The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Symantec releases patch to address pcAnywhere source code exposure Anonymous activists have released source code for PCAnywhere onto the internet, hours after a hacker's negotiations for payment from Symantec broke down. Symantec code exposure turns up danger to pcAnywhere customers.Symantec has released new information and a patch to address the recent code exposure incident. The release followed failed email negotiations over a $50,000 payout to the hacker calling himself YamaTough to destroy the code. The code was posted on the Pirate Bay file-sharing website on Tuesday at around 5:40am. " Symantec has been lying to its customers. We exposed this point thus spreading the world that ppl need" - #AntiSec #Anonymous Spread and share! " said a statement accompanying the download link on Pirate Bay. Symantec has stated that users of pcAnywhere are at increased risk. The Symantec website states that, because of the age of the exposed source, " Symantec anti-viru

YamaTough Hacker Demanded $50,000 for not releasing Stolen Symantec Source Code According to email transcripts posted to Pastebin yesterday, and confirmed by the company, a group of hackers attempted to extort $50,000 from Symantec in exchange for not releasing its stolen PCAnywhere and Norton Antivirus source code. Hackers associated with the group Anonymous known as the Lords of Dharamaja leaked what appears to be another 1.27 gigabytes of source code from Symantec Monday night, what they claim is the source code of the Symantec program PCAnywhere.  A 1.2GB file labeled " Symantec's pcAnywhere Leaked Source Code " has been posted to The Pirate Bay. We have asked Symantec whether this code is authentic and will update when we hear back. The leak comes as little surprise: Symantec had previously revealed that the hackers had obtained 2006 versions of that code along with other Symantec products from the same time period, and warned users of PCAnywhere to disable its

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many approaches offer piecemeal solutions – zeroing in on one particular element of the evolving threat landscape challenge – missing the forest for the trees.  In the last few years, Exposure Management has become known as a comprehensive way of reigning in the chaos, giving organizations a true fighting chance to reduce risk and improve posture. In this article I'll cover what Exposure Management is, how it stacks up against some alternative approaches and why building an Exposure Management program should be on  your 2024 to-do list. What is Exposure Management?  Exposure Management is the systematic identification, evaluation,

University of Washington Vulnerable and Database Leaked by Hacker A few days back, a Team INTRA member hacked into the University of Washington database and released much data. Today, N0B0DY and N0LIFE hacked into it again, releasing the most recent passwords on  Pastebin . The root MySQL password was also released, as well as many other MySQL users. The information_schema database was accessed, and they released the COLUMNS table completely, having 6363 records. Hackers also expose the vulnerable links in Pastebin note. University of Washington is a public research university, founded in 1861 in Seattle, Washington, United States. The UW is the largest university in the Northwest and the oldest public university on the West Coast. The exposed vulnerabilities are of SQL injection. It is a technique used to take advantage of non-validated input vulnerabilities to pass SQL commands through a Web application for execution by a backend database. Attackers take advantage of the fact

Australian Nokia Sub Domain Defaced by Hackers Latest News coming from Zone-H that Australian Nokia Sub Domain Defaced by Hacker going with codename - " aldyfrz " an Indonesian hacker. Reason of Hacking is Unclear and Security Breach possibly just Damage the Site. The Hacker Sub domain of Nokia is :  https://press.nokia.com.au  Press Club Site and While writing this update Nokia Restore the site , So if anyone miss to see the Deface page, They can check at  Zone-H  mirror link.

British sensationalist Newspaper Daily Mail Hacked by TeaMp0isoN Yesterday Visitors to the Daily Mail's recipe pages ( https://recipes.dailymail.co.uk/index.htm )  had been confronted with a message left by hackers who defaced and disabled the site. British sensationalist newspaper the Daily Mail has been hit by hackers in support of the online movement Opcensorthis.  News of the hack spread via Twitter and it seems to have happened late afternoon on Sunday, 5 February, and lasted for a couple of hours. A mirror link posted on the TeaMp0isoN Twitter gives those that missed it a look at what the hackers were promoting. " For years you've poisoned the mainstream media with your sensationalist, ultranationalist nonsense, continuing to inject reader's minds with anti- immigration and borderline racist propaganda ," says the text on the deface web page. " Your distorted bias on news is wrongly justified by patriotism and conservatism, though we see through yo

