Stories by Lucian Constantin

A new phishing attack that's spreading through Facebook chat modifies hijacked accounts in order to impersonate the social network's security team.

A member of the Anonymous hacktivist collective has published a list of Internet-facing Israeli SCADA (supervisory control and data acquisition) systems and alleged log-in details.

The PHP development team <a href="http://www.php.net/archive/2012.php#id2012-01-11-1">has released</a> version 5.3.9 of the popular Web development platform in order to address a recently disclosed denial-of-service (DoS) vulnerability, as well as other security issues and bugs.

Symantec has been accused in a lawsuit of California's unfair competition laws and fraudulent inducement by using scareware-like tactics to trick users into buying licenses for its PC utility-type products.

Android malware writers are taking advantage of the controversy surrounding Carrier IQ's smartphone tracking software in order to distribute a premium SMS Trojan, security researchers from Symantec warn.

Exploit code for a recently patched denial-of-service (DoS) vulnerability that affects Microsoft's ASP.NET Web development platform has been published online, therefore increasing the risk of potential attacks.

A cybercrime gang that primarily targets companies from the chemical industry has launched a new series of attacks that involve malware-laden emails purporting to be from Symantec, the security vendor responsible for exposing its operation earlier this year.

Two newly discovered vulnerabilities in Adobe's Flash Player can be exploited to execute arbitrary code remotely, according to <a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4694">advisories</a> from the U.S. Computer Emergency Readiness Team (US-CERT) and various security research companies.

An analysis of USB memory sticks lost on trains in Sydney revealed that two thirds of them were infected with one or more strains of malware and none was secured with an encryption solution.

An unpatched Yahoo Messenger vulnerability that allows attackers to change people's status messages and possibly perform other unauthorized actions can be exploited to spam malicious links to a large number of users.

Hacktivist groups Anonymous and TeaMp0isoN have joined together in a new campaign that involves compromising credit card details and using them to donate money to charities, homeless people and anti-government protesters around the world.

Facebook's community forum was flooded during the Thanksgiving weekend with spam messages that advertised live streaming links for various sporting events.

WikiLeaks has postponed the launch of its new secure submission system due to recent security compromises that seriously affected the credibility of the SSL infrastructure.

A new Android Trojan program that poses as an SMS management application is sending text messages to predefined premium-rate numbers in Europe and Canada, according to security researchers from Kaspersky Lab.

A yet-to-be-patched flaw discovered in the Apache HTTP server allows attackers to access protected resources on the internal network if some rewrite rules are not defined properly.