Read a little. Learn a lot. • Tightly-written news, views and stuff • Follow us on TwitterBe a Facebook FanTumble us!

17 Feb 2010 10:27

tags

Tech: Don’t open that doc: PDFs proving to be a major security problem

  • PDF exploits are usually the first ones attempted by attackers. Attackers are choosing PDFs for a reason. It’s not random. They’re establishing a preference for Reader exploits.
  • ScanSafe senior security researcher Mary Landesman • Regarding the preference of hackers to use rogue PDFs for exploits first on malicious Web sites, then other exploits if those don’t work. Landesman claims that 80 percent of all exploits in the fourth quarter of 2009 came from PDFs, which is really scary, especially since the format is so heavily-used. “PDF use is huge,” she said. So are zero-day exploits. source

18 Aug 2009 09:59

tags

Biz, Tech: How did the credit-card hackers do it? It was easy, actually.

  • A little malware here, a proxy server there … Albert Gonzalez and his Russian conspirators weren’t screwing around when they hacked the Gibson of a number of corporations, most notably 7-Eleven, and stole millions of credit card numbers. By targeting potential victims, learning the companies’ point of sale systems, and launching SQL-injection attacks to install malware, they were able to steal 130 million credit card numbers. They exploited bad security using crude methods for positive gain. source