The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Wireshark 1.6.1 and 1.4.8 Released Wireshark 1.6.1 and 1.4.8 have been released. Installers for Windows, Mac OS X 10.5.5 and above (Intel and PPC), and source code are now available. In 1.6.1 Two vulnerabilities have been fixed. See the advisory for details . Many other bugs have been fixed. For a complete list of changes, please refer to the 1.6.1 release notes . In 1.4.8 Two vulnerabilities have been fixed. See the advisory for details . Many other bugs have been fixed. For a complete list of changes, please refer to the 1.4.8 release notes . Official releases download page

Android Passwords are stored in plain text on Disk A Android user complain that , All passwords are stored in plane text on Disk via a message on discussion board of Android. He said " The password for email accounts is stored into the SQLite DB which in turn stores it on the phone's file system in plain text.Encrypting or at least transforming the password would be desirable. " On this Android Support "Andy Stadler" Reply that : Hello- Thanks for the information and the feedback on this concern. First, I would like to reiterate the notes made by a couple of you, which is to remind users that if you are concerned about this issue, *please* simply click the star. Every time you respond "please fix" or "should be fixed!" it sends email to over 200 people. Second, please know that we take information security very seriously, and this is baked into the Android platform at multiple levels. Now, with respect to this particular

Follow this real-life network attack simulation, covering 6 steps from Initial Access to Data Exfiltration. See how attackers remain undetected with the simplest tools and why you need multiple choke points in your defense strategy. Surprisingly, most network attacks are not exceptionally sophisticated, technologically advanced, or reliant on zero-day tools that exploit edge-case vulnerabilities. Instead, they often use commonly available tools and exploit multiple vulnerability points. By simulating a real-world network attack, security teams can test their detection systems, ensure they have multiple choke points in place, and demonstrate the value of networking security to leadership. In this article, we demonstrate a real-life attack that could easily occur in many systems. The attack simulation was developed based on the MITRE ATT&CK framework, Atomic Red Team,  Cato Networks ' experience in the field, and public threat intel. In the end, we explain why a holistic secur

Apple MacBooks Can Be Hacked Through The Battery Security researcher Charlie Miller is quite well known for his works on Apple products. Today he has come up with a very interesting way to hack the MacBook using the battery. Laptop battery contains its own monitoring circuit which reports the status of the battery to the OS. It also ensure that the battery does not overcharge even when the laptop is turned off. Miller has discovered that on the MacBooks, the batteries are shipped with the default password set on the chips. It means that if someone knows the default password, the firmware of the battery can be controlled to do many things from simply ruining the battery to installing a malware which reinstalls whenever the OS boots. Miller said that it might even be possible to overload the battery so that it catches fire. This is what Miller said: These batteries just aren't designed with the idea that people will mess with them. What I'm showing is that it's possible to use the

Pakcyberarmy database hacked and Leaked by Indian Hacker - Lucky Indian Hacker - Lucky (Indishell) crack the 1500+ user's passwords from Pakcyberarmy.net database.  Pakcyberarmy.net is the hub of most of the Pakistani hackers. Indian hacker group " Indishell " leader " Lucky "  leaks all info via a excel file available for download here . " Most of the Users/Hackers used the same passwords to their emails and what ever u wanna do do it spam, play , abuse or what ever you feel like its all yours " According to Lucky. The password List is available : https://www.multiupload.com/ERWJ33UPI2 Archive password - proud_to_be_indian Format - HASH : PASSWORD

Linux 3.0 Kernel Released - Download A recent Google+ Post by Linus Torvalds indicates that version 3.0 of the Linux kernel will have to wait due to the discovery of a 'subtle pathname lookup bug.' Linus indicates, 'We have a patch, we understand the problem, and it looks ObviouslyCorrect(tm), but I don't think I want to release 3.0 just a couple of hours after applying it. Officially marking the introduction of Linux 3.x, Linus Torvalds this evening announced the official release of Linux 3.0. The Linux 3.0 kernel would have been released as the Linux 2.6.40 kernel, until the developers decided to end the 2.6 series and move forward with the 3.x series. This Phoronix posting details some of the Linux 3.0 features, including file-system Cleancache support, initial Intel Ivy Bridge support, better open-source kernel graphics drivers, and many other hardware driver enhancements. " So there it is. Gone are the 2.6. days, and 3.0 is out. " Now it's