SecurityProNews Directory: A Directory For All Things Security

Monthly Archives: May 2012

U.S. Government Releases List Of Words They Look For Online
U.S. Government Releases List Of Words They Look For Online
It's pretty obvious by now that the U.S. government wants to desperately spy on our online activities. Reports that the NSA is building a giant facility to intercept and record our communication are pretty bad, but groups like the NSA and FBI already watch for certain words online all in the name of protecting you from the bad guys. Thanks to the Freedom of Information Act, we now know what those words are.
Read More ...
Yahoo Axis Private Certificate Key Leaked at Launch
Yahoo Axis Private Certificate Key Leaked at Launch
Though the security issue has been resolved, Yahoo slightly botched the launch of Axis, its new mobile browser and desktop extension, by leaking its private certificate file in the source code of the Chrome extension. The private certificate was used to sign the extension, and could have been used to create a false extension that would be authenticated as officially from Yahoo.
Read More ...
Apple Hires Kapersky Labs To Test Mac Security
Apple Hires Kapersky Labs To Test Mac Security
The Flashback malware threat that recently plagued Mac computers opened a lot of eyes to the fact that Apple's computers may not be secure as their users have always believed. The Flashback malware attacked users' Macs by means of a flaw in Java that allowed it to install on users' computers without their knowledge. Apple ultimately dealt with the problem by releasing a tool that would remove it from infected computers, but not before the malware netted its creators as much as $10,000 per day in stolen ad revenue.
Read More ...
55,000 Twitter Accounts Hacked, Passwords Exposed
55,000 Twitter Accounts Hacked, Passwords Exposed
Hackers appear to have successfully exposed the passwords of as many as 55,000 Twitter accounts yesterday, sparking the website to conduct an investigation into just how the security breach occurred.
Read More ...
Oracle Offers Workaround After Confusion Leads to Zero-Day Disclosure
Oracle Offers Workaround After Confusion Leads to Zero-Day Disclosure
Many software developers offer bounty programs for their products. The concept is that someone finds an vulnerability and notifies the developers of the software for a reward. The point is to dissuade hackers from using the vulnerabilities by offering them something "better"(?). Of course one would think that, after the vulnerability is turned in and the reward given, the developer would scramble to correct the issue. Oracle seems to have a different process in place.
Read More ...