Print

Welcome to Smokey's Security Forums.

Guests have only limited access to the board and it's features, please consider registering to gain full access!

Registration is free and it only takes a few moments to complete.

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[MaB69]

Dutch Public Transportation Website Leaks Private Passenger Information
18 May 2010, 4:26 pm

A government-run website promoting the OV-chipkaart smart card, which is currently being introduced in public transportation across The Netherlands, has been found leaking sensitive private information on over 168,000 passengers. A grey-hat hacker proved that he could access the name, address, birth date, phone number or e-... (read more)

Source: Softpedia News - Security

>> To obtain the full Softpedia Security News article, click the link in the first post line <<

[MaB69]

New Bredolab Campaign Spoofs Amazon
17 May 2010, 5:00 pm

A new Bredolab distribution campaign produces fake emails masquerading as order-confirmation messages from Amazon. The attached archive contains a malicious executable file, which installs a new malware variant from the Bredolab family of trojans.

According to email security provider MX Lab, the malicious communications have subjects of the form ... (read more)

Source: Softpedia News - Security

>> To obtain the full Softpedia Security News article, click the link in the first post line <<

[MaB69]

DIY Twitter-Controlled Botnet Kit Spotted in the Wild
15 May 2010, 1:33 pm

Security researchers from antivirus vendor ESET have uncovered a simple tool automating the creation of botnets that can be controlled from Twitter. The botnet clients can be commanded to launch Distributed Denial of Service (DDoS) attacks or install additional malware on the compromised computers.

The do-it-yourself botnet kit,... (read more)

Source: Softpedia News - Security

>> To obtain the full Softpedia Security News article, click the link in the first post line <<

[MaB69]

Zero-Day Remote Code Execution Bug Found in Safari
12 May 2010, 5:02 pm

A highly critical Safari vulnerability, which facilitates remote code execution, has been disclosed as a zero-day at the end of last week. Because no patch is available the United States Computer Emergency Readiness Team (US-CERT) recommends disabling JavaScript entirely in the browser.

In a security advisory released on Friday, ... (read more)

Source: Softpedia News - Security

>> To obtain the full Softpedia Security News article, click the link in the first post line <<

[MaB69]

Mass Injection Attack Hits WordPress Blogs across Multiple Hosters
10 May 2010, 6:05 pm

Hundreds of WorPress blogs hosted on shared servers were compromised over the weekend and had malicious code injected into their pages. A detailed analysis of the affected sites uncovered instructions to hide the attack from Google's web crawler.

The obfuscated JavaScript code injected into the footer.php script was f... (read more)

Source: Softpedia News - Security

>> To obtain the full Softpedia Security News article, click the link in the first post line <<

[MaB69]

Poor Hook Implementations Leave Most Antivirus Products Vulnerable
8 May 2010, 10:20 am

According to a new research paper published by the matousec project, critical protection mechanisms are poorly implemented and can be easily bypassed for the majority of desktop antivirus programs. The problem stems from an unreliable and insecure use of kernel and user mode hooks to get the job done.

The research s... (read more)

Source: Softpedia News - Security

>> To obtain the full Softpedia Security News article, click the link in the first post line <<

[Quizmaster]

Complex IM Worm Infects Yahoo! Messenger and Skype Users
7 May 2010, 3:52 pm

Security researchers warn that a new worm is targeting instant messaging users. Spotted on Yahoo! Messenger (YM) and Skype, the attacks use sophisticated social engineering techniques to trick users into infecting themselves.

It certainly looks like IM worms are making a comeback on the threat landscape, as this is the second ma... (read more)

Source: Softpedia News - Security

>> To obtain the full Softpedia Security News article, click the link in the first post line <<

[Quizmaster]

Hacker Can Pull Off John Connor-Like ATM Trick
6 May 2010, 5:45 pm

A security researcher plans to demonstrate serious vulnerabilities in several ATM models at the upcoming Black Hat USA security conference. He promises a cash-dispensing trick more impressive than John Connor's in Terminator 2.

