The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Persistent XSS vulnerability in eBuddy Web Messenger A team member from Virtual Luminous Security , Russian Federation, has discovered a persistent XSS vulnerability in eBuddy (the biggest web IM solution in the world) by transmitting messages with embedded encoded javascript code. In-depth detail eBuddy Web Messenger suffers from an encoded-Persistent XSS vulnerability in the messaging function. (while sendingA message with embedded code to another authorized user in eBuddy WebMessenger). Exploit example Plain XSS (Not going to store, nor execute) <script>alert('eBuddy Persistent XSS');</script> Encoded text=%3Cscript%3Ealert%28'eBuddy%20Persistent%20XSS'%29%3C/script%3E [*] The attacker sends the encoded embedded code in an IM message. [*] The victim receives the message with the encoded embedded code and it executes on the victims browser.

The Hacker News Magazine September Issue - NO ONE IS SECURE Well folks, after this issue and the obvious intensity of the insecurity of the net, I have a few thoughts on the unfettered access to knowledge. It is more than apparent we all live in a time where the extensive dissemination of opinions, thoughts and ideas and information are done through a modern method of transmission. The simplicity and effectiveness by which computers and networks are used to assemble, store, search, associate, recover, and share information make computer technology especially risky to anyone who wishes to keep personal or protect information from the public sphere or out of the clutches of anyone who is perceived as a probable threat. As this issues explores, the evolving and more advanced capabilities of computer viruses, phishing, fraud schemes, spyware, and hacking activity springing up from every corner of the globe and the diversity of privacy-related issues engendered by computer technology h

In today's digital world, where connectivity is rules all, endpoints serve as the gateway to a business's digital kingdom. And because of this, endpoints are one of hackers' favorite targets.  According to the IDC,  70% of successful breaches start at the endpoint . Unprotected endpoints provide vulnerable entry points to launch devastating cyberattacks. With IT teams needing to protect more endpoints—and more kinds of endpoints—than ever before, that perimeter has become more challenging to defend. You need to improve your endpoint security, but where do you start? That's where this guide comes in.  We've curated the top 10 must-know endpoint security tips that every IT and security professional should have in their arsenal. From identifying entry points to implementing EDR solutions, we'll dive into the insights you need to defend your endpoints with confidence.  1. Know Thy Endpoints: Identifying and Understanding Your Entry Points Understanding your network's

Two Suspected Anonymous/LulzSec hackers arrested by British police Officers from the Metropolitan Police Service's Central e-Crime Unit (PCeU) have today, 1 September, arrested two men for conspiring to commit offences under the Computer Misuse Act 1990. Two men, aged 20 and 24, have been arrested by British police in connection with Anonymous and LulzSec Members. The men were arrested separately at addresses in Mexborough, Doncaster, South Yorkshire and Warminster, Wiltshire. The Doncaster address was searched by police and computer equipment was removed for forensic examination. Kayla, alongside the likes of Sabu, Topiary and Tflow is considered to be one of the key figures in the LulzSec hacking gang. DI Mark Raymond from the PCeU said: " The arrests relate to our enquiries into a series of serious computer intrusions and online denial-of-service attacks recently suffered by a number of multi-national companies, public institutions and government and law enforcement

EA Game - Battlefield Heroes Accounts Hacked by ' Why So Serious? ' Albanian Hacker One of the most famous games over the world Battlefield Heroes which is created by EA Games is hacked by a new hacker named " Why So Serious? ". The hacker is from Albania. He made a post on Battlefield Heroes site & said: " Hello all Players and Admins. I'm Why So Serious?. Today I hacked some Battlefield Heroes accounts. I'm going to post them on this forum and on my Fan Page on Facebook: Why So Serious? . " Hacker Leaks the User Login passwords on pastebin from Battlefield Site. Hacker claim that he will hack another EA Games accounts and Jagex Games accounts and will post those accounts also today. Hacker also have a facebook page , where he publish the hack details. Hacked Website:  https://www.battlefieldheroes.com/

Texas law enforcement Hacked by #Antisec and  #FreeAnons  - 3GB of data leaked Texas Police Chiefs Association Website hacked by Anonymous Hackers for Antisec Operation. Hacker deface their website and post 3GB of data on it with Message " In retaliation for the arrests of dozens of alleged Anonymous suspects, weopened fire on dozens of Texas police departments and stole boatloads ofclassified police documents and police chief emails across the state. During theSan Jose courtdate we defaced and gave out live backdoor and admin access to thewebsite TexasPoliceChiefs.org while allied ships launched ddos attacks uponJustice.gov and other law enforcement websites. " Complete Message  here . All this done for #FreeAnons  Campaign. Texas law enforcement agencies (LEA), and includes the emails and personal information for 28 police chiefs posted here . The leaked messages are said to contain Internal Affairs related case details, as well as pornographic materials, anti-immigrant