security

Security experts at Kaspersky Lab, one of the leading anti-virus and computer security firms, recently announced they were able to take control of a hacker-built botnet containing more than 100,000 compromised computers. Unfortunately, less than 24 ... hours after the successful takedown, Kelihos, the cybercriminal gang behind the botnet, has already started building a new, large-scale collection of compromised computers to replace the one taken down. To stop the initial botnet, Kaspersky specialists used a method called "sinkholing." This technique involves direct infiltration of the botnet's ... (view more)

A new hacking group has emerged under a familiar name: LulzSec. Infiltrating dating and communications sites, its activity has led experts to fear that more copycat hacking organizations will emerge this year. The new group calls itself LulzSec ... Reborn, a clear rip-off of the LulzSec name made infamous last year. That rather unique moniker came from a combination of hacker lingo for "laughing out loud" with a short-hand name for "security." First Target of 'LulzSec Reborn' Attack: Single Soldiers The new group's first target was MilitarySingles, an online dating site for soldiers and other ... (view more)

According to a new report from Verizon, the majority of data stolen last year was the work of "hacktivists," many of whom were hoping to send a political message. According to security experts, this means that attacks by hackers seeking financial ... gain were, for the first time ever, overshadowed by other motivations for breaching security systems. The report, called "Data Breach Investigations," details examinations by Verizon of 855 security breaches. Ninety of the attacks were found within the ranks of Verizon's own customers, and 765 came from law enforcement agency ... (view more)

Microsoft says it has fixed only one 'critical' security flaw this Patch Tuesday. However, it appears to be a highly significant vulnerability. For those not familiar with the terminology, 'critical' vulnerabilities are those rated to be most in ... need of addressing. Flaw Could Allow Remote Code Execution The 'critical' security flaw is a remote code execution vulnerability in Microsoft's Remote Desktop Protocol (RDP). Every version of Windows is reportedly left vulnerable by the problem. So long as the vulnerability remains unpatched, Microsoft says, a hacker who is able to convince a computer ... (view more)

A new study conducted by Trustwave, an IT research firm, is providing a startling look at the security vulnerabilities and hacking trends within computer systems used in the business world. For example, the Global Security Report for 2012 shows that ... the most popular computer password selected by business users is "Password1". Of the 2.5 million passwords Trustwave studied in total, about 5 per cent contained the word "password." (Source: slashgear.com ) According to Trustwave, "Password1" is so popular because "it satisfies the default Microsoft Active Directory complexity setting," ... (view more)

According to NASA (the National Aeronautics and Space Administration), in recent years, it has become an increasingly popular target for high-tech hackers. In 2007 and 2008, China was suspected to have hacked into NASA satellites , though no formal ... evidence linking China to the attacks has been brought forward. The agency says its systems were hacked approximately thirteen times in 2011 alone. "The threat to NASA's information security is persistent and ever-changing," noted Congressman Paul Braun at a recent meeting of the House Science, Space and Technology subcommittee. "Unless NASA is ... (view more)

Members of the international hacking group LulzSec ("Lulz Security") have discovered their worst nightmare may have come true. It appears that one of the group's leading figures was working as an undercover FBI (Federal Bureau of Investigation) ... informer for the past nine months. The news emerged this week with the arrest of five suspects in the United States, the United Kingdom and the Republic of Ireland. All those arrested are said to be members of the LulzSec group, which emerged last summer and quickly made a name for itself as a leading organization of highly proficient hackers ... (view more)

An estimated 200,000 computers may be at risk because they are running an un-patched edition of Symantec's PC Anywhere. Late last month, Symantec urged all users to cease running the program unless absolutely necessary. The firm later changed its ... mind, announcing that it was safe to run as long as new security patches were installed. PC Anywhere became vulnerable when hackers threatened to release source code originally stolen six years ago, apparently without Symantec's knowledge. The hackers attempted to extort the company for $50,000 and then released the code publicly when it refused to ... (view more)

Google has temporarily suspended one of the features on its mobile wallet system for smartphones following word the platform has at least two serious security flaws. Google Wallet allows users to make payments using "near-field communications," a ... wireless protocol like Bluetooth, but with a maximum range of just centimeters. Users can hold, tap or swipe their smartphone next to a payment device without having to worry about the signal being intercepted. 'Brute Force' Could Break Code The system can be protected with a PIN (personal identification number) code, to prevent misuse when ... (view more)

Microsoft's online store in India was compromised over the weekend by a group of Chinese hackers calling themselves the "Evil Shadow Team". The hackers were able to extract user IDs and passwords of the site. While many are questioning how the ... hackers were able to breach Microsoft's security system, more troublesome is the realization that the company might not have taken the proper steps to secure the credentials of their customers prior to the attack. Reportedly, Microsoft stored both login IDs and passwords for its users in plain text files, without any encryption system in place to ... (view more)