1,400 Topics
 | |
 | A recent survey, conducted by IT risk management specialists nCircle, suggests that as many as 50% of IT security professionals think that the organisations they work for are a potential target for state-sponsored hackers. A number that Tim Keanini, nCircle Chief Research officer, thinks is rather on the low side … |
| | Think of spam and chances are your mind immediately turns to China or Russia and messages about sexual dysfunction or a financial deal you cannot believe. Maybe, though, your thoughts should be closer to home. Especially if home is in the United States. [ATTACH=RIGHT]22797[/ATTACH]According to the latest research from security … |
| | At the risk of being somewhat obsessed by hitmen after [one recent news story](http://www.daniweb.com/hardware-and-software/microsoft-windows/viruses-spyware-and-other-nasties/news/441025/dont-be-fooled-by-the-fake-hitman-scam) here at DaniWeb, I'm running another. This time though, it's cybercriminals and hackers who would hold your computer and data to ransom that are the target of a contract killer. The killer in question being the … |
| | It's never easy calculating the true cost of inadequate security to business, not least as there are so many variables and such reticence when it comes to full disclosure for fear of brand damage. However, the latest [Information Security Breaches Survey](http://www.pwc.co.uk/audit-assurance/publications/uk-information-security-breaches-survey-results-2012.jhtml) (ISBS) from PwC/Infosecurity Europe has had a good bash … |
| | You might not have heard about Dirt Jumper yet, but the bad guys have. In fact, the high-risk and highly-effective DDoS toolkit is probably the most aggressive of the malware tools being employed by DDoS attackers at the moment, and the situation is set to get much worse very quickly … |
| | The latest VIPRE report, detailing the ten most prevalent malware threat detections spotted by [GFI Labs](http://malwareprotectioncenter.com/) and the ThreatNet Detection System, reveals that Google, LinkedIn, Skype and Mass Effect 3 were amongst the big brands being exploited by cybercriminals in order to leverage trust whilst distributing malware-laden emails. As a … |
| | China may be odds-on to top the medal table at the London 2012 Olympic Games, with less than a week to go, but according to a new report South Korea has the Chinese well and truly beaten as far as malware infected PCs are concerned. And unlike at the Olympic … |
| | Lawmakers in Washington asked tech companies Tuesday whether they need to create legislation that would protect people's private information online. The Senate Commerce Committee took up the issue, asking representatives from Apple, AT&T, Facebook and Google if an online privacy bill is necessary. Those companies have all dealt with recent … |
| | [ATTACH=RIGHT]16244[/ATTACH]Ron Bowes has been accused of hacking Facebook. But when he put the information for over a 100 million [URL="http://www.facebook.com"]Facebook[/URL] users into a 2.8 GB torrent stream on his website Skullsecurity.org, he didn't need to hack anything to get it - it was already publicly available on Facebook. All he … |
| | New research shows that hackers are becoming increasingly lazy in their search for online exploits, with 98% of Remote File Inclusion and 88% of SQL injection attacks now being fully automated. It comes as no surprise whatsoever to DaniWeb administrators and moderators that your average cybercriminal is looking for the … |
| | FireEye security researchers are warning that they have [detected a new zero-day vulnerability](http://blog.fireeye.com/research/2013/02/yaj0-yet-another-java-zero-day-2.html) that is being used successfully in the wild against browser clients with both Java 6u41 and Java 7u15 installed. Given that the Java 7 update was only released a couple of weeks ago, this is yet more …  |
| | Reports are coming in thick and fast about 'state-sponsored' zero-day exploits hitting business websites in the UK. The latest, disclosed yesterday by [SophosLabs](http://nakedsecurity.sophos.com/2012/06/20/aeronautical-state-sponsored-exploit/), involves an as yet unnamed European aeronautical parts supplier and follows on from another the day before involving a European medical company site. In both cases the … |
| | Last week saw the discovery of YAJE: Yet Another Java Exploit. Sadly, Java vulnerabilities are neither new nor uncommon and the bad guys are quick to exploit them in the wild. Some claim that Oracle is in too much of a rush to extricate itself from this unholy mess and …  |
| | Toshiba Windows 7 Laptop is not accepting 1 Critical Update after numerous attempts. It is update KB2667402 159KB. Any help would be appreciated. System is Windows 7 x64. |
| | Hi, I have a couple of sites that are very much read-only (i.e. the sites are complete and not being modified). Is there a way, possibly via .htacces, to make these sites so that nothing could be uploaded to their directories maliciously? Basically, a way to lock the site down. …  |
| | My computer has been severely hacked. Well 2 laptops actually. And it looks like my router also. Problems noted here: 1. Email accounts routinely hacked even after changing passwords and using keypass in the securist way. Suspected keyloggin occuring somewhere in the stream. 2. Something causing my typing to be …  |
