UK credit reference and credit recovery agency creditsafe.co.uk took its site offline on Tuesday, as a precaution, following a hacking attack. The site remains offline at the time of writing on Wednesday afternoon.
Miscreants planted malicious code on Creditsafe Limited's1 website. This code had the effect of redirecting surfers to a hacker controlled website that attempted to drop malware onto the PCs of surfers, likely using unlatched browser exploits or similar methods
On Friday, June 10, authorities in Spain arrested three people believed to be members of the loosely organized hacking collective known as Anonymous and who were involved with the cyber attack on Sony networks. Following the arrests, the website of the Spanish national police force was hit with a distributed denial-of-service (DDoS) attack that took it offline for a short period of time. The attack is believed to be retaliation for the arrests. Also following the attack, Turkish authorities detained 32 people alleged to be associated with Anonymous.
he FBI is investigating fraudulent automated clearinghouse (ACH) transactions that resulted in the theft of at least 9,000 from the bank account of Pittsford, New York. The fraudulent transactions started about two weeks ago, when the attackers made a series of transactions from city coffers to money mules, who took the money and wired it to accounts outside the US. The transactions took place shortly after Pittsford opened an account with a new bank, where they had not yet established transaction controls. At their previous bank, all transactions had to be approved by at least two town officials.
Hackers who stole bank account details for 200,000 Citigroup customers infiltrated the company's system by exploiting a garden-variety security hole in the company's website for credit card users, according to a report citing an unnamed security investigator.
The New York Times reported that the technique allowed the hackers to leapfrog from account to account on the Citi website by changing the numbers in the URLs that appeared after customers had entered valid usernames and passwords. The hackers wrote a script that automatically repeated the exercise tens of thousands of times, the NYT said in an article published Monday.
Hacker tricksters LulzSec is baiting US lawmakers with its latest attack on the US Senate.
The hacking group posted what security experts Sophos characterised as "basic information on the filesystems, user logins and the Apache web server config files" of the Senate website on Wednesday morning.
More than 200 Vietnamese websites have been attacked and some defaced with Chinese flags, an Internet security firm said as a maritime dispute raises tensions between the countries.The ministries of agriculture and foreign affairs are among those targeted since the beginning of June, said Nguyen Minh Duc, director of the state-linked Bach Khoa Internetwork Security Centre (BKIS).
Oracle has released a cross-platform update for Java that addresses 17 vulnerabilities in the ubiquitous software platform.All 17 vulnerabilities might be abused to inject code into vulnerable systems, and all but one affect how Java Runtime Environment client software runs in browsers
the men surreptitiously replaced PIN pads in at least seven banks in Manhattan, Chicago and the Miami area with identical-looking devices that recorded confidential data each time they were used. The compromised PIN pads were equipped with the ability for the stolen data to be accessed remotely.