Google's Chrome OS has garnered a lot of attention in recent times. Early glimpses, however, don't quite justify the hype. Many tech savants have already written off the operating system as nothing more than a sexed up browser. However, it is still a little early for obituaries as Google may have a trump hiding up its sleeve. McAfee is one company that acknowledges the possibility of Chrome OS living up to all the hype.
According to its latest report titled "2010 Threat Predictions,"the operating system may become a prime target for hackers in the eventuality of it becoming rife. The security company fears that Chrome OS's dependence on HTML5 - allows web apps both online and offline access to a user's PC - will endear it to hackers. "When a technology is widely used and adopted, the bad guys will latch onto it before the good guys do,"said McAfee's director of security research, David Marcus. McAfee also expects the popularity of Adobe software among hackers to soar to such levels that it may become the most targeted application software in 2010.
The report had a word of caution for users of social networking sites as well. They might become more vulnerable in the new year as such sites come under increased attack. The report specifically mentioned the use of URL-shortening services in spreading malicious links through the social web.
Where there’s a will, there’s a way. Modern Warfare 2’s adoring public has spoken and, well, Infinity Ward didn’t quite step up and deliver. Enter hackers. And so they said, “Let there be something like dedicated servers,” and it was… not so good. The long and short of it? Hackers like to cheat. Straight from the horse’s mouth:
“Thanks to AgentGOD and his great work bringing the developer console back into the PC version, a whole new wave of servers are possible with vast amounts of customisation. Things such as unlimited ammo, massive experience points (10000xp for a single kill), Field of View tweaks, speed and gravity adjustments and so much more,” reads a Youtube video description of the hackers in question.
“The best bit is, this is all ranked and on IWNet! I guess the game is no longer balanced to f*** the PC gamers over!”
As of now, Infinity Ward has yet to respond to our questions about potential plans for anti-cheat measures. We imagine the trigger-happy developer has something in store for the infinite rocket-firing, gravity-defying scum, though.
If not, well, imagine that a bunch of Unreal Tournament’s colorful combatants decided to travel back in time and take over our world. Because that’ll make getting obliterated by lightning-fast, nigh-invincible super soldiers a little less frustrating.
Mid-sized businesses are finding themselves in a precarious position as of late. Forced to cut back spending because of the ongoing recession, many firms are spending less on security, but at the same time, cyber attacks are on the rise, according to a McAfee report released today.
McAfee surveyed 900 mid-sized businesses around the globe with workforces ranging from 51 to 1,000 employees, and more than half of them reported an increase in security breaches over the past 12 months. The United States, along with India, ranked at the top of the charts with 63 percent of organizations noting an increase in attacks, and only China was higher at 68 percent.
But what's most frightening is how many of those same organizations think they're only a single serious security breach away from being put out of business. Of those surveyed in the U.S., 71 percent said it's a real possibility, yet IT budgets have either dropped or remained the same.
"An organization's level of worry and awareness about increasing threats has not overcome the downward pressure on budgets and resources," said Darrell Rodenbaugh, senior vice president of global midmarket for McAfee, in a statement. "But this creates a vicious cycle of breach and repair that costs far more than prevention."
While most companies note that a single attack could do them in, McAfee notes that most businesses may underestimate the risk. Over 90 percent of those surveyed felt they're protected from cybercriminals and aren't in as much danger as larger businesses.
Making a high profile hacker arrest is respectable accomplishment, but bragging about it to his friends on the community forums is clearly a bad idea. I’m sure you didn’t need to be told this, but apparently it’s a lesson the Australian Police Department had to learn the hard way. In a recently televised take down broadcast on ABC’s Four Corners, Australian investigators raided, and sized computer equipment belonging to the administrator of an underground hacking forum located at r00t.y0u.org. Following the arrest, interrogators were able to obtain passwords, and began using the site as a honey pot to try and expose other potential suspects.
Unfortunately for Police word of the arrest leaked out quickly, and it didn’t take long for the community to discover something was up. Matters were further complicated when the police agency began taunting the forums visitors by saying “all member IP addresses have been logged, and arrests are being made”. Enraged by the comments, members of the hacker community broke into the system police were using during the investigation and supposedly gained access to intelligence contained within the federal police mainframe.
The hacker posted his own retort to the Australian police on pastebin.com mocking them for busting a couple of “script kiddies” and posted pictures of fake IDs and stolen credit card numbers lifted from police servers. The hacker continued by claiming “I couldn’t stop laughing on seeing that the federal police server was running Windows”. Apparently the MYSQL password was also left blank (opps!). Apparently this 30 minute long hack could have been faster if he “didn’t stop to laugh so much”.
