Latest News in Computer Security
Guarded Key web site provides latest news focused on security of your online identities.
This could help you learn how to secure your accounts and provide alerts to new computer security threats
related to stolen home addresses, email addresses, passwords, credit cards and other important personal information.
Protect your online identities with
Guarded Key
and encrypt your user names and passwords!
Monday, June 15, 2015 Popular password protector hacked Popular password manager LastPass, seen as a way to protect against the inherent security flaws of passwords, revealed on Monday it had been breached. The company said hackers had made off with encrypted passwords and, as well as some more basic user information, such as email addresses. "We are confident that our encryption measures are sufficient to protect the vast majority of users," the company said in a blog post. It's the second breach at LastPass in the last four years, ArsTechnica reported, highlighting the vulnerability even of tools meant to defend against easy password theft. A password manager stores all login data in an encrypted vault, requiring a user to remember only one master password. Security experts admit it's not a perfect system, but maintain it's a vast improvement over trying to either remember dozens of passwords, using simple passwords, or keeping login credentials stored in an unsecure location. >> find out more ... |
Friday, February 13, 2015 White House goal: Kill the password The White House is funding efforts to wipe out the password as the primary security code used to access sensitive data online. Officials and cybersecurity experts say the password is inherently weak and frequently misused, with easily hacked phrases like "password" and "123456" putting bank accounts, Social Security numbers and other sensitive information at risk. "It's probably the highest vulnerability there is," said Keith Ward, CEO of the Transglobal Secure Collaboration Program (TSCP), a company chosen by the White House to work on securely transmitting sensitive data between defense companies. >> find out more ... |
Sunday, March 10, 2013 Adobe Hacked: Cyber-Thieves Accessed Credit Card Information Of Nearly 3 Million Customers Adobe Systems Inc. said a cyberattack on its systems has exposed credit-card information of 2.9 million customers. The maker of Photoshop and other software said Thursday that the attacker accessed Adobe customer IDs and passwords on its systems. Through that, they were able to remove customer names, encrypted credit and debit card numbers, expiration dates and other information related to orders from customers worldwide. The company does not believe attackers removed credit and debit card numbers that weren't encrypted. Adobe is notifying customers and resetting passwords. It has alerted banks processing Adobe payments to help protect customer accounts. It is also working with federal law enforcement on its related investigation. >> find out more ... |
Thursday, July 12, 2012 Yahoo security breach exposes 450,000 usernames and passwords A Yahoo security breach that exposed 450,000 usernames and passwords from a site on the huge web portal indicates that the company failed to take even basic precautions to protect the data. Security experts were befuddled Thursday as to why a company as large as Yahoo would fail to cryptographically store the passwords in its database. Instead, they were left in plain text, which means a hacker could easily read them. "It is definitely poor security," Marcus Carey, a security researcher at Rapid7, said. "It's not even security 101. It's basic application development 101." Yahoo declined a request for an interview, and only emailed a statement confirming the breach that occurred Wednesday. The company said that an "older file" containing roughly 450,000 user names and passwords was stolen from its Contributor Network, a subset of Yahoo's massive network of Web sites. >> find out more ... |
Wednesday, June 06, 2012 More than 6 million LinkedIn passwords likely stolen NEW YORK (CNNMoney) -- Russian hackers released a giant list of passwords this week, and on Wednesday security researchers identified their likely source: business social networking site LinkedIn. The 6.5 million leaked passwords were posted Monday on a Russian online forum, camoflaged with a common cryptographic hash called SHA-1. It's a format that's considered weak in its raw form. Roughly half of the hashed passwords have already been decoded and posted online in human-readable text. Several security researchers tweeted Wednesday that they have found their passwords among those that were revealed. Web security firm Sophos said it matched many of its researchers' own passwords that are used exclusively on LinkedIn. Here's what those probing the hack consider the biggest giveaway: countless passwords on the list contain the word "linkedin". On a popular hacker forum, many reported finding passwords such as "linkedout," "recruiter," "googlerecruiter," "toprecruiter," "superrecruiter," "humanresources" and "hiring." >> find out more ... |
