The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Flame spy virus going to Suicide The creators of the world's most complicated espionage virus Flame have sent a 'suicide' command that removes it from some infected computers. U.S. computer security researchers said on Sunday that the Flame computer virus, which struck at least 600 specific computer systems in Iran, Syria, Lebanon, Egypt, Sudan, Saudi Arabia and the Palestinian Authority, has gotten orders to vanish, leaving no trace. The 20-megabyte piece of malware already had a self-destruct module known as SUICIDE that removed all files and folders associated with Flame, but the purging command observed by Symantec researchers instead relied on a file called browse23.ocx that did much the same thing. According to Symantec, the 'suicide' command was "designed to completely remove Flame from the compromised computer," the BBC reports. Computers infected with Flame, including honeypots, have been routinely contacting its C&C servers to check for new commands. W

CVE-2012-2122 : Serious Mysql Authentication Bypass Vulnerability A serious security bug in MariaDB and MySQL Disclosed, According to Advisory All MariaDB and MySQL versions up to 5.1.61, 5.2.11, 5.3.5, 5.5.22 are vulnerable. This issue got assigned an id CVE-2012-2122. " When a user connects to MariaDB/MySQL, a token (SHAover a password and a random scramble string) is calculated and comparedwith the expected value. Because of incorrect casting, it might'vehappened that the token and the expected value were considered equal,even if the memcmp() returned a non-zero value. In this caseMySQL/MariaDB would think that the password is correct, even while it isnot. Because the protocol uses random strings, the probability ofhitting this bug is about 1/256 ." " Which means, if one knows a user name to connect (and "root" almostalways exists), she can connect using *any* password by repeatingconnection attempts. ~300 attempts takes only a fraction of second, s

Identities now transcend human boundaries. Within each line of code and every API call lies a non-human identity. These entities act as programmatic access keys, enabling authentication and facilitating interactions among systems and services, which are essential for every API call, database query, or storage account access. As we depend on multi-factor authentication and passwords to safeguard human identities, a pressing question arises: How do we guarantee the security and integrity of these non-human counterparts? How do we authenticate, authorize, and regulate access for entities devoid of life but crucial for the functioning of critical systems? Let's break it down. The challenge Imagine a cloud-native application as a bustling metropolis of tiny neighborhoods known as microservices, all neatly packed into containers. These microservices function akin to diligent worker bees, each diligently performing its designated task, be it processing data, verifying credentials, or

Online game ' League of Legends ' Compromised A recent slew of security failures have left countless accounts hacked at sites like Linkedin and eHarmoney. Now League of Legends is the latest database to suffer from hackers this week. Riot has sent out a mail to registered League of Legends players in Europe, asking them to change their passwords due to a hackers accessing some player account information. Full details are below, but know that according to Riot," absolutely no payment or billing information of any kind was included in the breach. " but email addresses, encrypted account password, summoner name, date of birth, and for a small number of players – first and last name and encrypted security question and answer. Obviously, this information could be used in phishing scams. Riot Games does encrypt passwords through it warns " our security investigation determined that more than half of the passwords were simple enough to be at risk of easy cracking ". Marc Merr

Critical Sqli Vulnerability in channel [V] Website A 16 years old White Hat Hacker " Arjun Siyag " from India discover a Critical Sqli Vulnerability in channel [V] Website ( https://www.channelv.in ). Proof of the hack is as shown in above image. Hacker disclose only the admin username and password, which will not effect the admin panel directly,because for login Email ID is required.  SQL Injection is one of the many web attack mechanisms used by hackers to steal data from organisations. It is perhaps one of the most common application layer attack techniques used today. Through SQL Injection, the hacker may input specifically crafted SQL commands with the intent of bypassing the login form barrier and seeing what lies behind it. This is only possible if the inputs are not properly sanitised (i.e., made invulnerable) and sent directly with the SQL query to the database. SQL Injection vulnerabilities provide the means for a hacker to communicate directly to the database.

Serious Tumblr Cross Site Scripting Vulnerability can be used to Spread Worms Two Indian Security Researchers Aditya Gupta ( @adi1391 ) and Subho Halder ( @sunnyrockzzs ) have found a serious Cross Site Scripting vulnerability in one of the most famous social networking websites Tumblr. This could be used to steal the cookies of the authenticated user, as well as could be used to make a worm, like the one seen in MySpace (Samy Worm) and Orkut (Bom Sabado) earlier. " We have also tried to contact them via Twitter and mail earlier, but no response from their side. So we have decided to release it. Well, not exactly, where the vulnerability is, but just to let them know that it is vulnerable ." Tumblr is the one of the most popular social networking websites worldwide, and is ranked 37th by Alexa.

Last.fm Confirms They Were Hacked , Change Your Passwords Now After this week's LinkedIn fiasco, it appears the latest tech giant to fall to bored hackers is Last.fm. Music-streaming website Last.fm is the latest organisation to urge its users to change their passwords immediately. The London-based site, owned by CBS, said in an advisory that it was currently investigating a possible leak of passwords but did not provide any further details. The dating site said it is "continuing to investigate" but "as a precaution" has reset affected members passwords.Affected members will receive an email with instructions on how to reset their passwords.eHarmoney, which brands itself as "#1 Trusted Online Dating Site for Singles" has around 20 million registered online users. The breach was confirmed by Last.fm on their official Twitter account overnight, and comes amidst a backdrop of similar breaches, including at LinkedIn where up to 8 million passwords may ha