The Video shows a new system introduced by researchers of Japan Science and Technology (JST) that helps prevent password theft in online banking scenarios. The whole idea is about using several dummy cursors together with the real cursor so as to confuse the shoulder surfers or screen-grabbing malware with the real cursor movement. This will prevent password theft when users enter their credentials in Virtual keyboard.

Pwn2Own Hackers Contest results—Hackers $480K: Software 0

The recently concluded Pwn2Own Hacking Contest at CanSecWest Security Conference held in Vancouver saw many spine-tingling moments. Tech giants like Google had pumped in large amounts of money into Pwn2Own contest which was co-sponsored by the Zero Day Initiative (ZDI) bug bounty program of HP TippingPoint. The overall result as of now shows Hackers 1: Software 0! Every year, the event offers security researchers an ...

HTML5 web storage flaw crams users’ hard disks with Junk data

Feross Aboukhadijeh, a 22 year old Computer Science student from Stanford and a web developer, discovered a flaw in the HTML5 Web storage Standard in the Internet Explorer, Google Chrome and Apple Safari browsers.

Depending on the browser, the ‘localStorage’ of Web Storage API permits websites to store 2.5 to 10MB of data per origin on user computers. For example, Chrome has ...

For increased security of its free mail service, Gmail, Google introduced a 2-step verification system which when enabled, requires entering a secret code in addition to the password to gain authentic access to the Gmail account. This would mean guessing or cracking the password alone wouldn’t really help the hackers to gain access to Gmail accounts. This secret code is sent to users via SMS or phone call, or users ...

Cyber-war or just overhype?

The Congresscritters and journalists have been celebrating the episode of Chinese cyber espionage as Cyber war between the US and China, but the million dollar question is whether it is really so. As Constantine von Hoffman clearly mentions in his post, nobody actually knows what a cyber war is!

Strictly speaking, anyone should understand that the Chinese attacks clearly depict spying and not a cyber war. If you ...

Jim Clausing, AT&T Data Security Analyst talks about the latest zero-day exploit in Adobe Reader or Adobe Acrobat software. Jim explains in detail how the exploit works and what users can do to prevent an attack to their system.

The ongoing RSA Security Conference 2013 gave the world of network security something to cheer about, as the deadly Kelihos botnet was shut down in front of a live audience!

Kelihos is a peer-to-peer botnet that has inflicted the cyberspace with tons of pharmaceutical spam, large-scale Bitcoin wallet theft and big time credential data theft. Researchers from CrowdStrike had been gathering intelligence and developing code to thwart this malware. Their efforts culminated ...

The experiences of technology journalist Mat Honan and Cloudflare CEO Matthew Prince, both of them got hacked by a Long Beach teenage member of the UGNazi hacktivist group, do not make for good reading.

The duo, narrating their experiences in a session at the ongoing RSA Security Conference at San Francisco, confirms what many people already know. A determined hacker can breach into any online account, at will.

The hacktivist hijacked Mat Honan’s ...

After a lull, Anonymous, the hacktivist group is back in the news. This time, “Anonymous Intelligence Agency: Par:AnoIA,” a group affiliated with Anonymous has released 14GB of data apparently belonging to the Bank of America, Bloomberg, Thomson Reuters, TEKsystems, and other high-profile companies.
The hacktivists claim that the data dump was to expose the corporates, especially TEKsystems, monitoring public activity over the Internet.

However, this was by no means a hacking. They ...

The deadly Stuxnety malware which devastated Iran’s Natanz nuclear plant in 2010, has since been under the active scrutiny of security researchers, mainly owing to it mysterious origin and also because it was the first malware to target industrial control systems.

Security researchers from Symantec have now discovered that Stuxnet is not a new virus when it broke out in 2010. The virus dates back to 2005 and an earlier version ...