Wednesday, June 06, 2012 Google warns users of state-sponsored hacking (CNN) -- Google has started warning users when it thinks they may be targets of government-sponsored hackers, the Internet giant announced. Users whose accounts are compromised get a message at the top of their browser saying: "Warning: We believe state-sponsored attackers may be attempting to compromise your account or computer." >> find out more ... |
Thursday, February 02, 2012 Key Internet operator VeriSign hit by hackers VeriSign Inc, the company in charge of delivering people safely to more than half the world's websites, has been hacked repeatedly by outsiders who stole undisclosed information from the leading Internet infrastructure company. The previously unreported breaches occurred in 2010 at the Reston, Virginia-based company, which is ultimately responsible for the integrity of Web addresses ending in .com, .net and .gov. VeriSign said its executives "do not believe these attacks breached the servers that support our Domain Name System network," which ensures people land at the right numeric Internet Protocol address when they type in a name such as Google.com, but it did not rule anything out. VeriSign's domain-name system processes as many as 50 billion queries daily. Pilfered information from it could let hackers direct people to faked sites and intercept email from federal employees or corporate executives, though classified government data moves through more secure channels. "Oh my God," said Stewart Baker, former assistant secretary of the Department of Homeland Security and before that the top lawyer at the National Security Agency. "That could allow people to imitate almost any company on the Net." >> find out more ... |
Tuesday, January 17, 2012 Zappos Hack Exposes Passwords Online shoe and clothing retailer Zappos, which is owned by Amazon.com, began emailing its 24 million customers Sunday, advising them that its site had been hacked, and some customers' personal details and account information likely stolen. But Zappos said that no credit or debit card information had been accessed by attackers. "We were recently the victim of a cyberattack by a criminal who gained access to parts of our internal network and systems through one of our servers in Kentucky. We are cooperating with law enforcement to undergo an exhaustive investigation," said Zappos CEO Tony Hsieh in an email that was sent to all Zappos employees Sunday, shortly before the company sent an email to its customers, warning them about the breach. The stolen data, said Hsieh, may have included each customer's name, email address, billing and shipping address, the last four digits of their credit card number, and a "cryptographically scrambled" version of their website password. >> find out more ... |
Saturday, November 12, 2011 'Steam' hack puts millions of gamers' personal, financial info 'at risk' The credit card details of millions of gamers is now at risk as hackers have gained unauthorized access to a database of online gaming giant Steam. Its owner and operator, Valve, however, said it stored credit card information in encrypted form and that it so far had no evidence of misuse as a result of the intrusion. "We learned that intruders obtained access to a Steam database in addition to the forums," said chief executive Gabe Newell in a letter to users. >> find out more ... |
Friday, August 05, 2011 Online access to millions of bank accounts may be blocked by simple computer attack Recently there has been many computer attacks, which involved stealing names, addresses, emails, credit card numbers, obtaining passwords for further infiltration into databases, breaking into websites, emails and social network sites. There is however another type of attack we haven't seen yet - a new type of attack of online banking. Online services providing access to our bank accounts are protected by authentication mechanism based on User Id and Password, and sometimes this is enhanced by asking security questions. If user provides incorrect password or answer to one of the randomly chosen security questions, the server rejects authentication requests. Multiple attempts can be made before the account is locked down and no further logins are allowed. Legitimate user can unblock the account by calling customer service or by accessing web page for recovery of blocked account, which uses special steps to identify user, so that the account could be unlocked. Locking online account seems to be well designed security feature, however it doesn't consider malicious attempts of failed login in order to intentionally block bank account access. Attacker can guess User Id based on research of websites and social networks in order to find user's name, email address and aliases, which can be used to determine User Id. Attacker can then make several unsuccessful authentication requests until the account access is locked down. This situation may actually become more serious if this form of attack is done on a large scale, where login attempts are generated programatically and large number of online accounts can be blocked in relatively very short time. Suppose a government decides to make an assult on financial network of another country. In that case even one programmer can write a routine which generates combinations of all first names and last names, obtain email addresses and aliases from social netoworks, and executes continuous attack which performs unsuccessful logins for all generated user ids to block their accounts. Since one account can be blocked this way in a couple of seconds, large scale attack from multiple computers can block millions of accounts in a few days, perhaps even hours. Banks and their servers and personnel may have problems to handle millions of requests to unblock all accounts. There is however one solution, which can help individual users. Users can protect themselves as desbribed in the following article: Secure Online Banking. It describes how to choose safer User Id and how password manager can be useful. >> find out more ... |
