ie8 fix
Click Here

InSecurity Complex

Spam offers to let people use their PC to attack Obama site

Spammers are hoping to rouse Obama critics to launch a cyber protest and to download malware onto their PCs in the process.

New spam is circulating that supposedly offers a way for people to use their computers to launch a denial-of-service attack on the Web site of President Obama, researchers said on Tuesday.

The e-mail message says: "If You dont like Obama come here, you can help to ddos his site with your installs."

The e-mail then provides a link to a Web site where visitors are offered money for installing the supposed denial-of-service (DoS) software, according to a blog posting more

New virus infects programs built with Delphi

Researchers said on Tuesday that they are seeing something unusual in the malware world--a virus that targets a development environment.

The virus, dubbed Win32.Induc, was written to infect applications built with Delphi, according to Nick Bilogorskiy, manager of antivirus researcher at Sonicwall. Delphi is used to write Windows programs, including database applications.

When an infected program is run on a machine running Delphi, the virus infects any software that gets compiled on that machine. The virus spreads the executable file of itself as well as the source code. It looks for a compiler on the infected system and re-compiles more

Three men indicted in largest U.S. data breach

Two Russians and a Florida man were charged on Monday with hacking into Heartland Payment Systems, 7-Eleven, and the Hannaford Brothers supermarket chain, and stealing data related to more than 130 million credit and debit cards.

The indictment names 28-year-old Albert Gonzalez of Miami, who already has been charged with stealing data related to 40 million credit cards from eight major retailers, including TJ Maxx, and two unnamed co-conspirators based in Russia.

The breach involving Heartland and the others is believed to be the largest hacking and identity theft case ever prosecuted by the U.S. Department of Justice. In more

Targeted Twitter user blames Russia

The Georgian blogger whose Twitter, Facebook, and YouTube accounts were targeted in denial-of-service attacks on Thursday, says he thinks Russia's federal security service is behind it.

"This hackers was from Russian KGB," the blogger, who uses "Cyxymu" on his accounts, wrote in a tweet early on Friday, adding later: "My twitter is online! Thank you all for support after ciber attack from Russia!"

Because of the difficulty in tracing distributed denial-of-service (DDoS) attacks back to the source, unless someone takes credit for the attack or brags about it to online associates, it's nearly impossible to determine exactly who more

FAQ: The ins and outs of DoS attacks

Thursday's denial-of-service attack that knocked Twitter offline for a few hours and affected Facebook, LiveJournal, and Google Sites and Blogger wasn't your average attack.

Typically, someone who has a bone to pick with a specific Web site will round up some hijacked PCs and use them to try to shut the site down. In this case, whoever was responsible was trying to block access to a specific user's accounts and not the sites themselves.

Denial-of-service attacks aren't always straight forward and this one has its own unique twist. Let's take a look at what happened more

Twitter, Facebook attack targeted one user

A Georgian blogger with accounts on Twitter, Facebook, LiveJournal, and Google's Blogger and YouTube was targeted in a denial-of-service attack that led to the sitewide outage at Twitter and problems at the other sites on Thursday, according to a Facebook executive.

The blogger, who uses the account name "Cyxymu," (the name of a town in the Republic of Georgia) had accounts on all of the different sites that were attacked at the same time, Max Kelly, chief security officer at Facebook, told CNET News.

"It was a simultaneous attack across a number of more

Microsoft to fix critical Windows, Office holes

Microsoft will issue fixes for five critical holes affecting Windows and a variety of other software on Patch Tuesday next week.

The critical holes, which could allow an attacker to remotely run code on a PC and take control of it, affect Windows 2000, Windows XP, Windows Vista, Windows Server 2003 and 2008, Windows Client for the Mac, Office 2000, XP and 2003, Microsoft Office Small Business Accounting 2006, Visual Studio .NET 2003, Microsoft Internet Security and Acceleration Server 2004 and 2006, and BizTalk Server 2002, according to a Microsoft security advisory released on Thursday.

Four additional vulnerabilities, rated "important," more

Is Adobe the next (pre-2002) Microsoft?

If you're a criminal and you want to break into a network, a common attack method is to exploit a hole in software that exists on most computers, has its fair share of holes, and isn't automatically updated.

In 2002, that would have been Windows. Today, it's likely to be Adobe Reader or Flash Player, whose share of vulnerabilities and exploits are on the rise while Microsoft's is falling.

Nearly half of targeted attacks exploit holes in Acrobat Reader, which is used to read PDF (portable document format) files, according to F-Secure. Meanwhile, the number of more

Apple fixes hole with Mac OS X image viewing

Apple on Wednesday issued a security update that fixes 18 vulnerabilities including several that put computers running Mac OS X at risk of remote code execution if a maliciously crafted image is viewed.

In addition to fixing a problem with how PNG images are handled, Security Update 2009-003 fixes issues related to ImageIO's handling of OpenEXR images, EXIF metadata, as well as Canon RAW images and images with an embedded ColorSync profile.

The update, which arrives as part of the release of Mac OS X v10.5.8, extends the list of content types the Mac OS X will more

Hacking the Defcon badges

Most badges from conferences and trade shows end up in the trash. Not so the badges from the Defcon security show, which are stylized, mysterious, and highly customized electronics equipment designed to be hacked.

Instead, they end up as collector's items. Bidding on eBay for a Defcon 17 badge from last weekend had reached $81 on Tuesday with three days to go, while a 2007 badge was at $33.99.

The Defcon badges and badge hacking contest, both highly anticipated at the conference each summer, not only give the hackers a mental challenge to figure out what the devices more

ie8 fix
  • Recently Viewed Products
  • My Lists
  • My Software Updates
  • Promo
  • Log In | Join CNET