The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Vimeo (Brazil) Video Sharing site got hacked by Terminal_pk Today a hacker with codename "Terminal_pk" Hack and Deface the Brazilian Domain of Famous Video Sharing site " Vimeo ". Mirror of Defacement Can be seen here .

7000 law enforcement officers details leaked by Anonymous Hackers AntiSec and Anonymous Hackers announced via Twitter that they absconded with up to 10 Giga Bytes of confidential information, including protected witnesses. They have posted more than 7,000 law enforcement officials' private information online including: their social security numbers; email accounts and passwords; phone numbers and home addresses on Pastebin . Also Today  77 Law Enforcement websites hit in mass attack by #Antisec Anonymous.

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many approaches offer piecemeal solutions – zeroing in on one particular element of the evolving threat landscape challenge – missing the forest for the trees.  In the last few years, Exposure Management has become known as a comprehensive way of reigning in the chaos, giving organizations a true fighting chance to reduce risk and improve posture. In this article I'll cover what Exposure Management is, how it stacks up against some alternative approaches and why building an Exposure Management program should be on  your 2024 to-do list. What is Exposure Management?  Exposure Management is the systematic identification, evaluation,

ZCompany Pakistani Hackers deface big Indian Websites Pakistani Hackers - ZCompany Hacking Crew again hit some big Indian Websites and Deface them. Hacked Sites: Indian Testing Board (ITB) is the International Software Testing Qualifications Board (ISTQB) : https://www.istqb.in/ https://payment.istqb.in/ Alpha Capital provides Multi Family Office ,Management , Private Wealth Management , Family Office , Private Banking , Financial Advisor https://alphacapital.in/ Asia's Largest Collection of Antique Carpets in Delhi and India. https://antiquecarpet.in/ https://www.bookswagon.com/ Indian National Science Academy, INSA, National Science, Indian Science, Fellowship, FNA, international Science https://insaindia.org/index.php https://www.indiapedia.org/ CPAI endeavors to put forth new & innovative ideas for smooth functioning and the growth of the commodity market operations https://commoindia.com/ Department of Financial Studies : University of Delhi, South Campus Of

77 Law Enforcement websites hit in mass attack by #Antisec Anonymous Because of FBI's actions against Anonymous and Lulzsec including several arrests, Now AntiSec supporters have targeted 77 law enforcement domains and walked away with everything on them. 77 domains were hosted on the same server. Few weeks before AntiSec targeted Arizona police departments, leaking personal information and other sensitive data, in response to immigration laws passed by the state. This time however, the latest law enforcement raid by AntiSec is in response to actions taken by the FBI. 77 US law enforcement institutions were attacked including : 20jdpa.com, adamscosheriff.org, admin.mostwantedwebsites.net,alabamasheriffs.com, arkansassheriffsassociation.com,bakercountysheriffoffice.org, barrycountysheriff.com, baxtercountysheriff.com,baxtercountysherifffoundation.org, boonecountyar.com, boonesheriff.com,cameronso.org, capecountysheriff.org, cherokeecountyalsheriff.com,cityofgassville.org, cityofwyn

Italy's Police IT network vitrociset.it Database Hacked and Leaked by #Antisec After Hack of  Italy's Police IT network, Anonymous Hackers Just now Release the Database of  vitrociset.it  via a pastebin link on Twitter. The Leak include the Administrator's Password and 100's of other users Login Details.

#RefRef - Denial of Service ( DDoS ) Tool Developed by Anonymous Anonymous is developing a new DDoS tool which is said to exploit SQL vulnerabilities to support the group's future campaigns. So far, what they have is something that is platform neutral, leveraging JavaScript and vulnerabilities within SQL to create a devastating impact on the targeted website. Previously, Low Orbit Ion Canon (LOIC) was the go to weapon for Anonymous supporters during various Operations .However, LOIC is also the reason scores of people have been arrested in the last year, so many feel its time is at an end. According to Developer " RefRef is a revolutionary DoS java site. Basically, by using an SQL and .js vulnerability, you can send a page request packet from your home computer with embedded .js file, because of the vulnerability in the SQL/Javascript engine on MOST websites, the site actually TEMPs the .js file on its own server. So now the .js is in place on the host of the site. Next s

