Russian e-Payment Giant ChronoPay Hacked

Criminals this week hijacked ChronoPay.com, the domain name for Russia’s largest online payment processor, redirecting hundreds of unsuspecting visitors to a fake ChronoPay page that stole customer financial data. Reached via phone in Moscow, ChronoPay chief executive Pavel Vrublevsky said the bogus payment page was up for several hours spanning December 25 and 26, during … Читать далее

Java: A Gift to Exploit Pack Makers

I have long urged readers who have no need for Java to remove the program, because failing to keep this software updated with the latest security patches exposes users to dangerous, ubiquitous attacks. In this blog post, I’ll show readers how attacks against Java vulnerabilities have fast emerged as the top moneymaker for authors of … Читать далее

Carders.cc, Backtrack-linux.org and Exploit-db.org Hacked

Carders.cc, a German security forum that specializes in trading stolen credit cards and other purloined data, has been hacked by security vigilantes for the second time this year. Also waking up to “you’ve been owned” calling cards this Christmas are exploit database exploit-db.org and backtrack-linux.org, the home of Backtrack, an open source “live CD” distribution … Читать далее

Exploit Published for New Internet Explorer Flaw

Hackers have released exploit code that can be used to compromise Windows PCs through a previously unknown security flaw present in all versions Internet Explorer, Microsoft warned today. Dave Forstrom, director of trustworthy computing at Microsoft, said although the software giant is not aware of any attacks wielding this flaw against Windows users, “given the … Читать далее

The Cyberwar Will Not Be Streamed

In early 2000 — ages ago in Internet time — some of the biggest names in e-commerce were brought to their knees by a brief but massive assault from a set of powerful computers hijacked by a glory-seeking young hacker. The assailant in that case, known online as Mafiaboy, was a high school student from … Читать далее

Google Debuts “This Site May Be Compromised” Warning

Google has added a new security feature to its search engine that promises to increase the number of Web page results that are flagged as potentially having been compromised by hackers. The move is an expansion of a program Google has had in place for years, which appends a “This site may harm your computer” … Читать далее

Russian Police Only Translate the Good News

Internet security and cybercrime experts often complain that Russian law enforcement agencies don’t place a high priority on investigating and arresting hackers in that country. While that criticism may be fair, it may also be that Russian bureaucrats simply do not wish to call any attention to any sort of crime in their country — … Читать далее

Fallout from Recent Spear Phishing Attacks?

McDonald’s and Walgreens this week revealed that data breaches at partner marketing firms had exposed customer information. There has been a great deal of media coverage treating these and other similar cases as isolated incidents, but all signs indicate they are directly tied to a spate of “spear phishing” attacks against e-mail marketing firms that … Читать далее

Microsoft Patches 40 Security Holes

Microsoft today issued 17 software updates to plug a total of 40 security holes in computers running its Windows operating system and other software. December’s bounty of patches means Microsoft fixed a record number of security vulnerabilities this year. According to Microsoft, the most urgent of the patches is a critical update that fixes at … Читать далее