Brian Prince

Apple has released a security update for Java, but it does not address another security hole that has been at the center of recent attacks. Apple on Sept. 5 pushed out an update for Java 6 Mac OS X Snow Leopard, Lion and Mountain Lion. The patches followed a move by Oracle to release a […]

VUPEN Security has detailed how to exploit a critical memory corruption vulnerability in Xen hypervisors to break out of virtual machines and execute code. The attack leverages a now-patched vulnerability discovered by researchers Rafal Wojtczuk of Bromium and Jan Beulich of SUSE Linux and demonstrated earlier this year at the Black Hat security conference. The […]

Security researchers say they have uncovered a vulnerability in the Java 7 update recently released by Oracle in response to a spate of attacks. According to Polish firm Security Explorations, the update contains a bug that allows an attacker to bypass the JVM sandbox and exploit bugs the company had previously disclosed to Oracle in […]

The number of new ransomware samples jumped roughly 50 percent between the first and second quarters of 2012, according to a new report from McAfee. Ransomware restricts access to infected computer systems so that attackers can extort payments in exchange for restoring access. According to McAfee, the number of new ransomware threats increased to more […]

The Mahdi malware publicized in July has now spread its list of targets to organizations in the United States. According to Seculert, since June, Mahdi has been able to successful target more than 150 new victims around the world, including some tied to the U.S. and Germany. The latest round of victims brings the total […]

Another reputed member of the LulzSec hacking crew has been charged with attacking the computer network of Sony Pictures Entertainment last year. Raynaldo Rivera of Tempe, Ariz., was arrested Aug. 28 by FBI agents. On Aug. 22, Rivera was indicted by a federal grand jury in Los Angeles on charges of conspiracy and unauthorized impairment […]

Saudi Aramco, the national oil company of Saudi Arabia, has cleaned its workstations and resumed operations after a malware attack struck the company’s systems, according to company officials. On Aug. 15, the company was hit with a cyber-attack, and in response it disconnected its electronic systems from the Internet. Sunday, the company said the roughly […]

Police in the Philippines arrested 357 foreign nationals Thursday as part of an investigation into banking cyber-crime that mainly targeted victims in China. Most of those arrested were Taiwanese or from mainland China, according to authorities. Samuel D. Pagdilao Jr., chief of the Criminal Investigation and Detection Group (CIDG), said in a statement that police […]

Attackers are targeting a patched bug in Adobe Flash Player spread via malicious Microsoft Word documents. The attacks are focused on CVE-2012-1535, a remote code execution vulnerability that impacts Windows, Macs and Linux systems. Adobe Systems patched the flaw Aug. 14 in a regular security update. However, attackers are still on the lookout for unpatched […]

Evidence has surfaced linking the Shamoon malware attack to a group of hacktivists who claim that they are protesting oppression in the Arab world. Eugene Kaspersky, CEO of Kaspersky Lab, confirmed in a tweet Aug. 22 that the date and time hardcoded into Shamoon matched the date and time of an attack on Saudi Aramco, […]