Security

For the third year in a row, Google's Chrome web browser has put in an impressive performance at the Pwn2Own hacking challenge. Indeed, after two days nobody had even attempted to breach the browser's security, despite an increased reward of $5,000. ... The contest involves hackers attempting to exploit security loopholes on the four major web browsers (Chrome, Firefox, Internet Explorer and Safari) to win a $15,000 prize, along with the computer used for the challenge -- hence the contest name. Contestants are allowed to give judges a website address to visit, simulating the process of a web ... (view more)

Think Macs can't be infected by viruses? Think again. While Apple computers are generally less likely to be attacked by hackers, it's not impossible to infect a Mac with malware (or virus). For years Apple has boasted that its computers are more ... secure than PCs. And they were right -- but that was based on a technicality that only a tiny fraction of the population owned Macs, and thus, there was less profit to be made and less havoc to wreak for hackers. But that's starting to change as the number of Mac owners increases, making for an awkward situation at Apple headquarters in Cupertino, ... (view more)

Malware peddlers are once again scamming Facebook users for profit. What makes this swindle different is that once the scammer gets what they want out of their target, they turn around and offer the victim a chance to scam others for a nominal fee. ... Facebook Creeping: Too Good to be True It seems as if it is human nature for someone with a Facebook account to want to know who is looking at (or "creeping") their profile page at any given time. The scam centers around this kind of curiosity with applications such as "Profile Creeps" and "Creeper Tracker". Once a user falls victim to the scam, ... (view more)

A New York senator has called for major US Internet sites to offer all of their web pages in secure mode. Charles Schumer says the move would help protect against theft of data through public WiFi networks. The request involves the hypertext ... transfer protocol, which is the technical system used for transferring data between a website and a user, and vice versa. The protocol is available in two forms: standard (in which page addresses begin with http://) and secure (in which page addresses begin with https://). Secure Browser Sessions Encrypted, Denoted by Padlock In a secure connection, which ... (view more)

A new feature in Internet Explorer is a major boost for Microsoft's web browser "Tracking Protection" system. The feature, which will debut in Internet Explorer 9 , is a response to calls by the Federal Trade Commission (FTC) for Internet to make it ... easier for users to opt out of being tracked online . The FTC doesn't want sites to ditch all tracking activities, but rather desires site visitors to have the power to prevent their details being passed on to third parties. This is most relevant with advertising; for example, if a company wants to display an advertisement based around the ... (view more)

A computer science graduate student and his friends claim to have found a way to use distributed denial of service (DDoS) attacks to take down large gateways of the Internet -- an act never before thought possible. The method, referred to as the ... "Coordinated Cross Plane Session Termination (CXPST) Attack," would require approximately 250,000 personal computers to target the Border Gateway Protocol (BGP) network routers in the attack. This style of coordinated denial of service attack is referred to as utilizing botnet , or a virtual "robot" network of computers under the control of ... (view more)

Microsoft says it's unlikely that hackers will successfully exploit a recently discovered security bug in Windows. The company says that if the bug is abused, it would likely result in a denial of service attack instead. As noted on Wednesday, the ... problem involves system files related to Windows network file and printer sharing. Hackers are often particularly interested in exploiting such system files as they are a potential entry point between a networked computer and the outside world (via the Internet). Denial of Service Risk to Windows In this case, the Windows exploit appears to have two ... (view more)

A week after pro-WikiLeaks hacker organization 'Anonymous' reportedly infiltrated one of the security firms investigating their activity, the group has now published more than 70,000 emails stolen during that initial attack. Some of the messages ... reveal staggering details that could hurt the targeted company's reputation. HBGary Federal is an American security company investigating Anonymous, which late last year admitted responsibility for a series of hacks against major financial institutions, including Visa and MasterCard . All of the targeted institutions had, at the time, recently ... (view more)

According to a recent report from security firm McAfee, Chinese cyber criminals have been leading coordinated and covert attacks on major Western energy companies since November 2009. McAfee, which has dubbed the cyber terrorism offensive 'Night ... Dragon', says oil and petrochemical firms have been affected. Perhaps the most surprising finding in the report is that many of these major companies, which have not been named, do not appear to have had particularly robust defense measures in place. "The attacks were not very sophisticated and did not use any zero-day exploits ," noted McAfee Labs ... (view more)

Elite hackers and ethical computer security enthusiasts are preparing themselves for the Pwn2Own competition, which challenges participants to break through security of popular software programs (such as web browsers). Once software is breached, it ... is referred to as an "exploit", in which hackers are then able to gain access to other areas of the computer's operating system without restrictions. It's these types of attacks which occur on web sites frequently, where visitors become instantly infected just by visiting a malicious website containing an unknown exploit (also referred to ... (view more)