SANTIAGO, Chile (AP) A hacker broke into the Web page of Chile’s presidency and planted the flag of neighboring Peru, leaving the site inoperable for about 18 hours until it was restored Monday. The intruder left a message - “Long live Peru,” followed by an expletive - as well as the flag around midday Sunday. Officials took the site down a few minutes later, leaving a notice: “Because we want to give a better service, we … read more »
November 7th, 2007 in
Webappsec Source:
newsnow.co.uk
eBay has begun an audit of its IT systems after a hacker managed to access and disable user accounts. The company said last week that the hacker exploited public application programming interfaces (APIs) that enable merchants to build e-commerce sites on top of eBay. “This fraudster found very old administrative interfaces into the eBay system that had not been deactivated when we changed the security of our internal systems several years a… read more »
Have you jumped on the VoIP bandwagon? Secure? Think again as US hacker is jailed for 2 years after breaching security at 15 separate telcos with ‘incredible ease’
‘Evil’ Techie genius Robert Moore has recently been jailed in the US after exposing tremendous flaws in tens of telcos IT infrastructures stating it was ‘incredibly easy’ because of basic IT security mistakes.
His global hacking spree was targeted at telcos and corporations… read more »
A hacked county website in California that redirected users to a pornographic site triggered the federal government to initiate a system-wide shutdown of all government sites in the Golden State. The process was never completed, after state officials urged the feds to reverse their decision to take offline all state websites bearing the “ca.gov” suffix. The US General Services Administration (GSA) is responsible for all “.gov�… read more »
The web is getting bigger, but also more dangerous. In the early days, it was like the Wild West – there were dangers out there, but if companies kept their wits about them and knew the basics of self-defence, they could get by.
Not anymore. Security experts are already looking back on 2006 as the year that web threats matured and became increasingly sophisticated. It was a year in which organised cyber criminals increasingly turned their atten… read more »
August 9th, 2007 in
Webappsec Source:
newsnow.co.uk
The rush to adopt Ajax is leading web developers to make basic security mistakes, in some cases a decade old, that leave gaping holes in their applications. That is according to researchers here at the Black Hat security conference in Las Vegas. Some said that in some cases developers should avoid Ajax altogether rather than open their businesses to attack.
In a presentation entitled ‘Premature Ajaxulation’, SPI Dynamics researchers B… read more »
August 9th, 2007 in
Webappsec Source:
newsnow.co.uk
Researchers are warning of a widespread MySpace drive-by exploit attack meant to compromise machines so more highly-profitable phishing schemes remain successful. MySpace users become infected when they visit a profile page containing malicious JavaScript and then are silently redirected to an Internet Explorer exploit, which was patched in April, Johannes Ullrich, chief research officer of the SANS Internet Storm Center, told SCMagazine.com toda… read more »
Kaspersky Internet Security technological prototype represents a new generation platform for creating applications specifically designated for complex protection of personal computers and workstations. Uniting the substantially improved functional abilities of version 5.0, Kaspersky Lab protection products with the latest technological innovations introduced by the company the Kaspersky Internet Security solution secures the most effective and co… read more »
Multiple hacker groups are using a “construction kit” supplied by the author of a Trojan horse program discovered last October to develop and unleash more dangerous variants of the original malware. Already such variants have stolen sensitive information belonging to at least 10,000 individuals and sent the data to rogue servers in China, Russia and the United States, according to Don Jackson, a security researcher at SecureWorks Inc…. read more »
The recently-launched Apple browser, Safari for Windows, has received its second lot of patches since its debut earlier this month. Apple has posted the latest version of the beta software, 3.0.2, on its website, containing security fixes as well as other tweaks. The browser was first released by chief executive Steve Jobs at the company’s Worldwide Developers Conference earlier this month. Within days, security vulnerabilities had been une… read more »
