Feeds
13620 items (12 unread) in 75 feeds
-
Jeremy Zawodny's blog
-
Mozilla Webdev
-
Transcendental Technical Travails
-
Ian Bicking: a blog
-
Hackosis (2 unread)
WebSecurity
(10 unread)
-
Watchfire Application Security Insider
-
BlogSecurity
-
sirdarckcat
-
Google Online Security Blog
-
CGISecurity.com: Your Web Site and Application Security Resource
-
Switch/Twitch
-
mybeNi websecurity
-
cat slave diary
-
SecuriTeam Blogs
-
Curiouser and Curiouser
-
Alex's Corner
-
Billy (BK) Rios
-
Chris Shiflett
-
christian's weblog
-
funkatron.com
-
GNUCITIZEN
-
The Spanner
-
hackademix.net
-
Ruby on Rails Security Project
-
It's a shampoo world anyway
-
Web Security Blog
-
ha.ckers.org web application security lab
(10 unread)
-
Yet Another Infosec Blog
-
PHP Security Blog
-
Security Thoughts
-
Sunnet Beskerming Security Advisories
-
Disenchant's Blog
-
Sylvan von Stuppe
-
Larholm.com
-
The Turkey Curse
-
Jeremiah Grossman
-
Anurag Agarwal - Application Security Evangelist
-
Ivan Ristic
-
deep inside | security & tools
-
omg.wtf.bbq.
-
BlueHat Security Briefings
-
Tactical Web Application Security
-
.:Computer Defense:.
-
tssci security
-
Plynt Penetration Testing Blog
-
Michael Howard's Web Log
-
Security Retentive
-
BindShell.Net
-
Dominic White's .tHE pRODUCT
-
SecurityFocus News
-
Justice League
-
Schneier on Security
-
Rational Survivability
-
terminal23
-
1 Raindrop
-
hiredhacker.com
-
Matasano Chargen
-
-
Michael on Security - Musings on Information Security
-
Fortify blog
-
The Art of Software Security Assessment
-
GDS Security Blog
-
Vodun.org
-
Robert Penz Blog
-
Mark Curphey - SecurityBuddha.com
-
Liminal states
-
Security Ripcord
-
ModSecurity Blog
-
IBM Internet Security Systems Frequency X Blog
-
Suspekt...
-
extern blog SensePost;
-
Zero in a bit
61 items tagged "Incidents"
CGISecurity.com: Your Web Site and Application Security Resource
-
Announcing WASC Web Hacking Incident Database (WHID) Mail-list
Posted: January 25th, 2011, 11:56am CST by Robert A.
Tags: Incidents [edit]
Ryan Barnett (Leader of the WASC Web Hacking Incidents Database Project) has announced a new mailing list where users can subscribe to hear about the latest hacking incidents. From his email to The Web Security Mailing List "Greetings everyone, I wanted to let everyone know that we have setup a mail-list for... -
Palin e-mail snoop sentenced to a year in custody
Posted: November 12th, 2010, 11:48am CST by Robert A.
Tags: Incidents [edit]
"Former college student David Kernell, whose criminal prying into Sarah Palin's personal e-mail account caused an uproar two months before the 2008 presidential election, was today sentenced to a year and a day in federal custody by a judge who recommended that the time be served in a Knoxville, Tenn. halfway house.... -
TJX Hacker Gets Pwned, 20 Years In Prison
Posted: March 26th, 2010, 11:20am CDT by Robert A.
Tags: Incidents [edit]
Could the trend of claiming not to know any better while hacking due to asperger's be coming to an end? From Wired "Convicted TJX hacker Albert Gonzalez was sentenced to 20 years in prison on Thursday for leading a gang of cyberthieves who stole more than 90 million credit and debit card... -
Stephen Watt sentenced to 2 years in prison for role in TJX
Posted: December 24th, 2009, 12:56pm CST by Robert A.
