Ad: Manage updates with the Download App
ie8 fix

Vulnerabilities and attacks

Known keycard hack suspected in hotel room burglary

A known hack of a popular hotel keycard reader was allegedly employed in the burglary of a woman's hotel room in Texas.

The hack, which was detailed at a security conference in July, was allegedly used in September to break in to the Houston Hyatt hotel room of Janet Wolf, a Dell IT services consultant, who reported the theft of her laptop. Lacking any sign the lock had been picked, suspicion immediately fell upon the maid service. However, hotel management soon determined that none of the maids' keys had been used to open the room at the time of … Read more

Yahoo Mail hijacking exploit selling for $700

An exploit selling for $700 may put millions of Yahoo Mail users at risk of having their e-mail account hijacked and their browsers redirected to malicious sites.

Marketed by an allegedly Egyptian hacker on a cybercrime forum, the exploit targets a cross-site scripting (XSS) vulnerability in Yahoo.com that allows attackers to steal and replace tracking cookies, as well as read and send e-mail from a victim's account. Typically, an attacker will encode a malicious link in e-mails; the script is executed when the unsuspecting recipient clicks on the link, allowing access to the cookies and other sensitive information. … Read more

Israel government Web sites hit by hacker blitz

Israel's government Web sites have been bombarded by hackers in the last couple of days, logging more than 44 million hacking attempts since Israel launched the Gaza air strikes on Wednesday.

One of the attempts was successful, Finance Minister Yuval Steinitz told Reuters, noting that an unidentified site was offline for about 10 minutes before being resurrected. Popular targets include defense-related sites, as well as those of Israel's prime minister, president, and Foreign Ministry.

Most of the attacks have been traced to Israel and the Palestinian territories.

"The ministry's computer division will continue to block the … Read more

Anonymous targets Israeli Web sites in protest over Gaza

Anonymous is in the midst of a hacking campaign against a number of Israeli sites in protest of attacks taking place on Gaza.

The hacking spree, dubbed OpIsrael and begun early Thursday, has resulted in so many Israeli Web sites being defaced or shut down through methods including denial of service (DoS) attacks, that it's hard to keep count. However, some enterprising hacktivists have begun compiling lists of affected Web sites. Targets have included governmental, retail, and business sites -- some belonging to the automotive and fashion industries.

The Bank of Jerusalem, one of Israel's largest financial institutions, … Read more

Obama reportedly signs secretive cybersecurity policy directive

President Obama has long said cybersecurity is one of his priorities and it appears he is now acting on his words.

According to the Washington Post, he is said to have signed a secret policy directive last month that will give the military and other government authorities the ability to act quickly if the country comes under cyberattack.

Dubbed the "Presidential Policy Directive 20," this classified document allegedly outlines the rules of how federal agencies are allowed to react when it comes to online breaches of security, hacking, cyberthreats, and attacks.

One of the major elements of the … Read more

China cyber-espionage threatens U.S., advisory group warns

Congress needs to take action to deflect the growing threat of Chinese cyber-espionage against the U.S., a U.S. commission recommends in a new report.

Released today, the 500-page annual report to Congress by the U.S.-China Economic and Security Review Commission details various security issues concerning China. But the commission expressed particular fear over the country's ongoing cyberwarfare efforts.

Calling China the "most threatening actor in cyberspace," the report found that in 2012, Chinese state-sponsored hackers continued to target computers systems run by the U.S. government and military as well those maintained in … Read more

Skype fixes e-mail security flaw

Skype has resolved a nasty e-mail and password security bug and reinstated its password reset page.

Revealed by Skype earlier today, the vulnerability allowed someone to create a Skype account using the same e-mail address as that of the intended victim. That person was then able to reset the password for all accounts associated with that address, thereby locking out the account owner from Skype.

As a precaution, Skype earlier today took down its password reset page to prevent hackers from taking advantage of the flaw. But the company managed to resolve the security hole not long after announcing it, … Read more

Skype disables password resets due to e-mail security flaw

Update, 10:25 a.m. PT: Skype has since resolved the security issue and reinstated the password reset page.

Skype is investigating a security problem that allows someone to take over a user's account by resetting the account password.

The VoIP service provider best known for video calls confirmed in its blog today that it has taken down its password reset page as it probes the issue:

We have had reports of a new security vulnerability issue. As a precautionary step we have temporarily disabled password reset as we continue to investigate the issue further. We apologize for the … Read more

Cyberattacks against Lockheed have 'increased dramatically'

Cyberattacks against Lockheed Martin -- one of the largest defense contractors for the U.S. government -- have stepped up significantly in both pace and savvy, according to Reuters.

"The number of campaigns has increased dramatically over the last several years," Lockheed vice president and chief information security officer Chandra McMahon said in a news conference today, according to Reuters. "The pace has picked up."

McMahon claims that roughly 20 percent of the attacks are being perpetuated by other countries or groups that aim to steal information or threaten the company's operations. She told reporters … Read more

Ransomware a growing menace, says Symantec

Cybercriminals gangs are creating a surge in ransomware, says a new report from Symantec.

Ransomware is a type of malware best described as an online extortion racket. Malware locks or disables your PC in some way and then demands payment in the form of a "fine" to render your PC usable again. Like most scams, the ransomware message claims to come from a legitimate organization, such as the government or a public corporation, to try to convince victims that they did something wrong to incur the fine.

But paying the fine does nothing since the initial malware remains … Read more