The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Why US Aircrafts Drop Spy Devices in Syrian ? Last week Iranian engineer claim to hijack U.S. drone by hacking GPS system using GPS spoofing. On December 14, residents of a small town in northern Syria reported seeing unidentified aircraft circling overhead, and dropping several small items attached to mini-parachutes , which entered Syrian airspace through the Turkish border. The gadgets, pictured here, look suspiciously like surreptitious listening devices. Residents say the question is :  who dropped them, and why? The sources explained that the aircrafts that dropped the devices were American, not Turkish. They added that the aircrafts took off from Incirlik air base, southeast of Adana, which is 130 km away from the city of Afrin, mainly to belong to the Kurdish nationalists. " This action aims at eavesdropping on communications between the Syrian troops, locating their spots accurately and collecting any information about it in order to provide them to U.S. and Turkish aut

Call spoofing - Evolution of Cybercrime in Growing Children The Hacker News & 5 Other Top IT Security Sites are Sponsoring a Special Edition January 2012 Magazine under a Cyber Security Awareness Campaign called " ENTER AT YOUR OWN RISK ". Our goal is to provide the most up-to-date information on a wide variety of topics that address the tricky and complicated world of hackers and hacking. Lets know about " Call spoofing " and How much easy it is for kids to do Call spoofing. First of all the term ' cyber crime ' is a misnomer. The concept of cyber crime is not radically different from the concept of conventional crime. Both include conduct whether act or omission, which cause breach of rules of law and counterbalanced by the sanction of the state. Any criminal activity that uses a computer either as an instrumentality, target or a means for perpetuating further crimes comes within the ambit of cyber crime. The computer may be used as a tool in the follo

Follow this real-life network attack simulation, covering 6 steps from Initial Access to Data Exfiltration. See how attackers remain undetected with the simplest tools and why you need multiple choke points in your defense strategy. Surprisingly, most network attacks are not exceptionally sophisticated, technologically advanced, or reliant on zero-day tools that exploit edge-case vulnerabilities. Instead, they often use commonly available tools and exploit multiple vulnerability points. By simulating a real-world network attack, security teams can test their detection systems, ensure they have multiple choke points in place, and demonstrate the value of networking security to leadership. In this article, we demonstrate a real-life attack that could easily occur in many systems. The attack simulation was developed based on the MITRE ATT&CK framework, Atomic Red Team,  Cato Networks ' experience in the field, and public threat intel. In the end, we explain why a holistic secur

Iran government websit es now on local server to Protect them from Cyber Attacks An Iranian official says the country has transferred the location of most of its government websites from foreign-based hosting agencies to new computer facilities inside the country to avert potential cyber attacks. The country's deputy minister for communications and information technology, Ali Hakim Javadi, Reuters reports that more than 90 percent of all the Iranian government's websites have had their hosting locations transferred inside the country. " Over 30 000 Iranian websites, including those of key institutions such as ministries, were hosted abroad, mainly in North America ," the Islamic Republic News Agency cited Ali Hakim Javadi, the Deputy Minister for Communications and Information Technology, as saying without specifying the countries involved. " The data was at risk of being accessed at any moment ."Iranian officials said last year that malicious software known as Stuxnet affected so

Corporate fraud vs Anonymous Analytics Group A new financial research group, Anonymous Analytics  has released a report accusing Chinese firm Chaoda Modern Agriculture of " 11 years of deceit and corporate fraud ". The company is one of China's largest fruit and vegetable suppliers. A faction within the online hacking collective Anonymous has moved into an unlikely new area – exposing corporate fraud and making money in the aftermath. The group alleges that Chaoda's management has funnelled more than $400 million out of the company through false accounting and payments to shell companies. Hong Kong's government announced an investigation into the company on Monday, shortly before the release of the Anonymous report, leading its shares to fall by 26 per cent before being suspended from trading. In a departure from illegal hacking, Anonymous Analytics claims that " all information presented in our reports is acquired through legal channels, fact-checked, and vetted thoroughly befor