Tags: Incidents [edit]
Stephen Watt (alias JimJones/Unix Terrorist/PHC/etc) was sentenced to 2 years in prison for his role in writing the blablah sniffer used by the folks involved in the TJX credit card incident. From wired magazine "While accused TJX hacker kingpin Albert Gonzalez awaits a possible sentence of 17 years or more in prison,... -
132,000+ sites Compromised Via SQL Injection
Posted: December 10th, 2009, 11:26am CST by Robert A.
Tags: Incidents [edit]
Net-Security has posted an article on the discovery of 132k+ sites that have been SQL Injected. From the article "A large scale SQL injection attack has injected a malicious iframe on tens of thousands of susceptible websites. ScanSafe reports that the injected iframe loads malicious content from 318x.com, which eventually leads to... -
WASC Honeypots - Apache Tomcat Admin Interface Probes
Posted: October 6th, 2009, 11:17am CDT by Robert A.
Tags: Incidents [edit]
The WASC Distributed Open Proxy Honeypots project has published an entry on people performing brute force attacks against tomcat administrative interfaces through WASC's open relay proxies. Tomcat Brute Forcing: http://tacticalwebappsec.blogspot.com/2009/10/wasc-honeypots-apache-tomcat-admin.html -
WASC Distributed Open Proxy Honeypot Shows Brute Force Attacks Against Yahoo
Posted: September 14th, 2009, 4:39pm CDT by Robert A.
Tags: Incidents [edit]
Fellow WASC officer Ryan Barnett has published findings pertaining to a distributed brute force attack against Yahoo's login pages as part of his findings for the WASC Distributed Open Proxy Honeypot Project . For those not aware of this project, Ryan leads an initiative where people run open relay proxies and centrally... -
Apache.org Incident Report For 8/28/2009 Hack
Posted: September 3rd, 2009, 11:08am CDT by Robert A.
Tags: Incidents [edit]
From the report "Our initial running theory was correct--the server that hosted the apachecon.com (dv35.apachecon.com) website had been compromised. The machine was running CentOS, and we suspect they may have used the recent local root exploits patched in RHSA-2009-1222 to escalate their privileges on this machine. The attackers fully compromised this... -
Apache.org Compromised via stolen SSH keys
Posted: August 28th, 2009, 11:16am CDT by Robert A.
Tags: Incidents [edit]
Netcraft is reporting that apache.org has been compromised. The apache blog posted the following message indicating an SSH key compromise. "This is a short overview of what happened on Friday August 28 2009 to the apache.org services. A more detailed post will come at a later time after we complete the... -
C0mrade's Suicide Linked to TJX Probe
Posted: July 9th, 2009, 12:10pm CDT by Robert A.
Tags: Incidents [edit]
“I have no faith in the ‘justice’ system,” he wrote. ” Perhaps my actions today, and this letter, will send a stronger message to the public. Either way, I have lost control over this situation, and this is my only way to regain control.” The note was provided to Wired.com this... -
Hacker Extradited For Stock Market Manipulation Via Stolen Accounts
Posted: July 8th, 2009, 5:43pm CDT by Robert A.
Tags: Incidents [edit]
"The three were charged two years ago for a 2006 scheme in which they allegedly hacked into online brokerages or created new accounts using stolen identities, then bought and sold stocks in order to manipulate prices to their benefit. They hacked into more than 60 accounts in nine brokerage firms, including... -
Blind Hacker Sentenced to 11 Years in Prison
Posted: June 29th, 2009, 7:59pm CDT by Robert A.
Tags: Incidents [edit]
"A legally blind Massachusetts phone hacker was sentenced Friday to over 11 years in federal prison, following his guilty plea on computer intrusion and witness intimidation charges earlier this year. Matthew Weigman, 19, was sentenced in Dallas by U.S. District Judge Barbara M.G. Lynn, according to the U.S. Attorney’s Office there.... -
Max Vision Pleads Guilty To Wire Fraud/Carding
Posted: June 29th, 2009, 2:58pm CDT by Robert A.
Tags: Incidents [edit]
"A San Francisco man pleaded guilty today in Pittsburgh this afternoon to federal charges of hacking into computer systems of financial institutions and other hackers to steal nearly 2 million credit card numbers, which were used to rack up more than $86 million in fraudulent charges. Max Ray Vision, formerly Max... -
FTP login credentials at major corporations breached
Posted: June 28th, 2009, 10:54pm CDT by Robert A.
