The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

DKFBootKit - First Android BootKit Malware NQ Mobile Security Research Center has recently uncovered a new malware DKFBootKit. This malware is identified when monitoring and analyzing the evolution of earlier DroidKungFu variants. What sets DKFBootKit apart from malware like DroidDream, is that DKFBootKit replaces certain boot processes and can begin running even before the system is completely booted up. DKFBootKit repackages legitimate apps by enclosing its own malicious payloads in them. However, the victim apps it chooses to infect are utility apps which require the root privilege to work properly. NQ says the malicious code has already infected 1,657 Android devices in the past two weeks and has appeared on at least 50 different mobile apps. These apps seem to have legitimate reasons to request root privilege for their own functionality. It is also reasonable to believe that users will likely grant the root privilege to these apps. DKFBootKit makes use of the granted root p

Twitter Takes Tweetdeck Offline due to Vulnerability Twitter has taken its Tweetdeck app offline after an apparent bug has possibly given some Tweetdeck users access to others' accounts. The web version of Tweetdeck is currently down , although older desktop editions of the software appear to continue to receive and send Tweets at the moment, and can still log out and back in. A Sydney, Australia-based Tweetdeck user named Geoff Evason says he discovered today he was somehow able to access hundreds of other accounts through Tweetdeck . " I'm a tweetdeck user. A bug has given me access to hundreds of twitter and facebooks account through tweetdeck. I didn't do anything special to make this happen. I just logged in one day, the account was was slower than normal, and I could post from many more accounts. " And demonstrated that he could access another account by sending Tweet . Other accounts may well be affected, as Twitter quickly shut off access to Tweetdeck entirely to "look int

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many approaches offer piecemeal solutions – zeroing in on one particular element of the evolving threat landscape challenge – missing the forest for the trees.  In the last few years, Exposure Management has become known as a comprehensive way of reigning in the chaos, giving organizations a true fighting chance to reduce risk and improve posture. In this article I'll cover what Exposure Management is, how it stacks up against some alternative approaches and why building an Exposure Management program should be on  your 2024 to-do list. What is Exposure Management?  Exposure Management is the systematic identification, evaluation,

Your Xbox 360 credit card details Vulnerable to Hack It has been discovered by researchers at Philadelphia's Drexel University, that credit card data on older Xbox 360 systems that have been traded in or sold on. Hackers can now retrieve personal information from refurbished Xbox consoles, suggesting consumers exercise more caution with their electronic devices. " Anyone can freely download a lot of this software, essentially pick up a discarded game console, and have someone's identity ," said researcher Ashley Podhradsky. The team has discovered that even restoring your console to factory settings won't remove some of the data stored on the Xbox 360. " Xbox is not designed to store credit card data locally on the console, and as such seems unlikely credit card data was recovered by the method described. Additionally, when Microsoft refurbishes used consoles we have processes in place to wipe the local hard drives of any other user data. We can assure Xbox own

Chinese Government sites defaced by Anonymous China @AnonymousChina Hackers taking down and defacing various Chinese government web sites. Hack is the part of operation #GlobalRevolution by Anonymous. The page is like other defacements with ASCII text, a message to the government in question and other Anonymous trademarks. This defacement is far more entertaining than past hacks, however, because they autoplay The Who's classic song Baba O'Riley. Also it have one Chinese phrase, "患难见真情." According to Google Translate, it means " A friend in need is a friend indeed ." Deface sites include :  https://www.qnwqdj.gov.cn/ https://www.dzwqb.gov.cn/ https://www.bbdj.gov.cn/ https://tygtzy.gov.cn/index.php And with this, Hackers also leak the database info of https://www.wnpop.gov.cn/ and https://www.meda.gov.cn. Leaks are posted on Pastebin 1 and 2 .

50K Cards Compromised using Credit Card Processor Some 50,000 credit and debit cardholders may have their information exposed following a security breach at Global Payments. The breach occurred sometime between between Jan. 21, 2012 and Feb. 25, 2012. Both Visa and MasterCard have confirmed they have warned U.S. banks that a credit card processor was reportedly breached. Both firms say their own security systems were not compromised. MasterCard said law enforcement has been notified of the matter and an "independent data security organization" is conducting a forensic review of the matter. " MasterCard's own systems have not been compromised in any manner, " a company spokesman said in a statement. The company will " continue to both monitor this event and take steps to safeguard account information ." Because it sits in this middle ground directing where payment information goes, an attack on its system would leave a lot of private financial data

Why Hackers Can't take down DNS root servers ? Interpol Chief Ronald Noble on Friday warned that a group of hackers might try to shut down internet service tomorrow. The hacking group, Anonymous, is protesting against several reasons including the crash of Wall Street and irresponsible leaders. There are 13 DNS servers that host the core databases for translating IP addresses. Anonymous hackers have announced " Operation Global Blackout ", promising to cause an Internet-wide blackout by disabling the core DNS servers. Anonymous  Hackers wants to bombard those 13 servers with traffic using a distributed denial of service attack. If the servers get too overloaded, they'll crash and therefore be unable to fulfil DNS lookups rendering all domain names useless. But there are lots of Limitations in this type of attack : There are 13 Root Servers out there, It it not possible to shut down every of them. Even every root server is under control of various companies and they h

