Headline Feeds|
Google Zips Up Wallet February 15, 2012 
In the wake of two security flaws reported in its Google Wallet mobile payment system last week, Google has clamped down on the system and is scrambling to come up with a fix. One of the two flaws affects only rooted devices. But it's the second that troubles Google more.
|
Hackers Jimmy Into Microsoft's Indian E-Commerce Digs February 14, 2012 
Malicious hackers attacked Microsoft's India online retail store on Sunday evening, publishing obscured screenshots that appeared to contain personal user information. A Chinese hacker group known as "Evil Shadow Team" took responsibility for the breach, posting a message on Microsoft's website stating that the "unsafe system will be baptized."
|
|
Cracking Open Google Wallet February 13, 2012 
Mobile shopping received a setback last week when security researchers discovered flaws in Google Wallet that could potentially expose its PIN to enterprising hackers. When Google introduced its wallet, it bragged that it was secure because transaction information was stored in a "secure element" in Wallet-enabled phones.
|
Google Wallet a Pushover for Pickpockets February 10, 2012 
News of two security flaws in Google Wallet, which lets smartphone owners pay for purchases through the devices, has caused some concern about the nascent mobile payment product. One works on rooted devices; the other works on any smartphone with the Google Wallet capability.
|
|
DDoS the Weapon of Choice for Hackers Driven by Politics, Not Profits February 08, 2012 
Politics, rather than good old-fashioned theft, is increasingly the motivation of malicious hackers who attack websites using DDoS techniques. Arbor Networks has found that ideological hacktivism was the motivation behind most distributed denial of service attacks in 2011. Attacks for profit or competitive reasons still happen, but the rise of the political hacker is changing the threat landscape.
|
Anon Lets Fly With Symantec Code After Ransom Talks Collapse February 07, 2012 
A hacker who was negotiating a ransom for stolen source code to a Symantec product released the data via peer-to-peer networks on Tuesday after negotiations fell through. The code is for security vendor Symantec's pcAnywhere remote access software.
|
|
Symantec Tells Customers to Pull the Plug on pcAnywhere Following Code Theft January 26, 2012 
Symantec is sounding the alarm for users of its pcAnywhere remote access software following threats from a hacker. In some cases, said the security software maker, they might want to turn off and disable the application entirely.
|
McAfee Supplies Antidote for Tainted SaaS Security January 21, 2012 
Security vendor McAfee, which is now owned by Intel, is rolling out a patch for three flaws in its Endpoint Protection Software as a Service offering. All three flaws are in ActiveX controls. One tricks the control into executing commands supplied by an attacker, the second lets attackers write to files on disk and the third lets attackers execute code with user privileges, McAfee said.
|
|
US Cautions on 'Boot Up' Cyberthreat January 17, 2012 
The routine is almost universal. Every day, millions of workers turn on their computers, take a second or two for a sip of coffee as their desktop or laptop "boots up," and then get to work. In those few seconds, the basic input-output system, or BIOS, of the computer loads the protocols that actually run the PC -- in effect, acting the same as the worker's shot of coffee.
|
Symantec Source Code Scattered to the Winds January 09, 2012 
Source code for two security applications from Symantec has been stolen and posted on the Web. The hackers claiming responsibility, who call themselves the "Lords of Dharmaraja," say they obtained code for the Norton Antivirus application. However, it appears they actually got their hands on code for two enterprise products, Symantec End Point 11 and Symantec AntiVirus Corporate Edition 10.2 instead.
|
|
White House Gets Its Cybersecurity Research Ducks in a Row December 13, 2011 
It looks as if the United States federal government is getting even more serious about cybersecurity these days. First off, the White House released a road map that sets R&D priorities for cybersecurity in order to speed up efforts to secure the U.S. network infrastructure and change the government's approach to online security.
|
US Agency Sharpens Tool for Protecting Software Code December 06, 2011 
Software programmers work hard to produce secure, error-free code. Of course, bad things can happen -- but really, with increasingly diligent effort, how many things can go wrong? Quite a few, according to NIST. Because cybersecurity is a national goal affecting both the private and public sector, NIST and DHS are involved in a joint program to protect the development and use of software.
|
|
HTC Scrambles to Fix Android Smartphone Flaws October 05, 2011 
In an effort to mollify widespread concerns over security vulnerabilities in its Android smartphones, HTC has stated that it's working hard on a security update to resolve the problem. The vulnerability was due to logging tools HTC introduced when updating its smartphones, the Android Police blog stated.
|
The Swift Erosion of Online Trust September 13, 2011 
The break-in and theft of security certificates from a Dutch authority brought home, once again, how vulnerable Web browsers can be to hackers pretending to be who they're not.
The authority, DigiNotar, is one of many that issue security certificates for websites. The digital certificates tell a browser to "trust" content coming from a certain site.
|
|
Linux and the Giant Breach September 12, 2011 
Security scares are so commonplace in the tech industry today that it's virtually impossible to keep track of them all. Security scares in the Linux world, however, are still rare enough as to cause at least a small collective gasp of consternation. That, indeed, is just what happened recently when it was discovered that the Kernel.org site had been breached last month.
|
Fighting the Good Global Cybercrime Fight: Q&A With Security Guru Mikko Hypponen, Part 1 August 17, 2011 
It was once the case that computer viruses and other malicious software were written primarily by hobbyist hackers. Their motivations, for the most part, were simply bragging rights and the respect of their peers -- desirable rewards, to be sure, but certainly not the sole focus of any career. The results of their efforts, meanwhile, could spread only as fast as a floppy disk could travel. How things have changed.
|
See More Articles in Exploits & Vulnerabilities Section >>
