Chinese hackers have figured out a way to generate iTunes gift card keycode numbers and help themselves to songs from Apple's music store. The hackers have been selling pirated $200 iTunes gift cards on Taobao for as little as 17.9 RMB, or just $2.60--a savings of almost 99 percent!… Read more
A date has been set for a High Court judicial review of NASA hacker Gary McKinnon's case.
The review, set for June 9 and 10, will focus on whether McKinnon's diagnosis with Asperger's syndrome was taken into account during his appeals process.
McKinnon's mother, Janis Sharp, told ZDNet UK about the judicial review date via an e-mail on Friday. Sharp said she had felt "broken" and "beaten up" by a Crown Prosecution Service decision on Thursday not to prosecute McKinnon in the U.K., but that she was now "getting back … Read more
The Crown Prosecution Service has decided it will not prosecute self-confessed NASA hacker Gary McKinnon in the U.K., edging him closer to extradition to the U.S.
McKinnon's diagnosis with Asperger's Syndrome, a condition on the autistic spectrum, had not been taken into account in the decision, a Crown Prosecution Service (CPS) spokesperson told ZDNet UK on Thursday.
U.S. authorities last year won the extradition of McKinnon to face charges of breaking into 97 military and NASA computers. In December, McKinnon's legal team sent a letter to the CPS in which he confessed to offenses … Read more
Update at 8:45 a.m. PST: Information from security firm Symantec added.
Attackers are making the rounds and exploiting a critical security flaw in Adobe Reader 9 and Acrobat 9.
Earlier versions of the PDF-related software are also affected by the critical security flaw, which could cause the applications to crash and potentially let an attacker gain control of a person's computer, Adobe Systems warned Thursday.
Reports also surfaced that attackers have developed an exploit and are taking advantage of the flaw, the company said.
Adobe has yet to develop an update to address the vulnerability but noted … Read more
An independent audit of a data breach at security firm Kaspersky's U.S. Web site has confirmed that no customer data was exposed, Kaspersky said on Friday.
A Romanian hacker site used a SQL injection and cross-site scripting attack to get access to a database on a Web site of the Moscow-based Kaspersky and publicized the attack on Saturday.
In the report, Litchfield concludes that an attacker based in Romania used Google to search for Web servers owned by Kaspersky running applications … Read more
Helsinki-based security firm F-Secure said on Thursday that a breach of its Web site earlier in the week by a Romanian hacker site was limited in scope and impact.
On Wednesday the HackersBlog site said it had used a SQL injection and cross-site scripting attack to get access to data on an F-Secure Web site. Earlier, the site had launched similar attacks on a site of security firm Kaspersky and one belonging to a partner of BitDefender.
F-Secure said the problem with its site was due to a bug in a Web application and not related to an unpatched system.… Read more
A Romanian hacker site said on Wednesday it was able to breach the Web site of Helsinki-based security firm F-Secure just as it had gained access to the sites of two other security companies earlier in the week.
F-Secure is "vulnerable to SQL Injection plus Cross Site Scripting," an entry on the HackersBlog site said. "Fortunately, F-Secure doesn't leak sensitive data, just some statistics regarding past virus activity."
An F-Secure spokesman said the company had taken the affected server down and that it was a low-level server that was not critical to the company and … Read more
Updated 3:10 p.m. PST with comment from BitDefender.
Moscow-based security firm Kaspersky has hired a security expert to investigate the weekend breach of its U.S. site, the company said Monday.
Meanwhile, the hacker site claiming credit for the breach said on Monday that it had done the same compromise on the Portuguese Web site of antivirus provider BitDefender.
In a statement, BitDefender said an unnamed partner site was compromised and that the company was investigating the incident to help the partner prevent it from happening again. "This was an unfortunate event and while we sympathize with … Read more
The U.S. Web site of Russian antivirus vendor Kaspersky Lab was hacked over the weekend, exposing the company's customer database. But Kaspersky denies any data was compromised and says the vulnerability wasn't critical.
An unidentified hacker reported over the weekend that he was able to access a complete profile of the company's databases, revealing its clients' names, activation codes, list of bugs the company tracks, and client e-mail addresses.
The hacker claims to have hacked Kaspersky's databases using an SQL injection attack, which exploits a vulnerability in an application's database layer.
The method has … Read more