Tuesday, August 02, 2011 Sun website 1000's users data stolen Britain's Rupert Murdoch-owned tabloid The Sun has sent a message to readers warning them that computer hackers may have published their data online after an attack on the paper's website last month. News International, News Group's parent company, issued a statement that said: "We take customer data extremely seriously and are working with the relevant authorities to resolve this matter. We are directly contacting any customer affected by this." The stolen information is believed to include names, addresses, dates of birth, email addresses and phone numbers. No financial or password data was compromised, the company said. On Monday, an 18-year-old suspected of being a spokesman for LulzSec and another hacking group Anonymous was granted bail at a London court after being charged with hacking into websites. >> find out more ... |
Tuesday, July 12, 2011 Toshiba Database hacked and User accounts leaked Today V0iD hacker leak the database of National Assembly of Pakistan database and now he also Hack the website of Toshiba. The Database names, Admin user table data with user-passwords and Normal users logins leaked at http://pastebin.com/mFwijETu. >> find out more ... |
Thursday, July 07, 2011 Washington Post Job Board Hacked: 1.27 Million Job Seekers Affected The Washington Post has notified users of its job board that a recent a cyber attack has resulted in a data breach that compromised up to 1.27 million job seeker accounts. The Washington Post said that the attack occurred in two brief episodes, once on June 27 and once on June 28, resulting in the attacker(s) getting hold of roughly 1.27 million user IDs and e-mail addresses. Passwords or other personal information were not compromised, the publisher said. "We quickly identified the attack and took action to shut it down," the Washington Post said. "We also have implemented additional measures to prevent against a similar attack in the future, and we are pursuing the matter with law enforcement. In addition, we are conducting a thorough audit of the security of the Jobs site." >> find out more ... |
Monday, July 04, 2011 FOX News Twitter hacked, falsely reports Obama's death NEW YORK (AP) - Hackers broke into Fox's political Twitter account early Monday, posting updates saying President Barack Obama had been assassinated. A series of six tweets coming from the FoxNewsPolitics account reported that Obama had been shot to death in Iowa and the shooter was unknown. In a statement posted on its website later Monday morning, Fox News called the tweets "malicious" and "false." It said the hacking is being investigated. >> find out more ... |
Friday, June 24, 2011 IMF identifies computer files hacked in cyber attack WASHINGTON - The International Monetary Fund has identified the computer files hacked in a cyberattack and is the process of weighing their importance, and IMF spokesman said Thursday. "We're still investigating this breach. We have identified files that have been copied and we're assessing the importance of those files," spokesman David Hawley said in a news briefing. >> find out more ... |
Friday, June 24, 2011 Group says it hacked Arizona public safety files PHOENIX (AP) - A group that boasts of successfully hacking Sony and the CIA web page in recent months claimed Thursday to have hacked into the computer files of an Arizona law enforcement agency. The Lulz Security hacking collective said on its web site that it was releasing "hundreds of private intelligence bulletins, training manuals, personal email correspondence, names, phone numbers, addresses and passwords belonging to Arizona law enforcement." >> find out more ... |
Thursday, June 16, 2011 Citi says 360,000 accounts hacked in May cyber attack NEW YORK/HONG KONG (Reuters) - Citigroup Inc said a cyber attack in May affected almost twice as many accounts as the bank's figures had initially suggested, as major U.S. lenders come under growing pressure from lawmakers to improve account security. A total of 360,083 North American Citigroup credit card accounts were affected by the breach, the third-largest U.S. bank by assets said in a statement released late on Wednesday. Of those affected, some 217,657 customers were reissued with new cards along with a notification letter, while the remaining accounts were either inactive or had already received new cards earlier, the bank added. Citigroup had earlier said that about 1 percent of its North American accounts were affected. The bank's annual report puts the total number of its customers at 21 million. >> find out more ... |
