Fahmida Y. Rashid

The iPhone Dev-Team released Pwnage Tool 4.2 on April 3, which would allow users to jailbreak their iPhones to version 4.3.1. Apple released 4.3.1 on March 27. While the firmware had been cracked that same day, the team didn’t make the Pwnage Tool available on the Dev-Team’s Web site immediately. The latest PwnageTool update is […]

A security researcher discovered a new cross-site-scripting vulnerability on Facebook, days after the social networking giant patched a different XSS flaw in its mobile API. At least one active scam is exploiting the new bug at this time. “Found another instance of that Facebook app XSS-and it’s a Facebook XSS issue. Do not click links […]

Free smartphone apps may be collecting more personal information than users realize and sharing them with third-party advertising firms, according to an analysis by a security firm. The report followed recent news articles that Pandora and other mobile app vendors had received federal grand jury subpoenas about their data sharing practices. Federal prosecutors in New […]

A flaw in a popular open-source DHCP client software have been found that would allow attackers to remotely execute code. While it may take some time before the bug is fixed in every Linux distribution, there are steps administrators can take to mitigate the effects. The dhclient software does not block commands that contain meta-characters, […]

The first post-Epsilon phishing emails have been spotted. In this case, cyber-crooks are targeting bank customers with a phony warning and a malicious link. An email purporting to be from Chase Bank that tells users that their account will be deleted unless prompt action is taken is currently making the rounds, the Better Business Bureau […]

A network engineer at Gucci America was indicted on charges of illegally accessing the company’s network and deleting documents shortly after he was fired. His IT rampage cost Gucci an estimated $200,000 in lost sales, diminished productivity, restoration and remediation expenses. Sam Chihlung Yin was charged on April 4 with 50 counts, including computer tampering, […]

As email-marketing company Epsilon continues to deal with the fallout related to the revelation that some of its clients’ customer data has been exposed to a third-party, it becomes clear that this incident affects all service providers as organizations renew their focus on data security. In addition, this latest data breach calls into question how […]

On the heels of recent reports noting the increase in attacks against mobile devices, Panda Security’s latest quarterly malware report found smartphone malware dominated the security landscape during the first quarter of 2011. There was virus activity in the first quarter of 2011 than there was in the last quarter of 2010, Panda Security’s anti-malware […]

Small and midsized businesses are more susceptible to online-banking fraud, compared with larger businesses and enterprises, according to a new security report from the Ponemon Institute. What’s worse is that many financial institutions are not doing enough to protect smaller businesses from cyber-crooks. Over half, or 56 percent, of the surveyed companies reported experiencing some […]

Hacktivist group Anonymous took a break from attacking banks, government sites and online services to focus on Sony in retaliation for the company’s legal action against PlayStation 3 hacker Geohot. Several Sony sites, including PlayStation.com and the PlayStation Store, were hit by distributed denial-of-service attacks as part of “OpSony” on April 4. The company handling […]