J.K.Rowling has now officially announced that the latest, and last, in the Harry Potter series of books will be called ‘Harry Potter and the Deathly Hallows’ putting an end to the frenzy of speculation on the subject over the last few months. While it has been genuine fans interested in all things associated with their hero who have been speculating so far, you can bet that now the title is official there will be a new breed of speculator on the scene: the domain squatters. With such a big franchise as Harry Potter, and searches on the final book and …

Member Avatar
Member Avatar
+0 forum 1

Gartner has estimated that phishing attacks cost the US something in the region of $2.8 billion last year, a problem that is growing fast as proved by the statistic showing the average individual loss per attack has risen from $256 in 2005 to a staggering $1244 in 2006. Banks are taking these kind of figures very seriously indeed, as you might imagine, and one of the security solutions attracting their interest is the so called ‘two-factor authentication’ device. This takes the form of the usual username and password style login, together with a second layer of user authentication. Some banks …

Member Avatar
Member Avatar
+0 forum 1

The [URL="http://www.finjan.com/SecurityLab.aspx?id=547"]Finjan Malicious Code Research Center[/URL] (MCRC) has set itself something of a Herculean task with a goal of staying not just one, but many steps ahead of those hackers who would exploit open platforms and technologies to develop spyware, Trojans, phishing attacks, worm and viruses. But, working alongside some of the world’s best known software vendors, MCRC aid in the patching of their security holes as well as helping with the development of next generation defense tools for Finjan’s proactive secure content management solutions. On top of all of that, it seems to also find time to distill the …

Member Avatar
Member Avatar
+0 forum 1

Sometimes you just cannot help it, you find yourself with time on your hands and you go snooping around in places that normal folk just do not venture. So it was with security researcher [URL="http://portal.spidynamics.com/blogs/msutton"]Michael Sutton[/URL] who spent an entire day plugging through the [URL="http://sb.google.com/safebrowsing/update?version=goog-black-url:1:1"]Google blacklist, [/URL] the [URL="http://sb.google.com/safebrowsing/update?version=goog-black-enchash:1:1"]Google encoded/hashed blacklist[/URL] and the [URL="http://sb.google.com/safebrowsing/update?version=goog-white-domain:1:1"]Google domain whitelist[/URL]. The blacklist, in case you did not know, contains a huge listing of URLs that Google suspects might be involved in phishing activity, and forms the basis of the Google Safe Browsing tool for Firefox, and the new Firefox anti-phishing filter for that matter. …

Member Avatar
+0 forum 0

Research published by the Office of Fair Trading (OFT) just before Christmas revealed that UK consumers are being conned to the tune of £3.5 billion every single year. The detailed analysis suggests that nearly half of the adult population of the UK has been targeted by a scam, and as many as one in fifteen, or 3.2 million people, fall victim to such fraud and lose an average of £850 each. Investment scams were most lucrative with an average pay-off of £5,660 per victim, followed by African 419 advance fee fraud on £5000, property investment scams at £4,240, holiday club …

Member Avatar
+0 forum 0

[URL="http://www.websense.com"]WebSense [/URL] security experts have published their predictions regarding the security threats that we will face in the new year, and perhaps unsurprisingly they revolve around the changing and dynamic nature of the Internet. “Organized criminals are realizing that the Internet has been a largely untapped resource in terms of generating real profit. With financial gain on the table, attack methods are improving, and the number of people involved is escalating,” said Dan Hubbard, vice president of security research, Websense. “Tools and exploits to steal personal, business and financial information are the hottest commodities for cyber-criminals. Next year in particular, …

Member Avatar
Member Avatar
+0 forum 1

Google has now introduced its "[URL="https://www.google.com/a/"]Google Apps for Your Domain[/URL]" service. Google Apps is a free collection of tools targeted at small businesses, including online web applications such as a GMail, Google Page Creator, customized start page, among others. This has already been around for a while, but now Google is offering these services customized to a domain of your choosing ending in .com, .org, .net, and .biz, and .info, for a mere $10 per year. Although domains bought through this service are targeted for use in Google Apps, it's also completely possible to use them to point to your …

Member Avatar
Member Avatar
+0 forum 2

According to my Finnish friends, [URL="http://www.f-secure.com"]F-Secure[/URL], Bagle looks like it might be back in business. Not that it has ever really gone away of course, as it is one of the most prevalent of worm families. F-Secure have noticed new activity during the last couple of days, which sees a number of old Bagle update URLs activated again. This time they are making a new executable available, which can be downloaded and executed by those machines already infected by previous variant. Of course, one thing never really changes and that is the payload, so expect to see spams containing infected …

Member Avatar
+0 forum 0

I hate it, you hate it, [B]everyone hates spam[/B]. Perhaps just as annoying as the fact that most of us have no interest in improving our sexual performance, enlarging our sexual organs or accepting a refinancing deal from a complete stranger, is the fact that we just do not know who the spineless dirt-bags are behind the spam. Until now, thanks to those wonderful chaps at [URL="http://www.spamhaus.org"]The Spamhaus Project[/URL] Spamhaus is an international non-profit organization founded in 1998, based in the UK, which provides real-time anti-spam protection for Internet networks via its spam-blocking databases, including the Spamhaus Block List (SBL) …

