Denial of Service
Right on time, Microsoft and Adobe released fixes today for Windows, Internet Explorer, Microsoft Office 2003 and 2011 and Adobe Flash Player. Time to dance that familiar dance and get those updates installed.
Small businesses are under constant attack from malware, scams and online fraud. They are simply woefully under-prepared to keep their assets safe. Despite reorganisation and redirected priorities, the police can still do little to help. Here are some general tips from the FSB to help firms better protect themselves.
Malware targeting point-of-sale (POS) systems has been a major trend for the last six months. With easy pickings to be had from mom-and-pop shops, this pattern is only going to grow until people start fighting back with better system security, and ideally better payment card systems.
Virus Bulletin's Technical Director John Hawes takes a look....
It's "a public service on a public connection to other public servers", the operator of RageBooter told Brian Krebs, and if sites don't like getting their socks knocked off in DDoS attacks, they should fix recursive DNS and default DNS server settings.
Oh, and yes, he says, he not only cooperates with the FBI, he works with them. He's busy on Tuesdays around 1 p.m., so try later if you need to to launch an attack.
Graham Cluley argues that it's not cool, or funny, to hack into companies, expose the private information of members of the general public, and to launch denial of service attacks.
Microsoft has just released its monthly updates for May 2013. The zero-day IE flaw used on the Dept of Labor website was fixed, as well as an IE 10 hole used at PWN2OWN.
Critical fixes for Adobe Reader, Flash Player and ColdFusion also hit the streets today.
A 21-year-old British man has pleaded guilty to charges that he attempted to bring down a number of websites, including those belonging to Oxford and Cambridge universities, as well as the site belonging to the Kent Police force who ultimately arrested him.
Southwark Crown Court in London has heard that three members of the LulzSec hacking gang have chosen to plead guilty to charges that they launched distributed denial of service (DDoS) attacks against a series of organisations including the CIA and the UK's Serious Organised Crime Agency.
The FBI and DHS are seeing dozens of attacks on ambulance and hospital communication lines as extortionists demand $5,000 for supposedly unpaid payday loans.
The largest recorded DDoS attack has been ongoing for over eight days now, causing slowdowns and errors throughout the internet. Is this a one time scenario or does this expose a greater weakness in the world's largest network?
After celebrity Web 2.0 journalist Mat Honan had all his iDevices remote-wiped by a cybercrook last year, Apple's login security has been under scrutiny.
Good news! Apple has finally bitten the bullet and started offering two-factor verification for Apple ID users...
Computer networks belonging to South Korean TV broadcasters and at least two major banks have been disrupted by what some have suggested was a malicious internet attack originating in North Korea.
It's that time of the week again - here's your roundup of everything we wrote in the last seven days.
Brian Krebs was the victim of a caller ID spoof that resulted in armed police surrounding his house. He's pretty sure about the criminal element responsible and has linked the perpetrator(s) to a denial-of-service attack against Ars Technica following its report of Krebs's ordeal.
We've written before about Bitcoin problems caused by the exchanges that let you trade real money into and out of bitcoins.
This time, it wasn't the surrounding ecosystem that turned out to have feet of clay, but the software behind Bitcoin itself...