Posted December 14, 2012 An Internet Explorer vulnerability allows hackers to track mouse cursor movement anywhere on the screen, even if a given window is inactive, unfocused or minimised. It can also compromise the security of virtual keyboards and keypads, thereby thwarting their use against keyloggers. Here’s more.
Posted December 12, 2012 Researchers have found a vulnerability in an unspecified model of a Samsung LED 3D TV that they exploited to get root access to the TV and any attached USB drives. The bug, which can be used to gain root access, affects multiple Samsung models and device generations, they say. Read all [...]
Posted December 7, 2012 Here are the trends that SophosLabs anticipates will shape the IT security landscape next year. Read more.
Posted November 26, 2012 A hacker is selling a $700 zero-day exploit for Yahoo Mail that lets an attacker leverage a cross-site scripting (XSS) vulnerability to steal cookies and hijack accounts. Read the full story on Naked Security.
Posted November 22, 2012 A hacker claims he was disclosing a security flaw responsibly. But IRC transcripts show that the Goatse hacking group was instead musing about shorting AT&T stock, discussed selling 120,000 email addresses to spammers, and never told AT&T about the vulnerability in the first place. Here’s the full story.
Posted November 8, 2012 The vulnerability is selling for up to $50K on the black market, security researchers say, and has been included in a package of banking Trojans called the Blackhole Exploit Kit, which is the most prevalent exploit kit out there. Read all about it.
Posted October 31, 2012 One vendor’s threat to sue has resulted in two canceled talks about a nuclear power plant’s potential vulnerabilities to cyber-attack. For more, here’s the story.