Door-busters, Black Friday, Cyber Monday: According to Visa, 140 million people plan to shop over Thanksgiving weekend this year – a significant decrease from the 247 million who did so in 2012. Nonetheless, 37% of Americans said they will shop on Blac…
i2Ninja Banking Trojan Uses Tor-like P2P Encryption
Banking trojans continue to be the scourge of the web, with Zeus, Citadel, Ramnit, Spyeye and others continuing to infect machines on a widespread basis. But a new offering has been uncovered in a Russian cybercrime forum, a malware variant that, until…
PayPal Vulnerabilities – Just How Serious Were They?
Last week, German security company Vulnerability Lab published details on the Full Disclosure mailing list about a series of bugs it had discovered in PayPal. These were a persistent payment mail encoding vulnerability; a persistent search vulnerabilit…
NSA Has Hacked 50,000 Computers Globally
New revelations published by the Dutch newspaper NRC indicate that the NSA’s Tailored Access Operations (TAO) may have infected more than 50,000 computer networks around the world with spyware that it can turn on and off at will remotely.
Racing Post Breached; Users’ Passwords Stolen
Racing Post, a British horse racing, greyhound racing and betting newspaper, announced Sunday that its website had been breached and usernames, first and last names, passwords, email addresses and date of birth have been stolen.
GitHub Resets Passwords After Mass-scale Brute-force Attack
A methodical brute-force password-guessing attack on web hosting development site GitHub has resulted in a mass password reset and the revocation of various security authorizations.
Symantec Finds the Early Stages of a Server-based Botnet Build
Trojan backdoors have traditionally attacked desktop and now mobile computers. In recent months, however, attackers have started to target servers. Two typical purposes are to use server bandwidth for powerful distributed denial-of-service (DDoS) campa…
Is MAM Identity and Access Management’s next big thing?
Mobile Application Management is making waves. Recent news from Oracle, IBM, and Salesforce highlight the market interest. It’s a natural extension of what you’ve been hearing at Identity trade shows over the past few years (and this year’s Gartner IAM…
Anonymous Said to be Exploiting ColdFusion in Government Hacks
The ongoing cyber-attacks by Anonymous on US government websites are being made possible thanks to an exploit for Adobe ColdFusion.
Lenovo Network Storage Flaw Revealed, and Patched
A new vulnerability in Lenovo network storage devices has been uncovered. The flaw can potentially be exploited by an attacker to gain unauthorized remote read-only access to network-attached storage (NAS) shares.