- Welcome Guest
- Sign In
The U.S. Postal Service and National Oceanic and Atmospheric Administration last week confirmed that their computer systems were targeted in months-long cyberattacks that appear to have originated in China. The attack on USPS compromised information of an estimated 800,000 employees. Data at risk in...
Researchers at FireEye on Monday made public the existence of the Masque Attack, which threatens iOS and Mac OS X operating systems. Masque Attack exploits a flaw in Apple's OSes that allows the replacement of one app by another so long as both apps use the same bundle identifier. All apps, except t...
Hackers siphoned off data from United States Postal Service servers for more than eight months before being detected, the USPS said. Personal data -- including names, dates of birth, Social Security numbers, addresses, beginning and end dates of employment, and emergency contact information -- was s...
Palo Alto Networks on Wednesday reported that more than 400 apps infected with a malicious program it calls "WireLurker" have been downloaded 356,104 times by Chinese Mac owners from Maiyadi, an online app store unaffiliated with Apple. The malware does no harm to the Macs it infects but when the co...
Russian cyberspies have a reputation for stealth, so it's unusual when two digital espionage operations linked to the Kremlin come to light in a week. FireEye early last week released a report detailing how hackers working for the Russian government have been using sophisticated techniques over a se...
Malware writers behind Koler, a bad app that attacks Android devices, have upped their game with a new variant of the pernicious program. In its original version, Koler hijacked phones it landed on and wouldn't set them free until a ransom was paid. This latest strain of the malapp also does the ran...
iSight Partners this week revealed that a cybergang it dubbed "Sandworm" has been exploiting a zero-day vulnerability that impacts all supported versions of Microsoft Windows, including Windows Server 2008 and 2012. The announcement was held off until Microsoft issued its patch earlier this week. If...
"Follow the money" isn't just the war cry of journalistic bloodhounds hot on the trail of political corruption. It's the mantra of Web predators, too. That's why PayPal consistently has been the top brand targeted by phishers -- although that appears to have changed. Apple now has the dubious distin...
ComputerCOP software, a parental monitoring application that long has been recommended and distributed by law enforcement agencies, is little more than spyware with significant potential for abuse, the Electronic Frontier Foundation reported Wednesday. The software includes a keylogger that could ex...
Researchers on Thursday discovered proof-of-concept code that could take advantage of unpatched computer systems, and found evidence of attacks exploiting the BASH Shellshock bug in the wild. Shellshock, revealed Wednesday, could become a major threat to Linux/Unix and Apple operating systems if pub...
The pernicious program Citadel has been around for awhile, but it's using some new tricks on new targets. From its humble origins as a "man in the browser" thief of banking credentials, Citadel has become a knave of all trades. Once it lands on a computer, it can be configured in a number of ways wi...
American teens spend a lot more time online than older Web surfers, yet it doesn't seem to increase their vulnerability to malicious activity. Teens last year spent a little more than four hours a day on the Net, while adults in the 50-to-64 age bracket burned two hours, 41 minutes online daily, Mar...
Security consultant Benjamin Mussler last week warned that the Kindle e-book library had a cross-site scripting vulnerability. It appears Amazon previously had fixed the XSS flaw but two months ago reintroduced it in a new version of the "Manage Your Kindle" Web application, according to Mussler. Mu...
Hot on the heels of hackers stealing celebrities' nude photos from their iCloud accounts and posting them on the Web comes news that iCloud users are being targeted again -- this time by a botnet. The Kelihos botnet is sending emails purporting to be from Apple, informing targets they have purchased...
If you want to see an IT pro twitch, bring up Shadow IT in a conversation. "Shadow IT" is a term applied to technology deployed by an organization's users outside the purview of the IT department. It's bothersome to system shepherds because it can open up an organization to data leakages. It's also ...