Robert Lemos

Microsoft expanded its bounty program on Nov. 4 to reward, not just researchers, but anyone who discovers a new technique for bypassing the security of the Windows operating system. The change means that the company will pay out $100,000, its top award, to individuals who discover a previously unreported method of evading Windows’ defenses, even […]

The technology research arm of the U.S. Department of Defense has launched a cyber-security grand challenge—a contest to take on a fundamental problem in cyber-security—tasking teams to create a system capable of automatically defending a network by generating security patches. Modeled after the grand challenges for the development of automated vehicles and cheap space flight, […]

The backlash against the surveillance and data-gathering activities of the National Security Agency gathered momentum the week of Oct. 25 with more calls for political action and new revelations about the extent to which the spy agency went to tap into Internet communications. On Oct. 30, the Washington Post published additional documents released by former […]

Using the compromised username and password of an administrator, attackers breached the network of database-as-a-service firm MongoHQ, accessing the data of a “limited number” of users, the firm said in a detailed description of the attack published on Oct. 29. MongoHQ, which provides managed access to instances of that unstructured database software MongoDB, discovered the […]

A malware campaign has infected at least 40,000 Web pages in the past two weeks with malicious code that could infect visitors’ computers with a program that poses as a media player, according to security firm Websense. The attack, known as GWLoad, compromises legitimate Websites to host malicious code to then be delivered to users. […]

Cyber-criminals likely based in Russia and the Ukraine have compromised computers at thousands of companies with a malware program known as Mevade, hijacking search traffic and conducting click fraud to turn the compromised systems into cash, security firm Websense stated in an analysis posted online on Oct. 23. The attack has hit companies in the […]

A simple Website vulnerability could have allowed anyone to use a browser to look at the mobile-phone messaging records of a Verizon Wireless subscriber just by knowing a target’s cell phone number. The Website flaw, which was discovered on Aug. 7 and fixed by mid-September, enabled anyone to exploit an export data function on the […]

Press-release distribution service PR Newswire acknowledged Oct. 16 that hackers had stolen the user names and passwords belonging to the accounts of several thousand corporate clients. The credentials were found on the same Internet server as the stolen source code for a number of Adobe products, linking the hacking group to that attack, as well. […]

While the vast majority of denial-of-service attacks continues to be the typical background “noise” of rival gamers, online criminals and Internet vandals causing problems for each other, the more serious, higher-bandwidth attacks have quadrupled, according to a quarterly report released Oct. 16 by Arbor Networks. Denial-of-service (DoS) attacks exceeding 20G bps, which will overwhelm almost […]

The reported arrests of the creator of the Blackhole exploit kit, only referred to as “Paunch,” and his partner in Russia will send a message to other cyber-criminals that they are not beyond the reach of law enforcement, but otherwise will have little real impact on the criminal underground, experts said this week. On Oct. […]