Archive | Security Threats RSS feed for this section

Facebook hacks its workers into Hacktober smithereens

Posted November 30, 2012 Slimy worms! Disguised as Facebook news! Unleashed on unsuspecting Facebook employees – by its own engineering team! This was the second year that Facebook celebrated Hacktober, a month-long feast of self-inflicted cyberattacks designed to tune staff’s threat perception. Read the story now.

Leave a comment Continue Reading →

Hacker selling $700 exploit that hijacks Yahoo email accounts

Posted November 26, 2012 A hacker is selling a $700 zero-day exploit for Yahoo Mail that lets an attacker leverage a cross-site scripting (XSS) vulnerability to steal cookies and hijack accounts. Read the full story on Naked Security.

Leave a comment Continue Reading →

Experian defends database security practices in face of investigations

Posted November 20, 2012 Data brokers are on the hot seat as the Irish regulators begin an investigation into Experian’s security methods and the US Congress demands more transparency into what’s collected and how it’s handled. Read the story now.

Leave a comment Continue Reading →

NASA suffers major data breach over stolen laptop that wasn’t encrypted

Posted November 15, 2012 The space agency is now, finally, after yet another unencrypted laptop theft, scrambling to require full disk encryption agency-wide. Read more.

Leave a comment Continue Reading →

Adobe Reader zero-day exploit thwarts sandboxing

Posted November 8, 2012 The vulnerability is selling for up to $50K on the black market, security researchers say, and has been included in a package of banking Trojans called the Blackhole Exploit Kit, which is the most prevalent exploit kit out there. Read all about it.

Leave a comment Continue Reading →

Stolen cellphone databases switched on by major US carriers

Posted November 1, 2012 AT&T, T-Mobile, Verizon and Sprint have flipped the switch on databases that will track stolen cellphones and block them from being used on the major carriers’ networks. Now, just make sure you’ve got your phone’s ID number written down somewhere, and try not to go into a cellphone coma on the […]

Leave a comment Continue Reading →

Nuclear power plant cybersecurity warnings silenced by legal threats

Posted October 31, 2012 One vendor’s threat to sue has resulted in two canceled talks about a nuclear power plant’s potential vulnerabilities to cyber-attack. For more, here’s the story.

Leave a comment Continue Reading →

Attacker grabs data for 3.6 million South Carolina taxpayers; governor wants to see culprit “brutalized”

Posted October 29, 2012 She’s got a right to be incensed, with 77% of the state’s population’s Social Security numbers being snatched out from under the Department of Revenue. But what’s the appropriate penalty for the department, for the crime of leaving the data unprotected? Read the full story on Naked Security.

Leave a comment Continue Reading →

Thieves rig Barnes & Noble PIN pads to steal credit card data

Posted October 24, 2012 Hackers tampered with point-of-sale terminals at 63 bookstores to hijack customers’ credit card and PIN information. Keep an eye on your statements and watch for unauthorised transactions. Read it now.

Leave a comment Continue Reading →