TOP 25 Most Dangerous Programming Errors

Tuesday, January 13th, 2009

Today in Washington, DC, experts from more than 30 US and international cyber security organizations jointly released the consensus list of the 25 most dangerous programming errors that lead to security bugs and that enable cyber espionage and cyber crime. Shockingly, most of these errors are not well understood by ...

Browser Bug Could Allow Phishing Without Email

Monday, January 12th, 2009

A bug found in all major browsers could make it easier for criminals to steal online banking credentials using a new type of attack called "in-session phishing," according to researchers at security vendor Trusteer. In-session phishing (pdf) gives the bad guys a solution to the biggest problem facing phishers these days: ...

Hacker Leaves Message for Microsoft in Trojan Code

Monday, January 12th, 2009

Here's a new way to get Microsoft to pay attention to you: Slip a brief message into the malicious Trojan horse program you just wrote. That's what an unnamed Russian hacker did recently with a variation of Win32/Zlob, a Trojan program victims are being tricked into installing on their computers. The message ...

USB Worms

Wednesday, January 7th, 2009

USB worms work by creating a file called AUTORUN.INF on the root of USB drives. These INF files then use Autorun or Autoplay to execute themselves either when the stick is inserted, or more commonly, when the user double-clicks on the USB drive icon from My Computer. Such malicious AUTORUN.INF ...

Weak Password Brings ‘Happiness’ to Twitter Hacker

Tuesday, January 6th, 2009

An 18-year-old hacker with a history of celebrity pranks has admitted to Monday's hijacking of multiple high-profile Twitter accounts, including President-Elect Barack Obama's, and the official feed for Fox News. The hacker, who goes by the handle GMZ, told Threat Level on Tuesday he gained entry to Twitter's administrative control panel ...