A malicious copy of the phpMyAdmin database management tool has been served for days via a Korea-based mirror of the Sourceforge.com repository. The copy on the ‘cdnetworks-kr-1′ mirror in Korea was a modified version of the phpMyAdmin-126.96.36.199-all-languages.zip release that was backdoored by cyber-criminals before uploading.
The Izz ad-Din al-Qassam Cyber Fighters claimed a recent attack on Wells Fargo which lead to eight hours of downtime. The hacker group said it will also attack U.S. Bancorp and PNC Financial Services Group, according to a PasteBin post.
Security researcher Ravi Borgaonkar from the Ccommunications department at the Technical University of Berlin revealed a technical flaw that renders Samsung Galaxy S2 and S3 devices vulnerable to a complete remote wipe, reports cnet.com.
A number of servers belonging to the JPMorgan Chase Bank were compromised this month, exposing a vast amount of customer information. Among them are employees of high-end jewelry maker Tiffany & Co, but the bank believes these details have not been exploited yet.
Microsoft was familiar with the Internet Explorer zero-day flaw months before releasing the security patch, according to Computer World. Proof that the Redmond-based company knew about the bug is that it credited Hewlett-Packard TippingPoint for reporting the vulnerability. The program allegedly reported the browser vulnerability in July, seven weeks before researcher Eric Romang announced he found the bug on a hacking server.
Researchers uncovered a cyber-espionage campaign that uses spear-phishing emails containing “droppers” designed to leave a backdoor in compromised systems. Posing as PDF attachments, the malware was named “Mirage” by researchers at Dell SecureWorks' Counter Threat Unit.
Charlie Hebdo Magazine’s website, a French magazine that published a short cartoon mocking the Prophet Mohammad, was taken offline, possibly due to an Islamic hacking group. Bank of America Corp's website suffered intermittent outage on Tuesday amid threats by an Islamic hacker group that promised to take down “American-Zionist Capitalists”.
Developer Kevin Burke claims that Virgin Mobile USA has a faulty authentication process, which makes account PINs number-only and limits passwords to six digits, putting users at high risk of brute-force attacks, reports cnet.com.
Cyber criminals are targeting bank employees to steal their credentials for wire transfer fraud, according to the FBI. Authorities discovered cyber criminals are using spam and phishing e-mails, keystroke loggers, and remote access trojans to compromise financial institutions’ networks.
Foreign journalists in China are under malware attack, with dangerous e-mails spreading on their computers to steal sensitive information, according to Reuters.
A mobile application developed by security researchers at Duo Security revealed that more than half of mobile devices running Android are exposed to unpatched security flaws. The application is called X-Ray and does not attempt to find bugs in third-party apps installed, but rather looks for known, unpatched vulnerabilities in the mobile operating system.
The FBI has been working on a state-of-the-art biometric identification system that could fight crime. The Next Generation Identification (NGI) system will include voice recognition, iris and retina scan data, facial recognition and DNA analysis, and will be deployed in 2014 in Michigan, Hawaii, Maryland and Oregon.
CyberGuerillaAnon, a group of Anon hacktivists, have chosen to show support for The Pirate Bay co-founder Gootfried Svartholm Warg and to protest against his extradition back to Sweden by illegally accessing and leaking sensitive data from various Cambodian agencies and offices, as reported by the Register.
The soon-to-be released Windows 8 ships with a vulnerable version of the Flash Player plugin for the Internet Explorer 10 browser. The July 11.3.372.94 build released in June is still unpatched with the security updates released by Adobe in August.