Java hacker boasts of finding two more unpatched holes
Serial Java fault-finder Adam Gowdiak has embarrassed Oracle yet again. The Polish researcher is publicly bragging about two brand-new vulnerabilities he’s found even since Oracle’s most recent patch just a week ago. more…Indian two-factor authentication fraudsters busted by Delhi cops
Two more alleged cybercrooks are cooling their heels in custody this weekend. The modern-day bank robbers are said to have run a scam that allowed them to work around the two-factor authentication protection offered by the victims’ banks. more…Year 2038 problem
Today is the 19th of January, 2013. Which means 19th of January, 2038 is now exactly 25 years away from us. Why does it matter? Because at 03:14:07 UTC on 19th of January 2038 we will run into the Year 2038 Problem. Many Unix-based system can’t handle dates beyond that moment. For example, common Unix-based […] more…2013 Security Predictions: What Should Small and Medium Businesses (SMB) Look Out For?
In 2012 small businesses globally were making the shift towards cloud-based applications and smart mobile devices, impacting the way they do business. These trends towards greater consumerization of IT and cloud adoption look likely to continue and pick up momentum in 2013. Our experts here at Trend Micro have looked at these changes through the […] more…CES Trends: Smartphones Are the Remote Control for Your Life
Smartphones have evolved at a rapid pace over the past couple of years to become much more than a communication tool. Everything is connected to the Internet – lights, power outlets, cars, cameras, kitchen appliances and more – and can be controlled from a mobile device. At CES this year it was more evident than […] more…Phishing attack attempts to steal Google passwords via Red Cross website
“Please log into Google Docs, and then you’ll be able to read my message.” “I’ve provided a handy link…” more…OKCupid app, Crazy Blind Date, peeks into your privates
A bug in OKCupid’s recently released Crazy Blind Date application allowed complete strangers to paw at users’ data. more…War of words continues over Cisco Linksys router access exploit
Stories of a vulnerability in Cisco Linksys consumer routers have been circulating in the past week. The stories have now turned into a low-key war of words. more…Hiding in Plain Sight: The FAKEM Remote Access Trojan
The perpetrators of targeted attacks want to maintain a persistent presence in a target network in order to extract sensitive data when needed. To maintain this, attackers seek to blend in with normal network traffic and use ports allowed by firewalls. Frequently, the malware used in targeted attacks uses HTTP and HTTPS to appear like […] more…The man who steals all the phones in Las Vegas – pinpointed precisely
Just how accurate do you expect the location data on your mobile phone to be, and what could go wrong if it were out by miles? Paul Ducklin finds out with a discursive journey into Wayne Dobson’s problem – every lost phone in Vegas seems to show up at his house. more…WordPress SPAM Causing Headaches
It seems that SPAM is all the rave these days, wonder why, could it be because it’s a multi-million business? In any event, detecting is always a challenge as is remediating. This is what it might look like if you use our free scanner to scan the website: Besides some of the obvious things we […] more…WordCamp Las Vegas 2012 – Tony Perez: WordPress Security – Dealing with Today’s Hacks
Here is a great presentation given by Tony Perez our COO in October of 2012 at WordCamp Las Vegas: more…Malware Poses as an Update for Java 0-Day Fix
Just a word of caution to users who decided to update their systems with the recent Java zero-day software update: make sure to get it from a reliable source or else face the possibility of a malware infection. Oracle has recently released its fix to the much talked-about Java zero-day (CVE-2012-3174) incident though with lukewarm […] more…Malware attack! "You have received a secure message"
SophosLabs is intercepting a widespread malware attack, spammed out via email, posing as a secure message. more…"Red October" – part two, the modules
Earlier this week, we published our report on “Red October”, a high-level cyber-espionage campaign that during the past five years has successfully infiltrated computer networks at diplomatic, governmental and scientific research organizations. In part one, we covered the most important parts of the campaign: the anatomy of the attack, a timeline of the attacker’s operation, […] more…How Twitter users can fake a verified account – and how you can tell the difference
Learn a simple way to fool other Twitter users into thinking your account is verified.. And discover how you can tell the difference between a fake verified Twitter account and the real deal. more…More information
- UScellular Breach Allowed Hackers to Port Customer Phone Numbers
- What’s your privacy worth? For Google, chump change
- ‘PGMiner’ Crypto-Mining Botnet Abuses PostgreSQL for Distribution
- Privacy watchdog, lawmaker push for Google probe
- Is your train or bus eavesdropping on your conversation?
- WebAccess: CoSign Software Update
- L2 Network Security Control Bypass Flaws Impact Multiple Cisco Products
- Resolved: Mainframe Printing Problems
- Yahoo declares war on ad blockers, blocks email access
- Resolved: Brief Internet2 service degradation