The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

MySQL.com Once again Compromised using Sql Flaw A hacker with name " D35M0ND142 " claim to hack MySql.com website using Sql Injection Flaws. In September,  Mysql.com was hacked and it was serving BlackHole exploit malware on the site. In a pastebin dump Hacker Exposes various Admin user credentials and Database info. The Compromised Usernames and Passwords are from  Blog site  of MySql. MySql website is pretty embarrassed for not securing its own database's properly, Even hacker share that " Robin Schumacher is MySQL's Director of Product Management andhas over 20 years of database experience in DB2, MySQL, Oracle, SQLServer and other database engines. Before joining MySQL, Robin wasVice President of Product Management at Embarcadero Technologies. " Besides the hack on MySQL.com, D35M0ND142 also managed to breach the systems of the Urbino University in Italy and the Universal Language & Computer Institute in Nepal and Stream Database.

Android Bloatware , Another Serious Android Privacy Issue Researchers have found that some Android smartphones are more vulnerable to attacks than others, thanks to add-on software and skins that get installed by handset makers before they ship their smartphones to subscribers. It's not just Carrier IQ that Android users need to be worried about. A team of researchers from North Carolina State University discovered the security vulnerability on eight different smartphones from Google, HTC, Motorola and Samsung. Black hat hacker can exploit these vulnerabilities to record phone calls (see proof of concept video below), wipe out your phone, call or text premium rate numbers, and read your private messages and emails, all without your permission, of course. According to the paper published by the team. " Our results with eight phone images show that among 13 privileged permissions examined so far, 11 were leaked, with individual phones leaking up to eight permissions. By exploi

Imagine a world where the software that powers your favorite apps, secures your online transactions, and keeps your digital life could be outsmarted and taken over by a cleverly disguised piece of code. This isn't a plot from the latest cyber-thriller; it's actually been a reality for years now. How this will change – in a positive or negative direction – as artificial intelligence (AI) takes on a larger role in software development is one of the big uncertainties related to this brave new world. In an era where AI promises to revolutionize how we live and work, the conversation about its security implications cannot be sidelined. As we increasingly rely on AI for tasks ranging from mundane to mission-critical, the question is no longer just, "Can AI  boost cybersecurity ?" (sure!), but also "Can AI  be hacked? " (yes!), "Can one use AI  to hack? " (of course!), and "Will AI  produce secure software ?" (well…). This thought leadership article is about the latter. Cydrill  (a

Protecting Your BlackBerry Smartphone with Security Wipe The BlackBerry device is a wonderful thing. We load our BlackBerries with various softwares and applications to increase our productivity and customize them with interesting themes and ringtones. We watch movies and play games and track day to day activities. All of these things require passwords and usually involve storing data on our devices that is sensitive in nature. So what if you want to wipe your BlackBerry clean? There are a number of reasons why you might want to wipe out your Blackberry. Perhaps you have switched jobs and need to submit your BlackBerry into your new IT department so they can set it up for their network. You wouldn't want them to have access to your previous employers data would you? Perhaps you have purchased a new model of BlackBerry and would like to gift your previous model to a friend or sell it on ebay. The same rule applies, you do not want them to see what you were using your Blackberry for

Another United Nations Web Site Hacked, Barack Obama info Leaked ! Hackers of Team Sector 404 have breached the Spanish Web site for the United Nations Refugee Agency ACNUR . Group claims to be working with Anonymous. Hackers was able to breach site with SQL Injection vulnerability . They leaked Barack Obama's email address, username, password (not in clear text), personal phone number and a login ID as shown. Other individuals whose information was leaked are Dirk Wildt from Die Netzmacher and Schaffstein from a non-profit organization called TYPO3 .Info of Other United Nation members also leaked from database. The team of hackers include  PHANTOM, RAWR, IO93, V, ZD4P50N, SPECTRUS, ANONGUS, FIBO,HACKW32, ADREX,NEKA, JJ, & ESCUADRON SPY PEOPLE Y HACKERSMX219 involve in this Hack as  Sector 404.

Cain & Abel v4.9.43 Released Cain & Abel is a password recovery tool for Microsoft operating systems.It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using dictionary and brute force attacks, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols. Change Log : Added SAP R/3 sniffer filter for SAP GUI authentications and SAP DIAG protocol decompression. Added support for Licensing Mode Terminal Server connections to Windows 2008 R2 servers in APR-RDP sniffer filter. Added support for MSCACHEv2 Hashes (used by Vista/Seven/2008) in Dictionary and Brute-Force Attacks. Added MSCACHEv2 Hashes Cryptanalysis via Sorted Rainbow Tables. Added MSCACHEv2 RainbowTables to WinRTGen v2.6.3. MS-CACHE Hashes Dumper now supports MSCACHEv2 hashes extraction from Windows Vista/Seven/2008 machines and offline registry files. Fixed a bug (crash) in Certificate Collector wit

