Security News

Hong Kong Olympic Committee Hacked

The hackers leaked 2,800 users' personal data, along with admin user names and encrypted passwords.

Fake Newegg E-mails Deliver Malware

Links in the e-mails redirect victims to Web sites hosting the Blackhole exploit kit.

Dent Neurologic Institute Acknowledges Data Breach

10,000 patients' names, mailing addresses and e-mail addresses were exposed.

TroubledTeenSolution.com Hacked

Admin user names and encrypted passwords were leaked, along with parents' and children's full names.

The Telegraph Facebook, Twitter Accounts Hacked by Syrian Electronic Army

'Cameron holds fundraiser for the terrorists in Syria,' the hackers wrote on the newspaper's Facebook page.

Sourcefire Advances Malware Visibility

Sourcefire debuts new approach to tracking malware, but don't call it a SIEM.

Alabama Woman Gets Four Years for Identity Theft

Larreka Jackson operated a business called It's Tax Time that she used as a front to file fraduluent tax returns.

Norman Shark Uncovers Indian Cyber Espionage Campaign

The attacks appear to be aimed primarily at intelligence gathering, with a focus on computers in Pakistan.

CNN Hacked

Hacker Reckz0r leaked nine admin user names and encrypted passwords, and claims to have published four fake articles on the site.

Yahoo Japan Hacked

The company says 22 million e-mail addresses may have been exposed, though no passwords were accessed.

1923Turk Hackers Hit Toyota, Imperial College London, Moscow State University, Bangladesh Air Force

The hackers' explanation for the attacks was given as 'Reason: Patriotism.'

F-Secure Warns of New Mac Malware

The malware, Backdoor:OSX/KitM.A, takes screenshots at regular intervals and saves them in a folder called MacApp.

Jailed Hacker Develops ATM Security Device

Valentin Boanta's Secure Revolving System is being manufactured by Romania's MB Telecom.

Alleged Vatican Hackers Arrested

Four people ranging in age from 20 to 43 have been placed under house arrest.

Financial Times Hacked

The newspaper's tech blog was hacked, along with 17 of its Twitter accounts.

LSU Health Acknowledges Data Breach

8,330 patients were mistakenly sent other patients' bills.

Accused Sony Hacker Gets House Arrest

Todd Miller was sentenced to a year of house arrest for interfering with an FBI investigation into cyber attacks on Sony's PlayStation Network.

Four LulzSec Hackers Sentenced

The four received sentences ranging from a 20-month suspended sentence to 32 months in prison.

UK Man Gets Two Years for Cyber Attacks on Universities, Police

Lewys Stephen Martin disrupted the Web sites of Oxford University, Cambridge University and the Kent Police in January and February of 2012.

City of Akron, Ohio Hacked

Tens of thousands of names, mailing addresses and Social Security numbers were published online.

Hacker Ag3nt47 Hits Harvard, Stanford, MIT

Information apparently stolen from each of the schools was published online.

Q1 2013 Saw Massive Innovation in Android Malware

The first quarter of the year saw the first distribution of Android malware via spam e-mails, and the first targeted Android attacks.

Presbyterian Anesthesia Associates Hacked

9,988 people's names, contact information, birthdates and credit card numbers may have been exposed.

Hotel Room Hackers Hit Arizona

Phoenix police say a man and a woman have been stealing from hotel and motel rooms in those area.

IC3 Received 289,874 Cyber Crime Complaints in 2012

The total dollar loss from those incidents exceeded $500 million.

EC-Council Hacked

Hacker Godzilla says the breach is intended to increase awareness of the importance of security on the site.

Fake Amazon UK Order Confirmation E-mails Deliver Malware

The well-designed e-mails link to the legitimate Amazon site, but contain a malicious attachment named 'Your Order Details with Amazon.zip.'

IE Is Focus of Microsoft's May Patch Tuesday

Microsoft issues 10 security bulletins, including critical IE flaws, in May security patch.

IT Managers Worry About Mobile Hotspot Security

Seventy-five percent of enterprise IT managers say security is their main concern regarding mobile hotspot device usage.

Hospital Employee, Accomplice Plead Guilty to Using Patient Information for Tax Fraud

Shalamar Major and Tanisha Wright filed 57 fraudulent tax returns requesting $306,720 in refunds.

PHH Corporation Suffers Security Breach

A temp who had been indicted for identity fraud was given access to names, addresses, e-mail addresses, phone numbers, and Social Security numbers.

