IEEE Computer Society Newsfeed

Subscribe RSS

Cookiejacking is the Latest Trend in ID Theft

A new security vulnerability utilizes Internet Explorer cookies to gain a user’s personal information. According to Rosario Valotta, an Italian Internet security researcher, hackers can use the cookiejacking technique to steal online credentials and other information stored in cookies. Hackers must use social engineering for this technique to succeed. The hacker designs a game or website—which could include a sexually enticing component—that convinces a user to drag and drop objects, which launches the  malicious site’s cookiejacking capabilities . Microsoft says it is investigating this flaw but contends there is little risk of hackers exploiting the vulnerability. "Given the level of required user interaction, this issue is not one we consider high risk," Microsoft spokesperson Jerry Bryant told Microsoft Certified Professional Magazine Online. Jeremiah Grossman, founder and chief technical officer of vendor WhiteHat Security, told Computerworld that Microsoft shouldn’t be so dismissive.  (The Christian Science Monitor)(Computerworld)(Microsoft Certified Professional Magazine Online)

Fake URL Shortening Services Serve Up Spam

Symantec says an increase in spam this month can be attributed to spammers using URL shortening services to redirect users to fake URLs.  Spammers send e-mail containing shortened URLs created on a legitimate URL-shortening site. The links ultimately send users to a spam website. The extra layer or “stepping stone” created by the spammers is designed to evade filtering and make the links difficult to analyze. Symantec says using the URL-shortening technique  isn’t new. It hit a peak in May 2010 when as much as 20 percent of spam included the spam links and has since declined in popularity. (SlashDot)(Help-Net Security)(PC World)(Symantec)

Insider Data Theft Costs Bank of America US$10 Million

 Bank of America is recuperating from US$10 million in losses reportedly caused by insider data theft. The bank reportedly began notifying customers only recently, but isn’t disclosing information as the case is still under investigation. Apparently, a former employee provided customer information that was used in a check scam as well as for identity theft. The US Secret Service says roughly 95 people were involved. Among the information stolen: Social Security numbers, bank account numbers, driver’s license numbers, e-mail addresses, mother's maiden names, and PINs. The number of victims hasn’t been definitively determined, but The Los Angeles Times reports that there were "about 300" victims. The bank is providing two years’ worth of free credit reporting to affected customers. (Computerworld)(The Los Angeles Times)

Robots Retrieve Books in Futuristic Library

The University of Chicago’s new library employs robots to automatically retrieve books from underground storage. The US$81 million Joe and Rika Mansueto Library stores 3.5 million books in 35,000 sealed bins capable of storing 100 books each. Each bin is stacked within 50 foot tall racks in a massive 5-story chamber underneath the library. For comparison, the university’s main library holds 4.4 million books. When a publication is requested, an automated retrieval system, not that dissimilar to those used in industrial automotive applications, sets one of five robotic cranes in motion to find the book or magazine. The system delivers the bin to the circulation desk in minutes and can also return the book to the proper location. The library was developed on the premise that most academic research can be conducted online. The library is working with Google Books on digitizing rare materials in its collection. The Mansueto Library, which opened earlier this month, is scheduled to be formally dedicated 11 October 2011. (SlashDot)(The Singularity Hub)(University of Chicago)

Cray Announces Its First GPU-Based Hybrid Supercomputer

Cray has developed a hybrid supercomputer powered by both CPUs and GPUs.  The new XK6 system will reportedly combine Cray's Gemini interconnect with  AMD Opteron 6200 Series processors and NVIDIA Tesla 20-Series GPUs that will enable the system to achieve processing speeds of more than 50 petaflops. Cray says the Swiss National Supercomputing Centre, which supports scientists in a wide variety of fields, is its first customer. Cray says this new system is a step toward exascale computing. It says the hardware design wasn’t as difficult as was integrating its software stack to be used with the GPU coprocessors, but it is relying on its experience in vector-based computing to effectively code software able to perform well on the GPUs. The XK6 hybrid is scheduled to start shipping in the fall. (SlashDot)(The Register)(Cray)

Showing 1,996 - 2,000 of 4,575 results.
Items per Page 5
of 915