- Latest
- Apr 2013
- Mar 2013
- Feb 2013
- Jan 2013
- Dec 2012
- Nov 2012
- Oct 2012
- Sep 2012
- Aug 2012
- Jul 2012
- Jun 2012
- May 2012
- Apr 2012
- Mar 2012
- Feb 2012
- Jan 2012
- Dec 2011
- Nov 2011
- Oct 2011
- Sep 2011
- Aug 2011
- Jul 2011
- Jun 2011
- May 2011
- Apr 2011
- Mar 2011
- Feb 2011
- Jan 2011
- Dec 2010
- Nov 2010
- Oct 2010
- Sep 2010
- Aug 2010
- Jul 2010
- Jun 2010
- May 2010
- Apr 2010
- Mar 2010
- Feb 2010
- Jan 2010
- Dec 2009
- Nov 2009
- Oct 2009
- Sep 2009
- Aug 2009
- Jul 2009
- Jun 2009
- May 2009
- Apr 2009
- Mar 2009
- Feb 2009
- Jan 2009
- Dec 2008
- Nov 2008
- Oct 2008
- Sep 2008
- Aug 2008
- Jul 2008
- Jun 2008
- May 2008
- Mar 2008
- Nov 2007
- Oct 2007
- May 2006
- Apr 2006
- Mar 2006
- Nov 2005
- Oct 2005
- Sep 2005
- Aug 2005
- Jul 2005
- Jun 2005
- May 2005
- Apr 2005
- Mar 2005
- Feb 2005
- Jan 2005
- Dec 2004
- Nov 2004
- May 2004
- Apr 2004
- Mar 2004
- Feb 2004
- Jan 2004
- Dec 2003
- Nov 2003
- Oct 2003
- Sep 2003
- Aug 2003
- Jul 2003
- Jun 2003
- May 2003
- Apr 2003
- Mar 2003
- Feb 2003
- Jan 2003
- Dec 2002
- Nov 2002
- Oct 2002
- Sep 2002
- Aug 2002
- Jul 2002
- Jun 2002
- May 2002
- Apr 2002
- Mar 2002
- Feb 2002
- Jan 2002
More Problems with Internet Explorer
Jorge Luis Alvarez Medina has announced plans to demonstrate IE vulnerabilities at the upcoming Black Hat security conference.
Apple's iPad Vulnerable?
The device may be subject to man-in-the-middle attacks.
Cisco Updates Unified MeetingPlace
The update patches several vulnerabilities.
Apple's iPad Being Used as Search Bait
Web searches are leading users to malicious Web sites.
Congressional Web Sites Hacked
The sites were defaced following this week's State of the Union address.
Symantec Fears Spotify
The anti-virus software wrongly classified Spotify program files as malign.
Japanese Biometric System Tricked
Two women bypassed the immigration system using tape bearing other people's fingerprints.
Oklahoma Tax Site Hacked
Site visitors were prompted to download malware.
Cambridge Researchers Question Verified by Visa
The researchers say the system is focused more on shifting blame than on curtailing fraud.
Facebook App Scare Is Malware Bait
Trend Micro's Rik Ferguson reports that many search engine results for the phrase 'Facebook unnamed app' lead users to malware distribution portals.
Google Toolbar Caught Disobeying Orders
Before an update fixed the problem, the toolbar tracked URLs even when that functionality was disabled.
Gates Doesn't Mind a Little Censorship
The Microsoft CEO has sided with China in its recent censorship debate with Google.
Starwood a Victim of Credit Card Fraud
Customers using 'Miles and More' cards may have been hit with illegal charges.
TechCrunch Attacked Again
The second hack in as many days featured a rant targeting site founder Michael Arrington.
Security Blogger Breaks Voice Encryption
Notrax claims to have eaverdropped on calls protected by 12 different mobile voice encryption solutions.
Cyber Attack Threat Keeps CEOs Up at Night
Forty percent of IT executives are bracing for a major security incident in their sector within the next year, and only 20 percent think they'll avoid a cyber attack in the next five years.
