The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

The Deep Web (or Invisible web) is the set of information resources on the World Wide Web not reported by normal search engines. According several researches the principal search engines index only a small portion of the overall web content, the remaining part is unknown to the majority of web users. What do you think if you were told that under our feet, there is a world larger than ours and much more crowded? We will literally be shocked, and this is the reaction of those individual who can understand the existence of the Deep Web , a network of interconnected systems, are not indexed, having a size hundreds of times higher than the current web, around 500 times. Very exhaustive is the definition provided by the founder of BrightPlanet, Mike Bergman, that compared searching on the Internet today to dragging a net across the surface of the ocean: a great deal may be caught in the net, but there is a wealth of information that is deep and therefore missed. Ordinary

NSA intercepting 1.7 billion American electronic communications daily Since 9/11, the Agency has been able to "spy" on electronic communications without the need for court-approved warrants. The group has a large complex in Utah that cost $2 billion and holds the data. In 2006 the New York Times revealed that the Bush administration was eavesdropping on the electronic communications of Americans without the warrants required by law. The American Civil Liberties Union has created an infographic for mass distribution that shows some scary figures related to the U.S. National Security Agency. Four years ago Congress authorized the electronic surveillance of suspected terrorists and foreign agents located outside the United States, with provisions that supporters said would adequately protect the privacy of Americans. The only positive aspect of the FISA Amendments Act of 2008 was that the Congress imposed a four-year sunset provision on the powers it authorized. That sunse

Super Low RPO with Continuous Data Protection: Dial Back to Just Seconds Before an Attack Zerto , a Hewlett Packard Enterprise company, can help you detect and recover from ransomware in near real-time. This solution leverages continuous data protection (CDP) to ensure all workloads have the lowest recovery point objective (RPO) possible. The most valuable thing about CDP is that it does not use snapshots, agents, or any other periodic data protection methodology. Zerto has no impact on production workloads and can achieve RPOs in the region of 5-15 seconds across thousands of virtual machines simultaneously. For example, the environment in the image below has nearly 1,000 VMs being protected with an average RPO of just six seconds! Application-Centric Protection: Group Your VMs to Gain Application-Level Control   You can protect your VMs with the Zerto application-centric approach using Virtual Protection Groups (VPGs). This logical grouping of VMs ensures that your whole applica

New Jersey mayor arrested for hacking recall website The FBI last week arrested the mayor of the northern New Jersey town of West New York, together with his son, on charges of hacking into a website and a related email account that called for the mayor's recall. Felix Roque, 55, the mayor of West New York, N.J., was arrested with his son, Joseph Roque, 22. They were released on $100,000 personal bond after neither entered a plea. According to the criminal complaint filed against Felix Roque and his son, on 2 February 2012 the two men began to conspire to hack into and disable a website called www.recallroque.com. Joseph Roque then allegedly performed a password reset for the Go Daddy account used to administer recallroque.com. This allowed him to cancel the domain name and effectively disable the website, the FBI agent said in the affidavit. The conspiracy and unauthorised computer access charges each carry a maximum possible sentence of five years in prison and a fine of u

Hackers took control of two satellites for few minutes According to a US report recently claimed that hackers had managed to interfere with two military satellites, but one expert argues the amount of energy required would be too great for ordinary hackers. The hackers took control of the Landsat-7 and Terra AM-1 satellites for a grand total of 12 minutes and two minutes respectively. One might hope that the communications satellites suspended in orbit above the earth might be one component of the planet's technology infrastructure that is safely out of harm's way. But as satellite communications enthusiast Paul Marsh explained at the London Security B-Sides event in April, there are reasons to doubt the reports. He spoke about a similar story, reported in the late 1990s, about hackers supposedly accessing UK military satellite communications network SkyNet and 'nudging' one satellite out of synch. Whether Chinese hackers have that capability now is just one more matter of specu

Flame Malware - 21st Century Massive cyber attack on Iran A massive, highly sophisticated piece of malware has been newly found infecting systems in Iran and elsewhere and is believed to be part of a well-coordinated, ongoing, state-run cyber-espionage operation. The Flame computer virus not only stole large quantities of information from various Iranian government agencies, but apparently even disrupted its oil exports by shutting down oil terminals, information security firm Symantec Israel said yesterday. The Flame virus recently found in Iran could be used to infect other countries, according to the International Telecommunications Union. As the United Nations agency charged with helping members protect their data networks, the ITU plans to issue a warning about the danger of Flame. Iran's National Computer Emergency Response Team (Maher) said in a statement that the detection and clean-up tool was finished in early May and is now ready for distribution to organisations a

