Mozilla Thunderbird, a free, open-source, cross-platform application for managing email and news feeds, has a critical validation and filter bypass vulnerability in version 17.0.6.
The Blackholing Side-effect of IP Reputation Filtering
A new report from a secure cloud hosting company shows that the effective use of IP reputation filtering creates an additional, or ‘blackhole’, layer of security. When probes from known attack sites return no response, the attackers don’t probe deeper,…
NSA and GCHQ Harvest User Data From Leaky Mobile Apps
Security experts have long warned that users should be more concerned about the sometimes excessive personal data that some apps take from their hosts. Now it seems that criminals and advertisers are not the only people interested in this information: …
Michaels Investigates Possible Data Breach
Hard on the heels of Target and Neiman Marcus being hit with point-of-sale cyber-heists, another retailer is warning of a potential data breach. The arts-and-crafts supply purveyor Michaels has confirmed that it is working with the US Secret Service to…
13 Indicted for Stealing $2 Million in Gas Pump Skimming Scam
Paying for gas at the pump has become a way of life, but even this innocuous activity can open consumers up to identity theft. Case in point: thirteen defendants are facing a whopping 426-count indictment in Manhattan for stealing more than $2 million …
74,000 Data Records Breached on Stolen Coca-Cola Laptops
Coca-cola admitted Friday to the theft of an unspecified number of laptops containing personal information on 74,000 individuals – including, it turns out, variously social security numbers, driving license details, salaries, and ethnicity; but fewer t…
Multiple Hacker Arrests in Collaborative International Operation
The FBI announced Friday that it had arrested two operators of a US-based e-mail hacking website, and three customers of foreign e-mail hacking sites. Operators of foreign e-mail hacking sites were arrested by national authorities in Romania, India and…
Syrian Electronic Army Escalated Tactics Over 2013; Poised for More this Year
The hacktivist group known as the Syrian Electronic Army was a particularly active adversary in the second half of 2013, and remains one of the top global threat actors to watch in the coming year as the Syrian conflict drags on – not least because of …
New Android Malware Intercepts Calls and Texts
Mobile malware victims may have several reactions upon discovering a smartphone infection, but chuckling is likely not one of them. Nonetheless, a new Android malware threat dubbed “HeHe” has been identified that steals text messages and intercepts and…
Energetic (Russian) Bear Attacking Western Energy Sector
Energetic Bear is the name given to a hacking group, most likely Russian, that appears to be primarily targeting the western energy sector. Although only one part of a new Global Threat Report for 2013, it is the part attracting most attention and inte…