the-hacker-news

On This Day 25-years Ago, The World's First Website Went Online On this day 25 years ago, August 6, 1991, the world's first website went live to the public from a lab in the Swiss Alps. So Happy 25th Birthday, WWW! It's the Silver Jubilee of the world's first website. The site was created by Sir  Tim Berners-Lee , the father of the World Wide Web (WWW), and was dedicated to information on the World Wide Web project. The world's first website, which ran on a NeXT computer at the European Organization for Nuclear Research (CERN), can still be visited today, more than two decades after its creation. The first website address is  http://info.cern.ch/hypertext/WWW/TheProject.html . "The WorldWideWeb (W3) is a wide-area hypermedia information retrieval initiative aiming to give universal access to a large universe of documents," the world's first public website reads, going on to explain how others can also create their own web pages. "The project start

Happy Birthday! LINUX Turns 25 Years Old Today Linux has turned 25! Dear all, today is August 25, 2016, and it is time for the celebration, as it's the 25th Anniversary of the Linux project, announced by its creator, Finnish programmer  Linus Torvalds , on August 25, 1991. Who can forget one of the most famous messages in the computing world  posted  by  Torvalds exactly 25 years ago today, on 25 August 1991: Hello everybody out there using minix - I'm doing a (free) operating system (just a hobby, won't be big and professional like gnu) for 386(486) AT clones. This has been brewing since april, and is starting to get ready. I'd like any feedback on things people like/dislike in minix, as my OS resembles it somewhat. Since its birth, Linux has become the largest shared technology on the planet and has changed the world in more ways than one can imagine. While not initially designed to be portable, Linux is one of the most widely ported operating system kernels, which ru

Antivirus Firm Kaspersky launches Its Own Secure Operating Syste The popular cyber security and antivirus company Kaspersky has unveiled its new hack-proof operating system: Kaspersky OS. The new operating system has been in development for last 14 years and has chosen to design from scratch rather than relying on Linux. Kaspersky OS makes its debut on a Kraftway Layer 3 Switch, CEO Eugene Kaspersky says in his blog post , without revealing many details about its new operating system. The Layer of 3-switch is the very first tool for running the Kaspersky OS, which is designed for networks with extreme requirements for data security and aimed at critical infrastructure and Internet of Things (IoT) devices. What's new in Kaspersky OS than others? Kaspersky OS is based on Microkernel Architecture: The new secure OS is based on microkernel architecture that enables users to customize their own operating system accordingly. So, depending on a user's specific requirements, Kaspersky

3 Critical Zero-Day Flaws Found in PHP 7 — One Remains Unpatched! Three critical zero-day vulnerabilities have been discovered in PHP 7 that could allow an attacker to take complete control over 80 percent of websites which run on the latest version of the popular web programming language. The critical vulnerabilities reside in the unserialized mechanism in PHP 7 – the same mechanism that was found to be vulnerable in PHP 5 as well, allowing hackers to compromise Drupal, Joomla, Magento, vBulletin and PornHub websites and other web servers in the past years by sending maliciously crafted data in client cookies. Security researchers at Check Point's exploit research team spent several months examining the unserialized mechanism in PHP 7 and discovered "three fresh and previously unknown vulnerabilities" in the mechanism. While researchers discovered flaws in the same mechanism, the vulnerabilities in PHP 7 are different from what was found in PHP 5. Tracked as CVE-2016-747

New Android Malware Hijacks Router DNS from Smartphone Another day, another creepy malware for Android users! Security Researchers have uncovered a new Android malware targeting your devices, but this time instead of attacking the device directly, the malware takes control over the WiFi router to which your device is connected to and then hijacks the web traffic passing through it. Dubbed "Switcher," the new Android malware, discovered by researchers at Kaspersky Lab, hacks the wireless routers and changes their DNS settings to redirect traffic to malicious websites. Over a week ago, Proofpoint researchers discovered similar attack targeting PCs, but instead of infecting the target's machines, the Stegano exploit kit takes control over the local WiFi routers the infected device is connected to. Switcher Malware carries out Brute-Force attack against Routers Hackers are currently distributing the Switcher trojan by disguising itself as an Android app for the Chinese search

Obama Expels 35 Russian Spies Over Election Hacking; Russia Responds With Duck Meme The United States has expelled 35 Russian spies in response to Russia's alleged interference in last month's presidential election, further escalating tensions between the countries. The US state department has declared 35 diplomatic intelligence officials from the Russian embassy in Washington DC and the consulate in San Francisco "persona non grata," giving them and their families 72 hours to leave the country. President Barack Obama has also announced the closing of two Russian compounds, in New York and Maryland, used by the Russian officials for intelligence-gathering, from noon on Friday. "I have sanctioned nine entities and individuals: the GRU and the FSB, two Russian intelligence services; four individual officers of the GRU; and three companies that provided material support to the GRU’s cyber operations," President Obama said in a statement. "In addition, the

Police Ask for Amazon Echo Data to Help Solve a Murder Case Hey, Alexa! Who did this murder? Arkansas police are seeking help from e-commerce giant Amazon for data that may have been recorded on its Echo device belonging to a suspect in a murder case, bringing the conflict into the realm of the Internet of Things. Amazon Echo is a voice-activated smart home speaker capable of controlling several smart devices by integrating it with a variety of home automation hubs. It can do tasks like play music, make to-do lists, set alarms, and also provide real-time information such as weather and traffic. As first reported by The Information, authorities in Bentonville have issued a warrant for Amazon to hand over audio or records from an Echo device belonging to James Andrew Bates in the hope that they'll aid in uncovering additional details about the murder of Victor Collins. Just like Apple refused the FBI to help them unlock iPhone belonging to one of the San Bernardino terrorists, Amazon

