Web Security


Teen’s Arrest Underscores Need for More Secure Web Development

A 15-year-old who claimed he was bored when he turned to hacking was arrested for breaking into almost 260 companies during the first three months of this year, according to a ZDNet article published earlier today.Austria’s Federal Criminal Police Office said the teenager, who used the hacker handle ACK!3STX, used tools available on the Internet to scan for vulnerable Web sites and publish stolen data. He then bragged about his exploits on Twitter. Victims included sports companies and adult entertainment sites, among many others.

LA Times Profiles Cyber Defense Competition For Teens

The U.S. and other advanced nations face a drastic cyber security skills gap. Attacks from sophisticated and unsophisticated attackers are on the rise, even as more and more companies and government agencies move more of what they do online to Web based services and the cloud. Of course, the skills gap requires a bottom-up rethink of the way that technology skills are taught at both the primary and secondary level. That’s no easy task in a decentralized and highly regulated education system such as the one that exists in the U.S. where resources are addressed more towards basic skill acquisition than to teaching advanced cyber skills. Still, the Obama Administration has put cyber security at the top of its domestic and military security agendas, and there’s some evidence of positive change. 


VIEW SLIDESHOW How to Avoid Getting Hacked While TravelingResearcher Justin Morehouse has logged more than 100,000 miles to eight countries in the last year. His message: business travelers are at greater risk of being hacked than ever before, especially when it comes to smart phones and tablets. Now the security expert has distilled his research and first-hand experiences into some sage advice for travelling executives and VIPs. Here are eight ways you can protect yourself abroad.

Apple has released another fix for Java that also is designed to remove several of the variants of the Flashback Trojan that have been plaguing Mac users for months now. The update, released on Thursday, is the latest in a series of attempts by the company to address the Flashback situation.

Mozilla is developing a feature in Firefox that would require some user interaction in order for Flash ads, Java scripts and other content that uses plugins to play. In addition to easing system slowdowns, the opt-in for Web plugins is expected to reduce threats posed by exploiting security vulnerabilities in plugins, including zero-day attacks.

There is a serious remotely exploitable vulnerability in the Samba open-source software that could enable an attacker to gain root privileges without any authentication. The bug is in all versions of Samba from 3.0.x to 3.6.3, but has been fixed in Samba 3.6.4, which is the current stable release.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.