Networking Forum

According to the VeriSign [URL="http://www.verisign.com/domainbrief"]Domain Report[/URL] for the second quarter of 2008 which has just been published, there were some 168 million domain name registrations across the Top Level Domain Names at the midpoint of the year. That represents a 22 percent increase over the same period last year, and …

Are you participating in Hack Week? That's Novell's open invitation to the world for suggestions on how to improve its openSuse Linux distro running through this Friday, Aug. 29. And you might just even win a prize. Calls for porting [URL=http://www.gnome.org/projects/tomboy/]Tomboy[/URL] to Windows (and maybe even Mac OS X), adding …

A few days ago, Red Hat, Inc., [URL="https://www.redhat.com/archives/fedora-announce-list/2008-August/msg00012.html"]announced[/URL] that an intruder had broken into some of their systems and possibly compromised some important software packages. The most significant among them is OpenSSH--a secure method of connecting to a remote Linux system. Red Hat quickly took the systems offline to investigate …

One has to wonder what's going on in the world between [URL="http://www.microsoft.com"]Microsoft[/URL] and [URL="http://www.novell.com"]Novell[/URL]. They signed a deal in 2006 worth over $300 million so that Novell could provide licensing certificates and support to Microsoft for its SuSE Linux distribution. Novell, in turn, has to pay Microsoft $40 million over …

There were quite a few interesting stories to come out of the recent [URL="https://www.blackhat.com/"]Black Hat[/URL] security conference in Las Vegas. If all you remember hearing about were the [URL="http://www.periscopeit.co.uk/news/article/web-monitoring-gets-hack-hackers-into-trouble/255"]ejected reporters[/URL] and [URL="http://www.cio.com.au/index.php/id;424905265"]DNS cache poisoning[/URL], then you missed a lot. Network and infrastructure security, the conference's focus, is a vitally important …

Linus Torvalds, creator of the Linux kernel, posted a [URL="http://article.gmane.org/gmane.linux.kernel/706950"]nasty smackdown [/URL]on security nerds and their obsession with security in the gmane.linux.kernel newsgroup. Linus is referring to security professionals who feel that security should be the only focus for bug fixes and patches. His argument is that all bugs are …

According to VeriSign, more than half of the Internet using people on the planet can get protection from an EV SSL-enabled web browser. Protection, that is, from data and identity theft. According to Net Applications, as revealed in their latest Web browser market share report, a total of 52.8 percent …

Well, at least as far as getting reasonably unrestricted access to the Internet is concerned it does. It had been [URL="http://www.itwire.com/content/view/19764/53/"]widely reported[/URL] that the Chinese authorities had backtracked on their promises to the IOC that reporters would get free and unrestricted access to the Internet during the games. This, no …

I guess you could call it karma. HD Moore's company, BreakingPoint, found that traffic was being diverted to a scammer Google page. This kind of cache poisoning attack on DNS servers is not unusual, however this particular case was because HD Moore is the man who created the Metasploit hacking …

While the full story behind [URL="http://www.daniweb.com/blogs/entry2842.html"]San Francisco city government computer engineer Terry Childs[/URL] hasn't yet come out, one thing is certain: the mainstream media is ignorant about technology. Moreover, either the city government and prosecutors are deliberately painting things in as negative a light as possible in order to force …

According to the [URL="http://www.guardian.co.uk/world/2008/jul/27/internationalcrime.hacking?gusrc=rss&feed=technologyfull"]Observer newspaper this morning[/URL] Gary McKinnon, the British hacker accused of what US prosecutors refer to the biggest military computer hack of all time, has claimed he was threatened with a military tribunal at Guantanamo Bay. His lawyers are using this as part of their defence against …

Claiming he was protecting San Francisco city government's computer system from incompetent coworkers, computer engineer [URL="http://www.sfgate.com/cgi-bin/article.cgi?f=/c/a/2008/07/22/BAGF11T91U.DTL"]Terry Childs[/URL] changed the system's passwords and then for more than a week refused to give them to anyone, even after being arrested. Childs was under four felony counts for blocking administrative access to the …

