1,118 Topics
|
|
|
|
According to [URL="http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9070840&intsrc=hm_list"]reports[/URL] it would appear that Microsoft has confirmed the presence of a critical vulnerability which impacts upon users of MS Word for Windows 2000, XP and Server 2003 SP1. Shame it has taken many weeks for Microsoft to admit this, and only after a second security vendor recently … |
|
[URL="http://www.frsirt.com/english/advisories/2008/0928"]FrSIRT[/URL], the French Security Incident Response Team, has reported that multiple vulnerabilities have been identified in various IP-PBX software applications that can be exploited by attackers to bypass security restrictions and cause denial of service attacks or otherwise compromise vulnerable systems. The software is used by an ever increasing number … |
|
|
[URL="http://po-ru.com/about/"]Paul Battley[/URL] is a software developer from London who can probably lay claim to being the biggest thorn in the side of the BBC right now. No sooner had the mighty British Broadband Corporation [URL="http://news.bbc.co.uk/1/hi/technology/7293988.stm"]announced[/URL] that his hack which allowed people to download iPlayer TV streams meant for an iPhone … 
|
|
|
[URL="http://www.avertlabs.com/research/blog/index.php/2008/03/12/another-mass-attack-underway/"]Security researchers at McAfee[/URL] have uncovered one of the biggest attacks of its kind to date, with some 10,000 web pages which had been rigged to entrap unsuspecting visitors. Although the infected web pages look the same as they always did, under the hood the cyber-crooks had added some redirection … |
|
|
According to messaging security experts [URL="http://www.messagelabs.com/intelligence.aspx"]MessageLabs[/URL] there has been a 100 percent rise in the amount of spam from Gmail during February, along with a worrying 200 percent increase in targeted Trojan attacks. The February MessageLabs Intelligence Report, published today, paints a sorry picture as far as IT security is …
|
|
|
Bruce Schneier is a security legend, and posts like [URL="http://www.wired.com/politics/security/commentary/securitymatters/2008/03/securitymatters_0306"]this one[/URL] go a long way to proving just why. In this Wired commentary Schneier gives the best explanation I have seen as to why the ‘transparent society’ argument is a myth, why it is not better than privacy but rather … |
|
|
The Trend Micro [URL="http://blog.trendmicro.com/over-400-phish-kits-on-the-loose/"]TrendLabs Malware Blog[/URL] is reporting that the volume of totally free do it yourself phishing kits available in the wild on the web had moved past the 400 mark. Ironically, some are even used by phishers to phish other phishers… |
|
|
According to a [URL="http://www.yougov.com"]YouGov[/URL] survey published today by [URL="http://www.verisign.com"]VeriSign[/URL] the average UK consumer is worth £10,077 ($20,000) online in terms of banking, gaming and shopping accounts. The pan-European survey on consumer attitudes to online security concludes that UK Internet users are putting as much as £361 billion ($720 billion) at … |
|
|
A hearty slap on the back must go to authorities in South Korea who have [URL="http://www.sophos.com/news/2008/03/lee-shin-ja.html"]arrested and charged[/URL] the 41 year old ex-CEO of an antivirus software company with distributing fake security scareware. Lee Shin-ja was formerly CEO with security outfit Media Port, and stands accused of distributing the 'free' …
|
|
|
Unified threat management specialists Fortinet has [URL="http://www.fortiguardcenter.com/reports/roundup_feb_2008.html"]announced[/URL] the most reported high-risk threats during the course of the last month, and it makes interesting reading. According to Fortinet it proves that birds of a feather do flock together as the most definable malware trend was most definitely the fact that the … |
|
|
[URL="http://www.avertlabs.com"]McAfee Avert Labs[/URL] has warned that the number of spammers which use the 'out of office' functionality of web-based email systems to distribute junk mail is on the increase. The particular technique in question, which involves spammers setting up web-based email accounts which are configured to auto-respond with spam instead … |
|
|
The Cult of the Dead Cow, the infamous hacking collective, has released a Google hacking utility called Goolag Scan that brings the ability to search the information engine for web-based data that is normally hidden to anyone wannabe with a web browser and half a brain. It does this by … 
|
|
|
According to the Pakistan Telecommunications Authority (PTA) while the blocking of the YouTube website over the weekend in Pakistan was intended the worldwide outage that saw the popular video streaming service become unavailable to huge swathes of the planet was accidental. Anyway, PTA spokesman Khurram Mehran assures us it is … |
|
|
Last year I [URL="http://www.daniweb.com/blogs/entry1466.html"]exposed[/URL] a security breach involving the online collection of applications for visa documents allowing Indian citizens to visit the UK, an expose that ended up with the [URL="http://www.daniweb.com/blogs/entry1817.html"]UK government itself being found guilty[/URL] of breaking the Data Protection Act and which kick-started something of a sea change … |
|
|
