Warning: Creating default object from empty value in /home/ict-forward/www-apps/wp-svn/wp-includes/ms-load.php on line 138
March « 2010 « The FORWARD project blog

Archive for March, 2010

Pwn2Own 2010 “exploit the iPhone”

Tuesday, March 30th, 2010

The Pwn2Own contest took place for this year at the CanSecWest security conference held on March 24th 2010. The aim of this contest is to call hackers looking for vulnerabilities in browsers and operating systems and exploit them.  Τhis year  is more interest due to the fact that has increased the pecuniary rewards for hacking computers and smart-phones. Last year were not given the rewards for smart-phones while no-one it could not attack them.

(more…)

FIFA World Cup – themed malware

Saturday, March 27th, 2010

Major events often used by spammers to fuel their scams.

While the World Cup soccer tournament is still more than two months away, researchers from Symantec are reporting on a targeted malware campaign using a FIFA World Cup theme. Attackers changed Greenlife’s PDF document to include malicious code. Emails contain this attached PDF file claiming to provide a guide to the first African edition of football’s most prestigious tournament.

(more…)

Hackers grow in number and skills in China

Friday, March 26th, 2010

According to Symantec, China’s hacking scene is growing rapidly, having become second in the world, after the US. Chinese Internet users appear interested in criminal hacking and government spying. “China’s hacking scene is clearly an active one”, “These individuals and groups are known for discovering vulnerabilities, writing exploit code and developing sophisticated hacking techniques” as the report states.

(more…)

Firefox releases security patch due an integer overflow error.

Friday, March 26th, 2010

Mozilla has released Firefox 3.6.2 almost a week ahead of schedule, after security issues were found in earlier versions. Firefox 3.6.2 was scheduled to launch at 30 of March, but is now available for download. The latest Firefox version fixes a vulnerability that could allow remote code execution attacks. Firefox is the second most popular browser in the web and its usage is between 20% and 32%.

(more…)

Gonzalez gets 20 years for TJX credit card scam

Friday, March 26th, 2010

Albert Gonzalez is a hacker mastermind who has committed a lot of crimes by stealing credit and debit cards by major US retailers. He has been described as a greed personality motivated by his ego and his thirst for acknowledgment by the public for his computer intrusions. Among his criminal activities he used to exploit a government agency through his cooperation with the U.S. Secret Service providing classified information to his co-conspirators in the credit-card theft cases. (more…)

Facebook warns about password reset scam

Friday, March 26th, 2010

One of the most prevalent piece of malware targeting consumers in the last week is an e-mail that supposed to be sent from facebook. This e-mail says that your password has been reset and you need to open the attachment in order to retrieve your password. The attachment contains a password stealer that can potentially access any username and password combination used on the computer, not just the login credentials for Facebook.

(more…)

Pwn2Own 2010 – Attack’s on browser’s and mobile devices

Tuesday, March 23rd, 2010

The  Pwn2Own contest is back this year and is looking the new winner. The competition starts at 24th of March 2010. in Vancouver. The winner is the person that will successfully hack an application or a  platform and the prize will be $100,000 USD and keep the target that exploit.

(more…)

MSN Viruses

Tuesday, March 23rd, 2010

You might have been browsing on the web or doing something else while you where logged into msn and out of nowhere you received a strange message from one of your contact lists containing a strange URL, such as http://your_email.partytimez.info or some kind of zip file. Some of us being unsuspicious might have clicked on it and that’s what in the first placed begun the spreading of the malicious spam.

(more…)

Skipfish: A new web application security tool from Google

Monday, March 22nd, 2010

Last Friday, Google released a new security tool known as Skipfish, written by Michal Zalewski, a Polish security researcher and author of various tools and books, with contributions and feedback from Google’s information security engineering team. Skipfish aims to help web application developers secure and reveal various possible security flaws of their applications. Since web applications become more and more complex, developers need similar tools to check and validate the security of their code. Michal Zalewski wrote in a blog article, “The safety of the Internet is of paramount importance to Google, and helping web developers build secure, reliable web applications is an important part of the equation.”

(more…)

All your smartphones are belong to us

Wednesday, March 17th, 2010

A pair of researchers in RSA 2010 security conference have demonstrated the feasibility of building a botnet using smartphones such as the iPhone or Android-like devices.

Derek Brown and Daniel Tijerina, security researchers with TippingPoint’s Digital Vaccine Group, presented their findings from a research project called MOBOTS: Pocketful of Pwnage, which was designed to show how easy it would be to create a large mobile botnet. (more…)