Latest Articles

Categories: Malware, Vulnerabilities

[img_assist|nid=3981|title=|desc=|link=none|align=right|width=100|height=100]VANCOUVER, BC — The first day of the CanSecWest Pwn2Own hacker
challenge wrapped up here today with a familiar face going after a
familiar target.
And, for the second year in a row, a German hacker known simply as
“Nils” exploited a previously unknown vulnerability in Mozilla Firefox
to take complete control of a 64-bit Windows 7 machine.

Read more...

Categories: Malware, Vulnerabilities

[img_assist|nid=3982|title=|desc=|link=none|align=left|width=100|height=100]VANCOUVER, BC — For the third year in a row, Charlie Miller has
hacked into a MacBook by exploiting a critical Safari browser
vulnerability. At the CanSecWest Pwn2Own hacker contest here, Miller performed a clean drive-by download against Safari to get a full command shell on the MacBook. 

Read more...

[img_assist|nid=3959|title=|desc=|link=none|align=left|width=100|height=100]Google has added a nifty new security feature to warn GMail users when there are suspicious log-ins to their e-mail accounts.The feature, now being rolled into Firefox and Internet Explorer, will flag GMail log-ins from multiple locations and flash the following warning to an affected user:

Read more...

[img_assist|nid=3904|title=|desc=|link=none|align=left|width=120|height=68]A computer security professional who sold Internet Explorer exploit
code to credit card hacker Albert Gonzalez was sentenced Tuesday to three years probation and a $10,000 fine. Jeremy Jethro, 29, was paid $60,000 by Gonzalez for a zero-day
exploit against Microsoft’s browser, “the purpose and function of which
was to … enable the conspirators to unlawfully gain access to, and
redirect, individual’s computers,” according to court records. Read the full article, [Wired]

Read more...

[img_assist|nid=3950|title=|desc=|link=none|align=left|width=100|height=100]Researchers from Indiana University and Microsoft were able to
infer sensitive data by analyzing the distinct size and other
attributes of each exchange between a user and a website interaction. Using man-in-the-middle attacks, they could glean the
information even when transactions were encrypted using the Secure
Sockets Layer, or SSL, protocol or the WPA, or Wi-fi Protected Access
protocol. Read the full article. [The Register]

Read more...

[img_assist|nid=3944|title=|desc=|link=none|align=right|width=100|height=100]Criminal hacker organizations are operating with increasing corporate-life efficiency, specialization and expertise, said  the FBI at FOSE conference. Here are the top ten operational positions in a cybercrime group. Read the full article. [Computerworld]

Read more...