attacks

Earlier this week, German software vendor Ashampoo warned users of its products that the company's servers had been hacked and some of its users' e-mail addresses had been stolen. (CNET's Elinor Mills describes the breach in her InSecurity Complex blog.)

Ashampoo didn't disclose the number of addresses lost, but the breach likely pales in comparison to the e-mail addresses exposed in the massive hack of the servers at e-mail marketing service Epsilon, which was disclosed in the first week of April.

Malware purveyors may not need to hack a company's server to get their hands on … Read more

Cyber attacks on critical infrastructure companies are on the rise, with a jump in extortion attempts and malware designed to sabotage systems, like Stuxnet, according to a new report.

While attacks are increasing, many companies aren't doing enough to protect their systems and are instead rushing to adopt new technologies--such as Smart Grid--without ensuring they adequately secure against cyber attacks, concludes "In the Dark: Crucial Industries Confront Cyberattacks."

The report, due to be released on Tuesday, was commissioned by McAfee and written by the Center for Strategic and International Studies (CSIS). It includes results from an electronic … Read more

Adobe today warned of a critical hole in Flash Player that is being exploited in the wild to take control of computers or cause them to crash.

"There are reports that this vulnerability is being exploited in the wild in targeted attacks via a Flash (.swf) file embedded in a Microsoft Word (.doc) file delivered as an email attachment, targeting the Windows platform," the company said in an advisory. "At this time, Adobe is not aware of any attacks via PDF targeting Adobe Reader and Acrobat. Adobe Reader X Protected Mode mitigations would prevent an exploit of … Read more

Information about RSA's SecurID authentication tokens used by millions of people, including government and bank employees, was stolen during an "extremely sophisticated cyberattack," putting customers relying on them to secure their networks at risk, the company said today.

"Recently, our security systems identified an extremely sophisticated cyberattack in progress being mounted against RSA," Executive Chairman Art Coviello, wrote in an open letter to customers, which was posted on the company's Web site.

"Our investigation has led us to believe that the attack is in the category of an Advanced Persistent Threat. Our investigation … Read more

A distributed denial-of-service attack that affected thousands of customers at Codero and other hosting providers appeared to come from within China and to be launched at a Chinese site that is critical of communism or its Domain Name System provider, Codero said today.

The disruptions that took Codero's customers offline for most of the morning were collateral damage in the attack, Ryan Elledge, chief operating officer at Codero, told CNET.

Directly in the path of the attack was a Codero customer that hosts DNS records for sites on the Internet, including a Web site critical of communism that appeared … Read more

Blog host WordPress.com was the target of a distributed denial-of-service (DDoS) attack earlier today described by the company as the largest in its history.

As a result, a number of blogs--including those that are a part of WordPress' VIP service--suffered connectivity issues. That includes the Financial Post, the National Post, TechCrunch, along with the service's nearly 18 million hosted blogs.

According to a post by Automattic employee Sara Rosso on the company's VIP Lobby (which had been down at the time of the attacks, though was archived by Graham Cluley over at Naked Security), the size … Read more

Super Mega Worm is the Mac version of the retro-looking iOS arcade game of the same name, in which you control a giant bloodthirsty worm that's out to wreak some (cartoonishly) gory eco-vengeance.

You control your mega worm ("Wojira," in classic megamonster-movie style) as you navigate back and forth across a horizontally scrolling landscape, burrowing into the earth and then emerging to feast on eco-unfriendly humanity (pressing Z to pick up speed, or to spit acid when you're above ground). Your game ends when your ever-shrinking energy bar is depleted, so you have to keep eating … Read more

In the world of security, targeted attacks should be a real concern--and extremely worrisome--to organizations around the world, Symantec said in a new quarterly report on attacks on critical infrastructure.

"The customization of targeted attacks can make them more dangerous than non-targeted attacks because they are tailored explicitly to affect a target group," Symantec wrote in its quarterly report (PDF). The company said that targeted attacks are currently being used to take data from companies, steal information for financial gain, or to simply cause "mischief."

Targeted attacks have been gathering some notoriety over the past couple … Read more

For years, companies in the oil and energy industry have been the victims of attempts to steal e-mail and other sensitive information from hackers believed to be in China, according to a new report from McAfee.

The attacks, to which McAfee gave the sinister name "Night Dragon," penetrated company networks through Web servers, compromised desktop computers, bypassed safeguards by misusing administrative credentials, and used remote administration tools to obtain the information, the security firm said late yesterday. McAfee and other security companies now have identified the method and can provide a defense.

"Well-coordinated, targeted attacks such as … Read more