Remember all that hubbub over China hacking US companies a few months ago? It looks like they’re back at it. Surprisingly, the attacks have not only resumed but are originating from the same source – Unit 61398 in Shanghai. Why they chose to resume operations from a location that’s already [...]Read More »
Alleged Chinese spy’s laptop found to contain porn and pirated movies, not classified information from NASA
Bo Jiang used to work for NASA. He was let go by his employer because congressman Frank Wolf of Virginia claimed that he and other Chinese engineers were a security risk. This was a statement in a press release issued by the congressman:
Read More »
“I am particularly concerned that (the) information
13-year-old Alaskan middle school students hack classroom computers by using phishing on their teachers
In Ketchikan, Alaska a group of 18 students (aged 12 to 13 years) attending Schoenbar Middle School were able to hack into various computers after exploiting teachers to gain admin access. After taking control of various computers remotely, the hackers played pranks on other students.
Teachers were alerted about the [...]Read More »
The Communications Assistance for Law Enforcement Act in the United State allows law enforcement to wiretap internet communications, like VoIP (typically a warrant is needed for such wiretaps but there are so many “national security” loopholes nowadays, it is hard to tell). But the law only applies to internet service [...]Read More »
Like seemingly every other piece of consumer electronics these days, it was only a matter of time before Google Glass was cracked open for savvy coders to do as they please.
Jay Freeman, who goes by the handle Saurik, gained root access to Google Glass’ version of Android after a [...]Read More »
Google releases Chrome Office Viewer extension, will help you avoid those pesky virus-infected Office files
Google just released a new Chrome extension called the Chrome Office Viewer — it of course let’s you open and view Microsoft Office files (Word, Excel, and PowerPoint only) directly in your browser. It sounds like just another way to make things more convenient (and make Chrome OS sound more [...]Read More »
24% of PCs worldwide are vulnerable to viruses and cyber attacks, because people don’t update their antivirus
According to the most recent Microsoft Security Intelligence Report, an average of 24 percent of computers worldwide are vulnerable to viruses and cyber attacks. The reason? Simple — the lack of up-to-date antivirus software.
The report says that some people may not realize the importance of installing and maintaining [...]Read More »
We’ve all heard the stories about malware and Android. Many believe the claims to be false, especially considering most malware has to be actively installed by the user before it can cause any damage. The biggest problem with malware is that it can be embedded in alternate software, and users [...]Read More »
Search engines like Google and Bing index the web. The web contains thousands (millions?) of malware links, either malicious websites or malicious downloads. So it shouldn’t surprise anyone that malware links can be found when searching via a search engine. The people at major search engines, including Google and Bing, [...]Read More »
As I’m sure most dotTechies know, VirusTotal is an awesome online virus/malware scanner that allows users to scan files and programs for viruses or malware using over 40 different anti-virus/anti-malware engines.
VirusTotal historically had a maximum file size limit of 20 MB. Files above 20 MB were not able to [...]Read More »
Apple may have fixed their password security hole, but you should probably enable two-step verification
Just in case you missed it, Apple made a pretty serious boo-boo on the security front yesterday. The security issue was that Apple’s iForgot password reset tool was made vulnerable to hackers — if they managed to manipulate the URL in the date of birth page, they could reset your [...]Read More »
Is Apple losing its touch? Major security hole allowed hackers to easily reset passwords to Apple accounts using iForgot
There was a time when Apple products were popularly recognized as being secure. Or at least more secure than the competition. For example, for the longest time Mac OS X was synonymous with “doesn’t get viruses” (which, of course, has never been true — malware makers just never targeted Macs [...]Read More »
Internet-wide scan reveals millions of devices are exploitable due to use of default passwords like “admin” or “root”
A researcher, who has chosen to remain anonymous, has performed an internet-wide scan to determine the security level of gadgets like printers, webcams, and set-top boxes all across the world.
The scan was done by using the researcher’s custom-written code to send out more than 4 trillion messages. To put [...]Read More »
Last month, reports surfaced about a bug in iOS 6.1 that would allow anyone to bypass your passcode lock and gain access to your phone. After more than a month’s time, Apple has released iOS 6.1.3 to address the issue. The problem is, while they did fix the security bug, [...]Read More »
A handful of banks in South Korea have reportedly experienced serious network outages due to a malware attack.
The KBS and MBC networks said that all their computers shut down at 2pm local time, although this did not disrupt or damage their daily TV broadcasts. News channel YTN reported that [...]Read More »
EA’s online video game service Origin is exploitable by bug that lets attackers remotely run malicious code
Video game publisher Electronic Arts recently put out one of the bigger releases of the year in SimCity. The game was plagued with launch woes and continuous server issues as it required an online connection to EA’s Origin service to function. It turns out that’s not the end of the [...]Read More »
Last year we wrote a post that provided five tips on how to create strong passwords and have secure accounts. Now I’d like to take the opportunity to provide another password-related tip — the idea that you should use passphrases instead of traditional passwords.
WHAT IS A PASSPHRASE?
