Articles about Security

AT&T discloses 'organized and systemic' hack to steal customer information

AT&T is alerting affected customers to an "organized and systematic" attack on its website that attempted to steal their data. The nation's second-biggest carrier says in a letter to those customers that it "[does] not believe that the perpetrators of this attack obtained access to your online account or any of the information contained in that account", but decided to warn users "out of an abundance of caution".

Less than one percent of the carrier's 100.7 million customers are affected, but that still puts nearly one million at risk due to AT&T's size. Hackers employed an automated script to see if cellular numbers were linked to AT&T accounts, which the script tried to pair with logins. All attempts appear to be unsuccessful.

Continue reading

Malware on Android begins to spiral out of control

Malware aimed at the Android platform has increased five-fold since July, raising questions on the open-door policy Android has in installing apps. IT company Juniper Networks says the reason for this is the Mountain View, Calif. company's own lax attitude when it comes to oversight.

"With no upfront review process, no one checking to see that your application does what it says, just the world’s largest majority of smartphone users skimming past your application’s description page with whatever description of the application the developer chooses to include", it says. Of course, Juniper's description of how the review process works in Android is generalized and somewhat inaccurate.

Continue reading

Facebook says it knows who is responsible for image spam attack

Facebook says that it identified those responsible for an attack earlier this week that spammed Facebook users with pornography and violent imagery, and will investigate its options to prosecute those responsible. The attack is believed to have been exploited through a browser vulnerability, BetaNews is told.

"During this spam attack users were tricked into pasting and executing malicious JavaScript in their browser URL bar causing them to unknowingly share this offensive content", spokesperson Andrew Noyes explained. "Our engineers have been working diligently on this self-XSS [cross-site scripting] vulnerability in the browser".

Continue reading

BlitzBlank kills malware your security software can't

Malware removal is normally an entirely automatic process. Your PC encounters something unpleasant, your antivirus package deletes it, and you carry on as before: easy.

Sometimes, though, life isn’t quite as straightforward. In particular, if you’ve spotted a suspect process that your security suite doesn’t recognize yet, then you’ll probably want to remove it manually. And that can be a real challenge.

Continue reading

Porn, violent imagery flood Facebook profiles

Facebook users report seeing large amounts of image spam in their news feeds, depicting acts of violence, pornography, mutilation and bestiality. The site says it is investigating the issue, but did not give any possible cause for the problem.

BetaNews has received reports of spam messages typically sent with the word "YUKKY" and including a shortened link, although it is not immediately clear whether this has anything to do with the graphic imagery. The images show up in victims profiles as being "liked".

Continue reading

Estonian company Rove Digital taken down in massive clickjacking fraud sting

Six Estonian nationals were arrested this week, charged with running a massive $14 million clickjacking fraud ring that infected 4 million computers across 100 countries.

Discovered in a two-year FBI sting operation called "Operation Ghost Click," the six men have each been charged with wire fraud, wire fraud conspiracy, computer intrusion conspiracy, computer intrusion (furthering fraud,) and computer intrusion (transmitting information). The head of the group, Vladimir Tsastsin, 31, was additionally charged with 22 counts of money laundering.

Continue reading

Can you imagine if Microsoft took this approach?

That's the question a BetaNews reader asked me earlier today, when forwarding news that esteemed researcher Charlie Miller had gotten the shaft from Apple. Miller released an app that exposed a serious security flaw in iOS. His reward: Banishment from Apple's developer program, for one year. Perhaps longer.

I asked colleague Ed Oswald to write the news story. My followup here seeks to answer the question asked by the reader: "Can you imagine if Microsoft took this approach?" No, because that would go against Microsoft's security policies. But I can imagine the response had Microsoft done something like this -- punish a respected researcher for bringing a major security flaw to its attention. Vilification. Condemnation. Damnation. In blogs. In news commentaries. On social networks. And Apple? There is little noise at all. Once again Apple can do no wrong.