Saturday, June 11, 2011 US banks 15 years behind Eastern European banks in computer security After recent security breach in Citibank we have to ask if this is an isolated incident in a financial institution or if there are other companies and their clients at risk. The issue seems to be even more serious than we think and other banks in the United States may experience similar attacks. The lack of computer security is most notable in services providing online access to bank accounts. Especially large banks seem to use inadequate protection against computer attacks. For example Bank of America provides online access which requires user id, answer to a security question and static password. However does asking in which city were you born really secure your bank account? I doubt it. Banks in Eastern Europe give electronic signature to clients for more than 15 years. The electronic signature (or private key) is issued free of charge and it is used along with username and password to sign into web services for bank account access. Why do US banks stay behind for so many years? Cost cutting, lack of interest in computer security, overconfidence in security systems currently in place, insufficient security strategy? Whatever the reason, there is a new technology which can significantly improve security of clients' bank accounts. Guarded Key is about to release a new version of the most secure password manager. The new version will provide more secure online authentication method using client certificate and cryptographic security token, which will eliminate use of static password. Static password, although secure when using good password manager, may still be discovered by hackers using network monitors. Public wireless access points (Wi-Fi) can pose a threat, because even the secure https connection may be subject to a computer attack in which attacker records communication coming from your computer, and than run offline analysis to decipher data and retreive passwords. New version of Guarded Key generates a security token for each sign in session. Security token contains a timestamp and can be used only once. For the next online session a new token is generated. If it is discovered by a hacker, the token is useless and attempt to sign in will fail. Guarded key keeps your certificate in an encrypted database protected by 4096-bit key and 8 layers of encryption. >> find out more ... |
Thursday, June 09, 2011 For bank robbers, data have replaced guns Cybercrime, as Citigroup Inc.'s C -2.26% data breach of more than 200,000 credit-card accounts suggests, is replacing the analog world of stick-'em-up bank robberies. It's more lucrative and harder to catch. Read full story on Citigroup's response security breach. Last year, there were 1,160 old-fashioned bank robberies of the old-fashioned kind, according to the Federal Bureau of Investigation. The bad guys made off with $9 million in cash and $337,000 in checks. The odds were good they got away with it; only $1.9 million was recovered. Cybercrime is far more lucrative and presents huge challenges for law enforcement. Bank robbers at least have to be presents; hacks of financial networks can occur from anywhere on the globe with an Internet connection. >> find out more ... |
Thursday, June 09, 2011 Hackers nab card data from 200,000 Citi customers NEW YORK (AP) - Citigroup Inc. has become the latest victim in a string of high-profile data thefts by hackers targeting some of the world's best-known companies. The New York bank said Thursday that about 200,000 Citibank credit card customers in North America had their names, account numbers and email addresses stolen by hackers who broke into Citi's online account site. Citigroup said it discovered that account information for about 1 percent of its credit card customers had been viewed by hackers. Citi has more than 21 million credit card customers in North America, according to its 2010 annual report. The bank, which discovered the problem during routine monitoring, didn't say exactly how many accounts were breached. Citi said it was contacting those customers. >> find out more ... |
Friday, June 03, 2011 What's the Future of RSA SecureID The recent cyber attacks on Lockheed Martin and other large defense contractors have many security experts worried, particularly because the attack relied on a vulnerability in RSA's SecureID, the current gold standard in computer security. If SecureID is seriously flawed, then what comes next? Up until late last week, 250 million users regarded RSA's SecureID tokens as the computer security gold standard. The system consists of a small fob that generates a new code every 30 seconds, to be used in conjunction with a personal password; it creates a seemingly unhackable two-step authentication system for someone seeking remote access to a computer network. Defense companies doing top-secret business with the Pentagon and the intelligence community trust SecureID to keep their secrets. But the blockbuster revelation that defense giant Lockheed Martin was hacked via a vulnerability in the RSA token has lead many to question whether today's gold standard is already yesterday's technology. >> find out more ... |