A ‘passphrase’ [...]Read More »
In the U.S. intelligence community’s annual review of worldwide threats, normally terrorism would be at the top of the list. But now, the nation’s top officials believe that cyber-attacks are now a greater threat to national security than terrorism, organized crime and the propagation of weapons of mass destruction.
While [...]Read More »
Anyone who feels Mac “doesn’t get viruses” hasn’t heard of ‘Pintsized.A’, a new trojan that bypasses Mac security measures
Remember that hack marathon earlier this year that saw Apple, Facebook, Twitter, and Microsoft compromised? Yeah, well, the breach occurred courtesy infected Macs. And now researchers have identified the malware that infected these Macs — ‘Pintsized.A’.
Pintsized.A is a new trojan that specifically targets Mac OS X. It isn’t entirely [...]Read More »
F-Secure, a security firm, has released their Mobile Threat Report for Q4 2012 and the trend is not surprising: Android has a bullseye on its back.
Accounting for a whopping 79% of 301 new malware discovered in 2012, Android is on top of the list when it comes to mobile [...]Read More »
Hackers successfully crack Chrome, Firefox, and Internet Explorer on Windows 8 and Windows 7 at Pwn2Own hacker competition
Chrome OS may have survived a barrage of attacks at Pwnium 3 but Windows and Windows browsers have not been so lucky. At Pwn2Own, a hacker competition sponsored by HP, hackers were able to exploit vulnerabilities in Internet Explorer 10 on Windows 8, Chrome on Windows 7, and Firefox on [...]Read More »
It would be illogical to claim Chrome OS is uncrackable, without exploits, and the safest operating system around. However, hackers taking part in the Pwnium 3 competition at CanSecWest Vancouver 2013 security conference were unable to crack Chrome OS… despite Google offering a whopping $3.14159 million incentive.
White hats (aka [...]Read More »
Bug in Galaxy S III makes lockscreen disappear, allows complete access to phone without password or pattern
Remember that security flaw on iOS 6.1? The one that would allow anyone to bypass your passcode and gain access to contacts and photos? It looks like Samsung’s Galaxy S III has a similar problem, and it might even be worse — it makes the lockscreen disappear completely until rebooted, [...]Read More »
Last week two separate instances of Java zero-day vulnerabilities were reported. One, reported by Security Explorations, was not (is not) being exploited in-the-wild as far as anyone knows. The second one, however, was (is) being exploited in-the-wild to infect users with McRat trojan. Oracle has now issued an update to [...]Read More »
After many famous companies admitting that they have been hacked, it is now the turn of Evernote, the market leader in note taking apps. In a post on the official blog, the developers revealed that they “discovered and blocked suspicious activity on the Evernote network that appears to have been [...]Read More »
Do you still have Java installed? Then you probably want to know that yet another zero-day Java vulnerability is found, and unlike the two vulnerabilities discovered earlier this week by Security Explorations, this vulnerability is being exploited in-the-wild effectively making it a new zero-day attack aimed at Java users.
According [...]Read More »
Normal anti-virus tell you to delete Trojans. Kaspersky? Not so muchRead More »
So you thought you would be safer with Flash gone and HTML5 taking over? Generally speaking, you are probably right — but not in this particular situation. Computer science graduate Feross Aboukhadijeh has demonstrated a proof-of-concept that allows websites to download unlimited amounts of data to your computer… until your [...]Read More »
Search warrant reveals just how much the government (or anyone else) can find out about you from your cellphone
Drug dealers, watch out! The government can find a whole lot about you if they seize your phone. As for everyone else, you probably wanna know just how much data your phone is carrying about you regardless of if you have committed a crime or not. And thanks to a [...]Read More »
Guess what? Adobe Flash is being hit with in-the-wild attacks (again); update to latest version to stay safe
Java. Flash. Java. Flash. Java. Flash. It seems like these two take turns in making your system vulnerable to attack. Sometimes they even misbehave at the same time, like today. As mentioned earlier today, two new vulnerabilities have been discovered in Java. Now it is Flash’s turn.
Adobe just announced [...]Read More »
This is getting old: New zero-day vulnerabilities found in latest versions of Java, including Java 7 Update 15
Still have Java installed on your computer or enabled in your browser? Then you should know new vulnerabilities have been discovered in the latest versions of Java. Again.
The current latest version of Java is Java 7 Update 15, which includes the most recent patch Oracle issues on February 19. [...]Read More »
Nir Goldshlager runs a “Web Application Security Blog.” He’s also happened to find a variety of security holes and exploits on sites like Facebook, Twitter and PayPal. His latest discovery, however, was a glaring hole in Facebook’s OAuth system: Nir was able to find a flaw that gave him access [...]Read More »
Is the Chinese or Eastern Europeans? Maybe someone else? We don’t really know. All we know is there has been a recent string of hacks against multi-million and multi-billion dollar corporations in the past few months. Microsoft is now the latest victim.
According to a blog post, Microsoft “found a [...]Read More »
We have had a lot of hacking stories lately on dotTech simply due to a sudden spike in public cybercrime incidents. However, by and large the most recent incidents were either low-key (e.g. Twitter attack hacked) or aimed at the corporate sector rather than ordinary citizens (e.g. Apple hack). That, [...]Read More »