Vulnerabilities and attacks

Threat of mass cyberattacks on U.S. banks is real, McAfee warns

The wave of distributed denial of service attacks that hit U.S. banks in October was next-to-nothing compared to what could happen if cybercriminals actually carry through with their plans for next year.

According to a report (PDF) released today by McAfee Labs, an impending attack on U.S. financial institutions -- dubbed Project Blitzkrieg -- isn't only a possibility, it's a "credible threat."

"McAfee Labs believes that Project Blitzkrieg is a credible threat to the financial industry and appears to be moving forward as planned," the report reads. "Although Project Blitzkrieg hasn'… Read more

Possible IE bug would let hackers track mouse moves

Microsoft is investigating a possible flaw in its Internet Explorer Web browser that allegedly enables attackers to track users' mouse cursor anywhere on the screen, even if the browser window isn't in use.

The alleged flaw, which security firm Spider.io says it discovered a few months ago, compromises the security of virtual keyboards and virtual keypads in all supported versions of the browser since IE6, the security firm reports.

"As long as the page with the exploitative advertiser's ad stays open -- even if you push the page to a background tab or, indeed, even if … Read more

New Trojan attempts SMS fraud on OS X users

The Russian security firm Dr. Web has uncovered another malware attempt on OS X systems that tries to exploit users with SMS fraud.

The new malware is a Trojan horse, dubbed "Trojan.SMSSend.3666," and is part of a family of Trojan malware for Windows and other platforms that have affected Windows users for years.

As with all Trojans, these pose as legitimate programs that are made available for download from a number of underground Web sites, with this current one for OS X appearing to be an installer for a program called VKMusic 4, a utility whose … Read more

GhostShell claims breach of 1.6M accounts at FBI, NASA, and more

Team GhostShell, the hacktivist collective, said today that it has stolen accounts from a large number of government agencies, contractors, and security firms, posting information from 1.6 million accounts online.

Dubbed Project White Fox, the hacking project appears to have affected NASA, the FBI, the Pentagon, and Interpol, among many others. The hackers announced their work in a file posted on Pastebin.

Our colleagues at ZDNet report:

The file dump, upon closer inspection, seems to include a number of records obtained via SQL injection. A random selection of the files contain email and home addresses, defense material tests and … Read more

Hackers steal customer info from insurance provider Nationwide

Hackers broke into insurance company Nationwide's network in early October, stealing the personal information of more than a million customers across the country, the insurance company recently revealed.

The company said the compromised information included people's names and a combination of Social Security numbers, driver's license numbers, their date of birth, and possibly marital status, gender, and occupation, as well as the names and addresses of employers. Nationwide said it had no evidence that any medical information or credit card account data was stolen.

"We discovered the attack that day, and took immediate steps to contain … Read more

New Mac malware uses OS X launch services

Security company Intego is reporting the discovery of a new malware package for OS X. The package is a Trojan horse called OSX/Dockster.A, that appears to have keylogging features to record what is being typed on an infected system in addition to remote-access features for backdoor access into the system. When installed, the Trojan attempts to contact the server "itsec.eicp.net," likely to receive instructions for allowing remote access to the system.

As with other recent malware for OS X, Dockster is a Java-based threat that will not run unless you have Java installed on … Read more

Massive worm hits Tumblr, spams big blogs like USA Today

A massive bug swept Tumblr today and infected some of the biggest blogs -- including USA Today, Reuters, The Verge, and CNET -- until Tumblr resolved the issue shortly before 10:30 a.m. PT.

GNAA, a hacker group, claimed responsibility for the attack. The group's Twitter profile earlier today said 8,600 unique Tumblr users were affected.

Tumblr didn't explain what happened but said in a blog post that no accounts were compromised, and users didn't need to take any further action.

"Our sincere apologies for the inconvenience," the company said. "As always, … Read more

Former spy chief says U.S. has had its cyber '9/11 warning'

The United States faces "the cyber equivalent of the World Trade Center attack" unless urgent action is taken, a former U.S. intelligence chief warns.

John "Mike" McConnell, who served as director of the National Security Agency under President Clinton and then as director of national intelligence under George W. Bush and President Obama, told the Financial Times (subscription required) that such an attack would cripple the nation's banking system, power grid, and other essential infrastructure.

"We have had our 9/11 warning. Are we going to wait for the cyber equivalent of the … Read more

Anonymous declares war on Syrian government Web sites

Concluding that the Syrian government was responsible for the country's Internet blackout, the online hacktivist group Anonymous has announced a campaign against Syrian government Web sites hosted outside the country.

The Middle Eastern country began experiencing an Internet outage earlier today, and many people on Twitter reported that phone lines are down as well. All 84 of Syria's IP address blocks have become unreachable, effectively removing the country from the Internet, according to Renesys, which operates a real-time grid that continuously monitors Internet routing data.

Anonymous said it had conducted an "exhaustive analysis" of the blackout … Read more