CIA Chief : We will Spy on You Through Your TV According to the Central Intelligence Agency, the organization says spies won't have to plant bugs in homes, businesses or other places where they want to spy because of coming advances in computer and Internet technology. The CIA claims that when you download a Netflix film or listen to web radio, they will know exactly what you are doing. Spies will no longer have to plant bugs in your home, the rise of 'connected' gadgets controlled by apps will mean that people 'bug' their own homes, says CIA director David Petraeus. The CIA says it is very possible the agency and others will be able to "read" these and other gadgets from outside the places they want to monitor via the Internet and perhaps even with radio waves outside your home. Once upon a time, spies had to place a bug in your chandelier to hear your conversation. With the rise of the smart home, you'd be sending tagged, geolocated data that a spy

FBI Cyber Chief Says U.S. Losing War Against Hackers FBI is struggling to combat cyberattacks by hackers. "We're not winning," FBI executive assistant director Shawn Henry said. Four top government cybersecurity officials have basically come out to say America is getting her hiney kicked in cyberattacks by nation state hackers. Shawn Henry, who is getting ready to leave the bureau after more than two decades with the law enforcement agency, says the United States is falling behind in the ongoing fight against cyber ne'er-do-wells. " Your government failed you ," testified Richard Clarke, a former cybersecurity and cyberterrorism advisor for the White House. He said that to Congress about 9/11, but now he's warning the people that we are defenseless when it comes to cybersecurity; our government has failed us again. Clarke stated, " Every major company in the United States has already been penetrated by China ." Who declared this war and

Apple Azerbaijan got hacked by Team Nuts The domain Apple.az represents 'Apple Azerbaijan' and it redirect to the Official Reseller of Apple in Arizona ( www.almastore.az ) , Which Got Hacked By Member Of Team Nuts ' YasH' and 'COde InjectOr' today evening. 1st Deface page was uploaded by hacker on Index page, but later they upload it to another location : https://www.almastore.az/news/images/ . Linux kernel on server reported by hackers is 2.6.18-92.el5 #1 SMP Tue Jun 10 18:49:47 EDT 2008 i68 which have Vulnerability of Remote Arbitrary Code Execution. No web-shell was used in this attack.  Hackers added that this was not targetted. Last week same hacker hack into Stanford University website and deface it.

 eCommerce Fraud Detection Tool   - An Anti-fraud solution by MasterCard In the past, a lost wallet, stolen credit card, or misplaced ID were among the paramount culprits of identity theft.Today, one need not lose a thing to eventually lose it all. commerce merchants have a new tool at their disposal to help mitigate the risk of fraud in online transactions, with MasterCard's introduction of Expert Monitoring Fraud Scoring for Merchants. MasterCard will release an e-commerce anti-fraud product for merchants in May, said Mike Plotnick, MasterCard's communications leader. MasterCard announced the product at the Merchant Risk Council show in Las Vegas. The solution is designed for global merchants to assess transactions on U.S.-issued cards. In other words, the service provides merchants with a "predictive fraud score for Card-Not-Present transactions in real time to measure the likelihood that a transaction is fraudulent."Basically, the service looks at the buyer's history and gi

NMAP Script to Check Presence of ms12-020 RDP vulnerability Yesterday   Sam Bowne was working on a NMAP script, which will be able to  Check Presence of ms12-020 RDP vulnerability on a machine via scan only. But unfortunately, it was less in success rate, Later  @ea_foundation joins  Sam Bowne  to develop a working Nmap script. Microsoft bulletin ms12-020 patches two vulnerabilities. CVE-2012-0152 which addresses a DoS vulnerability inside Terminal Server,and CVE-2012-0002 which fixes a vulnerability in Remote Desktop Protocol.Both are part of Remote Desktop Services. The hackers worked quickly on this particular vulnerability and we've already seen attempts to exploit the flaw which exists in a part of Windows called the Remote Desktop Protocol. Script works by checking for a CVE-2012-0152 vulnerability.Patched and unpatched system differ in the  results from whichwe can conclude if the service is vulnerable or not. Download Nmap Script :  ms12-020-rev.nse

Corruption & Persistent Vulnerability in Skype 5.8 and 5.5 Ucha Gobejishvili ( longrifle0x ) Benjamin Kunz Mejri (Rem0ve)&Alexander Fuchs (f0x23) , security Experts from The Vulnerability-Lab Team discovered a remote pointer corruption with persistent weakness on Skypes v5.8.0.156 Windows 7 & MacOS v5.5.2340. The security risk of the remote denial of service vulnerability via pointer corruption is estimated as high(-). Skype is a software application that allows users to make voice and video calls and chats over the Internet. Calls to other users within theSkype service are free, while calls to both traditional landline telephones and mobile phones can be made for a fee using a debit-baseduser account system. According to Expert, Vulnerability was reported to Vendor on 2012-02-24,  and Vendor Fix/Patch by Check on 2012-03-20. Affected versions are Skype - Windows, MacOs & Linux v5.8.0.156, 5.5.0.2340, 2.2 Beta. The exploitation method will work Remotely. A pointer