hacking

Experts found a new bug in Facebook login system that allowed attackers to match random email addresses with users’ first and last names in spite of members’ actions taken to protect their privacy. Such a bug could have been exploited by social-engineering scammers, phishers, or anyone who has ever been curious about the person behind an anonymous email message. If the address belongs to any one of the 500 million active users on Facebook, the social-networking site will return the full name and picture associated with the account.

According to the report of security researchers that attended the Black Hat conference last week China is increasingly getting a leading marketplace for permitted hacking and malware making tools allowing criminal rings to create ‘production chains’ that develop and distribute technologies for producing malicious software.

Developers now have an opportunity to find themselves at a place of a hacker with the new tutorial launched by Google. The company has released a free online tool that allows developers to exploit real security bugs in a mock web application.

Tuesday, the European Commission unveiled more details concerning its five year security plan. Thereby, the EC detailed how it plans to get the Stockholm Programme to enhance security enacted into law by 2014.

Rodney Reed Caverly, a Bank of America computer specialist, will plead guilty next week to a computer fraud charge.

Caverly had worked in Bank of America's IT department where he designed and maintained computer systems, including those used by the ATMs. The alleged scam ran between March 2009 and October 2009.

A recent survey released late Tuesday by the China Internet Network Information Center (CNNIC) and China's National Computer Network Emergency Response Technical Team (CNCERT) revealed that the horrific majority of Chinese Internet users had no anti-virus last year while the security problems continued to grow across the nation.

The survey results showed that 384 million people in China used the Internet in the second half of last year and the number of people in the country surfing the Internet with no antivirus software was nearly 17 million!

The Cumbria Constabulary and Tufin Technologies conducted a survey amid 1,000 children in London and 150 from the northern English county of Cumbria reflected over a quarter of children had tried hacking at least once, despite the majority of kids agree that computer hacking is wrong and bad.

Thus the survey found 26% of kids surveyed said they had tried hacking, breaking into someone else's account, at some point. Of those who had hacked, 27% had targeted accounts on the popular social networking site Facebook, and 18% went after their friends' e-mail accounts.

The mostly costly scam in 2010 according to McAfee report will be fake antivirus applications that prompt Internet subscribers to download malicious software under guise of anti-virus protection and pay their own money for such bogus products.

The report reveals that cyber crooks earn more than $300 million from luring unwitting users into downloading scareware. Over the past two years scareware grew by 660% while during the past 12 months it increased by 400%.

For the fourth time hackers will participate in an annual contest where they will focus on vulnerabilities in smartphones and browsers with as much as $100,000 in awards next month.

The Pwn2Own competition will award $60,000 for exploits that successfully penetrate Apple's iPhone 3GS, Research in Motion's Blackberry Bold 9700, a Nokia device running the most recent version of Symbian and a Motorola phone running Google's Android. Each mobile attack that results in code execution "with little to no user-interaction" will fetch $15,000.

A notorious hacker Max Butler, known also as Max Ray Vision as well as under the nickname Iceman, was sentenced to 13 years in federal prison by US District Court in Pittsburgh. He was found guilty of hacking financial firms and stealing nearly two million credit card numbers from banks, businesses and other hackers.

This weekend Chinese local paper the Wuhan Evening News reported that the authorities closed allegedly the largest hacker training website in the country and arrested three of its members.

According to the newspaper the "Black Hawk Safety Net" website taught hacking techniques and provided malicious software downloads for its 12,000 members in exchange for a fee.

Chinese largest search engine Baidu.com filed a lawsuit against its US domain registrar over a hack that took down the Web site, alleging negligence by the US company.

Last week, users had failed accessing Baidu.com for several hours after the company's domain name server in the US was tampered with. The same group, the Iranian Cyber Army, that took down Twitter last month, also was found to be behind the attack on Baidu.

A Twitter-style service offered by a government-linked news site in China was hacked and has since gone offline, according to screenshots posted on the Web.

A microblog service launched Tuesday by the Web site of the People's Daily, the mouthpiece of China's ruling Communist Party, added to the growing number of Twitter-style services offered in China but became inaccessible by Wednesday. Screenshots posted in Chinese online forums showed the service before it went offline bombarding visitors with a set of pop-up messages apparently added by a hacker.

RockYou, social app creator, notified 32 million of its users that their usernames and passwords may have been compromised by hackers who broke into the company’s older widgets.

RockYou chief technology officer Jia Shen said in an interview the company was notified of the SQL injection attack against RockYou.com last week by security company Imperva. As Shen reported, RockYou closed the site for its legacy applications, like slide show widgets, and secured them.

Tuesday Google visitors got malicious instead of search results clicking Google's front-page Doodle sketch, dedicated to 150th anniversary of the birth of Esperanto's creator L. L. Zamenhof.

Searchers were taken to to dodgy advertisements or pages that tried to trick visitors into thinking their computers were infected and paying for fake antivirus software.

This case reflected the latest example of just how good scammers have become at manipulating Google search results.