NBC's Web site is up and running again after being knocked offline by a cyberattack for several hours yesterday.
The NBC site was the victim of a form of malware known as the Citadel Trojan. This specific strain targets companies in an attempt to steal usernames, passwords and other sensitive data. People who visit sites infected by the trojan can find their own PCs infected as well.
In the past, Citadel typically attacked banks and financial firms but has since expanded its reach to a wider range of organizations.
NBC, which is part of cable giant Comcast, is still trying to figure out how the attack occurred, … Read more
At a time when it seems no company is immune from hackers, user information from three high-profile social-networking sites has been compromised due to a hack at another company.
Customer support service Zendesk revealed today that it had been the victim of a security breach and that information from three of its clients had been downloaded. As first reported by Wired, those three clients are Twitter, Pinterest, and Tumblr.
Zendesk revealed the hack in a company blog post today that said the vulnerability was immediately identified and patched:
Our ongoing investigation indicates that the hacker had access to the support … Read more
If you get an e-mail saying it's from Twitter, the social-networking company wants to assure you that it's really from Twitter and that there's no need to worry that someone's out to steal your password.
Twitter said it has adopted a new security protocol known as DMARC that was designed by a consortium in order to cut way down on phishing attempts.
DMARC solves a couple … Read more
The popular forum site that hackers used to access employee computers at Apple and Facebook gave more details today on how the cyberattack happened.
China is refuting a report that names its military as the source of recent cyberattacks against the U.S.
A report released this week by U.S. security firm Mandiant linked the People's Liberation Army to a large number of cyberattacks against U.S. corporations, government agencies, and other organizations. The report specifically pointed the finger at Chinese military Unit 61398, noting that digital forensic evidence led investigators to the building housing that unit.
As expected, the government has criticized the report, citing a lack of hard evidence. In a press conference held by China's … Read more
While many security experts have been pointing the blame at China for the recent wave of cyberattacks on U.S. companies and newspapers, Bloomberg reports that some of the malware attacks actually may be coming from Eastern Europe.
Investigators familiar with the matter told Bloomberg they believe a cybercriminal group based in either Russia or Eastern Europe is carrying out the high-level attacks to steal company secrets, research, and intellectual property, which could then be sold on the black market.
Evidence that the attacks may be coming from Eastern Europe is the type of malware being used by the hackers, … Read more
Apple today said it too was targeted as part of the string of hacking efforts on companies and news agencies.
The iPhone and Mac maker told Reuters that hackers targeted computers used by its employees, but that "there was no evidence that any data left Apple."
In a statement, Apple said it discovered malware that made use of a vulnerability in the Java plug-in, and that it was sourced from a site for software developers:
Apple has identified malware which infected a limited number of Mac systems through a vulnerability in the Java plug-in for browsers. The malware … Read more
The New York Times' report Monday of state-sponsored hacking in China drew new attention to the sophisticated techniques that would-be infiltrators use to gain access to victims' accounts. But it's not just China, Google said today -- the techniques used against U.S. government agencies and corporations are being used increasingly by hackers around the world.
"Compared to five years ago, more scams [and] illegal, fraudulent, or spammy messages today come from someone you know," security engineer Mike Hearn said in a blog post. "Although spam filters have become very powerful -- in Gmail, less than … Read more
An "overwhelming percentage" of cyberattacks on U.S. corporations, government agencies, and organizations originate from a 12-story office tower on the outskirts of Shanghai that's connected to the People's Liberation Army, according to an extensive New York Times report.
The newspaper cites a 60-page report by U.S. security firm Mandiant that traces the activities of a sophisticated Chinese hacking group -- known in some circles as "Comment Crew" or "Shanghai Group" -- to the headquarters of People's Liberation Army Unit 61398. The report notes that a body of digital forensic … Read more