A recent study by Hewlett-Packard (HP) shows nearly three-quarters of all Internet of Things devices are susceptible to getting hacked or compromised. They examined 10 common smart devices, including thermostats, smart TVs and webcams and they claimed that each device had approximately 25 vulnerabilities. Many of the vulnerabilities had to do with a lack of […] Continue reading → 
Today, Government of Punjab Server(punjab.gov.pk) has been hacked and defaced by a hacker with the handle XerXes from Pak Cyber Crew. Attack anatomy is unkonwn, it seems that hacker exploited the vulnerability on the server and managed to deface the websites. A total of 16 subdomains are defaced including excise department, Capital Police and others. […] Continue reading → 
Today, Famous Egyptian Hacker with the handled Eg-R1z has hacked the popular hacking forum hackforums.net. This is not the first time hackforums has been hacked, before it was hacked by various hackers imLulzPirate, b0x, SYRIAN-HACKER and KTN. It is unclear, how hackers managed to get into server. On the deface page, The image is hosted […] Continue reading → The NYU Polytechnic School of Engineering has opened registration for the largest hacking competition. This is specially for offers US students to participate and win cybersecurity-based scholarships and prizes, ZDNet reports. Last year over fifteen thousand students participated and many qualified the preliminary rounds in order to reach the finals in six separate competitions. This […] Continue reading → 
Mohamed M.Fouad - an Independent Security Researcher from Egypt have found a SQL Injection and Local File Inclusion(LFI) vulnerability on famous Social recruiting website Jobvite. Jobvite is a Social recruiting and applicant tracking platform created for companies with the highest expectations of candidate quality and recruiting technology. The hacker found a SQLi and LFI vulnerability […] Continue reading → 
Google has released a new version of the Chrome web browser by fixing security bugs and add performance improvements to chrome Browser. Announcing the release of Chrome version 37, Google listed the following fixes. DirectWrite support on Windows for improved font rendering A number of new apps/extension APIs Lots of under the hood changes for […] Continue reading → 
Viproy - a VoIP Penetration Testing Kit provides penetration testing modules for VoIP networks. It supports signalling analysis for SIP and Skinny protocols, IP phone services and network infrastructure. Viproy 2.0 is released at Blackhat Arsenal USA 2014 with TCP/TLS support for SIP, vendor extentions support, Cisco CDP spoofer/sniffer, Cisco Skinny protocol analysers, VOSS exploits […] Continue reading → 
Operation Arachnophobia - Researchers from ThreatConnect and FireEye discovered a cyber espionage campaign originated from Pakistan, targets Indian Government. ThreatConnect - a new threat analysis company partnered with researchers from FireEye lab to conduct a joint investigation on a series of targeted attacks that could be linked to the Pakistan. According to the research, Operation […] Continue reading → 
Researchers at the University of Michigan and the California University Riverside, discovered that six out of seven popular apps could be hacked with up to a 92 percent success rate using a malware-ridden app on a device and infiltrate other apps on the phone, regardless of their levels of security. The weakness allowed researchers to […] Continue reading → 
There are many hacking & security tools available that hackers and security researchers use for pentesting purposes. Here is a list and a brief description of commonly used Hacking & Security tools. 1. Nmap Nmap (“Network Mapper”) is a free and open source (license) utility for network discovery and security auditing. Nmap uses raw IP […] Continue reading →