Multiple hacker groups are using a “construction kit” supplied by the author of a Trojan horse program discovered last October to develop and unleash more dangerous variants of the original malware. Already such variants have stolen sensitive information belonging to at least 10,000 individuals and sent the data to rogue servers in China, Russia and the United States, according to Don Jackson, a security researcher at SecureWorks Inc. of Atlanta. The stolen data includes Social Security numbers, online account information, bank account and credit card numbers, user names and passwords and other data that users would usually input during an SSL session.
Read more…
INSPECTOR KNACKER of the Belgian Yard has fingered the collar of a teen who hacked into his website. The 17 year-old hacked into the site and managed to shut it down for a bit leaving an on-line note. Apparently, it was not exactly a case for Poirot. The teen’s note said that the “Spycheck Team must be happy that a boy of 17 has hacked the Belgian police website. The security of your site well reflects the police’s lack of competence. Webmaster: You better go and revise the system. Government: Recruit higher calibre police officers…”
Read more…
The recently-launched Apple browser, Safari for Windows, has received its second lot of patches since its debut earlier this month. Apple has posted the latest version of the beta software, 3.0.2, on its website, containing security fixes as well as other tweaks. The browser was first released by chief executive Steve Jobs at the company’s Worldwide Developers Conference earlier this month. Within days, security vulnerabilities had been unearthed by researchers, prompting the Mac maker to issue its first patch batch. Just over a week later, and Apple has released a second security upgrade.
Read more…
Apple has released patches for a cross-site scripting (XSS) flaw in WebCore and a vulnerability in WebKit that allows arbitrary code execution â as well a third beta version of Safari for Windows. In its third security advisory of the past week, Apple said that the WebCore flaw could be exploited to create a HTTP injection issue.
Read more…
Researchers are warning internet users to be on the lookout for website scams appearing on Google Pages. This month, experts at Websense reported a spike in the user-created sites hosting phishing schemes, such as one for eBay, Dan Hubbard, vice president of security research at San Diego-based Websense, told SCMagazine.com today.
Read more…
An Australian resident who headed the notorious DrinkorDie software piracy gang has been jailed in the US. The British-born man, Hew Griffiths, had been living in Bateau Bay, New South Wales, before his extradition to face trial in the US earlier this year. Griffiths has now been sentenced to 51 months on one count of conspiracy to commit criminal copyright infringement. However, with the time he has already spent incarcerated in an Australian detention centre fighting extradition, only 15 months of his sentence remain, reports say.
Read more…
The New York Times is reporting on preparations in the works by the US government to prep for a ‘cyberwar’. Precautionary measures are being taken to guard against concerted attacks by politically-minded (or well-paid) hackers looking to cause havoc. Though they outline scenarios where mass damage is the desired outcome (such as remotely opening a dam’s gates to flood cities), most expect such conflicts to be more subtle.
Read more…
The recent MPACK-aided trojan attack is a sign that future mass-attacks may become increasingly localised, according to security researchers. The MPACK delivery device for malware was used to propagate trojan attacks this month, mostly affecting users in Italy. Dave Cole, director of Symantec Security Response, told SCMagazine.com today that MPACK-related attacks are unique both for their use of existing websites and regional nature.
Read more…
Apple has released two security fixes â one to patch an IPv6 vulnerability in its Mac OS X and the other to correct a more serious flaw in its Apple TV service. Both holes could permit remote attacks, although the Apple TV buffer overflow vulnerability could be exploited to execute arbitrary code or launch a DoS condition.
Read more…
A man suspected of creating and spreading a mobile phone virus has been arrested by police in Spain, according to reports. The 28-year-old was arrested in Valencia following a seven month investigation by the Spanish authorities. The man is accused of writing and distributing over 20 different versions of the Cabir and Commwarrior worms, which attempt to infect mobile phones running the Symbian operating system.
Read more…