It wasn’t too long ago I was in the Eastern Block of Europe. As you would expect, I had my run in with hackers, excessive vodka drinking, and the mob. But nothing quite says "Russia," like hackers. You want free software? They got it. So it comes to us to no surprise that a Russian university student hacked Google Chrome with bypassing the sandbox.
Now before you get alarmed and up your antivirus and firewalls, Google okayed this hack; more so, it was a competition put on by Google. The hack was the handy work of Sergey Glazunov, who is a regular contributor to Google’s security research department. Glazunov scored a payoff of $60,000 in Google’s new Pwnium hacker contest which began to run this year as an alternative to Pwn2Own.
According to Justin Schuh, a member of the Chrome security team, Glazunov’s by-pass was Chrome specific, which allowed him to bypass the sandbox entirely. Furthermore he added that Glazunov’s work was “very impressive” and would allow the hacker to do anything on the machine. However, bypassing the sandbox is not a trivial matter; that is why Google paid out $60,000 for the hack. A fix has already been released.
Read More | ZDNet
The hacktivist group ‘Anonymous’ launched its biggest cyber-attack ever last Thursday on a bunch of governmane and corporate Web sites after the FBI shut down the ever-popular file sharing destination Megaupload. The sites attacked include The Department of Justice, Universal Music Group, and the Recording Industry Association of America. Later, CBS and Universal were targeted and taken down. Just this morning, Anonymous attacked the UFC site. These attacks started the day after the SOPA and PIPA blackouts which, according to some, could not have come at a worse time.
Anonymous is taking responsibility for the attacks, however no individual persons have come out and claimed that they took part in the operation, which is to be expected. As of right now, the government sites that were attacked are now back up and functioning.
A study by InsightExpress uncovered that 73% of mobile device owners are in the dark about protecting their device and data from Bluetooth hackers. If you fall into this bracket, listen up. There are three ways your gadget can be hacked: with Bluejacking, you’ll start receiving unwanted spam text messages, which can send your monthly bill (and mental state) skyward. The next level is Bluesnarfing, in which a hacker gains access to your data – and copies it for themselves. Most disturbing is Bluebugging, where a hacker can completely control your phone and make calls, obtain data, send texts and even eavesdrop on your calls. Prevention methods are amazingly simple, according to Ooi Szu-Khiam, a Symantec senior security consultant:
1) Turn off any Bluetooth features you’re not using.
2) Try to keep your device’s Bluetooth ID visibility setting at “hidden” so hackers can’t scan and find it.
3) Use passwords with a lot of digits, say 10. The more digits, the longer it takes to crack, if at all.
Read More | ZD Net
With telecommuting growing by leaps and bounds and free WiFi access becoming more and more prevalent, protecting vital information on your laptop is of the utmost importance. Help has arrived in the form of Yoggie, a palm-sized device that houses 13 security products. Once plugged into the USB port, Yoggie offers such safety measures as anti-spam, anti-phishing, anti-spyware, anti-virus, a firewall, intrusion detection/prevention, and much more. Yoggie will put you back $199 USD, but we feel that beats the trials and tribulations of having your identity stolen by a 12-year-old hacker.
Read More | Yoggie