Security

Two security researchers say they've managed to prove a long-standing theory about how hackers breach online security. It involves taking advantage of a split-second quirk in the verification of online processing. The exploit could affect millions ... of online users, as it involves two login schemes which have been widely adopted by large corporate sites. (Source: computerworld.com ) Timing Attack is Key to Exploit The technique in question is known as a timing attack. It works on the basis that some password-protected systems will automatically reject an incorrect password as soon as it finds a ... (view more)

A security researcher says hackers could take control of millions of routers. Craig Heffner, of security firm Seismic, says half of the models he tested were vulnerable to a recently discovered hack. Routers, which allow an Internet connection to be ... shared among multiple computers, are extremely common -- especially for those of us who use high-speed Internet. Even if you own only one computer and don't share your connection with others in your household or office, chances are you're using a router of some kind. In short, the router acts as a gateway to the Internet and directs traffic back ... (view more)

It's often argued that restaurants are the most likely place for people to suffer credit card fraud. But a new report claims hotels are actually the most at-risk locations. The restaurant theory is based on the fact that people are more likely to ... hand over cards and let them out of their sight as they are taken away for processing. But security firm Trustwave believes the real danger isn't dishonest staff or venues, but rather criminals attempting to intercept data transmissions. 38% Of Fraud Cases Involved Hotels Trustwave recently evaluated credit card hacking reports for 2009 and found ... (view more)

With thousands of people flocking to social networking sites each day, a campaign to reduce the ever-increasing spam attacks on Twitter should come as little surprise. What is unusual, however, is where funding for the research needed to crack down ... on Twitter spammers is coming from: Google. Google is offering a grant to researchers at Texas A ... (view more)

An Australian supermarket chain has admitted it has found viruses on its self-service photo kiosks. The company is now working on adding anti-virus software to the machines. The incident involves Big W outlets, part of the Woolworths chain. It has ... 1,800 kiosks that allow users to print their own photographs direct from a digital source. One customer, who unfortunately for the chain writes a blog about computer security, found that after using a kiosk his USB stick was infected with a Trojan horse. The Trojan soon after prepared to attack his computer by disabling antivirus programs, and ... (view more)

According to reports, a flaw in the Windows XP operating system, which was first reported last week by a Google researcher, has been exploited by hackers in an attempt to spread malware. The flaw was reported on Monday , and is related to a ... vulnerability in Windows XP's Help function. A Google researcher by the name of Tavis Ormandy discovered that the web link script used in XP's Help and Support Center could be manipulated in order to route users towards malicious online content. (Source: itproportal.com ) Google Researcher Publishes Hacking Guide To Microsoft's disappointment, Ormandy ... (view more)

Microsoft recent criticized Google for publicly disclosing a remote code execution vulnerability affecting Windows XP and Server 2003. The problem was first reported to Microsoft on June 5th, but most of the world knew about it only four days later. ... This did not sit well with Microsoft, as the company believes that they were ousted before any meaningful repairs could be made to combat the issue. Worse yet, the company believes that revealing the situation to the public could have put users in danger. Windows XP, 2003 Consumers At Risk In an emotionally-charged rebuttal, Microsoft spokesperson ... (view more)

A recent hack of AT&T's web site has left over 100,000 Apple 3G iPad owners with exposed email addresses. It's feared the security hole could open the door to similar future hacks with more devastating results. Reporting on the hack is tech blog ... Gawker, which finds that a specialized hacking group was able to acquire 114,000 email addresses owned by iPad users when the former exploited a security gap in AT&T's central web site. The hacker group, known as Goatse Security, was also able to acquire the identification number these iPads use when communicating over AT&T's network, ... (view more)

Microsoft has identified a potential security risk in the Help function of Windows XP. But there is some controversy over the way the issue has come to light. This bug involves XP's Help and Support Center, and specifically a style of link which ... routes a browser to a help page built into Windows rather than a web page. Such links begin hcp:// rather than the more familiar http:// and are a way of making it easier to give online help and advice by allowing writers to include smooth links to Windows' own help pages. Whitelist Help Pages Spoofed Tavis Ormandy, an information security engineer ... (view more)

Thousands of legitimate websites have fallen victim to a widespread web attack. While the full extent of the attacks remain unknown, security analysts suspect that the hackers used what is called an "SQL injection attack" in an attempt to fool ... legitimate web sites into running malicious database commands. In short, the attack injects malicious HTML content into a web browser while users are viewing an otherwise legitimate site. If the malware is successfully installed, it opens a gateway which allows hackers to remotely control a PC. (Source: networkworld.com ) Up to 114,000 Sites ... (view more)