Latest News

New York Times under Siege by Chinese Hackers

The New York Times claims to have been under attack by Chinese hackers after its investigation into China’s Prime Minister Wen Jiabao. All 53 employees had their computers spied on and information concerning the newspaper’s sources and contributors were targeted.

Flaws in Network Protocol Expose Millions of Computers to Attack

Security issues in a widely used suite of network protocols known as uPnP (Universal Plug-and-Play) could expose millions of devices to attacks, even without their users’ intervention.

Ignore Grammar When Writing Passwords, Research Says

Long passwords with any semblance of grammar are easier to crack than short passwords without structure, according to a study by Carnegie Mellon University. Researchers found that grammar – good or bad – offers clues to hackers because it narrows the possible word combinations and sequences.

Multiple GitHub Projects Expose Private SSH Key

A number of private cryptographic keys associated with GitHub accounts were inadvertently leaked on the web and cached in the Git search engine.

Denial of Service Attacks Plagued US Banks, Corero Says

Denial of service attacks on US banks intensified last year and caught IT security experts either off guard or with insufficient resources to efficiently repel them, according to a report commissioned by Corero Network Security.

Poland Takes Down Virut Botnet Domains

CERT Poland has taken down the central command and control servers of the Virut botnet, curtailing the activity of this zombie herder after confirming that systems infected with Virut were remotely controlled by crooks from those servers.

Shylock Banker Trojan Rings Twice on Skype

Two-year old Shylock Trojan is expanding its reach to Skype users with an upgrade that allows it to message itself to new victims, according to Danish security consultancy CSIS. The new module, dubbed msg.gsm, lets the Trojan covertly send messages and transfer files using Skype by bypassing the warnings and restrictions enforced by the client application.

CFAA may be Amended in Light of Swartz’ Suicide

The US Computer Fraud and Abuse Act (CFAA) that enforces anti-hacking punishments may face revision in light of Reddit co-founder Aaron Swartz’ suicide, following a conviction that would have landed him 35 years in jail.

Huge Android Botnet Threatens the Security of Chinese Smartphone Users

Chinese security researchers have issued a public warning about a botnet comprised of a hazardous 1 million smartphones running Android, writes the local Xinhua News Agency.

Oracle Updates Software to Fix Java Bug

Oracle released an emergency software update to fix the Java vulnerability that allowed cyber-criminals to hack computers after a new zero-day exploit targeting Java 1.7 rev 10 was integrated into a specially tailored exploit kit.

FoxIt PDF Reader Vulnerable to Exploitation Techniques

One of the most popular alternatives to Adobe Reader is currently vulnerable to an exploitation technique that can totally compromise the security of the computer it runs on. According to independent security researcher Andrea Micalizzi, the exploit affects all versions of the reader application prior to

Anonymous Submits US Petition for Legalizing Distributed Denial-of-Service

Comparing distributed denial-of-service attacks with the Occupy movement, Anonymous posted a petition to President Obama asking DDoS attacks to be recognized as a legal form of protest in which users can participate online, instead of standing outside a building.