vulnerability
Google Buzz bug exposes user geo location
‘Pretty nasty vulnerability’ Updated Already besieged by complaints of shoddy user privacy, Google Buzz is was susceptible to exploits that allow an attacker to commandeer accounts and even learn where victims are located, a security researcher said Tuesday.…
Continue reading »Microsoft warns of IE bug used in Chinese attacks on Google
Microsoft has issued Security Advisory (979352) after its own investigations into the highly-organized hacking attack in late December, the one that Google earlier this week insinuated came from China, led the software giant to conclude that a Remote Code Execution (RCE) vulnerability in Internet Explorer was used by the perpetrators.
Continue reading »Researchers: Flaw in Fed Wiretaps Could Allow Circumvention
People who think they are being wiretapped by the cops could disable the taps by sending a stream of text messages or making numerous VOIP calls to overwhelm the system’s thin bandwidth, researchers in Pennsylvania postulate. The researchers say they’ve found a vulnerability in U.S. law enforcement wiretaps, if only theoretical, that would allow a surveillance target to thwart the authorities by launching what amounts to a denial-of-service (DoS) attack against the connection between the phone company switches and law enforcement.
Continue reading »Time Warner Cable Exposes 65,000 Customer Routers to Remote Hacks
A vulnerability in a Time Warner cable modem and Wi-Fi router deployed to 65,000 customers would allow a hacker to remotely access the device’s administrative menu over the internet, and potentially change the settings to intercept traffic, according to a blogger who discovered the issue. Time Warner acknowledged the problem to Threat Level on Tuesday, and says it’s in the process of testing replacement firmware code from the router manufacturer, which it plans to push out to customers soon. “We were aware of the problem last week and have been working on it since,” said Time Warner spokesman Alex Dudley.
Continue reading »Payroll Site Hacked, Employment Numbers Swell
A payroll processing firm that was breached by hackers last month is warning customers about a new breach, after some clients noticed phantom employees popping up on their payrolls. New Jersey-based PayChoice sent a message to customers Thursday indicating that thieves appeared to have stolen customer login IDs and passwords by exploiting a vulnerability in the website feature for changing a password, WashingtonPost.com reports. PayChoice said it disabled the change password feature until it could fix the vulnerability.
Continue reading »