News

We have two additional hacks to report this morning. The first was a little shocking as it has been learned that nVidia’s Developer Zone form was under attack. Although details of this attack are small it does appear that nVidia recognized that there was an attack on the forum and shut it down to prevent additional attack. However nVidia warns that the hashed passwords for the forum may have been accessed. Right now the forum is still down with only a canned message in its place warning users about the attack and advising them to change their passwords especially any passwords that might be identical across multiple sites.

We have said this once and we will say it again; 2012 will be remembered as the year of the breach. This year alone we have seen a significant number of services penetrated with relative ease and user account information pulled out at an alarming rate. So far this year we have watched as Linkedin, eHarmony, Last.fm, Formspring, League of Legends and more have been compromised and literally Millions of user account details have been posted to the Internet. It is a very disturbing trend considering the rather big push to the cloud for so many critical services (like hosting our personal records).

So Microsoft finally pushed out a patch that kills of the sidebar and its “offending” gadgets. The news is everywhere as if this is a new story or that the ability of a third party developer to include malicious code is something new as well. The problem is that this is nothing new at all. Microsoft has always had warnings about the dangers of downloading sidebar gadgets since they first appeared in Windows Vista. However, it was always at the user’s own risk if they chose to download and install these and the XML exploit that they talk about is generally mitigated with any type of decent security (like MS Security Essentials).

There is trouble in the Google Play Store as someone (Symantec) has discovered a Trojan downloader application that appears to be rather prevalent in the form applications masquerading as different applications (two of the most downloaded were Mario Brothers and GTA 3 Moscow City). The new malware appears to be concentrating on the Eastern European area right now as it utilizes premium SMS services that are tied to specific regions using certain numbers.