Spyware Security » Hackers

2011 in Review: Exploits and Vulnerabilities

admin — Tue, 03 Jan 2012 15:01:33 +0000

In recent years, we have seen client-side software heavily targeted by hackers in search of vulnerabilities. 2011 saw these threats become more complex and sophisticated. We saw attackers increasingly use zero-day vulnerabilities, some of which have been particularly critical. Examples of these include the vulnerability Duqu exploited (CVE-2011-3402); a Java vulnerability (CVE-2011-3544); or Adobe zero-day [...]

Emergency Adobe Flash Player patch coming today

admin — Fri, 15 Apr 2011 22:04:11 +0000

Less than a week after warning that hackers were embedding malicious Flash Player files (.swf) into Microsoft Word documents to launch targeted malware attacks, Adobe plans to release an emergency Flash Player patch today to fix the underlying problem.The patch will fix a “critical” vulnerability inÂ Flash Player 10.2.153.1 and earlier versions for Windows, [...]

Adobe warns of new Flash Player zero-day attack

admin — Mon, 11 Apr 2011 21:04:07 +0000

Hackers are embedding malicious Flash Player files in Microsoft Word documents to launch targeted attacks against select businesses, according to a warning from Adobe.This latest Flash Player zero-day attack comes just weeks after EMC’s RSA Division was hit with a malware attack that used a rigged Flash (.swf) file embedded in a Microsoft [...]

Google Chrome gets last-minute bandaid before Pwn2Own

admin — Tue, 08 Mar 2011 21:03:27 +0000

Google isn’t taking any chances with this year’s CanSecWest Pwn2Own hacker challenge.Just days before the annual contest where hackers are invited to break into the three main web browsers, Google pushed out another Chrome patch to fix a whopping 24 security holes. Â The majority of these vulnerabilities are rated “high risk” and could lead [...]

From RSA 2011: Security, Social Media and Spies

admin — Fri, 25 Feb 2011 09:02:24 +0000

Like my colleagues, I also attended RSA 2011 Conference in San Francisco last week. As they have shared in their posts on the hackers and threats sessions, I would like to share some of my experiences and learnings on sessions involving social media, spies and security. Mapping an Organization’s DNA Using Social Media Abhilash Sonwane [...]

Lush Cosmetics Data Breach

admin — Fri, 21 Jan 2011 09:01:23 +0000

Lush Cosmetics, a handmade cosmetics company headquartered in Poole, Dorset in the United Kingdom with some 600 locations around the world, has ostensibly been the âvictim of hackersâ according to a post on their UK version web site http://www.lush.co.uk/ yesterday.

Read entire article

[...]

The Market for Vulnerabilities: How Hackers Profit

admin — Thu, 06 Jan 2011 15:01:54 +0000

As we noted a while back in our look at the 2011 vulnerability landscape, the number of software vulnerabilities in 2010 fell compared with the previous year though it still remained a significant threat to users. Developers like Google and Mozilla openly pay people or organizations who find and report vulnerabilities found in their software [...]

Will 2011 signal a Mac virus onslaught? Not so fast

admin — Fri, 31 Dec 2010 16:12:24 +0000

Is it really true that it’s only a matter of time before Macintosh users are under siege by a flood of viruses and malware? McAfee announced recently that 2011 would be a bad year for people using Apple computers, as hackers will be increasingly attracted by growing Mac market share. It’s not at all hard [...]

The rise of the citizen cyber-warrior

admin — Tue, 23 Nov 2010 17:11:26 +0000

Matthew Olney: Depending on where you sit in the spectrum of security, you might think that the Internet is unguarded and that hackers run about unchecked. You could be forgiven for thinking this, but you’d also be completely wrong.

Read entire article

[...]

Underground Credit Card Processor Compromised

admin — Sat, 14 Aug 2010 01:08:41 +0000

A group of hackers has recently published detailed information from an underground credit card company. On July 23rd, an anonymous group claimed to have compromised a server of an online credit card processor company. At that time, however, the extent of the compromise was unclear. Looking at the data that was published leads us to [...]