The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Sun Microsystems (Print) - Cross Site Scripting Vulnerabilities Today Ucha Gobejishvili ( longrifle0x ) a Pentester from Georgia reported 3 More important Cross Site Scripting Vulnerabilities in Sun Microsystem's and Java Printer Webpages. Java's Vulnerable Link   : Click Here Sun's Vulnerable Link 1 :  Click Here Sun's Vulnerable Link 2 :  Click Here Cross-Site Scripting occurs when an attacker can send a malicious script to a different user by relaying the script from an otherwise trusted or innocuous server. These flaws are extensive on the Web and allow an attacker to place malicious code that can execute attacks against other users in the security context of the web servers of the trusted host. Previous vulnerabilities  reported by longrifle0x : Click here to Read or Mirrors .

ProCredit Bank Georgia hacked by RetnOHacK #AntiSerbs Group of Hackers named - B!JemBeX, RetnOHacK, Weedh0aX, mR.Thg hack into ProCredit Bank of Georgia (procreditbank.ge) . They Deface the Administrator panel page located at  https://www.procreditbank.ge/admin/login.php  as shown in image attached. On Deface page Hacker said " This day have received that much time..when will you accept that you lose the fight ?in this game you do not have no chance to win..you always were and always will be losers remain losersMitrovica do not sell , Mitrovica is ours as alwaysWe do not want peace with you , because I hate slaves.Date of " 28 November " is approaching to unite all Albanians... ". Till now its unclear that Hacker damage anything else rather than site pages.

Follow this real-life network attack simulation, covering 6 steps from Initial Access to Data Exfiltration. See how attackers remain undetected with the simplest tools and why you need multiple choke points in your defense strategy. Surprisingly, most network attacks are not exceptionally sophisticated, technologically advanced, or reliant on zero-day tools that exploit edge-case vulnerabilities. Instead, they often use commonly available tools and exploit multiple vulnerability points. By simulating a real-world network attack, security teams can test their detection systems, ensure they have multiple choke points in place, and demonstrate the value of networking security to leadership. In this article, we demonstrate a real-life attack that could easily occur in many systems. The attack simulation was developed based on the MITRE ATT&CK framework, Atomic Red Team,  Cato Networks ' experience in the field, and public threat intel. In the end, we explain why a holistic secur

Anonymous Hacks FBI and Records Conference Call Earlier today, Anonymous released a confidential conference call between the FBI and law enforcement officers in the UK. The 16-minute call discusses ongoing investigations into hackers associated with Anonymous, AntiSec, and LulzSec. From all appearances, Anonymous retrieved the sensitive access code information and a list of attendees from an FBI email account. The group released a roughly 15-minute-long recording of what appears to be a Jan. 17 conference call devoted to tracking and prosecuting members of the loose-knit hacking group. The email, titled " Anon-Lulz International Coordination Call ", was published on pastebin earlier today: https://pastebin.com/8G4jLha8  . The email with details for accessing the call was sent to law enforcement officials in Britain, France, the Netherlands and others but the only people who identify themselves on the call are from the FBI and Scotland Yard.In a message on Twitter, Anonymous posted

Call of Duty , Spider-Man and other 7 Largest Video Game Sites Hacked Today Turkish Hackers from group " GrayHatz " hack and Deface Call of Duty, Spider-Man and other 7 Largest Video Game Sites. Hacked Sites Include: - Call of Duty® Official Video Game Site : Link and Mirror - X-Men Origins: Wolverine Official Video Game Site :  Link  and  Mirror - Spider-Man: Edge of Time Official Game Website - Transformers: Fall of Cybertron Official Video Game Site : Link and Mirror - Prototype 2 Official Video Game Site : Link and Mirror - Infinity Ward Developer of Call of Duty : Link and Mirror - The Quantum Of Solace Game Official Video Game : Link and Mirror - DJ Hero 2 | Available Now Official Site : Link and Mirror - Guitar Hero Official Site : Link and Mirror

Wifi Protector - Protect Your Android From Wi-Fi Sniffing Attacks The only app that is able to countermeasure " Man In The Middle " attacks on Android platform - Wifi Protector . No other app provides this type of high network security. Protects your phone from tools like FaceNiff, Cain & Abel, ANTI, ettercap, DroidSheep, NetCut, and all others that try to hijack your session via "Man In The Middle" through ARP spoofing / ARP poisoning. WifiKill can't take you offline with this app installed. The "Immunity" feature is the only one that requires root, all other features work without root access. Features - Uses very few resources - Uses no resources if Wi-Fi is disabled - Nearly zero battery consumption - Requires very few permissions. Requests only absolutely necessary permissions - Undetectable by the bad guy - 100% silent and passive inside the network. Generates no noise - Highly customizable notifications - Plays ringtone on atta

DEF-CON Chennai Group DEF-CON Chennai Group 4th meet successfully was held this past weekend on 29th Jan at Le Waterina Resort, Chennai. Team THN also join this Event, It was a nice setup.  " We like to thank each and everyone who attended this meet and made it a success story. We like to thank all the speakers for giving wonderful presentations and speech . Blog post by DCG. List of people who made a difference at DCG Chennai (DC602028) 1) Mr. Hari Krishnan (Organizer) 2) Mr.Viknesvaran (Organizer) 3) Mr. Prateek Dwivedi 4) Mr. Adithya Gupta 5) Mr. Ravi 6) Mr. Kaushal Sharma 7) Mr.Amrinder Singh 8) Mr. Abhinab 9) Mr. Pranav Sharma 10) Mr.Karthick 11) Arush sal For DEF-CON Chennai (DC602028) Official photos:

Syrian president 's e-mail hacked by Saudi hackers According to report received to THN editorial, A hacker based out of Saudi Arabia, identified as Salman Al Anzi, claims to have hacked the private email account of Syrian president Bashar Al Assad. He also hack a number of Syrian ministries, the Al-Arabiya TV Channel. The hacker threatened to reveal Assad's personal correspondence containing scandalous facts if the president doesn't meet his requirements. According to the city Saudi Arabia, the hacker threatened to Bashar al-Assad download scandals and scandals of his aides and Iran's support for him, and copies of e-Bashar by secret ballot, with said hacker to the size of these scandals, 4 GB, gave the hacker the Saudi ultimatum to President Bashar al-Assad for the implementation of conditions, and only carried out what threatened him. The wave of threats from the hacker, Israeli sources said that a Saudi, and announced several thwarted attempts to penetrate the sites