Organizations that look to protect themselves against attacks launched by the Anonymous hacktivist collective should make sure that their Web applications are secure before deploying anti-DDoS (distributed denial-of-service) solutions, says security firm Imperva in a new report.
By the time John Prescott finally had his day in court at the Leveson inquiry on Monday his evidence about his own mistreatment by the phone hackers and their powerful friends in blue uniforms was doomed to be an anticlimax after the sensational disclosures that preceded it.
Computer hackers from Denmark have exposed two suspected paedophiles in what they say is an attempt to clean up the web.
According to the Berlingske newspaper, the hackers, who published the names of two men on Facebook, are associated with the global online activist group Anonymous.
In secretive online chat rooms, away from the glare of police, small groups of elite hackers plot attacks against multi-national corporations and governments.
But in a quest to expose what they see as a conspiracy of high-level corruption, the hackers – affiliated to cyber-activist network Anonymous – have in recent months expanded their targets, becoming increasingly unpredictable and callous in the process.
Freedom, the grey hat hacker that in the past period identified a lot of cross-site scripting (XSS) vulnerabilities in some important websites, returns with other interesting finds. He discovered a number of 25 online shops from the United Kingdom containing XSS security holes.
The worrying thing is that all of the sites bare Verisign Trusted, Internet Shopping is Safe, Internet Delivery is Safe, Verified by Visa, and MasterCard SecureCode logos.
The website of an international prison contractor has been defaced by hackers who replaced the company's home page with a hip-hop homage devoted to former death row inmate Mumia Abu Jamal.
Hackers allied to the loose-knit Anonymous movement claimed responsibility for vandalising the site of Florida's GEO Group Inc., which manages some 60 custodial facilities in Europe, North America, Australia and South Africa.
A critical vulnerability in some versions of Parallels' Plesk Panel control panel software appears to have been key to the recent penetration of two servers hosting websites for the Federal Trade Commission. The vulnerability in the software, which is used for remote administration of hosted servers at a large number of Internet hosting companies, could spell bad news for hosting providers who haven't applied the latest updates, as well as their customers.
Usually a mainstream movie is shown on the television screens at Best Buy, but some customers were quite surprised during a visit to a Greenville, S.C., store.
A video did not play, but a pornographic image popped-up on one of their screens for several minutes. One customer described the image as “extremely, extremely pornographic.” Others said that several children saw the screens. Best Buy Corporate has apologized for the incident, placing the blame on hackers.
Two grey hat hacker collectives joined forces and launched an operation called Op Ivy, intended to reveal the large number of vulnerabilities present in the official websites of major universities, first ones on the list being Brown University, Columbia University, Dartmouth University, Cornell University, Harvard University, Princeton University, University of Pennsylvania, and Yale University.
Former CTO of McAfee, George Kurtz, has launched a new security technology company called CrowdStrike. The company is still in stealth mode, but as reported earlier today on TechCrunch the company has revealed a $26 million Series A investment from Warburg Pincus (Kurtz was previously an EIR at the private equity firm).
The new company announced the formation of the company on George Kurtz blog, www.georgekurtz.com.
