Anonymous Hacks Syrian President’s Email. The Password: 12345

Mashable: Syrian President Bashar al-Assad has been under fire from world leaders to step down this week. He’s also under fire from hacktivist group Anonymous, who leaked hundreds of his office’s emails on Monday. While Anonymous is infamous for its hacking know-how, it doesn’t take a genius computer programmer to guess one of the passwords commonly used by Assad’s office accounts: 12345. The string of consecutive numbers is the second-weakest password according to a 2011 study. ...

February 8, 2012 · 3 min · 448 words · Omid Farhang

Attackers taking aim at retail and food chains

v3.co.uk: The uniform infrastructure and predictable behaviors are making corporate retail and restaurant chains the choice targets for cybercriminals. A report from security firm Trustwave found that attackers favor companies with chains of outlets, such as those commonly found in the food and retail industries, when launching targeted attacks. The attackers like the uniform IT infrastructure that large chains deploy at individual sites, Nicholas Percoco, head of the Trustwave’s SpiderLabs team, told V3. ...

February 7, 2012 · 2 min · 376 words · Omid Farhang

New worm targeting weak passwords on Remote Desktop connections (port 3389)

Microsoft Malware Protection Center: We’ve had reports of a new worm in the wild and that generates increased RDP traffic for our users on port 3389. Although the overall numbers of computers reporting detections are low in comparison to more established malware families, the traffic it generates is noticeable. The worm is detected as Worm:Win32/Morto.A and you can see a detailed description of at http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Worm%3aWin32%2fMorto.A. Morto attempts to compromise Remote Desktop connections in order to penetrate remote systems, by exploiting weak administrator passwords. Once a new system is compromised, it connects to a remote server in order to download additional information and update its components. It also terminates processes for locally running security applications in order to ensure its activity continues uninterrupted. Affected users should note that a reboot may be required in order to complete the cleaning process. ...

August 29, 2011 · 2 min · 327 words · Omid Farhang

Twitter finally released a "Stalkers" app? No, it's a phishing scam

Sophos Labs: Twitter users are being hit today by messages claiming to link to a new app from Twitter which will track your stalkers. However, the messages are really designed to steal your Twitter usernames and passwords. Here’s a typical message that users are seeing: Twitter finally released an app that tracks your “Stalkers” get it here [LINK] ...

August 14, 2011 · 2 min · 391 words · Omid Farhang

Facebook password changed? Malware attack poses as message from Facebook support

Sophos Labs: Repeat after me: It’s “Facebook”, not “FaceBook”. Learn that lesson and it can be one of the tricks you can use to protect yourself against a spammed-out malware campaign, which tries to trick you into believing that Facebook support has changed your password. Computer users are receiving emails claiming that the popular social network has automatically changed their password to secure their account. Here’s a typical message: ...

April 14, 2011 · 2 min · 309 words · Omid Farhang

WordPress.com suffers hacker attack – how to change your password

Sophos Labs: Millions of blog owners around the world are being advised to consider their password security, after WordPress.com was hacked. To its credit, Automattic – the company behind the WordPress.com blogging platform – didn’t mince its words or try to apply any spin to the incident, explaining it had suffered a “low-level (root) break-in to several of [its] servers, and potentially anything on those servers could have been revealed.” ...

April 14, 2011 · 2 min · 392 words · Omid Farhang

Data loss at Play.com

Play.com, one of the largest online retailers of DVDs, CDs, MP3s, books and gadgets, emailed its customers yesterday admitting to a security breach in its marketing communications. Names and emails may have been compromised. Play.com claims the breach happened outside its walls, so presumably they use a third party marketing consultancy to manage part or all of its marketing activities. ...

March 23, 2011 · 3 min · 475 words · Omid Farhang

Female hacker charged with stealing nude photos of Grady Sizemore

In 2009, naked photographs of American baseball star Grady Sizemore circulated on the internet after being stolen from the email account of his then girlfriend, Playboy Playmate Brittany Binger. A total of 15 photos were circulated – some showing Sizemore posing in his bathroom mirror wearing a suit, but others that showed him nude or only partially clothed. In one of the pictures, still easily available on the web, the Cleveland Indians’ star is using a coffee mug to protect his err.. modesty. ...

November 12, 2010 · 2 min · 372 words · Omid Farhang

Are You Smarter Than John?

How not to manage your passwords… John, and his unique approach to security is part of an F-Secure Internet Security 2011 campaign. You can find more at besmarterthanjohn.com.

October 21, 2010 · 1 min · 28 words · Omid Farhang

Facebook Introduces Disposable Passwords

Accessing Facebook from a public computer or Internet cafe can now be done more securely. Moving to enhance online security, Facebook on Tuesday said that it will soon offer users the ability to receive one-time passwords on their mobile phones and that it has already enabled the ability to sign out of Facebook remotely. “We’re launching one-time passwords to make it safer to use public computers in places like hotels, cafes or airports,” said Facebook product manager Jake Brill in a blog post. “If you have any concerns about security of the computer you’re using while accessing Facebook, we can text you a one-time password to use instead of your regular password.” ...

October 15, 2010 · 2 min · 353 words · Omid Farhang