‘Blackhole’ attack tool spreads across the Internet
An online attack tool known as Blackhole has stormed onto the market in the first part of 2011 and is being used for large-scale attacks, according to experts. Security vendor AVG said in its latest quarterly security report that the…
One-fourth of SSL Websites at risk
More than a year after the Internet Engineering Task Force issued a security extension to the Secure Sockets Layer (SSL) protocol for a flaw that affects servers, browsers, smart cards, and VPN products, as well as many lower-profile devices such…
New PDF exploit hiding technique tricks antivirus engines
Researchers from AVAST warn of a new technique used by PDF exploits to evade antivirus detection. It relies on encoding the malicious code as an image object. AVAST first encountered this technique in a malicious PDF file a month ago…
Apple patches Pwn2Own
Comodo hack bugs. Apple April 14 patched bugs in iOS and Safari used at March’s Pwn2Own hacking contest by three teams of researchers. In an iOS update to version 4.3.2, Apple patched a bug exploited by two researchers, who hacked…
Skype for Android has a major security flaw
A major security flaw has been discovered in the Skype for Android app, which could put users’ private data in danger of being accessed by others. After discovering that a leaked beta version of the VoIP app was vulnerable to…
Verizon Customers Exposed to Epsilon Data Breach…
Customers of Verizon Communications had their e-mail addresses exposed in a massive online data breach the week of March 28, according to an e-mail to customers obtained by Reuters. In what could be one of the biggest such attacks in…
DHCP Client Allows Shell Command Injection…
The Internet System Consortium’s (ISC) open source DHCP client (dhclient) allows DHCP servers to inject commands that could allow an attacker to obtain root privileges, according to a new ISC advisory. The problem is caused by incorrect filtering of metadata…
Profile Spy Scam Hits Twitter…
Security researchers warn of a survey scam currently making the rounds on Twitter which tricks users by promising them the ability to view their profile visitors. According to a researcher from Errata Security, victims post spam messages that read “94…
Attack Hijacks Data Via Newer Windows Features…
Attack hijacks sensitive data using newer Windows features. Security researchers have outlined a way to hijack huge amounts of confidential network traffic by exploiting default behavior in Microsoft’s Windows operating system. The man-in-the-middle attacks described April 4 take advantage of…
Localized Facebook Scams On The Rise…
Security researchers warned that localized Facebook scams are becoming increasingly common as spammers attempt to reach as many users as possible. A researcher from Kaspersky Labs described a recent German scam that lured users with a video of a roller…