Brian Prince

Researchers at Zscaler have released a tool to help detect the much-discussed Firesheep tool. With no small touch of irony, Zscaler has dubbed its tool “BlackSheep.” Like Firesheep, BlackSheep is a Firefox add-on. However, its mission is to graze WiFi networks for Firesheep, sniffing out session hijacking attempts by putting fake session ID information on […]

From insider attacks to patching, database security has its challenges-but even so, many database administrators are confident in their organization’s ability to address them. That is one of many takeaways from a sweeping survey performed by Unisphere Research and sponsored by Application Security. The report features data culled from a survey of 761 members of […]

More malware has been seen targeting a zero-day flaw in Internet Explorer that has already made its way into a popular crimeware toolkit. The bug, which was discovered by Symantec, was linked last week to a backdoor Trojan known as Pirpi. However, researchers at FireEye have noted a Trojan named Hupigon is being used by […]

A hacker reportedly exploited a SQL injection vulnerability on the Website of Britain’s Royal Navy, according to media reports. The incident took place Nov. 5, when a hacker known by the alias TinKode is believed to have attacked the site and stolen passwords and usernames. Right now, the site bears the message stating that: “Unfortunately […]

Online privacy was once again in the spotlight this past week when the European Commission announced it is looking to tighten data protection rules for the Web. According to the commission, the rules should require that businesses clearly inform customers how, why, by whom and for how long their data is collected and used. In […]

Attackers don’t just lay traps for users; they do it for researchers and rivals as well. A recent case in point is an exploit toolkit linked to a Zeus malware campaign that security pros at The Last Line of Defense report includes a fake administration console that records information about anyone who attempts to access […]

Adobe Systems is investigating a report of a new vulnerability in Adobe Reader. So far Adobe has not seen any attacks exploiting the vulnerability, though proof-of-concept code was posted publicly on the Full Disclosure mailing list earlier this week. The vulnerability can be exploited to trigger a denial of service. Arbitrary code execution could be […]

Mobile banking has been on the rise. In July, IDC reported mobile banking use doubled in between its annual surveys on the topic. But the growth in popularity may not be matched by a growth in security, something underscored by problems recently reported in mobile applications from a variety of high-profile companies, including Wells Fargo […]

Two men sought by the FBI on cyber-crime charges were picked up recently by authorities, ending a month-long manhunt, according to media reports. Dorin Codreanu and Lilian Adam, both originally from Moldova, appeared in court Nov. 4 in Madison, Wisc., after being arrested a day earlier, the Wisconsin State Journal reported. Both Adam and Codreanu […]

Spammers are putting a new twist on pump-and-dump scams, according to a new report by McAfee. Pump-and -dump scams artificially inflate stock prices with misleading information so they can be sold at a higher price. In the world of cyber-crime, this is done through spam campaigns promoting particular stocks. “An interesting twist in a new […]