Tor anonymity will become illegal with SOPA acts ? The Stop Online Piracy Act (SOPA) is the newest attempt by Congress and corporations in the United States to regulate the Internet. SOPA's proponents include the Motion Picture Association of America and the Recording Industry of America. They view SOPA as a means to counter rampant piracy on the Internet, especially sites such as ThePirateBay.org. A little-noticed section of the Stop Online Piracy Act could make it illegal to distribute Tor and other software that can circumvent attempts by the U.S. government to block pirate Web sites. The effects of SOPA and PIPA will be felt throughout the world, as the way the bill defines "U.S. websites" is so broad as to cover most of the Internet itself. The list of collateral damage the bills are feared to cause goes on, and the list of the bills' critics keeps expanding. In addition to the million+ citizens who have spoken out, the legislation is also opposed by tech companies such a

Kaspersky Internet Security  Memory Corruption Vulnerability Vulnerability-Lab Team discovered a Memory & Pointer Corruption Vulnerability on Kaspersky Internet Security 2011/2012 & Kaspersky Anti-Virus 2011/2012. A Memory Corruption vulnerability is detected on Kaspersky Internet Security 2011/2012 & Kaspersky Anti-Virus 2011/2012. The vulnerability is caused by an invalid pointer corruption when processing a corrupt .cfg file through the kaspersky exception filters,which could be exploited by attackers to crash he complete software process. The bug is located over the basegui.ppl & basegui.dll when processing a .cfg file import. Affected Version(s): Kaspersky Anti-Virus 2012 & Kaspersky Internet Security 2012 KIS 2012 v12.0.0.374 KAV 2012 v12.x Kaspersky Anti-Virus 2011 & Kaspersky Internet Security 2011 KIS 2011 v11.0.0.232 (a.b) KAV 11.0.0.400 KIS 2011 v12.0.0.374 Kaspersky Anti-Virus 2010 & Kaspersky Internet Security 2010 The kaspersky .c

China Software Developer Network (CSDN) 6 Million user data Leaked The "Chinese Software Developer Network" ( CSDN ), operated by Bailian Midami Digital Technology Co., Ltd., is one of the biggest networks of software developers in China. A text file with 6 Million CSDN user info including user name, password, emails, all in clear text leaked on internet. The Download Link  (use xunlei to download the file) of the File is available on various social Networks. NowChinese programmers are busy changing their password now. Full archive of 104.9 MB (MD5 = b75678048d100600d3a6c648075636a7) available for Download Now : Here Just did some data ming on CSDN leaked user data. Some interesting findings. Here are the results of Top 100 email providers form 6M CSDN user emails : @qq.com, 1976190 @163.com, 1766919 @126.com, 807893 @sina.com, 351590 @yahoo.com.cn, 205487 @hotmail.com, 202944 @gmail.com, 186843 @sohu.com, 104735 @yahoo.cn, 87048 @tom.com, 72360 @yeah.net, 53292 @21

Backdoor in Android for No-Permissions Reverse Shell Security expert Thomas Cannon working at viaForensics as the Director of R&D has demonstrated a custom-developed app that installs a backdoor in Android smartphones – without requiring any permissions or exploiting any security holes. Thomas built an app which requires no permissions and yet is able to give an attacker a remote shell and allow them to execute commands on the device remotely from anywhere in the world. The functionality they are exploiting to do this is not new, it has been quietly pointed out for a number of years, and was explained in depth at Defcon 18 . It is not a zero-day exploit or a root exploit. They are using Android the way it was designed to work, but in a clever way in order to establish a 2-way communication channel. This has been tested on Android versions ranging from 1.5 up to 4.0 Ice Cream Sandwich, and it works in a similar way on all platforms. The application operates by instructing the br

US Chamber Of Commerce Hit by Chinese Hackers A group of hackers in China breached the computer defenses of America's top business-lobbying group and gained access to everything stored on its systems, including information about its three million members. The hackers may have broken into the Chamber's network more than a year before they were discovered. It is not confirm when the initial break-in occurred but security officials from the Chamber quietly shut the breech down in May of 2010. " What was unusual about it was that this was clearly somebody very sophisticated, who knew exactly who we are and who targeted specific people and used sophisticated tools to try to gather intelligence, " the Chamber's chief operating officer David Chavern told the Journal in an interview published today. It isn't clear how much of the compromised data was viewed by the hackers.Chamber officials said the hackers had focused on four Chamber employees who worked on Asia poli