NASA SSL Digital Certificate hacked by Iranian Hackers Iranian hackers ' Cyber Warriors Team ' announced in an online post that it compromised an SSL certificate belonging to NASA and subsequently accessed information on thousands of NASA researchers. A space agency representative revealed that they're currently investigating the incident. The group said the certificate was compromised by exploiting an existing vulnerability within the portal's login system, but they didn't outline the entire attack. Once they had control over the certificate, they claim to have used it to "obtain User information for thousands of NASA researcher With Emails and Accounts of other users [sic]." " These incidents spanned a wide continuum from individuals testing their skill to break into NASA systems, to well-organized criminal enterprises hacking for profit, to intrusions that may have been sponsored by foreign intelligence services seeking to further their countries' objectives, " Paul K.

Zeus 2.x variant includes ransomware features Cybercriminals are getting more sophisticated, as reports are coming in that hacker coders have successfully merged a ransom trojan with a Zeus malware successor called Citadel . A notorious malware platform targeting financial information has added a new trick to its portfolio a digital version of hijack and ransom. F-Secure researchers have recently spotted a new Zeus 2.x variant that includes a ransomware feature. Basically a customised version of Zeus, the malware aims to provide better support for its offshoot of the Zeus code base, whilst at the same time allowing clients to vote on feature requests and code their own modules for the crimeware platform. Net-security explains the working of this Zeus 2.x variant,that Once this particular piece of malware is executed, it first opens Internet Explorer and points it towards a specific URL : lex.creativesandboxs.com/locker/lock.php. Simultaneously, the users are blocked from doing an

Anonymous hacks Bureau of Justice and leaks 1.7GB of data Anonymous has apparently hacked the United States Bureau of Justice Statistics and posted 1.7GB of data belonging to the agency on The Pirate Bay . This is a Monday Mail Mayhem release. Online statements attributed to Anonymous said they were responsible for the security breach and that the files they obtained include emails. " Today we are releasing 1.7GB of data that used to belong to the United States Bureau of Justice, until now, said Anonymous in a statement. The Department of Justice acknowledged that their webservers had indeed been breached, adding that their website as well as justive.gov had remained operational throughout the security breach. Department of Justice has been attacked multiple times since becoming a target for the hacking group after the shutdown of Megaupload. "  Within the booty you may find lots of shiny things such as internal emails, and the entire database dump. We Lulzed as they

Call for Articles : THN Magazine June 2012, Malware Edition The Hacker News is calling for our June Magazine on the issue related to MALWARE . We'd like to see an analysis of the history of these most worrying viruses and the contemporary usage in cyber espionage and cyber warfare. It would be interesting to analyze the impact of the malware diffusion in the private sector and in government agencies, emphasizing the effectiveness of the cyber threat. Other topics to study are cyber crime activities that involve malware as method of monetization, with particular references to principal frauds schemes. What is the awareness level on hazards of the malware in common people and how the theat could harm new scenarios like mobiles and Cloud. What are the main countermeasures to mitigate virus diffusion? Thank you for your thoughtful consideration and we are looking forward to your work on this very important topic!  Email us at  admin@thehackernews.com Download all THN Magazin

Bogus Facebook apps spreading Android malware Third-party Android markets have traditionally been the main source of infection since the Android boom, as they are less strict than the genuine Play when it comes to bouncing malware. Today Gmanetwork reports that, Users of mobile devices running Google's Android OS were warned over the weekend against a new fake app of the social networking giant that may lead to potential Android malware. These duplicated applications have the same behavior as their original counterparts (in terms of functionality), but they perform a http 302 redirect to another link, that's not Facebook-related, when they detect mobile traffic. What's most concerning is that many of the fake app-based malwares in circulation have purported to be legitimate copies of some of the most popular titles around. No sooner were Android users on red alert for a dodgy Angry Birds Space app, were they informed of a phony Instagram app wreaking havoc through some of the