Yahoo, LinkedIn, Twitter accounts vulnerable to session fixation attacks.
A security researcher identified a vulnerability that could allow cyber-criminals to launch session fixation attacks and gain access to users’ accounts. Source:...
View ArticleTrojan phishes through fake Facebook page
Researchers identified a trojan dubbed “TSPY_MINOCDO.A” that, once installed, redirects victims trying to access Facebook and presents them with a fake Facebook page designed to collect personal and...
View ArticleOnline poker rooms fraught with vulnerabilities . . .
Findings published by two researchers found that many online poker Web sites whose clients rely on “skins” to design the gaming environment are vulnerable to attacks due to the Web site’s software...
View ArticleHome routers contain critical security vulnerabilities
Researchers offered consumers options to mitigate potential attacks on their home and small office routers that contain security problems. Thirteen popular routers were discovered vulnerable in...
View ArticleBackdoor Trojan uses “magic code” to contact C&C server.
Researchers discovered a backdoor-opening malware that uses a “magic code” in order to start communication with the same IP address and port once the C&C server instructs it to do so. The attackers...
View ArticleFake SourceForge website serves ZeroAccess malware.
Experts from a security firm determined hackers are using the SourceForge Web site to drop the ZeroAccess Trojan onto user’s computers and inject malware. Source:...
View ArticleIntrusion Prevention Systems fail to spot AET attacks . . .
Many big-brand Intrusion Prevention Systems (IPS) consistently fail to block attacks that target vulnerabilities in web-based applications using Advanced Evasion Techniques (AETs), a University of...
View ArticleSecurity Flaws in Online Password Manager
Researcher identifies a series of security flaws in DirectPass, Trend Micro’s cloud-based password manager software. Source:...
View ArticleAttackers use Skype, other IM apps to spread trojan
Users receiving shortened URLs in Skype instant messages, or similar IM platforms, should be wary of a new trojan, called Liftoh. So far, it has primarily infected users in Latin America, said Rodrigo...
View ArticleHackers exploit Ruby on Rails vulnerability to compromise servers, create...
A vulnerability in Ruby on Rails that was patched in January has been seen being exploited by attackers to take over servers and create a botnet. Source:...
View ArticleIs Your Computer a Foreign Spy?
Western governments have long suspected Chinese computer equipment makers of being spying factories. Huawei is typically front and center in today’s allegations about Chinese corporate spying. But...
View ArticleBiometric Security = Marketing Gimmick?
Biometric security is often meant to satisfy consumer demand, not security requirements. Watch an iPhone 5S compromise and gain perspective here:...
View ArticleExperian Caught Selling Data to Identity Theft Service
The credit bureau Experian appears to have sold an unknown amount of highly sensitive personal information to a Vietnamese national who maintained an online identity theft service. Here is the story:...
View ArticleHome routers contain critical security vulnerabilities
Researchers offered consumers options to mitigate potential attacks on their home and small office routers that contain security problems. Thirteen popular routers were discovered vulnerable in...
View ArticleBackdoor Trojan uses “magic code” to contact C&C server.
Researchers discovered a backdoor-opening malware that uses a “magic code” in order to start communication with the same IP address and port once the C&C server instructs it to do so. The attackers...
View ArticleFake SourceForge website serves ZeroAccess malware.
Experts from a security firm determined hackers are using the SourceForge Web site to drop the ZeroAccess Trojan onto user’s computers and inject malware. Source:...
View ArticleIntrusion Prevention Systems fail to spot AET attacks . . .
Many big-brand Intrusion Prevention Systems (IPS) consistently fail to block attacks that target vulnerabilities in web-based applications using Advanced Evasion Techniques (AETs), a University of...
View ArticleSecurity Flaws in Online Password Manager
Researcher identifies a series of security flaws in DirectPass, Trend Micro’s cloud-based password manager software. Source:...
View ArticleAttackers use Skype, other IM apps to spread trojan
Users receiving shortened URLs in Skype instant messages, or similar IM platforms, should be wary of a new trojan, called Liftoh. So far, it has primarily infected users in Latin America, said Rodrigo...
View ArticleHackers exploit Ruby on Rails vulnerability to compromise servers, create...
A vulnerability in Ruby on Rails that was patched in January has been seen being exploited by attackers to take over servers and create a botnet. Source:...
View Article
