Brian Prince

Hacktivists in the Anonymous collective have taken credit for a series of attacks in the last 24 hours against United Kingdom government sites in protest of efforts to extradite WikiLeaks leader Julian Assange. Dubbed Operation Free Assange, the campaign of distributed denial-of-service attacks targeted a number of sites, including the sites for Britain’s Ministry of […]

The ability to spoof the reply-to information on Apple iOS SMS messages is a reminder that such messages should not be considered any more secure than email when it comes to authenticating senders, experts say. A scheme for spoofing the information was disclosed Aug. 17 on a blog dedicated to research on Apple iOS security. […]

AT&T said the company was hit with a distributed denial of service attack (DDoS) Aug. 15 that disrupted Internet service for some of its customers. The attack, which reportedly lasted several hours, affected domain name system servers belonging to the company. “Due to a distributed denial of service attack attempting to flood our Domain Name […]

The British government has refused to allow WikiLeaks head Julian Assange to leave the country for Ecuador despite the Ecuadorian government granting him asylum. Since June, Assange has been laying low at the Ecuadorian embassy in London, where he has been avoiding extradition on charges of sexual assault brought by two women in Sweden. British […]

A security vendor has disclosed vulnerabilities in a family of toolkits used for distributed denial-of-service attacks to help those looking for ways to “neutralize” attacks. Prolexic Technologies, which has a long history in battling DDoS attacks, revealed weaknesses in the command and control (C&C) architecture for the Dirt Jumper toolkit family. According to the company, […]

A strong internal audit can be the difference between catching a security failure and spending weeks and months doing a forensic investigation of a breach. With this in mind, professional services firm PricewaterhouseCoopers (PwC) released a whitepaper outlining how internal audits have become a key pillar of security strategies in the age of data breaches […]

Researchers at Trusteer recently uncovered a variant of the Citadel Trojan targeting the virtual private network (VPN) credentials used by employees at a major airport. The firm would not disclose the name of the airport because the situation is being investigated by law enforcement. However, the airport is an international hub that services more than […]

Oracle has issued a fix for a security weakness in its database product that was disclosed at the Black Hat security conference in July in Las Vegas. At the conference, Oracle database security guru David Litchfield of Accuvant Labs outlined CVE-2012-3132, a vulnerability in the Oracle database server. The issue was one of multiple attacks […]

Video game maker Blizzard Entertainment revealed Aug. 9 its security team had discovered an “unauthorized and illegal access” to its internal network Aug. 4. So far, there is no indication that financial information such as credit card numbers or customers’ real names were compromised. According to the company, the intruder was able to get access […]

Microsoft and Adobe Systems are planning to release security updates Aug. 14 to patch security holes in many of their enterprise applications. Adobe released few details about the updates. According to the company, the updates will be for Adobe Reader and Acrobat X (10.1.3) and earlier 10.x versions for Windows and Macs. Adobe Reader and […]