Hacks

Israel government Web sites hit by hacker blitz

Israel's government Web sites have been bombarded by hackers in the last couple of days, logging more than 44 million hacking attempts since Israel launched the Gaza air strikes on Wednesday.

One of the attempts was successful, Finance Minister Yuval Steinitz told Reuters, noting that an unidentified site was offline for about 10 minutes before being resurrected. Popular targets include defense-related sites, as well as those of Israel's prime minister, president, and Foreign Ministry.

Most of the attacks have been traced to Israel and the Palestinian territories.

"The ministry's computer division will continue to block the … Read more

Anonymous targets Israeli Web sites in protest over Gaza

Anonymous is in the midst of a hacking campaign against a number of Israeli sites in protest of attacks taking place on Gaza.

The hacking spree, dubbed OpIsrael and begun early Thursday, has resulted in so many Israeli Web sites being defaced or shut down through methods including denial of service (DoS) attacks, that it's hard to keep count. However, some enterprising hacktivists have begun compiling lists of affected Web sites. Targets have included governmental, retail, and business sites -- some belonging to the automotive and fashion industries.

The Bank of Jerusalem, one of Israel's largest financial institutions, … Read more

China cyber-espionage threatens U.S., advisory group warns

Congress needs to take action to deflect the growing threat of Chinese cyber-espionage against the U.S., a U.S. commission recommends in a new report.

Released today, the 500-page annual report to Congress by the U.S.-China Economic and Security Review Commission details various security issues concerning China. But the commission expressed particular fear over the country's ongoing cyberwarfare efforts.

Calling China the "most threatening actor in cyberspace," the report found that in 2012, Chinese state-sponsored hackers continued to target computers systems run by the U.S. government and military as well those maintained in … Read more

Skype fixes e-mail security flaw

Skype has resolved a nasty e-mail and password security bug and reinstated its password reset page.

Revealed by Skype earlier today, the vulnerability allowed someone to create a Skype account using the same e-mail address as that of the intended victim. That person was then able to reset the password for all accounts associated with that address, thereby locking out the account owner from Skype.

As a precaution, Skype earlier today took down its password reset page to prevent hackers from taking advantage of the flaw. But the company managed to resolve the security hole not long after announcing it, … Read more

Skype disables password resets due to e-mail security flaw

Update, 10:25 a.m. PT: Skype has since resolved the security issue and reinstated the password reset page.

Skype is investigating a security problem that allows someone to take over a user's account by resetting the account password.

The VoIP service provider best known for video calls confirmed in its blog today that it has taken down its password reset page as it probes the issue:

We have had reports of a new security vulnerability issue. As a precautionary step we have temporarily disabled password reset as we continue to investigate the issue further. We apologize for the … Read more

Protect yourself from social-network malware (video)

First there was e-mail spam clogging up your in-box. Now there's social malware making its way into your Facebook newsfeed.

If you've ever seen a spammy message from a friend promising a "Free iPad" or "Free" airline tickets, chances are it's socware (pronounced "sock ware") -- a phrase coined by engineering professors and graduate students at the University of California, Riverside, in a new study.

Their study analyzed 12,000 users of MyPageKeeper, a free app they developed to identify suspicious posts and help protect Facebook users from them. Of that … Read more

Twitter resets passwords of 'compromised' accounts

Is it a bird? Is it a plane? No, it's a password reset message from Twitter, and you should probably do what it says.

An unknown number of Twitter users have received a genuine e-mail from the company warning they should change their password as soon as possible. 

But a Twitter spokesperson told CNET that the e-mail was sent to a wider group of users than intended.

In the e-mail, the microblogging company noted: "Twitter believes that your account may have been compromised by a Web site or service not associated with Twitter. We've reset your … Read more

Facebook password-bypass flaw fixed

Facebook this weekend disabled a loophole that might have allowed some accounts to be accessed without a password.

The vulnerability, which was posted to Hacker News on Friday, could potentially have allowed an unauthorized user to access another person's Facebook account.

The flaw centered on e-mails sent out by the social network which contained links that, once clicked, would log a user straight into a Facebook account without the need for any secondary authentication, such as entering a password. The e-mails could be discovered through a simple Google search query, with 1.3 million accounts potentially open to the … Read more

Homeland Security chief: Banks 'under attack' by hackers

U.S. Homeland Security Secretary Janet Napolitano said today that hackers are "actively" attacking some of the country's largest financial institutions.

According to a report in The Hill, America's top security official issued the warning at a Washington Post event today, but didn't specify the nature of the attacks.

"Right now, financial institutions are actively under attack," The Hill quoted Napolitano as saying. "We know that. I'm not giving you any classified information... I will say this has involved some of our nation's largest institutions. We've also had our … Read more