Hacker Source

Web Testing OWASP LiveCD – contains a selection of programs to test the safety and performance audit of the code of web-applications, acts as an analog of the well-known tool for testing network security BackTrack, but specializes in the web. Last Release OWASP LiveCD was released in 2007, last summer decided to complete processing of the distribution.
The composition of OWASP LiveCD includes programs such as Httprint to determine the type http-server on circumstantial evidence, vulnerability scanners in web-applications Grendel Scan and w3af, utilities to identify opportunities to introduce SQL code SQLiX and sqlmap, means of brute force, the local proxy WebScarab , Paros Proxy, Rat Proxy and Burp Suite, Firefox c 1925 amendments to debug sites.

Microsoft Patch For Duqu

Keep reading

Windows Phone 7.5 Denial of Service Attack Vulnerability
A malicious SMS sent to a Windows Phone 7.5 device will force it to reboot and lock down the messaging hub . WinRumors reader Khaled Salameh discovered the flaw and reported it to us on Monday. WinRumors said tests revealed that the flaw affected a variety of devices running different builds of the mobile operating system. A Facebook chat message and Windows Live Messenger message will also trigger the bug.

Keep reading

The Kaspersky Virus Removal Tool application was designed to be another virus scanner and detection software from Kaspersky. The produst will scan the specified locations for any virus threats and remove them or send to Quarantine folder.
Kaspersky Virus Removal Tool 2010 is a utility designed to remove all types of threats from computers. Kaspersky Virus Removal Tool 2010 uses the effective detection algorithms realized in Kaspersky Anti-Virus and AVZ.
Kaspersky Virus Removal Tool 2010 does not provide resident protection for your computer. After disinfecting a computer, you are supposed to remove the tool and install a full version of antivirus software.

Comodo Cleaning Essentials

[ Thatcoin.com ]

Security researchers have discovered an unpatched flaw in Yahoo! Messenger that allows miscreants to change any user's status message. The vulnerability was discovered in the wild by security researchers from antivirus vendor BitDefender while investigating a customer's report about unusual Yahoo Messenger behavior.

The zero-day exploit is present in versions 11.x of the Yahoo Messenger client - including the very last released version. The flaw appears to be located in the application's file transfer API (application programming interface) and allows attackers to send malformed requests that result in the execution of commands without any interaction from victims.

"An attacker can write a script in less than 50 lines of code to malform the message sent via the YIM protocol to the victim," said Bogdan Botezatu, an e-threats analysis & communication specialist at BitDefender. "Status changing appears to be only one of the things the attacker can abuse. We're currently investigating what other things they may achieve," he added.

The attacker sends a supposed file to a target that is actually an iframe that swaps the status message for the attacker's customised text. If successfully executed, a victim will have no indication that his or her status message has been rewritten. The ruse might be used to gain affiliate incomes by promoting dodgy sites as well as directing users towards sites loaded with exploits or scareware scams.

Keep reading

COMODO Cleaning Essentials features:

Portable: No installation is necessary!
DACS, Distributed and Collaborative Scanning
Rootkit and hidden file/key scanner
Aggressive file removing capabilities
KillSwitch, advanced system activity monitoring tool

Homepage

Download COMODO Cleaning Essentials 32 Bit Version

Download COMODO Cleaning Essentials 64 Bit Version

Be careful with your Facebook when you see a display like this picture. Worm Zeuz re-emerged in the form of links. JPG. Spread through the social networking site Facebook.
The message such a link Screensaver, when it is opened it will ask to download other files from http://www.offi sense.co.il / lang / b.exe. Then copy the file will go into the user’s system [% username% profile]

Keep reading

CEHv7 provides a comprehensive ethical hacking and network security-training program to meet the standards of highly skilled security professionals. Hundreds of SMEs and authors have contributed towards the content presented in the CEHv7 courseware. Latest tools and exploits uncovered from the underground community are featured in the new package.
Keep reading

Australian researcher Silvio Cesare, PhD student at Deakin University has released a tool capable of automatically detecting bugs and vulnerabilities in embedded Linux libraries. Developers may “embed” or “clone” code from 3rd party projects. This can be either statically link against external library or maintaining an internal copy of a library’s source or fork a copy of a library’s source.
The Approach of this tools is that if a source package has the other package’s filenames as a subset, it is embedded, Packages that share files are related. A graph of relationships has related packages as cliques. Graph Theory is used to perform the analysis.

Linux vendors have previously used laborious manual techniques to find holes in libraries. Debian alone manually tracks some 420 embedded packages, Cesare said at Ruxcon 2011. Silvio’s tool also automates identifying if embedded packages have outstanding vulnerabilities that have not been patched. Using this system, over 30 previously unknown vulnerabilities were identified in Linux distributions.

