The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

HBGary Federal One Year Later ! Doug Vitale sharing and interesting read with our Readers from his Blog  About HBGary Federal. In February 2011, the loosely knit collective of hacktivists known as Anonymous successfully compromised the corporate network of HBGary Federal (HBG Fed), a company that provided information security services to the federal government of the United States. This attack brought down the HBGary Federal website, compromised the Twitter and LinkedIn accounts of HBGary Federal CEO Aaron Barr, and resulted in the public release of thousands of internal documents and emails. Aaron Barr believed he had penetrated Anonymous. The loose hacker collective had been responsible for everything from anti-Scientology protests to pro-Wikileaks attacks on MasterCard and Visa, and the FBI was now after them. But matching their online identities to real-world names and locations proved daunting. Barr found a way to crack the code.In a private e-mail to a colleague at his secu

Penetration Testing Oriented Browser - Sandcat Browser The fastest web browser combined with the fastest scripting language packed with features for pen-testers.  Sandcat Browser is a freeware portable pen-test oriented multi-tabbed web browser with extensions support developed by the Syhunt team, the same creators of the Sandcat web application security scanner. The Sandcat Browser is built on top of Chromium, the same engine that powers the Google Chrome browser, and uses the Lua language to provide extensions and scripting support. This first Sandcat Browser release includes the following pen-test oriented features: Live HTTP Headers Request Editor extension Fuzzer extension with multiple modes and support for filters JavaScript Executor extension -- allows you to load and run external JavaScript files Lua Executor extension -- allows you to load and run external Lua scripts Syhunt Gelo HTTP Brute Force, CGI Scanner scripts and more. Download SandCat Browser

Over the past two years, a shocking  51% of organizations surveyed in a leading industry report have been compromised by a cyberattack.  Yes, over half.  And this, in a world where enterprises deploy  an average of 53 different security solutions  to safeguard their digital domain.  Alarming? Absolutely. A recent survey of CISOs and CIOs, commissioned by Pentera and conducted by Global Surveyz Research, offers a quantifiable glimpse into this evolving battlefield, revealing a stark contrast between the growing risks and the tightening budget constraints under which cybersecurity professionals operate. With this report, Pentera has once again taken a magnifying glass to the state of pentesting to release its annual report about today's pentesting practices. Engaging with 450 security executives from North America, LATAM, APAC, and EMEA—all in VP or C-level positions at organizations with over 1,000 employees—the report paints a current picture of modern security validation prac

Code 2600 : A Hacking Documentary Following the success of his debut documentary feature, Land of Confusion, award winning Pittsburgh filmmaker Jeremy Zerechak is already garnering early accolades for his newest project, CODE 2600. The film—a no-holds-barred look at the ramifications of the Information Technology era—has been selected from to have its world premiere at the 2012 CINEQUEST FILM FESTIVAL (February 28th – March 11th) in San Jose, CA. Appropriately located in the heart of silicon valley, CINEQUEST is one of the country's top film festivals—a 13-day event of 200 international films with over 600+ film artists, technologists, and professionals from 44 countries in attendance. CODE 2600 documents the rise of the Information Technology Age as told through the events and people who helped build and manipulate it. The film explores the impact this new connectivity has on our ability to remain human while maintaining our personal privacy and security. As we struggle to co

Application Security With Apache Shiro : Java security framework Are you frustrated when you try to secure your applications? Do you feel existing Java security solutions are difficult to use and only confuse you further? Les Hazlewood is the Apache Shiro PMC Chair and co-founder and CTO of Katasoft, a start-up focusing on application security products and Apache Shiro professional support. Apache Shiro, a Java security framework that provides a simple but powerful approach to application security. Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management and can be used to secure any application - from the command line applications, mobile applications to the largest web and enterprise applications. Shiro provides the application security API to perform the following aspects : Authentication - proving user identity, often called user 'login'. Authorization - access control Cryptography - pr

Honda Thailand Defaced By Spydevilz / Mr. Paparosse Honda Thailand sub domain ( https://dog.honda.co.th/images/ ) got hacked by Hacker called Spydevilz and Mr. Paparosse . The team of Hackers include  3spi0n, Mr.PaPaRoSSe, ExDeaTH, Legend Coder, x-Leader, t0wN, JiHAD Hackers. Message posted by Hackers on page that " Do not stop your voice in your home all the lights are off, they're going back more damaged than before ." The mirror of also available on  Legend-h .