News

Hackers and cybercrime prevention

• June 17, 2011 17 Jun'11

  Chinese software flaw makes infrastructure vulnerable, warns report

  China's public infrastructure is vulnerable to cyber attack because of vulnerabilities in software used to run weapons systems, utilities and chemical plants, according to Reuters.

• June 07, 2011 07 Jun'11

  Adobe patches Flash to fix zero-day XSS vulnerability

  ‘Important’ cross-site scripting vulnerability in Flash Player on all platforms mitigated to combat zero-day attacks in the wild.

• June 03, 2011 03 Jun'11

  Hacker group Anonymous steals 10,000 Iranian government e-mails

  Hacking group Anonymous has hacked into Iranian government servers and stolen more than 10,000 e-mail messages from the Ministry of Foreign Affairs, say US reports.

• June 02, 2011 02 Jun'11

  E-mail accounts of senior US officials targeted in Chinese hack attack

  Chinese hackers have accessed the accounts of hundreds of Gmail users, including senior US officials, Chinese political activists, military personnel, journalists and officials in several Asian countries, Google has said.

• May 17, 2011 17 May'11

  Government vigilance steps up after George Osborne reveals extent of cyber attacks

  Security experts have called for UK government departments to be vigilant after chancellor George Osborne revealed that 20,000 e-mails are sent by hostile intelligence agencies to the UK government each month.

• April 29, 2011 29 Apr'11

  Store dealing with dishonest employees uses internal theft prevention software

  A London-based sushi chain expects to save almost £1 million this year with the help of new fraud-detection software.

• April 20, 2011 20 Apr'11

  Infosec 2011: APT attacks a real threat to business, says security panel

  Advanced Persistent Threats are a reality and cannot be dismissed as a myth or media hype, according to a panel of experts debating the top threats at Infosecurity Europe 2011 in London.

• April 07, 2011 07 Apr'11

  Sophisticated cyber thieves behind Epsilon data breach, says parent company

  US marketing firm Epsilon was hit by one of the biggest data thefts to date, the work of highly sophisticated cyber thieves, says parent company Alliance...

• March 28, 2011 28 Mar'11

  Spotify hit by malicious ads

  Spotify, the popular streaming music service, has been displaying malicious advertisements to users of its Free version.

• March 25, 2011 25 Mar'11

  Hackers steal member email details from TripAdvisor site

  A number of TripAdvisor members may receive spam after hackers stole email details from the travel website.

• March 18, 2011 18 Mar'11

  RSA hit by advanced persistent threat attacks

  RSA, the security division of EMC, has revealed that attackers have stolen information from the company's IT systems

• March 15, 2011 15 Mar'11

  Adobe warns of zero-day vulnerability in Adobe Flash

  Adobe has published a security advisory for a critical vulnerability in Adobe Flash that can be used to take control of an attacked machine.

• March 10, 2011 10 Mar'11

  Advanced persistent threats - are businesses prepared?

  Businesses usually attain adequate levels of IT defences at the point that it becomes more cost effective for cyber criminals to target someone else.

• March 07, 2011 07 Mar'11

  France's G20 files target of cyber attack

  France's files on the G20 meetings were the target of a cyber attack, the country's finance minister has confirmed.

• March 07, 2011 07 Mar'11

  HSBC uses token to secure smartphone banking

  HSBC is sending four million online banking customers a security token which will enable them to log in to their online bank account wherever they are, without using a card reader.

• March 07, 2011 07 Mar'11

  Malvertising, pop-up ad virus problems demand more user protection

  A recent pop-up ad infection on the London Stock Exchange's website highlights the growing scourge of malicious advertising, or malvertising.

• February 25, 2011 25 Feb'11

  nullcon 2011 Day Zero: Photo feature

  Botnet detection, fuzzing intricacies, Zeus MitMo, VoIP attacks, and more. nullcon Day Zero saw considerable action worth the capture.

• February 24, 2011 24 Feb'11

  ISC releases security fix for Bind DoS vulnerability

  The Internet Systems Consortium has published an advisory and an update for the Bind domain name system software versions 9.7.1 to 9.7.2-P3.

• February 24, 2011 24 Feb'11

  Exxon, Shell, BP hacked in Night Dragon attacks

  Exxon Mobil, Royal Dutch Shell and BP were among the oil companies targeted by hackers working through internet servers in China, say US reports.

• February 24, 2011 24 Feb'11

  Microsoft fixes security flaw in malware protection engine

  Microsoft has patched a flaw in its malware protection engine that could be exploited to gain control of victim's computer.

• February 17, 2011 17 Feb'11

  New SMB vulnerability identified in Windows XP and Server 2003

  A new SMB vulnerability discovered in Windows could open systems to DoS attacks and remote access. The vulnerability, tagged as CVE-2011-0654, has been rated "critical" and confirmed on Windows Server 2003 SP2 and Microsoft Windows XP SP3.

• February 17, 2011 17 Feb'11

  RSA 2011: RSA, EMC and VMWare advise on defending against advanced persistent threats

  Security leaders have outlined ways organisations can better defend against advanced persistent threats (APTs) in a paper published by RSA, the security division of EMC.

• February 15, 2011 15 Feb'11

  RSA 2011: Cybersecurity leads conference with cloud security keynote

  Cybersecurity is one of the key topics at the RSA Conference 2011 taking place this week in San Francisco.

• February 10, 2011 10 Feb'11

  IT departments are unable to support employee devices

  Security concerns are holding companies back from allowing staff to use their own technology at work.

