Editor's News

The Chicago Tribune was apparently hacked via a SQL Injection flaw in an old section of the website. According to the Hacker News, the Serbian hacker group 'TeslaTeam' found a flaw in a Tribune subdomain which allowed them to breach the website's database and exposed partial credentials. A pastebin post included links to a page that included the 2008 Illinois school report and 14 encrypted passwords. A spokesperson for the Tribune group declined to comment. Robert Hansen, technical...

IBM has announced a definitive agreement to acquire mobile management and security company Fiberlink Communications. Expanding IBM’s MobileFirst portfolio, the deal would see IBM offer the MaaS360 cloud-based management solution and be part of more than 100 cloud services. IBM said that upon completion, it planned to offer MaaS360 on the IBM SoftLayer cloud infrastructure. Financial terms were not disclosed. IBM said that the acquisition will offer all of its mobile resources together in one...

Loyalty scheme company LoyaltyBuild has confirmed that it has been the victim of a sophisticated criminal attack. After it was widely reported that more than 1.5 million people were known to have had personal information compromised by the security breach, the Irish company said that it was “working around the clock with our security experts to get to the bottom of this and to further enhance our security in order to protect our valued customers”. It said: “From the...

Microsoft has announced the opening of a cyber crime centre at its headquarters in Redmond, Washington. Combining Microsoft’s legal and technical expertise as well as cutting-edge tools and technology with cross-industry expertise, it said that the work done at the Cybercrime Center will help ensure that people worldwide can use their computing devices and services with confidence. It will be supported by 12 satellite offices or regional labs around the world in Beijing; Berlin; Bogota;...

Malware which is infectious to both Windows and Mac users has been detected. According to research by Intego, the rootkit OSX/Crisis is only detected by 27 out of 45 scanners according to VirusTotaland is capable collecting anything from audio and pictures to screenshots and keystrokes. Intego claimed that this is a new variant of Hacking Team’s spyware “Remote Control System” and it is commonly used in targeted attacks and it uses low-level system calls to deploy the spyware...

Blue Coat will launch a malware analysis system as part of its gateway to blocks known threats, and detects and analyse zero-day and advanced malware. Combining white listing and malware scanning for known threats with dynamic malware analysis of unknown threats at the gateway, the company said that the new system will share threat intelligence locally across the security environment and worldwide through its intelligence network of 15,000 customers and 75 million users. The company...

New fake profiles on LinkedIn are being used to entice users to a bogus recruiter. According to research by BitDefender, the faux recruiter is named ‘Annabella Erica’ and her profile contains a link which has been featured on a number of legitimate LinkedIn groups, including the 167,000-strong Global Jobs Network. BitDefender told PCR that some of the websites that ‘Annabella’ links through to include malware-ridden code that attempts to harvest the personal data of unsuspecting users. The...

The forum of vBulletin was illegally accessed last week, but the website has denied that attackers exploited an unpatched zero-day vulnerability to achieve the hack. According to a new comment by vBulletin's techical support lead Wayne Luke, he said that evidence from attackers Inject0r team has led it to believe that it was not down to a zero-day vulnerability in vBulletin. “These hackers were able to compromise an insecure system that was used for testing vBulletin mobile...

Yahoo has announced it is to encrypt all communications and information flowing into the internet company's data centres around the world. Following news that the National Security Agency had been hacking into the communications lines of the data centers run by Yahoo and Google to intercept information, Yahoo has now said it plans to have all data encrypted by the end of March 2014. Yahoo CEO Marissa Mayer wrote in a Monday post on the company's...

Online dating site Cupid Media was hacked earlier this year, exposing 42 million user details which included unencrypted passwords. According to security blogger Brian Krebs, the intrusion on the Australian website was found after the data was found on the same server as the data from the Adobe attack. Krebs said that this included names, email addresses, unencrypted passwords and birthdays of 42 million users which the company said was from a breach in January 2013. Andrew Bolton, managing...