Tags: Incidents [edit]
"A trojan has reportedly been uncovered that is harvesting FTP login data of major corporations, including the Bank of America, BBC, Amazon, Cisco, Monster.com, Symantec and McAfee. According to a report in the Friday edition of The Register, Jacques Erasmus, CTO at Prevx, an internet security vendor headquartered in the U.K.,... -
Stephen Watt/JimJones/Unix Terrorist to be Sentenced Monday
Posted: June 18th, 2009, 6:56pm CDT by Robert A.
Tags: Incidents [edit]
Photo (c) of sensepost Watt Pictured far right during a Defcon talk (video available). "Watt, a 7-foot-tall software engineer who was working for Morgan Stanley at the time the hacks occurred, pleaded guilty in December to creating a sniffing program dubbed “blabla” that Gonzalez and others allegedly used to steal millions... -
100,000 sites deleted in hack, software company boss commits suicide
Posted: June 9th, 2009, 9:29am CDT by Robert A.
Tags: Incidents [edit]
"The boss of Indian software firm LxLabs was found dead in a suspected suicide on Monday. Reports of the death of K T Ligesh, 32, come in the wake of the exploitation of a critical vulnerability in HyperVM, a virtualization application made by LXLabs, to wipe out data on 100,000 sites... -
T-Mobile confirms hackers' info is legit
Posted: June 9th, 2009, 9:26am CDT by Robert A.
Tags: Incidents [edit]
"The information posted over the weekend by hackers who claimed to have hacked T-Mobile is legit, T-Mobile now says. But, it's not clear that the hackers have the full access to T-Mobile systems they claim. On Saturday, hackers posted what appear to be logfiles taken from T-Mobile's networks to the Full... -
Report: Mass Injection Attack Affects 40,000 Websites
Posted: June 2nd, 2009, 1:14pm CDT by Robert A.
Tags: Incidents [edit]
"Researchers at Websense have discovered a mass injection attack that is redirecting Web browsers to a malware-bearing site. According to a weekend report by researchers at Websense, thousands of legitimate Web sites have been discovered to be injected with malicious Javascript, obfuscated code that leads to an active exploit site. "The... -
Lessons Learned from Time's Most Influencial Poll Abuse: Part 1
Posted: May 13th, 2009, 11:44am CDT by Robert A.
Tags: Incidents [edit]
"In a text book case of web applications being abused due to insufficient anti-automation defenses, the Time Magazine's Internet poll of the most influential 100 people was bombarded with various methods to manipulate the results. The WASC Web Hacking Incident Database provides a great overview of the various tactics that Moot... -
Hackers steal UC Berkeley health records
Posted: May 12th, 2009, 12:24pm CDT by Robert A.
Tags: Incidents [edit]
"The University of California at Berkeley started warning students and alumni on Friday that online thieves infiltrated the school's restricted servers and stole medical records on more than 160,000 individuals. The database exposed by the breach held information on UC Berkeley's students, alumni and staff, including health insurance information and Social... -
Swede charged in cisco hack involving theft of trade secrets
Posted: May 6th, 2009, 1:37pm CDT by Robert A.
Tags: Incidents [edit]
"A 21-year-old Swede has been charged with hacking into Cisco Systems Inc. (NASDAQ:CSCO)'s computers and stealing trade secrets, U.S. officials say. Philip Gabriel Pettersson, also known as "Stakkato," was named in a five-count indictment that includes one count of intrusion and two of trade secret misappropriation involving the San Jose, Calif.,... -
Hackers Break Into Virginia Health Professions Database, Demand Ransom
Posted: May 5th, 2009, 12:42pm CDT by Robert A.
Tags: Incidents [edit]
"Hackers last week broke into a Virginia state Web site used by pharmacists to track prescription drug abuse. They deleted records on more than 8 million patients and replaced the site's homepage with a ransom note demanding $10 million for the return of the records, according to a posting on Wikileaks.org,... -
Twitter response to xss worm attack
Posted: April 12th, 2009, 11:50pm CDT by Robert A.
