Someone's been chatting a lot during the weekend, but picking up FEMA's PBX network as their main carrier might not have been the smartest thing to do. Over 400 calls, lasting from three up to ten minutes were placed through their network, a breach made possible due to an insecurely configured Private Branch Exchange system :"A hacker broke into a Homeland Security Department telephone system over the weekend and racked up about $12,000 in calls to the Middle East and Asia.
Latest from Dancho Danchev
Yesterday, Photobucket the world's most popular photo sharing site according to Hitwise had its DNS records hijacked to return a hacked page courtesy of the NetDevilz hacking group, a Turkish web site defacement group most widely known for its defacement of the adult video site Redtube earlier this year.
On Thursday, the search giant announced the availability of a new service Safe Browsing Alerts for Network Administrators.
For a couple of hours yesterday, Comcast's Internet Portal (comcast.net) had its DNS records hijacked and a defaced web page was loading from third-party domains.
What happens when the official domain names of the organizations that issue the domain names in general, and provide all the practical guidance on how the prevent DNS hijacking, end up having their own domain names hijacked? A wake up call for the Internet community.
SchmooCon 2011: A security researcher has demonstrated an Android based, SMS-driven smartphone botnet.
A MarkMonitor review indicates that less than 10% of the top 300 high trafficked sites have adopted VeriSign's Registry Lock Service.
RSA's FraudAction Research Lab is reporting that a crimeware targeting Brazilian banks, is using a popular social network as a command and control server. This isn't the first time that cybercriminals experiment with managed cloud platforms, or abuse of social networks for command and control purposes, and definitely not the last.
It's not every day that I get the chance to speak with a representative from the Russian Association of Electronic Communications (RAEC). Here are the key findings from their study, and the summary points based on my conversation with RAEC's head of PR, Dmitry Zakharov.
Security researchers test four smartphones (Nokia N95, Windows HTC tilt, Android G1 and Apple iPhone 3G S) and demonstrate man-in-the-middle attacks conducted through compromised Wi-Fi spots.