Hacking - Infoworld

Got remote access? Lock it down

InfoWorld Tech Watch — Fri, 10 Feb 2012 17:25:26 +0000

Got remote access?
</article>
<article>
<h1>Data breach? Blame your third party's remote access systems</h1>
<p>admin — Tue, 07 Feb 2012 13:28:46 +0000</p>
<!--paging_filter--><p>An in-depth study of <a href=

data-breach problems last year where hackers infiltrated 312 businesses to grab gobs of mainly customer payment-card information found the primary way they got in was through third-party vendor remote-access applications or VPN for systems maintenance.

Anonymous claims to have released source code of Symantec's pcAnywhere

admin — Tue, 07 Feb 2012 12:09:34 +0000

Hacker group Anonymous claimed late Monday that the source code of Symantec's pcAnywhere had been uploaded on The Pirate Bay site.

Symantec could not immediately comment on whether the hackers had indeed released the source code of its product. "It happened so recently that we're still in the process of analyzing and won't be able to confirm until the morning," a spokesman said via email.

The point after: Apple's China problem, U.S. copyright conundrums, and more

Robert X. Cringely — Mon, 06 Feb 2012 19:35:04 +0000

It's been a while since I dipped into the reader mailbag and pulled out a few choice nuggets. Today, the unofficial federal holiday known as "Super Bowl Monday Hangover," seems as good a time as any to look back with amusement and ibuprofen at what riles up the residents of Cringeville.

Tinker tailor coder spy? Anonymous strikes again

Robert X. Cringely — Fri, 03 Feb 2012 20:35:44 +0000

Memo to the G-men on both sides of the pond: If you're hoping to catch the bad guys, it's generally a good idea to not let them listen in on your private conversations -- especially when the conversations are about them.

International law enforcers just learned this the hard way after members of Anonymous managed to record a phone conversation between the FBI and Scotland Yard about -- yes -- Anonymous.

VeriSign hacked several times, won't reveal the details

InfoWorld Tech Watch — Thu, 02 Feb 2012 20:24:50 +0000

In October 2011, Internet infrastructure firm VeriSign released its usual quarterly report. Buried in the 50-page filing to the SEC was the revelation that the company had been breached multiple times the previous year.

Hackers infect WordPress 3.2.1 blogs to distribute TDSS rootkit

admin — Tue, 31 Jan 2012 15:30:40 +0000

Hackers are compromising WordPress 3.2.1 blogs in order to infect their visitors with the notorious TDSS rootkit, according to researchers from Web security firm Websense.

It's not clear how the websites are being compromised, but there are publicly known exploits for vulnerabilities that affect WordPress 3.2.1, which is an older version of the popular blog publishing platform.

Many pcAnywhere systems still sitting ducks

Eric Knorr — Tue, 31 Jan 2012 11:00:00 +0000

Despite warnings from security software maker Symantec not to connect its pcAnywhere remote-access software to the Internet, more than 140,000 computers appear to remain configured to allow direct connections from the Internet, thereby putting them at risk.

15 worst Internet privacy scandals of all time

admin — Fri, 27 Jan 2012 13:36:01 +0000

In honor of National Data Privacy Day this Saturday, Jan. 28, we've put together a list of the 15 worst Internet privacy scandals of all time.

These high-profile privacy scandals involve many underlying technologies, from search to social media, email to voice mail, mobile phones to Webcams to GPS. But at the heart of all of these privacy scandals are companies collecting personal data without the user's knowledge or consent and then either sharing it with third parties or simply failing to keep it safe.

Threatened by Anonymous, Symantec tells users to pull pcAnywhere's plug

ccraig — Thu, 26 Jan 2012 13:54:13 +0000

Symantec this week took the highly unusual step of telling users of its pcAnywhere remote access software to disable or uninstall the software while it fixes an unknown number of bugs.

Security experts said the move was unprecedented for a company of Symantec's size.