Keep reading

Two weeks ago Researchers at the Laboratory of Cryptography and System Security (CrySyS) in Hungary confirmed the existence of the zero-day vulnerability in the Windows kernel, according to security researchers tracking the Stuxnet-like cyber-surveillance Trojan.

The Laboratory of Cryptography and System Security (CrySyS) has released an open-source toolkit that can find traces of Duqu infections on computer networks.The open-source toolkit, from the Laboratory of Cryptography and System Security (CrySyS), contains signature- and heuristics-based methods that can find traces of Duqu infections where components of the malware are already removed from the system.

They make a release that "The toolkit contains signature and heuristics based methods and it is able to find traces of infections where components of the malware are already removed from the system.The intention behind the tools is to find different types of anomalies (e.g., suspicious files) and known indicators of the presence of Duqu on the analyzed computer. As other anomaly detection tools, it is possible that it generates false positives. Therefore, professional personnel is needed to elaborate the resulting log files of the tool and decide about further steps."

This toolkit contains very simple, easy-to-analyze program source code, thus it may also be used in special environments, e.g. in critical infrastructures, after inspection of the source code (to check that there is no backdoor or malicious code inside) and recompiling.

Download Duqu Detector

TheHackerNews.com

Microsoft issued fixes for Windows Fix Kb Duqu 2639658 from malware attacks.

Malware exploit weaknesses in the Windows system TrueType WIN32K engine. If entered into the computer as there are programs that inadvertently infected Duqu. Dugu malware can change the data, create new accounts with full privileges.

Keep reading and download the malware patch

The obituary Moamar Gadhafi made ​​the arena for distributing malware. Similar to when Osama bin Laden is dead, Internet criminals take a chance with a hot topic for the spread of malicious programs.

Antivirus company Sophos found Moamar obituaries via email inadvertently infiltrated the Internet worm or worm software. The name of the malicious files found with the name Bloody Photos_Gadhafi_Death \ Gadhafi? Rar.scr made ​​as if to is the file containing the image compression.

Fill complete message from the email worm: Keep reading

[ Thatcoin.com ]

In making the web, then you will not regardless of what programming language name. Programming language is a technique of command / instruction standards to govern the computer.
Here is an explanation of any programming language used to create a website:

HTML Programming Languages

HyperText Markup Language (HTML) is a markup language used to create a web page and displays various information in an Internet browser.
HTML is now an Internet standard defined and controlled use by the World Wide Web Consortium (W3C).
HTML form tag code that instructs the browser to produce a display according to the desired.
A file is an HTML file can be opened by using a web browser such as Mozilla Firefox or Microsoft Internet Explorer.

PHP Programming Language

PHP is a scripting programming language most widely used today.
PHP was first created by Rasmus Lerdorf in 1995. At that time, PHP was named FI (Form Interpreted), which is his form of a set of scripts used to process the form data from the web.
PHP is widely used to create dynamic web sites, although it was likely used for other usage.
PHP generally runs on the Linux operating system (PHP can also be run with Windows hosting). Keep reading

[ Thatcoin.com ]

This much-anticipated revision, written by the ultimate group of top security experts in the world, features 40 percent new content on how to find security holes in any operating system or application
New material addresses the many new exploitation techniques that have been discovered since the first edition, including attacking "unbreakable" software packages such as McAfee's Entercept, Mac OS X, XP, Office 2003, and Vista
Also features the first-ever published information on exploiting Cisco's IOS, with content that has never before been explored
The companion Web site features downloadable code files
The black hats have kept up with security enhancements. Have you?
In the technological arena, three years is a lifetime. Since the first edition of this book was published in 2004, built-in security measures on compilers and operating systems have become commonplace, but are still far from perfect. Arbitrary-code execution vulnerabilities still allow attackers to run code of their choice on your system—with disastrous results.
In a nutshell, this book is about code and data and what happens when the two become confused. You'll work with the basic building blocks of security bugs—assembler, source code, the stack, the heap, and so on. You'll experiment, explore, and understand the systems you're running and how to better protect them.
Become familiar with security holes in Windows, Linux, Solaris, Mac OS X, and Cisco's IOS
Learn how to write customized tools to protect your systems, not just how to use ready-made ones
Use a working exploit to verify your assessment when auditing a network
Use proof-of-concept exploits to rate the significance of bugs in software you're developing
Assess the quality of purchased security products by performing penetration tests based on the information in this book
Understand how bugs are found and how exploits work at the lowest level

Download The Shellcoder Handbook


source

Jynx Kit is a LD_PRELOAD userland rootkit. Fully undetectable from chkrootkit and rootkithunter. Includes magic packet SSL reverse back connect shell based on SEQ/ACK numbers in a single packet. Solid building block for further LD_PRELOAD rootkits.

