The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Sandcat Browser 2.0 Released,  Penetration Testing Oriented Browser Sandcat Browser version 2.0 includes several user interface and experience improvements, an improved extension system, RudraScript support and new extensions. What is Sandcat Browser? The fastest web browser combined with the fastest scripting language packed with features for pen-testers. Sandcat Browser is a freeware portable pen-test oriented multi-tabbed web browser with extensions support developed by the Syhunt team, the same creators of the Sandcat web application security scanner. The Sandcat Browser is built on top of Chromium, the same engine that powers the Google Chrome browser, and uses the Lua language to provide extensions and scripting support. This first Sandcat Browser release includes the following pen-test oriented features: Live HTTP Headers Request Editor extension Fuzzer extension with multiple modes and support for filters JavaScript Executor extension -- allows you to load and run extern

Cyber Criminals took over billion dollar of Brazilian companies PricewaterhouseCoopers has revealed in a report that cyber criminals are now shifting their attacks towards emerging markets, especially those engaging with carbon emission trades which promote low carbon technologies but whose security measures have not yet grown to combat online attacks. In Brazil, 8% of the companies under attack of Cyber Criminals and had losses above $ 1 billion of Brazilian companies. A recent survey by PricewaterhouseCoopers (PwC) finding that over one third of Brazilian companies (32%) was the victim of cybercrime last year. The world average is lower, 23% of companies have been targets of cyber attacks in 2011. More than half of Brazilian executives (51%) explained that one of the biggest problems related to awareness and combat electronic crime is the fact that management of their companies adopted only informally or on an ad hoc solutions and security processes. Cyber criminals are targetin

Super Low RPO with Continuous Data Protection: Dial Back to Just Seconds Before an Attack Zerto , a Hewlett Packard Enterprise company, can help you detect and recover from ransomware in near real-time. This solution leverages continuous data protection (CDP) to ensure all workloads have the lowest recovery point objective (RPO) possible. The most valuable thing about CDP is that it does not use snapshots, agents, or any other periodic data protection methodology. Zerto has no impact on production workloads and can achieve RPOs in the region of 5-15 seconds across thousands of virtual machines simultaneously. For example, the environment in the image below has nearly 1,000 VMs being protected with an average RPO of just six seconds! Application-Centric Protection: Group Your VMs to Gain Application-Level Control   You can protect your VMs with the Zerto application-centric approach using Virtual Protection Groups (VPGs). This logical grouping of VMs ensures that your whole applica

The Killswitch : They can remotely modify your Window 8 Last year,a Finnish software developer, was cruising Google's Android Market for smartphone apps last year when he noticed something strange. Dozens of best-selling applications suddenly listed the same wrong publisher. Google uses a little known kill switch, to forcibly removing the malicious code from more than 250,000 infected Android smartphones. It's a powerful way to stop threats that spread quickly, but it's also a privacy and security land mine. With the rollout of the Windows 8 operating system expected later this year, millions of desktop and laptop PCs will get kill switches for the first time. Microsoft has confirmed that they have remote kill switch installed in to Windows 8 apps. using this access, they can disable and even remove an app entirely from a user's device. This piece of information was released along with other details of the upcoming Windows Store for Windows 8. Anyone worried about Microsoft having

Interpol  #TangoDown , Suspected 25 Anonymous arrested Interpol's Web site (www.interpol.int) went down Tuesday just hours after the international police agency announced the arrest of 25 suspected members of the hacking collective Anonymous in Argentina, Chile, Colombia and Spain. The authorities in Argentina, Chile, Colombia and Spain carried out the arrests and seized 250 items of IT equipment and mobile phones, Interpol says.Those arrested are aged between 17 and 40. A National Police statement said two servers used by the group in Bulgaria and the Czech Republic had been blocked.It said the four included the alleged manager of Anonymous' computer operations in Spain and Latin America, who was identified only by his initials and the aliases " Thunder " and " Pacotron ". Authorities in Europe, North America and elsewhere have made dozens of arrests, and Anonymous has increasingly attacked law enforcement, military and intelligence-linked targets in retal

$60000 for Exploiting Google Chrome, Hackers at Pwnium  work... Google has offered prizes, totalling $1 million, to those who successfully hack the Google Chrome browser at the Pwn2Own hacker contest taking place next week i.e 7 March 2012. Chrome is the only browser in the contest's six year history to not be exploited like at all.  Therefore Google will hand out prizes of $60,000, $40,000, and $20,000 for contestants able to remotely commandeer a fully-patched browser running on Windows 7. Finding a "Full Chrome Exploit," obtaining user account persistence using only bugs in the browser itself will net the $60k prize. Using webkits, flash, or a driver-based exploit can only earn the lesser amounts. Prizes will be awarded on a first-come-first-serve basis, until the entire $1 million has been claimed. " While we're proud of Chrome's leading track record in past competitions, the fact is that not receiving exploits means that it's harder to learn and improve ," said C

Secunia PSI 3.0 : Automatic Patching Of Insecure Applications Secunia Personal Software Inspector (PSI) is a free program that scans the system for programs that are installed in an outdated version.The developers have just released the first beta version of Secunia PSI 3.0 for Windows. A new version of the Personal Software Inspector (PSI) tool from vulnerability management firm Secunia automates the updating of third-party programs that don't already have auto-updaters built-in. When you start the program for the first time after installation, you are asked to run a scan on the system. Secunia compares the list of installed software with the latest versions stored in their database. A list of outdated programs are then displayed in the program interface. Though most software vendors release patches, its tedious for users to find these updates and download them, where Secunia inspector tool identifies vulnerable programs and plug-ins in your Computer, download and installs all t