Member Avatar
Member Avatar
+0 forum 6

London taxi drivers have a reputation as being amongst the most opinionated and talkative in the world, and their grueling training and testing program ‘The Knowledge’ is equally well known. Now, it appears, the black cab driver has a new claim to fame: the place where more technology kit is lost than anywhere else on the planet. Of course, it is not just technology that gets left behind in the UK capital. The Pointsec Global Taxi Survey also revealed that one gallant chap left his drunken girlfriend behind as a tip, and items ranging from £100,000 worth of diamonds in …

Member Avatar
Member Avatar
+0 forum 2

When computer systems get "owned", you may think it takes a master-geek with an extensive amount of knowledge to hack into tightly-secured systems. After all, security bugs are quickly found out, and patches can be released within a few days. But when securing a computer system or network, especially the larger ones, many network administrators forget the most dangerous kind of hacking: social engineering. It may not sound like a threat, but it is. As [URL="http://www.darkreading.com/document.asp?doc_id=111503&WT.svl=column1_1"]Dark Reading[/URL] writes, a spy went into the bank to do some transactions, but while doing so, taking note of all the equipment in the …

Member Avatar
+0 forum 0

If you think of a virus as being something that replicates itself, spreading from computer to computer, until seemingly everyone has it installed, then maybe you could classify Google’s [URL="http://www gmail.com"]Gmail[/URL] service as being one. If you happened to be using Microsoft [URL="http://www.windowsonecare.com"]Windows Live OneCare[/URL] security over the weekend then it would have done the classification for you. Yep, OneCare users who visited their Gmail account were being warned that their computers had been infected with the BAT/BWG.A virus. How do I know this? Well although as a UK based user I should not be able to install OneCare courtesy …

Member Avatar
Member Avatar
+0 forum 1

Microsoft has issued an [URL="http://www.microsoft.com/technet/security/advisory/927709.mspx"]advisory [/URL]warning about a Visual Studio 2005 vulnerability in the WMI Object Broker ActiveX control, part of WmiScriptUtils.dll which could allow remote arbitrary code execution. The WMI Object Broker ActiveX control will circumvent the ActiveX security model, because it is marked as being ‘safe for scripting’ which should mean that it will not do anything that could damage the system or weaken security. Which should mean that it is safe from being controlled by a web page script calling its methods. Shoulda, woulda coulda. As [URL="http://www.kb.cert.org/vuls/id/854856"]US-CERT[/URL] explain “the WMI Object Broker ActiveX control includes a method …

Member Avatar
+0 forum 0

According to Symantec, 64% of small businesses have seen a surge in the volume of spam received during the previous six months. And it isn’t the only one: whether you talk to ISPs or security vendors, gateway mail filtering services or end users, the message is the same. Spam is on the up, and how. The most worrying thing is the how rather than the why, the latter being the good old Yankee Dollar as always. In the past it was bulk-emailers that caused the spam damage, plain and simple, but now the trend is towards a higher level of …

Member Avatar
+0 forum 0

You cannot fault the Japanese arm of Mc Donald’s for moving with the times and giving away Flash MP3 players as prizes in a competition to customers who bought large Coca-Cola drinks. But, to be honest, I would rather have had the usual tacky plastic movie tie-in toy because at least those guys do not come complete with spyware. Yep, one can only assume that Ronald McDonald has been promoted to head of IT security for the fast food giants, after all it is the only reasonable explanation of how the QQpass spyware Trojan was allowed to be distributed, unnoticed, …

Member Avatar
Member Avatar
+0 forum 3

According to a survey by the [URL="http://www.ponemon.org"]Ponemon Institute[/URL], sponsored by [URL="http://www.pgp.com"]PGP Corporation[/URL] and [URL="http://www.vontu.com"]Vontu Inc[/URL], the true cost of data breaches in 2006 was $182 per compromised record on average, that is a 31% increase over the 2005 figures. Furthermore, the results of the report, published today, reveal that the total cost of each data breach ranged from less than $1 million to more than $22 million. Cost of a Data Breach: The Financial Impact of Data Loss Incidents 2006 may not sound like ideal bedside reading material, but I would heartily recommend stuffing a copy under the pillow of …

Member Avatar
+0 forum 0

Well, not quite. However, Panasonic are claiming to have developed a tellurium suboxide palladium-doped phase-change recording film with a very high transmittance and crystallization rate. Or put another way, this Te-O-Pd process enables four 25Gb layers to be used without any loss of data quality and Panasonic reckons that will equate to a century of storage for your data on these Blu-ray discs. The original Panasonic paper reporting on the process even mentions a smaller 50Gb disc that will last for a claimed 500 years. If that was not good enough, they have iced this particular technology cake with a …

