The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Apache 2.4 Comes Out, Major update after 6 years The Apache Software Foundation officially released the Apache 2.4 today as the first major update to this leading open-source web-server in more than a half-decade. Apache 2.4 is slated to deliver superior performance to its 2.2 predecessor and better compete with the growingly-popular NGINX web-server. It is the first major release of Apache in six years, coincides with the software's 17th anniversary. Besides much faster performance, among the many enhancements to the Apache 2.4 HTTP Server is better a-synchronous support in its core, run-time loadable MPMs, reduced memory usage compared to Apache 2.2.x, several new modules, enhancements to existing modules, and much more. " This release delivers a host of evolutionary enhancements throughout the server that our users, administrators, and developers will welcome ," Apache server vice president Eric Covener wrote in a statement. " We've added many new modules

Hackers to release 0-days in comics Hackers frequently disclose vulnerabilities in various products, but taking it to a whole new level, now hackers and malware coders are planning to release actual 0-days through their own comic books. The Malware conference, Malcon announced it on their groups yesterday. In the making from last three months, the comic is planned for release with objective of simplifying and helping coders understand the art behind malcoding for offensive defense and security. It is learned that there will be two formats for the comic - a web and a printed version. The printed version will be specifically for the Indian Government officials, Intelligence agencies and Law enforcement groups, who are regular attendees at the conference. This is also seen as a remarkable and significant point in the history and evolution of hackers and also points at things to come in wake of real threats with respect to cyber warfare capabilities of India in future. On condition of

Identities now transcend human boundaries. Within each line of code and every API call lies a non-human identity. These entities act as programmatic access keys, enabling authentication and facilitating interactions among systems and services, which are essential for every API call, database query, or storage account access. As we depend on multi-factor authentication and passwords to safeguard human identities, a pressing question arises: How do we guarantee the security and integrity of these non-human counterparts? How do we authenticate, authorize, and regulate access for entities devoid of life but crucial for the functioning of critical systems? Let's break it down. The challenge Imagine a cloud-native application as a bustling metropolis of tiny neighborhoods known as microservices, all neatly packed into containers. These microservices function akin to diligent worker bees, each diligently performing its designated task, be it processing data, verifying credentials, or

India demands Real time monitoring on Indian Gmail & Yahoo Emails Looks like the Government Of India is really after the digital communication in India. Internet content providers Yahoo, Gmail and others would be asked to route all emails accesed in India through the country even if the mail account is registered outside the country. In a written statement filed in a civil court here, Yahoo India has dubbed a suit filed against it and several other websites alleging that they hosted objectionable content as " motivated " and an " abuse of the process of law ." The Government Of India wants that all the email accessed by Indians should route through servers physically located in India even if the email account was created outside India. Government is ensuring that the security agencies will have direct, real-time access to the digital communication among Indians. The need for this was felt after security agencies failed to access accounts of suspected terrorists of Indian Mujahid

Call for Paper - DEF CON Rajasthan March 2012 Meet DEF CON Rajasthan - March 2012 Jaipur Meet, Call For Papers is now officially Open and will close on March 10, 2012. DEF CON Rajasthan (DC91141) is a DEF CON Registered group of people interested in exploring technology and it implications in security. It mostly consists of information assurance professionals and enthusiasts. The main purpose of this group is to organize technical talks and hands on experience on topics of interest. While seasoned speakers will be invited to present for the initial several presentations. Our intention is to have local people with less experience present as well. This will allow younger professionals and researchers to get used to preparing a technical presentation and sharing it with an audience. We are inviting unique and fresh research papers for DEF CON Rajasthan - March 2012 Jaipur Meet. Call of Paper :-  Paper shold be.. -> Paper should be of current subject and not more than 1 year ol

Confusing Attackers with Artillery By Dave Kennedy (ReL1K) Dave Kennedy (ReL1K) , A security ninja & penetration tester develop Another amazing tool for Linux Protection, Named " Artillery ". This Article is written by Dave for our January Issue of The Hacker News Magazine , We like to share with our website Readers also: I've traditionally been on the offensive side of security through my career. With tools that I've developed like Fast-Track and The Social-Engineer Toolkit (SET), it's primarily focused on the attack front. Awhile back I had an idea of creating a more defensive tool around both Windows and *nix systems and keep things open-source as usual. I started Artillery about three months ago with the intent of developing an open-source project that does a bit of everything. The name " Artillery " spawns from one of my favorite techno bands Infected Mushroom and enhances the overall security of whatever touches it. Artillery supports both Linux and Windows and