Department of Homeland Security (DHS) Emails leaked by #Antisec Anonymous One of the Anonymous - @AnonWorldUnite today leaked the DHS emails on internet. He tweeted " A Wild Leak Has Appeared! : https://wp.me/p1JyTn-f #AntiSec #AnonOps #Leak #LulzSec #Anonymous https://wp.me/p1JyTn-f " The link given in the Twitter post is a link to a WordPress blog . The blog post said : You Asked – And You Shall Recieve #DHS Emails – *all emails and files were obtained legally. - https://www.mediafire.com/?zidv26ppown4u0s <3″ The article shows a Mediafire link download link with a PDF file ogc ap redacted foia process 301 350.pdf (8.04 MB) , in which the e-mails are capsuled in. UPDATE: As Anonymous Said that, They got this File in Legal Way, We try to find out and Get that this PDF is available on the DHS site at  https://www.dhs.gov/xlibrary/assets/foia/ogc_ap_redacted_foia_process_301-350.pdf  and  https://www.dhs.gov/xlibrary/assets/foia/ogc_ap_redacted_foia_process_651-700.pdf Eas

Nicolas Sarkozy 's official Elysee Palace website Hacked for ' Get Him Out ' Game Hackers have attacked Nicolas Sarkozy's official Elysee Palace website to create a game video game called ' Get Him Out '. Under the formal banner introducing the site, a cartoon image of the French president was pictured on a go-kart heading towards the gates of the palace. For each click on a Facebook 'like' button beside the game, the French leader moved one step closer out into the street. The instructions to the game read: " The more you click, the faster we can get little Nicolas out! ". The Elysee palace confirmed a hacking attack had taken place on Tuesday night, but that the 'problem' had been fixed by 7am on Wednesday. A spokesman added: " The hackers took advantage of an old software system to temporarily re-route the welcome page. " [ Source ]

South Korean social network hacked, 35 million users Data at risk 35 million users Personal information of a South Korean social network site may have been exposed. Local authorities were quick to blame hack attacks against the Cyworld social networking website and the Nate web portal – both of which are run by SK Telecom – on Chinese hackers. Names, phone numbers, email addresses, and other details may have been exposed through the Cyworld hack, which follows previous attacks against South Korean government sites and financial service firms. North Korea has been implicated in some of these hacks. South Korean police are reportedly investigating the cyberattack against Cyworld – a social network with a SIMS-like environment featuring avatars and virtual apartments – and Nate, which offers webmail. Mark Darvill, director at security appliance firm AEP Networks, commented: " By any standard this is a massive attack and one of many in recent months where the finger has been

Anonymous hacks Defense contractor ManTech for #Antisec In a tweet posted by Anonymous claimed to have hack the defense contractor, ManTech International. Hackers promise to Release the Data within 24 Hours. This is the latest hack in the group's AntiSec Operation, and in particular its series of "F*ck FBI Friday" attacks. Previous attacks have targeted defense contractors and, in particular, companies who have worked with the FBI. These attacks have included attacks on the Atlanta chapter of InfraGard and the firms IRC Federal, Unveillance, and Booz Allen Hamilton, all of which provide cybersecurity services and solutions to the U.S. Government. According to Anonymous " We're legal, we're illegal. But most importantly we are legitimate. We fight for you, the citizen. We are not scared anymore ". Anonymous identifies ManTech's work for the FBI and the National Security Agency as its motivation for targeting the company and Leave message for FBI " You

SQueRT 0.9.0 - New version released CHANGELOG: * tabbed interface * date ribbon * CSS/JS fixes and cleanup * Bunch of new stuff Download SQueRT 0.9.0

Window AutoPwn (WINAUTOPWN) - Auto Hacking/shell Gaining Tool Autohack your targets with least possible interaction. winAUTOPWN Features : - Above 500 vulnerability exploits for softwares applications. - Custom-compiled executables of famous and effective exploits alongwith a few original exploits. - Exploits available in the form of PE-exe, ELF, php, perl, python. - A smart multi-threaded PortScanner. - A exploit loading framework to test effectiveness of IDS/IPS winAUTOPWN is a set of exploits wich are publicly available. The source of these exploits is modified only when required to enable a missing feature or to remove hard-coded limitations. winAUTOPWN would otherwise maintain the original exploit writer's source code intact just as it was and uses it. winAUTOPWN preserves the exploit writer's credits and originality in the source, keeps the Names, Website/Blogs, emails, other contact details intact. Binaries of perl, php, python and cygwin DLLs (included)