security

New reports are surfacing with details of the latest and what's considered to be one of the most dangerous Internet worms, dubbed "Duqu." It's said the worm can install and spread itself due to a security loophole in Microsoft Word. As reported last ... week, Duqu's programming code is very close to that of the Stuxnet worm that wreaked havoc back in 2010 . Stuxnet was a particularly sophisticated virus which infected Windows-based PCs, and in turn, attacked computers that controlled equipment in Iran's nuclear program to the point where it caused irreversible damage to equipment. So ... (view more)

The Federal Bureau of Investigation (FBI) has accused a 35 year old man of hacking Scarlett Johansson's cellphone and stealing photographs of the actress in a state of undress. Christopher Chaney, of Jacksonville, Florida, has been charged with ... several offenses after allegedly compromising the security of more than 50 people, including other celebrities. The offenses are believed to involve a string of entertainers, including singer Christina Aguilera, actress Mila Kunis, celebrity stylist Simone Harouche and jazz singer Renee Olstead. It's thought the attacks involved both direct access to ... (view more)

The theft of online security certificates by hackers thought to be from Iran may be even more serious than first thought. The stolen certificates include those for security agencies from the United States, United Kingdom and Israel. The security ... breach originates with DigiNotar, a Netherlands organization that produces Secure Sockets Layer (SSL) certificates which are used by webites. An SSL, for example, is used when home users connect to their banking web sites. Using the SSL certificate, information to and from the home PC to a bank website is encrypted and cannot be intercepted by a third ... (view more)

This past spring, Sony was hit by one of the most crushing hacker invasions in tech history. The hack, which penetrated Sony's PlayStation Network (PSN), acquired personal information associated with tens of millions of accounts, including stolen ... data included credit card information, addresses, and names. In all, it's estimated that the online attack cost Sony $171 million dollars. (Source: pcmag.com ) So, can hiring an official formerly tasked with preventing terrorism on U.S. soil help prevent devastating online attacks in the future? Sony, which just hired a former U.S. Department of ... (view more)

Microsoft is offering a huge reward to encourage tech savvy users to come up with new security ideas for its operating system. The company is running a contest for users to create "a novel runtime mitigation technology designed to prevent the ... exploitation of memory safety vulnerabilities." Put in simple terms, that means the winning entries have to halt malware that takes advantage of exploits in computer memory. An exploit of this nature is an extremely common source of security breach. It works by taking advantage of the fact that computer memory is used to serve multiple programs, often ... (view more)

Microsoft has reminded Windows XP users that the system will lose security support from the company in under 1,000 days' time. However, some wonder if that will prove practical. Stephen Rose, who is the community and social media manager for ... Microsoft, wrote a blog post to mark the system's imposing deadline. He said that "Windows XP had an amazing run and millions of PC users are grateful for it. But it's time to move on. Two reasons: 1) Extended support for Windows XP is running out in less than 1000 days, and 2) there's an OS out there that's much better than Windows XP." (Source: ... (view more)

A Department of Homeland Security (DHS) source has confirmed that technology made overseas and imported to the US has been known to contain spy tools. There's also a threat from counterfeit hardware. The confirmation came during a hearing by a House ... of Representatives committee into cyber security. It was discussing ways in which private companies can be encouraged to work alongside the government in tackling security threats. Damage, Spying Both A Threat Greg Schaffer, who works in the National Protections and Programs section of the DHS, did not go into great detail about the spying tools, ... (view more)

Two major hacking collectives have announced they've forged a partnership. Anonymous and LulzSec say they are targeting high-profile classified information. The two groups do not carry out hacking in order to make money, either by stealing card ... details or selling bogus security software. Instead, they carry out a blend of hacktivism (a portmanteau of hack and activism), attacks made for a political purpose, or simply for amusement. The Anonymous group has carried out several politically-motivated operations in recent months. Among its most famous activities have been attacks on the homophobic ... (view more)

The United States government has offered help after defense contractor Lockheed-Martin suffered a "tenacious" cyber-attack. It appears to be linked to problems with a system used for authorizing access from external locations. Lockheed-Martin, which ... is the leading supplier of IT services to the government, says the attack was the latest in a line of frequent attempts to breach its security, which certainly makes sense given the confidential nature of some of the material it handles. But it has described the latest attack as "significant." As a result, the company has reset all user passwords ... (view more)

A security firm reports that hackers have intercepted email messages from Hotmail user accounts after manipulating a bug found deeply rooted within Microsoft's website. While security officials admitted that victims needed to be logged into Hotmail ... for the attack to work, the virus was also found to affect those that had previewed the message for a short period of time before logging out. Attack Source: Cross-Site Scripting Flaw (XSS) The source of the attack was revealed to be a common web programming error called a cross-site scripting flaw . As security firm Trend Micro explained in a ... (view more)