Recent Posts

Juiced: DDoS Attacks 700 Percent Stronger, Iran Joins Top Source Countries

Denial of Service attacks are experiencing a surge in power and duration in the first months of 2013, with Iran joining China and The United States as a top source of the crippling online attacks. The power of distributed denial of service (or DDos) attacks – measured in packets per second – jumped 718 percent in the first three months of 2013, compared to the final three months of 2012, the security firm Prolexic reported on Wednesday. The average bandwidth used in DD0S attacks reached 32.4 million packets per second, overwhelming Internet service providers (ISPs), carriers and content delivery networks designed to mitigate the effects of sudden Internet traffic surges. The data comes from Prolexic’s DD0S Report for the first quarter of 2013. That firm, based in Hollywood, Florida, has become a go-to firm for companies that find their web sites on the receiving end of DDoS attacks. The average attack bandwidth totaled […]

The History Of Programming Languages – And Their Popularity

Our friends over at Veracode posted a great little infograph this week that explains the history of computer programming languages, starting with software development’s forefather foremother, the lovely Ada Lovelace, who is credited with developing the first programming language, an algorithm for a mechanical computer dubbed the Analytic Engine in 1883! The graphic describes the history of modern programming languages, including COBOL, FORTRAN and LISP in the 1950s and 60s, up to today’s dominant languages: Java, C and Objective-C. Check it out! Infographic by Veracode Application Security

Android

ACLU Complaint Shows Android Insecurity Getting Political

The American Civil Liberties Union has filed a complaint with the U.S. Federal Trade Commission on Wednesday calling on the Federal Government to take action to stem an epidemic of unpatched and insecure Android mobile devices – a public scourge that the ACLU blames on recalcitrant wireless carriers. The civil liberties group’s complaint for injunctive relief with the FTC, noting that “major wireless carriers have sold millions of Android smartphones to consumers” but that “the vast majority of these devices rarely receive software security updates.” Calling the unpatched phones “defective and unreasonably dangerous,” the ACLU says that carriers leave their customers vulnerable to malware and spear phishing attacks that can be used to record or transmit information on the device to” third parties. “A significant number of consumers are using smartphones running a version of the Android operating system with known, exploitable security vulnerabilities for which fixes have been published by Google, but have […]

Update: DARPA Cyber Chief Peiter “Mudge” Zatko Heads To Google

Editor’s Note: Updated with comment from Google on Zatko’s role. – PFR Noted hacker and innovator Peiter “Mudge” Zatko, a project manager for cyber security research at DARPA for the past three years- will be setting up shop in the Googleplex, according to a post on his Twitter feed. Zatko, who earned fame as a founding member of the early 1990s Boston-area hacker confab The L0pht and later as a division scientist at government contractor BBN Technologies, announced his departure from DARPA following a three-year stint as a Program Manager in DARPA’s Information Innovation Office on Friday. “Given what we all pulled off within the USG, let’s see if it can be done even better from outside. Goodbye DARPA, hello Google!” he Tweeted. Google did not immediately respond to a request for comment on Zatko’s hiring and Zatko declined to expound on his title and responsibilities within the search giant. However, he has acknowledged that […]

Black Hat SEO

Hacked WordPress Plug-in Put On Double, Secret Probation

A plug-in that was pulled from the official WordPress plug-in directory has been restored, but will be monitored closely, after the plug-in’s owner claimed a rogue contractor introduced malicious code into the popular web publishing add-on. Social Media Widget, a free plug-in for the WordPress blogging platform with more than a million downloads, was restored to the WordPress.org official plugin directory on Thursday, days after it was found injecting WordPress websites with spam links to web sites offering Pay Day Loans. In a post on a support forum for Social Media Widget, Samuel Wood, a WordPress administrator, said that WordPress.org was willing to give the owner and the plug-in, Brendan Sheehan, a second chance. “Naturally we do take a very hard line on spam, and obviously an author putting malicious code into a plugin is enough grounds for us to bring down the ban hammer,” Wood wrote on Friday. “But […]