National Archives Breach Exposes D.C. Insiders' Data
A hard drive with data including the personal information of more than 250,000 people has gone missing from the National Archives and Records Administration.
Facebook, LinkedIn Resist New Privacy Regs
Leading social sites urge regulatory restraint over consumer data collection practices.
London Police Plan Olympics Fraud Teams
The teams will focus on e-crime and ticket fraud surrounding the 2012 Olympics in London.
PlainsCapital Sues Customer over Cyberattack
The lawsuit asks for certification that PlainsCapital's security was in fact reasonable.
Apache Releases SpamAssassin 3.3.0
The latest release changes the way the spam filter's rules are updated.
Backdoor Found in e107
The content management system appears to have been compromised.
PCI SSC to Strengthen Certifications
The council plans to add staff and funding in order to improve oversight of its certification review process.
Scientists Warn of ePassport Vulnerability
The attack does not require the attackers to know the cryptographic keys protecting the passport.
Zeus Targets AIM Users
A new iteration of the Trojan is now targeting AOL Instant Messenger.
TechCrunch Attacked
The site was temporarily made unavailable.
Metterbrink Pleads Guilty to Involvement in Scientology Attack
The 20-year-old Nebraska resident will serve a one-year prison sentence.
Apache SpamAssassin Takes a New Route in Version 3.30
The widely deployed open source antispam engine gets its first major update in two years, with changes aimed at better tackling the problem of spam.
Obama Cyber Czar Digs in For Long Haul
After one month heading up Obama administration's top cybersecurity spot, Howard Schmidt sees plenty of opportunities-and plenty of work.
Is the U.S. Gearing Up for Cyber War?
With cyber threats from abroad coming fast and furious, how serious is the United States about going on the offensive?
PS3 Hacked
20-year-old hacker George Hotz has hacked the PlayStation 3.
StopBadware Becomes a Nonprofit
The project will become a nonprofit with help from Google, PayPal and Mozilla.
Kaspersky Hates Google Ads
A recent update to the anti-virus software has caused Google ads to trigger a malware warning.
Oil Companies Targeted in Cyberattacks
American oil companies were hit with cyberattacks that may have come from China.
Kitchenaid.com Infected
Whirlpool has not cleaned up the site, despite having been urged to do so by Sophos.
Customer Data Stolen from Ladbrokes
The company says the breach did not access any bank details or passwords.
Chinese Human Rights Web Sites Attacked
The sites were hit by DDoS attacks that lasted 16 hours.
HP Announces Security Services Portfolio
The company has introduced a suite of more than 90 security, compliance and continuity offerings.
Chinese Users Particularly Vulnerable to IE Exploit
50 percent of PCs in China use Internet Explorer 6 to access the Internet.
New Phishing Campaign Targets iPhone Users
A fake iPhone warranty offer appears to be targeting user data.
Irish Discussion Board Resets Passwords
The Irish forum boards.ie has reset all user passwords after an attack.
CNNIC Ban Cuts Down on Spam
Symantec security researchers say .cn spam has dropped significantly since a ban was imposed on individual .cn registrations.
BIND Software Updated
The update patches a vulnerability that could lead to DDoS attacks.
Malware May Be Prank Gone Wrong
As anti-virus company ESET notes, Win32/Zimuse appears to be focused solely on trashing user data.
RealNetworks Patches 11 Vulnerabilities
The company has issued updates to patch 11 buffer and heap overflows in RealPlayer.
Tor Project Recommends Software Update
The advisory comes after the project's servers were found to have been hacked.
Hard Drives Pilfered from BlueCross BlueShield
Between 220,000 and 500,000 members' Social Security numbers, birth dates, medical information, and addresses were stored on dozens of disks swiped from the insurer's Chattanooga, Tenn. call center.
China Denies Role in Cyber Attacks
Government steps up defense of Internet policy in comments to state news agency as more sites come under attack.
PhoneFactor Adds Voiceprint Identification
The company is adding voiceprint identification biometrics support to its authentication services.
