Fraudsters pretending to be from collections companies are seeking to recover non-existent loans. If victims don't pay up, their administrative call centers are hit by telephone denial-of-service attacks. 9-1-1 lines weren't targeted.
October 01, 2012
With users flocking toward mobile platforms, fraudsters will join as well. But businesses have a bigger problem: What to do about employees wanting to use their devices to connect to the corporate network.
For the first time in nearly a year, Twitter suffered a prolonged outage Thursday, leaving its 140 million active monthly users without micro-blogging capabilities.
VMware addressed flaws that enable attackers to carry out malicious activity.
A malicious attacker deliberately attempted to interfere with a crucial party leadership vote in Canada last month, according to a company commissioned to run the online voting system used.
A proof-of-concept that has emerged and takes advantage of a very serious Windows vulnerability may have been the result of a leak, said the researcher who first discovered the bug.
Microsoft's planned security update for next week likely will include a fix for a vulnerability that is being actively exploited.
As part of its twice yearly cycle of advisories, Cisco on Wednesday issued six advisories covering various components of its switches and routers. The fixes include vulnerabilities in Cisco voice products, as well as denial-of-service holes in Cisco IOS and IOS XE software, which can be exploited remotely without authentication and without end-user interaction. Cisco said that an attacker could possibly leverage some of these vulnerabilities to crash its router. The company's next update is scheduled for March 23. - GM
A 19-year-old Saskatchewan resident was charged with launching a cyberattack on a business based in New York City.
A recent Microsoft security patch silently fixed two severe vulnerabilities that were not disclosed, leading to criticism that the software giant downplayed the severity of the patch.
Researchers at a software company in Malta say they have discovered a decade-old Windows vulnerability that can cause a system to instantly crash and display the so-called blue screen of death.
Microsoft on Tuesday delivered six patches as part of its monthly security update, but only one -- addressing five flaws in Internet Explorer -- requires immediate deployment, experts said.
The vulnerabilities could allow an attacker to execute arbitrary code or cause a denial-of-service condition.
Microsoft has confirmed the presence of a vulnerability in the Server Message Block (SMB) protocol, according to an advisory released Friday. The company said successful exploitation of the flaw, which affects Windows 7 and Server 2008 Release 2, can lead to a denial-of-service that results in a system crash -- but not the injection of malicious code. Exploit code has been published, but Microsoft is not aware of any active attacks underway. —DK
Microsoft is investigating a researcher's claim that the software giant's newest operating system contains a vulnerability that could be exploited to crash systems.
The vulnerabilities could allow an attacker to execute arbitrary code, obtain sensitive information, or cause a denial-of-service.
