2007.12.17 Daily Security Reading

Oak Ridge National Labs hit with targeted attacks

Oak Ridge National Laboratory (ORNL) announced last week that more than a dozen employees fell prey to a “a sophisticated cyber attack”, exposing a database containing visitors’ personal information.

Ask.com enables anonymous web search

Web search site Ask.com has launched a feature that allows users to delete data on their search queries.

Media player users beware – more vulns ahead

Attack code has already been released… codec used by older versions of Windows Media Player, made by Microsoft, and in AOL’s Winamp.

DNS attack could signal Phishing 2.0

Open-recursive’ DNS servers could redirect users to phishing sites, researchers say.

The ‘Malware Economy’ Evolves

Over the years, the criminal elements, the ones who are making money, making millions out of all this online crime, are just getting stronger and stronger. I don’t think we are really winning this war.

2007.12.11 Daily Security Reading

MPAA Hit By DMCA Takedown

Developer Matthew Garrett succeeded in getting the MPAA to remove their ‘University Toolkit’ after claims it violated the GNU GPL. After several unsuccessful attempts to contact the MPAA directly, Garrett eventually emailed the group’s ISP and the violating software was taken down.

Google disables Gmail accounts by mistake

Google this week mistakenly disabled the Gmail accounts of an undetermined number of users due to an apparently overzealous attempt by the company to combat spammers.

Hackers Launch Major Attack on US Military Labs

Hackers have succeeded in breaking into the computer systems of two of the U.S.’ most important science labs, the Oak Ridge National Laboratory and Los Alamos National Laboratory.

Software maker releases the hounds on security vuln reporter

Legal attack dogs for enterprise search provider Autonomy have threatened action against Secunia after the vulnerability publisher asked for information relating to a serious bug in an Autonomy product.

Apple’s rising popularity attracts hackers

Over the past two years, we had found one or two pieces of malware targeting Macs, said Patrik Runald, an F-Secure security researcher. Since October, we’ve found 100-150 variants.