• February 09, 2011 09 Feb'11

  Microsoft's February Patch Tuesday outlines five critical vulnerabilities

  Microsoft has released 12 security bulletins addressing 22 vulnerabilities in its monthly security update for February

• February 08, 2011 08 Feb'11

  Post Office faces legal action over alleged accounting system failures

  More than 50 postmasters are planning legal action against the Post Office to reclaim money they paid to the Post Office after being accused of theft and false accounting.

• February 08, 2011 08 Feb'11

  Businesses must learn how to defend against cyberattack, says McAfee

  Cybercrime has thrived over the past decade according to recent reports from security firm McAfee, but business can expect even more dramatic change in the next ten years, researchers say.

• January 25, 2011 25 Jan'11

  Spam level dips

  The recent decline in global spam was the result of a halt in the spam-sending activities of three botnets and unrest among pharmaceutical spam-sending gangs, Symantec's latest MessageLabs Intelligence Report has revealed.

• January 19, 2011 19 Jan'11

  2010 IT security threats point to priorities for 2011, says Sophos

  Cyber threats of 2010 highlight the top risks to business for 2011, including social media sites, whistleblowers, and hacktivists, warns security firm Sophos.

• January 12, 2011 12 Jan'11

  Microsoft January Patch Tuesday misses open security issues

  Microsoft's January 2011 Patch Tuesday security update contains only two bulletins, but misses several open security issues.

• January 07, 2011 07 Jan'11

  Microsoft to patch critical IE vulnerability to block ongoing attacks

  Microsoft will issue two security bulletins, addressing a critical vulnerability affecting all versions of WIndows.

• December 04, 2008 04 Dec'08

  How the Mytob virus caused havoc in the NHS

  The Mytob virus has been removed from 5,000 PCs at

• October 05, 2007 05 Oct'07

  Podcast: the true cost of IT security

  In this interview, Cliff Saran speaks to Martin Sadler, director of HP's Trusted Systems Lab, about how much should we be expected to spend and how much security is enough. Hackers are getting smarter and Martin believes newly trained IT ...

• September 24, 2007 24 Sep'07

  PCI council adds Pin security to remit

  The PCI Security Standards Council has added Pin Entry Device (PED) security technology to its payments industry testing portfolio to streamline standardisation.

• August 28, 2007 28 Aug'07

  SANS: Attackers may be attempting Trend Micro exploits

  The SANS Internet Storm Center (ISC) warns that attackers may be attempting to exploit flaws in Trend Micro products to hijack computer systems.

• August 15, 2007 15 Aug'07

  Latest Microsoft flaws affect Windows, IE, Excel

  Microsoft released nine security updates Tuesday -- six of them critical -- for flaws in Internet Explorer, Excel and other programs within the Windows OS.

• August 03, 2007 03 Aug'07

  Discovery of malware cesspool triggers attack fears

  Trend Micro researchers say a malware-infested Web server in Russia, linked to several Italian Web sites, could lead to a large-scale attack.

• August 02, 2007 02 Aug'07

  Apple releases fixes for Mac OS X, iPhone vulnerabilities

  Apple Computer has released software patches fixing critical vulnerabilities in Mac OS X and its newly released iPhone.

• July 24, 2007 24 Jul'07

  New hacking technique exploits common programming error

  Researchers at Watchfire Inc. say they discovered a new technique that exploits a common dangling pointer error.

• July 17, 2007 17 Jul'07

  Zero-day auction site complicates security efforts, IT pros say

  WabiSabiLabi, the eBay-like marketplace for zero-day flaws, will make it tougher for companies to ward off attackers, some IT security professionals say.

• July 12, 2007 12 Jul'07

  Zero-day auction site highlights ethical debate

  A new auction site plans to cash in on flaw research. Executive Editor Dennis Fisher explores if it's a viable business model and if research should be sold to the highest bidder.

• June 25, 2007 25 Jun'07

  PCI Council hears complaints, suggestions for changes

  Companies with the most stringent security technologies endure hurdles to comply with PCI DSS. Some firms are turning to the upcoming Burton Group Catalyst Conference for answers.

• June 25, 2007 25 Jun'07

  DHS suffered more than 800 cyber attacks in two years

  Senior officials at the US Department of Homeland Security have acknowledged hundreds of security lapses but say improvements have been made.

• June 20, 2007 20 Jun'07

  HP to acquire SPI Dynamics for Web security

  HP says it will would bolster Web site assessments and Web application vulnerabilities with its acquisition of Atlanta-based SPI Dynamics Inc.

• June 18, 2007 18 Jun'07

  Will HP do the right thing with SPI Dynamics?

  Analysts say HP can dramatically boost its security with the purchase of SPI Dynamics, but some users worry about SPI's technology wilting under the new ownership.

• June 17, 2007 17 Jun'07

  Burton Group Catalyst Conference San Francisco 2007

  SearchSecurity.com brings you the latest news, interviews, podcasts and more from the Burton Group Catalyst Conference 2007 in San Francisco.

• June 13, 2007 13 Jun'07

  Microsoft patches Windows Vista, IE 7

  Microsoft fixed 15 flaws in a variety of products Tuesday, including Windows XP, Vista and Internet Explorer 7. Attackers could exploit the most serious flaws for remote code execution.

• June 05, 2007 05 Jun'07

  Watchfire will help IBM build application security

  Analysts have been pushing the Security 3.0 concept this week at Gartner's IT Security Summit, and one analyst says IBM's acquisition of Watchfire illustrates the trend.

• June 01, 2007 01 Jun'07

  Top spammer indicted on email fraud, identity theft

  The arrest may reduce the volume of spam in the short-term, say experts and analysts, but the real spam threat comes from criminal gangs based in Asia and Russia.

• June 01, 2007 01 Jun'07

  Google dives into security market

  Search engine giant Google has acquired security startup GreenBorder Technologies, making it a bigger player in the wider information security market.