Thursday, June 02, 2011 Hackers stole secret Canadian government data Hackers who attacked two of Canada's federal departments stole classified information before being discovered last January, CBC News has learned. The revelation comes from documents obtained under Access to Information laws, and contradicts what the minister in charge said at the time. Six months ago, hackers launched an unprecedented cyber attack on the federal government. In January, the government's computer system came under attack. Hackers sent malicious emails to staff that appeared to be coming from senior managers. When staff opened the attachments, hackers found a path into the federal network, providing access to classified information. >> find out more ... |
Thursday, June 02, 2011 Google Mail Hack Blamed on China Google Inc. said Chinese hackers targeted the email accounts of senior U.S. officials and hundreds of other prominent people in a fresh computer attack certain to intensify growing concern about the security of the Internet. The victims, including government and military personnel, Asian officials, Chinese activists and journalists, were tricked into sharing their Gmail passwords with "bad actors" based in China, Google said in an unusual blog post. The attack's goal was to read and forward the victims' email. >> find out more ... |
Monday, May 30, 2011 Hackers post phony Tupac story on PBS website PBS officials say hackers have cracked the network's website, posting a phony story claiming dead rapper Tupac Shakur was alive in New Zealand, and a group that claimed responsibility for the hacking complained about a recent "Frontline" investigative news program on WikiLeaks. PBS confirmed Monday that the website had been hacked. The phony story had been taken down as of Monday morning. It had been posted on the site of the "PBS NewsHour" program, which is produced by WETA-TV in Arlington, Va. Anne Bentley, PBS' vice president of corporate communications, said in an email that erroneous information posted on the website has been corrected. The hackers also posted login information for two internal PBS sites: one that media use to access the PBS press room and an internal communications website for stations, she said. She said all affected parties were being notified. >> find out more ... |
Friday, May 27, 2011 Beware of vengeful IT personnel Managers be warned: A significant threat to the security of your data may be the very people you pay to keep your secrets safe. That's the message from a new survey that found more than a third of corporate information technology security professionals claim they have the ability to hold their organization's data hostage. >> find out more ... |
Tuesday, May 24, 2011 Fake VirusTotal site serves malware VirusTotal - the popular free file checking website - has been spoofed by malware peddlers, warns Kaspersky Lab. A simple visit to the site triggers the download of a worm via a java applet embedded in the code. The worm in question is detected by Kaspersky Lab as Worm.MSIL.Arcdoor.ov. It's aim is to recruit the computer it infected into a botnet that would ultimately be used to perform DDoS attacks, and to communicate to the C&C information about the system (hostname, type and version of the OS, etc.) >> find out more ... |
Tuesday, May 24, 2011 Hotmail flaw allows attackers to exfiltrate emails The analysis of a recent targeted attack against webmail users has led Trend Micro researchers to discover a vulnerability in Microsoft's Hotmail webmail service that allowed attackers to siphon contact details and email messages from the victims' accounts. To trigger the attack, the victim wasn't required to click on a link or download and execute an attachment - simply opening the message would do the trick and a script embedded in the email would automatically be executed. >> find out more ... |
Tuesday, May 24, 2011 LinkedIn security flaws allow account hijacking LinkedIn users are in danger of having their their account hijacked when accessing it over insecure Wi-Fi networks or public computers, says independent security researcher Rishi Narang, and it's all due to session and authentications cookies with an unnaturally long lifespan and LinkedIn's failure to remove them once the user logs out. The cookies in question are JSESSIONID and LEO_AUTH_TOKEN, and are available even after the session initiated by the user has been terminated. They are also set to expire only after one solid year, and this fact allowed the researcher to access a number of active accounts of various individuals from all over the world during a period of many months. "They would have login/logged out many a times in these months but their cookie was still valid," he says. >> find out more ... |
Wednesday, May 18, 2011 Personal data of Massachusetts' unemployed stolen As if being unemployed isn't bad enough, 210,000 unemployed residents of Massachusetts may have had personal data about them stolen from the state agency that is supposed to be helping them out. The Executive Office of Labor and Workforce Development is reporting that a worm could have operated unhampered in its network for three-and-a-half weeks before being purged. During that time documents about unemployed residents that were filed by 1,200 employers were vulnerable, the office says. IMPACT: Corporate data breach average cost hits $7.2 million >> find out more ... |