Turkish Ajan Hacker Group Hits City of Mobile Police Department

Data leaked by the hackers included admin e-mail addresses, full names, and encrypted passwords.

Canada's Montfort Hospital Sued for $40 Million Over Data Breach

The lawsuit accuses the hospital of breach of contract, breach of privacy, and violating its own bylaws.

Webroot Warns of Malicious Android Font Apps on Google Play

The apps downloaded spyware that monitored the victim's SMS, call logs and location.

Indiana University Health Arnett Suffers Security Breach

More than 10,000 patients' names, birthdates, medical record numbers, diagnoses, doctors' names and dates of service may have been exposed.

Regional Medical Center at Memphis Acknowledges Security Breach

Almost 1,200 physical therapy patients' names, account numbers, birthdates, Social Security numbers and home phone numbers may have been exposed.

Barracuda Warns of Auto Wrap Scam

If you get an e-mail offering you money out of the blue, the researchers advise, it's probably best to ignore it.

San Francisco Man Indicted for 419 Fraud

Blessed Marvelous Herve faces up to 20 years in prison and a fine of up to $250,000.

UK Funds Two New Centers for Cyber Security Training

The centers are being funded with £7.5 million from the EPSRC and the Department of Business, Innovation and Skills.

Washington Courts Security Breach Exposes Up to 160,000 SSNs

The hackers may also have accessed up to a million names and drivers license numbers.

The Onion Explains How Hackers Took Over its Twitter Account

The newspaper's tech team has detailed the multi-step process the attackers used.

Bitdefender Warns of 419 Scam Spreading on LinkedIn

The lesson is simple: don't assume that messages coming from LinkedIn users are any more legitimate than anonymous e-mails.

Romanian Hacker Pleads Guilty to Subway Cyber Attacks

Adrian-Tiberiu Oprea has admitted his involvement in the theft of more than 100,000 people's payment card data from 2009 to 2011.

Government Employee Admits Providing Data for Identity Theft

Chequila Motley apparently provided her co-conspirators with personal identification information taken from a State of Alabama database.

Tomren Wealth Management Suffers Security Breach

Clients' names, Social Security numbers, driver's license information and FSC broker account numbers may have been accessed.

Eight Indicted in New York for Cyber Attacks Causing $45 Million in Losses

The eight are accused of fraudulently withdrawing $2.4 million from 3,000 ATMs in New York City on February 19 and 20, 2013.

Thai Prime Minister's Web Site Hacked

The hackers posted a photo of prime minister Yingluck Shinawatra alongside a statement reading, 'I'm a slutty moron.'

Suspected Hacker Arrested in Taiwan

The man has apparently confessed that he leveraged a SQL injection vulnerability to breach a classical music site and make changes to customer data.

Honolulu Police Department Hacked

The hackers exposed personal data for more than 3,500 members of the public, along with login credentials for over two dozen department personnel.

Live Chat Phishing Attacks Target eBay Users

A fake chat service posing as eBay support attempts to trick victims into revealing their login credentials and other information.

Name.com Hacked

Customers' user names, e-mail addresses, encrypted passwords and encrypted credit information may have been exposed.

Cable Internet Installer Jailed for Identity Theft

While completing installations, Corey Thompson apparently hijacked customers' Internet access, then filed false tax returns in their names.

Florida Corrections Officer Pleads Guilty to Fraud, Identity Theft

Bernard Beliard sold inmates' personal information to an FBI informant for $9,600.

Trojans Cause 80 Percent of Computer Infections Worldwide

According to PandaLabs, more than six and a half million new malware samples were created in Q1 2013.

MSI Hacked

More than 50,000 user names, e-mail addresses and encrypted passwords were published online.

Researchers Hack Google's Australian Headquarters

'If Google can fall victim to an ICS attack, anyone can,' says Cylance's Billy Rios.

MAPCO Acknowledges Security Breach

Malware was used to access the company's payment card processing systems between March 19-25, April 14-15, and April 20-21, 2013.

McAfee Snags Stonesoft for Next-Gen Firewalls

Intel’s data security division drops $389 million to expand into the enterprise network protection market.

Microsoft IE 8 Hit by Zero Day Flaw

New zero day flaw in IE8 is identified as being the root cause of attack against the U.S. government.

Samsung Knox, BlackBerry 10 Approved for Use by U.S. Department of Defense

Both companies recently announced successful testing by the Defense Information Systems Agency.

The Onion, E! Online Twitter Feeds Hacked by Syrian Electronic Army

While the hackers posted pro-Syria tweets on The Onion's feed, they simply used E! Online's feed to claim that Justin Bieber is gay.

