Archive | Vulnerability RSS feed for this section

Internet Explorer flaw allows attackers to track your mouse movements

Posted December 14, 2012 An Internet Explorer vulnerability allows hackers to track mouse cursor movement anywhere on the screen, even if a given window is inactive, unfocused or minimised. It can also compromise the security of virtual keyboards and keypads, thereby thwarting their use against keyloggers. Here’s more.  

Leave a comment Continue Reading →

Samsung Smart TV security hole allows hackers to watch you, change channels or plug in malware

Posted December 12, 2012 Researchers have found a vulnerability in an unspecified model of a Samsung LED 3D TV that they exploited to get root access to the TV and any attached USB drives. The bug, which can be used to gain root access, affects multiple Samsung models and device generations, they say. Read all […]

Leave a comment Continue Reading →

What computer security threats can we expect to see in 2013?

Posted December 7, 2012 Here are the trends that SophosLabs anticipates will shape the IT security landscape next year. Read more.

Leave a comment Continue Reading →

Use Instagram on your iPhone? Your account can be hijacked, claims security researcher

Posted December 4, 2012 A security researcher has published a proof-of-concept attack on Instagram for iOS that would allow malicious users to remotely hijack victims’ accounts, delete or download photos, and tinker with profile details. Here’s more.

Leave a comment Continue Reading →

Facebook hacks its workers into Hacktober smithereens

Posted November 30, 2012 Slimy worms! Disguised as Facebook news! Unleashed on unsuspecting Facebook employees – by its own engineering team! This was the second year that Facebook celebrated Hacktober, a month-long feast of self-inflicted cyberattacks designed to tune staff’s threat perception. Read the story now.

Leave a comment Continue Reading →

Hacker selling $700 exploit that hijacks Yahoo email accounts

Posted November 26, 2012 A hacker is selling a $700 zero-day exploit for Yahoo Mail that lets an attacker leverage a cross-site scripting (XSS) vulnerability to steal cookies and hijack accounts. Read the full story on Naked Security.

Leave a comment Continue Reading →

Goatse hacker Auernheimer found guilty of breaching AT&T to access customer iPad data

Posted November 22, 2012 A hacker claims he was disclosing a security flaw responsibly. But IRC transcripts show that the Goatse hacking group was instead musing about shorting AT&T stock, discussed selling 120,000 email addresses to spammers, and never told AT&T about the vulnerability in the first place. Here’s the full story.

Leave a comment Continue Reading →

Adobe Reader zero-day exploit thwarts sandboxing

Posted November 8, 2012 The vulnerability is selling for up to $50K on the black market, security researchers say, and has been included in a package of banking Trojans called the Blackhole Exploit Kit, which is the most prevalent exploit kit out there. Read all about it.

Leave a comment Continue Reading →

Nuclear power plant cybersecurity warnings silenced by legal threats

Posted October 31, 2012 One vendor’s threat to sue has resulted in two canceled talks about a nuclear power plant’s potential vulnerabilities to cyber-attack. For more, here’s the story.

Leave a comment Continue Reading →

Attacker grabs data for 3.6 million South Carolina taxpayers; governor wants to see culprit “brutalized”

Posted October 29, 2012 She’s got a right to be incensed, with 77% of the state’s population’s Social Security numbers being snatched out from under the Department of Revenue. But what’s the appropriate penalty for the department, for the crime of leaving the data unprotected? Read the full story on Naked Security.

Leave a comment Continue Reading →