Metasploit website Hacked just by sending a spoofed DNS change request via Fax to Domain Registrar

A group of Pro-Palestine hackers 'KDMS Team' today has been able to hijack the Metasploit website simply by sending a fax and hijacked their DNS records.

Rapid7 is a leading Security Company and Creator of world's best penetration testing software called 'Metasploit'. The company confirmed via Twitter that Metasploit.com was hacked via a spoofed DNS change request sent via fax to its registrar, Register.com.

The group came to prominence earlier this week when it managed to hijack the websites of popular messaging service WhatsApp and anti-virus company AVG among others.

Microsoft paid over $28,000 Rewards to Six Researchers for its first ever Bug Bounty Program

Microsoft today announced that they had paid more than $28,000 in rewards to Security Researchers for its first Bug Bounty program, that went on for a month during the preview release of Internet Explorer 11 (IE11).

The program was designed to run during Internet Explorer 11’s browser beta test on June 26 and went on till July 26. They said it would pay researchers up to $11,000 for each Internet Explorer 11 vulnerability they found.

In July, the company announced that the first such bounty award was given to a current employee of Google, Ivan Fratric. Today Microsoft has released the names of all the people who the company said found vulnerabilities that qualified for a bounty and paid out $28k a total of six researchers for reporting 15 different bugs.

Apple's own Encryption Mechanism allows hacker to create an Undetectable Mac OS X Malware

In the past, there was a general belief that Macs is much more secure than Windows PCs, but now Mac malware is a serious threat to the security of users’ computers and information.

One of the reasons behind the increase in Mac related Malware attacks is the fact that Apple products are popular with many prominent businessmen and influential politicians.

Daniel Pistelli, Reverse Engineer and lead developer of Cerbero Profiler, former developer of IDA Pro comes up with another interesting research, and explained The Hacker News, the basic details behind the technique he used to create an undetectable malware for Mac OS X.

Apple implements internally an encryption mechanism to protect some of their own executable like "Dock.app" or "Finder.app". This encryption can be applied to malware as well. If one does, anti-malware solutions can no longer detect the malware because of the encryption, but OS X has no problem loading such malware.

Paunch, the author of Blackhole Exploit kit arrested in Russia

According to a Security Analyst 'Maarten Boone' working at Fox-IT company, the Developer of notorious Blackhole Exploit Kit developer 'Paunch' and his partners were arrested in Russia recently.

Blackhole Exploit Kit which is responsible for the majority of web attacks today, is a crimeware that makes it simple for just about anyone to build a botnet.

This Malware kit was developed by a hacker who uses the nickname “Paunch” and his Team, has gained wide adoption and is currently one of the most common exploit frameworks used for Web-based malware delivery.

Microsoft Patch Tuesday - 8 Security Updates, 4 critical vulnerabilities, including Internet Explorer zero-day

October is turning out to be a busy month for patches. This month also marks the 10-year anniversary of the Patch Tuesday program, which Microsoft started in October of 2003.

Scheduled for tomorrow, Microsoft has announced that they will release eight security updates including four critical, addressing vulnerabilities in Microsoft Windows, Internet Explorer (IE), Microsoft Office and its other products.

Bulletin 1 is almost certainly to a zero-day vulnerability CVE-2013-3893 that has been actively exploited by hackers in targeted attacks. Though Microsoft issued a temporary "Fix it" in September for the vulnerability,

Bulletins 2, 3 and 4 address vulnerabilities in a wide range of Microsoft products, including Windows XP, 7 and 8, and Windows Server 2003, 2008 and 2012.