The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Ani Shell v1.3 Released -- Mail Bomber (with less spam detection) & PHP Decoder Introduction Ani-Shell is a simple PHP shell with some unique features like Mass Mailer , A simple Web-Server Fuzzer , DDoser, Back Connect , Bind Shell etc etc ! This shell has immense capabilities and have been written with some coding standards in mind for better editing and customization. Customisation 1. Email Trace back is set to Off as default and emails will not be sent , If you are setting this feature on make sure you change the default email address (lionaneesh@gmail.com) to Your email address , Please Change it before using. 2. Username and Passwords are set to lionaneesh and lionaneesh respectively , Please change them for better security. 3. As a default Lock Mode is set to on! This should not be change unless you want your shell exposed. Default Login Username : lionaneesh Password : lionaneesh Features Shell Platform Independent Mass - Mailer Small Web-Server Fuzz

Mallika Sherawat official website Defaced by KFMDD Teams Hackers Bollywood Star - Mallika Sherawat official website  mallikasherawatwow.com   get defaced by an Indian hacker " KFMDD Teams " . Hacker put " Tiranga " on the deface page as shown.

Follow this real-life network attack simulation, covering 6 steps from Initial Access to Data Exfiltration. See how attackers remain undetected with the simplest tools and why you need multiple choke points in your defense strategy. Surprisingly, most network attacks are not exceptionally sophisticated, technologically advanced, or reliant on zero-day tools that exploit edge-case vulnerabilities. Instead, they often use commonly available tools and exploit multiple vulnerability points. By simulating a real-world network attack, security teams can test their detection systems, ensure they have multiple choke points in place, and demonstrate the value of networking security to leadership. In this article, we demonstrate a real-life attack that could easily occur in many systems. The attack simulation was developed based on the MITRE ATT&CK framework, Atomic Red Team,  Cato Networks ' experience in the field, and public threat intel. In the end, we explain why a holistic secur

Philippines Congress hacked by BashCrew for #AntiSec The Philippians Goverment has become the latest target in the #antisec operation with a hacker crew known by BashCrew , Congress.gov.ph being hacked and having some data leaked . The leak has personal information, emails, contact numbers etc via pastebin link .

Colombian Anonymous Hackers reveal personal data of Colombian police officials Colombian Anonymous Hackers announced that they had sent spam bombs to some 250 officials of Colombia's national Police ( https://colombiareports.com ) and revealed personal data of employees of the National Police inviting the public to harass the officials Here . In a statement published online, the hackers thanked the National Police " for keeping us submitted and trampled. " In the same statement, the group " Colombian Hackers " released personal information on hundreds of police officials, some with home addresses and identification numbers. Colombia Wednesday celebrated its 201st anniversary of its declaration of independence of Spain. The hackers had announced an independence offensive the day before.

English Defence League Facebook Page Deleted & Members Mobile Numbers Leaked TeaMp0isoN Hacking Crew Hack and Delete Official Facebook page of English Defence League was on  https://www.facebook.com/English.Defence.League.EDL  . Also  TeaMp0isoN Leaks the Phone numbers of Members of  English Defence League  via a pastie link . Screenshot of the Numbers are shown below :

Wireshark 1.6.1 and 1.4.8 Released Wireshark 1.6.1 and 1.4.8 have been released. Installers for Windows, Mac OS X 10.5.5 and above (Intel and PPC), and source code are now available. In 1.6.1 Two vulnerabilities have been fixed. See the advisory for details . Many other bugs have been fixed. For a complete list of changes, please refer to the 1.6.1 release notes . In 1.4.8 Two vulnerabilities have been fixed. See the advisory for details . Many other bugs have been fixed. For a complete list of changes, please refer to the 1.4.8 release notes . Official releases download page

Android Passwords are stored in plain text on Disk A Android user complain that , All passwords are stored in plane text on Disk via a message on discussion board of Android. He said " The password for email accounts is stored into the SQLite DB which in turn stores it on the phone's file system in plain text.Encrypting or at least transforming the password would be desirable. " On this Android Support "Andy Stadler" Reply that : Hello- Thanks for the information and the feedback on this concern. First, I would like to reiterate the notes made by a couple of you, which is to remind users that if you are concerned about this issue, *please* simply click the star. Every time you respond "please fix" or "should be fixed!" it sends email to over 200 people. Second, please know that we take information security very seriously, and this is baked into the Android platform at multiple levels. Now, with respect to this particular

