The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

MegaUpload founder Kim Dotcom released on bail Kim Dotcom, the millionaire founder of the file-sharing website Megaupload, was released on bail Wednesday after a judge said he didn't appear to have enough money to flee. Authorities in the U.S. allege founder Kim Dotcom facilitated millions of illegal downloads through his company and he is subject to online piracy charges. Last month, U.S. authorities shut down Megaupload's websites and announced indictments against Dotcom and six other people connected to the site, accusing them of operating an " international organized criminal enterprise responsible for massive worldwide online piracy of copyrighted works. " They say Megaupload generated more than $175 million in illegal profits through advertising revenue and the sale of premium memberships. He had been in custody since his arrest on January 20 after he was initially denied bail. He said: ' I am relieved to go home to see my family, my three little kids

McAfee Q4 Threats Report, Mobile malware on the rise The number of new malware releases slowed during the final three months of 2011, but was higher than expected for the year. Computer and mobile security firm McAfee has warned " no organisation,platform or device " is immune from malware attacks as it released its Q4 2011 Threats Report. Mobile malware hit more than 400 unique samples in Q4, up from over 100 in the third quarter, and less than 50 samples in the first quarter of last year. McAfee also found that PC malware counts declined during Q4, and were lower than in Q4 of 2010. Even so, the total number of unique malware samples is more than 75 million as of Q4, the report says. " On a global basis, we are conducting more of our personal and business transactions through mobile devices, and this is creating new security risks and challenges in how we safeguard our commercial and personal data ," said Vincent Weafer, senior vice-president of McAfee Labs. McAfee Labs recorded

Los Angeles Police Canine Association hit by Hackers The official website of the Los Angeles County Police Canine Association (https://www.lacpca.com) was hacked by CabinCr3w group of Hackers. Hackers leak lots of data from the site on a Pastebin Note  titled as " PedoCop & Police Emails ". This data include officers names, addresses, and phone numbers of hundreds of officers and their membership rosters which were taken upon login. Hacker also upload two Archives which have the complete Google Emails data of two officers. Hackers also Mention that " we will not be including the photos from the email in this release but we will be making contact with the appropriate organizations protecting children from exploitation online ."

Permissions in SaaS platforms like Salesforce, Workday, and Microsoft 365 are remarkably precise. They spell out exactly which users have access to which data sets. The terminology differs between apps, but each user's base permission is determined by their role, while additional permissions may be granted based on tasks or projects they are involved with. Layered on top of that are custom permissions required by an individual user.  For example, look at a sales rep who is involved in a tiger team investigating churn while also training two new employees. The sales rep's role would grant her one set of permissions to access prospect data, while the tiger team project would grant access to existing customer data. Meanwhile, special permissions are set up, providing the sales rep with visibility into the accounts of the two new employees. While these permissions are precise, however, they are also very complex. Application admins don't have a single screen within these applications th

Apache 2.4 Comes Out, Major update after 6 years The Apache Software Foundation officially released the Apache 2.4 today as the first major update to this leading open-source web-server in more than a half-decade. Apache 2.4 is slated to deliver superior performance to its 2.2 predecessor and better compete with the growingly-popular NGINX web-server. It is the first major release of Apache in six years, coincides with the software's 17th anniversary. Besides much faster performance, among the many enhancements to the Apache 2.4 HTTP Server is better a-synchronous support in its core, run-time loadable MPMs, reduced memory usage compared to Apache 2.2.x, several new modules, enhancements to existing modules, and much more. " This release delivers a host of evolutionary enhancements throughout the server that our users, administrators, and developers will welcome ," Apache server vice president Eric Covener wrote in a statement. " We've added many new modules