Irongeek 's Shared hosting MD5 Change Detection Script Adrian Crenshaw aka  Irongeek  just release another great tool for web admins that will monitor the files on a website, and report any changed via email. Actually " irongeek.com " was hacked few days back which is hosted on a shared hosting. There is an awesome article posted by him on his blog " How I Got Pwned: Lessons in Ghetto Incident Response ". I think after that  Adrian decide to make a handy tool/script to help web admins so that they can easily monitoring there files on a shared server. This simple shell Script user can run on a shared server. Let suppose once hackers get into your website either by exploiting known vulnerabilities in any of the installed programs OR by getting FTP access to your server, the first thing they usually do is to plant backdoor scripts to log them in again at a later date. They need some executable script on the server to gain access to MySQL passwords, installatio

r00tw0rm leak United Nations Environment Programme database r00tw0rm group of Hackers hack and leak the complete 82.8 MB database from The united nations environment programme ( UNEP ), which is the voice for the environment in the united nations system. Via a tweet, r00tw0rm shout ," United nations environment programme https://pastebin.com/pXXNv2rH @inj3ct0r @AntiSecOp @sanjar_satsura @Oblivi0u5 @AnonymousIRC @OpCensorThis_ " Hackers leaks data on various file hosting sites such as rapidshare . According to leak, 5 databases and 100's of tables with admin logins and users data.  The united nations environment programme ( UNEP ) website is currently down while writing this post. Other Hacks by r00tw0rm can be seen here .

Occupy Obama's Google+ ,Chinese Internet Users Flood G+ Page Many Chinese have taken up a call to " Occupy Obama's Google+ " over the weekend in the style of Occupy Wall Street in order to feel "close" to the popular world leader as well as air some of their views. Hundreds of Chinese have flooded US President Barack Obama's Google+ page, apparently taking advantage of a glitch in China's censorship system to post about human rights and green cards. At first glance, it looks like the official Google+ page is being spammed, but taking a look at some of the comments left in English, you'll realise that it's Chinese citizens who have taken to the social network to decry their government's appalling human rights track record. Some netizens urged Obama to help free activists such as blind lawyer Chen Guangcheng, who is currently under house arrest, or Liu Xiaobo, the jailed Nobel Peace Prize winner. Some comments left by the Chinese called for free speech and human rights. Other

Ascend D quad : World's fastest Android by Huawei Huawei has introduced what it calls the world's fastest quad-core smartphone, the Huawei Ascend D quad. Powered by Huawei's K3V2 quad-core 1.2GHz/1.5GHz processor the beast comes with Android 4.0. In an aggressive presentation at the Mobile World Congress Show in Barcelona, Huawei repeatedly compared its new product to Samsung's Galaxy Nexus and Apple's latest iPhone. Huawei also unveiled the Ascend D quad XL and Ascend D1. Both devices include 32-bit true color graphic processors, an 8-megapixel rear-facing camera with 1080p full HD video capture and a 1.3-megapixel front-facing camera with 720p video capture. The phone also has Dolby 5.1 Surround Sound and Audience earSmart voice technology and an 8-megapixel BSI rear-facing camera, 1.3 megapixel front-facing camera, and 1080p full HD video-capture and playback capabilities. Ascend D Quad is much faster, too- 20 percent to 30 percent faster, in fact, than one running

WikiLeaks suspect Bradley Manning nominated for Nobel Peace Prize 2012 A spokesman for the Nobel Peace Prize jury says 231 nominations have been submitted for this year's award, with publicly disclosed candidates including WikiLeaks whistle-blower Bradley Manning may be among the hundreds of nominees for the 2012 Nobel Peace Prize, rights activists say. Bradley Manning, a 23-year-old Army intelligence analyst, is accused of leaking a video showing the killing of civilians, including two Reuters journalists, by a US Apache helicopter crew in Iraq. He is also charged with sharing the documents known as the Afghan War Diary, the Iraq War Logs, and embarrassing US diplomatic cables, with the anti-secrecy website WikiLeaks. The video and documents have illuminated such issues as the true number and cause of civilian casualties in Iraq, human rights abuses by U.S.-funded contractors and foreign militaries, and the role that spying and bribes play in international diplomacy. Among th

#WikiLeaks publishes millions of Hacked Stratfor E-mails #gifiles WikiLeaks today began publishing more than five million confidential e-mails from US-based Intelligence firm Stratfor.  About 5.5m emails obtained from the servers of Stratfor, a US-based intelligence gathering firm with about 300,000 subscribers and has been likened to a shadow CIA. The emails, snatched by hackers, could unmask sensitive sources and throw light on the murky world of intelligence-gathering by the company known as Stratfor, which counts Fortune 500 companies among its subscribers. Stratfor in a statement shortly after midnight said the release of its stolen emails was an attempt to silence and intimidate it. The Online organisation claims to have proof of the firm's confidential links to large corporations, such as Bhopal's Dow Chemical Co and Lockheed Martin and government agencies, including the US Department of Homeland Security, the US Marines and the US Defense Intelligence Agency. Wiki