[img_assist|nid=5380|title=|desc=|link=none|align=left|width=82|height=82]Apple has shipped another mega Mac OS X patch bundle to fix a total of 28 documented security vulnerabilities affecting the Mac ecosystem.
In the second part of his discussion on DDoS attacks at the Kaspersky Lab Security Analyst Summit in Cyprus, Jose Nazario of Arbor Networks delves into some of the statistics he has compiled on these attacks.
[img_assist|nid=5372|title=|desc=|link=none|align=right|width=100|height=100]Researchers looking into the security of GSM phone networks are
suggesting that the recent breach, which saw tens of thousands of e-mail
addresses and ICC-IDs inadvertantly disclosed AT&T, could have far more significant implications
than a bit of extra spam: attackers can use the information to learn
the names and phone numbers of the leaked users, and can even track
their position. Read the full article. [Ars Technica]
Kaspersky Lab anti-malware researchers Costin Raiu and Magnus Kalkuhl field questions on targeted attacks, how they work and how businesses can protect themselves.
[img_assist|nid=5304|title=|desc=|link=none|align=left|width=100|height=100]Researchers have found evidence that attackers are exploiting the vulnerability in the Windows Help and Support Center that was at the center of so much controversy last week.
[img_assist|nid=5359|title=|desc=|link=none|align=right|width=100|height=100]Keystroke-logging computer viruses let crooks steal your passwords, and
sometimes even read your e-mails and online chats. Recently, however,
anonymous criminals have added insult to injury, releasing a keylogger
that publishes stolen information for all the world to see at online
notepad sharing sites such as pastebin.com. Read the full article. [KrebsonSecurity]
By Chris Wysopal[img_assist|nid=2481|title=|desc=|link=none|align=left|width=100|height=100]Vulnerability disclosure is in the spotlight again. First it was Tavis Ormandy disclosing a vulnerability in Microsoft Windows before Microsoft had a fix available. Now a group called Goatse Security has disclosed a vulnerability in an AT&T website that affects Apple iPad 3G owners. The Wall Street Journal reports on the repercussions against vulnerability researchers in “Computer Experts Face Backlash”.
[img_assist|nid=5354|title=|desc=|link=none|align=left|width=100|height=100]The mass SQL injection attack that has been ongoing for a week or so now is designed mainly to steal credentials for online games and is quite well planned and organized, experts say.
[img_assist|nid=5345|title=|desc=|link=none|align=right|width=100|height=100]A hacker tried to frame his neighbor by tapping into his Wi-Fi and
sending threatening emails to US vice president Joe Biden, according to
search warrant affidavits unsealed recently. Read the full article. [The Register]
[img_assist|nid=5342|title=|desc=|link=none|align=left|width=100|height=100]The developers of the open source IRC server UnrealIRCd have had to report that the file servers of the project were compromised several months ago and the IRC servers code, Unreal126.96.36.199.tar.gz was replaced by a version with a backdoor. The backdoor allows anyone to execute commands on the server running UnrealIRCd. Read the full article. [The H Security]