DHS Warns of ‘Hacktivist’ Threat Against Industrial Control Systems

The U.S. Department of Homeland Security is warning that a witches brew of recent events make it increasingly likely that politically or ideologically motivated hackers may launch digital attacks against industrial control systems. The alert was issued the same day that security researchers published information about an undocumented software backdoor in industrial control systems sold … Читать далее

Adobe Ships Critical Fixes for Shockwave Player

Adobe has released a critical security update that plugs at least a half-dozen security holes in its Shockwave media player software. Adobe recommends users of Adobe Shockwave Player 11.6.7.637 and earlier versions update to the newest version 11.6.8.638, available here. Updates are available for Windows and Mac systems. In its advisory on this update, Adobe … Читать далее

Service Sells Access to Fortune 500 Firms

An increasing number of services offered in the cybercrime underground allow miscreants to purchase access to hacked computers at specific organizations. For just a few dollars, these services offer the ability to buy your way inside of Fortune 500 company networks. The service I examined for this post currently is renting access to nearly 17,000 … Читать далее

Rogue Pharma, Fake AV Vendors Feel Credit Card Crunch

New research suggests that companies behind some of America’s best known consumer brands may be far more effective at fighting cybercrime than any efforts to enact more stringent computer security and anti-piracy laws. Recent legislative proposals in the United States — such as the Stop Online Piracy Act —  have sought to combat online trafficking … Читать далее

Critical Java Patch Plugs 30 Security Holes

Oracle on Tuesday pushed out a bevy of security patches for its products, including an update to Java that remedies at least 30 vulnerabilities in the widely-used program. The latest versions, Java 7 Update 9 and Java 6 Update 37, are available either through the updater built into Java (accessible from the Windows control panel), … Читать далее

The Scrap Value of a Hacked PC, Revisited

A few years back, when I was a reporter at The Washington Post, I put together a chart listing the various ways that miscreants can monetize hacked PCs. The project was designed to explain simply and visually to the sort of computer user who can’t begin to fathom why miscreants would want to hack into … Читать далее

Microsoft Patches Windows, Office Flaws

Microsoft today pushed out seven updates to fix a variety of security issues in Windows, Microsoft Office and other software. If you’re using Windows, take a moment to check with Windows Update or Automatic Update to see if new security patches are available. Most of the vulnerabilities addressed in this month’s patch batch apply to … Читать далее

Critical Adobe Flash Player Update Nixes 25 Flaws

Adobe has issued an update for its Flash Player software that fixes at least 25 separate security vulnerabilities in the widely-installed program. The company also pushed out a security patch for its Adobe AIR software. The chart below shows the newest patch version numbers released today. Updates are available for Windows, Mac, Linux and Android … Читать далее

‘Project Blitzkrieg’ Promises More Aggressive Cyberheists Against U.S. Banks

Last week, security firm RSA detailed a new cybecriminal project aimed at recruiting 100 botmasters to help launch a series of lucrative online heists targeting 30 U.S. banks. RSA’s advisory focused primarily on helping financial institutions prepare for an onslaught of more sophisticated e-banking attacks, and has already received plenty of media attention. I’m weighing … Читать далее

In a Zero-Day World, It’s Active Attacks that Matter

The recent zero-day vulnerability in Internet Explorer caused many (present company included) to urge Internet users to consider surfing the Web with a different browser until Microsoft issued a patch. Microsoft did so last month, but not before experts who ought to have known better began downplaying such advice, pointing out that other browser makers … Читать далее