Apple MacBooks Can Be Hacked Through The Battery Security researcher Charlie Miller is quite well known for his works on Apple products. Today he has come up with a very interesting way to hack the MacBook using the battery. Laptop battery contains its own monitoring circuit which reports the status of the battery to the OS. It also ensure that the battery does not overcharge even when the laptop is turned off. Miller has discovered that on the MacBooks, the batteries are shipped with the default password set on the chips. It means that if someone knows the default password, the firmware of the battery can be controlled to do many things from simply ruining the battery to installing a malware which reinstalls whenever the OS boots. Miller said that it might even be possible to overload the battery so that it catches fire. This is what Miller said: These batteries just aren't designed with the idea that people will mess with them. What I'm showing is that it's possible to use the

Pakcyberarmy database hacked and Leaked by Indian Hacker - Lucky Indian Hacker - Lucky (Indishell) crack the 1500+ user's passwords from Pakcyberarmy.net database.  Pakcyberarmy.net is the hub of most of the Pakistani hackers. Indian hacker group " Indishell " leader " Lucky "  leaks all info via a excel file available for download here . " Most of the Users/Hackers used the same passwords to their emails and what ever u wanna do do it spam, play , abuse or what ever you feel like its all yours " According to Lucky. The password List is available : https://www.multiupload.com/ERWJ33UPI2 Archive password - proud_to_be_indian Format - HASH : PASSWORD

Linux 3.0 Kernel Released - Download A recent Google+ Post by Linus Torvalds indicates that version 3.0 of the Linux kernel will have to wait due to the discovery of a 'subtle pathname lookup bug.' Linus indicates, 'We have a patch, we understand the problem, and it looks ObviouslyCorrect(tm), but I don't think I want to release 3.0 just a couple of hours after applying it. Officially marking the introduction of Linux 3.x, Linus Torvalds this evening announced the official release of Linux 3.0. The Linux 3.0 kernel would have been released as the Linux 2.6.40 kernel, until the developers decided to end the 2.6 series and move forward with the 3.x series. This Phoronix posting details some of the Linux 3.0 features, including file-system Cleancache support, initial Intel Ivy Bridge support, better open-source kernel graphics drivers, and many other hardware driver enhancements. " So there it is. Gone are the 2.6. days, and 3.0 is out. " Now it's

8 Court Cases against Sarah Palin Leaked By TeaMp0isoN TeaMp0isoN Hackers leaks today the 8 Court Cases against Sarah Palin. The Documents are Leaked via MediaFire Link. The Archive contain Following Files, as shown.  There are 8 total Court cases , which are against Sarah Palin.

Jouve Group hacked by Inj3ct0r Team Against The Nato Inj3ct0r Hackers Hacked the Jouve group websites and Upload there data at Sendspace Link . Message By hackers " For the Pride of Green LibyaAnd Supporting the Libyan Nation Against The Nato GangsWe are against terrorism and violence in Libya! Nato hacked " - Source . Hacked Domains are  https://www.jouve.com/ , https://www.jouve-germany.de/ & https://www.jouve.fr/ . Mirror Links are :  https://www.zone-h.com/mirror/id/14453765 & https://www.zone-h.com/mirror/id/14453766  . The main motive of these hacks according to Inj3ct0r Hackers " We are against nuclear weapons and terrorism ". There are 883 files in archive , It contains the site backup almost , as shown.

10 Peru government sites database Dump from #antisec Peru Antisec Hackers has Dump the database of 10 Peru government based sites. The Database is leaked at Pastehtml link . These sites are: https://www.came.edu.pe/ https://www.umch.edu.pe/ https://www.unac.edu.pe/ https://www.unmsm.edu.pe/ https://www.regionsanmartin.gob.pe/ https://www.essalud.gob.pe/ https://www2.minedu.gob.pe/ https://sitr.regioncallao.gob.pe/ https://www.ugelnasca.gob.pe/ https://www.regiontacna.gob.pe/grt1/indexn.php

15 Porn sites defaced by Amin Safi (Tunisian Hacker) Today 15 Famous Porn websites got hacked and Defaced by Tunisian Hacker named " Amin Safi ". List of hacked 15 Porn sites domains are available here  .

