-
Vista security credentials tarnished in malware survey
Better off with a Win 2000 box
Windows Vista is better at protecting against malware than XP but more easily infected than Windows 2000, according to a study by Australian anti-virus firm PC Tools.…
-
India and Belgium decry Chinese cyber attacks
Join the ranks
Belgium and India have joined the growing ranks of countries voicing concerns about cyber attacks originating from China. Earlier this week, officials from both countries said computer networks inside their borders are routinely targeted by hackers trying to ferret information that could benefit the Chinese government.…
-
I Was A Teenage Bot Master
The Confessions of SoBe Owns
Exclusive One day in May 2005, a 16-year-old hacker named SoBe opened his front door to find a swarm of FBI agents descending on his family's three-story house in Boca Raton, Florida. With an arm and leg in casts from a recent motorcycle accident, one agent grabbed his good arm while others seized thousands of dollars worth of computers, video game consoles and other electronics. His parents looked on.…
-
Facebook agrees to child-safety measures
Reining in Web 2.0 predators
Facebook has reached an agreement with 50 attorneys general to permanently deploy measures designed to rein in pedophiles and other predators on the social networking site.…
-
Interpol appeal unmasks US actor as child abuse suspect
Operation IDent-ification
A man matching the description of a suspected child abuser who became the target of an international manhunt earlier this week has been arrested in the US.…
-
Renault F1 comp site spills entrants' details
You will never break the chain
A Grand Prix competition from Renault hit the barriers on Thursday after it emerged that the motoring firm was inadvertently leaking entrants' personal details onto the web.…
-
HSBC in further data loss
Stolen Hong Kong server contained data on 159K
Security-incident prone bank HSBC has admitted losing a server containing transaction data on 159,000 Hong Kong-based account holders.…
-
Firefox language pack provides adware back-door
Ho Chi Hack trail
Mozilla has warned that the Vietnamese language pack of Firefox 2 was compromised as a result of a viral infection.…
-
Rare SCADA bug poses power plant risk
Wonderware scare
Security watchers warn of a rare vulnerability involving software used to control industrial systems. A denial of service vulnerability in monitoring software from Invensys poses a severe risk to the factories and utilities running its Wonderware subsidiary's InTouch SuiteLink application.…
-
FBI withdraws secret Internet Archive probe
Abuse of power alleged
The FBI has withdrawn a secret order that used new anti-terrorism powers to demand information about a user of the Internet Archive without a court order after attorneys challenged it as an unconstitutional abuse of power.…
-
Rogue MP3 Trojan streaks across P2P networks
Worst viral outbreak in three years
Hundreds of thousands of examples of a new Trojan that poses as a media file have flooded onto P2P networks.…
-
Peter Gabriel's website is back
Womad is safe...
Peter Gabriel's website and the website and ticket buying site for Womad, the world music festival he founded, are back online today after their servers and routers were stolen at the weekend.…
-
Private sector saviours wanted for desperate ID scheme
Home Office chucks in the cards?