Mozilla Releases Firefox 3.6
Version 3.6 of the open source browser is more stable and secure than the previous version.
Microsoft Patches Eight Vulnerabilities
The company has released a cumulative critical patch for Internet Explorer.
Mozilla Updates Thunderbird to Version 3.0.1
The security and stability update addresses three critical vulnerabilities.
University of Exeter Shuts Network Down
The university took its network down for several days in response to a virus outbreak.
Insecure.org Updates Nmap to Version 5.20
The update includes more than 150 significant improvements.
California DMV Suffers Outage
A router malfunction recently brought down the California Department of Motor Vehicle's network.
CiscoWorks IPM Flaw Discovered
The flaw allows attackers to compromise vulnerable systems remotely.
Microsoft Warns About 17-Year-Old Windows Bug
Who's at risk from virtual DOS vulnerability?
Illegal File Sharing on the Rise
According to ScanSafe, there's been a 55 percent increase in illegal MP3 and software download attempts over the last three months.
Sourcefire IPS Speeds Up
The intrusion prevention system has been updated to support a 20 Gbit/sec clustered model.
Judge Blocks Microsoft WGA Class Action
A federal judge has blocked class action allegations over Microsoft's Windows Genuine Advantage software.
Baidu Sues Register.com
The company is alleging gross negligence over a recent DNS records hack.
Adobe Patches Shockwave Holes
The company has patched two critical security holes in Shockwave.
Firefox, Opera Big in Germany
The German government's warning against using Internet Explorer has boosted competing browsers.
NetSol Sites Defaced
The Web sites of a number of Network Solutions' hosting customers were recently defaced.
Heartland to Implement End-to-End Encryption
The company plans to switch to end-to-end encryption for payment transactions.
DNSSEC Compromised Again?
Yet another flaw is found in technology aimed at fixing DNS's own flaws. Should we worry?
Massachusetts Senate Race Spurs Malware Flurry
Symantec security researchers found that 33 of the top 100 search results from "Massachusetts senate race results" took users to malicious sites.
D-Link Releases Firmware Updates
The updates patch the recently discovered hole in D-Link routers' Home Network Administration Protocol.
Anonymization Service Targets Google
The new service is designed to prevent Google from tracking an individual's searches and site visits.
UK Government Won't Issue IE Warning
Despite French and German plans to do so, the UK government will not issue a warning about Internet Explorer vulnerabilities.
Apple Releases Mac OS X Security Update
The update patches at least a dozen serious vulnerabilities.
Microsoft to Adjust Bing Data Retention
The company will delete all IP addresses logging by its servers for Bing search queries after six months.
IBM Working on Airport Security
The company has filed a dozen patent applications for a sophisticated approach to the issue.
Avast 5 Released
The new version offers a new interface and an overhauled feature set.
Browsers Still Vulnerable to Clickjacking
According to Israeli programmer Shlomi Narkolayev, browsers are still unable to protect users from attack.
U.S. Government to Protest Google Attacks
The U.S. government plans to deliver an official protest over the cyberattacks.
ZigBee Vulnerability Found
Developer Travis Goodspeed has warned of a vulnerability in the wireless protocol.
Google Investigating Google China Employees
The company is investigating the possibility that Chinese employees may have been involved in attacks on its network.
Chinese News Limiting Coverage of Google Attack
Chinese news reports are offering limited if any coverage of last week's cyberattack on Google.
U.S. Military Contractors Targeted in Cyberattack
Hackers have been sending malicious PDF files to military contractors.
AT&T Fixes Facebook Problem
Some customers have been able to log into the wrong Facebook account on their mobile phones.
Jewish Chronicle Site Hacked
The Web site for The Jewish Chronicle was recently defaced by hackers.
Online Banking Security Needs to Improve
A Gartner report says currently security measures are no longer sufficient to protect online banking systems.
Microsoft Cuts Data Retention Time on Bing
Microsoft is trying to move the needle in the online privacy debate by purging IP addresses after six months.
