IT SHOULD have been the entertainment industry’s best-kept secret. However, in February a hacker known only as Arnezami found a key to the encryption system protecting the latest high-definition DVDs against pirates and published it online just three months or so after the new players went on sale. Attempts to have the key removed from websites backfired and it quickly spread, even appearing in artwork and songs and on T-shirts. To make matters worse, other hackers soon discovered that, in some DVD players, by disconnecting a chip inside the machines they could circumvent their encryption system entirely.
Read more…
Spammers have been taking over unsuspecting computer users’ machines for years in order to send out unwanted e-mails, but recently they have been getting even more aggressive. The SANS Institute (SysAdmin, Audit, Network, Security) recently reported that a large, distributed denial-of-service (DDoS) attack has targeted several organizations that attempt to fight spam: Spamhaus, SURBL (Spam URI Realtime Blocklists), URIBL (Realtime URI Blacklist), and Rules Emporium (the host site for the open-source SpamAssassin program). As of this writing, the Rules Emporium and URIBL are still under attack and are unreachable.
Read more…
ABC News has learned the FBI is targeting a small number of suspected hackers who allegedly took over thousands of personal computers secretly and used them to steal identities and send out massive amounts of spy and spam ware. The FBI says they have identified 1 million computer addresses that have been affected. It’s called “botnetting” — where criminals turn other people’s computers into servers and then use them for illicit activity.
Read more…
Looking to enter a life of cybercrime? Beware the boneheaded miscues of these infamous cyberschnooks. The annals of crime are rife with tales of heists pulled off by enterprising criminal minds. But for every caper carried out with style and smarts, there are hundreds of imprisoned examples of the boneheaded desperado — guys too greedy, too hasty, or just too brain dead to pull off their nefarious deeds without getting caught.
Read more…
Windows Vista may be Microsoft’s most secure operating system to date, but researchers are still finding some glaring loopholes for hackers to exploit. Here is the latest: all you need is a Vista Install DVD to get admin level access to a hard drive. The loophole arises because the Command Prompt tool in Vista’s System Recovery Options fails to request user name or passwords before handing over access to PCs running the operating system. The hack, discovered by security researcher Kimmo Rousku, only works locally. Physical access to a target PC is a must. Even so, the potential for mischief (such as deleting directories or copying files on targeted PCs) is enormous. Hackers don’t even necessarily need to run a DVD. “Itâs easy to create a bootable USB flash memory that works in a similar way,” Rousku notes.
Read more…
Yahoo patched two vulnerabilities in Messenger’s ActiveX control, which were disclosed by a hacker offering proof-of-concept exploit code earlier this week. The web giant encouraged Messenger users to download version 8.1.0.410 from its website. “The Yahoo Messenger team recently learned of a buffer overflow security issue in ActiveX control. Upon learning of this issue, we began working toward a resolution and implemented a fix to Yahoo Messengerâs software download,” read a statement released today by company spokesman Terrell Karlsten. “We are encouraging all Yahoo Messenger users to download the latest version available at messenger.yahoo.com.”
Read more…
Google has the worst privacy record of all the major internet companies, according to a new study. The research, conducted by the campaigning group Privacy International, found that the online giant had a âhostile approach to privacyâ and a comprehensive view to consumer surveillance. The six-month investigation, which assessed and ranked the internet service firms by how they handle personal data, showed Google does not consider visited IP addresses as personal information and does not believe that it collects sensitive data.
Read more…
Hackers have spread child pornography by infecting online message boards, experts claim. The legitimate websites have been hijacked by cybercriminals who are exploiting the forums to promote graphic child abuse content. The affected sites contain posts that attempt to entice the readers to various child pornography websites, according to experts at Sophos. The majority of pages are on legitimate web pages and one is even on a site designed for children. The posts are all found on message boards within these sites and contain offensive words and hidden links to the illegal sites, the anti-virus software company said.
Read more…
Barracuda Spam Firewall 100 Offers Powerful Spam and Virus Protection for ÂŁ848… Barracuda Networks, Inc., a leading provider of network security appliances, today launched the Barracuda Spam Firewall 100 for small businesses and organisations with 50 users or less. Priced at ÂŁ848 (includes six months of Energize Updates service) with no per user licensing fees, the Barracuda Spam Firewall 100 offers the same easy to use, powerful spam and virus protection that more than 40,000 customers worldwide have come to rely on, at a price that is well within budget for smaller organisations.
Read more…
Apple is becoming a favorite target of security researchers these days. In April, there was the US$10,000 CanSecWest hack a Mac contest, and on Monday there was the Safari Web browser. Or the public beta of Safari for Windows, anyway. Just hours after Apple released its first Windows beta of Safari researcher Aviv Raff said he’d found a bug. In an interview, Raff said that it took about three minutes of fuzzing to find the bug and that he hadn’t tested the issue on Mac OS X. So he couldn’t say whether or not it affected Safari on Windows only. The bug causes the browser to crash and “might be exploitable,” according to Raff, meaning it could possibly be used to run malware on the PC.
Read more…