Java applets may fully compromise Notes users with just one click from cyber-criminals sending them through HTML e-mails, according to an IBM security advisory. The vulnerabilities affect 8.0.x, 8.5.x, and the new Notes 9 versions, but the company promises to soon fix the problems. “This would allow attackers to compromise users reading/previewing an email” through “arbitrary code executions,” IBM says. Ful...

An improperly implemented feature in popular voice-over-IP application Viber can help cyber-criminals to bypass the locking mechanism of smartphones. UPDATE: Viber has contacted us to announce an update that fixes the issue. Please make sure that you install the update from Google Play or from the company's product page. According to a report by BKAV, Android-based smartphones running Viber can be unlocked ...

A Facebook group that offered fraud ‘services’ was recently shut down after the social network found its members published credit card details, networks of hacked computers and other illegal information, according to The Guardian. The group identified by RSA security researchers included a list of stolen identities apparently obtained by a member. The fake profile, launched on 28 February, gathered 163 “lik...

Hackers may breach stoplights and gas pumps through vulnerable serial port systems, according to Rapid7. The security company warns thousands of systems are exposed to cyber-attacks because they connect to the Internet through insecure terminal servers. More than 114,000 serial port systems are vulnerable, most belonging to Digi International or Lantronix, according to the company. Most of the servers acces...

Computers with no antivirus are five times more likely to get infected with malware than those with protection, according to Microsoft. In the first quarter of 2012, the company found malicious e-mail attachments on almost 3 million computers and detected 7 million Keygens. The activation key generators that users install with “free” software, movies or games often come loaded with malware. Most users don’t...

A search engine developed in 2009 can be used to uncover back doors and low-security devices such as servers, routers, webcams and printers. The Sentient Hyper-Optimized Data Access Network, or Shodan, crawls the Internet to find devices that try to remain undiscovered. According to the developer, more than 500 million devices are searched every month. Hackers may take advantage of the search engine because...

A security researcher managed to “hijack” a flight deck system and change a plane’s course in a hacking skill demonstration, according to the BBC. Hugo Teso, an authorized pilot, gave the aviation computer systems new navigation instructions. He then gained total control of the simulated jet he had built using spare parts bought from eBay. “I expected them to have security issues but I did not expect them t...

Fraudsters hacked the database of Bitcoin service Instawallet, according to IDG News Service. The storing service acknowledged the security breach, but didn’t say how many bitcoins were stolen. The company also suspended the service indefinitely and plans to develop a new architecture. “Our database was fraudulently accessed, [and] due to the very nature of Instawallet it is impossible to reopen the service...

Some 14,000 mobile devices belonging to the US Military Academy and the US Army Corps of Engineers were found lacking proper security policies. The devices, used by Army personnel and civilians, were given access to sensitive and critical military networks and data. The IG report found that no management software was installed on any of the devices, and that no remote wipe function was added in case they we...

The DDoS attack that hit SpamHaus this week was huge, but not as global as first thought, according to Venture Beat. The Internet Traffic Report shows the response time has been “pretty steady for the past 30 days, with no discernible dip in the past week, and packet loss globally has remained steady at almost zero.” Venture Beat also looked at the InternetPulse, which revealed that the internet in the US w...