[security] Forum Topics

Kaspersky Lab has successfully [URL="http://www.itpro.co.uk/blogs/daveyw/2009/02/23/kaspersky-patents-malware-removal/"]patented yet another bit[/URL] of security technology. This time it is a new heuristic analysis technology which allows security ratings to be assigned to software based entirely upon behaviour patterns during emulation. Is this something to get excited about? Well, yes, if you look beyond the …

With the Windows 7 release code out there and [URL="http://www.daniweb.com/blogs/entry4283.html"]available for download[/URL] right now, and [URL="http://www.daniweb.com/blogs/entry4317.html"]free to use until 2010[/URL] for good measure, the last thing Microsoft will want to hear is bad news about potential security risks for users of the new flagship OS. But that's exactly what researchers …

The bad guys of the IT business are always looking for the most effective ways to infect the innocent Internet user, and increasingly that means turning to commonly used web browser plug-ins such as Flash or PDF readers. A couple of years ago we were [URL="http://www.daniweb.com/blogs/entry1537.html"]reporting critical vulnerabilities[/URL] for all …

Last week, former UK Prime Minister and current Quartet Envoy to the Middle East on behalf of the EU, UN, US and Russia, [URL="http://www.tonyblairoffice.org/"]Tony Blair[/URL] was hacked. Well, the [URL="http://www.facebook.com/pages/The-Tony-Blair-Faith-Foundation/53370916629"]Tony Blair Faith Foundation on Facebook[/URL] was hacked according to reports at any rate. It seems that the site was flooded …

On the day that the annual [URL="http://www.vnunet.com/vnunet/news/2241289/european-commission-criticises"]Infosec[/URL] show starts in the UK we have a call for a Euro cyber security tsar. I was surprised at this. In many ways it's the perpetuation of all that I feel is bad about security management. A handful of readers might have heard …

I had a call this morning asking me to go on the radio tomorrow morning. It was from BBC London and I'll be on at 7.20am UK time, thanks for asking - discussing this story about the [URL="http://news.bbc.co.uk/1/hi/england/london/8019948.stm"]terrorist Cyberthreat to the 2012 Olympics[/URL]. The man suggesting there is such a …

Would you steal sensitive data from your employer if the price was right? According to a new survey conducted in the financial heart of London by [URL="http://www.infosec.co.uk"]Infosecurity Europe[/URL] reveals that 37 percent of those asked would do just that. While 63 percent remain honest, the cost of corrupting the remainder …

According to [URL="http://www.guardian.co.uk/world/2009/apr/21/hackers-us-fighter-jet-strike"]reports[/URL], the Pentagon has been subject to a successful hacking attack with details of the F35 Lightning II, also known as the Joint Strike Fighter and the most expensive jet fighter ever, the target. Apparently, design data including that of the $300 billion jet project electronics system, have …

A [URL="http://www.microsoft.com/downloads/details.aspx?FamilyID=aa6e0660-dc24-4930-affd-e33572ccb91f&displaylang=en"]Microsoft security report[/URL] has 'revealed' that some 97 percent of the emails travelling across the Internet are actually unwanted spam. Well duh, like I didn't realise it was such a big problem. Actually, I didn't, to be fair. Mainly because just about every other security report I have read …

It has not exactly been the best of weekends for [URL="http://www.itpro.co.uk/blogs/daveyw/2009/04/03/google-to-buy-twitter/"]Twitter[/URL], and for those whose tweeting has been hijacked by not one but two worms it could easily be considered the worst of times. It all started when people noticed that a lot of their followers seemed to be recommending …

Paul McCartney and Ringo Starr got together for a rare live performance, and according to [URL="http://www.scmagazineus.com/Paul-McCartneys-website-hacked-to-distribute-malware/article/130330/"]reports[/URL] it would seem the bad guys thought that a spot of media friendly Beatle-mania presented [URL="http://www.daniweb.com/blogs/entry3824.html"]the ideal time to target[/URL] McCartney's website. Security specialists ScanSafe told me that its 24/7 Web security scanners first …

As the Chief Security Officer at telco giant AT&T, Edward Amoroso knows a thing or two about cybercrime. Which is why he has been giving testimony before the United States Senate Committee on Commerce, Science, and Transportation specifically assessing how vulnerable the US is on the cybersecurity front and proposing …

Well that didn't take long. No sooner had Microsoft officially launched [URL="http://www.daniweb.com/blogs/entry2606.html"]Internet Explorer 8[/URL] to the waiting masses and talked up how new security features will ensure hackers will find it more difficult to exploit the new browser that guess what? Yep, a hacker exploits the new browser. During his …

