Multimedia Repository Poses Security Threat to Debian Aficionados
The domain name used by the unofficial Debian Multimedia repository has changed hands and now poses a security threat to Linux users who enabled it in the past.
Apple Delivers OS X Update, Fixes Critical Bug in Safari
Apple pushed on Tuesday an update that fixes more than 30 vulnerabilities in the operating system software, including a critical bug in Safari.
Microsoft and FBI Take Down Botnet
In a coordinated action, Microsoft and the FBI disrupted Citadel, a multi-million dollar operation responsible for stealing approximately half a billion dollars from bank accounts worldwide.
Oracle Reworks Security Model for Upcoming Java Releases
Oracle-sponsored Java has had a rough patch this year as zero-day exploits kept pouring in and cyber-crooks rushed to monetize their bugs. But things are apparently looking less gloomy for the upcoming releases of Java, which will bring major changes in the way applets are treated within the browser, among others.
iPhones Can Be Hacked in 60 Seconds with Malicious Charger
iPhones can be hacked in one minute with a malicious charger, according to researchers at the Georgia Institute of Technology. The security experts plan to present the proof-of-concept device at the Black Hat conference in July. The ‘Mactans’ charger may be used to install malware on a device running the latest version of Apple’s iOS.
Peer-to-Peer Botnets Grow Larger, Make Takedown Harder
Peer-to-peer botnets have witnessed a dramatic surge over the past three years, but it appears the number of infected computers in these zombie networks is exceeding all expectations.
Ruby on Rails Critical Bug Now Exploited in the Wild; Servers Affected
A known critical flaw in Ruby on Rails (CVE-2013-0156) is currently exploited in the wild, although it was patched months ago. The flaw, originally reported in January, is currently abused by cyber-criminals to take control of still-vulnerable servers.
Sky's Android Apps, Twitter Account Hit by Syrian Hackers
Several Android apps of British company Sky and its Twitter account were hacked by the Syrian Electronic Army. The hackers posted a tweet, allegedly from the broadcaster, advising people to uninstall the official apps.
Twitter Announces Two-Factor Authentication
Twitter has introduced two-factor authentication by including mobile phones in users’ verification processes after a series of high-profile account hacks.
Bug in Linux Kernel can Elevate Users from Untrusted to Root in No Time
A flaw in the Linux kernel that can escalate users’ privileges to root has been discovered in the wild. The bug - a zero-day since January 2011 - affects Linux kernel versions 2.6.37 through 3.8.8 compiled with the CONFIG_PERF_EVENTS kernel configuration option.
Forum Flame Ends with ZPanel Website Takedown
An average flame on the ZPanel’s support forums has degenerated into a security incident that has rendered the company’s website inaccessible to customers as a precaution.
Hackers Steal $45 Million in Biggest Bank Robbery before Getting Arrested
US police dismantled a gang of hackers that stole $45 million in fraudulent ATM withdrawals across the globe after eight suspects got arrested by New York authorities a few days back.
Febipos Trojan Hijacks Facebook Accounts, Microsoft Warns
Several malicious browser extensions hijack Facebook accounts, posting and sharing messages on behalf of users, Microsoft warns. The company first discovered the threat in Brazil and detects it as Trojan:JS/Febipos.A.
ColdFusion Bug Allows Full Access to Servers; No Patch Yet
A critical vulnerability in ColdFusion server software versions 10 and below has been identified in production environments. This flaw, also known as CVE-2013-3336, allows an attacker to remotely access files on the vulnerable server.