The Mariposa botnet had the power to dwarf Georgia and Estonia cyberattacks if it had been used to launch denial of service attacks, say Spanish police. Months of investigations by the Guardia Civil in Spain, the FBI and security firm Panda Security and Defence Intelligence led to the takedown of the 12.7 million strong zombie [...]

read full post »

Nice article I’ve found on Infoworld.com about the evaluation of phishing and its latest appearance in form of spear phishing (the method Megapanzer is used). Fraudsters hone their attacks with spear phishing In my previous column, I said that the No. 1 way to reduce IT security risks in your organization is to “simply” prevent [...]

read full post »

Long-established privacy and cryptology website Cryptome.org was pulled offline on Wednesday after Microsoft launched a legal offensive over its publication of Redmond’s guide to internet wiretapping. Microsoft’s Global Criminal Compliance Handbook, a 22 page booklet designed solely for police and intelligence services, provides an overview of Microsoft’s online services, what information it collects on users [...]

read full post »

Russian security firm Intevydis has made a Windows exploit for a previously unknown security hole in Firefox 3.6 available to its customers. The exploit allows attackers to remotely gain control of a PC. Intevydis develops the commercial VulnDisco add-on for the also commercial Canvas exploit toolkit by vendor Immunity. On the Immunity forum, developer Evgeny [...]

read full post »

Czech security experts have uncovered a global network of devices attacked by computer viruses within which it was possible to wiretap and gain access to sensitive data, Jan Vykopal, head of the security project of Masaryk University, told CTK yesterday. Modems were among the attacked devices as they are only poorly protected. The viruses were [...]

read full post »

Russian police have arrested the hacker who last month projected some adult entertainment on an enormous video screen in Moscow, giving locals around two minutes unexpurgated coverage of “a white male and a black female having sex”. According to Pravda, the grumble flick appeared at 11pm on 14 January on an giant display on the [...]

read full post »

A skilled San Francisco computer intruder was sentenced here Friday to 13 years in federal prison for stealing nearly two million credit card numbers from banks, businesses and other hackers — in what is the longest hacking sentence in U.S. history. Max Ray Vision, 37, was also ordered to pay $27.5 million in restitution, and [...]

read full post »

The Communications Assistance for Law Enforcement Act requires networks to provide interfaces that allow government to intercept data transmissions, just as they have long been able to tap telephone systems. But an IBM security researcher said criminals also could use the systems to wiretap the Internet. Tom Cross, manager of IBM Internet Security System’s X-Force [...]

read full post »

Cryptographers have broken the proprietary encryption used to prevent eavesdropping on more than 800 million cordless phones worldwide, demonstrating once again the risks of relying on obscure technologies to remain secure. The attack is the first to crack the cipher at the heart of the DECT, or Digital Enhanced Cordless Telecommunications, standard, which encrypts radio [...]

read full post »

Chinese authorities have closed down a firm that allegedly trained hackers to develop spyware and launch cyberattacks. Police in the central Chinese province of Hubei province arrested three people when they closed down Black Hawk Safety Net, described by the official Xinhua news agency as running the country’s biggest hacker training website. Black Hawk Safety [...]

read full post »