code

Up to ten different router models, including some by popular manufacturer D-Link, are now vulnerable to hackers. It appears the code that runs the devices contains a master password that anyone could find and use. The problem was discovered by ... security researcher Craig Heffner, who admitted he had nothing more exciting to do on a Saturday than nose through code accompanying a recent firmware update for his D-Link DIR-100 router. Like most routers, the settings menu for the D-100 router is accessible through a web browser -- the idea being that the user can access the router through one of ... (view more)

Another monthly Patch Tuesday security update has arrived and this time Microsoft is providing fixes for 'critical' flaws in its Internet Explorer web browser and its Outlook email manager. In total, Microsoft's Patch Tuesday offering includes 13 ... bulletins, four of which have been marked critical -- Microsoft's highest security rating. Many security experts are pointing to the critical bulletin affecting Outlook as the most important security issue this month. Code Execution Flaw Affects Outlook Wolfgang Kandek, chief technology officer at IT security firm Qualys, says it's imperative that ... (view more)

Security researchers have uncovered a complex virus capable of reappearing even after it is thought to have been removed from a computer system. This so-called 'Red October' virus reportedly attaches itself to Adobe Reader and Microsoft Office ... software. The virus is named after the Tom Clancy novel about a Soviet submarine crew trying to defect. It's an appropriate moniker because the majority of computers infected by the virus are located in Russia and Eastern Europe (though there are victims in at least 37 other countries). The infections mostly affect computers used by government ... (view more)

Bitcoin currency exchange BitFloor is in big trouble after a security blunder resulted in the theft of $250,000. The heist at the BitFloor "exchange" came after operators did the online equivalent of leaving the keys in the door. Bitcoin is a ... virtual currency that isn't controlled by a government and therefore isn't subject to any seizure of funds. With no government backing, Bitcoin has value only so long as enough people agree to use it. Unlike most currencies, Bitcoin exists only online, with no physical currency (like coins or bills). Each Bitcoin exists solely as a unique identification ... (view more)

The creators of the Flame virus now appear to be attempting to remove it from the computers it has infected. This bizarre move from hackers, who normally seek to increase rather than decrease the number of machines their code infects, may be part of ... a belated attempt to prevent further analysis of how Flame works. The existence of Flame was announced late last month by security firm Kaspersky Lab. At the time, Kaspersky noted the virus was exceptionally sophisticated and had been designed specifically to harvest data using tactics as diverse as taking screenshots and eavesdropping on phone ... (view more)

An estimated 200,000 computers may be at risk because they are running an un-patched edition of Symantec's PC Anywhere. Late last month, Symantec urged all users to cease running the program unless absolutely necessary. The firm later changed its ... mind, announcing that it was safe to run as long as new security patches were installed. PC Anywhere became vulnerable when hackers threatened to release source code originally stolen six years ago, apparently without Symantec's knowledge. The hackers attempted to extort the company for $50,000 and then released the code publicly when it refused to ... (view more)

Google has temporarily suspended one of the features on its mobile wallet system for smartphones following word the platform has at least two serious security flaws. Google Wallet allows users to make payments using "near-field communications," a ... wireless protocol like Bluetooth, but with a maximum range of just centimeters. Users can hold, tap or swipe their smartphone next to a payment device without having to worry about the signal being intercepted. 'Brute Force' Could Break Code The system can be protected with a PIN (personal identification number) code, to prevent misuse when ... (view more)

Security firm Symantec is urging all Windows users to disable "PCAnywhere" (a remote-control software program) on their systems immediately. The concern to disable the product dates back to 2006, when Symantec's PCAnywhere source code was stolen, ... but has never appeared in the open until now. Symantec says users running old versions of PCAnywhere could have their systems easily hijacked. A security bulletin on their site says that even the latest edition of PCAnywhere (version 12.5) is "at an increased security threat," and have urged customers to disable the software and ... (view more)