Malicious Flash Player Updates Hosted on Dropbox

Sites claiming to deliver Flash updates actually serve malicious executables that are being hosted in a Dropbox account, according to Zscaler.

Three Alleged Cyber Criminals Extradited from Romania to U.S.

Cristea Mircea, Ion Pieptea and Nicolae Simion are charged with stealing over $2 million from users of eBay, Cars.com, AutoTrader and CycleTrader.

Louisiana Board of Regents Site Hacked, Serves Malware

The malware connects the victim's computer to a peer-to-peer botnet that's currently made up of more than 300,000 infected machines.

Almost 100 Billion Spam E-mails Sent Daily in Q1 2013

Spam levels increased by 98 percent from December of 2012 to March of 2013, according to Commtouch.

University of Rochester Medical Center Acknowledges Security Breach

537 former patients' names, genders, ages, birthdates, weights, phone numbers and medical record numbers may have been exposed.

39 Percent of Smartphone Users Don't Implement Any Security Measures

And at least 7.1 million smartphones were irreparably damaged, lost, or stolen last year, according to Consumer Reports.

Programmer Arrested for Allegedly Hacking Into Former Employer's Network

Michael Meneses allegedly breached the company's network and altered its business calendar by one month.

Alleged SpyEye Trojan Developer Extradited to United States

Hamza Bendelladj faces a maximum sentence of more than 300 years in prison and fines of up to $14 million.

U.S. Department of Labor Web Site Hacked, Serves Malware

The malicious code collects system information and uploads it to a remote server, then downloads an additional payload.

58.2 Million Americans' Home PCs Were Infected by Malware in 2012

The cost of repairing the damage from those infections was almost $4 billion, according to Consumer Reports.

Reputation.com Hacked

Names, e-mail addresses, and physical addresses were exposed, along with some phone numbers, birthdates, and encrypted passwords.

Multiple Security Flaws Found in D-Link IP Cameras

According to Core Security, the vulnerabilities could provide attackers with access to the camera's video stream.

U.S. Government Database of Dams Breached

The database was apparently accessed by an unauthorized user from China.

Incapsula Warns of Widespread WordPress Vulnerabilities

A recent DDoS attack on a gaming Web site was launched from 2,500 WordPress sites that hadn't been compromised.

Fake Apple Store Invoices Deliver Malware

A massive spam campaign addresses recipients by their names, and identifies itself as a 'third reminder' to pay an invoice.

Trend Micro Warns of Surge in Phishing Sites Targeting Apple IDs

The researchers say many of the fake Apple login pages ask for the user's billing and credit card information as well as their Apple ID and password.

Taiwan Says China's Cyber Army Now Numbers 100,000

The National Security Bureau says China currently allocates more than $2.71 million a year to its cyber army.

HSB Intros CyberOne Cyber Risk Insurance for Small Businesses

The new offering provides coverage with limits up to $100,000 to help small businesses recover from a cyber attack.

McAfee Warns of Adobe Reader Security Flaw

The vulnerability can be exploited to determine where and when a PDF was opened.

Man Charged with $2.5 Million Fraud Scheme Using Prisoners' Identities

Harvey James allegedly obtained stolen identities from people with access to inmate information from the Alabama Department of Corrections.

Texas Hospice Acknowledges Security Breach

Information on 818 patients may have been exposed.

Japan Mistakenly Gives Coast Guard Data to Pro-North Korea Group

A coast guard vessel that may have held stored navigation data was sold to a company run by the General Association of Korean Residents in Japan.

Hackers Steal $1 Million from Washington Hospital

Leavenworth's Cascade Medical Center has recovered approximately $133,000 of the stolen funds.

Hacker JokerCracker Hits Mexican Web Sites

Most of the breaches were done in the name of #opPROANIMAL.

ICO Warns Medical Practice Over Data Breach

A Web-based e-mail account used to inform patients of upcoming appointments was hacked.

Texas Board of Professional Land Surveying Hacked

Hacker DasTn wrote on the site, 'We chose the path of electronic jihad.'

LulzSec Hackers Take Down NTT DoCoMo USA

Following last week's publication of customer data, the hackers took down the company's U.S. Web site earlier today.

The Guardian Twitter Accounts Hacked by Syrian Electronic Army

The hackers say the attack was launched in response to the newspaper's 'lies and slander about Syria.'

(ISC)2, Cloud Security Alliance Plan Cloud Security Certification

The two groups say the new credential will be available in 2014.

