The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

zDefender - Enterprise smartphone IDS/IPS released by Zimperium Do you recall the security firm Zimperium which came out with ANTI , the killer Android app that allowed even the clueless to hack and pwn like a pentester? Zimperium, an Israeli security start up founded by Zuk Avraham, a world-renowned hacker and security researcher, has debuted its latest product, the zDefender at DEMO in Santa Clara, California. Called zDefender , this product can detect malicious attacks and take proactive measures to reduce threats via automatic preventive traffic filters and a remote management console. With the onslaught of mobile malware, everyone should have antivirus up and running immediately after purchasing a smartphone. You'd think you were protected from various attacks like man in the middle (MITM) attacks ? At DEMO Spring 2012 , Zuk planted 2 Routers, providing 3 Access points, which have claimed about 3,000 mobile device victims so far. zDefender is able to do this by using Zimpe

winAUTOPWN v3.0 Released - System vulnerability exploitation Framework The improved GUI extension - WINAUTOPWN ACTIVE SYSTEMS TRANSGRESSOR GUI [ C4 - WAST ] is a Systems and Network Exploitation Framework built on the famous winAUTOPWN as a backend.  C4 - WAST gives users the freedom to select individual exploits and use them. BSDAUTOPWN has been compiled, like always for various flavours and has been upgraded to version 1.8 alongwith all applicable exploits which have been added in this release. Included this time is the bsd_install.sh, which will set chmod on all applicable BSD compiled binaries. WINAUTOPWN requires PERL,PHP,PYTHON,RUBY and its dependencies alongwith a few others' too for smooth working of exploits included in it. winAUTOPWN and bsdAUTOPWN are available at https://winautopwn.co.nr

To minimize the risk of privilege misuse, a trend in the privileged access management (PAM) solution market involves implementing just-in-time (JIT) privileged access. This approach to  privileged identity management  aims to mitigate the risks associated with prolonged high-level access by granting privileges temporarily and only when necessary, rather than providing users with continuous high-level privileges. By adopting this strategy, organizations can enhance security, minimize the window of opportunity for potential attackers and ensure that users access privileged resources only when necessary.  What is JIT and why is it important?   JIT privileged access provisioning  involves granting privileged access to users on a temporary basis, aligning with the concept of least privilege. This principle provides users with only the minimum level of access required to perform their tasks, and only for the amount of time required to do so. One of the key advantages of JIT provisioning

Rootdabitch version 0.1 - Multithreaded Linux root password Bruteforcer r00tw0rm hacker " th3breacher! "  release   Rootdabitch v0.1  ,which is a Multithreaded Linux/UNIX tool to brute-force cracking local root through su using sucrack. sucrack is a multithreaded Linux/UNIX tool for brute-force cracking local user accounts via su. The main feature of the Rootdabitch is that It's local brute forcer, using 10 passwords in 3 seconds. and works in background so you can leave it , when root is cracked it will email the user using /bin/mail . All for this, you need to have a php shell/reverse shell/ssh access to the target to run thistool and run it as a normal user, Upload this script into it and give it the execution permission and execute the script like:  ~ ./rootdabitch youremail@address.com If the password is cracked you will have a mail with the root password and the password will be stored into password.txt . Try it ! Download Rootdabitch 0.1

Pro-Tibetan activists become victim of Spear Phishing Hackers are ramping up their attacks against Tibetan activists and are using increasingly sophisticated techniques to deliver malware An interesting example of such a malicious email has recently been spotted by FireEye researcher Alex Lanstein, who is currently monitoring these spam campaigns. In the last few of months, several security vendors have reported targeted attacks that distributed malware designed to steal confidential information from people or organizations supporting the Tibetan cause. This tactic recently re-surfaced during our monitoring of Tibetan-leveraging malware campaigns. It came in the form of BKDR_RILER.SVR, a backdoor that arrives infected by PE_SALITY.AC. A simple Spear Phishing technique was used recently to trick Tibetan activists into opening malicious PDF email attachments, by quoting a legitimate email message sent by FireEye's Lanstein to people who submitted Tibet-related malware samples to

Security Concern : Internet Enabled TV can be hacked ! Is your Internet TV vulnerable to hackers? Internet TVs could be the newest avenue for cybercriminals to infiltrate your home or business. Last year, Researchers at Mocana, a security technology company in San Francisco, recently discovered they could hack into a best-selling Internet-ready HDTV model with unsettling ease. According to a new report from researcher NPD In-Stat predicts that 100 million homes in North America and Western Europe will own television sets that blend traditional programs with Internet content by 2016. What exactly these Internet Enabled TV have ?  Its IP addresses, always-on network interfaces, CPUs, storage, memory, and operating systems the details that have offered hackers a bounty of attack choices for the last three decades. " Our goal was to see if we could hack into the set-top box, steal customer personal information, pirate services, and incur denial-of-service conditions. " Rog

Nikjju Mass injection campaign target more than 2 Millions Urls Daniel Cid an open source developer and information security professional reported on Sucuri blog that their team tracked a new mass SQL injection campaign that started early this month and till now more than 180,000 URLs have been compromised.  Nikjju is a mass SQL injection campaign targeting ASP/ASP.net sites. At the time of writing Google has identified 361,000 pages infected with that javascript call, but the number is growing really fast. In this case it adds the following javascript to the compromised sites. One more interesting fact that researchers have noticed that  Nikjju.com domain was registered on April 1st 2012 and in 18 days more than 180,000 urls get infected. This mass Sql Injection also compromise some Government sites also , as listed below : jnd.xmchengdu.gov.cn study.dyny.gov.cn www.cnll.gov.cn www.bj.hzjcy.gov.cn www.mirpurkhas.gov.pk www.tdnyw.gov.cn gcjs.kaifeng.gov.cn Few hours we h