That, my friends, is the message being touted by the latest Security Threat report to emerge from [URL="http://www.sophos.com"]Sophos[/URL] which says that one web page was infected every five seconds (count them) during the first half of 2008. Last year it was only, and I feel bad enough saying only, one …

Halvar Flake is a researcher. Here's how he describes himself on [URL=http://www.blogger.com/profile/12486016980670992738]his blog[/URL]: "I like simple things. And complex things. And drinking beer with people like Fyodor Yarochkin. I like South America. And some parts of Asia, specifically Kuala Lumpur. I like French. I like Spanish. I'd like to like …

It might come as a surprise to some that there is an underground economy online which revolves around the sale of malware. However, with botnets for hire by the hour and rootkits to purchase outright such off-the-shelf security nightmares have been the norm for a number of years now. What …

According to IM services provider [URL="http://www.process-one.net"]ProcessOne[/URL] a staggering 72 percent of UK businesses have banned the use of IM software such as MSN and AIM citing security fears as the main reason. At the same time, some 75 percent of those businesses admit that IM could be a valuable collaboration …

Security researchers within the Marshal TRACE Team have [URL="http://www.marshal.com/trace/traceitem.asp?article=714"]warned[/URL] that malicious spammers are using fake United Parcel Service invoices in order to deliver a malware payload. Always looking for a new and convincing hook to snare the unsuspecting user into downloading malicious components from the web, this new attack utilises …

The Advanced Research Team of security tools vendor Ounce Labs has identified two vulnerabilities in the Spring framework for Java. The vulnerabilities have the potential, the team says, to allow an attacker to “subvert the expected application logic and behavior,” and gain control of an application and access any personal …

San Francisco is implementing a wireless network using transceivers on the ground that theoretically will help drivers find parking spaces in the congested city. The technology, called Streetline from the [URL="http://www.streetlinenetworks.com/site/index.php"]company of the same name[/URL], uses wireless transceivers glued on the street in front of each parking space, which form …

[URL="http://www.theinquirer.net/gb/inquirer/news/2008/07/04/hundreds-thousands-laptops-left"]According to The Inquirer[/URL] a new report by the Ponemon Institute, rather appropriately sponsored by Dell, has revealed that an astonishing number of laptops are lost at airports across the United States on a weekly basis. Asking questions of 800 business travellers at some 106 major airports in the US, …

Heads up users of Yahoo Mail. A cross-site scripting vulnerability has been discovered that could allow hackers to steal a user’s session IDs and ultimately private information, according to [URL=http://blog.cenzic.com/public/item/207752]a report[/URL] yesterday from security risk assessment firm Cenzic. In an excerpt from the Cenzic blog post, the company reports: “If …

Remember the big fuss that spread all over the world when HM Revenue and Customs, the UK government department that deals with income tax and the like, managed to lose discs containing the financial details of 25 million people? amazingly, the official Independent Police Complaints Commission enquiry into the shameful …

It's that time of year in the UK once more - the Wimbledon grand slam tennis tournament is upon us. Here in the UK we believe this is the most important tennis tournament in the world. When you talk to a French person they'll tell you the same thing about …

Sandro Gauci, founder of [URL="http://enablesecurity.com"]EnableSecurity[/URL], has revealed that six years on from his 2002 report into extended HTML form attacks the problem has simply refused to go away. The original report included details of how attackers could abuse non-HTTP protocols in order to launch Cross Site Scripting attacks, even in …

Amazingly, according to [URL="http://www.theinquirer.net/gb/inquirer/news/2008/06/20/teen-faces-years-hacking"]The Inquirer[/URL], an Orange County hacker is facing an incredible 38 years in prison if found guilty of several counts relating to hacking into his school computer. It seems that Omar Khan, 18, of Coto de Caza, California hacked into computer in order to change his grades. …