Windows 7 64 bit Memory Corruption Vulnerability A person known by the alias of " w3bd3vil " on twitter released an HTML snippet that will cause the 64 bit version of Windows 7 to blue screen if viewed under Safari. The underlying vulnerability is however not a flaw in Safari but rather a flaw in the Windows kernel mode device driver, win32k.sys. " A vulnerability has been discovered in Microsoft Windows, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused due to an error in win32k.sys and can be exploited to corrupt memory via e.g. a specially crafted web page containing an IFRAME with an overly large "height" attribute viewed using the Apple Safari browser. Successful exploitation may allow execution of arbitrary code with kernel-mode privileges ," the Secunia advisory said. The possibility that the vulnerability can be exploited by using means other than Safari cannot be ruled out.

Bypass SOPA (Stop Online Piracy Act) DNS Blocking with DeSopa 1.1 A developer who calls himself T Rizk doesn't have much faith in Congress making the right decision on anti-piracy legislation, so he's built a work around for the impending censorship measures being considered  DeSOPA . The Firefox add-on is stunningly simple as the Stop Online Piracy Act (SOPA) would block specific domain names (e.g. www.thepiratebay.com ) of allegedly infringing sites. Firefox, which already boasts an outspoken stance against SOPA, and has already shown they are willing to stand by add-on developers who create circumvention extensions designed to go around measures currently employed by Homeland Security, has welcomed a new add-on, one that is designed to circumvent whatever SOPA website blacklists that are created, provided the bills become law. A new anti-SOPA add-on for Firefox, titled " DeSopa " is such a counter measure.When installed, users can click a single button to resolve a blo

Apple Crash Reports Help Hackers to create a jailbreak exploit iPhone " jailbreaking " has been a hot topic since Apple released its smartphone more than two years ago. According to the Latest report posted by BBC  that Thousands of iPhone owners have joined forces with a team of hackers to help them find new ways to jailbreak Apple's phone software & Jailbreakers use Apple crash reports to unlock iPhones. You may be wondering and hearing alot on " What Is Jailbreaking an Iphone? How do you do that? " Jailbreaking is basically modifying the iPhone's firmware so that you can get access to the internals of its operating system and install a whole slew of third-party applications on your iPhone that are not otherwise available through official channels.Jailbreaking your iPhone in and of itself doesn't normally make much difference in your operation of it, but it does allow you to install other third-party applications that are not blessed by Apple. A collective of

An Iranian engineer working on the captured US drone has said that Iran exploited a weakness in the craft's navigation system to hijack it. The aircraft was downed through a relatively unsophisticated cyber-attack that tricked its global positioning systems (GPS). The technique, known as " GPS spoofing " has been around for several years, and the Iranians began studying it in 2007, the engineer reportedly said. The U.S. Department of Energy notes that GPS is widely used, but insecure, although few users have taken note. GPS signals for the U.S. military are similarly insecure, and drones often rely on signals from multiple satellites. It's possible to spoof unencrypted civilian GPS systems. But military GPS receivers, such as the one likely installed on the missing drone, use the encrypted P(Y)-code to communicate with satellites. " With spoofing, an adversary provides fake GPS signals. This convinces the GPS receiver that it is located in the wrong place and/or time ," t

1.8 Million Accounts Hacked from Square Enix Japanese Game Company Square Enix stated yesterday that somebody " may have gained unauthorized access to a particular Square Enix server " and took its members service offline in both Japan and the U.S. Today, the company clarified that 1.8 million customer's accounts had been affected. The company said it noticed that unknown parties had accessed the server for its free " Square Enix Members " site on Tuesday afternoon, and decided to shut down the service the same day. Users register on the server with their email addresses and sometimes their names, addresses and phone numbers, but the server holds no credit card information, a spokesman said. The intruder breached an unknown number of servers that could hold data for the service's one million members in Japan and 800,000 members in North America, but left untouched the servers with its 300,000 European members. In May, Square Enix said it suffered hackin

Key infrastructure systems of 3 US cities Under Attack By Hackers BBC News Reported that the Federal Bureau of Investigation (FBI) announced recently that key infrastructure systems of three US cities had been accessed by hackers. Such systems commonly known as Supervisory Control and Data Acquisition (SCADA) are increasingly being targeted by hackers. At a recent cybersecurity conference, Michael Welch, deputy assistant director of the FBI's cyber division, said " hackers had accessed crucial water and power services.The hackers could theoretically have dumped sewage into a lake or shut off the power to a shopping mall ." " We just had a circumstance where we had three cities, one of them a major city within the US, where you had several hackers that had made their way into SCADA systems within the city ," Welch told delegates at the Flemings Cyber Security conference." Essentially it was an ego trip for the hacker because he had control of that city's system and h

