Apple’s Ping Social Network is being Exploited
I bet Apple didn’t expect this when they released iTunes 10 and the new iTunes Ping a social network for music. Spammers and scammers have quickly exploited this new feature that launched on Wednesday. Ping is a cross between Facebook and Twitter, giving over 160 million iTunes users the ability to have networks of friends. Sophos researchers have found that [...]
Microsoft Releases New Version of EMET Exploit Mitigation Toolkit
Microsoft has released a new version of a software tool that developers and administrators can use to harden older applications against common vulnerabilities. Short for Enhanced Mitigation Experience Toolkit, EMET version 2.0 brings several new protections to operating systems and applications such as Windows XP or Internet Explorer 6, which remain widely used even though they are not as secure [...]
Acunetix Web Vulnerability Scanner 7 Released
Acunetix announced version 7 of its Web Vulnerability Scanner which features a new vulnerability verifying techniques, scanning engine, support for a wider variety of web applications, improved performance, less false positives and detection of a wide range of new web vulnerability types. Check out the video below to find out whats new in the Acunetix Web Vulnerability Scanner Version 7. [...]
Google Code Used to Spread Malware Again
There has been another case discovered where Google Code is being used to spread malware yet again. This latest example was discovered by security firm zScaler, which reported the finding on their research blog on Wednesday. A spokesman from Google said that the company has taking the necessary steps to remove the project that was hosting the malicious code for [...]
Top Scams on the Web
PandaLabs, Panda Security’s anti-malware laboratory has drawn up a ranking of the most widely used scams over the last few years. These confidence tricks, which are still in wide circulation, all have the same objective: to defraud users of amounts ranging from $500 to thousands of dollars. Typically, these scams follow a similar pattern: initial contact is made via email [...]
Facebook has announced another security feature which will allow you to logout of your account remotely. So now if you use someone else’s computer or phone to access your facebook account and forget to logoff of when your done, you will be able to login from another device and end that session. This feature will more than likely be rolled [...]
The countdown to the saturation of the IPv4 address supply is now down to a matter of months: and along with the vast address space of the next-generation IPv6 architecture comes more built-in network security as well as some new potential security threats. Check out the rest of the article – [Dark Reading]
Heartland Payment Systems has agreed to pay $5 million to Discover to settle claims arising from the massive data breach disclosed by the payment processor last year. In a brief statement on Wednesday, the Princeton, N.J.-based Heartland said the settlement “resolves all issues” between the two companies stemming from the intrusion. “This settlement marks our final agreement with a card [...]
Based on a survey by Symantec Hosted Services and SC Magazine, it found that employee use of the web was perceived as the most likely route to malware infection, with 67.6 per cent of respondents selecting this option ahead of email (28.4 per cent) and instant messenger (3.9 per cent). Dan Bleaken, senior malware data analyst at Symantec Hosted Services, said: [...]
Symantec has teamed up with rapper Snoop Dogg to launch a cybercrime rap contest. Participants are invited to bust some rhymes on the subject of malware, hacking and botnets for the chance to win an all expenses paid trip to LA to attend a Snoop gig and meet his people, if not the rapper himself. Winners get a Toshiba laptop [...]
In this video, Niklas Wolff of the CSIS Security Group demonstrates recent integer overflow vulnerability in Adobe Reader (CVE-2010-2862), disclosed at Black Hat in July, that allows remote code execution.
The latest version of iTunes for Windows addresses 13 security vulnerabilities, as well as adding much-publicised social networking functionality. iTunes 10 for Windows addresses flaws in the media player’s WebKit browser that were fixed in Safari late last month with version 5.0.1 and 4.1.1 of Apple’s browser software. Apple’s advisory on the security content of iTunes 10 can be found here.
Microsoft has released a software tool that helps system administrators protect PCs against a critical class of vulnerabilities found in more than 100 applications from a variety of software makers. The FixIt Tool works only on machines that have already installed the workaround Microsoft published last week. The latest point-and-click release is designed to make the previous workaround easier to [...]
I was wondering when we would start hearing and talking about this. This could get pretty scary!! Of course, your car is probably not a high-priority target for most malicious hackers. But security experts tell CNET that car hacking is starting to move from the realm of the theoretical to reality, thanks to new wireless technologies and evermore dependence [...]
Compromised Twitter accounts have been used to post links to an exploit portal that poses as a download site for an update to TweetDeck, the popular micro-blogging client software package. Malware lures pose as messages such as "Critical tweetdeck update Bank Holiday", a reference to a national holiday in the UK that may suggest the miscreants behind the ruse [...]