Tags: Incidents [edit]
Twitter has posted an entry on it's xss worm issues this weekend. "On a weekend normally reserved for bunnies, a worm took center stage. A computer worm is a self-replicating computer program sometimes introduced by folks with malicious intent to do some harm to a network. Please note that no passwords,... -
Electricity Grid in U.S. Penetrated By Spies
Posted: April 7th, 2009, 11:50pm CDT by Robert A.
Tags: Incidents [edit]
"Cyberspies have penetrated the U.S. electrical grid and left behind software programs that could be used to disrupt the system, according to current and former national-security officials. The spies came from China, Russia and other countries, these officials said, and were believed to be on a mission to navigate the U.S.... -
Paper: "Tracking GhostNet: Investigating a Cyber Espionage Network"
Posted: March 29th, 2009, 9:51pm CDT by Robert A.
Tags: Incidents [edit]
There's been a bunch of news regarding a new report published indicating a wide spread Chinese espionage network dubbed 'ghostnet'. From the paper "This report documents the GhostNet - a suspected cyber espionage network of over 1,295 infected computers in 103 countries, 30% of which are high-value targets, including ministries of... -
March Madness-related SEO Poisoning Leads To Rogue AV
Posted: March 19th, 2009, 5:51pm CDT by Robert A.
Tags: Incidents [edit]
"With only a few days left before the tournament starts, if a user searches for popular March Madness-related terms in Google, malicious URLs as high as the first result are returned. Search terms that currently exist within the Top 10 of Google's Hot Trends (the most popular search results) return these... -
Hacker Disabled Offshore Oil Platform Leak-Detection System
Posted: March 18th, 2009, 6:45pm CDT by Robert A.
Tags: Incidents [edit]
"A Los Angeles federal grand jury indicted a disgruntled tech employee Tuesday on allegations of temporarily disabling a computer system detecting pipeline leaks for three oil derricks off the Southern California coast. Mario Azar, 28, faces a maximum 10-year term after being accused of purposely impairing a computer system that monitored... -
Google Docs suffers serious security lapse
Posted: March 9th, 2009, 1:36pm CDT by Robert A.
Tags: Incidents [edit]
"Google confessed to a serious bug in its Docs sharing system over the weekend, but downplayed the security cockup by claiming only a tiny number of users had been affected. The internet search kingpin said that less than 0.05 per cent of Google Docs accounts were hit by a privacy breach... -
Twitter SMS spoofing
Posted: March 6th, 2009, 2:46pm CST by Robert A.
Tags: Incidents [edit]
"A fix against an SMS spoofing flaw involving micro-blogging service Twitter offers only partial protection. Tests by Heise Security found that providing a user knew the number of a phone associated with a Twitter account, it would be possible to use an SMS sender faking service to post fake status updates... -
Google Blackhat SEO Hack
Posted: February 26th, 2009, 2:12pm CST by Robert A.
Tags: Incidents [edit]
"Today’s aggressive and spooky abuse of trusted giants reveals just how sophisticated and manipulative these guys have become. By following Google Trends, and with some sharp SEO skills to take advantage of Google’s famed real-time indexing, Scammers are directly targeting Google’s search results, trusted by as many as 70 percent of... -
Gary McKinnon set to face extradition after Crown Prosecution Service ruling
Posted: February 26th, 2009, 11:20am CST by Robert A.
Tags: Incidents [edit]
"Hacker Gary McKinnon is set to face extradition to the US following a Crown Prosecution Service ruling. The service has refused to bring charges against him after a decision found that there was sufficient evidence to prosecute him, the evidence is not reflected in the criminality that is alleged by the... -
Bot Busts Newest Hotmail CAPTCHA
Posted: February 19th, 2009, 11:53am CST by Robert A.
Tags: Incidents [edit]
"The botnet, or collection of compromised PCs, can decipher Live Hotmail's CAPTCHA (Completely Automated Public Turing Test to Tell Computers and Humans Apart) registration safeguard in about 20 seconds, said Websense Inc. security researcher Sumeet Prasad.CAPTCHA is the term for the distorted characters that many Web sites, such as e-mail services... -
MS09-002 exploit in the wild
Posted: February 18th, 2009, 1:17pm CST by Robert A.
