CNET News - Security

Fake CNN site from phishing e-mail hides a Trojan

Elinor Mills — Fri, 09 Jan 2009 02:36:00 GMT

A new e-mail that is circulating looks like it comes from CNN and links to a fake CNN Web page offering "graphic" video related to the Israel-Hamas conflict but instead hosts a Trojan that steals sensitive data, RSA said on Thursday.

When someone clicks on the video link on the ...

Patch for critical Windows vulnerability coming

Elinor Mills — Thu, 08 Jan 2009 21:16:00 GMT

Microsoft will issue a patch on Tuesday for a critical vulnerability that could allow a hacker to gain control of a computer remotely, the company said in an alert on Thursday.

Microsoft also plans to host a Webcast at 11 a.m. PST as part of Patch Tuesday, which comes ...

Latest problem import? Infected digital photo frames

Elinor Mills — Thu, 08 Jan 2009 20:32:00 GMT

In 2007, U.S. officials recalled melamine-laced pet food that caused the deaths of cats and dogs and lead-coated toys that endangered toddlers. Now, digital photo frames infected with computer viruses are the latest problem import from China.

"That phenomenon apparently has bled over to the digital side as well," ...

Study: Data breaches rose in 2008

Elinor Mills — Wed, 07 Jan 2009 19:24:00 GMT

Reports of data breaches in the United States increased 47 percent in 2008 from the year before, mostly as a result of lost or stolen equipment, and accidental exposure of data online, according to a new study from the nonprofit Identity Theft Resource Center.

There were 656 reports of breaches ...

Fake celeb LinkedIn profiles lead to malware

Elinor Mills — Tue, 06 Jan 2009 19:03:00 GMT

A security researcher has discovered fake profiles for celebrities on LinkedIn that have links to malicious code, according to a blog posting on Trend Micro's site.

The celebrity profiles that are not to be trusted include ones created using the names: Beyonce Knowles, Victoria Beckham, Christina Ricci, Kirsten Dunst, ...

Hackers hit MacRumors keynote coverage

Caroline McCarthy — Tue, 06 Jan 2009 18:13:00 GMT

(Credit: Topherchris.com)

Some nasty pranksters, likely associated with Web forum 4Chan, have hacked into Apple gossip mainstay MacRumors' live-blog coverage of Tuesday's Macworld keynote. Hosted on a separate domain, MacRumorsLive.com, the site was plagued by offensive messages about Apple CEO Steve Jobs' health and general inanity (i....

Alarm systems at risk: UL establishes a higher security requirement for magnetic switches

Marc Weber Tobias — Mon, 05 Jan 2009 19:05:38 GMT

A standard magnetic trip is based upon a sealed reed switch. Two or three contacts are sealed in a glass envelope containing an inert gas. The sensor is placed on a fixed object such as a door frame, and the magnet on the movable surface. These switches provide the lowest ...

Twitter phishing scam may be spreading

Rafe Needleman — Sun, 04 Jan 2009 00:04:00 GMT

Have you received the Twiter phishing scam message? ( polls)

There's a scam spreading through Twitter. Direct messages (DMs) are showing up in Twitter accounts with appealing come-ons to visit a site on blogspot.com. The text is, "hey! check out this funny blog about you..." The URL in the ...

'Curse of silence' smartphone flaw disclosed

Tom Espiner — Sat, 03 Jan 2009 00:33:00 GMT

A denial-of-service attack that limits the number of SMS messages that can be received by Nokia smartphones has been disclosed and demonstrated.

Dubbed the "curse of silence" by German security researcher Tobias Engel, the attack occurs when Nokia Series 60 phones are sent a malformed e-mail message via SMS (Short ...

Defense contractors eye cybersecurity bonanza

Jonathan Skillings — Fri, 02 Jan 2009 02:46:00 GMT

The industry side of the military industrial complex is on the scent of the federal government's cybersecurity dollars.

Bloomberg has a year-end rundown on the efforts of the big defense contractors to tap into a market that could swell to $11 billion by 2013. Boeing and Lockheed, for instance, ...