Dutchman Arrested Over Spamhaus DDoS Attack

Although the arrestee hasn't been officially identified, it appears to be CyberBunker's Sven Olaf Kamphuis.

Mobile Security Client Market Reached $964 Billion in 2012

Infonetics predicts that the market will continue to grow rapidly, hitting $2.9 billion by 2017.

LulzSec Hackers Hit NTT DoCoMo

430 users' full names, e-mail addresses, home addresses, birthdates and credit card details were published online.

LivingSocial Hacked

50 million users' names, e-mail addresses, birthdates and encrypted passwords were exposed.

Sophos Updates Mobile Security App for Android

The latest version of the company's Android security app adds a spam filter for text messages and phone calls.

87 Percent of Small Businesses in the UK Were Hit by Cyber Attacks in 2012

And 93 percent of large organizations were targeted, according to a recent report.

Akamai Reports Massive Surge in DDoS Attacks

The company's customers reported 768 DDoS attacks in 2012, more than three times the 250 attacks reported in 2011.

Security Flaw Found in Viber App for Android

The vulnerability enables an attacker to bypass the lock screen of any device with the app installed.

Australian Police Arrest Alleged LulzSec Hacker

Matthew Flannery has been released on bail, and will next appear in court on May 15.

FireEye: 184 Countries Now Host Malware Command and Control Servers

Sixty-six percent of command and control servers for APT attacks are hosted in the US, according to the company.

Majority of UK Adults Reuse Passwords Across Web Sites

And 26 percent of adults tend to use risky passwords like birthdates or names, according to an Ofcom survey.

Faulty Malwarebytes Update Disables Thousands of PCs

The company says the error was caused by a 'corrupted file that our encryption tool did not flag.'

Indian Hackers Hit Bangladesh

The hackers say the attacks were launched in retaliation for the Bangladeshi 3xpr1r3 Cyb3r Army's attacks on Indian Web sites.

Anonymous Hackers Expose 'Rape Apologists'

The hackers published extensive contact information for 19 people who had expressed support for Rehtaeh Parsons' alleged rapists.

Spam Down, Phishing Up in March 2013

Malicious files were found in 4 percent of all e-mails in March, according to Kaspersky.

Ionic Security Gets $9.4 Million

The company says the funds will be used to expand its engineering team, accelerate enterprise sales, and increase awareness of its Fusion platform.

FIFA's, Sepp Blatter's Twitter Accounts Hacked

The hackers posted a fake tweet claiming that FIFA president Sepp Blatter was resigning in response to corruption charges.

15.3 Percent of US PCs Have Unpatched Operating Systems

The information comes from a series of Secunia Country Reports based on data from the company's Personal Software Inspector.

AP Twitter Accounts Hacked by Syrian Electronic Army

The Dow plunged 143 points in response to a tweet posted by the hackers.

NewSeaSIMS Hacked

More than 90,000 user names, e-mail addresses and clear text passwords were published online.

Turkish Ajan Hacker Group Hits Mercedes-Benz

The company's Austrian Web site was defaced with a page stating, 'Damn Israel.'

LulzSec Hackers Hit The GTA RPG, Slighter Golf

More than 4,400 registered users' e-mail addresses, user names, encrypted passwords and IP addresses were published online.

Portugal Cyber Army, HighTech Brazil HackTeam Hit Dubai Airport, Hong Kong Police

The hackers say their next target will be the National Police of Ecuador.

Majority of IT Security Pros Expect a Data Breach Within Six Months

A Lieberman Software survey also found that one third of organizations don't have a policy requiring default passwords to be changed.

LulzSec Hacker Jailed for Sony Breach

Cody Kretsinger, 25, has also been ordered to pay more than $605,000 in restitution.

OpenStack Hardening Security for Open Source Cloud Platform

OpenStack Security Group makes progress securing the open source cloud platform, but lots of work remains.

Korean News Site Hacked, Delivers Malware

The same vulnerability was recently exploited in attacks on Reporters Without Borders and NBC.com.

Bank Sues Cybercrime Victim for Stolen Funds

Park Sterling Bank is suing customer Wallace and Pittman PLLC for $336,000 plus accumulated interest.

BadNews Android Malware Found in 32 Apps on Google Play

According to Lookout, the infected apps may have been downloaded as many as 9 million times before they were removed.

Softonic Delivers Adware

The software download site was apparently testing a new installer package, which it has now stopped distributing.