Plans for the widespread introduction of fingerprint passports and ID cards, already delayed until 2012, have receded further into the distance with the publication of the latest Identity & Passport Service cost report for the ID scheme. This effectively pulls the plugs on the network of IPS-run interview centres, and lobs future responsibility for these and for biometric enrolment over to private sector companies.…
-
MS UK kills mystery 'Live to Code' site
Misconfigured marketing offshoot pulled
Microsoft has pulled an apparently rogue internal marketing project that sat quietly, but not unnoticed, on the same servers as its main UK website for at least a fortnight.…
-
Google launches security group for open source
oCERT to make the world safe for GPL
Google is spearheading a volunteer workforce it hopes will become the centralized authority for responding to security issues in open source software.…
-
Yahoo! greenlights search security warnings
Beta tests McAfee SiteAdvisor
So Yahoo! is getting off its butt at last to warn users when its search engine results include potentially malicious sites.…
-
Cybercrims dump swag on open botnet server
Health data found on hacker data dump
Everyone knows Trojans steal personal data, but the discovery of a server containing more than 1.4 gigabytes of stolen business and personal info brings home the real extent of the problem.…
-
HSBC foils '£70m fraud'
Police called in over 'improper' transfer
An HSBC worker has been charged after police were called in to investigate an alleged attempt to defraud the bank out of a whopping £70m.…
-
Your personal data just got permanently cached at the US border
Fact or fiction? US Feds won't say
Now that US customs agents have unfettered access to laptops and other electronic devices at borders, a coalition of travel groups, civil liberties advocates and technologists is calling on Congress to rein in the Department of Homeland Security's search and seizure practices. They're also providing practical advice on how to prevent trade secrets and other sensitive data from being breached.…
-
US warez sitemaster jailed for 30 months
Big Fish hooked
A US man has been jailed for 30 months for copyright infringement over his involvement in the warez scene.…
-
30 years of Spam - and we ain't finished yet
Many unhappy returns
Spam celebrates its 30th birthday on Saturday (3 May).…
-
Holes in London Mayor websites leave them open to 'e-gaffes'
New levels of XSS for Boris'n'Ken
Ethical hackers have discovered potentially serious vulnerabilities on the websites of the two principal candidates in today's London Mayoral election.…
-
Zango's adware fox desperate to guard net henhouse
'Kaspersky's got nothin' on us'
Comment Zango, creator of Hotbar, Seekmo Search Assistant and other adware programs of dubious value to end users, just can't seem to come to grips with reality. It's coughed up a $3m fine to the FTC and abandoned two lawsuits claiming anti-malware providers illegally interfered with its business after being laughed out of just about every court where it's pursued such actions.…
-
Nigerian duped gullible NASA employee
Looking for love in all the wrong places
A Nigerian man was sentenced to 18 months in prison after tricking a NASA employee into clicking on an email attachment that installed malware on her government-issued computer.…
-
Plasma TV components applied to password cracking
Bluetooth crypto blown in eight seconds
Forget networked PCs or even PlayStation 3s, components commonly found in plasma TVs are the latest thing in password cracking tools.…
-
MS supplies cops with DIY forensics tool
Cybercrims? They'll never get their hands on one...
Microsoft has reportedly developed a USB key that allows investigators to extract forensic data from PCs.…
-
Anti-Israel hackers deface central bank site
Security doesn't roll on Shabbat
The Bank of Israel website has been restored after it was knocked off the internet last weekend in an attack blamed on anti-Israel hackers.…
-
McAfee 'Hacker Safe' cert sheds more cred
Rubber stamp factory exposed
Comment More than three months after security bugs were documented in more than 60 ecommerce sites certified by McAfee as "Hacker Safe," a security researcher has unveiled a fresh batch of vulnerable websites.…
-
Whitehats tackle The Great Botnet Dilemma
Remove Kraken? Or leave it be?
After infiltrating one of the biggest and most abusive known botnets, security researchers are wrestling with a thorny ethical dilemma: should they exorcise tens of thousands of possessed machines or simply leave them be?…
-
Israeli spyware-for-hire PIs jailed
Watching the detectives
A group of private eyes who applied spyware to industrial espionage have been jailed in Israel, in the latest twist to a long-running high-profile investigation.…
-
[NSFW] Cash, blow-up dolls and mime artist star at spyware knees-up
Cybercrims launch Bacchanalia 2.0
NSFW It's common knowledge that malware has become the purview of cybercriminals rather than mere mischief-makers. But unlike the frolics of dotcom yuppies, the excesses of Eastern European cybercrooks have rarely been chronicled.…
-
Spyware targets frustrated GTA IV gamers
Drive-by spam attacks blight carjack game launch
Gamers desperate to get their mitts on Grand Theft Auto IV are being targeted in an opportunistic spyware scam. Spam emails offer prospective marks free entry to a draw offering a PlayStation 3 loaded with the much-anticipated game as a prize.…
