The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Carberp Banking Trojan Scam - 8 Arrested in Russia 8 Men suspected of being involved in the Carberp phishing scam have been arrested in Russia. The men were arrested after a joint investigation by the Russian Ministry of Internal Affairs (MVD) and Federal Security Service (FSB). According to the MVD, the investigation found that two brothers were the ringleaders of the gang, and developed a plan to steal money from the accounts of online banking customers. The eight suspects allegedly stole more than 60 million Rubles ($2 million) from 90 victims using the Carberp Trojan. Russian security firm who assisted with the investigation, pegged the stolen loot at 130 million Rubles ($4.5 million). Police confiscated computers, bank cards, notary equipment, fake documentation, and more than 7 million Rubles ($240,000) in cash during the raid. The gang used the Carberp and RDP-door Trojans to snare victims. Carberp is a well-known Trojan that was recently seen on Facebook as part of a scam

Face to Face with Duqu malware Once again we discuss about Stuxnet, cyber weapons and of the malware that appears derivate from the dangerous virus. The international scientific community has defined a Stuxnet deadly weapon because been designed with a detailed analysis of final target environment supported by a meticulous intelligence work that for the first time in history has embraced the world of information technology. The agent was designed with the intent to strike the Iranian nuclear program and even more clear is who has always opposed such a program, U.S. and Israel first, and consider also the technology skill necessary to develope a weapon with the observed architecture is really high. Extremely important two factors af the event: 1. the choose of control systems as target of the malware. 2. the conception of the virus as an open project, a modular system for which it was designed a development platform used to assemble the deadly cyber weapons in relation to the final

The introduction of Open AI's ChatGPT was a defining moment for the software industry, touching off a GenAI race with its November 2022 release. SaaS vendors are now rushing to upgrade tools with enhanced productivity capabilities that are driven by generative AI. Among a wide range of uses, GenAI tools make it easier for developers to build software, assist sales teams in mundane email writing, help marketers produce unique content at low cost, and enable teams and creatives to brainstorm new ideas.  Recent significant GenAI product launches include Microsoft 365 Copilot, GitHub Copilot, and Salesforce Einstein GPT. Notably, these GenAI tools from leading SaaS providers are paid enhancements, a clear sign that no SaaS provider will want to miss out on cashing in on the GenAI transformation. Google will soon launch its SGE "Search Generative Experience" platform for premium AI-generated summaries rather than a list of websites.  At this pace, it's just a matter of a short time befo

Vulnerability in Google Earth Software exposed by longrifle0x Ucha Gobejishvili, Security researcher also known as Longrifle0x , found another Interesting Security issue in one of the most famous software called,  Google Earth. He found a critical code execution vulnerability on google earth software client. For Proof of Concept , One can download any version of Google Earth, Then open "Click Placemark" , Put a malicious code there as one sample given below and Execute your code. Another past bug hunting by  Longrifle0x : 1.)  Cross Site Scripting (XSS) Vulnerability in Google 2.)  Skype Cross Site Vulnerabilities, user accounts can be Hijacked 3.) [POC] Buffer Overflow Vulnerability in GOM Media Player v. 2.1.37 and More..

CNCERT Claims - Raising Web attacks on China China's National Computer Network Emergency Response Technical Team (CNCERT/CC)is claiming attacks on public and private organisations from outside of its borders have rocketed in the past year from five million computers affected in 2010 to 8.9m in 2011. They found 47,000 foreign IP address involved in remotely accessing and controlling computers in China during a random sample investigation in 2011. ' This shows that Chinese websites still face a serious problem from being maliciously attacked by foreign hackers or IP addresses ,' Mr Wang Minghua, deputy director of the team's operation department. It said Japan was the source of most attacks, 22.8 percent, followed closely by the United States, 20.4 percent, and the Republic of Korea, 7.1 percent. China has the world's largest Internet population. The number of its Internet users reached 485 million last June. However, a high percentage of that population had experi

NASA sub-domain and Australian Police targeted by Hackers Hacker with name " Black Jester " hack another subdomain (  https://airtrafficconflictresolutions.arc.nasa.gov )   of  NASA. Hacker compromise the database of site and leak password hashes of Users and Database Info also. The leaked info posed on Pastebin Note . In Another Attack, Hacker - S3rver.exe managed to breach the official website of the International Police Association of Australia (ipa-australiapolice.com.au). A Pastebin paste made by the hackers contains the site's database structure along with names, usernames, email addresses and password hashes, Softpedia Reported. The hackers claim that they have warned International Police Association representatives that the site contains some serious vulnerabilities, but apparently they did nothing to secure it. The hackers also tried to root the servers, but apparently it can't be rooted.

Casa Presidencial website defaced by Latinhack The  Casa Presidencial website  was in temporary control of hackers on  Sunday . The minister explained that the hack was noticed while doing a backup of the site. The cyber-attack was attributed to a group called Latinhack, whose members have perpetrated more than 13,000 attacks on various government sites in Spain, the United Kingdom, Venezuela, Chile and the Dominican Republic. He also said the website's information was never at risk because it is physically stored in different places at separate servers, so these events do not affect users. The prez's website is based on Joomla's Content Management System (CMS) which according to experts is vulnerable to hacks if not regularly maintained.

Pakistani Hackers attacks 31 government and 46 educational institutions Websites Maharashtra police said, websites of more than 46 educational institutions and 31 government websites based in the district were allegedly hacked by a group reportedly based in Pakistan. KhantastiC, a hacker who claimed to be a part of Pakistan Net Army (PNA) reported on 'zone-h.net' the number of 'Rajasthan.gov.in' domain named websites hacked by him since January 16, 2012. Muslim Liberation Army (MLA), an obscure group said to .be based in Lahore, allegedly hacked into  46 educational institutions websites. Cyber Crime Branch has launched investigations after receiving complaints in this regard.

Exclusive - Source Code Spoofing with HTML5 and the LRO Character Article Written by  John Kurlak for The Hacker News,He is  senior studying Computer Science at Virginia Tech. Today John will teach us that How to Spoof the Source Code of a web page. For example,   Open  https://www.kurlak.com/john/source.html  and Try to View Source Code of the Page ;-) Can you View ?? About eight months ago, I learned about HTML5's new JavaScript feature, history.replaceState(). The history.replaceState() function allows a site developer to modify the URL of the current history entry without refreshing the page. For example, I could use the history.replaceState() function to change the URL of my page in the address bar from " https://www.kurlak.com/example.html " to " https://www.kurlak.com/example2.html " When I first learned of the history.replaceState() function, I was both skeptical and curious. First, I wanted to see if history.replaceState() supported changing the entire URL of a page, inc

Mercury v1.0  - Framework for bug hunters to find Android vulnerabilities A free framework for bug hunters to find vulnerabilities, write proof-of-concept exploits and play in Android. Use dynamic analysis on Android applications and devices for quicker security assessments. Share publicly known methods of exploitation on Android and proof-of-concept exploits for applications and devices. The easy extensions interface allows users to write custom modules and exploits for Mercury Replace custom applications and scripts that perform single tasks with a framework that provides many tools. Mercury allows you to: Interact with the 4 IPC endpoints - activities, broadcast receivers, content providers and services Use a proper shell that allows you to play with the underlying Linux OS from the point of view of an unprivileged application (you will be amazed at how much you can still see) Find information on installed packages with optional search filters to allow for better control Buil

Kaspersky finds Malware that resides in your RAM Kaspersky Lab researchers have discovered a drive-by download attack that evades hard-drive checkers by installing malware that lives in the computer's memory. The 'fileless' bot is more difficult for antivirus software to detect, and resides in memory until the machine is rebooted. This Malware doesn't create any files on the affected systems was dropped on to the computers of visitors to popular news sites in Russia in a drive-by download attack.Drive-by download attacks are one of the primary methods of distributing malware over the web. They usually exploit vulnerabilities in outdated software products to infect computers without requiring user interaction. The attack code loaded an exploit for a known Java vulnerability (CVE-2011-3544), but it wasn't hosted on the affected websites themselves. Once the malware infected a Microsoft machine, the bot disabled User Account Control, contacted a command and control