www.hacking-news.com

unbelt Software has announced the top ten most prevalent spyware and malware threats spotted in January.

Read more…

Nasa hacker Gary McKinnon has said he is ‘safe’ until the director of public prosecutions makes a decision about whether to prosecute him in the UK.

Read more…

Server break-in nets info on people who were on agency’s payroll in February 2006

February 10, 2009 (Computerworld) The Federal Aviation Administration disclosed yesterday that it is investigating a data breach in which the personal data of about 45,000 employees and retirees was apparently stolen from a server at the agency.

Read more…

Security experts from US government agencies, multinational companies and academia have released a list of what they consider to be the 25 most critical errors made while coding software.

Read more…

Proving that no company is immune to hacking, security firm Kaspersky Labs had its databases pried open by clever hackers.
If you felt a little bit foolish last time you were taken advantage of by a cunning hacker, give yourself a break: It even happens to the guys who know what they’re doing. In what could be called the computer equivalent of a break-in at the police station, databases at the computer security company Kaspersky were hacked last weekend.
The company, known for its Kaspersky Anti-Virus suite, received a letter from hackers on Saturday morning warning of an impending threat before the site was hacked around noon, and restored by Kaspersky to an older version only minutes later, according to the timeline given by USA Today.
On the Portugese HackersBlog, a poster known as Unu demonstrated how he was able to gain access to Kaspersky’s databases using a technique known as SQL injection.
“Honestly, this is not good for any company and especially not good for a company dealing with security,” Roel Schouwenberg, Kaspersky’s senior antivirus researcher, told USA Today in a phone conference.
Though bits of data from Kaspersky’s internal databases were temporarily accessible to hackers, the company has assured users that their personal data was never breached.

Security researchers have discovered a flaw affecting Google’s Chrome browser that exposes it to clickjacking — where an attacker hijacks a browser’s functions by substituting a legitimate link with a link of the attacker’s choice.

Read more…

Adobe said it plans to release an update by May 12 for the recently disclosed Reader and Acrobat vulnerability. In doing so, Adobe will push out Windows updates for Reader and Acrobat versions 7, 8 and 9 and Macintosh and Unix updates for versions 8 and 9, David Lenoe, Adobe’s security program manager, said Friday afternoon in a blog post. The company also has confirmed a second vulnerability in its Reader for Unix software, which also is slated to be fixed in next week’s update, Lenoe said. That bug does not affect Windows or Mac versions, but Adobe is investigating whether it can “reproduce an exploitable scenario.”

Read more…

A lot of personal information for a lot of people. That’s what officials at the University of California, Berkeley say has been compromised by a hacking attack. Officials say hackers have gotten their mitts on restricted computer databases containing health and other personal information on 160,000 students, alumni and others. The data affected includes Social Security numbers, birth dates, health insurance information and some medical records dating as far back as 1999.

Read more…

Google released a new version of its Chrome browser Thursday to fix a high-severity security problem. The problem affects Google’s mainstream stable version of Chrome and is fixed in the new version 1.0.154.59. Google has built Chrome so it updates itself automatically with no user intervention, though the software must be restarted for the new version to run.

Read more…

Microsoft has failed to remove a long-recognised Windows Explorer security risk from Windows 7, according to security company F-Secure. The ‘hide extensions’ feature, which was present in Windows NT, 2000, XP and Vista, is included in the Windows 7 release candidate, F-Secure’s chief research officer, Mikko HyppĂśnen, said. The feature could allow virus writers to trick users into opening and running malicious files, he added.

Read more…