Continue reading

Microsoft offers simple patch Tuesday for election day


Microsoft's patch Tuesday has fallen on state- and local election day this month, and as such, is relatively lightweight, with just one "critical" bulletin, two "important," and one "moderate."

The critical bulletin (MS11-083) is for a TCP/IP vulnerability that could allow remote code execution if an attacker sends a continuous flow of specially crafted UDP packets to a closed port on a Vista SP2 (32- and 64-bit,) Windows Server 2008 SP2 (32-bit, x64, Itanium,) Windows 7 for x64-based systems, or Windows Server 2008 R2 SP1 (x64, Itanium) system.

Continue reading

Palo Alto gives firewalls a cloud-based anti-malware sandbox with WildFire


Network security company Palo Alto Networks on Monday introduced a new anti-malware product for on-premises firewalls known as WildFire, which vets new and unknown files in a virtual sandbox to see if they're a new piece of malware, and then creates a distributable signature if they're determined to actually be bad files.

With the WildFire engine in place, a firewall will submit (either manually, or automatically based on policy) new and unknown .EXEs and .DLLs to a virtual cloud-based environment, where they are modeled against 70 different behavioral profiles to determine if they're malware.

Continue reading

US blasts China, Russia over 'extensive' cyberspying


China is in the spotlight again after a US intelligence report accused the country of cyber espionage. The country is using the data stolen as a result to strengthen its own economy, and is a threat to both American progress and the economy overall, the report says.

"Many states view economic espionage as an essential tool in achieving national security and economic prosperity", the report reads. "Their economic espionage programs...could give these states a competitive edge over the United States and other rivals".

Continue reading

Facebook users make their personal data easy to retrieve, researchers say

network

Here's a story that will make you think twice about what you share on Facebook. Researchers with the University of British Columbia's NetSysLab let loose what are called "socialbots" on Facebook, and came away with 250 gigabytes of personally identifiable data. The results of the study show that Facebook users need to be much more cognizant of exactly what they share, and who they add as friends.

A socialbot is a bot that comes in the form of a faked user profile. The bot friend requests users on the site, and then once the requests are accepted, it downloads the personal information on the profile. NetSysLab researchers report a success rate of up to 80 percent in tricking Facebook users into adding the fake profiles and making matters worse, Facebook's protective measures did little to detect or prevent the researcher's infiltration.

Continue reading

VIPRE Internet Security 2012: Light on resources, heavy on protection

GFI Software today unveiled the latest editions of the company’s security products, VIPRE Antivirus 2012 and VIPRE Internet Security 2012.

And while much of the competition tries to win you over by adding ever more malware-hunting features, GFI takes a different tack, concentrating just on the basics, but making them as simple to use as possible.

Continue reading

Protect passwords with Secure Login for Firefox

One of the curses of modern day life is remembering, storing and managing passwords. Whether you use a password manager, store passwords in your browser or try to remember the lot, there are always challenges. Storing in your browser is the easiest option, but how can you be sure that they’re safe? Secure Login for Firefox is a very handy extra layer of security.

Like Opera’s magic wand, Secure Login helps you to log into sites where you’ve already saved your username and password in Firefox. If you have an account stored, when you rest the mouse pointer over the key icon to the left of the address bar, you’ll see if it's available to login. Just click this button to securely authenticate yourself on this site.

Continue reading

PC Tools unveils 2012 security software

Security vendor PC Tools has revealed its new-look website and 2012 products. And the company is focusing very much on ease of use, with the claim that all the new releases provide “powerfully simple protection”.

There are four major programs available.

Continue reading

Don't be a statistic: tips to prevent or recover from laptop theft

Did you know that a laptop is stolen every 55 seconds in the United States?

I joined those ranks two weeks ago. While out on the road I made a stopover in Center City Philadelphia. Not thinking and in a rush to get to my destination, I left my laptop bag on the front passenger seat. I returned to my car to find the drivers-side window broken and the bag gone.

Continue reading

© 1998-2026 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.