Dancho Danchev of ZDnet reportsthat the Azerbaijan section at the United States Agency for International Development (azerbaijan.usaid.gov) has been compromised and is embedded with malware and exploits serving scripts since approximately March 1. He also provides a dissection of the attack. There’s a YouTube video from AVG as well, although it’s either somewhat blurry or…
Category: Hack
Telegraph.co.uk hacked, SQL injection (updated)
The HackersBlog crew, who had previously exposed vulnerabilities in a number of security vendor sites and a social networking site, now reports that they were able to exploit an SQL injection vulnerability to access The Telegraph‘s databases, including one that has 700,000 email addresses and passwords of those receiving the paper’s newsletter. Given how many…
AU: Bank confirms credit card fraud from Bottle Domains hack
On February 10, the Australian Domain Name Administrator (AuDA) reported that it had been notified by the Australian Federal Police (AFP) of a security incident involving domain registrar Bottle Domains. Another report at the time can be found here. Now eCommerce Report is reporting that one bank has confirmed fraud on some of the credit-cards…
Bits ‘n Pieces
In the justice system: John Shiefer, the Los Angeles computer security consultant who turned thousands of computers into zombies, was sentenced to four years in prison. More. Four Arizona men accused of spending more than $1 million using stolen credit cards are being held in a Maricopa County jail; they allegedly obtained the card numbers…
Concerns over increase in Facebook hacking
Computer experts called today for Facebook to review its security processes after the social networking website was hit by hackers five times in a week. Four separate “rogue applications” and a virus targeted users of the site, according to security firm Trend Micro. Although there is no evidence that people’s personal details were stolen by…
Spotify breach creates password hack risk
John Leyden reports: Popular online music service Spotify has warned of a security breach that may have exposed user passwords and other sensitive data. A notice – posted on Wednesday – explains that a bug in Spotify’s protocols that was recognised and resolved in December was more serious than first suspected. Last week Spotify learned…