Chinese Hackers Blamed for Intrusion at Energy Industry Giant Telvent

A company whose software and services are used to remotely administer and monitor large sections of the energy industry began warning customers last week that it is investigating a sophisticated hacker attack spanning its operations in the United States, Canada and Spain. Experts say digital fingerprints left behind by attackers point to a Chinese hacking … Читать далее

Espionage Hackers Target ‘Watering Hole’ Sites

Security experts are accustomed to direct attacks, but some of today’s more insidious incursions succeed in a roundabout way — by planting malware at sites deemed most likely to be visited by the targets of interest. New research suggests these so-called “watering hole” tactics recently have been used as stepping stones to conduct espionage attacks … Читать далее

Microsoft Fixes Zero-Day, Four Other Flaws in IE

Microsoft has released an emergency update for Internet Explorer that fixes at least five vulnerabilities in the default Web browser on Windows, including a zero-day flaw that miscreants have been using to break into vulnerable systems. The patch, MS12-063, is available through Windows Update or via Automatic Update. If you installed the stopgap “fix it” … Читать далее

Microsoft Issues Stopgap Fix for IE 0-Day Flaw

Microsoft today released a stopgap fix for a critical security flaw in most versions of Internet Explorer that hackers have been exploiting to break into Windows systems. The company said it expects to issue an official patch (MS12-063) for the vulnerability on Friday, Sept. 21. The company released a “fix it” tool, available from this … Читать далее

Malware Dragnet Snags Millions of Infected PCs

Last week, Microsoft Corp. made headlines when it scored an unconventional if not unprecedented legal victory: Convincing a U.S. court to let it seize control of a Chinese Internet service provider’s network as part of a crackdown on piracy. I caught up with Microsoft’s chief legal strategist shortly after that order was executed, in a … Читать далее

Internet Explorer Users: Please Read This

Microsoft is urging Windows users who browse the Web with Internet Explorer to use a free tool called EMET to block attacks against a newly-discovered and unpatched critical security hole in IE versions 7, 8 and 9. But some experts say that advice falls short, and that users can better protect themselves by surfing with … Читать далее

Exploit Released for Zero-Day in Internet Explorer

A working exploit that takes advantage of a previously unknown critical security hole in Internet Explorer has been published online. Experts say the vulnerability is being actively exploited in the wild, and that it appears to be connected to the same group of Chinese hackers responsible for unleashing a pair of Java zero-day exploits late … Читать далее

ID Theft Service Tied to Payday Loan Sites

A Web site that sells Social Security numbers, bank account information and other sensitive data on millions of Americans appears to be obtaining at least some of its records from a network of hacked or complicit payday loan sites. Usearching.info sells sensitive data taken from payday loan networks. Usearching.info boasts the “most updated database about … Читать далее

Microsoft Disrupts ‘Nitol’ Botnet in Piracy Sweep

Microsoft said Thursday that it convinced a U.S. federal court to grant it control over a botnet believed to be closely linked to counterfeit versions Windows that were sold in various computer stores across China. The legal victory also highlights a Chinese Internet service that experts say has long been associated with targeted, espionage attacks … Читать далее

Researchers: Chip and PIN Enables ‘Chip and Skim’

Researchers in the United Kingdom say they’ve discovered mounting evidence that thieves have been quietly exploiting design flaws in a security system widely used in Europe to prevent credit and debit card fraud at cash machines and point-of-sale devices. The innards of a chip-and-PIN enabled card. At issue is an anti-fraud system called EMV (short … Читать далее