The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Kaspersky Internet Security  Memory Corruption Vulnerability Vulnerability-Lab Team discovered a Memory & Pointer Corruption Vulnerability on Kaspersky Internet Security 2011/2012 & Kaspersky Anti-Virus 2011/2012. A Memory Corruption vulnerability is detected on Kaspersky Internet Security 2011/2012 & Kaspersky Anti-Virus 2011/2012. The vulnerability is caused by an invalid pointer corruption when processing a corrupt .cfg file through the kaspersky exception filters,which could be exploited by attackers to crash he complete software process. The bug is located over the basegui.ppl & basegui.dll when processing a .cfg file import. Affected Version(s): Kaspersky Anti-Virus 2012 & Kaspersky Internet Security 2012 KIS 2012 v12.0.0.374 KAV 2012 v12.x Kaspersky Anti-Virus 2011 & Kaspersky Internet Security 2011 KIS 2011 v11.0.0.232 (a.b) KAV 11.0.0.400 KIS 2011 v12.0.0.374 Kaspersky Anti-Virus 2010 & Kaspersky Internet Security 2010 The kaspersky .c

China Software Developer Network (CSDN) 6 Million user data Leaked The "Chinese Software Developer Network" ( CSDN ), operated by Bailian Midami Digital Technology Co., Ltd., is one of the biggest networks of software developers in China. A text file with 6 Million CSDN user info including user name, password, emails, all in clear text leaked on internet. The Download Link  (use xunlei to download the file) of the File is available on various social Networks. NowChinese programmers are busy changing their password now. Full archive of 104.9 MB (MD5 = b75678048d100600d3a6c648075636a7) available for Download Now : Here Just did some data ming on CSDN leaked user data. Some interesting findings. Here are the results of Top 100 email providers form 6M CSDN user emails : @qq.com, 1976190 @163.com, 1766919 @126.com, 807893 @sina.com, 351590 @yahoo.com.cn, 205487 @hotmail.com, 202944 @gmail.com, 186843 @sohu.com, 104735 @yahoo.cn, 87048 @tom.com, 72360 @yeah.net, 53292 @21

Follow this real-life network attack simulation, covering 6 steps from Initial Access to Data Exfiltration. See how attackers remain undetected with the simplest tools and why you need multiple choke points in your defense strategy. Surprisingly, most network attacks are not exceptionally sophisticated, technologically advanced, or reliant on zero-day tools that exploit edge-case vulnerabilities. Instead, they often use commonly available tools and exploit multiple vulnerability points. By simulating a real-world network attack, security teams can test their detection systems, ensure they have multiple choke points in place, and demonstrate the value of networking security to leadership. In this article, we demonstrate a real-life attack that could easily occur in many systems. The attack simulation was developed based on the MITRE ATT&CK framework, Atomic Red Team,  Cato Networks ' experience in the field, and public threat intel. In the end, we explain why a holistic secur

Backdoor in Android for No-Permissions Reverse Shell Security expert Thomas Cannon working at viaForensics as the Director of R&D has demonstrated a custom-developed app that installs a backdoor in Android smartphones – without requiring any permissions or exploiting any security holes. Thomas built an app which requires no permissions and yet is able to give an attacker a remote shell and allow them to execute commands on the device remotely from anywhere in the world. The functionality they are exploiting to do this is not new, it has been quietly pointed out for a number of years, and was explained in depth at Defcon 18 . It is not a zero-day exploit or a root exploit. They are using Android the way it was designed to work, but in a clever way in order to establish a 2-way communication channel. This has been tested on Android versions ranging from 1.5 up to 4.0 Ice Cream Sandwich, and it works in a similar way on all platforms. The application operates by instructing the br

US Chamber Of Commerce Hit by Chinese Hackers A group of hackers in China breached the computer defenses of America's top business-lobbying group and gained access to everything stored on its systems, including information about its three million members. The hackers may have broken into the Chamber's network more than a year before they were discovered. It is not confirm when the initial break-in occurred but security officials from the Chamber quietly shut the breech down in May of 2010. " What was unusual about it was that this was clearly somebody very sophisticated, who knew exactly who we are and who targeted specific people and used sophisticated tools to try to gather intelligence, " the Chamber's chief operating officer David Chavern told the Journal in an interview published today. It isn't clear how much of the compromised data was viewed by the hackers.Chamber officials said the hackers had focused on four Chamber employees who worked on Asia poli

Windows 7 64 bit Memory Corruption Vulnerability A person known by the alias of " w3bd3vil " on twitter released an HTML snippet that will cause the 64 bit version of Windows 7 to blue screen if viewed under Safari. The underlying vulnerability is however not a flaw in Safari but rather a flaw in the Windows kernel mode device driver, win32k.sys. " A vulnerability has been discovered in Microsoft Windows, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused due to an error in win32k.sys and can be exploited to corrupt memory via e.g. a specially crafted web page containing an IFRAME with an overly large "height" attribute viewed using the Apple Safari browser. Successful exploitation may allow execution of arbitrary code with kernel-mode privileges ," the Secunia advisory said. The possibility that the vulnerability can be exploited by using means other than Safari cannot be ruled out.