[ Find out how to block the viruses, worms, and other malware that threaten your business, with hands-on advice from InfoWorld's expert contributors in InfoWorld's "Malware Deep Dive" PDF guide. ]

Linux vendors rush to patch privilege escalation flaw after root exploits emerge

ccraig — Tue, 24 Jan 2012 18:31:52 +0000

Linux vendors are rushing to patch a privilege escalation vulnerability in the Linux kernel that can be exploited by local attackers to gain root access on the system.

The vulnerability, which is identified as CVE-2012-0056, was discovered by Jüri Aedla and is caused by a failure of the Linux kernel to properly restrict access to the "/proc/<pid>/mem" file.

Hacker releases 100,000 Facebook log-in credentials

admin — Mon, 23 Jan 2012 17:22:46 +0000

A hacker who claims to act in defense of Israel has released 100,000 credentials of allegedly Arab users of Facebook in an ongoing row between Israeli and Arab hackers.

The hacker, who goes by the name Hannibal, posted the credentials in four parts on Pastebin on Saturday as well as making the details available on 14 file-sharing sites.

Researchers expose flaws in popular industrial control systems

admin — Fri, 20 Jan 2012 16:13:07 +0000

Researchers showcased unpatched security flaws in software used to control critical industrial systems by oil, gas, water, and electrical distribution plants at the 2012 SCADA Security Scientific Symposium (S4) on Thursday.

The vulnerabilities ranged from information disclosure and privilege escalation bugs to remote denial-of-service (DoS) and arbitrary code execution flaws.

Symantec backtracks, admits own network hacked

admin — Tue, 17 Jan 2012 21:38:06 +0000

Symantec today backed away from earlier statements regarding the theft of source code of some of its flagship security products, now admitting that its own network was compromised.

In a statement provided to the Reuters news service, the security software giant acknowledged that hackers had broken into its network when they stole source code of some of the company's software.

Oracle's latest Java moves frustrate users and vendors

Galen Gruman — Tue, 10 Jan 2012 11:00:00 +0000

Oracle, which officially took on the big job of shepherding Java two years ago this month, is traveling bumpy roads lately, with its modularization and licensing plans for Java raising eyebrows and security concerns coming to the fore as well.

Bow down to your new hacker overlords

Robert X. Cringely — Mon, 09 Jan 2012 19:55:42 +0000

Anonymous, move over. WikiLeaks, take a hike. There's a new uber hacking/whistleblowing group in town with some serious game and a wicked cool name that's putting you both to shame.

Symantec leak: Minor security threat but questions remain

InfoWorld Tech Watch — Fri, 06 Jan 2012 17:54:54 +0000

A group of purported Indian hackers claimed this week to have stolen the source code to Symantec's Norton AntiVirus soft

Symantec confirms source code leak in two enterprise security products

admin — Fri, 06 Jan 2012 12:42:46 +0000

Symantec late Thursday confirmed that source code used in two of its older enterprise security products was publicly exposed by hackers this week.

In a statement, the company said that the compromised code is between four and five years old and does not affect Symantec's consumer-oriented Norton products as had been previously speculated.

AJAX-based Web exploitation attacks detected in the wild

admin — Thu, 05 Jan 2012 17:34:05 +0000

Security researchers from Web filtering vendor M86 Security have detected Web exploitation attacks that use AJAX (Asynchronous JavaScript and XML) to fragment the payload into small pieces of code that are harder to detect by antivirus programs and intrusion prevention systems.

Researcher devises hard-to-detect DoS attack against HTTP servers

admin — Thu, 05 Jan 2012 16:28:21 +0000

Qualys senior software engineer Sergey Shekyan has devised a new HTTP denial-of-service (DoS) attack method which relies on prolonging the time clients need to read Web server responses.

Shekyan's method is dubbed Slow Read DoS and is based on previous research by Robert Hansen, the creator of the Slowloris HTTP DoS tool and the late Jack C. Louis, who developed Sockstress, a proof-of-concept application that applies the slow read attack concept to TCP stacks.