Tags: Incidents [edit]
Sans is reporting the MS09-002 exploit is in the wild."Several AV vendors reported about MS09-002 exploits in the wild. We can confirm this – the exploit for the CVE-2009-0075 vulnerability (Uninitialized Memory Corruption) in Internet Explorer 7 is definitely in the wild and working as charm on an unpatched Windows XP... -
Popular Security Website Hit By Big DDoS Attack
Posted: February 11th, 2009, 1:12pm CST by Robert A.
Tags: Incidents [edit]
"Several renowned white-hat hacker security sites have been hit during the past few days with a distributed denial-of-service attack (DDoS). Immunity, Milw0rm, and Packet Storm were in the clear as of this posting, but attackers were still hammering away at Metasploit. The attackers behind the DDoS -- which began on Feb.... -
Revising netflix's CSRF
Posted: February 7th, 2009, 10:08pm CST by Robert A.
Tags: Incidents [edit]
Dave Ferguson writes"Back in 2006, I put out some findings about CSRF on Netflix's web site. I thought people might be interested to know that I revisited the issue recently and was shocked to find Netflixstill hasn't fixed all their CSRF issues, at least when it comes to movie queues. You... -
PHPBB Server Compromised, Team Apologies
Posted: February 3rd, 2009, 3:23pm CST by Robert A.
Tags: Incidents [edit]
"We took area51.phpBB.com down along with phpBB.com to ensure integrity and prevent further damage. While we actively work to bring phpBB.com back online, we would also like to inform you of the damage that has been done.The attacker gained entry through the PHPList application and was able to dump a complete... -
Black hats poison Google video search
Posted: February 2nd, 2009, 10:05am CST by Robert A.
Tags: Incidents [edit]
"Instead of video clips, researchers at Trend Micro discovered that around 400,000 queries returning malicious results that lead to a single redirection point, which leads onto an array of maliciously constructed websites designed to load malware onto vulnerable Windows PCs. The strain of malware spread using the attack - named as... -
DEC 'hacker' questions McKinnon political bandwagon
Posted: January 30th, 2009, 6:26pm CST by Robert A.
Tags: Incidents [edit]
"Boris Johnson's outspoken defence of Gary McKinnon in his extradition fight has been criticised by a former security consultant, who complains he was denied such support when he himself was charged with hacking offences. Daniel Cuthbert was convicted in October 2005 of breaking the Computer Misuse Act by "hacking" into a... -
Isreali Government Utilized SEO To Control Criticism
Posted: January 27th, 2009, 10:53am CST by Robert A.
Tags: Incidents [edit]
"In what may prove to be one of the ways global conflicts are fought in the 21st century, Israel used search engine optimization (SEO) to halt the online backlash it was receiving during the recent conflict in Gaza.As well as some search engine optimization work (SEO) done by a Texas company... -
BOFH-loving botmaster wants life as security consultant
Posted: January 26th, 2009, 3:16pm CST by Robert A.
Tags: Incidents [edit]
"An American security consultant who stole hundreds of thousands of online bank passwords by employing a massive botnet that he often administered from work deserves at least five years in prison, prosecutors have told a federal judge. The request for a minimum 60-month sentence, followed by five years of supervised release,... -
British hacker gang 'tried to steal £229m from Japanese bank'
Posted: January 22nd, 2009, 1:01pm CST by Robert A.
Tags: Incidents [edit]
"A six-strong hacker gang attempted to plunder £229million from a Japanese bank in an audacious high-tech scam, a court heard. A crooked security guard at Japanese bank Sumitomo Mitsui let alleged computer hackers into the building in the dead of night where they installed spy software on computers used for multi-million... -
British hacker gang 'tried to steal £229m from Japanese bank'
Posted: January 22nd, 2009, 1:01pm CST by Robert A.
