Security

With thousands of people flocking to social networking sites each day, a campaign to reduce the ever-increasing spam attacks on Twitter should come as little surprise. What is unusual, however, is where funding for the research needed to crack down ... on Twitter spammers is coming from: Google. Google is offering a grant to researchers at Texas A ... (view more)

An Australian supermarket chain has admitted it has found viruses on its self-service photo kiosks. The company is now working on adding anti-virus software to the machines. The incident involves Big W outlets, part of the Woolworths chain. It has ... 1,800 kiosks that allow users to print their own photographs direct from a digital source. One customer, who unfortunately for the chain writes a blog about computer security, found that after using a kiosk his USB stick was infected with a Trojan horse. The Trojan soon after prepared to attack his computer by disabling antivirus programs, and ... (view more)

According to reports, a flaw in the Windows XP operating system, which was first reported last week by a Google researcher, has been exploited by hackers in an attempt to spread malware. The flaw was reported on Monday , and is related to a ... vulnerability in Windows XP's Help function. A Google researcher by the name of Tavis Ormandy discovered that the web link script used in XP's Help and Support Center could be manipulated in order to route users towards malicious online content. (Source: itproportal.com ) Google Researcher Publishes Hacking Guide To Microsoft's disappointment, Ormandy ... (view more)

Microsoft recent criticized Google for publicly disclosing a remote code execution vulnerability affecting Windows XP and Server 2003. The problem was first reported to Microsoft on June 5th, but most of the world knew about it only four days later. ... This did not sit well with Microsoft, as the company believes that they were ousted before any meaningful repairs could be made to combat the issue. Worse yet, the company believes that revealing the situation to the public could have put users in danger. Windows XP, 2003 Consumers At Risk In an emotionally-charged rebuttal, Microsoft spokesperson ... (view more)

A recent hack of AT&T's web site has left over 100,000 Apple 3G iPad owners with exposed email addresses. It's feared the security hole could open the door to similar future hacks with more devastating results. Reporting on the hack is tech blog ... Gawker, which finds that a specialized hacking group was able to acquire 114,000 email addresses owned by iPad users when the former exploited a security gap in AT&T's central web site. The hacker group, known as Goatse Security, was also able to acquire the identification number these iPads use when communicating over AT&T's network, ... (view more)

Microsoft has identified a potential security risk in the Help function of Windows XP. But there is some controversy over the way the issue has come to light. This bug involves XP's Help and Support Center, and specifically a style of link which ... routes a browser to a help page built into Windows rather than a web page. Such links begin hcp:// rather than the more familiar http:// and are a way of making it easier to give online help and advice by allowing writers to include smooth links to Windows' own help pages. Whitelist Help Pages Spoofed Tavis Ormandy, an information security engineer ... (view more)

Thousands of legitimate websites have fallen victim to a widespread web attack. While the full extent of the attacks remain unknown, security analysts suspect that the hackers used what is called an "SQL injection attack" in an attempt to fool ... legitimate web sites into running malicious database commands. In short, the attack injects malicious HTML content into a web browser while users are viewing an otherwise legitimate site. If the malware is successfully installed, it opens a gateway which allows hackers to remotely control a PC. (Source: networkworld.com ) Up to 114,000 Sites ... (view more)

Facebook users are once again being warned of a new online scam designed to send unsolicited messages to all of their friends via the social network site. The warning comes from Sophos, a well-trusted security developer and vendor of anti-virus, ... anti-spyware and anti-spam software. Sophos announced that "hundreds of thousands" of Facebook users have already been duped by what is being referred to as the "likejacking" scam. The most common form of the likejacking reported by victims starts with a message carrying the tagline "This man takes a picture of himself EVERYDAY for 8 YEARS!" The ... (view more)

A researcher at the UK's University of Reading has given new meaning to the term "having caught a virus." Dr. Mark Gasson has actually self-implanted an RFID (radio frequency identification) chip into his wrist, and then purposely infected it with a ... computer virus. The virus itself was installed onto a corrupt RFID tagging chip. This is the same kind of tracking mechanism that is sometimes embedded into pets to help identify them if they become lost. The device works by using electromagnetic energy to transmit small amounts of data. For pets, however, the data is simple code that corresponds ... (view more)

A new survey appears to confirm what most would suspect: people who discover security flaws make more money selling the details to criminals than to legitimate security companies. Research firm "Unsecurity" has carried out a survey of people who ... have discovered zero-day vulnerabilities and them sold them to security companies that then use the data to improve their products. Zero-day vulnerabilities occur when the original software manufacturer is unaware of a security risk in a software program. The name comes from the idea that once the manufacturer discovers the problem, there's ... (view more)