The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

FBI Arrests Suspected LulzSec and Anonymous Hackers Search warrants were also being executed in New Jersey, Minnesota and Montana. The FBI  arrested two alleged members of the hacking collectives LulzSec and Anonymous on Thursday morning in San Francisco and Phoenix, According to Fox news. The suspected hacker arrested in California is homeless and alleged to have been involved in the hacking of Santa Cruz County government websites. The person arrested in Arizona is a student at a technical university and allegedly participated in the widely publicized hack against Sony. Both groups have been targeted by the FBI and international law enforcement agencies in recent months. Meanwhile, the FBI arrested an alleged Anonymous member in San Francisco. The man, who is reported to be homeless, is said to have been involved in internet attacks against Santa Cruz County government websites.Just because a man is homeless, of course, doesn't mean that he can't get an internet connec

BruCON Agnitio workshop Slides and Video Demonstration - Download Workshop by David Rook ( Security Ninja ) at BruCON 2011 in Belgium. You can Download Slide from here . Required for the Agnitio hands on demos: A 32bit Windows Operating System (XP or 7 preferably – VM will be fine) .NET framework 3.5 installed Agnitio v2.0 installed Download the Pandemobium Android and iOS source code Download the selected vulnerable open source application Optional In addition to the list above the following things are optional depending on how hands on you want to be: Internet connection to download an application from the Android market place Eclipse IDE installed Android SDK installed Android Debug Bridge (adb) installed, this should be installed as part of the SDK install An AVD configured with the Android market place app installed (instructions here) I think you can also use a rooted Android device if you don't want to use the emulator Workshop format A quick look at static an

In today's digital world, where connectivity is rules all, endpoints serve as the gateway to a business's digital kingdom. And because of this, endpoints are one of hackers' favorite targets.  According to the IDC,  70% of successful breaches start at the endpoint . Unprotected endpoints provide vulnerable entry points to launch devastating cyberattacks. With IT teams needing to protect more endpoints—and more kinds of endpoints—than ever before, that perimeter has become more challenging to defend. You need to improve your endpoint security, but where do you start? That's where this guide comes in.  We've curated the top 10 must-know endpoint security tips that every IT and security professional should have in their arsenal. From identifying entry points to implementing EDR solutions, we'll dive into the insights you need to defend your endpoints with confidence.  1. Know Thy Endpoints: Identifying and Understanding Your Entry Points Understanding your network's

Let's Play a Game of Cyber Security at  CSAW CTF 2011   Ready for a little game of capture the flag? What if you weren't running around a field like a crazy person trying to grab a flag out of someone's belt, but instead were navigating around a network overcoming technical challenges to find markers that you are awarded points for once submitted? Then CSAW CTF 2011 is where it's at. CSAW CTF 2011 is hosting the qualifying round from Friday September 23, 2011 to Sunday September 25, 2011. The competition will begin at 8PM that Friday night, and is used to determine who will proceed on to the finals taking place in New York November 10-11 at NYU-Poly.   The event is centered on assessing application security abilities. For the qualification round there is no limit to the number of team members you can have, but if you move on to the final round your team will be limited to four players. If you attend the event you'll have the chance to rub elbows with anyone and everyone inter

Lilith: Perl script to audit web applications Lilith tool analyses webpages and looks for htmltags , which often refer to dynamic pages that might be subject to SQL injection or other flaws.Lilith basic function is to spider and analyses pages, following hyperlinks, injecting special characters that have a special meaning to any underlying platform. As most of us know web applications scanner can never perform a full 100% correct audit. A manual re-check eliminates most of the false positve. Features and changes made in lilith got rid of many many false positives (that's good) when SQL error is found, it now goes onto next var improved (i hope) scanning engine (anti) coldfusion support better cookie handling and cookie tampering omitted perl HTML::Form limitation better verbose output extensive logging detects directory indexing recursive URL dissection cleaned up this pasta code Download Lilith

Win Free Copies of BackTrack 5 Wireless Penetration Testing Guide with The Hacker News Fellow hackers would be very pleased to know that to celebrate the release of their new book- BackTrack 5 Wireless Penetration Testing Beginner's Guide , Packt Publishing is giving away 2 copies of the book to The Hacker News readers. Keep reading to find out how you can be one of the Lucky Winner. Here is a quick overview of BackTrack 5 Wireless Penetration Testing Beginner's Guide · Learn Wireless Penetration Testing with the most recent version of Backtrack · The first and only book that covers wireless testing with BackTrack · Concepts explained with step-by-step practical sessions and rich illustrations · Written by Vivek Ramachandran ¬ world renowned security research and evangelist, and discoverer of the wireless "Caffe Latte Attack" Read More How To Win Sound like something you might be interested in? All you need to do is head on over to the bo