Rogue PHP pages that redirect users to work-at-home scams have been added to hundreds of websites hosted at DreamHost following a security breach suffered by the company in January, researchers from cloud security vendor Zscaler said.
The PHP Group <a href="http://www.php.net/archive/2012.php#id2012-02-02-1">released PHP 5.3.10</a> on Thursday in order to address a critical security flaw that can be exploited to execute arbitrary code on servers running an older version of the Web development platform.
Researchers from security vendor Symantec have identified a new premium-rate SMS Android Trojan horse that modifies its code every time it gets downloaded in order to bypass antivirus detection.
New variants of the Ice IX online banking Trojan program are tricking victims into exposing their telephone account numbers so that fraudsters can divert post-transaction verification phone calls made by banks to phone numbers under their control, researchers from security vendor Trusteer warned.
Romanian authorities have arrested a 20-year-old man from the city of Timisoara on Monday under accusations that he hacked into computer systems belonging to NASA and the U.S. Department of Defense.
Hackers are compromising WordPress 3.2.1 blogs in order to infect their visitors with the notorious TDSS rootkit, according to researchers from Web security firm Websense.
Network security monitoring startup MetaFlows launched a new Software-as-a-Service (SaaS) product that can be installed on low-cost hardware to monitor network traffic flow, detect possible intrusions and analyze event logs.
Facebook scammers have started redirecting victims through Amazon's cloud in order to bypass malicious URL filters, according to security researchers from antivirus vendor F-Secure.
Security researchers from antivirus vendor Trend Micro have come across a Web-based attack that exploits a known vulnerability in Windows Media Player.
Cloud security vendor Zscaler has launched a new free-to-use online service called <a href="http://zulu.zscaler.com">Zulu</a> that can assess the security risk associated with URLs by analyzing the content they point to, as well as the reputation of their corresponding domain names and IP addresses.
Security vendor Symantec has advised users of its pcAnywhere remote control software to disable it, because hackers with access to the product's source code could exploit security holes identified in the application.
IT professionals believe that assessing the potential harm caused by data breaches is more useful to mitigating the effects of such incidents than notifying affected individuals, according to a survey published on the day the European Union's proposed a 24-hour deadline for data breach disclosures.
Linux vendors are rushing to patch a privilege escalation vulnerability in the Linux kernel that can be exploited by local attackers to gain root access on the system.
German authorities are advising victims of DNSChanger Trojan programs to fix their computers' Domain Name System settings using a free tool developed by antivirus company Avira, because the servers resolving DNS queries on their behalf will be closed down on March 8.
Los Angeles-based Web hosting firm DreamHost reset the FTP and shell access passwords for all of its customers on Friday after detecting unauthorized activity within one of its databases.