Ad: Manage updates with the Download App
  • CNET
  • All Security posts

Security

China slams cyberattack accusations over lack of proof

China is refuting a report that names its military as the source of recent cyberattacks against the U.S.

A report released this week by U.S. security firm Mandiant linked the People's Liberation Army to a large number of cyberattacks against U.S. corporations, government agencies, and other organizations. The report specifically pointed the finger at Chinese military Unit 61398, noting that digital forensic evidence led investigators to the building housing that unit.

China's response?

As expected, the government has criticized the report, citing a lack of hard evidence. In a press conference held by China's … Read more

Apple: Employee computers were targeted in hack attack

Apple today said it too was targeted as part of the string of hacking efforts on companies and news agencies.

The iPhone and Mac maker told Reuters that hackers targeted computers used by its employees, but that "there was no evidence that any data left Apple."

In a statement, Apple said it discovered malware that made use of a vulnerability in the Java plug-in, and that it was sourced from a site for software developers:

Apple has identified malware which infected a limited number of Mac systems through a vulnerability in the Java plug-in for browsers. The malware … Read more

Google warns of an increase in attempted account hijackings

The New York Times' report Monday of state-sponsored hacking in China drew new attention to the sophisticated techniques that would-be infiltrators use to gain access to victims' accounts. But it's not just China, Google said today -- the techniques used against U.S. government agencies and corporations are being used increasingly by hackers around the world.

"Compared to five years ago, more scams [and] illegal, fraudulent, or spammy messages today come from someone you know," security engineer Mike Hearn said in a blog post. "Although spam filters have become very powerful -- in Gmail, less than … Read more

Adobe confirms targeted attacks due to security hole in Reader

A zero-day security flaw in Adobe Reader and Acrobat is being exploited through a series of targeted attacks against vulnerable computers, Adobe Systems said yesterday.

In a security bulletin, Adobe confirmed that the vulnerabilities could cause Reader and Acrobat to crash, potentially opening the door for an attacker to gain control of the system.

"Adobe is aware of reports that these vulnerabilities are being exploited in the wild in targeted attacks designed to trick Windows users into clicking on a malicious PDF file delivered in an email message," the company revealed in the bulletin.

Adobe said it's … Read more

Hackers can easily breach Emergency Alert Systems

Hackers broke into several television stations' Emergency Alert Systems this week and broadcast that zombies were "rising from their graves" and "attacking the living."

While a comical hoax, security consultancy firm IOActive warns that this type of behavior is dangerous and not that hard for hackers to do, according to Computerworld. This week it's zombies, but next time it could be something that might make people really panic, such as an anthrax or terrorist attack.

IOActive says that devices used by TV and radio stations to air emergency alerts have critical vulnerabilities that make them … Read more

Anonymous fails to shut down live streams of Obama address

Despite Anonymous' vows to block Web broadcasts of tonight's State of the Union address, the hacktivist collective failed to disrupt the president's speech.

Declaring that "there will be no State of the Union Address on the Web tonight," the loose-knit group announced earlier today its intention to block live streams of the address in protest of the president not mentioning issues during his speech that are important to Anonymous.

However, live streams originating from the White House's Web site and YouTube appeared unaffected during the president's speech.

Anonymous, which is famous for using distributed … Read more

Anonymous intends to block Webcasts of State of the Union

The online hactivist collective Anonymous intends to block Webcasts of President Obama's State of the Union address this evening because of what it calls a lack of attention to issues important to the group.

"There will be no State of the Union Address on the Web tonight," the group said today in a blog post announcing the effort, which it has code named #opSOTU.

Specifically, the group says it objects to Obama not addressing the prosecution of Web activist Aaron Swartz, the long detention of alleged WikiLeaker Bradley Manning, wireless wiretapping, the targeted killings of U.S. … Read more

Microsoft delivers fixes for Windows 8, Windows RT

It's February 12, yet another Patch Tuesday. Among the security fixes aplenty that Microsoft is rolling out today are a few other non-security-specific updates for Windows RT and Windows 8.

As previously announced, the February cumulative update includes fixes designed to improve Surface Wi-Fi reliability and connectivity, a Microsoft spokesperson confirmed.

Microsoft also has provided a fix for the app-store-downloading bug that a number of Surface RT and Windows RT users reported a few weeks back. The problem resulted in Windows RT systems entering "Connected Standby" while the devices were downloading new Windows Updates via Automatic Update. … Read more

Android a growing target for mobile malware -- report

The Android platform is becoming a key mobile target for cybercriminals, who are getting much more efficient with their malware, according to a report from Web-security company Blue Coat Systems.

In a mobile malware report, Blue Coat notes that Android is a popular target. Here's a look at the volume of Android malware:

Blue Coat noted:

The Android-based malware blocked by WebPulse included an Android root exploit and a variety of rogue Android software. Forty percent of Android malware was delivered via malnets, demonstrating how cybercriminals can successfully utilize embedded infrastructures to attack mobile users. In the most recent … Read more

Cyberattacks reanimate CISPA, spark move by Obama -- reports

Recent reports of cyberespionage and hacking against important U.S. targets have triggered cybersecurity rumblings in Washington, with the leaders of the House Intelligence Committee reportedly planning to bring back the controversial CISPA -- Cyber Intelligence Sharing and Protection Act -- and President Obama reportedly readying his own executive order on the issue.

House Intelligence Committee Chairman Mike Rogers (R-Mich.) and ranking member Rep. Dutch Ruppersberger (D-Md.) say they plan to re-introduce CISPA -- unaltered -- next week during a speech at the Center for Strategic and International Studies in Washington, according to Beltway tech blog The Hill.

"American … Read more