Hack attacks from online thugs such as Anonymous and LulzSec appear to signal a hacker Armageddon. Not only has Sony been relentlessly targeted by hackers this year so has the Central Intelligence Agency, Sega, PBS.com, the U.K. government, and dozens of other high-profile company and government agency Web sites.
Online storage service Dropbox made an embarrassing error Monday, turning off password authentication for millions of users.
Robert Dutt | 22 Jun | Read more
Massive website compromises using a technique known as <a href="http://www.csoonline.com/article/499964/sql-injection-attacks-led-to-heartland-hannaford-breaches-">SQL injection</a> has long been a top security concern for Web developers and site owners. Now, the attacks may become harder to detect and prevent, according to one security firm's analysis.
Robert Lemos | 20 Jun | Read more
Domain register and Web hosting provider, Distribute.IT, has been unable to recover any of the data hosted on its four servers following an [[artnid:390689|infrastructure hack|new]] last week by a group called Evil and is now transferring customers to other hosting providers.
Hamish Barwick | 21 Jun | Read more
Web scanning is different from vulnerability scanning because it looks for bugs in the Web apps themselves, rather than in the software installed on the Web server. For example, all of the vulnerability scanners told us about an old embedded system on our network vulnerable to a cross-site scripting attack because of an old version of PHP.
Joel Snyder | 20 Jun | Read more
Hewlett-Packard Co. has become the latest to add its name to the rapidly growing list of high-profile corporate hacking victims.
Jaikumar Vijayan | 18 Jun | Read more
Orlando, Florida's city Website could be the latest target of hackers at noon EST Thursday if Web chatter between hackers online turns out to be true. Plans of the alleged attack are being circulated on Anonymous-related IRC channels. Anonymous is a group of loosely affiliated hackers that work together to coordinate hack attacks.
Only hours after embarrassing the CIA by downing its website, hacking jokesters LulzSec have issued another self-declared indictment of the Internet's woeful security, leaking a database of 62,000 stolen passwords and user names.
John E Dunn | 17 Jun | Read more
LulzSec has been making headlines on a virtually daily basis for a month or so now. The hacker group has compromised servers and exposed sensitive information from targets ranging from Sony, to PBS, to the FBI, and has even set up a hotline to take requests for which sites to attack next. The irony of the LulzSec hacks, though, is that the group is doing us all a favour whether they intend to, or not.
Tony Bradley | 17 Jun | Read more
The CIA's main public facing web site appears to have been taken down by hacking group LulzSec earlier today.
Jaikumar Vijayan | 16 Jun | Read more
For any company that makes its living selling security, it's a nightmare come true. This week, RSA Security admitted that <a href="http://www.networkworld.com/news/2011/031811-rsa-warns-securid-customers-after.html">hackers who broke into its network</a> three months ago had stolen information about its SecurID tokens and then used that information to attack a customer, Lockheed Martin.
Robert McMillan | 11 Jun | Read more
Security vendor Sophos plans to buy Astaro, a maker of network security software.
Robert McMillan | 07 May | Read more
Speaking at the All Things Digital D9 conference, Google Executive Chairman Eric Schmidt said in a wide-ranging Q&A session that the best workstation security is offered by a Mac, coupled with Google's Chrome browser. Additionally, he suggests users of Google's services should activate two-step authentication -- introduced earlier this year -- which requires users to enter a code that's texted to their phone each time they log in on a new computer.
Keir Thomas | 02 Jun | Read more