Sign up for a new account or log in here:
also @ TechSpot: Apple's iOS 7 to be "black, white and flat all over"
TechSpot News
IT Security News Headlines
The latest developments in IT security: your rights online, securing your systems via timely patching, updates on anti-malware tools, and relevant stories on hacking and system vulnerabilities.
New zero-day Java exploit selling in online forum for $5,000
- Earlier this week Oracle rushed out a fix for a critical bug in Java that was reportedly being widely exploited by malicious sites to remotely execute code on a victim’s machine. Well, it only took one day after the patch…
Kaspersky uncovers five-year cyber espionage campaign, Red October
- Kaspersky has uncovered an advanced cyber espionage network that rivals the sophistication of last year's infamous Flame malware but is perhaps more devious, as each attack is handcrafted for its victim to help ensure its success. Referred to as Operation…
New zero-day vulnerability in Java being widely exploited (Updated)
-
Three days after a critical Java vulnarability was widely reported, Oracle has issued an update to shut down the potential exploit and secure browsers using Java. You can update to Java SE 7u11 to secure your PC (or disable Java altogether). The security hole made browsers vulnerable to remote exploits when visiting a malicious website.
Banking sites crippled by Iran-sponsored DDoS, US officials claim
- Iran is being blamed for a recent wave of cyberattacks, namely a series of Distributed Denial of Service attacks launched against major financial institutions. Affected financial institutions include, but may not be limited to, Bank of America, Chase, Citigroup, Wells Fargo,…
Anonymous seeks to make DDoS attacks a legal form of protest
- The loose knit group of hackers that call themselves Anonymous have petitioned the White House in an effort to get distributed denial-of-service (DDoS) attacks recognized as a legal form of protest. The hackers argue that DDoS attacks are not a…
Hole in W3 Total Cache WordPress plugin exposes site database info
-
Security researcher Jason A. Donenfeld has revealed a security hole in a popular WordPress plugin that could be used to obtain sensitive data from an affected site. The flaw was discovered in W3 Total Cache, which has been downloaded over a million times and is used by...
Android botnet turns infected handsets into SMS spam generators
- A new Trojan called SpamSolider that infects Android devices is to blame for an increasing number of spam text messages in the US. The malicious software is bundled alongside free versions of popular mobile games like Angry Birds Space and…
AVG and Yahoo enter into agreement to protect you from malware
- There used to be a time where one would only run the risk of contracting malware by installing questionable software on their computer. Those days are of course long behind us as it’s now possible to pick up an infection…
Reset Windows passwords in minutes without extra hardware or software
-
Although a man recently made headlines for demonstrating that he could brute force an eight-character Windows password in less than six hours by harnessing the power of 25 GPUs, another savvy user has reminded us of a workaround that can bypass the security of virtually...
IE mouse tracking flaw allows sites to record cursor movements
- Spider.io reported today that Microsoft has no "immediate plans" to fix the potential Internet Explorer vulnerability which allows any website operator (or advertiser, hacker etc...) to track a visitor's mouse cursor movements. Microsoft's security team has acknowledged the issue but…
First fake-installer Trojan for OS X spotted in the wild
- Mac OS X users don't typically have to worry about malicious software, but with the platform’s popularity on the rise we’re starting to see more and more malware targeting Apple’s operating system. Just this week researchers at Russian anti-virus company…
Hackers hold patient medical records for ransom, demand $4,200
- A group of hackers broke into the Miami Family Medical Centre in Australia and are now holding all of their patient’s medical records for ransom. The hackers didn’t physically take or delete the files but they have encrypted them and…
Facebook: Outage caused by internal DNS tinkering, not Anonymous
- As the second major tech site to experience widespread downtime today, Facebook appears to be recovering from an outage that has lasted for more than an hour. Early into the interruption, users believed the problem pertained to a DNS issue.…
25-GPU cluster can brute force Windows password in record time
- Jeremi Gosney, the founder and CEO of Stricture Consulting Group, recently showcased a GPU-based computer cluster capable of brute forcing its way through any standard eight-character Windows password (including upper- and lower-case letter, digits and symbols) in less than six…
Trojan bypasses two-factor authentication, steals $46.5 million
- A sophisticated, multi-layered trojan dubbed "Eurograbber" is estimated to be responsible for siphoning over €36 million -- or about $46.5 million -- from the bank accounts of unsuspecting Europeans. In a case study (pdf) performed by Versafe and Check Point Software Technologies, researchers reveal…
Anonymous member convicted for DDoS against PayPal, others
- A jury has convicted 22-year old Anonymous hacktivist Christopher Weatherhead for playing a lead role in organizing a series of distributed denial of service attacks against PayPal (and others) in 2010. Weatherhead's cohorts, Peter Gibson, Jake Bichall and Ashley Rhodes,…
U.N. communications body adopts eavesdropping standards
- Despite concerns voiced by Germany, a number of Internet eavesdropping techniques were approved for use by the International Telecommunication Union. The ITU is the specialized U.N. body charged with the facilitation and regulation of information and communication technologies. Cdt.org provides…
New worm is designed to attack Iran financial institutions
- Stuxnet garnered a ton of media attention when it managed to cripple Iran’s nuclear program but a new worm recently detailed by Symantec is attacking the country on a different and perhaps even more damaging level.
U.S. blamed for spying on French government with Flame malware
- According to The Telegram and sources close to French news outlet L'Express, politically-driven U.S. hackers were responsible for a cyberattack that occurred just days before French voters cast their ballots in April. Those sources claim hackers were able to infiltrate French…
Many Origin accounts are being hijacked, EA offers no explanation
- If you have an Origin account, you may want to change your password. Scattered reports from gamers including Eurogamer's Richard Leadbetter indicate that EA may have suffered a security breach. Affected users claim to have received an email from Origin…
Windows 8, RT set to receive first critical security patches
- Microsoft’s recently launched Windows 8 operating system is set to receive its first critical security update next week. According to the company’s advance notification posting, the November edition of Patch Tuesday will include critical fixes for vulnerabilities in Windows, Internet…
Exploit bypasses Adobe Reader's sandbox, being sold for $30-50k
- Russian security firm Group-IB has found a zero-day flaw in Adobe Reader that bypasses the program's sandbox protection. Currently available on the black market for $30,000 to $50,000, the exploit allows attackers to sidestep the application's "Protected Mode," which was…
Unknown number of Twitter accounts hijacked, passwords reset
- Twitter has warned an unknown number of users that hackers have potentially compromised their accounts. Spam-like tweets seem to be originating from at least some affected users, including TechCrunch's own Twitter account. "Make $250 A Day From Home", one tweet…
Most Popular
| Trending | Featured |
Subscribe to TechSpot
Get free exclusive content, learn about new features and breaking tech news.
TechSpot on: