Vulnerabilities and attacks

Stuxnet attacks Iran again, reports say

An Iranian news agency says the country successfully fended off yet another attack by the Stuxnet worm, according to reports.

The cyberattack allegedly targeted a power plant and other sites in southern Iran over the fall, the BBC and the Associated Press reported today.

Discovered in June 2010, Stuxnet is believed to be the first malware targeted specifically at critical infrastructure systems. It's thought to have been designed to shut down centrifuges at Iran's Natanz uranium enrichment plant, where stoppages and other problems reportedly occurred around that time. The sophisticated worm spreads via USB drives and through four … Read more

Suspected security hole found in many Samsung devices

A suspected security hole affecting a handful of Samsung smartphones could give apps access to user data and leave the handset vulnerable to malicious apps and bricking, according to a developer.

The vulnerability, which was discovered and detailed by an XDA member with the handle "alephzain," lies in Exynos 4, the ARM-based system-on-chip typically found in Samsung smartphones and tablets. Alephzain developed an exploit he said bypasses the system permissions, allowing any app to extract data from the device's RAM or inject malicious code into the kernel.

Alephzain said that he stumbled upon the vulnerability while trying … Read more

NASA hacker won't face prosecution in U.K.

NASA hacker Gary McKinnon will face no legal action in the U.K.

The Crown Prosecution Service has decided the appropriate jurisdiction for the McKinnon case is the U.S., after discussing the case with the U.S. Department of Justice and the police.

U.S. authorities started their bid to extradite McKinnon in 2005, accusing him of causing hundreds of thousands of dollars of damage by hacking into NASA and military systems. McKinnon admitted to the intrusion in 2002 but claimed he was looking for evidence of UFO activity.

But U.S. requests for his extradition were formally turned down … Read more

Threat of mass cyberattacks on U.S. banks is real, McAfee warns

The wave of distributed denial of service attacks that hit U.S. banks in October was next-to-nothing compared to what could happen if cybercriminals actually carry through with their plans for next year.

According to a report (PDF) released today by McAfee Labs, an impending attack on U.S. financial institutions -- dubbed Project Blitzkrieg -- isn't only a possibility, it's a "credible threat."

"McAfee Labs believes that Project Blitzkrieg is a credible threat to the financial industry and appears to be moving forward as planned," the report reads. "Although Project Blitzkrieg hasn'… Read more

Possible IE bug would let hackers track mouse moves

Microsoft is investigating a possible flaw in its Internet Explorer Web browser that allegedly enables attackers to track users' mouse cursor anywhere on the screen, even if the browser window isn't in use.

The alleged flaw, which security firm Spider.io says it discovered a few months ago, compromises the security of virtual keyboards and virtual keypads in all supported versions of the browser since IE6, the security firm reports.

"As long as the page with the exploitative advertiser's ad stays open -- even if you push the page to a background tab or, indeed, even if … Read more

New Trojan attempts SMS fraud on OS X users

The Russian security firm Dr. Web has uncovered another malware attempt on OS X systems that tries to exploit users with SMS fraud.

The new malware is a Trojan horse, dubbed "Trojan.SMSSend.3666," and is part of a family of Trojan malware for Windows and other platforms that have affected Windows users for years.

As with all Trojans, these pose as legitimate programs that are made available for download from a number of underground Web sites, with this current one for OS X appearing to be an installer for a program called VKMusic 4, a utility whose … Read more

GhostShell claims breach of 1.6M accounts at FBI, NASA, and more

Team GhostShell, the hacktivist collective, said today that it has stolen accounts from a large number of government agencies, contractors, and security firms, posting information from 1.6 million accounts online.

Dubbed Project White Fox, the hacking project appears to have affected NASA, the FBI, the Pentagon, and Interpol, among many others. The hackers announced their work in a file posted on Pastebin.

Our colleagues at ZDNet report:

The file dump, upon closer inspection, seems to include a number of records obtained via SQL injection. A random selection of the files contain email and home addresses, defense material tests and … Read more

Hackers steal customer info from insurance provider Nationwide

Hackers broke into insurance company Nationwide's network in early October, stealing the personal information of more than a million customers across the country, the insurance company recently revealed.

The company said the compromised information included people's names and a combination of Social Security numbers, driver's license numbers, their date of birth, and possibly marital status, gender, and occupation, as well as the names and addresses of employers. Nationwide said it had no evidence that any medical information or credit card account data was stolen.

"We discovered the attack that day, and took immediate steps to contain … Read more

New Mac malware uses OS X launch services

Security company Intego is reporting the discovery of a new malware package for OS X. The package is a Trojan horse called OSX/Dockster.A, that appears to have keylogging features to record what is being typed on an infected system in addition to remote-access features for backdoor access into the system. When installed, the Trojan attempts to contact the server "itsec.eicp.net," likely to receive instructions for allowing remote access to the system.

As with other recent malware for OS X, Dockster is a Java-based threat that will not run unless you have Java installed on … Read more