DHCP Client Allows Shell Command Injection…
The Internet System Consortium’s (ISC) open source DHCP client (dhclient) allows DHCP servers to inject commands that could allow an attacker to obtain root privileges, according to a new ISC advisory. The problem is caused by incorrect filtering of metadata…
Profile Spy Scam Hits Twitter…
Security researchers warn of a survey scam currently making the rounds on Twitter which tricks users by promising them the ability to view their profile visitors. According to a researcher from Errata Security, victims post spam messages that read “94…
Attack Hijacks Data Via Newer Windows Features…
Attack hijacks sensitive data using newer Windows features. Security researchers have outlined a way to hijack huge amounts of confidential network traffic by exploiting default behavior in Microsoft’s Windows operating system. The man-in-the-middle attacks described April 4 take advantage of…
Localized Facebook Scams On The Rise…
Security researchers warned that localized Facebook scams are becoming increasingly common as spammers attempt to reach as many users as possible. A researcher from Kaspersky Labs described a recent German scam that lured users with a video of a roller…
Another Rogue Facebook App…
Photoshopped image scam used in rogue Facebook app trap. Facebook users were put under fire April 4 by a brace of new threats, one of which spreads through a link disseminated through the Facebook Chat application. An estimated 600,000 people…
Epsilon Data Breach Is Growing…
More customers exposed as big data breach grows. The names and e-mails of customers of Citigroup Inc and other large U.S. companies, as well as College Board students, were exposed in a massive and growing data breach after a computer…
Phishing Scam Masquerades as Adobe Upgrade
Phishers are using spam that tries to trick people by offering an upgrade to Adobe Acrobat. Detailed by security provider Cloudmark, this type of advertising spam e-mails users a notice to upgrade to the new Adobe Acrobat Reader. Those who…
Mass Injection Attack Hit Millions Of Users
Mass injection attack hits a million websites. More than 1 million URLs were compromised by a cyberattack that has suddenly ramped up in the last 24 hours to become one of the biggest mass-injection attacks ever seen. The trojan, dubbed…
Details On How The RSA Was Hacked
RSA had a conference call today with various analysts to discuss more details of the attack, and how they are communicating the after-effects to and with their customers. RSA said the attack started with phishing emails sent to small groups of…
FTC puts Google on 20 years of ‘privacy probation’
The Federal Trade Commission has come down like a ton of government regulators on Google and its Google Buzz social networking service for stomping all over their own privacy policies when it launched back in February of 2010. The agreement…