Items tagged with attack

Hacking group REvil, which was behind attacks such as those on Acer in early 2021, has returned in force evidently, after approximately 200 U.S. businesses were hit by ransomware overnight. It has been found that the ransomware spread through software created by Florida-based IT company Kaseya in what is another massive supply chain attack. Yesterday, Kaseya reported at 4:00 pm EST that it was "experiencing a potential attack against the VSA," its remote monitoring and management tool. At the time, it was recommended that VSA customers immediately shut down servers until further notice, as the attacker would first disable administrative access to VSA if they managed to breach the system. VSA... Read more...
Reddit has announced that it suffered a security breach between June 14 and June 18 of this year. The website learned of the hack on June 19 and says that an attacker was able to compromise the accounts of a few Reddit employees along with Reddit's cloud and source code hosting providers. The main attack was apparently via an SMS intercept, as Reddit was using two-factor authentication. The site notes that the attacker didn’t gain write access to its systems and had read-only access to some systems that contained backup data, source code, and other logs. After the attack, additional steps were taken to lock down the compromised data, and reddit says that it rotated all production secrets... Read more...
Holiday shopping at one of the web's popular retailers was impossible for some European users over the weekend. Amazon's websites in Europe were down for more than half an hour on Sunday night. Although a group of activists by the name "Anonymous" had encouraged an online attack in an attempt to crash Amazon.com by overwhelming it with requests, the outage experienced by Amazon's European websites over the weekend was unrelated to any such attack. It appears the outage was caused by a hardware failure in the company's European data center network. According to a spokeswoman for Amazon, "The brief interruption to our European retail sites earlier today was due to hardware failure in our European... Read more...
For the third time this year, Twitter was the victim of a security breach that stemmed from a simple attack. In the most recent case, a hacker simply guessed an employee’s personal email account password and then worked from there to steal confidential company documents. This most recent attack brings to light some of the problems associated with storing data online instead of on computers that are within your control. By stealing the password for someone’s Gmail account, for example, a hacker not only gains access to that person’s email, they also gain access to any of the Google applications (and documents associated with those applications) that person uses. This is apparently what happened... Read more...
Can you spell "SEC investigation?"  There is definitely going to be one after this.  A post at CNN's new social news site, iReport, resulted in Apple stock plummeting this morning, when it was rumored that Steve Jobs had suffered a heart attack.  iReport allows users to post unvetted stories, which then --- after vetting, may be posted to the iReport page on CNN.com.  This story obviously didn't make it there, and has since been taken down.Interestingly, this user has never submitted a story previously.  And the time of the story posting, 6 AM PDT, was obviously very suspicious.  The story read:Steve Jobs was rushed to the ER just a few hours ago after suffering... Read more...
Sophisticated, targeted phishing attacks have successfully swiped data from roughly 15,000 victims within the last 15 months according to Internet security company, VeriSign. VeriSign believes that almost all of these attacks are coming from just two groups. "Unlike traditional phishing attacks, which are sent to millions in hopes of luring some victims to fake Web sites, spear-phishing emails contain personal information, such as the name of the victim or his employer's name to make them appear legitimate. In the attacks tracked by Verisign, victims are tricked into visiting malicious Web sites or opening malicious attachments, which then give attackers a back door onto their PCs so they can... Read more...
You had to know this was going to happen.  CNN is reporting that Apple plans to step up their attacks on Windows Vista and the PC in general with new ads featuring recurrent "Mac-Guy" Justin Long. Has anyone ever asked that guy if he's actually a Mac user? "For nearly a year, television and Internet audiences have been seeing a familiar string of ads from Apple Inc. attacking rival Windows-based computers. With this week's release of Windows Vista, the newest jabs aren't any friendlier. In one ad, the character personifying the PC is dressed in hospital patient garb, talking about how he's set to undergo major surgery to upgrade to Vista. He then saunters off, telling the Mac... Read more...
There is a very interesting story breaking today concerning AMD processors and a new "proof-of-concept" virus.  It seems the virus can gain low-level access to hardware and potentially bypass kernel and user-level protection mechanisms. Dubbed W32.Bounds (32-bit) and W64.Bounds (64-bit), the virus is not much of a threat at the moment, as you can see in the threat assessment posted at Symantec. "The worm comes in two versions, targeting 32-bit and 64-bit processors from AMD. Symantec refers to the online pests as w32.bounds and w64.bounds. Because it involves proof of concept code, both viruses are rated as low level threats.... Read more...
Fudo reports that Corsair is distributing a .PDF in which the company tackles some of the bold claims made by OCZ in regards to the success of their heatspreaders. In a rather bold move on their part, Corsair illustrates the fact that heatspreaders on memory modules are largely for aesthetic purposes only and offer less than 5MHz of overclocking headroom versus bare modules. This gets you thinking if heatspreaders don't serve much of a purpose, maybe Corsair is onto something afterall with their heatspreader-mounted diagnostic LEDs on their XMS Xpert modules.The CEO of Asetek, the company that dedicated its life to cooling confirmed the same thing as he said that even if you use LN2 to cool your... Read more...