Ad: Manage updates with the Download App
ie8 fix

Hacks

FBI investigating how sensitive celebrity data landed on Web

Some hacker or hackers has it out for a handful of celebrities, politicians, and law enforcement officials, including First Lady Michelle Obama, Vice President Joe Biden, and pop singer Beyonce.

Collected onto one Web site -- called "The Secret Files" -- is a slew of financial and personal information on these public figures. The data is so sensitive that it has sparked investigations by the FBI and other law enforcement agencies.

The U.S. Department of Justice announced yesterday that the government agencies are looking into how www.exposed.su obtained the Social Security numbers, credit reports, telephone … Read more

China claims it's willing to talk to U.S. about cybersecurity

The U.S. and China both say they want to directly discuss the issue of cybersecurity, but the odds of an open discussion are slim at best.

The Chinese government today responded to a U.S. invitation to enter into a dialogue with the U.S. over acceptable behavior in cyberspace, Reuters reported.

At a daily news briefing, Foreign Ministry spokeswoman Hua Chuying said that "China is willing, on the basis of the principles of mutual respect and mutual trust, to have constructive dialogue and cooperation on this issue with the international community including the United States to maintain … Read more

Apple, Facebook hackers hit car and candy companies too

More details have been revealed about the massive cyberattack that hit several tech companies last month. Not only were Apple, Facebook, Microsoft, and Twitter hit -- but other industries' computer systems were also hacked, including prominent car manufacturers, U.S. government agencies, and a candy company.

According to The Security Ledger, people familiar with the matter said that hackers infiltrated computer networks by using at least three third-party "watering hole" Web sites, which made it possible for hackers to put malware on those companies' computers.

"The breadth of types of services and entities targeted does not reflect … Read more

Researchers win $100,000 for Chrome hack that leaves Windows vulnerable

Security researchers at MWR Labs have won a $100,000 prize at the Pwn2Own hacking competition in Vancouver.

The researchers showed off their hack yesterday as they took a fully patched version of the Google Chrome browser, hacked it, and then took control of Windows 7. According to the researchers, when a Chrome user visits a malicious Web page, it's possible for the page's creator to exploit a vulnerability that allows for code execution in the sandboxed renderer process. From there, the team exploited a kernel vulnerability in Windows 7 to gain elevated privileges and execute commands.

Here's what the researchers were able to achieve:… Read more

Online note service Evernote latest firm to get hacked

Yet another company has fallen victim to a hack, with attackers breaking into systems at Evernote, maker of a Web-based note-taking application used by about 50 million people.

The company said in a security notice that some user data had been accessed and that Evernote was requiring all users to reset their passwords. Apparently, though, no sensitive financial information was stolen, and no user content was affected:

"In our security investigation, we have found no evidence that any of the content you store in Evernote was accessed, changed or lost," the company said in the statement, which was … Read more

Dropbox users getting spammed, might be from earlier hack

It looks like Dropbox may be grappling with some leftover issues from hackers' access into the system last July.

Over the past 24 hours, users have been posting on the file-sharing site's forum, saying that they're being hit with spam e-mails sent to e-mail accounts used only for Dropbox.

"My Dropbox specific email has been receiving spam since the 20th of February," Daniel B. wrote today. Richard F. wrote, "I have an internal to my company email address that I used for Dropbox only and I am getting the same fake paypal scam emails. This … Read more

China blames U.S. for most cyberattacks against military Web sites

China has accused the U.S. for most of the cyberattacks launched against its military networks.

In a statement released today, China's Ministry of National Defense said that cyberattacks against its military sites have increased over the past few years. Based on checks of IP addresses, the Defense Ministry claimed an average of 144,000 cyberattacks per month last year, according to Reuters.

And it fingered the U.S. for almost 63 percent of them.

The allegations from Beijing come hot on the heels of a recent report from U.S. security firm Mandiant, linking the Chinese army to cyberattacksRead more

Overseas hackers nab more than 1TB of data daily

The idea of governments waging futuristic cyberbattles and online espionage campaigns actually isn't too farfetched. A new study released today by Team Cymru basically says as much.

The study, shared exclusively with The Verge, says that overseas hackers are stealing as much as one terabyte of data per day from governments, businesses, militaries, and academic facilities. Apparently, the hackers are using a network of 500 computer servers.

According to a lengthy article by The Verge, Team Cymru concludes that the hackers are so sophisticated and are running such massive campaigns that they must be state-sponsored. "This is Internet … Read more

Add Microsoft to list of hacked companies

Updated to include Microsoft comment Security software companies must be smiling ear to ear as they read the news briefs coming off the transom. Microsoft said today that an undetermined number of computers in its Mac software business unit got infected with malware. The company said the number of infected PCs was small but that there was no indication customer data had been compromised.

In a blog post late Friday, Matt Thomlinson, who directs the company's Trustworthy Computing Security program at Microsoft, wrote:

Consistent with our security response practices, we chose not to make a statement during the initial … Read more

NBC Web site back up after hack attack

NBC's Web site is up and running again after being knocked offline by a cyberattack for several hours yesterday.

The NBC site was the victim of a form of malware known as the Citadel Trojan. This specific strain targets companies in an attempt to steal usernames, passwords and other sensitive data. People who visit sites infected by the trojan can find their own PCs infected as well.

In the past, Citadel typically attacked banks and financial firms but has since expanded its reach to a wider range of organizations.

NBC, which is part of cable giant Comcast, is still trying to figure out how the attack occurred, … Read more