"Exploit code has hit the Internet for the critical flaws in Yahoo Messenger that could enable a remote hacker to take control of a user’s system. Yahoo Inc. was quick out of the gate and released a fix for the vulnerabilities last Friday, just two days after the flaws were publicly disclosed. The trouble is…

"Two universities suffered security breaches that compromised the security of sensitive personal information on students and faculty. Both the University of Iowa and the University of Virginia announced last Friday that they have been sending out notifications about the breaches. The University of Virginia said its investigation has shown that on 54 separate days between…

"A hacker broke into a computer server at the University of Colorado College of Arts and Sciences� Academic Advising Center, exposing the names and Social Security numbers of nearly 45,000 students, officials said Tuesday. University officials were sending letters notifying students enrolled at CU-Boulder from 2002 until the present that their information was compromised. Computer…

"A three-week wave of massive cyber-attacks on the small Baltic country of Estonia, the first known incidence of such an assault on a state, is causing alarm across the western alliance, with Nato urgently examining the offensive and its implications. While Russia and Estonia are embroiled in their worst dispute since the collapse of the…

"Highland Hospital is warning patients of a security breach. A hospital spokesperson said a computer containing patient information was stolen from a business office last month. Over 13,000 people are affected. Two laptops were stolen but only one of them had patient information on it. " Article Link: http://www.13wham.com/news/local/story.aspx…

"A Chinese-born engineer was convicted in federal court in California yesterday of being an unregistered Chinese agent who conspired to supply defense technology to Beijing. Chi Mak, 66, was found guilty of helping provide China unclassified but export-controlled information, including data on a submarine electronic system and a quiet electronic propulsion system planned for future…

"A wireless network that employed less protection than many people use on their home systems appears to be the weak link that led TJX Companies, the US-based retailing empire, to preside over the world’s biggest known theft of credit-card numbers. Despite a market capitalization of almost $13bn, it appears the company couldn’t afford to secure…

"A New York teenager broke into AOL networks and databases containing customer information and infected servers with a malicious program to transfer confidential data to his computer, AOL and the Manhattan District Attorney’s Office allege. In a complaint filed in Criminal Court of the City of New York, the DA’s office alleges that between December…

"A break-in targeting State Department computers worldwide last summer occurred after a department employee in Asia opened a mysterious e-mail that quietly allowed hackers inside the U.S. government’s network. In the first public account revealing details about the intrusion and the government’s hurried behind-the-scenes response, a senior State Department official described an elaborate ploy by…

"In the wake of the massive breach of retailer TJX Companies, more than three quarters of consumers say they intend to stop shopping at merchants that suffer data leaks, according to a study conducted by analyst firm Javelin Strategy and Research. The survey of consumers found that 63 percent viewed retailers and merchants as the…

"A while ago on the Spywareguide Blog, I covered a technique being used in Peer to Peer land involving URLs being embedded in Quicktime movies, which would then pop open a website. This has now been taken to the next level, with an intensive and seemingly never ending Phish attack, the sole aim of which…

"The FBI and Transportation Security Administration are investigating an IU doctoral student who created a Web site that generated fake Northwest Airlines boarding passes. Informatics graduate student Chris Soghoian reported Friday on his blog that the FBI showed up at his home in Bloomington and demanded he take down the Web site. That same day,…

"MySpace, appears to have been compromised by phishers who have presented a spoof login form on the main site" … "Because the fraudulent login page is hosted on MySpace's own servers and does not exhibit any signs of external content, such as cross-site scripting (XSS) or open redirects, it is convincing and even security-conscious users…

"The hacker at the centre of an extradition storm after he broke into the US Military and NASA computer systems has said the charges against him in the US have been manufactured to ease his extradition there. "For it to be extraditable under their computer laws in America you have to have caused $5,000 worth…

"An online banner advertisement that ran on MySpace.com and other sites over the past week used a Windows security flaw to infect more than a million users with spyware when people merely browsed the sites with unpatched versions of Windows," I actually wrote a paper 5 years ago describing this ability, long before the securityfocus…

"Internet security experts have discovered a new phishing scam that uses voice recordings to pilfer money from PayPal accounts. In the newest social engineering attack, identity thieves have spammed fake PayPal account compromise warnings to lure users into dialing a phone number and giving up credit card information. Unlike normal phishing e-mails, there is no…

"A government consultant, using computer programs easily found on the Internet, managed to crack the FBI's classified computer system and gain the passwords of 38,000 employees, including that of FBI Director Robert Mueller. The break-ins, which occurred four times in 2004, gave the consultant access to records in the Witness Protection program and details on…