Security

Though it's been out of the headlines for some time, the Conficker virus is alive and well. Researchers say it appears the virus has kept working despite little if any attention from its creators. According to Mikko Hypponen of F-Secure, one of the ... firms investigating the virus, there are still more than 5.5 million computers infected by Conficker, with Brazil, Vietnam and China particularly affected. That may be because computer owners there are less likely to be able to afford security software and more likely to be running pirated copies of Windows which are less likely to update Microsoft ... (view more)

Malware planted on web servers belonging to Network Solutions LLC, a hosting company and domain registrar, reportedly compromised more than a half a million credit card accounts belonging to customers of its e-commerce merchants. The company said it ... found unauthorized code on servers that support some of its e-commerce merchants' websites. It's reported that transaction data for about 4,343 of its merchant websites was stolen and redirected to outside servers. (Source: techtarget.com ) Half a Million Cardholders Affected Approximately 573,928 cardholders were affected by the breach that ... (view more)

In an effort to raise awareness, three professional hackers are attempting to prove that trusted web sites make you just as vulnerable to attack as known malicious web sites. At the recent Black Hat and Def Con security conventions, three presenters ... brought light to a new wave of Internet attacks that operate in a similar manner to that of a telephone tap in the shared communication between computers and trusted web sites. "Man-in-the-Middle" Attack This type of computer infiltration, known as "man-in-the-middle" attacks, occur when an online deviant steals the data that is intended to be ... (view more)

You might not call it the traditional hack, but law enforcement officers in Las Vegas have reportedly removed a suspicious ATM (Automated Teller Machine) after security experts attending the DEFCON 17 conference noticed something strangely peculiar ... about its design. The ATM in question was located at the Riviera Hotel in Las Vegas, not far from the DEFCON 17 conference, an annual gathering of international hackers and security experts. Those attending the conference -- and let's face it, they're the type that would notice this kind of behavior before anyone else -- realized early on that ... (view more)

With the release of Windows 7 just a few months away, security experts have begun touting the widespread positive impact Windows 7 will have on PC protection and the online community. Despite the occasional outbreak of critical security patches, ... Microsoft has been able to steadily improve its security image since launching the Trusted Computing initiative more than five years ago. (Source: eweek.com ) Win7 to Help Strengthen Security Purewire Principal Researcher Paul Royal touted three specific Windows 7 modifications that he believes will help thwart application vulnerabilities, rootkits ... (view more)

Security researchers have demonstrated how both Windows Mobile and iPhone handsets can be hacked simply be sending a text message. It's also emerged that a flaw in the way secure websites worked could cause problems for Firefox users. The news comes ... from the annual Black Hat security conference in Las Vegas, where it's joked that "black hat" hackers find these issues for criminal reasons, while "white hat" hackers are merely trying to improve security. However, it's generally understood that those who speak at the conference do so to highlight problems rather than exploit them. SMS from a SOB ... (view more)

With the death of Michael Jackson now being investigated as a potential homicide, a number of cyber "walls" have been erected to keep the new online records confidential. However, coroner investigations now report that several vulnerabilities exist ... in the two computer systems where the death investigation reports of Jackson are currently stored. An Inside Job The problem is much more serious than the potential for a hacker to access these restricted files from a remote location. Rather, employees are being given unauthorized access to these secretive reports despite being told that this ... (view more)

Adobe has vowed to fix a critical security hole in its Flash software within a week. But the Department of Homeland Security (DoHS) has taken the extremely unusual step of advising users to switch off the feature until the patch is available. The ... hole can be used for so-called 'drive by' attacks occurring when a user simply visits an infected website. However, the relevant code is also shared with Adobe's Acrobat software, meaning it can cause security problems through PDF documents which have Flash embedded in them for greater interactivity. That technique had already been criticized as a ... (view more)

Researchers at security firm Inverse Path plan to demonstrate how standard power sockets (used in a home, for instance) can be used to eavesdrop on what is being typed onto a computer keyboard. They plan to make a presentation at the Black Hat ... Security conference taking place in Las Vegas from July 25-30 this year. The researchers found that poor electrical shielding on some keyboard cables can result in data being leaked into power circuits. Analyzing such information allowed the researchers to see what was being typed on a keyboard. So far, demonstrations of the attacks have worked at ... (view more)

Mozilla has released the first minor point release in its Firefox 3.5 series, Firefox 3.5.1. The reason? To fix a critical security flaw within the browser's TraceMonkey JavaScript engine. Rest assured, TraceMonkey itself, despite the suspicious ... name, is not a new Conficker virus or something of the sort. On the contrary, TraceMoney is a tool created by Mozilla that improves the JavaScript web browser performance through something called a just-in-time, or JIT compilation engine. Simply put, JIT compiles code earlier and improves the performance of the Mozilla web browser. Mozilla Tracing ... (view more)