Resellerclub and Directi Registrars Hacked Various Domains and Sudomains of two largest Reseller focused Registrars in the world got hacked by GrayHatz turkish Group of hackers. ResellerClub is one of the largest private label Web Solutions Providers globally. ResellerCLub's products represent an ongoing R&D effort of over 8 years and powers millions of websites. Hacked Domains and Mirrors : resellerclub.com https://www.zone-h.org/mirror/id/17046730 tr.resellerclub.com https://www.zone-h.org/mirror/id/17046737 br.resellerclub.com https://www.zone-h.org/mirror/id/17046731 china.resellerclub.com https://www.zone-h.org/mirror/id/17046732 de.resellerclub.com https://www.zone-h.org/mirror/id/17046733 es.resellerclub.com https://www.zone-h.org/mirror/id/17046734 india.resellerclub.com https://www.zone-h.org/mirror/id/17046735 russia.resellerclub.com https://www.zone-h.org/mirror/id/17046736 uk.resellerclub.com https://www.zone-h.org/mirror/id/17046738 careers

Iran will Develop their own security Software , No more foreign Solution According to latest report, Iran's Information and Communications Technology Minister announce that - Iran has prohibited import of foreign computer security software. Because International sanctions stopped Iran from obtaining anti-virus software. So, Iran stressed that no foreign software for computer security will be imported into the country, adding that Iran will rely on its own software, made by local developers. The Bonian Daneshpajouhan Institute has about 25 smaller firms that develop domestic security software of various nature, and country will rely on it.  A senior Iranian intelligence official has claimed that an estimated 16,000 computers were infected by the Stuxnet virus, which targeted the country's nuclear facilities and other industrial sites in 2010. The ban is intended to push Iran into the production of its own malware defense instruments. Whether the Stuxnet virus affected only

Three Greek Anonymous hackers arrested for defacing Government Sites According to a press release by the Greek police,They has arrested an eighteen-year-old and identified two other teenagers it accuses of having defaced the Greek Ministry of Justice website. The attack happened at the start of February, Aged 16, 17 and 18, the three targeted schoolboys are suspected of taking part in this group under the nicknames ' delirium ', ' nikpa ' and ' extasy '. The Greek Cybercrime division has found electronic traces that supposedly lead to the subjects and claim that they've attacked many sites in the past. Besides the arrests, the unit also seized 12 HDD and 3 notebooks. A police statement says the three claim to be part of the international " Anonymous " activist collective, which has attacked computers in several countries. Hackers posted a video and messages on the Justice Ministry website on February 3, protesting the Greek government's signing of a global copyright treaty and it

Facebook Hacking - Student jailed for eight months 26-year-old Glenn Steven Mangham, a student in the UK, has been sentenced to eight months in prison for hacking into Facebook from his bedroom at his parents house. Facebook spent $200,000 (£126,400) dealing with Mangham's crime, which triggered a "concerted, time-consuming and costly investigation. Glenn Mangham, 26, admitted to infiltrating the website between April and May of last year. Apparently no user details were taken, as he went straight for "invaluable" intellectual property instead. Facebook alerted the authorities last May after they discovered the breach. The FBI took care of the rest, tracing it all back to the UK address. He found his way in by hacking into the account of a Facebook employee. Facebook operates a bug bounty program in which it pays ethical hackers up to $US 500 for quietly disclosing vulnerabilities. According to reports of Mangham's court appearances, the software development student cl

FAQ : DNSChanger Trojan, Impact and Solutions Two days before we (THN) Reported that FBI will shutdown Internet on 8th March , Title seems to be more Attention seeking , Why ? Well ! Our job is to aware you about the Internet Security. If we are looking for some extra attention from our Readers then its part of our small effort to make Internet more secure space for all. Today we are going to Explain all about DNSChanger Trojan, its Impact on Internet users and the biggest challenge for FBI to resolve it, and How a non technical user can check and Restore its computer, Hope you will share this article with your Friends, Followers and On your Site to aware them about this Serial Internet Killer . What is DNS (Domain Name System) ? is an Internet service that converts user-friendly domain names into the numerical Internet protocol (IP) addresses that computers use to talk to each other. When you enter a domain name, such as www.thehackernews.com , in your web browser address bar,

DPScan : Drupal Security Scanner Released The First Security scanner for Drupal CMS has been released by Ali Elouafiq , on his Blog . His team develop a tool that will enumerate at least the modules used by Drupal so we can simulate a White Box audit on our private machines. This small tool is public and accessible to you for use however you please. It may help other auditors or penetration testers do their job faster, Here is a little demonstration. After downloading the script (in python), you simply type: > python DPScan.py [website url] You can download Drupal Security Scanner here .

FBI will shutdown the Internet on March 8 The Internet could go dark for millions of users as early as March 8 because of a virus that has corrupted computers in more than 100 countries. Last year, authorities in Estonia apprehended six men believed responsible for creating a malicious computer script called the DNSChanger Trojan. Once set loose on the Web, the worm corrupted computers in upwards of 100 countries, including an estimated 500,000 in America alone. Must Read :  FAQ : DNSChanger Trojan, Impact and Solutions The primary impact of this infection is that it caused web surfers to be sent to fraudulent websites by changing what is called the DNS settings on compromised computers.The Domain Name System (DNS) is the backbone of the Internet's address scheme and DNS servers are special computers around the world that act as Internet traffic cops providing directions to websites that you wish to visit. Though the FBI has shut down the DNSChanger network and put up surrog