About This Blog   |   Archives   |   RSS Feeds RSS Feed   (What's RSS?)

Archive: January 2009

Google: This Internet May Harm Your Computer

A glitch in a computer security program embedded deeply into Google's search engine briefly prevented users of the popular search engine from visiting any Web sites turned up in search results this morning. Instead, Google users were redirected to page...

By Brian Krebs | January 31, 2009; 10:40 AM ET | Comments (25)

Troubled Ukrainian Host Sidelined

A Ukrainian Web hosting provider that, according to published reports, has long served as home base to a prolific and invasive family of malicious software has been taken offline following abuse reports from Security Fix to the company's Internet provider....

By Brian Krebs | January 30, 2009; 12:59 PM ET | Comments (6)

Blogfight: IE Vs. Firefox Security

I'm writing this to set the record straight on some statements made earlier this month by Jeff Jones, a security strategy director at Microsoft. In analysis published on his Technet Security Blog and at cio.com, Jeff picked apart research I...

By Brian Krebs | January 29, 2009; 8:00 AM ET | Comments (24)

Security Fix Pop Quiz, Reality-Show Style

It's been a while since we published our last Security Fix Pop Quiz, a periodic exercise to see whether you've updated your computer with the proper security updates. Usually when we do these quizzes I focus on the latest updates...

By Brian Krebs | January 28, 2009; 11:13 AM ET | Comments (12)

Monster.com Breach May Preface Targeted Attacks

Job search giant Monster.com quietly disclosed this week that its user database was illegally accessed, resulting in the theft of an unspecified number of Monster user IDs and passwords, names, phone numbers and e-mail addresses. The company said it opted...

By Brian Krebs | January 27, 2009; 10:30 AM ET | Comments (14)

When Cyber Criminals Eat Their Own

Some of the most prolific and recognizable malware disbursed by Russian and East European cyber crime groups purposefully avoids infecting computers if the program detects the potential victim is a native resident. But evidence from the Conficker worm -- which...

By Brian Krebs | January 26, 2009; 11:40 AM ET | Comments (2)

Pirated iWork Software Infects Macs With Trojan Horse

A company that makes security software for Mac computers is warning that copies of Apple's iWork productivity software that are available for download from peer-to-peer (P2P) file-sharing networks may be infected with a Trojan horse program. The malicious software appears...

By Brian Krebs | January 22, 2009; 3:40 PM ET | Comments (15)

Obama Administration Outlines Cyber Security Strategy

President Barack Obama's administration has sketched out a broad new strategy to protect the nation's most vital information networks from cyber attack and to boost investment and research on cyber security. The key points of the plan closely mirror recommendations...

By Brian Krebs | January 22, 2009; 9:40 AM ET | Comments (8)

Apple's First 2009 Patch Batch Fixes 7 QuickTime Flaws

Apple today released a security update for its QuickTime media player. The new version, QuickTime 7.6, is available for both Mac and Windows systems. This release fixes at least seven security vulnerabilities. All seven are serious enough that Apple says...

By Brian Krebs | January 21, 2009; 3:38 PM ET | Comments (27)

Payment Processor Breach May Be Largest Ever

A data breach last year at Princeton, N.J., payment processor Heartland Payment Systems may have compromised tens of millions of credit and debit card transactions, the company said today. If accurate, such figures may make the Heartland incident one of...

By Brian Krebs | January 20, 2009; 1:30 PM ET | Comments (59)

Move Over, Client #9

A popular Web site that helps connect young women with so-called "Sugar Daddies" has fixed a major security hole that - apparently since its inception two years ago -- allowed anyone with a Web browser to view the private negotiations...

By Brian Krebs | January 19, 2009; 1:18 PM ET | Comments (14)

Tricky Windows Worm Wallops Millions

A sneaky computer worm that uses a virtual Swiss army knife of attack techniques has infected millions of Microsoft Windows PCs, and appears to be spreading at a fairly rapid pace, security experts warn. Also, while infected PCs could be...

By Brian Krebs | January 16, 2009; 6:12 PM ET | Comments (17)

Microsoft Plugs Three Windows Security Holes

Microsoft today issued a critical software update to plug at least three security holes in its Windows operating systems. The patch, which applies to all supported versions of Windows, is available from the Microsoft Update Web site, or via Automatic...

By Brian Krebs | January 13, 2009; 4:33 PM ET | Comments (2)

Meet the New Bots: Will We Get Fooled Again?

The close of 2008 sounded the death knell for some of the most notorious spam networks on the planet. But already several new breeds of spam botnets -- massive groups of hacked PCs used for spamming -- have risen from...

By Brian Krebs | January 13, 2009; 12:30 PM ET | Comments (9)

Tiny Charges Often Precede Big Trouble

Security experts advise consumers to keep a close eye on their bank and credit card statements, and for good reason: Small, unauthorized charges often are the first sign that thieves have made off with your account number and are getting...

By Brian Krebs | January 12, 2009; 7:15 AM ET | Comments (9)

Caveat Emptor: Watch Out for Phantom Stores

Most people are proud to say they would never fall for a phishing scam, that they would never give their personal and financial information away at fake banking sites, just because someone asked them to in an e-mail. But how...

By Brian Krebs | January 7, 2009; 1:30 PM ET | Comments (28)

Spamhaus: Google Now 4th Most Spam-Friendly Provider

Google's free services are being heavily exploited by spammers to redirect visitors to sites touting knockoff designer drugs and scams, according to the latest rankings from Spamhaus.org, a group that tracks unsolicited commercial e-mail. Last month, Security Fix called attention...

By Brian Krebs | January 5, 2009; 6:25 PM ET | Comments (19)

Phishers Now Twittering Their Scams

Phishers are trying to trick Twitter users into forking over their user names and passwords by sending tweets that direct users to fake Twitter login pages, security experts warn. Update, 7:31 p.m. ET: Twitter now says that in an unrelated...

By Brian Krebs | January 5, 2009; 11:32 AM ET | Comments (5)

 

©  The Washington Post Company