Back in October 2013, a public exploit for the PHP server-side framework was disclosed, using a command injection vulnerability found in May 2012 and categorized as CVE-2012-1823. Now, it appears that cybercriminals are still using it, despite the vuln…
IBM Combats $3.5 Trillion in Fraud Losses with Broad-ranging Initiative
Digital channels such as mobile devices, social networks and cloud platforms offer the perfect connected footprint for bad actors probing for weaknesses and vulnerabilities to carry out everything from tax evasion, money laundering and cyber-attacks to…
EA Games Targeted by Phishers Looking for Apple IDs
EA Games, maker of popular gaming series including Sims, Plants vs. Zombies, Star Wars Battlefront and others, has been attacked by hackers bent on compromising more than a virtual rebel base. A server for its website has come under fire and is now hos…
Full Disclosure Mailing List Shuts Down
John Cartwright, the operator of Full Disclosure, announced yesterday that he has shut down the mailing list. His own post, ‘Administrivia: The End’, is the final entry. It was always a controversial service, frequently publishing vulnerability details…
Sally Beauty Supply Endures the Latest Retail Data Breach
Security isn’t a cosmetic concern, as we’re seeing from the latest retail data breach report. Following the disclosure of an unauthorized attempted intrusion into its network on March 5, Sally Beauty Supply has reported that it has indeed suffered a da…
Sally Beauty Supply Endures the Latest Retail Data Breach
Security isn’t a cosmetic concern, as we’re seeing from the latest retail data breach report. Following the disclosure of an unauthorized attempted intrusion into its network on March 5, Sally Beauty Supply has reported that it has indeed suffered a da…
NSA Collects the Whole Voice Conversation of an Entire Nation
It could, in fact, be at least five nations, with a sixth scheduled for inclusion soon. These revelations were published yesterday in a report based on Snowden leaks just after Edward Snowden himself warned the TED2014 Conference audience in Vancouver …
19-Year Old Saves City of London From Certain Cyber Disaster – Takes Home Masterclass Title
Once again, the UK’s most promising amateur cyber defenders competed to defend the City of London from a simulated cyber-attack, as part of the Cyber Security Challenge Masterclass. A 19-year-old student was crowned the UK Cyber Security Champion after…
Edward Snowden: The Internet Is Not Our Enemy, and Encryption Can Protect It
Edward Snowden was a surprise speaker at TED2014 in Vancouver. Beamed in via a telepresence robot from his exile in Russia, he spoke to TED presenter Chris Anderson, and was joined by ‘father of the web’ Sir Tim Berners-Lee. Snowden said there is more …
Undetected for Years, Operation Windigo Affects Millions of Servers
A vast spam and malware campaign has been uncovered that has seized control of more than 25,000 UNIX servers worldwide, daily affecting half a million computers. The backdoor trojan is responsible for sending more than 35 million spam emails every day.