Tag Archives: infosec

Windows Password Clues Easy To Crack

User-provided password retrieval hints in Windows 7 and 8 operating systems are vulnerable to being retrieved and decoded by attackers.

That finding was made by two security researchers who’ve been studying ways to increase the reliability of tools designed to extract Windows registry information.

via Windows Password Clues Easy To Crack – Security – End user/client security – Informationweek.

Microsoft warns of critical Oracle code bugs in Exchange

Microsoft last week warned IT administrators that critical vulnerabilities in code licensed from Oracle could give attackers access to Exchange Server 2007 and Exchange Server 2010 systems.

Oracle patched the vulnerabilities in its “Oracle Outside In” code libraries as part of a massive update on July 17 that fixed nearly 90 flaws in its database software.

via Microsoft warns of critical Oracle code bugs in Exchange.

Banking Trojan Harvests Newspaper Readers’ Credentials

Beware financial malware that’s trying to harvest usernames and passwords from a major newspaper’s website.

That unusual warning comes by way of security firm ESET, which said it’s observed financial malware known variously as Gataka and Tatanga being used in four recent attack campaigns.

via Banking Trojan Harvests Newspaper Readers’ Credentials – Security – Vulnerabilities and threats – Informationweek.

Feds Bust Hacker For Selling Government Supercomputer Access – Security – Attacks/breaches – Informationweek

In April 16, 2011, meanwhile, the indictment said that Miller chatted with the undercover agent and said hed accessed two nersc.gov supercomputers owned by the National Energy Research Scientific Computer Center NERSC, which provides computer resources for the U.S. Department of Energy. In July 2011, authorities said that for $50,000, he offered to sell the undercover agent “login credentials to a series of computer networks that would enable remote access to the domain nersc.gov.”

via Feds Bust Hacker For Selling Government Supercomputer Access – Security – Attacks/breaches – Informationweek.