Hackers to release 0-days in comics Hackers frequently disclose vulnerabilities in various products, but taking it to a whole new level, now hackers and malware coders are planning to release actual 0-days through their own comic books. The Malware conference, Malcon announced it on their groups yesterday. In the making from last three months, the comic is planned for release with objective of simplifying and helping coders understand the art behind malcoding for offensive defense and security. It is learned that there will be two formats for the comic - a web and a printed version. The printed version will be specifically for the Indian Government officials, Intelligence agencies and Law enforcement groups, who are regular attendees at the conference. This is also seen as a remarkable and significant point in the history and evolution of hackers and also points at things to come in wake of real threats with respect to cyber warfare capabilities of India in future. On condition of

India demands Real time monitoring on Indian Gmail & Yahoo Emails Looks like the Government Of India is really after the digital communication in India. Internet content providers Yahoo, Gmail and others would be asked to route all emails accesed in India through the country even if the mail account is registered outside the country. In a written statement filed in a civil court here, Yahoo India has dubbed a suit filed against it and several other websites alleging that they hosted objectionable content as " motivated " and an " abuse of the process of law ." The Government Of India wants that all the email accessed by Indians should route through servers physically located in India even if the email account was created outside India. Government is ensuring that the security agencies will have direct, real-time access to the digital communication among Indians. The need for this was felt after security agencies failed to access accounts of suspected terrorists of Indian Mujahid

Call for Paper - DEF CON Rajasthan March 2012 Meet DEF CON Rajasthan - March 2012 Jaipur Meet, Call For Papers is now officially Open and will close on March 10, 2012. DEF CON Rajasthan (DC91141) is a DEF CON Registered group of people interested in exploring technology and it implications in security. It mostly consists of information assurance professionals and enthusiasts. The main purpose of this group is to organize technical talks and hands on experience on topics of interest. While seasoned speakers will be invited to present for the initial several presentations. Our intention is to have local people with less experience present as well. This will allow younger professionals and researchers to get used to preparing a technical presentation and sharing it with an audience. We are inviting unique and fresh research papers for DEF CON Rajasthan - March 2012 Jaipur Meet. Call of Paper :-  Paper shold be.. -> Paper should be of current subject and not more than 1 year ol

Confusing Attackers with Artillery By Dave Kennedy (ReL1K) Dave Kennedy (ReL1K) , A security ninja & penetration tester develop Another amazing tool for Linux Protection, Named " Artillery ". This Article is written by Dave for our January Issue of The Hacker News Magazine , We like to share with our website Readers also: I've traditionally been on the offensive side of security through my career. With tools that I've developed like Fast-Track and The Social-Engineer Toolkit (SET), it's primarily focused on the attack front. Awhile back I had an idea of creating a more defensive tool around both Windows and *nix systems and keep things open-source as usual. I started Artillery about three months ago with the intent of developing an open-source project that does a bit of everything. The name " Artillery " spawns from one of my favorite techno bands Infected Mushroom and enhances the overall security of whatever touches it. Artillery supports both Linux and Windows and

Resellerclub and Directi Registrars Hacked Various Domains and Sudomains of two largest Reseller focused Registrars in the world got hacked by GrayHatz turkish Group of hackers. ResellerClub is one of the largest private label Web Solutions Providers globally. ResellerCLub's products represent an ongoing R&D effort of over 8 years and powers millions of websites. Hacked Domains and Mirrors : resellerclub.com https://www.zone-h.org/mirror/id/17046730 tr.resellerclub.com https://www.zone-h.org/mirror/id/17046737 br.resellerclub.com https://www.zone-h.org/mirror/id/17046731 china.resellerclub.com https://www.zone-h.org/mirror/id/17046732 de.resellerclub.com https://www.zone-h.org/mirror/id/17046733 es.resellerclub.com https://www.zone-h.org/mirror/id/17046734 india.resellerclub.com https://www.zone-h.org/mirror/id/17046735 russia.resellerclub.com https://www.zone-h.org/mirror/id/17046736 uk.resellerclub.com https://www.zone-h.org/mirror/id/17046738 careers