Wednesday, May 18, 2011 Sony takes down PlayStation Network after URL error A Web programming glitch could lead to account takeover. Nothing comes easy to Sony these days. The company was forced to take part of its Sony PlayStation Network offline briefly on Wednesday as it fixed a Web glitch that gave hackers a way to take over users' accounts. Sony was hacked last month, and since Saturday had been bringing its PlayStation Network (PSN), Sony Online Entertainment network and Qriocity sites back online. To lock down the networks' security, Sony has been asking users to reset their passwords, but now a Web programming error has ground that process to a halt. According to a discussion forum posting by Sony, the company has turned off its sign-in feature for PlayStation.com, Qriocity, PlayStation blogs, forums and gaming websites as well as Music Unlimited on the Web. >> find out more ... |
Wednesday, May 18, 2011 Potential security flaw in Dropbox It seems that information which Dropbox, the popular web-based file-sharing site/service, issued in response to a US Federal Trade Commission complaint, has revealed a potential security flaw that, according to Ray Bryant, CEO of Idappcom, could be exploited by hackers. According to Bryant, after becoming upset with Dropbox's claims over encryption, a security researcher filed an FTC complaint against the network and, as part of its response, the firm revealed that users' files are hash-tagged each time they are uploaded. This means that, if user A uploads, for example, pictures with a given hash-tag and then user B uploads the same name/sized file - with the same hash-tag - their version is not actually uploaded. Put simply, he claims, users A and B share access to user A's first file, without user A's permission. Bryant says it may also be possible to upload an infected version of a popular file on other services and, when other users `upload' the legitimate file - which would generate the same hash-tag as the infected file - their Dropbox folder would be populated with the infected version. >> find out more ... |
Monday, May 09, 2011 Firefox and Chrome at risk - WebGL hit by hard-to-fix browser security flaw The WebGL graphics technology turned on by default in Firefox and Chrome poses a serious security risk and IT managers should consider disabling it, a security consultancy has recommended. The flaws researched by UK consultancy Context Information Security are serious enough, the company said, to allow an attacker to compromise the attacked PC through the poorly defended graphics card layer, or at the very least crash the system to make it more vulnerable to exploits. >> find out more ... |
Monday, May 09, 2011 Mozilla Firefox Vulnerabilities There are several security vulnerabilities that resurfaced recently on Mozilla Firefox. Top pick: Memory Corruption, Privilege Escalation Vulnerability, Protocol Directory Traversal, Information Disclosure Vulnerability >> find out more ... |
Friday, May 06, 2011 Skype to Fix Wormable Bug in Mac Software Skype plans to push out an important update to its Skype for Mac software next week that will fix a big that could be leveraged by hackers looking to build a self-copying worm program. Details of the flaw haven't been made public, so it's unlikely that anyone is going to write a worm any time soon. But the bug is serious, according to Gordon Maddern, the Australian security researcher who reported the issue to Skype. "The long and the short of it is that an attacker needs only to send a victim a message and they can gain remote control of the victims Mac," Maddern wrote in a blog post. "It is extremely wormable and dangerous." >> find out more ... |
Friday, May 06, 2011 Attackers Using Google Image Search to Distribute Malware Attackers are now using Google's image search to distributed malware, security experts say. Thousands of sites have reportedly been compromised by code injection--the malicious code redirects users to fake antivirus applications. Internet Storm Center researcher Bojan Zdrnja writes that the attackers are mostly targeting Wordpress sites, and are injecting PHP code that generates pages with images based on highly-searched content. Google then indexes these pages, and the images show up on Google's image search. >> find out more ... |
Friday, May 06, 2011 Red Robin forces phone number as password, says not to share It seems that companies are losing our data left and right, making it difficult for consumers to protect their identity. Most web site logins consist of nothing more than a username/password combination, and many users use the same password across multiple sites due to the sheer number of places that require a login. It's a difficult problem to solve, but we should be coming up with ways to increase the security of websites. That's why it's shocking to see Red Robin, a large burger chain in the United States and Canada, use the customer's phone number as the password to access their "Red Royalty" rewards program. >> find out more ... |
