Shockwave Remote Code Execution Bug Waiting February Patch, Adobe Says
A two-year-old Shockwave vulnerability that allows for remote code execution on user machines will be patched in February of 2013, according to an Adobe spokesperson.
Egyptian Hacker ‘Virus_Hima’ Claims Discovery of Yahoo Bugs
An Egyptian hacker claims to have discovered a Yahoo vulnerability that allowed him to access a full-files backup for one of the company’s domains, according to one of the most loquacious Pastebin posts ever. "Virus_Hima" told the story of his life and released images to prove the breach, which is backed up by cross-site scripting and SQL injection vulnerabilities.
Internet Explorer Bug Tracks Every Mouse Move, Even Outside the Browser
A newly-discovered bug in Internet Explorer is threatening the privacy of millions of computer users worldwide. According to the findings of traffic specialists at Spider.io, a flaw in the way Internet Explorer implements the Event Model makes it easy for an attacker to track the position of the mouse cursor, as well as the state of the control, shift and alt keys.
Indian Telecommunications Company Hacked by Anonymous
The Indian telecommunication company Bharat Sanchar Nigam Limited had its website defaced by Anonymous in protest against an IT law enabling the imprisonment of people who send or post offensive messages through communication services.
Built-in Android AV Fends off Only 15% of Known Malware
One of the biggest additions to the brand-new Android 4.2 is the built-in application verification service that is supposed to detect and block malicious or potentially harmful code snuck into user applications.
Healthcare Under Cyber-Attack: 94% of Hospitals Breached
Almost nine hospitals in 10 have suffered at least one data breach, according to a study commissioned by ID Experts. The same report says these breaches cost healthcare organization an estimated $7 billion per year.
Ad Network Spying on Users Faces FTC Disciplining
Using history sniffing technology to secretly spy on users, the New York-based Epic Marketplace ad network settled on a complaint by the Federal Trade Commission.
Zero-Day Exploits for MySQL and SSH Publicly Available
If you’re running MySQL in a shared environment, you have all the reasons to worry as no less than five distinct exploits targeting the popular database system from Oracle have been fully disclosed by a hacker known as KingCope.
Medical Employee Hacks Ambulance System, Leaks Data to Identity Thieves
An employee of a medical billing company illegally accessed the ambulance system and leaked individual account information to cyber-criminals, according to SecurityManagement.com.