Police claim the files were intentionally planted on the compromised system. Anyone buy that?
Two high-profile security professionals -- security researcher Dan Kaminsky and former hacker Kevin Mitnick -- were targeted by hackers this week in what appears to be an attempt to call into question the duo's credibility right on the eve of the Black Hat and DefCon security conference.
"There are people who just live press release by press release," the hackers wrote in note posted on Kaminsky's website. "And on top of it all, somehow you STILL have not got rid of Kevin Mitnick. The industry cares about virtualization one year and iPhones the next, every year forgetting the lessons it should have picked up in the last."
The hackers also stole personal data and posted it online, which included private emails between Kaminsky and other security researchers, very personal chat logs, and a list of files Kaminsky downloaded that pertain to dating and other topics, Wired reports.
After discovering a flaw in the DNS protocol, Kaminsky received the Pwnie award for the "Most overhyped security vulnerability" at Black Hat 2008. Mitnick was once considered "the most wanted computer criminal in United States history" by the government but has been accused by some in the hacking community as living off a dated reputation.
Social networking is all fun and games until someone hijacks your social security number, sells it to the seedy underground world of cyber-crime, and ultimately destroys your credit. But does that really happen?
According to a new study, it very well could. Researchers at Carnegie Mellon University showed how social security numbers can be guessed using information found in sites like Facebook, MySpace, and other popular Web portals. And it's not just a freak occurrence, either. Using information culled from such sites, researchers were able to predict, on the first try, the first five digits of a person's social security number 44 percent of the time for 160,000 people born between 1989 and 2003.
"We live in a precarious time, where knowledge of a Social Security number, along with other information about one's name and date of birth, is sometimes sufficient to impersonate another individual," said Alessandro Acquisti, the study's lead author, in an telephone interview with Bloomberg.
Sites like Facebook leave personal information visible by default when creating a profile, and it's the birth data that is particularly telling, as the first three digits are assigned based on where a person lived at the time of obtaining a Social Security card. Using this information, Acquisiti said "the first five digits are easy to predict."
Celebrities have been dropping like flies in recent weeks, with Michael Jackson, Farrah Fawcett, Ed McMahon, and Billy Mays all having parted ways with the living. If you follow feeds on Twitter, you may have thought a lot more passed on, making you wonder if there really is something unsanitary flowing in Hollywood's water. That's because hackers have been gaining access to celebrity accounts and sending out bogus death notices for the likes of Britney Spears, Ellen DeGeneres, Jeff Goldblum, and P. Diddy.
"Britney has passed today," the fake tweet announced on Sunday. "It is a sad day for everyone. More news to come."
After learning of the message, Spears' staff tweeted that the pop singer's account had been compromised and that "She is fine and dandy spending a quiet day at home relaxing."
To gain access to celebrity accounts, hackers took advantage of a vulnerability allowing them to try every pin combination possible until one worked. Twitter claims a "fix has been put in place to prevent ths from happening."
Google has confirmed that the error messages people received on Thursday when searching for details of Michael Jackson’s death, was initially perceived as an attack. Searches between 2:45 and 3:15pm were returned with "We're sorry, but your query looks similar to automated requests from a computer virus or spyware application. To protect our users, we can't process your request right now."
The error messages lasted for about 25 minutes on Thursday, just long enough for Google to confirm what was actually going on. The search giant noted that the amount of traffic it saw on this topic was unprecedented, as millions around the world scrambled for accurate information, seemingly all at once. Yahoo has also confirmed that it hit an all-time record for unique visitors with over 16.4 million following the story. This blows away the previous record held by the Obama election day, with a paltry 15.1 million uniques.
The outpouring of sympathy online has been astonishing, and I’m sure Google will learn its lesson on this one.
After Obama’s website, black hats have now managed to sow the seeds of deceit in Google video search results. Security firm Trend Micro has discovered that that about 400,000 queries trigger Google Video search results that “have a single redirection point, and one that eventually leads to malware download and execution.” The black hats have been able to manipulate search results to their advantage using simple SEO techniques. For this purpose, they have reserved several domains and populated them with keywords.
According to Trend Micro, the malware executable, dubbed WORM_AQPLAY.A, proliferates using removable and network drives. The malware executable is disguised as an Adobe Flash installer. The malware only prompts the user to download the malicious Flash installer when he reaches one of the malefic video websites being run by the black hats.