-
MySpace wins lawsuit against Spamford Wallace
Serial nuisance fails to defend case
MySpace has won a lawsuit against notorious spammer Sanford (Spamford) Wallace. The social networking website gained a default judgment against Wallace after he failed to turn over documents or appear in court, CNet reports.…
-
HSBC plugs hole that exposed site directory
John Lewis Partnership site rather too open for comfort
HSBC has finally fixed a bug that allowed web surfers to browse the directory structure of a supposedly secure website it helps to run.…
-
Linux guru Hans Reiser convicted of first-degree murder
Estranged wife's body never found
A jury has convicted Hans Reiser, developer of the ReiserFS filesystem for Linux, of first degree murder for killing his estranged wife in 2006 even though her body was never found.…
-
Chernobyl coverage blows up in Radio Free Europe's face
DDOS bomb
Websites run by Radio Free Europe have been under a fierce cyber attack that coincided with coverage over the weekend of a rally organized by opposition to the Belarusian opposition.…
-
Yahoo! pimping malware from banner ads
Doesn't seem to care
Over the past three days, Yahoo has been exposing visitors to banner ads that try to trick them into installing malware, and there's no indication anyone at the company is even aware of the problem.…
-
Canuck faces life sentence for nude girl webcam scheme
As young as 14
More charges have been filed against a Montreal man accused of fiendishly using the internet to trick or coerce girls into posing nude for him on webcams.…
-
Anti-virus hacking contest polarizes vendors
Race to Zero intolerance
Security firms have split over the merits of a hacking contest aimed against anti-virus packages planned for August's Defcon conference.…
-
Botnet agent plays lost sheep to avoid detection
The Kraken wakes
The latest variants of Kraken have thrown up innovations in black hat stealth technology that are making botnets spawned by the malware harder to detect and dismantle.…
-
New attack technique threatens databases
Lateral thinking about SQL injection
Database security expert David Litchfield has published details of a new type of database attack technique. Lateral SQL injection creates a means for hackers to access database data or inject hostile code onto vulnerable systems.…
-
VXers slap copyright notices on malware
What happened to honour among thieves?
Malware authors have lifted a page from the legit software industry's rule book and are slapping copyright notices on their Trojans.…
-
Infosecurity is very much like...
New cliches for old
Infosec After three days, 320 exhibitors, dozens of presentations, and even more extensive marketing guff the Infosecurity exhibition in London is over for another year. Thankfully, next year's trade show will be held in Earls Court, not in the wastes of Olympia, and so much easier to get to.…
-
Department of Homeland Security website hacked!
Infected by massive attack sweeping the net
The sophisticated mass infection that's injecting attack code into hundreds of thousands of reputable web pages is growing and even infiltrated the website of the Department of Homeland Security.…
-
Securing cyberspace against war, terror and red tape
DHS's Greg Garcia in the hot seat
Interview In September 2006, the US Secretary of Homeland Security appointed Greg Garcia assistant secretary for cybersecurity and telecommunications. With oversight for the National Cyber Security Division, the Office of Emergency Communications and the National Communications System, he is the federal government's point man for securing the nation's internet and telecommunications' systems against attacks from terrorists or countries that may target the US.…
-
MS patch system poses 'significant risk', say researchers
The fix could automate production of the attack
A group of four computer scientists urged Microsoft to redesign the way it distributes patches, after they created a technique that automatically produces attack code by comparing the vulnerable and repaired versions of a program. The technique, which the researchers refer to as automatic patch-based exploit generation (APEG), can create attack code for most major types of vulnerabilities in minutes by automating the analysis of a patch designed to fix the flaws, the researchers stated in a paper released last week.…
-
YouTube has a little local difficulty in Arabia
Cache from chaos
A security snafu on YouTube allowed users in the UAE to view the account pages and preferences of other users.…
-
Web infection attacks more than 100,000 pages
UK Civil Service, UN and EPA among the plagued
Hackers have injected malicious code into hundreds of thousands of reputable web pages, turning them into launchpads for attacks that silently install malware on the machines of those who visit them. The UK's Civil Service and the United Nations were among those who had been hacked.…
-
Standalone security industry dying, says guru
Schneier sounds death knell for Infosec
Security guru Bruce Schneier has renewed his attack on the IT security industry. A record number of attendees is visiting this week's Infosecurity trade show in London but nobody is buying anything, according to Schneier.…
-
Hidden card fraud taxes UK.biz
Chargeback
Headline losses from credit card fraud are only part of the problem facing UK ecommerce firms. Chargeback costs from failed transactions are also costing them dear.…