We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
Security specialist Patrick Dunstan reports that Mac OS X 10.7 "Lion" allows standard non-root users to access other users' password hashes. Under Mac OS X, users' password hashes are stored in shadow files that can usually only be accessed by root users.
The publisher of the uTorrent file-sharing program has admitted to suffering a major security breach that allowed attackers to substitute downloads of its client for malware pushing fake antivirus software.
The websites of several Mexican government ministries, including Defense and Public Security, went offline on Thursday, and a hacker group claimed responsibility.
Popular P2P file sharing company said its systems were breached Tuesday, enabling an attacker to replace its uTorrent client download with scareware.
The Web site that hosts uTorrent was hacked by an unknown person or group early this morning. After initially stating that the "mainline" BitTorrent site had been hacked as well, the company now says that it doesn't think that BitTorrent.com was affected. BitTorrent, the owner of the Web sites and the torrent clients hosted there, reported in a blog post that the breach occurred around 4:20 a.m PT.
Chinese AV vendor 360 has discovered a virus in the wild that makes its home in a computer's BIOS, where it remains hidden from conventional virus scanners. The contaminant, called Mebromi, first checks to see whether the victim's computer uses an Award BIOS. If so, it uses the CBROM command-line tool to hook its extension into the BIOS.
Cybercrooks have set up a web store that offers rented access to compromised machines on the TDSS/TDL-4 botnet. The latest version of the TDSS botnet agent bundles a component that turns compromised machines into a proxy connected to awmproxy.net.
He claims to be 21 years old, a student of software engineering in Tehran who reveres Ayatollah Ali Khamenei and despises dissidents in his country.
The digital miscreant known as ComodoHacker has claimed responsibility for the high-profile DigiNotar digital certificate authority hack.
When I first heard that The Register, a popular United Kingdom, technology news site had been hacked, I was doubtful that the site itself had actually been cracked. The first headline I saw read, The Register Hacked. That isn
Dutch SSL Certificate Authority (CA) DigiNotar is still keeping a low profile regarding the extent of the recently disclosed intrusion by hackers. The source code of the Chromium browser project, on which Google Chrome is based, has now provided some evidence of the extent of the compromise: its list of blocked certificates has grown from 10 to 257.
The site that hosts the Linux kernel's source code, Kernel.org was compromised earlier this month. The discovery was made on August 28th, and steps are being taken now to enhance security for the site and recovery is underway. The kernel code repositories are believed to be unaffected.
A hacker accessed personal details of Nokia developers in an attack on the Nokia Developer site last week, the phone manufacturer has admitted.
Hackers have obtained a digital certificate good for any Google website from a Dutch certificate provider, a security researcher said today.
It is used by millions of people on the Internet every day. Now, it is also used with increasing frequency by hackers seeking sensitive data like Social Security numbers: a Google search.
Routers from various manufacturers support UPnP (Universal Plug and Play) on their WAN interfaces, which apparently makes it possible for attackers to reconfigure them remotely via the internet and, for example, misuse them as surfing proxies or to infiltrate internal LANs. The problem was discovered by IT security specialist Daniel Garcia, who has developed the Umap tool to demonstrate the problem; the tool is available to download free of charge.
At DefCon III in 1995, the young crowd of 470 spent their time jamming a local radio station broadcast and playing Hacker Jeopardy at midnight when they couldn't drink at the bar. "Free Kevin" stickers were plastered everywhere protesting the jailing of fugitive hacker Kevin Mitnick, and a 14-year-old ran away from home to attend the event. (I know because I was there.)
A new website aims to establish who the world
The odds that a cybergang will stealthily turn your PC into a bot this summer and use it to carry out all manner of cyberattacks just notched notably higher.
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