Member Avatar
Member Avatar
+0 forum 2

The 2006 Virus Bulletin Conference is currently taking place in Montreal, and some interesting trends are emerging from the various security vendors speaking at the event. Trends such as the way that the widely distributed attack using worms, viruses and Trojans are increasingly becoming a decreasing concern. At least once you move outside of the strictly consumer realm. For the corporate user it is the highly targeted, tightly focused, small scale Trojan attack that is causing the biggest headache. Note that what we are talking about here is concern, not risk. The widely distributed, multi-million spam delivered malware threat has …

Member Avatar
+0 forum 0

BT is an unlikely sounding pioneer in the global battle against spam, but that is exactly the role the UK telecoms giant is adopting as it claims to be implementing the world’s first fully-automated spam buster system to track down and tackle professional spammers but also botnet-infected customers on the BT broadband network. As always, you need to look behind the headlines to get at the real truth, and the pioneers here are really StreamShield Networks, the company whose Content Forensics product has been selected by BT to drive the spam detection system. This will scan millions of messages every …

Member Avatar
+0 forum 0

In just a few hours time, Sony Pictures will point to the future by releasing the new Adam Sandler movie, Click, in 50Gb Blu-ray format. To put that in a little context, it means that the one disc will feature the high-definition movie, plus uncompressed Pulse Code Modulation audio, and all the bonus materials in high def as well. Which in this case means audio commentary aplenty, numerous deleted scenes, short features and even a director’s cut. You will have to wait a few weeks for the much vaunted Blu-Wizard playlist feature though, which is a shame as this promises …

Member Avatar
Member Avatar
+0 forum 2

It’s bad enough, as an individual, to discover that the domain name you wanted has been snapped up by some corporate pirate looking to make a mighty profit by sitting on it and selling it on. It is even worse when these cyber-squatters snap up a domain you had been using but somehow managed to let lapse by not renewing the registration in time. However, the problem gets a whole lot more complicated when you are a corporate whose brand and business is being devalued by a typo-squatter. Type-squatting is, as the name suggests, the practice of using the misspelling …

Member Avatar
Member Avatar
+0 forum 2

Just days after telling delegates at the ToorCon hacking convention in San Diego that Firefox was critically flawed, and the online reporting hysteria that followed, one of the two coders who gave the damning presentation has now admitted that it was just a joke. Neither Mozilla, nor the reporters and bloggers now busy wiping the egg from their faces, are laughing. Mischa Spiegelmock and Andrew Wbeelsoi claimed that the way in which Firefox handles Javascript was so deeply flawed that key sections of the core code would need to be re-written, patches were not sufficient to save the browser from …

Member Avatar
Member Avatar
+0 forum 2

This morning [URL="http://www.sophos.com"]Sophos[/URL] published details of the most prevalent malware threats and hoaxes that have been causing problems for users of its IT security products across the globe during the month of September 2006. Interestingly, despite the sadly predictable news that the number of new threats discovered by Sophos had doubled compared to the previous month, there were no new entries in the chart, one re-entry, and the top five retained their exact positions from August. The good news is that the overall proportion of infected email has dropped to an all time low of just one in 300, or …

Member Avatar
Member Avatar
+0 forum 1

[URL="http://www.pgp.com"]PGP Corporation [/URL] will announce on Wednesday the availability of numerous application upgrades across its entire portfolio. I have persuaded them to let me break the embargo and bring the news to DaniWeb members a couple of days early. With global organizations increasingly facing highly publicized data breaches, regulatory pressures, and compliance concerns that negatively affect brands, there is more need than ever to deploy integrated, corporate-wide encryption solutions. Nevertheless, many of the available approaches present problems as serious as those they aim to solve: numerous applications to manage, the resulting content silos creating costly and unnecessary burdens on IT …

Member Avatar
+0 forum 0

Once upon a time, back in the late 1990s, Ajaz Ahmed was the founder of an ISP that literally changed the shape of the UK Internet. The reason as to why is hinted at in the name: Freeserve. Ahmed had the vision to understand that free access to the Internet could not only be a success, but a hugely profitable one. Freeserve has long since been history, originally acquired by French ISP Wanadoo for $3 billion (making Ahmed a very rich man in the process) and more recently rebranded as part of the Orange empire. But Ahmed has not lost …

Member Avatar
Member Avatar
+0 forum 8

[URL="http://www.privacyinternational.org"]Privacy International[/URL] a human rights watchdog, has announced it is to run the second Stupid Security Awards in order to reward the numbnuts responsible for some of the most ridiculous security measures on the planet. If it is annoying, pointless, intrusive, illusory, self-serving and above all else just plain stupid, then it could be a winner. The five categories are: [LIST] [*]Most Egregiously Stupid Award [*]Most Inexplicably Stupid Award [*]Most Annoyingly Stupid Award [*]Most Flagrantly Intrusive Award [*]Most Stupidly Counter Productive Award [/LIST] Want some inspiration? Privacy International are only too pleased to help. How about an airport that just …

Member Avatar
+0 forum 0

The End.