security

A security researcher says hackers could take control of millions of routers. Craig Heffner, of security firm Seismic, says half of the models he tested were vulnerable to a recently discovered hack. Routers, which allow an Internet connection to be ... shared among multiple computers, are extremely common -- especially for those of us who use high-speed Internet. Even if you own only one computer and don't share your connection with others in your household or office, chances are you're using a router of some kind. In short, the router acts as a gateway to the Internet and directs traffic back ... (view more)

It's often argued that restaurants are the most likely place for people to suffer credit card fraud. But a new report claims hotels are actually the most at-risk locations. The restaurant theory is based on the fact that people are more likely to ... hand over cards and let them out of their sight as they are taken away for processing. But security firm Trustwave believes the real danger isn't dishonest staff or venues, but rather criminals attempting to intercept data transmissions. 38% Of Fraud Cases Involved Hotels Trustwave recently evaluated credit card hacking reports for 2009 and found ... (view more)

Microsoft will next week unveil a series of security bulletins meant to address five security flaws. The fixes are part of the company's monthly Patch Tuesday release, and will most importantly fix a critical Windows XP Help Bug flaw in Windows' ... Help and Support Center. The series of fixes include four patches for the five vulnerabilities, three of which have been dubbed "critical" by Microsoft -- the company's highest level of alert. Each of these critical issues involve holes that, if exploited, could allow a hacker to launch a remote code execution attack upon an unsuspecting user's PC. ... (view more)

Are you still using Windows XP with Service Pack 2? If so, you'll want to take note of Microsoft's warning that it will terminate support of Windows XP Service Pack 2 (SP2) on July 13th, 2010. According to a recent PC Advisor poll, 37 per cent of ... respondents are still using Windows XP. Of that number, 15 per cent of those users still have not yet upgraded to Windows XP Service Pack 3. (Source: pcadvisor.co.uk ) Windows XP users who have not yet upgraded to Service Pack 3 will need to do so before July 13th, 2010 in order to continue receiving Microsoft's latest security updates. Without the ... (view more)

Microsoft is currently investigating the emergence of a new critical bug affecting users of Windows 2000 and Windows XP. The Redmond-based firm made the announcement via Twitter on Tuesday, and says the issue can be found in the dynamic link library ... (.DLL) file "mfc42.dll." Security firm Secunia posted a detailed report, which they say is based on a third party proof-of-concept exploit. It's suggested that the vulnerability can be exploited via PowerZip version 7.2 Build 4010, among other utilities that use the mfc42.dll file. (Source: pcmag.com ) Bug Affects Moderately Popular ... (view more)

Microsoft says more than 10,000 computers have been attacked through a bug in the Windows XP help system. Strangely, it has resisted criticizing the security researcher who publicized the security flaw. The bug involves the way XP directs web ... browsers towards help pages, having first checked the page against a "whitelist" to make sure it is legitimate. It's possible for hackers to exploit the flaw by fooling the computer during this checking process. The result is that the browser can be relocated to a page containing malicious software. Microsoft hasn't yet found a permanent solution to the ... (view more)

Microsoft is making it easier to help spread the word on incidents of Internet fraud and stolen personal data. In its latest corporate venture, the company has teamed with the National Cyber-Forensics and Training Alliance (NCFTA) to establish a ... centralized service called "Internet Fraud Alert." Security researchers now have one universal location for which to report any kind of stolen data, ranging from online account login information to credit card numbers. The service can also be used to warn financial institutions immediately after a security breach has been identified. Program ... (view more)

A recent hack of AT&T's web site has left over 100,000 Apple 3G iPad owners with exposed email addresses. It's feared the security hole could open the door to similar future hacks with more devastating results. Reporting on the hack is tech blog ... Gawker, which finds that a specialized hacking group was able to acquire 114,000 email addresses owned by iPad users when the former exploited a security gap in AT&T's central web site. The hacker group, known as Goatse Security, was also able to acquire the identification number these iPads use when communicating over AT&T's network, ... (view more)

Microsoft has identified a potential security risk in the Help function of Windows XP. But there is some controversy over the way the issue has come to light. This bug involves XP's Help and Support Center, and specifically a style of link which ... routes a browser to a help page built into Windows rather than a web page. Such links begin hcp:// rather than the more familiar http:// and are a way of making it easier to give online help and advice by allowing writers to include smooth links to Windows' own help pages. Whitelist Help Pages Spoofed Tavis Ormandy, an information security engineer ... (view more)

Thousands of legitimate websites have fallen victim to a widespread web attack. While the full extent of the attacks remain unknown, security analysts suspect that the hackers used what is called an "SQL injection attack" in an attempt to fool ... legitimate web sites into running malicious database commands. In short, the attack injects malicious HTML content into a web browser while users are viewing an otherwise legitimate site. If the malware is successfully installed, it opens a gateway which allows hackers to remotely control a PC. (Source: networkworld.com ) Up to 114,000 Sites ... (view more)