Denial of Service Attack Vulnerability in  Windows Phone 7.5 Microsoft's range of Windows Phones suffer from a denial-of-service attack bug that allows attackers to reboot the device and disable the messaging functionality on a device. A malicious SMS sent to a Windows Phone 7.5 device will force it to reboot and lock down the messaging hub . WinRumors reader Khaled Salameh discovered the flaw and reported it to us on Monday. WinRumors said tests revealed that the flaw affected a variety of devices running different builds of the mobile operating system. A Facebook chat message and Windows Live Messenger message will also trigger the bug. Video Demonstration Both Apple and Google have suffered from SMS bugs with their iOS and Android devices. Security researcher Charlie Miller discovered a flaw in the iOS 3.0 software that allowed attackers complete control over an iPhone at the time. Android-based phones also suffered in the SMS attack, but attackers could only knock a phone

Breach confirmed in GlobalSign , SSL certificates not compromised GlobalSign said on Tuesday that the SSL certificate and key for www.globalsign.com may have been exposed after a hack on an external server in September. However, the company said that after investigating the breach it has found no evidence of rogue certificates being issued following the hack. A hacker known as " Comodohacker " compromised other certificate authorities including Comodo and DigiNotar. " I have access to their entire server, got DB backups, their linux / tar gzipped and downloaded, I even have private key of their OWN globalsign.com domain ," the hacker said in a Pastebin at the time. The investigation revealed that the compromise was limited to a peripheral Web server hosting the CA's website and did not affect the part of its network that deals with digital certificates. Companies use digital certificates as a cryptographic online trust technology. A stolen digital certificate can all

Facebook Ticker partially Removed Due To Various Bugs According to a Post on Facebook Known Issues Page , Facebook has removed the ticker apparently motivated the social network to call the phenomenon a bug that's undergoing a fix. Facebook says that " Some people are seeing their ticker disappear. We are aware of this issue and are working to resolve it. ". Comments explaining that people with less active accounts won't see the feature, Because when your friends aren't doing anything on the site, the ticker would only duplicate the news feed and not scroll, so there's no point in the feature taking up part of your screen. Not even this, Last month a Brazilian (independent) Security and Behavior Research had analyzed a privacy issue in Facebook Ticker that allows any person chasing you without your knowledge or consent .How Facebook Ticker exposing your information and behavior without your knowledge. Meanwhile, the Known Issues on Facebook page posted that some people

Web of Trust (WOT) Wins in Court, Favors freedom of speech The world's leading safe surfing tool Web of Trust (WOT) has won the lawsuit filed against it in the United States. WOT was accused of defamation, violating rights, conspiracy and manipulating algorithms. The court of justice in Florida granted the motion to dismiss with prejudice. The case was brought up by ten companies, which are all associated to a person named Mr. Ayman El-Difrawi. The companies demanded WOT to remove ratings and comments for their numerous websites. WOT's advocacy was based on the article 230 of the Communications Decency Act, legislated in 1996 for similar cases. The article protects Internet service providers clearing them from liabilities related to content created by third parties. During the eventful case, the plaintiff changed their claims several times. The last change happened only a day before the oral hearing, when the plaintiff voluntarily dismissed some defendants and half of the claims.

Government organised 12 Chinese Hacker Groups  behind all Attacks About 12 different Chinese groups largely directed by the government there, do the bulk of the China based cyber attacks stealing critical data from U.S. companies and government agencies, according to U.S. cyber security analysts and experts. US online security companies are suggesting that it should have the right to force them to stop " by any means possible ". Sketched out by analysts who have worked with U.S. companies and the government on computer intrusions, the details illuminate recent claims by American intelligence officials about the escalating cyber threat emanating from China. And the widening expanse of targets, coupled with the expensive and sensitive technologies they are losing, is putting increased pressure on the U.S. to take a much harder stand against the communist giant. The report states that many of the attacks carry tell-tale signatures of particular hacking groups being tracked b