Monthly Archives: June 2012

ADP spams lead to a nasty surprise

ADP spams lead to a nasty surprise

Watch out folks! Spams are making the rounds pretending to be from ADP, but lead you to the dreaded Blackhole exploit kit.

Zero-day XML Core Services vulnerability included in Blackhole exploit kit

CVE-2012-1889 code in Blackhole exploit kit

Shortly after our original advisory about the latest zero-day vulnerability in Microsoft XML Core Services (CVE-2012-1889), code to exploit the vulnerability was seen in a Blackhole exploit kit. The start of widespread adoption and panic bells for users?

SWAT team raids wrong home in open WiFi network cock-up [VIDEO]

SWAT team raids wrong home in open WiFi network mix-up [VIDEO]

A heavily-armed police SWAT team broke down the door of a house in Evansville, Indiana, smashed windows and tossed a flashbang stun grenade into a living room.. all because of an unsecured WiFi connection.

How secure are Apple's iPhone and iPad from malware, really?

iphone-thumb

In the five years since the first iPhone was released, there has never been a serious known case of iOS malware on an non-jailbroken device.

But should users really be congratulating Apple for iOS devices' apparent security?

Anatomy of a bug: latest Firefox 'new tab' feature thumbnails HTTPS pages

Anatomy of a bug: Firefox 'new tab' feature thumbnails HTTPS pages

The latest release of Firefox has been called "unlucky version 13" because it creates web page thumbnails even of secure content, sparking privacy fears.

But is this really a bug? And if so, do any of the "fixes" circulating online actually work? Paul Ducklin finds out.

Apple's Siri voiceprints raise privacy concerns

Apple's Siri voiceprints raise privacy concerns

Most of us likely wouldn't want Apple to store a copy of our DNA or our fingerprints, but that's pretty much what it's doing with another one of our biometric identifiers: namely, our voices.

Automatic daily security updates coming for OS X Mountain Lion

mountain-lion-thumb

The new version of Mac OS X, Mountain Lion, is just around the corner and contains a feature which should go down well with security-minded end users.

Scarlett Johansson's stolen nude photos could cost hacker $66,179.46 and five years in prison

scarlett-thumb

Prosecutors are calling for nude photo hacker Christopher Chaney to be sentenced to six years in jail, and pay damages to exposed celebrities.

State of Alaska fined $1.7 million for lax security protecting health records

State of Alaska fined $1.7 million for lax security protecting health records

The State of Alaska has been fined $1.7 million after losing a hard disk that may have contained electronic health records. The investigation by HHS into the loss led them to discover systememic security problems within the state.

Truly embarrassing Facebook status updates exposed by website

hangover-thumb

Remember, if you post updates publicly, potential or current employers have a harbor-front seat to whatever flavor of debauchery floats your boat.

FBI arrests 24 in internet credit card fraud ring

FBI arrests 24 in internet credit card fraud ring

The FBI charged 28 and arrested 24 in the bust of a major internet credit card fraud ring today. The accused were involved in a large variety of fraud schemes involving 411,000 credit cards and over $205 million.

FTC files complaint against Wyndham Hotels for not protecting sensitive customer information

FTC files complaint against Wyndham Hotels for not protecting sensitive customer information

Wyndham Hotels is being sued by the US Federal Trade Commission for lax security measures. Will suits like this raise concerns among other organizations that are careless with our personal information?

Watch out! Widespread wire transfer confirmation emails carry malware

money-transfer-thumb

Cybercriminals have widely spammed out a malware campaign today, posing as a confirmation email about a wire transfer.

You may not be the kind of person who would fall for the attack, but can you say the same for your friends and family members?

Jobs website of major hotel chain serving malware, linked to other attacks

reception-thumb

The jobs website of a major international hotel chain is silently serving up malware to visitors.

And curiously, the security breach appears to be connected to other recent high profile attacks. Paul Baccas of SophosLabs looks deeper.

What you need to know about Facebook sneakily swapping users' default email addresses to @facebook.com

fb-contact-thumb

Have you checked the contact information you list on your Facebook profile? Chances are that it's now listing an @facebook.com email contact address for you.

Learn how to change your settings to make the email address invisible, and to control who can message you.

State-sponsored cybercrime on "industrial scale" says MI5 chief

mi5-thumb

One company lost £800m as a result of hostile state cyber attack, says British Security Service chief.

'Evil' network hacker sent to prison for two-and-a-half years

'Evil' network hacker sent to prison for two-and-a-half years

An Australian hacker from the New South Wales country town of Orange has been sent to prison for two-and-a-half years.

David Cecil, who went under the handle 'Evil', was arrested a year ago following a six-month investigation.

TechRadar latest site to have usernames and passwords stolen

TechRadar latest site to have usernames and passwords stolen

Tech news site TechRadar is alerting users that their username, password, email address and date of birth have been accessed by hackers.

LulzSec hacking duo plead guilty to string of attacks against US and UK websites

LulzSec hacking duo plead guilty to string of attacks against US and UK websites

Jake Davis and Ryan Cleary have entered guilty pleas to some of the charges against them related to LulzSec attacks on high profile websites last year.

Photo.zip - Stolen nude photos and police investigations. Malware attack spammed out

nude-back-thumb

Computer users are being warned to be wary of email messages which suggest they contain nude photographs of girlfriends, or claim that they have been reported to the police, as the attached file (Photo.zip) really contains a Trojan horse.