Microsoft today issued an advance notification of this month’s “Patch Tuesday” security updates for Windows and other software developed by it. According to its security bulletin advance notification for July 2012, Microsoft will deliver three “critical” and twice as many “important” security updates next Tuesday. Hit the jump for more.
Back in November 2011, the FBI and NASA-OIG worked with Estonian police to arrest a band of cybercriminals known as "Rove Digital" who were operating a botnet that would alter user DNS settings to point infected systems to malicious DNS data centers in Estonia, New York, and Chicago. Come Monday, the Internet will go dark for potentially hundreds of thousands of unsuspecting PC users unaware their system is infected with a DNS changing virus.
By now most everyone with an Internet connection and even a passing interest in technology news knows about LinkedIn's recent security breach, the one in which 6.5 million LinkedIn hashed passwords were swiped from the site's servers and posted on a Russian website. LinkedIn has been in full damage control ever since, including a post over the weekend outlining steps it's taking to protect its members.
Back in May of this year, Kaspersky Lab announced the discovery of a "highly sophisticated malicious program" called Flame that's capable of stealing valuable information from targeted systems, including audio conversations. Kaspersky Lab later referred to Flame as "the most complex cyber-weapon to date," and following in-depth research, has discovered that the criminal minds behind it are in cahoots with the developers of Stuxnet and Duqu.
Misery loves company, though that probably won't come as much consolation to social networking site LinkedIn, which is now joined by at least two other sites that suffered a serious security breach at the hands of the same band of hackers. Both Last.fm and eHarmony issued separate statements confirming that some user passwords may have been compromised in the recent hacker attack.
Phishers are coming out of the woodwork trying to bait panicked or otherwise unsuspecting LinkedIn users into supposedly 'confirming' their account, but what they're really doing is hijacking login credentials. They're also compounding the situation, whereby LinkedIn has now confirmed it suffered a data breach in which encrypted user passwords were compromised. Here's what you should do.
If you're a LinkedIn user, you may want to consider changing up your password today, as well as those of any other accounts that share the same login credentials. While nothing has yet been confirmed, LinkedIn said it's currently "looking into reports of stolen passwords," reports of which are flowing through Twitter and other areas of the Internet, as well as on a Russian forum where one member claims he uploaded 6,458,020 hashed passwords.
Malware writers figured out long ago that infection rates go up when you target current trends. Potential victims who aren't particularly computer savvy tend to let their guard down when an email arrives related to current events, and with the London Olympics less than two months away, malware writers are getting a head start by sending out malicious Olympic themed emails.
Are all the stories about seamless Wi-Fi switching and Google Street View wardriving getting you down? Is your WPA2 password, well, "password"? Fear not, worried Wi-Fi lovers; researchers from Institut Polytechnique Grenoble and the Centre Technique du Papier have you covered -- literally -- with their spiffy new Wi-Fi blocking wallpaper.
Hewlett-Packard chief executive Meg Whitman might as well have been wearing a Boogeyman costume when addressing a crowd in London during an HP customer event. While there, she warned listeners that a mega-sized cyber terrorist attack is pretty much a foregone conclusion, that it's mostly a matter of when, not if, it will happen. But fear not, HP will be there to save the day, if you call upon the company.