Facebook hit by another phishing attack

May 16, 2009

Facebook has been hit by another attack by hackers believed to be stealing personal details for committing fraud.

Affected users were tricked into logging in to a fake site controlled by hackers who harvested the login details.

The attacks are similar to other phishing attempts on the site in recent weeks in which accounts were compromised and used to target account holders’ friends to lure then to the fake sites.

Continue reading ….

XSS flaws found in sites of multiple anti-virus firms

May 12, 2009

Security researchers have revealed that the websites of no less than six anti-virus firms are vulnerable to cross-site scripting flaws, of a type that might lend themselves to phishing attacks.

Some of the firms involved have admitted problems, while others say the issues raised have either already been fixed or are erroneous.

Read more ….

McAfee website visited by plague of security locusts

May 6, 2009

McAfee’s website has been has been hit by at least three nasty bugs that left its customers susceptible to phishing and other types of scams. At least one remained unfixed at time of writing, more than 24 hours after it was first disclosed.

The most serious vulnerability, ironically enough, affected McAfee Secure, a service that certifies the security of sites that conduct ecommerce and other sensitive transactions.

Continue reading the article ….