Tags: Incidents [edit]
"A six-strong hacker gang attempted to plunder £229million from a Japanese bank in an audacious high-tech scam, a court heard. A crooked security guard at Japanese bank Sumitomo Mitsui let alleged computer hackers into the building in the dead of night where they installed spy software on computers used for multi-million... -
Payment Processor Breach May Be Largest Ever
Posted: January 20th, 2009, 2:43pm CST by Romain Gaucher
Tags: Incidents [edit]
The Washington Post reports today a new breach: "A data breach last year at Princeton, N.J., payment processor Heartland Payment Systems may have led to the theft of more than 100 million credit and debit card accounts, the company said today." More info on the article. -
Gary McKinnon confesses to escape extradition to USA
Posted: January 12th, 2009, 11:27am CST by Robert
Tags: Incidents [edit]
"COMPUTER hacker Gary McKinnon has signed a formal confession in a last-ditch attempt to avoid his extradition to the US, his family have confirmed.Former Highgate Wood School pupil Mr McKinnon, 42, is currently awaiting extradition after being accused of causing $700,000 worth of damage when he allegedly hacked into US security... -
Gary McKinnon confesses to escape extradition to USA
Posted: January 12th, 2009, 11:27am CST by Robert A.
Tags: Incidents [edit]
"COMPUTER hacker Gary McKinnon has signed a formal confession in a last-ditch attempt to avoid his extradition to the US, his family have confirmed.Former Highgate Wood School pupil Mr McKinnon, 42, is currently awaiting extradition after being accused of causing $700,000 worth of damage when he allegedly hacked into US security... -
Hackers deface Army and Nato sites
Posted: January 9th, 2009, 6:43pm CST by Robert
Tags: Incidents [edit]
"Hackers have taken down two high-profile targets as they continue their ongoing Web attacks in support of Palestine, defacing Web sites run by the U.S. Army and the North Atlantic Treaty Organization (NATO).The attacks on Thursday took down the Web sites for The United States Army Military District of Washington and... -
Hackers deface Army and Nato sites
Posted: January 9th, 2009, 6:43pm CST by Robert A.
Tags: Incidents [edit]
"Hackers have taken down two high-profile targets as they continue their ongoing Web attacks in support of Palestine, defacing Web sites run by the U.S. Army and the North Atlantic Treaty Organization (NATO).The attacks on Thursday took down the Web sites for The United States Army Military District of Washington and... -
TJX Maxx hacker sentenced to 30 years
Posted: January 8th, 2009, 11:35am CST by Robert
Tags: Incidents [edit]
We've previously covered the TJX compromise. It appears one of the attackers involved is going to prison."Maksym Yastremskiy, the Ukrainian accused of being a key figure in the infamous TJX Maxx Wi-Fi hack of 2005, has been sentenced to 30-years in prison by a Turkish court. Yastremskiy - or 'Maksik' as... -
Sacked Croydon hacker spied on former colleagues' e-mails
Posted: January 7th, 2009, 11:44am CST by Robert
Tags: Incidents [edit]
"An IT expert sacked for lying on his CV hacked into his company's computer system to spy on his former colleagues - and deleted vital information which led to the loss of jobs. Julius Oladiran, 46, was dismissed from after his employers discovered his boasts of a master's degree, and top... -
Twitter hacked via weak passwords to admin system
Posted: January 7th, 2009, 10:38am CST by Robert
Tags: Incidents [edit]
"A teenage hacker, known in the digital underground as GMZ, claims he obtained access to the micro-blogging site’s admin controls using a brute force dictionary attack. After guessing the login identity of an administrator, in part based on the large number of people she followed, GMZ ran an automated password guessing... -
CheckFree warns 5 million customers after DNS hack
Posted: January 6th, 2009, 7:52pm CST by Robert
Tags: Incidents [edit]
"Tolley wouldn't say what banks were affected by the hack, but the majority of these five million customers were CheckFree's own users, she said. In total, about 42 million customers access CheckFree's bill payment site, she said. Customers who went to CheckFree's Web sites between 12:35 a.m. and 10:10 a.m. on... -
Pak hackers plan attack on Indian cyber networks: Intel
Posted: January 6th, 2009, 12:21pm CST by Robert
Tags: Incidents [edit]