Romanian Admits to Involvement in Phishing Operation
Cornel Ionut Tonita could face up to five years in prison.
Romanian Admits Guilt in Phishing Operation
Cornel Ionut Tonita could face up to five years in prison.
Lincoln Financial May Have Exposed Customer Data
A system of shared passwords may have exposed the private data of 1.2 million customers.
Alibaba Group Questions Yahoo's Support of Google
The company says Yahoo's statement of support for Google was "reckless."
IE Exploit Code Released Online
The code used in recent attacks on Google, Adobe and other companies has been released.
Google Fixes Orkut Vulnerability
The flaw was the result of an input validation error.
CPAN Testers Attacked
The CPAN Testers' server has been aggressively scanned by 20-30 bots every few seconds.
ACLU Challenges Laptop Searches
Customs and Border Protection agents have searched over 1,500 electronic devices at the U.S. border.
TI to Patch Cryptography Flaw
The vulnerability could allow attackers to tap in to communications traveling over power grids' wireless mesh networks.
Cybersitter Law Firm Attacked
The law firm representing Solid Oak Software in a lawsuit against the Chinese government has been targeted in an attack.
McAfee Says Chinese Hackers Used IE Flaw
McAfee researchers reports that the recent attacks on Google and Adobe took advantage of an unpublicized vulnerability in Internet Explorer.
Connecticut Sues Health Net
The state's attorney general says the company failed to secure private medical records and financial information.
BerliOS Hacked
Hackers recently replaced the home page for the open source platform.
McKinnon Granted Further Judicial Review
The Pentagon hacker's possible extradition will be delayed until at least April.
BackTrack 4 Released
The Linux-based penetration testing arsenal has been updated to Version 4 Final Release.
DarkMarket Founder Faces 10 Years in Jail
Former pizza delivery man Renukanth Subramaniam is said to have joined the cybercrime forum on its first day of operation.
Intevydis to Publicize Vulnerabilities
The security firm has become disillusioned with foot-dragging by vendors when confronted by vulnerabilities.
VeriSign: Google Attack by Chinese Government
Security firm says its sources believe the cyber attack came from 'intelligence entities' operating in the People's Republic of China.
Hackers Steal 8,378 Bank Passwords
Lesson: don't store customers' online credentials on accessible servers.
Trojan Porn Dialers Resurfacing
The Trojans cause infected handsets to send SMS messages to high-cost numbers.
BBB and FBI: Beware Haiti Scams
The Better Business Bureau and the FBI are both warning of scams tied to the catastrophe.
Taser Announces Protector Program
The service allows parents to monitor and control their children's cell phone activities.
Gmail: Secure by Default
Google plans to make HTTPS access the default option for Gmail.
Lethic Botnet Taken Down
The action is a result of collaborative effort between Neustar and ISPs.
Facebook Partners with McAfee
The company will be offering its users a six-month trial of McAfee's Internet Security Suite.
Kasumi Cipher Cracked
The cipher was broken using a related-key attack.
Boom Times for Mobile Security Software
ABI Research report projects a $4 billion market for mobile security by 2014.
Hackers Snare N.Y. Bank Customers' Login Info
A hacker last month infiltrated a server hosting the online banking system of Suffolk County National Bank in New York, putting 8,000-plus customers' login information at risk.
Patches from Microsoft, Adobe and Oracle
All three companies released security updates this week.
Google Apologizes for Releasing Confidential Data
The mistake was blamed on human error.
Microsoft Urges Flash Update for XP Users
The company has confirmed the presence of bugs in the version of Flash bundled with Windows XP.
The Return of the Iranian Cyber Army
The group recently took down Chinese search engine Baidu.com.
Texas ISP Owner Charged with Conspiracy
Matthew Simpson, owner of Core IP Networks, is one of 19 people charged in the case.
Zend Updated
Versions 1.9.7, 1.8.5 and 1.7.9 of the open source Zend Framework have been released.
