Security research firm Secunia has reported what it calls an “extremely critical” vulnerability in media-streaming program Apple QuickTime. The flaw, which affects the latest versions of QuickTime, 7.x, has not been patched and could allow a hacker to gain remote control of an affected system. It lies in a boundary error, when the program processes Real Time Streaming Protocol (RTSP) replies, according to Secunia’s advisory, published on Monday. RTSP allows a client to remotely control video streams.
Read more…
Do you want to buy some medicines? Maybe a pill of Viagra at the lowest price on the market? Or maybe some Valium? All you need to do is to visit Al Gore’s “An Inconvenient Truth” film blog and you might find some unexpected goodies (not!). Robert McMillan of IDG News Service reported that the blog was hacked a few days ago, the attackers publishing tons of links to other websites selling Viagra, Xanax, Valium and some other drugs. Just like a spam method, the attackers tried to drive traffic to their website but what’s more important and dangerous in the same time â they may have managed to get a higher position in the search engine results. This would obviously bring more users searching for certain keywords, as it’s well known the fact that top search engines such as Google and Yahoo drive a huge traffic to webpages.
Read more…
For the second time in four months, Monster.com’s website has been victimized by hackers. The latest attack, believed caused by an IFRAME injection vulnerability, forced the jobs website to take part of its web presence offline Monday. The outage impacted much of the Monster Company Boulevard, where job hunters search for positions by company. Businesses involved in the attack include Eddie Bauer, GMAC Mortgage, Best Buy, Toyota Financial Services, and Tri Counties Bank, said Roger Thompson, chief technology officer at Exploit Prevention Labs, one of the early detectors of the attack.
Read more…
Antivirus specialist Symantec has joined a security organisation alongside Microsoft, despite having previously come to very public blows with the software giant over its willingness to share security information on Vista. Announced at the RSA Conference Europe 2007 on Tuesday, Symantec and Microsoft will join the Software Assurance Forum for Excellence in Code (SafeCode), which claims to be a not-for-profit organisation aimed at increasing trust around IT. Other members include EMC, SAP and Juniper Networks.
Read more…
VeriSign has announced plans to sell some of its business units and focus efforts on its internet infrastructure services. The Mountain View, Calif. company announced Wednesday at its annual Analyst Day that it will concentrate on its core business, compromised of domain naming services, SSL certificates and identity protection and authentication solutions. VeriSign will divest other parts of its portfolio, including communications, billing and commerce.
Read more…
A Swedish teenager who is suspected of hacking into the computer network of Cisco Systems Inc. in the U.S. was convicted Monday of intruding on the networks of three Swedish universities. Overturning an acquittal by a lower court, the Svea Court of Appeal gave the 19-year-old man a conditional sentence and ordered him to pay 160,000 kronor (US$25,000; euro17,000) in damages to the universities. The man, who could not be named under Swedish privacy rules, said he would appeal.
Read more…
Hacker bust for virtual theft. Dutch police arrested a 17-year-old who stole ÂŁ2 500 worth of virtual furniture from an online hotel. The teenager was arrested after playing Habbo Hotel, an international online community with an estimated seven million members and an annual turnover of ÂŁ3 million, states The Times. The game allows players to create virtual characters, or Habbos. These characters can take their own rooms in the hotel, which they can then decorate with their own furniture. The furniture is purchased with special Habbo credits, but the credits are paid for with real money.
Read more…
The Chinese state is behind almost daily internet espionage attacks on German companies and government bodies, a top German intelligence official said on Monday. “In our view, state Chinese interests stand behind these digital attacks,” said Hans Elmar Remberg, vice president of the Federal Office for the Protection of the Constitution, the country’s domestic intelligence agency.
Read more…
Microsoft has made the second generation of its desktop anti-virus suite available for download today; CD-issued copies of the program will be available next week. Windows Live OneCare 2.0 will feature improved anti-virus, backup and management capabilities, Larry Brennan, lead product manager for Windows Live OneCare, told SCMagazineUS.com on Wednesday. Amidst internet speculation as to the official release date, web retailer Amazon.com set the product’s release date for Nov. 15.
Read more…
Legitimate sites and their users have been dealing with a rash of malware being spread by banner ads, from Monster to MLB (Major League Baseball) NHL (National Hockey League) and other sites that are delivering malware. While the Monster dot com exploit is well known news, the MLB and NHL sites are not well known, but used a similar way of purchasing advertising on a web site, and then using that advertising to deliver malware to customers as shown in the video below.
Read more…