Survey Finds Insiders Present the Greatest Security Risk to Organizations

An AlgoSec survey also found that 66 percent of respondents said BYOD policies increase the risk of security breaches.

Netherlands, Indonesia, South Korea Join Virtual Global Taskforce

The VGT now includes 12 law enforcement agencies and 11 private sector partners.

New Malware Targets Stock Trading Software

The malware is designed to capture screenshots and login credentials.

Critical Security Flaws Found in Home, Office Routers

All 13 routers studied by ISE can be taken over from the local network, and 11 of the 13 can be taken over from the WAN.

Fake SourceFourge Web Site Delivers Malware

The site, which was registered in the U.S. on April 5, is designed to trick victims into thinking they're downloading files from the real SourceForge.

Microsoft: PCs Without Anti-Virus Are 5.5 Times More Likely to Be Infected

And the company says 25 percent of all computers don't even have that basic level of protection in place.

Seculert Uncovers Magic Malware

According to Seculert CTO Aviv Raff, the malware may just be the first phase of a broader attack.

Pirate Bay Co-Founder Faces Hacking Charges

Gottfrid Svartholm Warg is accused of breaching Logica and the Swedish Tax Agency, and of attempting to transfer 680,000 euros from Nordea Bank.

Average DDoS Attack Bandwidth Up By 718 Percent

And according to Prolexic, the average packet-per-second rate in Q1 2013 was 32.4 million.

Anonymous Hackers Hit Azerbaijan

The hackers have released 1.5GB of data taken from the Ministry of Communications and Information Technologies.

Targeted Attacks on Small Businesses Tripled in 2012

The most commonly targeted victims of such attacks were knowledge workers and sales personnel, according to Symantec.

Oracle Secures Java with 41 Updates, Code Signing

Oracle nails Pwn2own flaws and expands its people and technology effort to make Java more secure.

Almost All Game Hacks Deliver Malware

The solution, according to AVG Technologies, is simple: just don't download cracks, hacks, trainers or unofficial patches.

NPR Hacked by Syrian Electronic Army

The attack was launched in response to NPR correspondent Deborah Amos' reporting on the conflict in Syria.

UK Man Pleads Guilty to Cyber Attacks on Universities, Police

Lewys Stephen Martin has admitted launching attacks on Oxford University, Cambridge University, and the Kent Police.

Supermarket Chain Acknowledges Massive Data Breach

Approximately 2.4 million credit and debit card numbers and expiration dates may have been compromised.

Hacker TiGER-M@TE Hits Google Kenya, Bing Kenya, LinkedIn Kenya

The Kenyan Web sites for Google, Dell, Skype, MSN, Bing, LinkedIn, HP, Microsoft, YouTube and others were defaced.

Husband and Wife Jailed for Identity Theft

Douglas and Nicole Young apparently file fraudulent claims for tax refunds totaling more than $1.2 million.

WordPress Sites under Brute Force Onslaught

Hosting vendors respond to attack against the open source content management system WordPress.

Anonymous Hackers Hit TeenProgram.info, RestoringFamily.com

More than 1,800 e-mail addresses and passwords were published online as part of #OpLiberation.

Turkish Ajan Hacker Group Hits Gigabyte Technology

The group released a file containing employee data, sales records, PowerPoint presentations and more.

32.8 Million Android Devices Infected in 2012

And more than 10 million devices were infected in the first quarter of 2013, according to NQ Mobile.

Health Care Provider Gets 12 Years in Prison for Identity Theft

Helene Michel has also been ordered to forfeit $1.3 million.

North Carolina Hospice Suffers Security Breach

The personal information of approximately 5,370 current and former patients may have been exposed.

Fake Vertu App Delivers Android Malware

The malware forwards all incoming messages to an external server, and is capable of downloading additional spyware to an infected device.

How to Take Over a Skype Account

Jean-Pierre Lesueur recently found that it's surprisingly simple to do so using social engineering.

Making Enterprise Penetration Testing Less Mysterious

With its Metasploit 4.6 Pro release, Rapid7 aims to make penetration testing less of a dark art and more accessible for enterprises.

Phishing Campaign Leverages Hamlet Soliloquoy

The spam e-mails are designed to trick recipients into divulging their Postepay user names and passwords.

Security Software Tracks Stolen Laptop from London to Tehran (Updated)

Dom del Torto now knows where his laptop is -- but he's unlikely to get it back.

Malicious Spam Warns of War with North Korea

The spam e-mails deliver the Cridex malware, which steals login credentials from infected PCs.