Facebook CEO Says Privacy Becoming Less Important
Mark Zuckerberg made the statement at the 2009 Crunchies Awards in San Francisco.
Facebook Teams With McAfee to Secure Site
Two companies announce exclusive partnership, custom security tools to shore up social network.
EPIC Warns of Privacy Issues with Whole Body Imaging
The organization says the TSA is overstating the privacy protections used for the devices in U.S. airports.
Maryland Focuses on Cyberattacks
State governor Martin O'Malley wants Maryland to become the U.S. epicenter for cybersecurity.
Fake Facebook Charging Scam Spreads
A warning that Facebook may start charging $4.99 a month is being used to lure users to pages containing malware.
White House Wants to Accelerate IT Enhancements
The announcement was made in response to the Christmas Day bombing attempt on a U.S. airplane.
Pidgin Updated to Version 2.6.5
The chat client has been updated to address a vulnerability.
Rootkits Cause 7 Percent of All Infections
Alureon, Cutwail and Rustock were the most prevalent rootkits of 2009.
Android Phishing App Discovered
A phishing app disguised as a mobile banking solution was smuggled onto the Android Market.
Vulnerability Found in D-Link Routers
SourceSec warns that many D-Link routers have a flawed implementation of the Home Network Administration Protocol.
Google Says Sorry, China
The company has apologized to the Chinese Writers Association for scanning the group's books without permission.
Heartland Settles with Visa
The company will pay Visa credit and debit card issuers up to $60 million.
Oracle to Patch 24 Vulnerabilities
The company will release an update on Tuesday.
Researcher: Chrome Is Most Secure Browser
Dino Dai Zovi says Google's Chrome sets the standard for browser security.
SecurityReason Warns of Mac Vulnerability
The vulnerability is a potential buffer overflow error.
SanDisk and Verbatim Warn of Drive Vulnerabilities
The companies have joined Kingston Technology in warning of vulnerabilities in their flash drives.
Vispa Knocked Out by DDoS Attack
The denial of service attack was traced to Latvia.
UK Police Misused Computers
Over 400 members of the British police have been disciplined or dismissed for misuse of computers.
Fix Found for SSL Vulnerability
An update will change the way that SSL-enabled software renegotiates encrypted sessions.
Adobe Releases Illustrator Patch
The update patches two vulnerabilities affecting Illustrator CS3 and Illustrator CS4.
Trend Micro Uncovers New Adobe Attack
The company has discovered a new malware variant targeting vulnerabilities in Adobe Reader and Acrobat 9.2.
One Bug Fix Coming on Patch Tuesday
Tuesday's single patch is rated critical for Windows security--the highest level of Microsoft's four-tier security threat severity scale--only for Windows 2000 Service Pack 4 (SP4).
TSA Nominee Questioned About Improper Database Access
Erroll Southers was censured by the FBI two decades ago for improperly accessing an FBI criminal database.
Patches Coming from Microsoft and Adobe
Both companies will release critical updates next Tuesday.
768-Bit RSA Encryption Cracked
An international team has broken the key.
Microsoft Updates Word 2007
The update drops custom XML tagging technology from the software.
DDoS Attack Nearly Sinks InterNetX
The German company's DNS service was almost brought down by the attack.
PowerDNS Updates Recursor to Version 3.1.7.2
The update patches two vulnerabilities.
Advocate Exposes Google Spyware Problem
Harvard Business School assistant professor Ben Edelman is calling on Google to sever ties with InfoSpace.
Hacker Exposes Firewall Vulnerability
Samy Kamkar has demonstrated a simple way to penetrate hardware firewalls.
PacketFocus Warns of Spear Phishing Vulnerability
Company CEO Joshua Perrymon was able to get a spoofed message around filters 100 percent of the time.
Kaiser and VA to Share Electronic Health Records
Under a pilot program, Kaiser Permanente and the U.S. Department of Veterans Affairs are currently sharing patient electronic health records.
FS-ISAC to Simulate Cyber Attacks
The test will be used to assess how well banks, payment processors and retailers can handle the threats.