Cyanogen Shutting Down All Services; No More Android ROM Updates   A bittersweet Christmas and New Year for users and fans of the most popular custom Android ROM, Cyanogen OS. Cyanogen that tried and failed to kill Google's Android operating system is now shutting down the custom services that it provides to phones that run its Cyanogen OS as we know it and the "nightly builds" of said OS on December 31st. Cyanogen came with an ambition to build better versions of the Android operating system than those created by Google itself, but following some technical and potential legal issues, the startup has decided to quit. The planned shutdown of Cyanogen was officially announced late Friday through a very brief blog post made by the company, saying "as part of the ongoing consolidation of Cyanogen," it's shutting down all services and nightly builds on December 31. "The open source project and source code will remain available for anyone who wants to build

Cyber Attack Hacking News 3 Chinese Traders Charged With Hacking Law Firms December 28, 2016 The White Cat 116 Views 0 Comment Chinese, hackers, hacking law firms, usa Three Chinese citizens accused of hacking into computers of American law firms advising on company mergers have been charged with multi-million dollar cyber fraud in New York. They made more than $4 million (S$5.8 million) in illicit profits after breaking into the servers of top corporate law firms in New York, the United States said in announcing charges and the arrest of one of the men. The three targeted at least seven major law firms, retained by companies to advise on deals, and got into the e-mail accounts of senior lawyers at two of the firms, according to the indictment on Tuesday. Related Anonymous Hacking Group Attacks North Carolina Websites They profited from deals and speculation involving the drug-maker Intermune, chipmaker Intel and business services company Pitney Bowes, the US said. The case places la

Hacking News “Switcher” Android Trojan Hacks Routers, Hijacks Traffic December 28, 2016 Neo 105 Views 0 Comment switcher Researchers at Kaspersky Lab have come across a new Android Trojan that hacks routers and changes their DNS settings in an effort to redirect traffic to malicious websites. Dubbed “Switcher,” the malware has been disguised as an Android client for the Chinese search engine Baidu, and a Chinese app for sharing Wi-Fi network details. Once users install one of these apps, the malware attempts to guess the username and password of the Wi-Fi router the infected Android device is connected to. Switcher includes a list of more than two dozen username and password combinations that could allow it to access the router’s web administration interface, such as admin:admin, admin:123456, or admin:00000000. “With the help of JavaScript it tries to login using different combinations of logins and passwords. Judging by the hardcoded names of input fields and the structures of the

News Function “Unserialize”  in PHP 7 Allows Attackers to Take Full Control Over Server December 28, 2016 Neo 128 Views 0 Comment PhP 7, Security issues with PHP, Unserialize in PHP PHP 7’s “unserialize” function is plagued by a series of vulnerabilities that could allow an attacker to take full control over affected servers, Check Point security researchers reveal. Tracked as CVE-2016-7479, CVE-2016-7480, and CVE-2016-7478, the vulnerabilities are new, but they can be exploited in a similar manner as detailed in a separate vulnerability detailed in August. The flaw, a use-after-free in SPL, could be exploited “by using re-usable exploit primitives for PHP 7 unserialize vulnerabilities,” Check Point said in August. In a report (PDF) that provides full details of the exploitation method, Check Point experts explained that the unserialize function could be abused to read memory, to forge objects, and to achieve code execution on the affected server. They also underlined that the functi

How To Tips And Tricks  Raptor WAF – Web Application Firewall Using DFA Raptor WAF is a simple web application firewall made in C, using KISS principle, to make poll use select() function, is not better than epoll() or kqueue() from *BSD but is portable, the core of match engine using DFA to detect XSS, SQLi and path traversal. Short video: WAF stands for Web Application Firewall. It is widely used nowadays to detect and defend SQL Injections and XSS. You can block XSS, SQL injection attacks and path traversal with Raptor You can use blacklist of IPs to block some users at config/blacklist ip.txt You can use IPv6 and IPv4 at communications At the future DoS protector, request limit, rule interpreter and Malware detector at uploads. At the future SSL/TLS. Related 5 Best Free File Encryption Tools For Android Installation: git clone https : //github.com/CoolerVoid/raptor_wafcd raptor_waf; make; bin/raptor Example: Up some HTTPd server at port 80 bin / Raptor - h localhost - p 80 - r 88

20 Best Websites To Learn Ethical Hacking At Home Collection of 20 best websites to learn ethical hacking online with online hacking tutorials 2016. As you all might be knowing about hacking,it is the process in which hackers use to find some security flaws in the networking system and then use that flaws to enter the system or you can say to crack the system.Many people want to learn hacking so that they can use the tricks to hack the accounts,systems etc. of their knowing ones or they can even use that to crack the major systems illegally also.Those people who act in a wise way and don not use their skills for causing any harm and are also certified legally as hackers are called ethical hackers.If you also want to learn hacking and also want to be ethically certified then you will need to learn some hacking skills for that.People those who are busy and have less time to go through coaching sessions can learn the required skill

Most Ubuntu Linux Installations Are Affected By A Dangerous Remote Code Execution Bug Short Bytes: All recent Ubuntu Linux releases ship with Apport crash handling software. A security researcher has discovered a flaw in this utility that allows an attacker to remotely execute code using a malicious booby-trapped file. Ubuntu has released the fix for the same, which can be grabbed via simple Ubuntu update. M ost of you might be knowing that remote code execution is one of the most common means of triggering arbitrary code execution from a remote machine via the internet. Coupled with privilege escalation, it turns out to be any computer user’s worst nightmare. A security researcher, Donncha O’Cearbhaill, has uncovered a remote code execution bug in Ubuntu Linux operating system. O’Cearbhaill found that the hack affects all default Ubuntu installations of versions 12.10 and later. This exploit takes advantage of the Apport crash reporting tool on Ubuntu Linux. The researc