Posted by admin on
December 29, 2009
Farewell 2009, and The Washington Post
This will be the last post for the Security Fix blog. Dec. 31 marks my final day at The Washington Post Company. Over the last 15 years, I’ve reported hundreds of stories for washingtonpost.com and the paper edition. I have authored more than 1,300 blog posts since we launched Security Fix back in March 2005. Dozens of investigative reports that first appeared online later were “reverse published” in the newspaper… Continue reading
Posted by admin on
December 18, 2009
Hackers exploit Adobe Reader flaw via comic strip syndicate
Hackers broke into an online comic strip syndication service Thursday, embedding malicious code that sought to exploit a newly discovered security flaw in Adobe Reader and Acrobat, Security Fix has learned. On Monday, Adobe Systems Inc. said it was investigating reports that criminals were attacking Internet users via a previously unknown security flaw in its Adobe Reader and Acrobat software. Experts warned that the flaw could be used to foist… Continue reading
Posted by admin on
December 18, 2009
Twitter.com hijacked by ‘Iranian cyber army’
Hackers hijacked the Web site of micro-blogging community Twitter.com early Friday, briefly redirecting users to a Web page for a group calling itself the “Iranian Cyber Army.” The attackers apparently were able to redirect Twitter users by stealing the credentials needed to administer the domain name system (DNS) records for Twitter.com. DNS servers act as a kind of phone book for Internet traffic, translating human-friendly Web site names like “Twitter.com”… Continue reading
Posted by admin on
December 16, 2009
Group IDs hotbeds of Conficker worm outbreaks
Internet service providers in Russia and Ukraine are home to some of the highest concentrations of customers whose machines are infected with the Conficker worm, new data suggests. The report comes from the Shadowserver Foundation, a nonprofit that tracks global botnet infections. Shadowserver tracks networks and nations most impacted by Conficker, a computer worm that has infected more than 7 million Microsoft Windows PCs since it first surfaced last November… Continue reading
Posted by admin on
December 14, 2009
Hackers target unpatched Adobe Reader, Acrobat flaw
Adobe Systems Inc. said Monday it is investigating reports that attackers are exploiting a previously unidentified security hole in its Acrobat and PDF Reader software to break into vulnerable computers. The acknowledgment coincided with an alert published by the Shadowserver Foundation, a nonprofit group that tracks the spread of malicious programs that criminals use to control infected systems remotely. Shadowserver member Steven Adair said the flaw is present in the… Continue reading
Posted by admin on
December 11, 2009
Check your Facebook ‘privacy’ settings now
If you use Facebook and care about your privacy, take a moment to read this blog entry. Facebook has made some major changes that may allow a great deal more people to see your personal photos and videos, date of birth, family relationships, and other sensitive information. While logged in to Facebook, click the “Settings” link and you should see a box that looks like the one pictured below. You… Continue reading
Posted by admin on
December 10, 2009
Paper-based data breaches on the rise
More than one quarter of data breaches so far this year involved consumer records that were jeopardized when organizations lost control over sensitive paper documents. Experts say those incidents came to light in large part due to a proliferation of state data breach notification laws, yet current federal proposals to preempt those state measures would allow paper-based breaches to go unreported. According to the Identity Theft Resource Center, a San… Continue reading
Posted by admin on
December 8, 2009
Critical updates for Adobe Flash, Microsoft Windows
Microsoft released six software updates on Tuesday to fix at least a dozen security vulnerabilities in Windows, Internet Explorer, Windows Server and Microsoft Office. More than half of the flaws earned a “critical” rating, meaning criminals could exploit them to break into vulnerable systems without any help from users. Separately, Adobe Systems Inc. issued critical security updates to its Flash Player and AIR Web-browser plugins. The updates are available from… Continue reading
Posted by admin on
December 8, 2009
Security Fix author named ‘cybercrime hero’
Networking equipment maker Cisco Systems Inc this week bestowed a generous honor on the Security Fix author. In its 2009 annual security report released Tuesday, Cisco names Yours Truly as a “cybercrime hero,” citing an ongoing investigative series detailing the plight of small businesses that have lost hundreds of thousands of dollars at the hands of malicious software. The mention comes in a section announcing Cisco’s first-ever “Cybercrime Showcase,” which… Continue reading
Posted by admin on
December 7, 2009
La. firm sues Capital One after losing thousands in online bank fraud
An electronics testing firm in Louisiana is suing its bank, Capital One, alleging that the financial institution was negligent when it failed to stop hackers from transferring nearly 0,000 out of its account earlier this year. In August, Security Fix wrote about the plight of Baton Rouge-based JM Test Systems, an electronics testing firm that in February lost more than ,000 from two separate unauthorized bank transfers a week apart… Continue reading
