Monthly Archives: October 2011

Tsunami Trojan Hijacks Mac OS X to Launch DDoS Attacks, Remote Access

Malware authors have ported a Trojan originally written for Linux systems to hijack Mac OS X systems, security researchers found. Once compromised, the Macs could be used to launch denial-of-service attacks. The Tsunami Trojan works by latching onto a host. … Continue reading

Posted in News | Leave a comment

Attackers trick Facebook users into exposing secret security codes

New social engineering attacks are tricking Facebook users into exposing anti-CSRF tokens associated with their sessions. These security codes allow attackers to make unauthorized requests through the victim’s browser. Cross-site request forgery (CSRF) is an attack technique that abuses the … Continue reading

Posted in News | Leave a comment

Hackers reportedly behind U.S. government satellite disruptions

Hackers are believed to have interfered with two U.S. satellites used to observe the earth’s climate and terrain four times in recent years, according to a draft report to a government covered by Bloomberg Businessweek today. A Landsat-7 Earth observation … Continue reading

Posted in News | Leave a comment

Researchers demo cloud security issue with Amazon AWS attack

Researchers from the Horst Goertz Institute (HGI) of the Ruhr-University Bochum (RUB) in Germany have demonstrated an account hijacking attack against Amazon Web Services (AWS) that they believe affects other cloud computing products as well. The attack uses a technique, … Continue reading

Posted in News | Leave a comment

RSA Attackers May Have Hit 760 Other Organizations With Similar Malware

Security professionals believe the attack on RSA Security was not an isolated event and that several hundred other companies around the world were hit by similar incidents. The malware used to compromise RSA Security earlier this year may have been … Continue reading

Posted in News | Leave a comment

XML encryption, used to secure communications between Web services, can be exploited so that sensitive information is decrypted

XML Encryption is used for securing communications between Web services by many companies, including IBM, Microsoft and Red Hat. Researchers Juraj Somorovsky and Tibor Jager from the Ruhr University of Bochum (RUB) in Germany, devised an attack that decrypts data … Continue reading

Posted in News | Leave a comment

Over a million web sites affected in mass SQL injection attack

Security researchers from Armorize have intercepted a mass SQL injection attack, targeting ASP ASP.NET websites. The mass infection, redirects users to a web malware exploitation kit, attempting to exploit vulnerabilities in Adobe PDF or Adobe Flash or Java, with the … Continue reading

Posted in News, Uncategorized | Leave a comment

Oracle patches Java flaw exploited in SSL BEAST attack

Oracle has released a new Java security update to address multiple vulnerabilities, including one exploited during a recently¬†¬† disclosed attack that can allow eavesdropping on encrypted communications. Last month at the Ekoparty security conference in Buenos Aires, security researchers Juliano … Continue reading

Posted in News | Leave a comment

Bad Siri! She’ll let anyone use a locked iPhone 4S

The voice-activated feature on the new iPhone4S will let anyone use the phone to send e-mails and text messages and make calls even if it is passcode locked, security firm Sophos revealed today and CNET has confirmed. Try it. Grab … Continue reading

Posted in News | Leave a comment

First came Stuxnet computer virus: now there’s Duqu

Security software firm Symantec said in a report it was alerted by a research lab with international connections on Friday to a malicious code that “appeared to be very similar to Stuxnet.” It was named Duqu because it creates files … Continue reading

Posted in News | Leave a comment