Monthly Archives: August 2011

OS X Lion accused of having huge network security hole

by Paul Ducklin on August 27, 2011 | 11 Comments

As a security friend quipped, "Have you seen the recent discussions online about LDAP network authentication on Lion clients? It's a really handy feature - if you forget your password, you can just make one up. A real helpdesk time saver!"

Apache exploit leaves up to 65% of all websites vulnerable

by Mark Stockley on August 26, 2011 | 6 Comments

A newly discovered vulnerability in the Apache web server could leave up to 65% of all websites vulnerable to low-powered denial-of-service attacks.

So you want to be Anonymous? Get Pricked, Don’t Be a Prick

by Chester Wisniewski on August 26, 2011 | 14 Comments

Guest blogger Mrs. W. shares her thoughts on how you can be Anonymous and change the world, without dumping innocent people's private details.

Welcome to Apple iCloud phishing attacks

by Graham Cluley on August 26, 2011 | 4 Comments

Be on your guard against emails offering to sign you up for Apple's iCloud service - it could be that you're being phished for your personal information, making money for internet fraudsters.

Apple hires jailbreaking iPhone hacker Nicholas Allegra

by Graham Cluley on August 26, 2011 | 7 Comments

Comex, the creator of the JailBreakMe website which helps iPhone and iPad owners jailbreak their phones, has been given an internship... at Apple.

Maine voter registration system breached. Or not.

by Paul Ducklin on August 26, 2011 | 1 Comment

Reports surfaced on Wednesday that the US state of Maine might have suffered a breach in its voter registration system.

The good news, however, is that whilst a breach might have happened, it didn't.

Real Canadian pharmacies cost Google $500 million dollars

by Chester Wisniewski on August 26, 2011 | 15 Comments

Google has agreed to a settlement with the US Department of Justice for $500 million for assisting advertisers to place illegal ads on AdWords for Canadian pharmaceuticals.

Android keylogging with no access to keystrokes?

by Paul Ducklin on August 26, 2011 | Leave a comment

July and August often produce some intriguing and unusual computer security research.

We've already written about BlackHat and DEFCON. Here's something from the USENIX HotSec workshop to pique your interest.

UK police charge man in connection with Anonymous DDoS attacks

by Graham Cluley on August 25, 2011 | 9 Comments

A 22-year-old student has been charged by British police in connection with denial-of-service attacks carried out by the Anonymous hacktivist group.

Which begs the question - Is being an internet hacktivist really worth the risk?

Scan from a Xerox WorkCentre? Trojan attack spammed out widely

by Graham Cluley on August 25, 2011 | 6 Comments

Emails claiming to come from a Xerox WorkCentre Pro photocopier have been spammed widely across the internet, containing a malicious file as an attachment.

It seems like today's spammed-out malware campaign could have chosen an all-too-convincing technological disguise.

Password joke named funniest at Edinburgh Fringe

by Graham Cluley on August 25, 2011 | 60 Comments

A joke about passwords has won a competition for the funniest joke at the Edinburgh Fringe.

Can you do better?

Anonymous gets dirty, releases nude photos of BART spokesman Linton Johnson

by Graham Cluley on August 24, 2011 | 7 Comments

Partially nude photographs of a man said to be Linton Johnson, the chief spokesperson for the San Francisco's BART, have been released onto the internet in what seems to be the latest outbreak of hostility between the transport network and the Anonymous hacktivist group.