Web Security

Savannah GNU Site Compromised

A site belonging to the Savannah GNU free software archive was attacked recently, leading to a compromise of encrypted passwords and enabling the attackers to access restricted project material.

There’s a new version of the venerable GpCode ransomware attack making the rounds right now, demanding payments of $120 in order to decrypt files on infected PCs. This version, which has been active for several days now, is different from previous variants in that it overwrites the original files, preventing recovery of the data.

By Alex HuttonRecently, I’ve heard some bits and pieces about how Information
Security (InfoSec) can be “threat-centric” or “vulnerability-centric”.
 This stuck me funny for a number of reasons, mainly  it showed a basic
bias towards what InfoSec *is*. And to me, InfoSec is too complex to be
described as “threat-centric” or “vulnerability-centric” and yet still
simple enough to be described at a high level in a few paragraphs in a
blog post. So I thought I’d write a “primer” post on what InfoSec is to
create a reference point.

China has long used the Internet’s Domain Name Service (DNS) to censor Web sites and information that the ruling Communist Party deems threatening. But now security experts warn that the government’s censorship is in danger of spilling over China’s borders: suppressing the ability of those living outside of China to find information online.

Weeks after researchers unveiled Firesheep, the Firefox Web browser plugin that makes it easy to snoop on strangers’ Facebook, Flickr and other Web 2.0 sessions, a software update from the Electronic Frontier Foundation promises to secure more Web sessions from Firesheep-enabled snooping. 

By Chris Greamo

Over the past few years, malicious PDFs have become common place and a prefered vector for attackers. Last week, Adobe announced the release
of Reader X – the much anticipated next major release of
their ubiquitous document reader, which includes a new security feature
called ”Protected Mode”. Protected Mode is designed to restrict the
ability of an attacker who exploits Reader using a malicious PDF to
damage, modify, or gain full control of the underlying host.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.