[URL="ttp://www.kaspersky.com"]Kaspersky Lab[/URL] is warning the public at large to be on the lookout for a new version of the blackmail virus Gpcode which has started to appear in the wild. This particularly nasty twist on the virus format encrypts your files using an RSA encryption algorithm, this time with a …

[URL="http://www.verdict.co.uk"]Verdict Research[/URL] has published a report which suggests that the credit crunch is benefiting web-based businesses as consumers in the UK flock to the Internet in search of money saving bargains. With £15bn ($30bn) spent online by UK consumers in the last 12 months, [URL="http://www.startups.co.uk/6678842909857992097/online-sales-rise-by-a-third.html"]according to the research[/URL], this equates …

The [URL="http://www.oecd.org/dataoecd/53/34/40724457.pdf"]Malicious software (malware): a security threat to the Internet economy[/URL] report published by the Organisation for Economic Co-operation and Development over the weekend suggests that the PC malware infection rate in the US has hit 25 percent. These OECD cybercrime infection findings are highly disturbing, admits Geoff Sweeney, CTO …

According to reports the most serious forthcoming threats to IT security will be revealed during the Gartner Security Summit in Washington this coming week, and it looms like the consumerization of IT will be right there front of stage. Something that Gartner research fellow, John Pascatore, describes as the Gen …

Mac OS X is safer today than it was Tuesday, thanks to Apple. The company on Wednesday posted [URL= http://support.apple.com/kb/HT1141]Security Update 2008-003[/URL], containing forty one performance and security fixes for the enhanced Active Directory, AirPort, iChat, Mail, Time Machine and several other components of the company’s operating system. It also …

[URL="http://searchsecurity.techtarget.com.au/articles/24758-Telstra-distributes-malware-infected-USB-drives-at-AusCERT"]Reports are filtering through[/URL] that delegates at the annual Australian AusCERT security conference were given USB sticks replete with malware. It would appear that the Oz telco Telstra handed out the memory sticks, unware of the malware payload, during a security tutorial of all things. The malware apparently took advantage …

In a [URL="http://www.computerworld.com.au/index.php/id;649220418;fp;16;fpid;1"]comprehensive review[/URL] of the new ZonaAlarm virtualized security environment that is ForceField, Roger Grimes praises the elegant user interface. While admitting to being a big fan of Check Point and the ZoneAlarm brand, Grimes remains skeptical of these kind of virtualization products and it would appear with good …

According to the UK government, new proposals within the [URL="http://www.commonsleader.gov.uk/output/page2461.asp"]Communications Data Bill[/URL] are being put forward in order to prevent and detect crime as well as protect national security. The government argues that unless legislation is amended to reflect changes in technology, the ability of public authorities to counter criminal …

Have you ever wondered exactly how a botnet works? A wotnet, you ask? A botnet, I say. You know, the thing that your computer might well be a part of, without your knowledge or approval, which is used to launch distributed denial of service attacks, send spam, distribute malware and …

According to security experts [URL="http://www.sophos.com"]Sophos[/URL] a man has been arrested after allegedly trying to sell a hard drive which had previously belonged to Formula One racing driver Adrian Sutil and contained personal and financial data. The police in Germany are said to be questioning the man regarding a blackmail attempt …

A report entitled "[URL="http://ece.uprm.edu/~andre/insert/gmail.html"]Exploiting the Trust Hierarchy among Email Servers[/URL]" published by Pablo Ximenes from the University of PR at Mayaguez, USA and Andre dos Santos at the State University of Ceara, Brazil suggests that Google Mail is flawed in such a way so as to turn it into massive …

Threat statistics just released by managed security company [URL="http://www.network-box.com"]Network Box[/URL] reveals that phishing attacks now account for 67 percent of all malware by volume. This compares with just 24 percent in February and 48 percent in March, suggesting that the phishers are continuing to be successful where other distribution and …