Adobe has yet to patch a critical zero-day vulnerability in Acrobat and Reader applications which is in the wild and being exploited by malicious types using malformed PDF files. Now, more than two weeks after the exploit was reported by The Shadowserver Foundation and before Adobe can get the patch …

According to [URL="http://www.msnbc.msn.com/id/29447088/"]reports,[/URL] the security relating to the official Presidential helicopter, Marine One, has been breached. It would appear that engineering and comms data, amounting to a complete avionics package including blueprints, about Obama's helicopter turned up on the computer of defence contractor who also had a P2P file sharing …

Is it good news from Sun Microsystems, if you are in the market for a generic communication protocol between a key manager and an encrypting device? Sun has announced what it claims to be the [URL="http://opensolaris.org/os/project/kmsagenttoolkit/"]release[/URL] of the first such protocol into an open source community as part of the …

It's that time of year when the Mobile World Congress hits Barcelona, and McAfee has taken advantage of the fact to announce findings from new research that shows mobile device manufacturers are now spending more time and money than ever on recovering from security incidents as well as experiencing more …

It seems that Microsoft thinks security threats are going to multiply as the recession continues to bite. It says [URL="http://news.bbc.co.uk/1/hi/technology/7875904.stm"]here[/URL] that disgruntled and redundant employees will resort to foul means to take contacts to the next job. This sounds kind of familiar to me. Far be it from me to …

Today is [URL="http://www.saferinternet.org"]Safer Internet Day[/URL] 2009, apparently. Every year since 2004, one day in February has been designated as Safer Internet Day in order to promote a safer and more responsible use of online technology and mobile phones. It is aimed primarily at children and young people across the world. …

Some school kids in Louisiana got a surprise last Monday when sitting at their computers: the floating head of Barack Obama on-screen. They were amongst the first to be infected with the Obama-head worm which spreads via USB memory sticks courtesy of the Windows Autorun feature which is causing widespread …

President Barack Obama will be able to continue to use a personal digital assistant like the Blackberry he used during the campaign, which naturally required security improvements. But more important, the new administration has agreed that any messages he sends through the device will be subject to the Presidential Records …

McAfee has today announced that it has launched a Cybersecurity Expert Council which features security experts from some of the largest companies in the world, including the likes of BAE Systems, Dell and even NASA. Apparently the idea is for the CEC to provide what McAfee refers to as "real-world …

According to the [URL="http://www.dcexaminer.com/local/012909-Ex-Fannie_Mae_worker_charged_with_planting_computer_virus.html"]DC Examiner[/URL] a former contract worker with Fannie Mae has been indicted, and bailed, on charges of computer intrusion. It is alleged that Rajendrasinh Makwana dropped a virus into Fannie Mae software which had the potential to cause millions of dollars worth of damage if it had …

The Mayor of London, the totally eccentric Boris Johnson, has written a column in a national newspaper in which he champions fellow loon [URL="http://www.daniweb.com/blogs/entry2863.html"]Gary McKinnon[/URL], the [URL="http://www.itwire.com/content/view/20017/53/"]NASA UFO hacker[/URL]. Currently busy fighting extradition to the USA on the grounds that, essentially, to do so would not be fair to someone …

I'm not talking about openssl, PHP, or even the Linux kernel but all the above plus every other program or bit of code on a Linux system. It's vulnerable. It's hackable. It can be changed at will by anyone because the source is open and freely available (the definition of …

Apple users opting not to grab a free 30 day demo version iWork 09, or even cough up the bucks for a full retail version, have found themselves getting more than they bargained for. It appears that something in the region of 20,000 people have downloaded a pirated version of …

Heartland Payment Systems, one of the biggest card payment processors in the US, has been the victim of what could well be the biggest security breach of its kind. Malicious software installed onto the Heartland network could have compromised as many as 100 million transactions according to numerous emerging reports. …

How many passwords do you have to remember? The common answer is either too many and I sometimes forget them, or alternatively just the one as I use it for everything. Both options are bad in terms of security. Which is where password management systems come in, and these can …

Security experts [URL="http://www.mcafee.com"]McAfee[/URL] confirm what we already know: when the [URL="http://www.daniweb.com/blogs/entry3023.html"]economy starts to hurt[/URL], the purveyors of malware jump in to increase the pain. With the revelation of it's 2009 threat predictions, McAfee looks ahead to a dismal year of continuing cyberthreats. Like I say, with no hint of surprise …

The Bush administration was [URL="http://www.gwu.edu/~nsarchiv/news/20090114/order_20090114.pdf"]ordered this week[/URL] to take a number of steps intended to help preserve email messages sent between 2003 and 2005 that had been thought to have been deleted -- but the way the court order was phrased offers a number of loopholes to avoid the intent …