A lot of people were expecting Barnaby Jack's presentation on automated teller machine (ATM) vulnerabilities ... (read more)

Source: Softpedia News - Security

>> To obtain the full Softpedia Security News article, click the link in the first post line <<

[Quizmaster]

Spam Emails Masquerade as Adobe Update Notifications
6 May 2010, 3:54 pm

Adobe warns that a spam campaign abusing its name and falsely notifying users about security updates for Adobe Reader and Acrobat is currently making the rounds. The rogue emails cite a real vulnerability and encourage users to download malware disguised as a security update.

In recent years, widespread Adobe products, like Reader ... (read more)

Source: Softpedia News - Security

>> To obtain the full Softpedia Security News article, click the link in the first post line <<

[Quizmaster]

Free Hacking Lessons from Google
5 May 2010, 4:51 pm

Google has created a Web application full of exploitable bugs to help webmasters better understand the most common type of Web attacks and learn how to prevent them. Codenamed Jarlsberg, the project is part of the Google Code University's "Web Application Exploits and Defenses" codelab.

The Jarlsberg application, named after the eponymous cheese brand... (read more)

Source: Softpedia News - Security

>> To obtain the full Softpedia Security News article, click the link in the first post line <<

[Quizmaster]

Department of the Treasury Website Rigged to Exploit Visitors
4 May 2010, 4:29 pm

The website of the U.S. Department of Treasury Bureau of Engraving and Printing (BEP) was compromised by unknown attackers, who rigged it to infect visitors with malware. A malicious IFrame loading exploits from a third-party domain was injected into the index page.

The hack was discovered sometime on Sunday evening, but t... (read more)

Source: Softpedia News - Security

>> To obtain the full Softpedia Security News article, click the link in the first post line <<

[Quizmaster]

Yahoo! Messenger Users Targeted by New Worm
3 May 2010, 4:47 pm

A new worm is quickly spreading on Yahoo! Messenger (YM) via Web links to fake images. Users who fall victim to this threat have an IRC botnet client installed on their computers.

According to security researchers from Vietnam-based antivirus vendor Bkis, who analyzed the new worm, it spreads though YM spam. The malware sends out malicious l... (read more)

Source: Softpedia News - Security

>> To obtain the full Softpedia Security News article, click the link in the first post line <<

[Quizmaster]

Romanian Nationalists Hit Several Italian Media Outlets
30 April 2010, 4:24 pm

The group of Romanian hacktivists calling themselves Romanian National Security (RNS) have attacked and defaced multiple websites belonging to the biggest Italian public television company Radiotelevisione Italiana (RAI), as well as leading Italian newspapers La Stampa and Corriere della Sera. The message left behind on the hacked Web prop... (read more)

Source: Softpedia News - Security

>> To obtain the full Softpedia Security News article, click the link in the first post line <<

[Quizmaster]

Ubisoft's Always-On DRM System Subverted
28 April 2010, 5:35 pm

A warez scene release group called SKiD ROW has managed to subvert Ubisoft's controversial always-on DRM control. The crackers thank the major game publisher for the challenge and advise it to focus on games from now on instead of invasive copy-protection solutions.

In January, Ubisoft, one of the largest computer an... (read more)

Source: Softpedia News - Security

>> To obtain the full Softpedia Security News article, click the link in the first post line <<

[Quizmaster]

PDF /Launch Trick Spotted in New Attack
28 April 2010, 10:46 am

A new email-based social engineering attack employing the PDF /Launch technique to infect computers with malware has been spotted in the wild. The malicious messages trick users into opening rigged PDF files by claiming they contain the fresh POP3/SMTP connection settings.

At the end of last month, Didier Stevens, an IT security consultant and r... (read more)

Source: Softpedia News - Security

>> To obtain the full Softpedia Security News article, click the link in the first post line <<