"After the Mumbai terror strikes, anti-India elements in Pakistan are now planning an attack on Indian computer networks, intelligence agencies have warned. Already Pakistani hackers are trying out a dry run against Indian networks through popular websites registered there after the Mumbai terror strikes, Home Ministry sources told PTI here today.... -
Israel hacks Arab TV station
Posted: January 6th, 2009, 11:22am CST by Robert
Tags: Incidents [edit]
"Israeli military forces have reportedly hacked into a Hamas-run TV station to broadcast propaganda. The hijack of the Al-Aqsa television station last weekend represents the latest phase in a war in cyberspace that has accompanied the ongoing conflict in Gaza. Al-Aqsa is known for featuring allegedly antisemitic childrens' cartoons as part... -
Police set to step up hacking of home PCs
Posted: January 4th, 2009, 8:44pm CST by Robert
Tags: Incidents [edit]
The Home Office has quietly adopted a new plan to allow police across Britain routinely to hack into people’s personal computers without a warrant. The move, which follows a decision by the European Union’s council of ministers in Brussels, has angered civil liberties groups and opposition MPs. They described it as... -
Hundreds of Israeli Websites Hacked in 'Propaganda War'
Posted: December 31st, 2008, 11:51am CST by Robert
Tags: Incidents [edit]
"It didn't take long after Israel's bombing of Gaza began for cyberwarfare to erupt as well: over 300 Israeli Websites over the past few days have been hacked and defaced with anti-Israeli and anti-US messages in an online propaganda campaign, a security expert says. Gary Warner, director of research in computer... -
Top 5 cybersecurity news stories of 2008
Posted: December 29th, 2008, 11:07am CST by Robert
Tags: Incidents [edit]
"Data breaches continued to make their very public mark on cybersecurity news in 2008. And this time it wasn't TJX making headlines. Despite being PCI compliant, Hannaford Brothers supermarkets announced that 4.2 million credit and debit card numbers were pilfered from its servers. We also learned in 2008 that attackers aren't... -
State Bank of India shuts down website after hackers break in
Posted: December 28th, 2008, 5:30pm CST by Robert
Tags: Incidents [edit]
"The State Bank of India, the country’s largest bank, has had to shut down its corporate website after overseas hackers tried to break in.While the bank said that transactions took place through www.onlinesbi.com, a senior SBI source said that the transactions were slow as the entire system was under watch. The... -
One Hacker's Audacious Plan to Rule the Black Market in Stolen Credit Cards
Posted: December 22nd, 2008, 8:10pm CST by Robert
Tags: Incidents [edit]
"The heat in Max Butler's safe house was nearly unbearable. It was the equipment's fault. Butler had crammed several servers and laptops into the studio apartment high above San Francisco's Tenderloin neighborhood, and the mass of processors and displays produced a swelter that pulsed through the room. Butler brought in some... -
Learning More About the Underground Economy: A Case-Study of Keyloggers and Dropzones
Posted: December 19th, 2008, 11:16am CST by Robert
Tags: Incidents [edit]
"German researchers have discovered more than 300 cybercrime servers full of stolen credentials on more than 170,000 people -- and it is only the tip of the iceberg, they say. Researchers at the University of Mannheim's Laboratory for Dependable Distributed Systems were able to access nearly 100 so-called "dropzone" machines, and... -
American Express web bug exposes card holders
Posted: December 17th, 2008, 11:35am CST by Robert
Tags: Incidents [edit]
"A glaring vulnerability on the American Express website has unnecessarily put visitors at risk for more than two weeks and violates industry regulations governing credit card companies, a security researcher says. Among other things, the cross-site scripting (XSS) error on americanexpress.com allows attackers to steal users' authentication cookies, which are used... -
WoW users targetted in mass site hack
Posted: November 10th, 2008, 12:33pm CST by Robert
Tags: Incidents [edit]
"Kaspersky reports that the crackers are adding a JavaScript tag to the html of hacked sites. This causes surfers visiting the site to pull content from one of six gateway sites, which redirect to a server hosting malware located in China. A range of exploits are hosted on this site designed...