Critical Vulnerabilities in Facebook and Picasa discovered by Microsoft Microsoft security researchers have identified critical vulnerabilities in Facebook and Google Picase which led to account compromise and arbitrary code execution. The bug in Picasa that the MVR team found could allow an attacker to gain complete control of a user's machine if he could entice the victim into downloading a malicious JPEG file. It's not the most complex exploitation scenario, and in the current age of people sharing, downloading, emailing and re-posting photos on a variety of platforms, it might not be too difficult for an attacker to accomplish. " A vulnerability exists in the way that Picasa handles certain specially crafted JPEG images. An attacker could exploit this vulnerability to cause Picasa to exit unexpectedly and execute arbitrary code. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. If a user is logged o

Harvard researcher arrested on hacking charges A Harvard researcher  Aaron Swartz  has been arrested in Boston for broke into the computer networks at the Massachusetts Institute of Technology to gain access to JSTOR, a non-profit online service for distributing scholarly articles, and downloaded 4.8 million articles and other documents - nearly the entire library Swartz was something of an internet folk hero as a teenager when he helped create RSS, a computer code that allows people to receive automatic feeds of online notices and news. He has emerged as a civil liberties activist who crusades for open access to data. In 2008, Mr Swartz released a '' Guerilla Open Access Manifesto '', calling for activists to '' fight back '' against the sequestering of scholarly papers behind pay walls. '' It's time to come into the light and, in the grand tradition of civil disobedience, declare our opposition to this private theft of public culture

India - US sign Cyber Shield deal India and the US on Tuesday inked a pact on cybersecurity to intensify information exchange on threats to computers and networks and initiate joint work on technologies against cyber-attacks. A joint statement on the India-US strategic dialogue has announced the cybersecurity agreement among new initiative by the two countries. These initiatives also include a plan to develop a software platform to make available non-sensitive government data to the public and to award $3 million each year to entrepreneurial projects that commercialise technologies to improve health. A memorandum of understanding between the Indian and the American Computer Emergency Response Teams (CERT) is expected to lead to routine exchange of information on vulnerabilities and co-operation on cybersecurity technologies, Indian CERT officials said. "This comes at a time when cybersecurity-related incidents are increasing in number and becoming more and more sophistic

WLAN Security Megaprimer DVD Released - 10+ hours of Wi-Fi Hacking and Pwnage ! With over 40+ HD videos containing 12+ hours of Wireless Ownage, this DVD weighs in at around 4.2 Gigabytes! SecurityTube.net just released a 4.2 GB DVD containing over 40+ HD quality videos of their WLAN Security Megaprimer. These videos run over 10+ hours and start from the very basics of wireless hacking, then slowly build momentum and eventually introduces you to the more advanced attacks and hacks. The videos are fully practical and every hack is demonstrated. They have voice over with detailed explanations of every attack thus allowing a genuine learner to understand, learn and practice, rather then providing just a quick guide to using ready made tools. We contacted SecurityTube and this initiative is part of larger program they are planning to provide free security and hacking education to everyone, especially students in developing countries like India. THN has always been an advocate of

Sify.com hacked with SQL Injection Vulnerability Sify's website contain SQL injection Vulnerability and Hackers are able to Database Access, Database Dump, Possibility of shell uploading. Sify is one of India's leading integrated Information Communications Technology companies. Sify was one of the first private sector player to offer internet access, when internet access was opened to private sector. It leased international bandwidth from global vendors, domestic connectivity from telecom players and set up last mile connectivity by multiple methods: wi-fi connections using roof top antennae, copper connections using phone lines or cable TV connections. Sify also started providing internet network connectivity for business enterprises in India. Sify set up a chain of franchised internet cafes (today a network of over 3,300+ cybercafes). No data has been dumped by Hackers. Database has been accessed just to take screenshots so that we can make company believethat the vuln

2011 Linux Auto Rooter Beta 1.0 Coded by CrosS Source Code : #!/usr/bin/perl #Coded By CrosS ( 2011 Linux Auto r00t3r ) print "###########################################################\n"; print "# (Beta 1.0 ) Auto rooter by CrosS #\n"; print "# Usage : #\n"; print "# perl $0 root => To root #\n"; print "# perl $0 del => Delete Exploit #\n"; print "# #\n"; print "# as R00TW0RM - Private Community is back #\n"; print "# so Releasing 2011 auto rooter =) #\n"; print "# in case of error mailto: mr.0x0day[AT]live.com #\n"; print "# #\n"; print "# Thanks to: r0073r and L0rd CrusAd3r #\n";