The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

A Russian hacker who goes by the handle " Barabus " on the GameDev.ru forums illegally crack Xbox Live Arcade game The Dishwasher: Vampire Smile , developed by Ska Studios and port it on PC. He claimed that he was justified in illegal cracking: " This is not piracy, this is restoration of justice. The authors are not very nice to publish the game exclusively for the Xbox 360, making it impossible for PC gamers to play in such a great game ."  The port is currently in beta and has no permissions from Ska Studios to even exist. But this isn't a problem, according to the developer, as they say they're not stealing anything from Ska Studios. In the same forum post, the game's creator Ska Studios founder James Silva said: " I guess you could say my reaction is mixed. I'm flattered that there's this much interest in Vampire Smile on PC. I'm not mad about the crack itself, in fact, I'm actually pretty impressed. But I'm bewildered by the cracker's attempt to jus

Recently Twitter has rolled out Vine app for Android, A new way to share video on twitter. The free app, which enables people to record and share clips of up to six seconds with other Vine users as well as on Twitter and Facebook. But on the very next day, Twitter's video-sharing application Vine was hacked by 16-year-old Will Smidlein , who uploaded the three-and-a-half minute video of Rick Astley's song " Never Gonna Give You Up ." This video violated Vine's usual code that only six second videos are posted. " I think I broke Vine ," Will Smidlein tweeted Monday night , where he described himself as a Web developer. What he did exactly? Smidlein decompile the app's code into a readable format, then modify few parts of the program that actually validate user to upload only 6 sec video. " Sorry, Twitter/Vine engineers, " he wrote. " I tried to keep it quiet, but the internet never forgets." ,  it could potentially embarrass a few of

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many approaches offer piecemeal solutions – zeroing in on one particular element of the evolving threat landscape challenge – missing the forest for the trees.  In the last few years, Exposure Management has become known as a comprehensive way of reigning in the chaos, giving organizations a true fighting chance to reduce risk and improve posture. In this article I'll cover what Exposure Management is, how it stacks up against some alternative approaches and why building an Exposure Management program should be on  your 2024 to-do list. What is Exposure Management?  Exposure Management is the systematic identification, evaluation,

Syrian Electronic army appears to be taking part in ongoing operation against Turkey government website. Hackers collectively called Anonymous and SEA breached into Turkish Ministry of Interior website and the private information of staffers in PM Tayyip Erdogan's office. Hackers claimed that they gained access to staff email addresses, passwords and phone numbers. As exposed on internet, database include emails and plain text passwords of 90 users. In addition , Hackers also managed to take down the Turkey's Prime Minister (basbakanlik.gov.tr) website. Many other sites belongs to Turkish govt was defaced last night by various hackers around the world including the country's ruling party as operation #OpTurkey. The team also defaced the  dosya.icisleri.gov.tr/Dosyalar/  and placed their logo on site. " Rise against the injustice of Erdogan's Tyranny. Rise against the policies of hypocrisy perpetrated by the Erdogan Regime ." The defacement message reads

Two Factor Authentication is becoming a standard in the enterprise security space in an attempt to dually secure end users against malicious attacks.  Following Dropbox, Google and virtually everyone else, LinkedIn added two-factor authentication to its login process today. LinkedIn will provide temporary codes for two-factor authentication  through SMS messages. The extra step is designed to lessen the chances of computer hackers breaking into user accounts. To turn on two-step verification on LinkedIn, hit the icon in the top-right corner of the site, click on "Privacy & Settings," and then on "Manage security settings" at the bottom. The site has provided instructions to its 225 million users on how to turn on the optional service. On other side, today @The_Pr0ph3t, whitehat Hacker from Spain reported a Cross Site Scripting Vulnerability in LinkedIn Developer site (developer.linkedin.com).  Flaw still exists on website at the time of writing, and hacker

A global cyber espionage campaign affecting over 350 high profile victims in 40 countries, appears to be the work of Chinese hackers using a Surveillance malware called " NetTraveler ". Kaspersky Lab's team of experts published a new research report about NetTraveler, which is a family of malicious programs used by APT cyber crooks. The main targets of the campaign, which has been running since 2004, are Tibetan/Uyghur activists, government institutions, contractors and embassies, as well as the oil and gas industry. Spear phishing emails were used to trick targets into opening malicious documents . The attackers are using two vulnerabilities in Microsoft Office including Exploit.MSWord.CVE-2010-333, Exploit.Win32.CVE-2012-0158, which have been patched but remain highly-popular on the hacking scene, and have run NetTraveler alongside other malware. C&C servers are used to install additional malware on infected machines and exfiltrate stolen data and more