The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

We have seen for the past couple years the cyber wasteland become something that is not dominated by young ambitious hackers anymore. The age of the Wild West is over and the big boys want a piece of the action. With so many infrastructures connected to the web these days it is only natural for more powerful and interested concerns to take their skills to the web. We are seeing the beginnings of true cyber war and it is something that is not going to be stop anytime soon. In the past, what we have seen mostly is governments stay behind the scenes and do defense when it comes to the cyber war. If the government did go on the offensive it would be in secret only discovered when some security firm would get lucky and find some code that would hint to government influence . But these days it is not like that anymore. Everyone knows that the governments of the world are going all out when it comes to cyber war. And the worst part about it is that when it comes to regular civilian

(DDI) Vulnerability Research Team (VRT) for reported a critical vulnerability in VMware View Server , that  is a directory traversal vulnerability that allows an unauthenticated remote attacker to retrieve arbitrary files from affected View Servers. Exploitation of this issue may expose sensitive information stored on the server. VMware has issued a patch for its VMware View product. It is listed as ' VMSA-2012-0017 ' in security advisory. This vulnerability affects both the View Connection Server and the View Security Server; VMware recommends that customers immediately update both servers to a fixed version of View. The Common Vulnerabilities and Exposures project has assigned the name CVE-2012-5978 to this issue. VMware's update to VMware View is available for free to license holders of the product and can be downloaded here . Disabling the Security Server will prevent exploitation of this vulnerability over untrusted remote networks or It may be p

This week Corey and Marty over at FixMeStick shared the specs of their recently released FixMeStick PRO with me. This Pro is the best remote malware remediation product we've seen. It retails for $299.99 per year, or $209.99 for the first 50 'The Hacker News' readers ( use coupon code  'THNFIX ' for 30% Discount ), and can be used an unlimited number of times on an unlimited number of PCs per year. The price is per year because the FixMeStick contains three anti-virus engines licensed from three anti-virus companies keeping three malware definition databases up to date etc... Finds: Three anti-virus engines working together to find the widest range of infections. Removes: 'Computer on a stick' architecture provides a separate and clean operating system to fix Windows operating systems. Delivers: Highest confidence remediation. Remote Access: Remote access independent of the host operating system, i.e. out-of-band remote management, like a remote access

SaaS applications are dominating the corporate landscape. Their increased use enables organizations to push the boundaries of technology and business. At the same time, these applications also pose a new security risk that security leaders need to address, since the existing security stack does not enable complete control or comprehensive monitoring of their usage. LayerX has recently released a new guide, " Let There Be Light: Eliminating the Risk of Shadow SaaS " for security and IT teams, which addresses this gap. The guide explains the challenges of shadow SaaS, i.e., the use of unauthorized SaaS apps for work purposes, and suggests practices and controls that can mitigate them. The guide also compares various security controls that attempt to address this risk (CASB, SASE, Secure Browser Extension) and explains how each one operates and its efficacy. Consequently, the guide is a must-read for all security leaders at modern organizations. Here are the main highlights:

U.S. intelligence sources confirmed that, Official websites of Al-Qaida were knocked offline two weeks back and still down due to DDoS attack. According to source , " This is one of the longest disruptions the organization has experienced since it set up its online distribution system in 2006. Al-Qaida also was hit by a massive cyber attack in late 2008, from which the online network never recovered ." The websites are forced to offline, just before the release of a film titled as " Salil al-Sawarim 3 ", which is actually the propaganda video of Iraqi soldiers with dead insurgents by Al-Qaida. From last few months, online jihadists are discussing the release and had been sharing images and footage from the production. The cyber attack comes as the U.S. State Department, according to a senior official. The cyber attack on Al-Qaida network delayed the release of movie. According to another source, the last version " Salil As-Sawarim 2 " movie was do

Anonymous Croatia hacking crew yesterday deface two Croatian Banks websites and add Anonymous Logo on home pages. The hackers left a message saying: " We are Anonymous. We don't forgive. We don't forget. You were stealing enough from people. Soon the other banks will fall ". Karlovacka Banka (kaba.hr) and samoborska banka (sabank.hr) websites were hacked last morning. Defaced page had a background music with lyrics " No, No more sorrow I've paid for your mistakes Your time is borrowed Your time has come to be replaced " In Talk with ' The Hacker News ' member, hacker give statement ," You have been stealing for too long. Soon more banks will fail. " "This operation will go under  #OpBanks and we are going to hack more banks" hacker said.