Cybersecurity Geniuses Wanted
Computer security is quickly becoming one of the hottest jobs in the U.S.
Juniper Networks Warns of Critical Flaw
The company says its gateway routers could be forced to reboot by Internet packets with maliciously formed TCP options.
Firefox Updated to Version 3.5.7
The update addresses several bugs.
Mr. Bean Conquers Spain
Hackers recently placed Mr. Bean's face on Spain's official web site.
Symantec Hits 2010 Snafu
The company's Endpoint Protection Manager server product is marking signature updates issued in 2010 as out of date.
Trojans Remain Leading Threat
Sunbelt Software reports that Trojans comprised 18.7 percent of all attacks in December 2009.
New Attack Pinpoints User's Location
Security researcher Samy Kamkar has demonstrated an attack that determines a Web user's exact location with GPS coordinates.
Major Drop in Conficker-Infected Computers
The Shadowserver Foundation and the Conficker Working Group say that nearly a million Conficker-infected computers disappeared on January 1.
Over $3 Million Stolen from NY School District
The FBI and the New York State Police are investigating the online theft.
Cybersitter Sues China
Solid Oak Software has filed a $2.2 billion lawsuit alleging that code was stolen from its Cybersitter content filter program.
German Credit Cards Hit With 2010 Bug
A year 2010 bug has rendered approximately 30 million German debit and credit cards unusable.
FDA Warns of Scam Targeting Online Drug Customers
A new scam targets customers of online pharmacies.
Kingston Technology Recalls Flash Drives
The company has asked users to return affected models for a factory update.
EMC Buys Archer Technologies
The acquisition will expand EMC's portfolio into risk management and policy enforcement for ongoing compliance projects.
Adobe to Introduce Automatic Updater
The company is developing a new mechanism to patch security holes without requiring any end user action.
Eastern Washington University's Network Hacked
The breach may have affected up to 130,000 current and former students.
New Attack Targets Adobe Reader
The attack is unusually hard to detect, according to analysis from Virus Total.
Vulnerabilities Found in Twitter and Google Calendar
Security researcher has uncovered cross-site scripting vulnerabilities that could be used to steal cookies and session IDs.
Mac OS X Malware Blocking Gathering Dust
No updates have been made to Apple's new malware blocker in the almost six months since its launch.
X-Box Thief Caught Online
A man who stole an X-Box 360 was caught when the console signed itself in automatically.
RockYou Sued Over Data Breach
Alan Claridge of Evansville, Ind., alleges that the company failed to protect its users' data.
TSA Bloggers Subpoenaed
Bloggers Steven Frischling and Chris Elliott, who posted leaked TSA security guidelines, have both received subpoenas.
NAI Audit Approves Online Ad Privacy
In its first annual audit, the Network Advertising Initiative found "no compliance deficiencies" in terms of privacy and data handling.
DECT Encryption Cracked
The deDECTed.org project has cracked the DECT standard's encryption code.
IBM Adds Code Quality Analysis to Rational
Big Blue integrates static analysis into Rational following the acquisition of Ounce Labs.
QKD Hack Demonstrated
Qin Liu and Sebastien Sauge have demonstrated a method for eavesdropping on a secure quantum key distribution.
Blitzableiter Tool Cleans Up Flash Code
Felix "FX" Lindner has developed a tool that analyzes and cleans up Flash code to prevent security holes from being exploited.
SpamAssassin Has a New Year's Hangover
The spam filter includes a rule defining any year past 2009 as "grossly in the future."
- What are the top Android security apps?
- What are the top Android security risks?
- What are today's top cyber threats?
- What's the most secure way to delete data?
- How does hard drive encryption work?
- Is old software inherently insecure?
- Are Macs immune to malware?
- How can BYOD risk be managed?
- Which web browser is the most secure?
- How do I protect my iOS device?
- What are the top iPhone security apps?
- How do I secure my wireless network?
- Are public Wi-Fi hotspots safe?