Biggest Independent Russian Election site Hacked on election day Popular Russian media websites, the major LiveJournal social network and the website of the country's biggest independent election watchdog, were inaccessible in hacking attacks for several hours on Sunday in what their employees said was an attempt to jam information on parliamentary elections. " The attack on the website on election day is apparently tied to an attempt to publish information about violations ," chief editor of the independent-minded Ekho Moskvy radio Aleksei Venediktov wrote in his Twitter blog. Websites of Forbes Russia, Bolshoi Gorod and New Times magazines, Slon.ru news portal, Golos election watchdog and its Kartanarusheniy.ru website that was supposed to map vote fraud were down throughout most of Sunday.These media organizations and the watchdog have pledged to report voting violations from all over Russia live.Independent and opposition media, as well as the LiveJournal social network that ha

XSS Vulnerability On Twitter Found by 15 Years Old Expert A 15 years old XSS Expert " Belmin Vehabovic(~!White!~) " discovered XSS Vulnerability On Twitter and report us. The Vulnerable link is here . Even He also Discovered XSS Vulnerability in Facebook also as tweeted by him Yesterday  &Facebook is offering him $700 as Bounty.

Invitation for DEF-CON Chennai January Meet 2012 (DC602028) We like to invite all of you for our 4th meet which is going to held on 29th January 2012. DEF-CON Chennai is a registered group of DEF-CON, our group id is DC602028. [ Tickets for the Meet] For General Public : 700 INR For Students: 600 INR To book the tickets mail to dc602028@gmail.com [ Time of the Meet ] On 29th January 2012 From 2 PM to 7 PM Do make sure that your at the venue by 1:45 PM [ Venue of the Meet ] The Venue is going to be at Le Waterina Hotel, a 4 Star Resort. Le Waterina – The Boutique Hotel No 35 Kaveri Nagar (near Bella Ciao) Waterland Drive,Thiruvanmiyur Kottivakkam Beach.Chennai 600041. Refer: https://www.defcontn.com/DC602028/invitation-for-the-january-meet-2012/

THN December Magazine Released ! Who We are at The Hacker News ?  It is hard to re-cap the past year and all the excitement and hard work we have experienced launching an online magazine.  The subject, Hacking, is even more exciting as the technology world awakens to the security issues facing all internet users from government, large corporations and personal users. We have tried very hard to keep the readers informed and up to date regarding security threats and security breaks world wide.  Our daily news aims to give business and personal PC users an understanding of what is happening in computer security developments and what criminal activity is breaching security systems. Mostly, we understand the importance of disseminating information and keeping the internet free of restrictions.  We believe that information and opinion are the foundation of a healthy society and we strive constantly to address the political and social issues facing our new world of electronic communicati

Voodoo Carrier IQ detector application released for Android An Android developer recently discovered a clandestine application called Carrier IQ built into most smartphones that doesn't just track your location; it secretly records your keystrokes, and there's nothing you can do about it. A new Android app to identify whether your smartphone has any Carrier IQ tracking/monitoring software installed on it has been released, the Voodoo Carrier IQ detector , giving users a simple way to put their minds to rest on privacy. The handiwork of Android app developer supercurio, the tool is only a few hours old and only partially finished, with the consequent warning that the results can't be entirely relied on yet. supercurio has offered up the source code under an open-source license for those who want to help refine the tool, so we're guessing the rough edges and reliability will be polished off in short order. Download Application Download Source Code

McAfee drafted Five Steps to Avoiding bad apps on Pc & Mobile Malicious applications are one of the most serious threats to smartphone users today. Not only can a dangerous app infect your phone and steal your personal information, it can even spy on you. Read our five easy tips for avoiding bad apps, and keep your device and information safe. An Android developer recently discovered a clandestine application called Carrier IQ built into most smartphones that doesn't just track your location; it secretly records your keystrokes, and there's nothing you can do about it. In this digital age, privacy is more important than ever. Just because you " don't have anything to hide ," does not mean that you shouldn't value your privacy or fight for it when companies do things like this, especially with something as personal as your cell phone. McAfee has come up with five " Common sense " practices that you might not have thought about before, but they actually do make sense fo

The Spy Files: Wikileaks expose Mobile Phone, Email Hacking capability Wikileaks has released  ( https://spyfiles.org/ ) dozens of new documents highlighting the state of the once covert, but now lucrative private sector global surveillance industry. According to Assange, over 150 private sector organisations in 25 countries have the ability to not only track mobile devices, but also intercept messages and listen to calls also. Site founder Julian Assange has held a press conference, revealing the secrets of the industry.­ The whistleblowing site has published some 287 documents from its huge database, collected from 160 international intelligence contractors. The database includes internal documents of such companies like Gamma corporation in the UK, Ipoque of Germany, Amesys and Vupen in France, VASTech in South Africa, ZTE Corp in China, Phoenexia in the Czech Republic, SS8 and Blue Coat in the US, among others. From the press release: " The Wikileaks Spy Files reveal the de