu . Venerable Links : Link 1 Link 2 Bugs are critical , Hackers can steal all account with this LFI .