Thursday, May 05, 2011 LastPass Asks Users To Change Password After Probable Breach LastPass, a Web based password management firm, advised its customers to change the password they use to access the service following what the company discovered signs that its network may have been compromised. In a blog post on May 4, LastPass said it's administrators noticed a "network traffic anomaly" lasting a few minutes on Tuesday morning. A subsequent investigation could not rule out a data breach and, in fact, found evidence that data may have been siphoned off from one of the firm's databases. An analysis of the outbound data transfer from the server is large enough to have included "people's email addresses, the server salt and their salted password hashes from the database." LastPass said it was "assuming the worst:" that "the data we stored in the database was somehow accessed" and requiring users to change their master password. >> find out more ... |
Monday, May 02, 2011 Sony Suffered an Additional Security Breach, 24M Accounts Compromised It was revealed last week that Sony's PlayStation Network database was breached, leaving 77 million accounts exposed. Sony is just revealing today that hackers accessed an additional 24.6 million customer accounts. In addition, 12,700 "non-U.S." credit cards and 10,700 bank account numbers have been compromised. >> find out more ... |
Monday, May 02, 2011 Sony Online Games Division Is Shut Down in 2nd Attack Sony Online Entertainment, a unit that makes role-play games, suspended service in connection with a hacker attack in April against the parent company's entertainment networks. The Sony Corp. (6758) division took its network down Sunday night, according to an e-mailed statement today, and didn't disclose further details. The San Diego-based producer of multiplayer online games such as "EverQuest" and "DC Universe Online" continued to operate after an April 20 shutdown of Sony's PlayStation and Qriocity video and music streaming services. >> find out more ... |
Friday, April 29, 2011 Cybercriminals Exploit PDF Picture Filter to Embed Malware Avast! Virus Lab has discovered a dirty trick that cybercriminals are using to encode malware exploits and payloads into PDF files. Avast! says that the this trick has been used in a relatively small number of attacks, as well as one targetted attack. >> find out more ... |
Friday, April 29, 2011 Health Care Data Breaches Affect 10 Million Patients Since Fall 2009 A list of data breaches by the Office for Civil Rights in the U.S. Department of Health and Human Services reveals that more than 10 million patients have been affected by security lapses in about 260 health care-related incidents reported since 2009. >> find out more ... |
Thursday, April 28, 2011 Texas comptroller apologizes for security breach SAN ANTONIO, Texas - State Comptroller Susan Combs says human error and not malicious intent lies behind her office's exposing of the personal information of 3.5 million Texans. Addresses, Social Security numbers and some birth dates and driver's license numbers have been placed on a publicly accessible comptroller's office computer server for nearly a year - and in some cases even longer. >> find out more ... |
Tuesday, April 26, 2011 Feds to remotely delete Coreflood from infected PCs In an unusual move, federal authorities will be contacting computer users with systems infected by the Coreflood botnet Trojan and asking them to agree to allow them to send commands to the malware so it will delete itself. The move comes in the in the wake of a coordinated takedown earlier this month by the FBI and other authorities, in which the U.S. government essentially substituted its own command-and-control servers in place of those used by Coreflood and issued commands telling the program to shut down on infected PCs. The move reduced activity from the Coreflood botnet by about 90 percent in the United States and by nearly 75 percent worldwide. However, infected PCs still have dormant Coreflood software on them, and the feds would like to get rid of it. >> find out more ... |
Tuesday, April 26, 2011 FBI Warns Small Businesses of Unauthorized Wire Transfers to China he FBI issued a fraud warning Tuesday alerting small- and medium-sized businesses about a series of unauthorized wire transfers going to China which have resulted in $11 million being taken from about 20 U.S. companies. >> find out more ... |
Tuesday, April 26, 2011 Sony Playstation online service suffers security breach Hackers were able to steal information about almost 80 million online accounts. Users were not aware of this issue for 5 days. Home addresses, email addresses, birth dates, usernames, passwords and perhaps credit card numbers are at risk. Shares of Sony Corp fell 2% in overall bull market. >> find out more ... |
Thursday, April 14, 2011 Botnet Operation Disabled - FBI Seizes Servers to Stop Cyber Fraud In an unprecedented move in the fight against cyber crime, the FBI has disrupted an international cyber fraud operation by seizing the servers that had infected as many as two million computers with malicious software. Botnets are networks of virus-infected computers controlled remotely by an attacker. They can be used to steal funds, hijack identities, and commit other crimes. The botnet in this case involves the potent Coreflood virus, a key-logging program that allows cyber thieves to steal personal and financial information by recording unsuspecting users' every keystroke. >> find out more ... |
Copyright (C) 2011-2016 Robert Janik, Brno, Czech Republic
|