 | hello guys, unfortunly my website got hacked few hours ago, and after investigations I found the was a c99.php file on my server so i deleted it and stopped any upload proccess and change back my chmod to default I want to ask how to prevent php files from being … |
| | With Twitter now more than 100 million accounts strong, and with 50 million Tweets per day, you might be excused for thinking there's no stopping the micro-blogging network. Until, that is, you start exploring the darkside of Twitter. But is Twitter evil? [attach]16201[/attach]You only have to look at the IT … |
| | Whether you travel on business or for pleasure, the chances are pretty high that you will make use of the Internet while abroad. If you are staying at a hotel then, given the high cost of international data roaming on most mobile networks, the chances are that you will make … |
| | The news wires have been buzzing over the weekend after it emerged that the Raspberry Pi website had been hit by a 'million zombie' Distributed Denial of Service (DDoS) attack during the week. Although the outage was relatively brief, with the Raspberry Pi Foundation admitting the attack with a Twitter … |
| | Microsoft Security Advisory notices do not, as a rule, make the media sit up and take much notice. Not least as they have become relatively commonplace over the years, but every now and then one comes along which may grab some press attention. Take [MSA 2718704](http://technet.microsoft.com/en-us/security/advisory/2718704) for example.  … |
| | With the London 2012 Olympics due to open in just a few days time, the expected push by the bad guys has started. No, I don't mean the banning of wearing Pepsi T-Shirts in the Olympic Stadium as it might upset official sponsors Coke, or the fact that nobody is … |
| | An ongoing attack aimed at users of the Apple Mac platform is being reported by security researchers. [AlienVault,](http://www.alienvault.com) which has discovered these weaponised attacks in the wild, warns that regular Mac users without IT security software installed could be at risk of infection and hijacking.  The researchers suspect … |
| | According to security experts at data governance outfit Varonis, 2013 will be the year of the salami attack. On the plus side, they also predict that the world will not come to an end on December 21st 2012. It's not just salami that your business needs to worry about in …  |
| | Earlier this week, an iPhone jailbreaking guru called pod2g revealed how even the very latest beta versions of iOS 6 cannot prevent the iPhone from being vulnerable to SMS text message spoofing. This technique is often employed by spammers and scammers alike when targeting the smartphone user in order to … |
| | Continuing our round up of 2013 IT security vendor predictions, we've got the thoughts of three of the big Infosecurity Europe exhibitors: Palo Alto Networks, SafeNet and Kaspersky Lab.  Brian Tokuyoshi from Palo Alto Networks predicts that social media, data decryption and virtualised network security will be high … |
| | Anonymous hacktivists took aim at the websites of the UK Justice Department, the Department of Work and Pensions, the Home Office and even the Prime Minister's own Number 10 site. All of them were successfully targeted overnight and went down for a period of time. The attacks were part of … |
| | Over the weekend I wrote a news story for DaniWeb which revealed how the iPhone was vulnerable to SMS text message spoofing. This went under the title "[Why Apple was right about iMessage 'fix' for iPhone SMS spoofing](http://www.daniweb.com/hardware-and-software/apple/ios-iphone-os/news/431373/why-apple-was-right-about-imessage-fix-for-iphone-sms-spoofing)" because, simply put, SMS text messaging is exposed to this kind of … |
| | Apple, Facebook and Twitter have all been the target of hackers recently, and now Evernote has admitted to a potential breach that has forced it to reset the passwords of approximately 50 million registered users. Evernote, a kind of web scrapbook that enables you to take notes, save web pages … |
| | New research from ISACA suggests that US consumers with 'work-supplied' computing devices intend, on average, to spend nine hours shopping for gifts on them during the forthcoming holiday season. When it comes to the Bring Your Own Device (BYOD) brigade, those who use personal mobile devices for work, that average … |
| | Security vendor Malwarebytes has reported that a new variation of an old password stealing Trojan is out in the wild, but all is not as it may seem. Notably, this particular Trojan is signed with an apparently 'genuine' digital certificate that authenticates the file. Which rather prompts the question: "say … |
| | The 'World's Greatest Anti-Malware Software' is the spurious claim being made by Malwarebiter, which just so happens to sound an awful lot like Malwarebytes which could perhaps justifiably lay claim to that accolade. Take a look at this forum and you will see that Malwarebytes is a very valuable tool … |
| | According to IT security outfit Kaspersky, which has just [published details](http://www.securelist.com/en/analysis/204792255/Kaspersky_Security_Bulletin_2012_The_overall_statistics_for_2012) of the information security landscape as it was shaped during 2012, 99% of all mobile malware threats now target Android devices. With 6300 new mobile malware samples discovered every month on average across 2012, Android has become the focus …  |
