hackers

Hackers are actively exploiting a bug that involves both Windows and Internet Explorer. Google believes the hackers may be targeting specific users. The bug involves MHTML, which is a special format designed to combine all the different files of a ... web page, such as the coding for the text and layout, the image files and video files, into a single file. It was originally developed as a way for a user to save an entire webpage to their desktop without winding up with a messy collection of files, but can also be used as a web link. The vulnerability involves the way that Internet Explorer and ... (view more)

Think Macs can't be infected by viruses? Think again. While Apple computers are generally less likely to be attacked by hackers, it's not impossible to infect a Mac with malware (or virus). For years Apple has boasted that its computers are more ... secure than PCs. And they were right -- but that was based on a technicality that only a tiny fraction of the population owned Macs, and thus, there was less profit to be made and less havoc to wreak for hackers. But that's starting to change as the number of Mac owners increases, making for an awkward situation at Apple headquarters in Cupertino, ... (view more)

Microsoft says it's unlikely that hackers will successfully exploit a recently discovered security bug in Windows. The company says that if the bug is abused, it would likely result in a denial of service attack instead. As noted on Wednesday, the ... problem involves system files related to Windows network file and printer sharing. Hackers are often particularly interested in exploiting such system files as they are a potential entry point between a networked computer and the outside world (via the Internet). Denial of Service Risk to Windows In this case, the Windows exploit appears to have two ... (view more)

Elite hackers and ethical computer security enthusiasts are preparing themselves for the Pwn2Own competition, which challenges participants to break through security of popular software programs (such as web browsers). Once software is breached, it ... is referred to as an "exploit", in which hackers are then able to gain access to other areas of the computer's operating system without restrictions. It's these types of attacks which occur on web sites frequently, where visitors become instantly infected just by visiting a malicious website containing an unknown exploit (also referred to ... (view more)

Security company McAfee Labs recently released their 2011 Threat Predictions report, where they foresee cyber criminals turning their attention to three specific attack vectors in the coming year. An attack vector is "a path or means by which a ... hacker (or cracker) can gain access to a computer or network server in order to deliver a payload or malicious outcome. Attack vectors enable hackers to exploit system vulnerabilities, including the human element." (Source: techtarget.com ) Most specifically, Google TV, the Apple iPhone, and Foursquare: a location-based social networking ... (view more)

Hackers have now started using what is being referred to as "indestructible" cloud computing -based phishing attacks . In short, a phishing attack is a "criminally fraudulent process of attempting to acquire user names, passwords, and credit card ... details by masquerading as a trustworthy website." (Source: wikipedia.org ) For example, you may have received a dubious email asking you to "update" your banking information or to "change your online banking password." These are typical phishing scams whereby the information you input is stolen by fake ... (view more)

A new survey appears to confirm what most would suspect: people who discover security flaws make more money selling the details to criminals than to legitimate security companies. Research firm "Unsecurity" has carried out a survey of people who ... have discovered zero-day vulnerabilities and them sold them to security companies that then use the data to improve their products. Zero-day vulnerabilities occur when the original software manufacturer is unaware of a security risk in a software program. The name comes from the idea that once the manufacturer discovers the problem, there's ... (view more)

If you receive an email with the message "Facebook password reset confirmation customer support" in the subject line, don't click the link. Doing so would cause you to fall victim to the latest password-stealing virus targeting Facebook users. ... Facebook's estimated 400 million users are being targeted by hackers in an effort to steal banking passwords and gather other sensitive information. McAfee Warns of Malware in Attachment According to McAfee Inc., recipients of the email are told that their Facebook passwords have been reset. They're then urged to click on an attachment to obtain new ... (view more)

A new Trojan horse has surfaced online; its primary functionality makes it appear to be friendly to end users, but the final result can prove disastrous. On one hand, the Spy Eye toolkit is celebrated for its ability to remove malicious rival ... programs from infected computers. It boasts a feature called "Kill Zeus" which removes all traces of the notorious Zeus virus from a victim's PC. Of course, the Trojan horse has ulterior motives in playing the hero. It "Kills" the Zeus Trojan so that the computer is once again susceptible to attack, meaning that Spy Eye has exclusive access to usernames ... (view more)

Security firm Sophos tells PC World that two security measures introduced in Windows Vista and expanded in Windows 7 have had a marked effect on levels of infection on computers. Nevertheless, several online security professionals have reminded ... users of Windows 7 that while the new operating system (OS) offers enhanced security over its predecessors, it's not invulnerable. They note that human vulnerabilities will always leave people at risk to hackers. Two New Security Features Mark Improvements Address Space Layout Randomization (ASLR) partially randomizes the order in which data is stored ... (view more)