Vulnerabilities and attacks

Concluding that the Syrian government was responsible for the country's Internet blackout, the online hacktivist group Anonymous has announced a campaign against Syrian government Web sites hosted outside the country.

The Middle Eastern country began experiencing an Internet outage earlier today, and many people on Twitter reported that phone lines are down as well. All 84 of Syria's IP address blocks have become unreachable, effectively removing the country from the Internet, according to Renesys, which operates a real-time grid that continuously monitors Internet routing data.

Anonymous said it had conducted an "exhaustive analysis" of the blackout … Read more

Owners of certain Samsung printers may find their devices a target for hackers.

Samsung printers and some Dell printers made by Samsung have a hardcoded account that someone could use to control and access information on the devices, according to US-CERT (United States Computer Emergency Readiness Team).

As described by the security team, these printers contain a hardcoded SNMP (Simple Network Management Protocol) string that has full read/write access and stays active even if the network protocol is disabled by the user.

"A remote, unauthenticated attacker could access an affected device with administrative privileges," US-CERT said. "… Read more

Hackers have made their way into one of the servers of the United Nation's International Atomic Energy Agency, according to Reuters. The agency confirmed that the hackers stole information and published it online.

"The IAEA deeply regrets this publication of information stolen from an old server that was shut down some time ago," agency spokesperson Gill Tudor told Reuters. "The IAEA's technical and security teams are continuing to analyze the situation and do everything possible to help ensure that no further information is vulnerable."

A group that calls itself "Parastoo" claimed responsibility … Read more

A known hack of a popular hotel keycard reader was allegedly employed in the burglary of a woman's hotel room in Texas.

The hack, which was detailed at a security conference in July, was allegedly used in September to break in to the Houston Hyatt hotel room of Janet Wolf, a Dell IT services consultant, who reported the theft of her laptop. Lacking any sign the lock had been picked, suspicion immediately fell upon the maid service. However, hotel management soon determined that none of the maids' keys had been used to open the room at the time of … Read more

An exploit selling for $700 may put millions of Yahoo Mail users at risk of having their e-mail account hijacked and their browsers redirected to malicious sites.

Marketed by an allegedly Egyptian hacker on a cybercrime forum, the exploit targets a cross-site scripting (XSS) vulnerability in Yahoo.com that allows attackers to steal and replace tracking cookies, as well as read and send e-mail from a victim's account. Typically, an attacker will encode a malicious link in e-mails; the script is executed when the unsuspecting recipient clicks on the link, allowing access to the cookies and other sensitive information. … Read more

Israel's government Web sites have been bombarded by hackers in the last couple of days, logging more than 44 million hacking attempts since Israel launched the Gaza air strikes on Wednesday.

One of the attempts was successful, Finance Minister Yuval Steinitz told Reuters, noting that an unidentified site was offline for about 10 minutes before being resurrected. Popular targets include defense-related sites, as well as those of Israel's prime minister, president, and Foreign Ministry.

Most of the attacks have been traced to Israel and the Palestinian territories.

"The ministry's computer division will continue to block the … Read more

Anonymous is in the midst of a hacking campaign against a number of Israeli sites in protest of attacks taking place on Gaza.

The hacking spree, dubbed OpIsrael and begun early Thursday, has resulted in so many Israeli Web sites being defaced or shut down through methods including denial of service (DoS) attacks, that it's hard to keep count. However, some enterprising hacktivists have begun compiling lists of affected Web sites. Targets have included governmental, retail, and business sites -- some belonging to the automotive and fashion industries.

The Bank of Jerusalem, one of Israel's largest financial institutions, … Read more

President Obama has long said cybersecurity is one of his priorities and it appears he is now acting on his words.

According to the Washington Post, he is said to have signed a secret policy directive last month that will give the military and other government authorities the ability to act quickly if the country comes under cyberattack.

Dubbed the "Presidential Policy Directive 20," this classified document allegedly outlines the rules of how federal agencies are allowed to react when it comes to online breaches of security, hacking, cyberthreats, and attacks.

One of the major elements of the … Read more

Congress needs to take action to deflect the growing threat of Chinese cyber-espionage against the U.S., a U.S. commission recommends in a new report.

Released today, the 500-page annual report to Congress by the U.S.-China Economic and Security Review Commission details various security issues concerning China. But the commission expressed particular fear over the country's ongoing cyberwarfare efforts.

Calling China the "most threatening actor in cyberspace," the report found that in 2012, Chinese state-sponsored hackers continued to target computers systems run by the U.S. government and military as well those maintained in … Read more