Security & Privacy

A new backdoor Trojan for OS X is making the rounds, attempting to set up a secure connection for a remote hacker to connect through and grab private information.

The malware, dubbed "Pintsized" by Intego, is suspected of using a modified implementation of OpenSSH to set up a reverse shell that creates a secure connection to a remote server.

The use of an encrypted connection makes it more difficult to detect and trace, especially since it uses the common SSH protocol. In addition, the malware attempts to hide itself by disguising its files to look like components of … Read more

Apple today said it too was targeted as part of the string of hacking efforts on companies and news agencies.

The iPhone and Mac maker told Reuters that hackers targeted computers used by its employees, but that "there was no evidence that any data left Apple."

In a statement, Apple said it discovered malware that made use of a vulnerability in the Java plug-in, and that it was sourced from a site for software developers:

Apple has identified malware which infected a limited number of Mac systems through a vulnerability in the Java plug-in for browsers. The malware … Read more

The New York Times' report Monday of state-sponsored hacking in China drew new attention to the sophisticated techniques that would-be infiltrators use to gain access to victims' accounts. But it's not just China, Google said today -- the techniques used against U.S. government agencies and corporations are being used increasingly by hackers around the world.

"Compared to five years ago, more scams [and] illegal, fraudulent, or spammy messages today come from someone you know," security engineer Mike Hearn said in a blog post. "Although spam filters have become very powerful -- in Gmail, less than … Read more

An "overwhelming percentage" of cyberattacks on U.S. corporations, government agencies, and organizations originate from a 12-story office tower on the outskirts of Shanghai that's connected to the People's Liberation Army, according to an extensive New York Times report.

The newspaper cites a 60-page report by U.S. security firm Mandiant that traces the activities of a sophisticated Chinese hacking group -- known in some circles as "Comment Crew" or "Shanghai Group" -- to the headquarters of People's Liberation Army Unit 61398. The report notes that a body of digital forensic … Read more

The Twitter account associated with the fast-food chain Burger King was suspended after an apparent hack defaced the page with messages that the account had been sold to McDonald's.

The @BurgerKing account name was changed today to "McDonalds" and the Golden Arches logo was added to the page, as was a message that the account had been sold to McDonald's "because the whopper flopped."

The page has since been taken down, but images of the defacement are still visible on Web cache.

Before the feed's suspension, hackers posted tweets that included racial epithets … Read more

Facebook has won an important ruling on its ban of pseudonyms across its social network.

A German court yesterday ruled that it had no jurisdiction over Facebook because its European headquarters are in Ireland and therefore, could not offer an opinion on the social network's pseudonym use. The Associated Press was first to report on the court's ruling.

The court's ruling comes just two months after data protection agency Unabhaengiges Landeszentrum fuer Datenschutz (ULD) in the northern German state of Schleswig-Holstein ordered Facebook to allow for its users to employ pseudonyms. The company has a policy that … Read more

The best antivirus software available does more than just stop computer viruses, it also addresses the myriad and complex modern threats that you'll encounter. Indeed, from the merged antivirus and anti-malware detection engines to enhancing online privacy controls, security suites are an essential part of Windows and Mac desktop life. And just like driving a car without wearing a seatbelt, you shouldn't try to get by can get by without using antivirus software just because you can.

Because of their long history of deleterious consequences to system performance, security suites deserve closer scrutiny than any other category of … Read more

Some sleight of hand will allow iOS 6.1 hackers to access your phone application, listen to your voice mails, and place calls.

A YouTube video showing users how to "bypass iPhone 5 passcode" on Apple's latest iOS releases, including iOS 6.1, has been published. The person who uploaded the video shows how anyone can access the phone application on a passcode-protected iPhone.

In order to achieve the hack, users must come close to turning off the iPhone, place an emergency call, and keep their finger on the power button. CNET was able to re-create the … Read more

A zero-day security flaw in Adobe Reader and Acrobat is being exploited through a series of targeted attacks against vulnerable computers, Adobe Systems said yesterday.

In a security bulletin, Adobe confirmed that the vulnerabilities could cause Reader and Acrobat to crash, potentially opening the door for an attacker to gain control of the system.

"Adobe is aware of reports that these vulnerabilities are being exploited in the wild in targeted attacks designed to trick Windows users into clicking on a malicious PDF file delivered in an email message," the company revealed in the bulletin.

Adobe said it's … Read more