Latest News
Dear Jailbreaker, Apple Wants to Have a Word with You
After banning the word \\"jailbreak\\" from its app store and music library, Apple today reversed course and again permits the term - slang for hacking into a device to download unauthorized content -- to appear on iTunes and its App Store.
On Thursday bloggers noticed Apple had censored the word, using the Thin Lizzy album \\"Jailbreak\\" as an example. For awhile, the title was listed as \\"J******k\\" in Apple's music library, at least its U.S. version. In other instances, digital content continued to bear the full name Jailbreak.
Defense Contractor Northrop Grumman Hiring For Offensive Cyber Ops
Defense giant Northrop Grumman is hiring software engineers to help it carry out \\"offensive cyberspace operations,\\" according to a recent job posting.
Defense giant Northrop Grumman is hiring software engineers to help it carry out \\"offensive cyberspace operations,\\" according to a recent job posting.
ZTE Score M Android Phone Found to Have Backdoor Installed
UPDATE--An Android handset produced by Chinese manufacturer ZTE has a backdoor installed that could enable an attacker to take control of an affected device remotely and run arbitrary code. The manufacturer has acknowledged the issue in the ZTE Score M, which includes a harcoded password, and says that it plans to push out a fix soon.
Global Payments Breach A Year Older Than First Reported
Alerts issued by Visa and Mastercard earlier this week suggest that a breach at payment processor Global Payments dates to January 2011, a full year earlier than the company initially announced.
Alerts issued by Visa and Mastercard earlier this week suggest that a breach at payment processor Global Payments dates to January 2011, a full year earlier than the company initially announced.
Microsoft Adopts CVRF Format for Security Bulletins
Since the beginning of recorded time, security researchers, software vendors and hackers have been issuing security advisories in all kinds of nutty formats. Some feature excellent ASCII art, some have clever inside jokes and some come from Microsoft. Now, there's a effort underway, called the Common Vulnerability Reporting Framework, to standardize the way that vulnerabilities are reported so that they're in a common, machine-readable format.
We Need More Than Jelly Bean
Google is set to launch Android 5.0, aka Jelly Bean, this fall. But do we even need it? While Google has made some steps in securing its Play branded marketplace, and offered a few security updates to the operating system, it is a fact that the most targeted Android platform is still 2.x. Why is that? There are several reasons, not the least of which is a lack of security patches provided to previously deployed operating system versions.
HULK DDoS Tool Smash Web Server, Server Fall Down
For the aspiring attacker or pen tester, there is no shortage of attack tools, scripts, crimeware kits and exploits available online. But, the Internet being what it is, there's always room for one more. Enter HULK, a new DDoS tool that arrives just in time to coincide with the release of some movie involving the actual Hulk and other CGI-ified mediocre-heroes.
New P2P Zeus Variant Targets Popular Sites with Bogus Offers
Facebook, Gmail, Yahoo and Hotmail users should beware of rogue rebate offers and new secure payment options aimed at getting them to part with their debit card information.
Earlier this week Amit Klein, CTO of Trusteer, announced the discovery of a peer-to-peer variant of the Zeus platform that leverages trusted relationships and well-known brands to convince users to sign up for convenient services and better secure debit card transactions. On each site, the attack displays a little differently.
Twitter Implements Do Not Track
Twitter has implemented the Do Not Track header on its site, giving users the option of telling the site that they do not want to be tracked across other sites on the Web. The implementation is being done through the DNT technology in the Firefox browser.