It is not often that a drunken discussion provides anything more than a hangover the following morning, but recently a bunch of IT security experts got talking while the beer was flowing and someone asked the question: what is the biggest threat on the IT landscape today? Everything from 'the … |
|
|
Who could forget [URL="http://en.wikipedia.org/wiki/Jon_Lech_Johansen"]DVD Jon[/URL], the Linux guru who was co-author of DeCSS? This Linux application 'unlocked' DVDs with content otherwise protected by Content Scrambling System (CSS) encryption and landed DVD Jon in front of a judge. Which did not stop him from continuing his quest to free audiovisual content …
|
|
|
It has been estimated that something in the region of 70 percent of the ATMs in current use are based not on the proprietary hardware, software and communication protocol platforms of old but instead on PC/Intel hardware and commodity operating systems, the most popular being Windows XP embedded. In fact, …
|
|
|
IT security and control outfit [URL="http://www.sophos.com"]Sophos[/URL] has revealed the results of a poll that shows the number of people who believe that Apple Macs will be increasingly targeted by cybercriminals in the future has risen from 79 percent two years ago to 93 percent now. Sophos undertook the poll as … |
|
[B]Rumors and speculation about why five undersea cables to the Middle East have been severed — and what it means for IT security[/B]. Since [B]Jan. 30, 2008,[/B] there has been a troubling pattern of underwater anarchy. At first, it was reported that two, then three, then five undersea [URL="http://en.wikipedia.org/wiki/Fiber-optic"]fiber-optic[/URL] cables … |
|
|
Security researchers at [URL="http://www.sophos.com"]Sophos Labs[/URL] have revealed that nearly 70 percent of all Linux honeypot infections are caused by a single virus. Perhaps even more shocking, all things considered, is the fact that the virus in question, Linux/Rst-B, is actually six years old now. So concerned is Sophos at this … |
|
|
[URL="http://en.wikipedia.org/wiki/Nicodemo_Scarfo,_Jr."]Nicodemo Scarfo Jr[/URL], a well-connected member of the [B]New York[/B] and [B]Philadelphia[/B] organised crime families, knows all about keylogging. But rather than using the technique to steal or launder money, he was brought down by the [B]Magic Lantern[/B] [URL="http://en.wikipedia.org/wiki/Keylogger"]keylogger[/URL] that the FBI installed on his computer via a Trojan. It …
|
|
|
It has been a couple of months now since a Russian security researcher, Evgeny Legerov, confirmed that the widely deployed media software RealPlayer was vulnerable to a zero-day exploit. The Russian company, Gleg, is in the business of selling information on such exploits and security flaws. Unfortunately, according RealNetworks's Vice … 
|
|
|
In today's heightened threat environment, it is a constant battle for IT security departments to stay on top of all possible attacks and vulnerabilities they could encounter. With insider threats on the rise and the continuous danger posed by external hackers, coupled with the alarmingly quick development of stronger and … |
|
|
Oh the irony. Windows Vista Service Pack 1 is, quite rightly, being pushed hard on the merits of the numerous security improvements over the original release. However, despite the fact that Vista SP1 will not be made available to end users until March, because it has just been released to … |
|
|
Today sees the official formation of the Anti-Malware Testing Standards Organization ([URL="http://www.amtso.org"]AMTSO[/URL]) which has come about following an industry wide concern about the lack of any real-world standards that apply to anti-malware solutions when it comes to testing. Why is this important? Because unless the testing methodologies used to evaluate …
|
|
|
It has been a long time coming, but a virus writer has finally been arrested by the Japanese authorities. According to security specialists [URL="http://www.sophos.com"]Sophos[/URL] law enforcement agencies in Kyoto, Japan, have arrested three men who stand accused of plotting to infect users of a popular P2P file-sharing network with a …
|
|
|
A CIA analyst speaking at the SANS 2008 SCADA and Process Control Summit in New Orleans has admitted that hackers have not only been able to penetrate the power grids of several countries, but also successfully cut power to several cities, all from the relative safety of the Internet. Central …
|
|
|
The Fortinet [URL="http://www.fortiguardcenter.com"]threat response team[/URL] has reported a new and malicious Symbian OS based worm that is currently actively infecting mobile phone networks. According to Fortinet, the worm comes packaged in disguise as a multimedia file with a name such as sex.mp3 or love.rm and enables it to easily con … |
|
|
It doesn’t really matter where you live in the world, the chances are that your country has been hit by some high profile data loss scandal during the course of the last year or so. Everything from retail operations such as TJ Maxx losing the odd 40 million or so … |
|
|
A posting at [URL="http://seclists.org/dailydave/2008/q1/0000.html"]Daily Dave[/URL], which is part of the [URL="http://insecure.org/"]Insecure.org[/URL] security website, by the founder of a Moscow based security vendor called [URL="http://www.gleg.net"]Gleg[/URL], would suggest that it's not a very good start to the new year for RealPlayer 11 users. Gleg Ltd chief technology officer Evgeny Legerov made a … |
The End.