Threats
The latest cybersecurity threats and news to help you protect your data, networks, applications, and devices.
-
Is the Breach Quadrilateral the Key to Understanding Security?
TORONTO – The security business is full of different terms and methodologies for describing the threat model. In a presentation at the SecTor conference this week, Chris Pogue, director of Digital Forensics and Incident Responce at Trustwave, explained his firm’s simple four-step model for defining cybercrime. “As difficult as people want to make cybercrime, there…
-
Fake Expedia Itinerary Confirmations Deliver Malware
Hoax-Slayer is warning of malicious spam campaign of e-mails claiming to be itinerary confirmations from Expedia, offering trip details in an attachment (h/t Softpedia). “Thanks for booking with Expedia! Below is a summary of the trip you recently booked,” the e-mail states. “To help ensure everything runs as smoothly as possible, keep this e-mail handy…
-
Algerian Hacker Hamza Bendelladj Arrested for Stealing Millions
Algerian hacker Hamza Bendelladj, 24, was arrested on Sunday at Bangkok’s Suvarnabhumi Airport. Immigration Bureau chief Pharnu Kerdlarpphon said Thai police were alerted to his arrival by the FBI. “Mr Bendelladj, who graduated in computer sciences in Algeria in 2008, has allegedly hacked private accounts in 217 banks and financial companies worldwide, amassing ‘huge amounts’…
-
Carly Rae Jepsen Nude Photo Hacker Arrested
Christopher David Long, 25, recently turned himself in to the police for stealing nude photographs from pop star Carly Rae Jensen’s computer. “Long surrendered to police on Friday, December 7th, at the Abbotsford Court House,” The Vancouver Sun reports. “He has been released and will appear in court January 4th, 2013.” “Long has been charged…
-
Hackers Steal $1 Million from Citibank
The FBI recently announced that 14 people have been charged with stealing more than $1 million from Citibank ATMs at casinos in California and Nevada. “The alleged fraudsters were able to exploit a ‘loophole,’ or business logic flaw, in Citibank’s account security protocols — in essence, tricking the system to believe that multiple transactions were…
-
Wells Fargo Hit by Cyber Attacks
Wells Fargo’s online banking services were recently disrupted by a series of denial of service attacks. “Wells Fargo apologized on Twitter for the disruption, saying it was working to restore access,” writes Computerworld’s Jeremy Kirk. “By Wednesday morning, the site appeared to be functioning. A group calling itself the ‘Mrt. Izz ad-Din al-Qassam Cyber Fighters’…
-
Google Buys VirusTotal
VirusTotal today announced that it has been acquired by Google. “VirusTotal was set up in 2007 and uses over 40 different antivirus engines to scan files and URLs for malware for free,” writes The Register’s Iain Thomson. “Users can upload small files for checking, or just input a URL, to see if it’s on a…
-
Five Signs Your Website is the Target of an Automated Attack
Hackers love automated SQL Injection and Remote File Inclusion attack tools. Using software such as sqlmap, Havij, or NetSparker, finding and exploiting website vulnerabilities is fast and easy even for unskilled attackers. Hackers favor automated tools for three key reasons. First and foremost, these toools require very little skill to use, and are often freely…
-
Yahoo Password Breach Puts SQL Injection In the Crosshairs
SQL Injection has long been identified as one of the top vulnerabilities affecting web applications. Even though SQL Injection attack vectors are well known, it’s an attack that keeps on yielding big name website results -– just ask Yahoo. On Wednesday night, a hacker group known as “D33Ds Company” publicly posted a password dump…
-
Anonymous Hackers Target Pedophiles
Members of Anonymous recently announced the launch of OpPedoChat, which targets Web sites used by pedophiles. “Lately, there has been a surge of websites dedicated to pedophiles for chat, picture sharing, etc.,” the group’s Pastebin statement reads. “These sickos openly advocate concepts like ‘man-boy love’ with statements such as ‘If the boy [in this case…
