Febipos Trojan Hijacks Facebook Accounts, Microsoft Warns
Several malicious browser extensions hijack Facebook accounts, posting and sharing messages on behalf of users, Microsoft warns. The company first discovered the threat in Brazil and detects it as Trojan:JS/Febipos.A.
The Onion Twitter Account Hacked via Cascade Phishing Attack
The Syrian Electronic Army took over The Onion’s Twitter account on Monday in a simple, yet highly complex, phishing attack on some employees.
ColdFusion Bug Allows Full Access to Servers; No Patch Yet
A critical vulnerability in ColdFusion server software versions 10 and below has been identified in production environments. This flaw, also known as CVE-2013-3336, allows an attacker to remotely access files on the vulnerable server.
SEA Hacked the E! Online Twitter Accounts over the Weekend
The Syrian Electronic Army (SEA) hit media corporations once again this weekend.
Google’s Glass Hacked
The Google Glass wearable computer was hacked to siphon video and audio data to anyone interested. By compromising the modified version of Android on the Glass, hackers can also hear and watch whatever the wearer is doing in real time.
US Department of Labor Website Hacked to Serve Malware
The US Department of Labor website was hacked and used to disseminate malware by running malicious code that collected data from users and uploading it to a remote command-and-control server.
Apache Web Servers Running on Linux Silently Backdoored
A new wave of attacks targeting Apache servers running on Linux has been spotted in the wild.
Dutch Hacker Arrested for Spamhaus DDoS Attack
Spanish police arrested a Dutch hacker for allegedly breaching Spamhaus in the largest DDoS to date, according to the BBC. The 35-year-old man was handcuffed in Barcelona after a request from the Dutch public prosecutor.
China Shuts Down Two Websites for Pirated Content
China honored the World Intellectual Property Day by closing Silu HD and YYeTs, two Chinese web platforms known to distribute pirated movies and American TV shows, according to Techweb.
Cisco Enterprise Routers Flawed By Critical Bugs
Two critical vulnerabilities have been discovered in Cisco’s enterprise-level router gear running the Cisco NX-OS.
Patched Java Vulnerability Still Used by Attackers
A Java vulnerability patched by Oracle on April 16 is still being used by attackers in a campaign that spreads a new ransomware dubbed Reveton.
Syrian Hackers Hijack CBS Twitter Account
Syrian hackers hijacked the Twitter accounts of CBS programs “60 Minutes” and “48 Hours,” and posted fake messages about the US helping terrorists. The Syrian Electronic Army also infected the tweets with malicious links, according to All Things Digital.
Of-The-Shelf Routers Found Critically Vulnerable
Commercial routers were deemed vulnerable to authentication attacks that take complete control of router traffic.
Gambling Software Developer to Fix Poker Bugs
Gambling software developer B3W Group plans to fix poker game bugs recently discovered by security researchers, according to IDG News Service. The Malta-based company said it will start the update within the week.