The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Where Anonymous declared war on the Israeli websites , today another Pakistani hacking group also came forward in support of GAZA by taking down multiple big Israeli sites and deface all Microsoft related Israeli domains including Bing, MSN, Skype, Live and other. Hacker start with " The Notorious Hackers are Back " , including 1337, H4x0rL1f3 , ZombiE_KsA and Invectus. But we are in contact with ZombiE_KsA (Founder of PakBug Forum) from last 2 years, so I just ask ZombiE_KsA about his involvement in this hack, and he clearly declined his involvement and said that other Pakistani hackers are using his name without permission in the Israeli deface pages to show his support , " and they copied my index as well, " he said. Anyway, deface page said, " on the behalf of all Pakistani and all Muslims," promising that "your war on Gaza will make you cry blood. " Zone-h of all defaced sites are available  here . Defaced domains are :

Yesterday we have reported that How Bug Bounty programs can play unfair with hackers and researchers, where hackers are submitting their legitimate findings to companies and no surprise if they are getting replies that " Someone else already reported this, you are not eligible for Bounty ". But the main issue is, if companies are really aware about the issue , then why they have not fixed it yet ?  Today we are going to Talk about Google, that How a ignored vulnerability can be brilliantly crafted and exploited by Hackers for phishing users. On 11th September this year, I have reported a persistent XSS vulnerability in Google and reply from Google Security Team was," It seems the XSS you reported actually executes on one of our sandboxed domains (googleusercontent.com). The sandboxed domain does not contain any session cookies for google services, nor does it have access to any Google.com data " I said its okay if they are sure about it that it

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many approaches offer piecemeal solutions – zeroing in on one particular element of the evolving threat landscape challenge – missing the forest for the trees.  In the last few years, Exposure Management has become known as a comprehensive way of reigning in the chaos, giving organizations a true fighting chance to reduce risk and improve posture. In this article I'll cover what Exposure Management is, how it stacks up against some alternative approaches and why building an Exposure Management program should be on  your 2024 to-do list. What is Exposure Management?  Exposure Management is the systematic identification, evaluation,

Paul F Renda  going to begin a series on hacking the politics in the united states and why India and china won the past Presidential election. This eclectic hacker look will use partial differential equations, game theory, the prisoner's dilemma, and fractals. I am going to show unequivalently that the true winner of the election is the expanding middle class in India and China. The losers are the middle class in the United States and, in particular, 19–34-year-old. Sometimes in history a confluence of unusual events occur every 100 years or 1,000 years; this is such a time. Dorothy, fasten your seatbelt. It is going to be a bumpy ride: You are not in Kansas anymore. In order for me to talk about politics and the election, I first have to introduce the Curley effect. This concept was developed by using empirical data and partial differential equations. It is mathematically sound, and mathematics is the language of the universe. I have copied the abstract and second paragraph of

A particular class of attacks commonly referred to as "code insertion" and often " Cross-Site Scripting " has become increasingly popular. Yesterday we reported about Cross site scripting bug Paypal and Apple . Hacker from Inj3ct0r Team reported a XSS Cross site scripting Vulnerability on MSN.com website. Vulnerability exist of a subdomain of MSN at https://news.de.msn.com/. Details posted in an advisory . Cross site scripting occurs when a web application gathers malicious data from a user. Hackers said that, " The goal is to close the capabilities gap between the cyber-criminals and white hats, by enabling defenders to perform more comprehensive testing of their defenses ." According to report, this XSS is working perfectly with Internet Explorer and Opera web browser, Proof of Concept URL's are posted in advisory and Image as shown.

It looks like Skype has another big hole in their security. According to reports, a security hole makes Skype accounts vulnerable to hijacking. The security hole allows unauthorized users with knowledge of your Skype-connected email address to change the password on your Skype account, thus gaining control of it. The hijack is triggered by signing up for a new Skype account using the email address of another registered user. No access to the victim's inbox is required one just simply needs to know the address. Creating an account this way generates a warning that the email address is already associated with another user, but crucially the voice-chat website does not prevent the opening of the new account. Then hacker just have to ask for a password reset token , which Skype app will send automatically to your email, this allows a third party to redeem it and claim ownership of your original username and thus account. The issue was reportedly documented on Russian forums

This morning I received the news of new attacks against Adobe, an Egyptian Hacker named ViruS_HimA hacked into Adobe servers and leaked private data. The hacker claims to have violated Adobe servers gaining full access and dumping the entire database with more of 150,000 emails and hashed passwords of Adobe employees and customers/partner of the firm such as US Military, USAF, Google, Nasa DHL and many other companies. The leaked file contains a list of for each account the following information: Firstname Lastname Title Phone Email Company Username Password hash The hacker declare that his intent was far from to destroy the business of the company, that's why he posted data leaked related only to Adobe, and belonging the domains "*.mil" and ".gov". Which is the motivation of the attack? The attack hasn't a politic motivation, ViruS_HimA desire to demonstrate that despite Adobe is one of the most important company in IT l