Security

The recent report of a security hole in Microsoft's Video ActiveX Control appears to have the Redmond-based company stumped. According to insiders, Microsoft is investigating a flaw that targets a component it didn't even realize was still being ... used. Security reports suggest that the vulnerability has already been exploited and that a solution must be produced by Microsoft as soon as possible. The company is investigating and promises to have a fix soon, but in the meantime has revealed that only select operating systems, including Windows XP and Windows Server 2003, are affected. Users of ... (view more)

Since it was first introduced several months ago, the dreaded Conficker worm has been synonymous with wreaking havoc on computers worldwide. Almost no one would ever consider its creation a "good" thing, but that may be changing, if only in one ... isolated incident. Ironically the virus, warned to be harmful to millions of people around the globe, has actually made a few hundred fans in England. The warm reception came following a planned attack on Manchester City Council (MCC). According to the Manchester Evening News, a total of 1,609 traffic tickets could not be issued within the 28 ... (view more)

Makers of the popular Firefox web browser, Mozilla, are working on new technology that it hopes will remove the threat of Cross-Site Scripting (XSS) attacks that have compromised legitimate websites for years by injecting pages with malicious code. ... XSS vulnerabilities allow hackers to unsuspectingly inject malicious code into pages that persuade users to click on links launching drive-by downloads . Content Security Policy (CSP) to Stop XSS Attacks Drive-by downloads are made possible because content received from a web server's response is treated the same, regardless of whether it's ... (view more)

Harry Potter fans wanting to illicitly download movies such as 'Harry Potter and the Half-Blood Prince' are being advised to wait until the movie is released. Cybercriminals are reportedly targeting popular peer-to-peer (P2P) networks in order to ... take advantage of fans wanting to download the movie in advance of its screening. When a user comes across optimized, illegitimate links to download the movie, they are baited by offers to watch Harry Potter and the Half-Blood Prince online for "free." When the user clicks the link, they are redirected to an online blog post containing ... (view more)

While millions of people clamored to hear late-breaking news and updates on the sudden passing of the Prince of Pop, hackers and online deviants around the world rushed to their computers to spread spam and malware to an endless sea of vulnerable ... mourners. Hundreds of cases of malicious messages masquerading as information about Jackson's death were reported Thursday night. The emails claimed to have contained "vital information" about the circumstances surrounding his death, while also asking users to respond in order to become privy to the "secret" details. (Source: infoworld.com ) ... (view more)

According to reports, the National Security Agency (NSA) has been busted once again for illegal surveillance. Worse yet, it seems the NSA has moved beyond wiretapping land lines to the wireless phone industry, too. (Source: nytimes ) Legal experts ... suggest that collaboration between the wireless phone industry and the NSA runs far deeper than originally thought. There are over 3,000 wireless companies operating in the U.S.; furthermore, the majority of industry-aided snooping is quietly handled by companies that most consumers have never heard of. (Source: cnet.com ) Major Networks Sold Data ... (view more)

Starting July 1st, 2009 all PCs sold in China are to include Internet content filtering and censorship software also known as " Green Dam Youth Escort software ." The program works by creating log files of all the sites and pages the user tries to ... access. Software Flaws Leave Users Vulnerable Computer experts discovered a series of software flaws, including unencrypted communications between the company's servers and the software itself. It's suggested that the software is susceptible to large-scale disaster, including hackers that could steal private user information or install ... (view more)

A new program called Safe Calculator puts a fresh spin on computer safety: it uses encryption to lock down the system and help protect important information from an attack. Safe Calculator: How it Works When active, Safe Calculator appears to be ... just another standard Windows-based calculator. However, it is designed to take an important piece of documentation, encrypt it and hide it within the application itself, similar to a virtual safe. (Source: techchuck.com ) In many ways, computer hackers and house burglars operate in a similar fashion: both enter without consent, wait until the owner ... (view more)

Banks are being warned of trouble ahead after approximately 20 ATMs, mostly in Eastern Europe, were compromised. The ATMs running Microsoft's Windows XP operating system were infected with malware that captures magnetic strip data and PIN codes. ... According to a report from Trustwave's SpiderLabs, the malware uses the strip data and PIN codes to access the private memory space of transaction-processing applications. Advanced Management Functionality Built into the Malware Attackers gain control over the ATMs by inserting specialized controller cards into the ATM's card reader. (Source: tgdaily. ... (view more)

Owners of RIM's BlackBerry beware: just because what you're carrying is much smaller than the average PC, don't expect hackers to ignore you. Research in Motion has recently revealed a security hole that could allow an intruder to take control of a ... BlackBerry device. In a statement issued late last week, Waterloo-based Research in Motion admitted that they'd discovered a gap that could potentially allow hackers to snag control of servers running the company's BlackBerry system. If that were to happen, intruders could then send emails throughout the system with infected PDF attachments -- if ... (view more)