Download the source code, here

Source

Computer security researchers found a cookie file that can steal important data from the contents of the computer. Recently discovered in Internet Explorer software.
Cookiejacking could open up important data from Facebook, Twitter and Gmail, or other data from the service on the internet. But Microsoft has not committed when the importance of this attack. A little knowledge about the function of the software cookie file of your browser.

What is a Cookie. A file containing the small data created by the application or browser software. Cookie files store information from the site and account data sites.

What is Cookiejacking. A technique to break through and pass through the sieve of the Internet Explorer security. So the attack can take data in IE cookies that should not be read or taken by someone else.

What are the risks. Cookies are recorded in the file by the browser software as the data is less valuable. But if you go to a site Facebook, Google and Gmail. Your account data is in the Cookie. If the computer has been infected Cookiejacking, then your data could be stolen.

Keep reading

The amount of malware that attack mobile devices increased by 273 percent since the same period last year. Malware can infect many operating systems, is the type most commonly found today.
A lot of malware is designed to make spamming, or sending an SMS without the permission of the owner’s

the perpetrators of most still use the backdoor, spy programs and SMS service to attack their victims. Currently we see much potential risk for mobile devices and users. cybercrime trends by using malware for mobile will continue. Keep reading

[ Thatcoin.com ]

iScanner is a free open source tool lets you detect and remove malicious codes and web page malwares from your website easily and automatically. iScanner will not only show you the infected files in your server but it's also able to clean these files by removing the malware code ONLY from the infected files.

Current Features:
Ability to scan one file, directory or remote web page / website.
Detect and remove website malwares and malicious code in web pages. This include hidden iframe tags, javascript, vbscript, activex objects, suspicious PHP codes and some known malwares.Extensive log shows the infected files and the malicious code.

Keep reading

Facebook users are easy prey for criminals along with the number of people share information. Every day people put themselves at risk by clicking on an imprudent to invitations sent by friends to join the group or write in their walls.
Think about what you add.
Receiving a request provided by a new friend asks posting, photo messaging and information about your personal background. Watch your friends list and think back to who is entitled to access your personal stuff.
Check the privacy settings. Facebook recently did the update, set the privacy from scratch can be very meaningful. Keep reading

Rootkit.Win32.TDSS virus can invade for all Windows, including the 64 bit XP system to Windows 7. The new virus TDL4 indelible even detected. Sometimes the use of processors to 100 percent and run the application Conhost.exe with certain parameters.

If time can be downloaded below to check the computer, the File is only 1.3MB.

Source-x page :
IMPORTANT
• The utility has GUI.
• The utility supports 32-bit and 64-bit operation systems.
• The utility can be run in Normal Mode and Safe Mode.
Disinfection of an infected system
• Download the file TDSSKiller.zip and extract it (use archiver, for example, WInZip) into a folder on the infected (or potentially infected) PC.
• Execute the file TDSSKiller.exe.
• Wait for the scan and disinfection process to be over. It is necessary to reboot the PC after the disinfection is over.

The attack consists of contacting the domain wplinksforwork.com to get a list of links to be displayed on the compromised sites. However, that domain has been down for the last few days and all the sites compromised. These sites supposed to be compromised. Most of the hacked sites had outdated versions of WordPress installed

[ TheHackerNews ]

China 360 antivirus companies discovered a unique virus that attacks the three computer systems, either the BIOS, boot sector and Windows systems. This technique makes it difficult to remove viruses Mebromi BMW, although the hard drive is formatted or replaced.

BMW stands for BIOS, masterboot and Windows.

attack techniques

Get into the BIOS to protect the other viruses that exist on the MBR will be attacked again when removed.
Winlogon.exe infects the MBR on duty in Windows XP/2003 or Winnt.exe for Windows 2000. When you are attacked, the other is tasked to download a rootkit
Characterize the virus Mebromi

When Windows starts will appear in the "Find it OK!"
Antivirus software will find and remove the message "Hard disk boot sector virus" but it can not be deleted.
The virus will redirect the browser to the address http://10554.new93.com/index.htm "


The company issued a software antivirus to stop viruses via BMW, click here

The first file can be downloaded, click here

The second file to turn off the virus via the 360 system and for first aid kit, click here

The Kaspersky Virus Removal Tool application was designed to be another virus scanner and detection software from Kaspersky. The produst will scan the specified locations for any virus threats and remove them or send to Quarantine folder.

