attackers

attackers

U.S. warns gas pipeline companies of cyberattacks

Update: Hackers exploit new IE zero-day vulnerability

www.computerworld.com
Attackers are exploiting a "zero-day" vulnerability in Microsoft's Internet Explorer and hijacking Windows PCs that cruise to malicious or compromised websites, security experts said today....
Update: Hackers exploit new IE zero-day vulnerability
App developer calls critic "f*cken little know it all"; site goes down
"Lucky Thirteen" attack snarfs cookies protected by SSL encryption

Adobe releases emergency patches for Reader and Acrobat

www.computerworld.com
Adobe released emergency patches for Adobe Reader and Acrobat 11, 10 and 9 on Wednesday that address two critical vulnerabilities being actively exploited by attackers....
Adobe releases emergency patches for Reader and Acrobat

Compromised phpMyAdmin download reinforces importance of verifying checksums

www.extremetech.com
The latest stable version of phpMyAdmin — the popular, GUI-based MySQL database software — was released late last month, but thanks to a compromised download mirror, users running the newest version may still be vulnerable to hackers. At some point after September 22, an unknown attacker managed to insert a...
Compromised phpMyAdmin download reinforces importance of verifying checksums

Researcher: Face.com iOS flaw could have allowed Facebook, Twitter account hijacking

www.computerworld.com
Facial recognition start-up Face.com patched a vulnerability in its KLINK iOS app that could have allowed attackers to hijack the Facebook and Twitter accounts of its users, according to Ashkan Soltani, the independent security researcher who claims to have found the flaw....
Researcher: Face.com iOS flaw could have allowed Facebook, Twitter account hijacking

Exotic XSS bug in Adobe Flash controlled users' Web accounts

arstechnica.com
Adobe has plugged a hole in its ubiquitous Flash media player that attackers were exploiting to control services such as webmail accessed by end users. The universal XSS, or cross-site scripting, vulnerability is present in all versions of Flash, but was only being actively exploited in versions that worked...
Exotic XSS bug in Adobe Flash controlled users' Web accounts

Microsoft investigating possible IE mouse-tracking flaw

news.cnet.com
All versions of the Web browser are vulnerable to flaw that allows attackers track cursor movements on the screen, a security researcher warns. [Read more]...
Microsoft investigating possible IE mouse-tracking flaw

David Pogue on Line2

www.nytimes.com
David Pogue on Line2, a very Google Voice-like VOIP app for the iPhone that Apple accepted into the App Store. Curiously, at this moment Line2’s web site claims “Toktumi and Line2 are currently experiencing a denial of service attack. We are trying to isolate the attackers and restore service. Please...
David Pogue on Line2
We're going to blow up your boiler: Critical bug threatens hospital systems

US-CERT tells users to disable Java in browsers after exploit

www.computerworld.com
Internet users should consider disabling Java in their browsers because of an exploit that can allow remote attackers to execute code on a vulnerable system, the U.S. Computer Emergency Readiness Team (US-CERT) recommended late Thursday....
US-CERT tells users to disable Java in browsers after exploit

Botnet masters hide command-and-control server inside the Tor network

www.pcworld.com
Security researchers from German antivirus vendor G Data Software have identified a botnet that is controlled by attackers from an Internet Relay Chat (IRC)......
Botnet masters hide command-and-control server inside the Tor network
Google builds bigger crypto keys to make site forgeries harder

Despite its efforts to fix vulnerabilities, Yahoo's Mail users continue reporting hacking incidents

thenextweb.com
Yahoo Mail users have been seeing their accounts broken into for months. While Yahoo says it has plugged at least two separate security holes leading to accounts getting hijacked, it appears the problem persists. While it’s unclear how long these attacks have been going on for, we first reported Yahoo...
Despite its efforts to fix vulnerabilities, Yahoo's Mail users continue reporting hacking incidents
White House admits systems in Military Office were hacked

Malware uses Google Docs as proxy to command and control server

www.pcworld.com
Security researchers from antivirus vendor Symantec have uncovered a piece of malware that uses Google Docs, which is now part of Google Drive, as a bridge when communicating with attackers in order to hide the malicious traffic. The malware--a new version from the Backdoor.Makadocs family--uses the Google Drive "Viewer"...
Malware uses Google Docs as proxy to command and control server

Bad day for LinkedIn: 6.5 million hashed passwords reportedly leaked – change yours now

thenextweb.com
Already in the spotlight over concerns that its iOS app collects full meeting notes and details from a device’s calendar and sends them back to the company in plain text, LinkedIn user accounts are now said to have been compromised, with 6.5 million hashes or encrypted passwords reportedly leaked. Norweigan...
Bad day for LinkedIn: 6.5 million hashed passwords reportedly leaked – change yours now