| | According to new research from Kaspersky Lab, in the form of a report called [Evaluating the threat level of software vulnerabilities](http://media.kaspersky.com/documents/business/misc/Kaspersky_Lab_Report_Software_Vulnerabilities_final.pdf), 72% of Java users haven't switched to the latest, safest, version despite highly publicised vulnerabilities and resulting security exploits.  And it's not just Java, the report also …  |
 | Hey guys, First of all please don't consider this an act of spam, it is not my intencion to spam! I belong to a small team that created the visualCaptcha (visualcaptcha.net), and we are looking for some reviews from web developers. We have downloads but we don't get much feedback …  |
| | According to new independent research commissioned by Corero Network Security, and conducted by the Ponemon Institute, two thirds of banks in the United States have suffered a Distributed Denial of Service (DDoS) attack during the last 12 months. The 64% statistic refers to the number of IT and IT security … |
| | Continuing with our round up of the IT security vendor view of the year to come, here's how PandaLabs, the malware research laboratory arm of [Panda Security](http://www.pandasecurity.com/), sees 2013 stacking up in terms of threats and exploits.  Perhaps unsurprisingly, PandaLabs predicts that 2013 will be much the same … |
| | My site has just been hacked and I suspect that it was a remote file inclusion attack. These are my server specs: Windows Server 2008 R2 running ColdFusion 9 (9.0.1.274733) and IIS 7.5 This is the source code of the page that appeared after my site was hacked: <!-- # … |
| | Good day, I have a vb.net application that navigates to a series of url's and logs in, using credentials read from an external file. After navigating to some URL's a windows security pop-up appears and takes focus. Can anyone please point me to information to populate ths pop-up with credentials …  |
| | The UK-based [Surrey Police Force](http://www.surrey.police.uk/) has long since embraced Internet culture as being a way to help fight crime. It has an online crime reporting tool, active accounts on Facebook and Twitter, as well as a video channel on YouTube. But now it has moved into smartphone territory in order …  |
 | hello i just need some advice and suggestions the program(will be using vb.net & matlab) is about security software for flash drives where the user is required to say something(eg. a password) that will open or explore the device. the thing is when the flash drive is plugged to the … |
 | This snippet is easy: it defines an immutable wrapper around a sequence type (list, deque, etc) which allows a class, function or module to expose a read only version of a sequence to the outer world. A constant wrapper around mapping types could also be defined in a similar manner. |
| | Network security vendor [Stonesoft](http://www.stonesoft.com/en/) predicts that the top infosec threats to watch out for in 2013 will include unseen and unknown targeted cyber-attacks, espionage and hacktivism. Jarno Limnell, director of cyber-security at Stonesoft, reckons that in 2013 the security of the digital world will become an even more pressing issue, … |
| | An in-the-wild exploit targeting a vulnerability with Java 7 has led to security experts the world over warning users to disable the Java plug-in for their browser clients at the very least, and preferably uninstall Java altogether. The CVE-2012-4681 vulnerability, comprising two flaws, along with a couple of other 'related …  |
 | Hi guys, I'm facing a weird problem with our Trustico Certificate. We have a webshop with customers that are logging in to make purchases of different products, all of this works nice untill the user changes his/her DATE on the Computer that he/she is using. If the date is changed … |
| | According to the boffins at Kaspersky Lab, users of Android devices running Gingerbread (Android 2.3.6) and Ice Cream Sandwich (Android 4.0.4) are targeted the most by cybercriminals. Gingerbread accounted for 28% of all the attempts to install malware that were successfully blocked by Kaspersky, while Ice Cream Sandwich accounted for … |
| | I have read several replies here and I am in the process of testing them now but since this is a problem I need an urgent fix for, I thought it would not hurt to ask again. We have an Apache website that is extremely simple in design. It's main … |
| | Microsoft has released YAIESA, or Yet Another Internet Explorer Security Advisory if you prefer. This time, [SA2757760](http://technet.microsoft.com/en-us/security/advisory/2757760) warns about a new zero-day out there in the wild which impacts all users of Internet Explorer 9 and earlier versions. It's the usual case of targeted attacks being spotted which could lead … |
| | The results of a new security survey, which asked some 6,000 people across Europe questions about cybercrime, would appear to suggest that nearly everyone (88% of respondents in fact) is some kind of online victim. Have things really got this bad, or is it just another case of the security … |
 | I'm trying to find a solution to protect all the software developed in the company I work in. Till now we've been working with hardlocks, but we are trying to cut on expences and wanting to develop our own software protection system. I know that there some free tools, like …  |
The End.