Month: March 2012

Pro-China hackers target Tibetan activists with malware

The Register: Pro-China hackers have started spoofing security firm AlienVault’s email address in spam messages in an attempt to infect pro-Tibetan recipients with malware. The move follows days after the security tools firm warned that AlienVault about spear phishing attacks against a number of Tibetan organizations. The spear-phishing messages relate to the Kalachakra Initiation, a …

Pro-China hackers target Tibetan activists with malware Read More »

Embarrassing security failure at PayPal

The H-Security: Until just a few days ago, web sites belonging to the world’s largest online payment service contained a security vulnerability in a key component that could have been exploited by fraudsters to steal information from customers. PayPal fixed the vulnerability shortly after being notified of its presence by The H’s associates at heise …

Embarrassing security failure at PayPal Read More »

Chrome 17 update fixes high-risk vulnerabilities

The H-Security: Google has released version 17.0.963.83 of its Chrome web browser, a maintenance update that fixes issues with Flash games and closes several security holes. The Stable channel update addresses a total of nine vulnerabilities, six of which are rated as “high severity“. These include an integer issue in libpng (the official PNG reference …

Chrome 17 update fixes high-risk vulnerabilities Read More »

New Dr Who girl Jenna-Louise Coleman’s name exploited by Twitter sex video scammers

SophosLabs: Jenna-Louise Coleman has been unveiled as the new “Doctor Who” companion, joining the BBC TV time traveller in his TARDIS later this year. “Doctor Who” is one of Britain’s biggest television shows, and is popular elsewhere around the world, so it was no surprise to find 25-year-old actress Jenna Louise-Coleman’s name was a trending …

New Dr Who girl Jenna-Louise Coleman’s name exploited by Twitter sex video scammers Read More »

‘Fileless’ malware installs into RAM

Exploit found in Russian adware invades process, doesn’t install files The Register: Researchers at Kaspersky Labs have found malware which, unusually, does not install any files on its victims PCs. The researchers aren’t quite sure how unusual it is, describing it as both “unique” and “very rare”, but no matter how scarce this type of …

‘Fileless’ malware installs into RAM Read More »

Apple’s new iPad is great, but it’s not free, nor called iPad 3

SophosLabs: Only hours after the launch of Apple’s newest iPad we are beginning to see spammers trying to use the excitement over its release to ensnare innocent people into their scams. The scammers are sending out emails with the subject “Where do we send your Free iPad 3, just Test & Keep! See details”. The …

Apple’s new iPad is great, but it’s not free, nor called iPad 3 Read More »

Firefox, Thunderbird and SeaMonkey updates fix critical vulnerabilities

The H-Online: In the latest round of updates of its suite of internet applications, Mozilla has detailed the security fixes in the Firefox 11 browser, Thunderbird 11 email and news client and SeaMonkey 2.8 “all-in-one internet application suite”. There are also fixes for the “enterprise” and legacy versions of Firefox and Thunderbird. These fixes include …

Firefox, Thunderbird and SeaMonkey updates fix critical vulnerabilities Read More »

Pidgin IM client 2.10.2 closes DoS holes

The H-Online: Version 2.10.2 of the open source Pidgin instant messaging program has been released. According to its developers, the maintenance and security update brings a number of changes and addresses two denial-of-service (DoS) vulnerabilities that could be exploited by an attacker to cause the application to be terminated. These remote crashes are caused when …

Pidgin IM client 2.10.2 closes DoS holes Read More »

Digital Playground porn passwords exposed by hackers

SophosLabs: A group of hackers are claiming to have stolen the details of more than 70,000 users of the Digital Playground porn website. The group, calling itself “The Consortium”, appears to have scooped up some 40,000 financial details (including credit card numbers, names, CCV numbers, and expiration dates) as well as the email addresses and …

Digital Playground porn passwords exposed by hackers Read More »