Ad: Manage updates with the Download App
ie8 fix
  • CNET
  • News
  • All Vulnerabilities and attacks posts

Vulnerabilities and attacks

Israel government Web sites hit by hacker blitz

Israel's government Web sites have been bombarded by hackers in the last couple of days, logging more than 44 million hacking attempts since Israel launched the Gaza air strikes on Wednesday.

One of the attempts was successful, Finance Minister Yuval Steinitz told Reuters, noting that an unidentified site was offline for about 10 minutes before being resurrected. Popular targets include defense-related sites, as well as those of Israel's prime minister, president, and Foreign Ministry.

Most of the attacks have been traced to Israel and the Palestinian territories.

"The ministry's computer division will continue to block the … Read more

Anonymous targets Israeli Web sites in protest over Gaza

Anonymous is in the midst of a hacking campaign against a number of Israeli sites in protest of attacks taking place on Gaza.

The hacking spree, dubbed OpIsrael and begun early Thursday, has resulted in so many Israeli Web sites being defaced or shut down through methods including denial of service (DoS) attacks, that it's hard to keep count. However, some enterprising hacktivists have begun compiling lists of affected Web sites. Targets have included governmental, retail, and business sites -- some belonging to the automotive and fashion industries.

The Bank of Jerusalem, one of Israel's largest financial institutions, … Read more

Obama reportedly signs secretive cybersecurity policy directive

President Obama has long said cybersecurity is one of his priorities and it appears he is now acting on his words.

According to the Washington Post, he is said to have signed a secret policy directive last month that will give the military and other government authorities the ability to act quickly if the country comes under cyberattack.

Dubbed the "Presidential Policy Directive 20," this classified document allegedly outlines the rules of how federal agencies are allowed to react when it comes to online breaches of security, hacking, cyberthreats, and attacks.

One of the major elements of the … Read more

China cyber-espionage threatens U.S., advisory group warns

Congress needs to take action to deflect the growing threat of Chinese cyber-espionage against the U.S., a U.S. commission recommends in a new report.

Released today, the 500-page annual report to Congress by the U.S.-China Economic and Security Review Commission details various security issues concerning China. But the commission expressed particular fear over the country's ongoing cyberwarfare efforts.

Calling China the "most threatening actor in cyberspace," the report found that in 2012, Chinese state-sponsored hackers continued to target computers systems run by the U.S. government and military as well those maintained in … Read more

Skype fixes e-mail security flaw

Skype has resolved a nasty e-mail and password security bug and reinstated its password reset page.

Revealed by Skype earlier today, the vulnerability allowed someone to create a Skype account using the same e-mail address as that of the intended victim. That person was then able to reset the password for all accounts associated with that address, thereby locking out the account owner from Skype.

As a precaution, Skype earlier today took down its password reset page to prevent hackers from taking advantage of the flaw. But the company managed to resolve the security hole not long after announcing it, … Read more

Skype disables password resets due to e-mail security flaw

Update, 10:25 a.m. PT: Skype has since resolved the security issue and reinstated the password reset page.

Skype is investigating a security problem that allows someone to take over a user's account by resetting the account password.

The VoIP service provider best known for video calls confirmed in its blog today that it has taken down its password reset page as it probes the issue:

We have had reports of a new security vulnerability issue. As a precautionary step we have temporarily disabled password reset as we continue to investigate the issue further. We apologize for the … Read more

Cyberattacks against Lockheed have 'increased dramatically'

Cyberattacks against Lockheed Martin -- one of the largest defense contractors for the U.S. government -- have stepped up significantly in both pace and savvy, according to Reuters.

"The number of campaigns has increased dramatically over the last several years," Lockheed vice president and chief information security officer Chandra McMahon said in a news conference today, according to Reuters. "The pace has picked up."

McMahon claims that roughly 20 percent of the attacks are being perpetuated by other countries or groups that aim to steal information or threaten the company's operations. She told reporters … Read more

Ransomware a growing menace, says Symantec

Cybercriminals gangs are creating a surge in ransomware, says a new report from Symantec.

Ransomware is a type of malware best described as an online extortion racket. Malware locks or disables your PC in some way and then demands payment in the form of a "fine" to render your PC usable again. Like most scams, the ransomware message claims to come from a legitimate organization, such as the government or a public corporation, to try to convince victims that they did something wrong to incur the fine.

But paying the fine does nothing since the initial malware remains … Read more

SEC staffers leave computers open to cyber attack, report says

Staffers in the SEC's Trading and Markets Division left their computers totally unprotected from possible security attacks, forcing the organization to scramble to determine if any sensitive data was stolen, Reuters reported, citing unidentified sources with knowledge of the situation.

As it turns out, the trading and markets division is charged with ensuring that markets don't fall victim to cyberattacks.

Reuters also reports that the staffers attended the annual Black Hat Conference for hackers and brought the unprotected computers with them.

Soon after the security issues were identified, the SEC hired a third-party company and paid it "… Read more

Windows 8, RT to get first critical security patches next Tuesday

Windows 8 and Windows RT will receive their first security fixes when next week's Patch Tuesday rolls around from Microsoft.

The patches are designed to prevent "remote code execution," which means they'll plug holes in the OS that could let someone remotely run malicious code on a PC.

Beyond securing Windows 8, the fixes cover just about every other version of Windows, including XP, Vista, and Windows 7 as well as Server 2003, 2008, and 2012.

The rollout includes six security patches, four of which are considered critical, one important, and one moderate. Most of the … Read more