We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
Whatever assurances have been given about the security of GSM cellphone calls, forget about them now. Speaking at the Chaos Computer Club (CCC) Congress here Tuesday, a pair of researchers demonstrated a start-to-finish means of eavesdropping on encrypted GSM cellphone calls and text messages, using only four sub-$15 telephones as network
Regardless of what Sony might want you to think, piracy is not the only reason that people want to hack their PS3 to run software that isn
A database of 44,000 users' registration information from the Add-Ons server belonging to Mozilla was found to have been exposed for download. Mozilla says that it was informed by a security researcher, through Mozilla's Web Bounty Program, that the database was visible in mid-December.
Hackulous, the picaresque pirates best known for plundering Apple's DRM and capturing unprotected software for iPhone, iPod and iPad, yesterday unleashed an onslaught of updates, including cracking software for the much-anticipated Mac App Store and a "reverse BitTorrent" for jailbroken devices that aims to increase availability of cracked apps across the Web.
The security problems of 2010 are likely to continue and even escalate in 2011, with state-sponsored crime and data leaks from unhappy employees. State-sponsored crime has far more resources than ordinary hackers, and social networking is making the bad guys' job easier. But with Virtualization established, more security software may appear.
Carders.cc, a German security forum that specializes in trading stolen credit cards and other purloined data, has been hacked by security vigilantes for the second time this year. Also waking up to
Internet-connected HDTVs from one major manufacturer -- which appears to be Panasonic -- have security holes that could allow an attacker to trick users into giving up credit card information or other private data, according to a report by Mocana, which sells embedded security software solutions.
A data breach affecting Twin America, the parent company of CitySights NY, potentially compromised an estimated 100,000 customers' personal details, including credit card numbers. According to a security breach notification letter sent to the New Hampshire attorney general, as required by that state's laws, attackers successfully exploited a Twin America Web server by using a SQL injection attack.
The development team behind ProFTPD has released version 1.3.3d, which closes a critical security hole in the SQL module of all previous versions. The flaw was reported roughly a month ago in Phrack, the hacker magazine. A buffer overflow in the function sql_prepare_where() allows attackers to remotely execute arbitrary code on the server.
Spamhaus, the largest anti-spam entity, has recovered from a DDoS attack initiated against it over the weekend. The attack is attributed to the hosters of a WikiLeaks mirror called WikiLeaks.info in response to the Spamhaus
Attackers are already exploiting a bug in the Exim mailer to remotely execute code on compromised Linux machines, according to a pair of Linux security advisories. Posted on US-Cert as Vulnerability Note VU #682457, the bug exists in Exim mail server software prior to version 4.70. Affected systems include Debian Linux, Novell's SUSE Linux, and Canonical's Ubuntu Linux.
Whew! Is it just me, or is it getting tough to keep track of all the info spilled via this week's massive Gawker hack? The please-don't-call-it-Gawkergate. Gawker hacking story sprung up over the weekend, when a group known as "Gnosis" apparently made its way into the servers of Gawker Media. Gawker Media, if you aren't aware, is a publication group that runs gossip blog Gawker (no big surprise there) along with a slew of other websites like Lifehacker, Gizmodo, and Jezebel.
A former government contractor says that the U.S. Federal Bureau of Investigation installed a number of back doors into the encryption software used by the OpenBSD operating system. The allegations were made public Tuesday by Theo de Raadt, the lead developer in the OpenBSD project.
From a computer virus named for a stripper to swarming botnet attacks on the Pentagon and Microsoft, The Daily Beast lists the 10 most infamous hacks, worms, and DDoS takedowns in the last 25 years.
Officials from the Social Security Administration are assessing the damage done by an individual who is in custody in connection with the illegal computer download of the personal information of 15,000 New Yorkers who have filed disability claims.
McDonald's has lost thousands of customer details to a hacker, including names, phone numbers and street and e-mail addresses. The fast food chain is also warning of pending phishing scams.
Gawker Media has admitted passwords were stolen in a hack on its user databases. Whilst the stored passwords were encrypted, Gawker said, simple ones may still be vulnerable to a brute force attack, where constant attempts to crack the key are made until the hackers are successful.
Genesco Inc., which operates stores that sell shoes and hats, said Friday it was the victim of a cyber attack, and the extent of the damage is unknown.
THE WIKILEAKS LEAKS have shown that Chinese security firms with ties to the Chinese military hired the hacker group responsible for the original Blaster worm.
A computer consultant is embarking where Apple has refused to go, adding a security measure known as ASLR to iPhones to make them more resistant to malware attacks.
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