Malware automatically uploading stolen data to the File sharing sites Roland Dela Paz , a threat response engineer with Trend Micro have discovered a piece of malicious software that automatically uploads its stolen data cache to the SendSpace file-sharing service for retrieval. File-storage services offer several advantages for cybercriminals. SendSpace accepts files and then generates a link that can be shared with other people to download the content in the files. The malware has been configured to send files, copy the download link and send it to a command-and-control server along with the password needed to access the archive, Dela Paz wrote. Here is a screenshot of the Sendspace page leading to the archive of collected documents. Malware utilizing free online services are definitely not unheard of. Utilizing a public file hosting site is yet another clever way for cybercriminals to store stolen data as they do not need to set up a server that will store large amount of dat

In our Last Month Magazine Issue, Lee Ives from London, England and Admin of Security-FAQs - talk about internet security for your children and what to watch out for and how to protect them and yourself. You can Download Here Special The Hacker News Magazine January 2012 Edition. Have a look the interesting Article shared by Lee : The one thing that is great about the internet is that just like many of the other major mediums it has content for all different types of age groups. If you have older people that you need to entertain then you will be able to find something for them to be entertained by on the web. If you have younger kids that you have to entertain then you will find something for them as well. But unlike the other major mediums such as TV, you have a more diverse stock from which to pick from. With the internet you are getting content from all around the world and no matter which age group you need to entertain, you will be able to find something for the

Citigroup sites hit by Brazilian Anonymous hacker Citigroup has confirmed its consumer banking sites were temporarily offline Friday because of what a bank spokesman referred to as temporary outages. Hackers with Anonymous have claimed to be behind the attacks. The operation behind the attacks waged against banks in Brazil, known as #OpWeeksPayment on Twitter, claims issues with government and capitalism were catalysts for the attacks. Anonymous Brasil said its attacks were only meant to fight corruption in BrazilA group of internet hackers, which calls itself Anonymous Brasil, continued its relentless attacks which began earlier last week by taking down the websites of the Citigroup and Citibank.The group, which is targeting financial institutions, issued a warning message to them, saying Anonymous Brasil does not forget you. Your turn will come. Apart from Citigroup, both in Brazil and in the US, the group had also targeted the websites of four major banks in Brazil, including B

Joomscan Security Scanner updated to 611 Joomla vulnerabilities Database Another huge update coming from Security Team Web-Center that Joomscan Security Scanner is now updated to 611 Joomla vulnerabilities Database. Last update for this tool was in November, 2011 with 550 vulnerabilities in Database. In joomscan you can check for new updates with command: ./joomscan.pl check or ./joomscan.pl update Download for Windows  (141 KB) Download for Linux  (150 KB )

Mobile Based Wireless Network MiTM Attack Illustration Bilal Bokhari from zer0byte.com Illustrated perfect example of Mobile Based Wireless Network MiTM Attack on his blog. Bilal want to share this article with our Readers at THN, Have a look : If we look at the history of computer development, the computer developers/engineers just 10 years back did not have any clue as to how this industry is going to be, the way this industry we have today. The Computers and its applications nowadays are more powerful and much smarter than ever before. Computer applications are used in every industry like engineering, designing, music programming, web development etc which enables their users to come up with amazing products every day. So far so good the story of the computer development sounds amazing but there is a problem with its development. When computer applications are developed, they are not particularly a complete perfect solution. They contain some flaws or bugs which can be exploi

Sun Microsystems (Print) - Cross Site Scripting Vulnerabilities Today Ucha Gobejishvili ( longrifle0x ) a Pentester from Georgia reported 3 More important Cross Site Scripting Vulnerabilities in Sun Microsystem's and Java Printer Webpages. Java's Vulnerable Link   : Click Here Sun's Vulnerable Link 1 :  Click Here Sun's Vulnerable Link 2 :  Click Here Cross-Site Scripting occurs when an attacker can send a malicious script to a different user by relaying the script from an otherwise trusted or innocuous server. These flaws are extensive on the Web and allow an attacker to place malicious code that can execute attacks against other users in the security context of the web servers of the trusted host. Previous vulnerabilities  reported by longrifle0x : Click here to Read or Mirrors .

ProCredit Bank Georgia hacked by RetnOHacK #AntiSerbs Group of Hackers named - B!JemBeX, RetnOHacK, Weedh0aX, mR.Thg hack into ProCredit Bank of Georgia (procreditbank.ge) . They Deface the Administrator panel page located at  https://www.procreditbank.ge/admin/login.php  as shown in image attached. On Deface page Hacker said " This day have received that much time..when will you accept that you lose the fight ?in this game you do not have no chance to win..you always were and always will be losers remain losersMitrovica do not sell , Mitrovica is ours as alwaysWe do not want peace with you , because I hate slaves.Date of " 28 November " is approaching to unite all Albanians... ". Till now its unclear that Hacker damage anything else rather than site pages.