Don't retire your home brewed aluminum foil deflector beanie just yet, there may be occasions where you'll still want to wear it. Take Symantec's source code snafu, for instance. When word got out that hackers had stolen certain source code from Symantec, the security firm initially brushed off the incident in the public eye saying the stolen code only applied to outdated software from several years ago. Not long after, Symantec advised pcAnywhere customers to stop using their product until it could release a patch. But what's really telling are a series of emails Symantec and the hacker responsible for the theft exchanged with each other.
An element of hacker group Anonymous announced today that it has intercepted a conference call between the FBI and UK law enforcement wherein they discuss tracking down Anonymous. The 16 minute call was recorded and has been posted on various sites, including YouTube. The FBI and Scotland Yard have confirmed their call was illegally intercepted.
Less than three weeks ago, security firm Symantec publicly downplayed the theft of a portion of its source code and said the stolen bits were from a 2006 enterprise version of its software. The message at the time was that the theft didn't affect Symantec's Norton products for consumer customers, nor were enterprise users as risk. In other words, chillax. Now Symantec is making the unusual recommendation of telling people not to use its pcAnywhere software.
Who watches the watchmen? Alan Moore took a long, hard look at that question in the classic Watchmen graphic novel, but today we finally got a firm answer – at least if by “watchmen” you mean “computer security companies.” Symantec got the virtual equivalent of egg in the face after an Indian hacking group going by the name of “The Lords of Dharmaraja” managed to get their digital hands all over the Norton antivirus source code.
Java’s ubiquity combined with its propensity to stay out of date on a large chunk of its install base makes it an ideal target for hackers. This is enough to ensure that whenever the subject of third-party software vulnerabilities crops up for discussion Java is somewhere at the top of the ensuing list of those most vulnerable. According to the latest volume of Microsoft’s Security Intelligence Report, Java was responsible for the largest number of attacks in the first half of 2011.
It was beginning to seem like hackers had developed a fetish for water, or water systems. Earlier this week, an entire city's water control system controlling water and sewage systems was hacked into, in part because system admins saw fit to protect the system using a weak three-character password. Around the same time, it was being reported that hackers broke into an Illinois water plant and ultimately caused a water pump to burn out. Turns out it was just faulty equipment.
There is a lot of emphasis on computer security these days. Strong passwords, encryption, the whole nine yards. Apparently no one told a community called South Houston in Texas, USA. According to various confirmed reports, the municipality was using a simple three-character password to protect its Internet-facing SCADA system, which controls water and sewage systems. This system was accessed by a hacker known only as pr0f as a proof of concept. Yikes.
Accused LulsSec hacker Cody Kretsinger has plead not guilty to charges including conspiracy, and unauthorized impairment of a protected computer. Kretsinger, age 23, is alleged to have gone by the name “recursion” in the hacker collective and had a direct hand in the attack on Sony Entertainment Pictures earlier this year that exposed the personal details of thousands of people.
Hackers took control of Sesame Street's YouTube channel on Sunday and replaced videos of kid-friendly puppets with real-life actors engaged in hardcore porn. Security firm Sophos reported on its suddenly appropriately titled "Naked Security" blog that the XXX-rated content was available for around 20 minutes before the channel was pulled for "repeated or severe violations of our Community guidelines."
We understand that Goldman Sachs Chief Executive Officer Lloyd Blankfein is a busy man. Running a multi-billion dollar company tends to cut into your free time, that's just the way it is. Even still, the 57-year-old CEO would be wise to scrap any and all passwords and come up with new ones following a data dump of his personal information on Pastebin.