Kaspersky Virus Removal Tool 2010 is a utility designed to remove all types of threats from computers. Kaspersky Virus Removal Tool 2010 uses the effective detection algorithms realized in Kaspersky Anti-Virus and AVZ.
Kaspersky Virus Removal Tool 2010 does not provide resident protection for your computer. After disinfecting a computer, you are supposed to remove the tool and install a full version of antivirus software. Read Full Article ( Skip Adds )

[ Thatcoin.com ]

This Trojan was a bitch, called Trojan.Badlib. Created to infect computers, when it entered into the computer system so he would react differently. First Trojan.Badlibakan parent tries target computer (C & C), and look what the command will be done. Trojan.Badlib will find a list of IP that are in the main list.

When the first time the parent computer (C & C) was found and send a reply to his job. Trojan.Badlib will download other malware from multiple places that have been ruled by the C & C, and sends the digital signature to ensure the file is retrieved it is true according to his duty.

According to Symantec, Trojan.Badlib attract at least three other trojans is Trojan.Badfaker, Trojan.Badminer, and Infostealer.Badface.

What are the jobs to the 3 trojans taken by Trojan.Badlib

Trojan.Badfaker have to shut down antivirus functions can already infiltrated inside the computer. This Trojan will change the boot the computer into Safe Mode when the computer began to start.

Then delete the files associated with antivirus and antivirus to make it look to duplicate the icon on the computer screen. As if computer owners will still see that the antivirus is still running. Though already been modified by Trojan.Badfaker. Another task is to turn off the firewall and the warnings from the Microsoft Security Center. At the end of the story, this trojan will display false warnings in Russian and English. .. Continue reading

[ Thatcoin ]

After BackTrack 5 R1 released, BackTrack is time to upgrade from 5. by using a short python script, we can already use BackTrack 5 R1 without having to re-download.
..Continue Reading ( Skip Ads )
[ Thatcoin.com ]

Now the official software used deceptive means to ask for money to register the software.

CCleaner is a free utility, and charged $ 24.95 for full version or premium. This software is used as a means of cheating by asking for cheaper registration costs $ 5. Ccsetup303.exe file is a fake software, will ask for registration fee to activate.

Continue Reading

[ Thatcoin.com ]

Engineers from the company Google found about 1 million computers attacked by Search Hijack. When looking for data on the internet, the browser will be directed by malware is lurking. This type of attack has occurred approximately 1 year.

Google today added another layer of protection from searches on Google.com. Then give a warning to the owner of the computer at Google.com page, that the computer contained malware.

Finding it may be easier, but more difficult to clean. Computer users should always update your antivirus and clean the computer if already infected.

Generally links are hijacked by malware will be thrown back to specific sites such as porn sites, fake antivirus, other malware and other sites.
Google can only help to inform the user’s computer from the Google.com page. The rest handed over ownership to clean up computer

{ Thatcoin.com ]

For Firefox browser users be careful when you get a message on the browser. That your computer system needs to be updated. Of special interest to the layman with a computer to see updates and direct click.
Microsoft software update usually comes from the Internet Explorer browser and not from outside Microsoft’s software.

Display the Microsoft website was created as closely as possible to fool a lot of casualties.

Files that are downloaded at 2.8MB is malware that will infect your computer. Be careful, do not get stuck this new technique

[ Thatcoin.com ]

Fake antivirus is still the target to the user facebook. To be directed to a specific site and download a fake antivirus.

The subject is made interesting emails like “IMF boss Dominique Strauss-Kahn Exclusive Rape Videos – Black lady under attack!”dab “oh shit, one more really Freaky video O_O”. And much more fake links that trap.
Some links will link to another site that is Newtubes.in. Last name not be placed at sites in India, but the server is located in the state of Lithuania.

If you want to view streaming video content with the name of the Youtube site. We recommend that you check the link given before becoming a victim of fraudsters on the internet.

When this target is not the dominance of anti-counterfeit computer users of Windows OS, but Apple’s Mac becomes a target.

Researcher’s security said in the 16 hours of the attack. Up notable to block dangerous links and keep spreading. Though the name of the topic or subject of the link has not changed, and continues to appear on Facebook pages.

Better be careful, before you bothered because one click and fake antivirus warning appears on the screen of your computer.
[ Thatcoin.com ]

Microsoft reported attacks in Windows 7 from Malware attacksrose 30% in 2010.Sedangkan Windows XP down 20%.
Computer with Windows 7 32bit, on average there are 4 of 1000computers infected with malware. While the lower 64 bit OS to 2.5per 1000 computers in 2010. From 3 OS which is owned byMicrosoft, only Windows XP has decreased attacks.