Google Attackers Gained Access to Computer Code - WSJ.com

online.wsj.com
Google Attackers Gained Access to Computer Code - WSJ.com

Hacker publishes alleged zero-day remote code execution exploit for older Plesk versions

www.pcworld.com
A hacker released what he claims is a zero-day exploit for older versions of the Parallels Plesk Panel, a popular Web hosting administration software package, that could allow attackers to inject arbitrary PHP code and execute rogue commands on Web servers.The hacker uses the alias "Kingcope" and has published...
Hacker publishes alleged zero-day remote code execution exploit for older Plesk versions

Just-patched Java, IE bugs used to snare human rights sites

arstechnica.com
The website belonging to non-governmental organization Reporters Without Borders is the latest to be hit by attacks that use the recently patched Java and Internet Explorer vulnerabilities to surreptitiously hijack computers of visitors, security researchers said. The compromise comes a week after similar attacks successfully commandeered sites belonging to...
Just-patched Java, IE bugs used to snare human rights sites

Email Attackers Take a Weekend Breather

www.pcworld.com
Email attacks which contain malicious attachments consistently fell on weekends, according to an analysis of the first quarter of 2012 by US security and malware analytics vendor, FireEye....
Email Attackers Take a Weekend Breather

May’s Patch Tuesday to contain 7 bulletins, patch 23 vulnerabilities

thenextweb.com
The month is fresh, which means that Microsoft has a raft of upcoming fixes and patches coming out next Tuesday for its software products. Patch Tuesday is an institution, and one that matters as it helps keeps everyone a bit safer, and hopefully, one step ahead of the digital baddies....
May’s Patch Tuesday to contain 7 bulletins, patch 23 vulnerabilities

Attackers sign malware using crypto certificate stolen from Opera Software

arstechnica.com
Alan Cleaver Hackers penetrated network servers belonging to Opera Software, stole at least one digital certificate, and then used it to distribute malware that incorrectly appeared to be published by the browser maker. The attack was uncovered, halted, and contained on June 19, according to a short advisory that Opera...
Attackers sign malware using crypto certificate stolen from Opera Software

The Qassam Cyber Fighters Send Holiday Greetings With Renewed DDoS Attacks On Banks

betabeat.com
Wells Fargo, hit by al-Qassam Cyber Fighters DDoS attacks. Denial of Service elves Izz ad-Din al-Qassam Cyber Fighters issued a new statement Tuesday and apparently renewed DDoS attacks on American bank websites. In a brief Pastebin post the hackers–who claim they are mainly motivated by outrage over the anti-Muslim video, Innocence of...
The Qassam Cyber Fighters Send Holiday Greetings With Renewed DDoS Attacks On Banks

Two thirds of Madi cyber espionage targets based in Israel

www.guardian.co.uk
Security experts discover 62% of the approximately 800 victims of malware campaign have been based in IsraelNearly two thirds of the government officials, lobbyists and other victims of the cyber espionage campaign dubbed Madi were based in Israel, security experts have discovered.An investigation by the security firm Symantec, published on...
Two thirds of Madi cyber espionage targets based in Israel

Critical denial-of-service flaw in BIND software puts DNS servers at risk

www.computerworld.com
A flaw in the widely used BIND DNS (Domain Name System) software can be exploited by remote attackers to crash DNS servers and affect the operation of other programs running on the same machines....
Critical denial-of-service flaw in BIND software puts DNS servers at risk

Researchers Find New Mac Keylogging Trojan on Site About Dalai Lama

betabeat.com
Dockster is a recently discovered Mac-based malware program that functions as a keylogger, among other things. It’s also a trojan, which means it can hide on a host computer quietly recording every keystroke before it contacts a remote server for further instructions. Dockster is considered “low risk,” but it has...
Researchers Find New Mac Keylogging Trojan on Site About Dalai Lama

Attention all Windows users: patch your systems now

arstechnica.com
Online attackers are actively exploiting a vulnerability in Internet Explorer that allows them to execute malicious code on computers that visit booby-trapped websites, researchers said in an advisory that underscores the importance of installing a Microsoft patch as soon as possible. The exploit of a critical IE bug, reported by...
Attention all Windows users: patch your systems now
With Pepper Spray iPhone Case, You Can Defend Yourself And Wear Tight Jeans
× Just a test of the new info bar. What do you think?