Security vendor PC Tools [URL="http://blog.threatexpert.com/2008/04/kraken-changes-tactics.html"]has published[/URL] the source code and mathematical algorithm used in the domain name generation technique applied by the latest Kraken bot variant, Bobax. Analysis by researchers at PC Tools has uncovered how Bobax talks to control centres via HTTP using pseudo-random DNS names with a variable …

Speaking at the [URL="http://www.westminsterforumprojects.co.uk/eforum/default.aspx"]Westminster eForum[/URL] on Web 2.0 in London, the VP of legislative affairs with AT&T, Jim Cicconi, has claimed that without investment the Internet's current network architecture will be at full capacity by 2010. That's just 24 short months from now, and with the ever increasing volume of …

A new deal struck between Microsoft and its Linux ally Novell (SuSE Linux) is headed for mainland China. Microsoft claims now that Linux violates 42 of its patents (down from over 200 a year ago) and that purchasing SuSE Linux will indemnify Linux users from lawsuits for patent infringement. Thanks …

One of the best known soccer clubs in the world is tackling the phishing threat and has placed a penalty on the head of those who might try to con their fans on the web. As the annual InfoSecurity Europe show kicks off, so Manchester United has launched the implementation …

Kind of a quiet day on Wall Street, with traders wondering if Bank of America's less-than-expected Q1 forecast was a bump on the road to a bull market or a legitimate roadblock. With the market off 35 points in Monday trading (as of 3 PM EST), after rising four percent …

Following on from the RSA security conference the other week, where PayPal published a paper which included comment from chief information security officer Michael Barrett that suggested 'unsafe' web browsers would be banned, the eBay owned payments company has now appeared to backtrack somewhat. Online media channels, and in particular …

Research by security as a service specialists [URL="http://www.scansafe.com"]ScanSafe[/URL] has proven something that pretty much everyone knew already: namely that people working at home are more likely to view online pornography than those stuck in an office somewhere. I mean, it hardly needed a survey to dig up that little gem, …

When he took the reins almost two years ago, new Novell President and CEO Ronald Hovsepian, was going to lead the charge in driving the Linux acceptance and conversion. Recently he said that the Desktop Linux market, in the next 3 to 5 years, is mainly enterprise-related and that the …

If you believe the results of a survey conducted by [URL="http://www.infosec.co.uk"]InfoSecurity Europe[/URL] then women are four times as likely to give away their passwords for chocolate than men. This reveals two things: women prefer chocolate to IT and men rather predictably do not. It also reveals that we, as a …

Rather surprisingly, Kaspersky Lab has forecast that the security threat landscape will increase by more than 20 million programs by the end of 2008 when compared to the 2007 year-end figures, a ten-fold increase no less. That is worth repeating: the number of [B]new[/B] malicious applications in circulation by the …

According to [URL="http://www.itpro.co.uk/news/186540/the-security-business-has-no-future-says-ibm.html"]reports[/URL] the general manager of Internet security with IBM has warned that "the security business has no future." Speaking at the RSA conference in San Francisco, IT Pro says, Val Rahmani warned that the enterprise must fundamentally change security strategies if it is to have any success within …

[URL="http://www.fortiguardcenter.com"]According to unified threat management specialist Fortinet[/URL] Facebook users had better start paying attention to the postings that appear on their message wall within the popular social networking site. It appears that spammers are moving away from targeting third party applications, as evidenced in the recent 'Secret Crush' case, and …

Researchers at web gateway security specialists [URL="http://www.finjan.com"]Finjan[/URL] have uncovered an underground crime data exchange service which is highly sophisticated in nature. The exchange, known as SellCVV2, promotes the sale of fraudulent credit card data, offering not only volume discounts for fraudsters with bigger ambitions, but guarantees as well. According to …