The new report obtained from the use of software Malicious Software Removal Tool (MSRT), which provided free by Microsoftto check to see computers against viruses, fake antivirus, trojans and other malware.

[ Thatcoin.com ]

Fortinet mention the 2 variants of malware attacking up. Deceive with words your password has been reset, and a file was taken via email with your new password is in the file.

Malicious files in email is a file botnet. When the infected computer will become slaves botnet controlled by a central computer and other. Malware software works silently in the background or without being noticed by the owner of the computer. Be careful when you receive an email with a file attachment.
[ Thatcoin.com ]

AVtest publishing capabilities Antivirus product. Test carried out for Windows 7 in the first quarter of this year.

Below is a list of antivirus software that passes the test with Windows 7

Avast: Free AntiVirus 5.0 and 6.0
AVG: Internet Security 10.0
Avira: Premium Security Suite 10.0
BitDefender: Internet Security Suite 2011
BullGuard: Internet Security 10.0
Eset: Smart Security 4.2
F-Secure: Internet Security 2011
G Data Internet Security 2011
Kaspersky: Internet Security 2011
Microsoft: Security Essentials 2.0
MicroWorld: eScan Internet Security Suite 11.0
Panda: Internet Security 2011
Sophos: Endpoint Security and Control 9.5
Sunbelt: VIPRE Antivirus Premium 4.0
Symantec: Norton Internet Security 2011
Trend Micro: Titanium Internet Security 2011
Webroot: Complete Internet Security 7.0

BitDefender, F-Secure and Symantec entered score Top 15
G Data, Kaspersky, and Panda get a score of 14
AVG score of 13.5
Sophos 13
ESET, Trend Micro, and Webroot, score 12.5
GFI only get 12 score
Avast, Avira, eScan, and Microsoft was awarded a score of 11.5
And BullGuard bottom with a score of 11

There are 5 who failed the test antivirus test in Windows 7

CA: Internet Security Suite 2011
Comodo: Premium Internet Security 5.0 and 5.3
McAfee: Total Protection 2011
Norman: Security Suite Pro 8.0
PC Tools: Internet Security 2011

The lowest figures are McAfee and Norman, score 8.5. Both have error alerts on specific software.

[ Thatcoin.com ]

BackTrack 5 will be based on Ubuntu Lucid (10.04 LTS), and will (finally) support both 32 bit and 64 bit architectures.
We will be officially supporting KDE 4, Gnome and Fluxbox while providing users streamlined ISO downloads of each Desktop Environment (DE). Tool integration from our repositories

will be seamless with all our supported DE’s, including the specific DE menu structure
[ Thatcoin.com ]

The Kaspersky Virus Removal Tool application was designed to be another virus scanner and detection software from Kaspersky. The produst will scan the specified locations for any virus threats and remove them or send to Quarantine folder.

Kaspersky Virus Removal Tool 2010 is a utility designed to remove all types of threats from computers. Kaspersky Virus Removal Tool 2010 uses the effective detection algorithms realized in Kaspersky Anti-Virus and AVZ.

Kaspersky Virus Removal Tool 2010 does not provide resident protection for your computer. After disinfecting a computer, you are supposed to remove the tool and install a full version of antivirus software.


Advantages:

Simplified interface.
Can be installed to an infected computer (Safe Mode supported).
Composite scan and disinfection system: signature detection and heuristic analyzer.
Gathering system information and interactive creation of scripts for disinfection.

General functions:

Automatic and manual removal of virus, Trojans and worms.
Automatic and manual removal of Spyware and Adware modules.
Automatic and manual removal of all types of rootkits.
Kaspersky Virus Removal Tool 2010 is Freeware.


[Thatcoin.com]
Download support.kaspersky.com/viruses/avptool2010?level=2

Again DHL International Courier company name used by spammers from Poland
Bringing a Message
Subject of email
Dear customer. DHL notification

The parcel was send your home address.

And it will of arrice Within 7 bussness day.

More information and the tracking number


are attached in the document below.


Thank you.

2011 DHL International GmbH. All rights reserverd.

With files document.zip, in which there is exe file contains a virus Win32/Injector.FBK.Trojan DHL_notification.exe
[Thatcoin.com]

One more attacks on up, give a message “hahahh” , do not be clicked
The link is ordered that smuggle malware links. And display a fake screen of another site with the message “Photo has been Moved.”

When the click on the photos, taken is malware. If the downloaded program is executed, then the browser will at the plow, and can not open facebook and display ads from the manufacturer

Source and read full article