The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Skype zero day HTML/(Javascript) code injection Noptri Public Security Advisory has publised a working skype zero day vulnerability with POC for skype. Skype users need be aware of this vulnerability. Affected Software: Software: Skype <= 5.5.0.113 Affected Platforms: Windows (XP, Vista, 7) Problem Description: Skype suffers from a persistent code injection vulnerability due to a lack of input validation and output sanitization of following profile entries:     [+] home     [+] office     [+] mobile Proof of Concept: The following HTML codes can be used to trigger the described vulnerability: --- SNIP ---     [+] Home Phone Number:     <b>INJECTION HERE</b>     [+] Office Phone Number:     <center><i>INJECTION HERE</i></center>     [+] Mobile Phone Number:     <a href="#">INJECTION HERE</a> Impact: An attacker could for example inject HTML/Javascript code. It has not been verified though, if it's po

Libya Registry & Telecom websites hacked by Electr0n A Hacker with codename " Electr0n " has deface the two Important websites of Libya. One is Domain Registry website and Other one is Telecom Website . Both sites had same deface page as shown above. You can check cache link here . Its not confirm that  Electr0n is in support of Anonymous or not, But According to Defacement page, the hack is performed for some other reason, rather than operation Libya by Anonymous.

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many approaches offer piecemeal solutions – zeroing in on one particular element of the evolving threat landscape challenge – missing the forest for the trees.  In the last few years, Exposure Management has become known as a comprehensive way of reigning in the chaos, giving organizations a true fighting chance to reduce risk and improve posture. In this article I'll cover what Exposure Management is, how it stacks up against some alternative approaches and why building an Exposure Management program should be on  your 2024 to-do list. What is Exposure Management?  Exposure Management is the systematic identification, evaluation,

Israel Radio is hacked by  Egyptian hacker Egyptian hacker defaced the website of  Israel Radio  , and Write a message on homepage as shown: Hi to greatest son of the bitches of the world ... This Msg From Egypt " Mother Of The World "We Never Forgot And Never Forgive Any Isrealian Bitch3Z you Started The War Attack Us 0n The borders of Egypt For Nothing Reason .. So You Have Bear Our Attacks Fuck To All Isreal ./3x!t

Idea Cellular Web Portal Hacked, Customers Info may be exposed ! Again a critical SQL Injection Vulnerability has been discovered by zSecure Team in a high profile web portal. This time it's Ideacellular web portal which compromises the entire site database. Any malicious smart black hats can create much more devastating attacks using this critical flaw such as: complete access to various database's as shown in screen-shots under proof of vulnerability which can later be misused to access various confidential information; complete database dump; possibility of uploading shell (not fully certain) and much more. Target Website :  https://www.ideacellular.com Attack Type : Hidden SQL Injection Vulnerability Database Type :   MySql 5.0.27 Alert Level : Critical Threats : Database Access, Database Dump Credit : zSecure Team     Previous Vulnerability Discolsures:  Dukascopy, Sify, TimesofMoney, Sharekhan Proof of Vulnerability : About the Company Idea is the 3rd largest mobi

25 Year old UK Student hacker penetrated Facebook‎ A 25 year old Brit allegedly used "considerable technical expertise" to hack into Facebook's servers. The student, from York, faces five charges, including that he "made, adapted, supplied or offered to supply" a computer program to hack into a Facebook server, Westminster magistrates' court heard. Mangham, a resident of York, was arrested by the e-Crime Unit of the Metropolitan Police in June this year; and has been charged with five offences under the Computer Misuse Act. Mangham is currently on bail, and like all accused hackers has been prohibited from accessing anything even resembling a computer. " The court feels it will be safer if there was no access to the internet which will reduce the temptation for your son to go on to Facebook ," said Judge Evans. As per Facebook, no personal information had been compromised during the hacks attempted by Mangham. The social network also added that it had been

PDD - Packet Dump Decode Released PDD is an open-source program created by Srivats.Packet Dump Decode (pdd) is a simple convenient GUI wrapper around the Wireshark/Ethereal tools to convert packet hexdumps into well formatted xml containing the decoded protocols and protocol contents.You need to have Wireshark installed, because PDD is only a wrapper around Wireshark. Convert hexdumps to - Tree-View (within application) Pcap file and open with Wireshark/Ethereal Text description of packet contents XML description of packet contents Download