1,400 Topics
 | |
 | [URL="http://searchsecurity.techtarget.com.au/articles/24758-Telstra-distributes-malware-infected-USB-drives-at-AusCERT"]Reports are filtering through[/URL] that delegates at the annual Australian AusCERT security conference were given USB sticks replete with malware. It would appear that the Oz telco Telstra handed out the memory sticks, unware of the malware payload, during a security tutorial of all things. The malware apparently took advantage … |
| | In a [URL="http://www.computerworld.com.au/index.php/id;649220418;fp;16;fpid;1"]comprehensive review[/URL] of the new ZonaAlarm virtualized security environment that is ForceField, Roger Grimes praises the elegant user interface. While admitting to being a big fan of Check Point and the ZoneAlarm brand, Grimes remains skeptical of these kind of virtualization products and it would appear with good … |
| | According to the UK government, new proposals within the [URL="http://www.commonsleader.gov.uk/output/page2461.asp"]Communications Data Bill[/URL] are being put forward in order to prevent and detect crime as well as protect national security. The government argues that unless legislation is amended to reflect changes in technology, the ability of public authorities to counter criminal …  |
| | Have you ever wondered exactly how a botnet works? A wotnet, you ask? A botnet, I say. You know, the thing that your computer might well be a part of, without your knowledge or approval, which is used to launch distributed denial of service attacks, send spam, distribute malware and … |
| | According to security experts [URL="http://www.sophos.com"]Sophos[/URL] a man has been arrested after allegedly trying to sell a hard drive which had previously belonged to Formula One racing driver Adrian Sutil and contained personal and financial data. The police in Germany are said to be questioning the man regarding a blackmail attempt … |
| | A report entitled "[URL="http://ece.uprm.edu/~andre/insert/gmail.html"]Exploiting the Trust Hierarchy among Email Servers[/URL]" published by Pablo Ximenes from the University of PR at Mayaguez, USA and Andre dos Santos at the State University of Ceara, Brazil suggests that Google Mail is flawed in such a way so as to turn it into massive … |
| | It has emerged that Belgium is the latest country to feel the force of the Chinese cyber-super-power, with [URL="http://english.ohmynews.com/articleview/article_view.asp?at_code=434212"]Belgian ministers claiming[/URL] that state sponsored hackers have been targeting Federal Government computers. The Justice Minister in Belgium, Jo Vandeurzen, has claimed that the spate of hacking attacks also reported to parliament … |
| | Here's a good one, [URL="http://www.guardian.co.uk/world/2008/may/01/italy"]according to The Guardian newspaper[/URL] in the UK, the incomes of each and every single Italian citizen were published for each and every other Italian citizen to see on the web. Rather than being some terrible data breach, or the work of some sinister hacker, it … |
| | Threat statistics just released by managed security company [URL="http://www.network-box.com"]Network Box[/URL] reveals that phishing attacks now account for 67 percent of all malware by volume. This compares with just 24 percent in February and 48 percent in March, suggesting that the phishers are continuing to be successful where other distribution and … |
| | Security vendor PC Tools [URL="http://blog.threatexpert.com/2008/04/kraken-changes-tactics.html"]has published[/URL] the source code and mathematical algorithm used in the domain name generation technique applied by the latest Kraken bot variant, Bobax. Analysis by researchers at PC Tools has uncovered how Bobax talks to control centres via HTTP using pseudo-random DNS names with a variable … |
| | One of the best known soccer clubs in the world is tackling the phishing threat and has placed a penalty on the head of those who might try to con their fans on the web. As the annual InfoSecurity Europe show kicks off, so Manchester United has launched the implementation … |
| | Jim Gamble, the chief executive of the [URL="http://www.ceop.gov.uk/"]Child Exploitation and Online Protection (CEOP) Centre[/URL] has warned paedophiles who use the Internet that they will be tracked down and brought before the courts. The warning comes as CEOP figures reveal that the number of suspects arrested during the last year has … |
| | Following on from the RSA security conference the other week, where PayPal published a paper which included comment from chief information security officer Michael Barrett that suggested 'unsafe' web browsers would be banned, the eBay owned payments company has now appeared to backtrack somewhat. Online media channels, and in particular … |
| | Research by security as a service specialists [URL="http://www.scansafe.com"]ScanSafe[/URL] has proven something that pretty much everyone knew already: namely that people working at home are more likely to view online pornography than those stuck in an office somewhere. I mean, it hardly needed a survey to dig up that little gem, … |
| | If you believe the results of a survey conducted by [URL="http://www.infosec.co.uk"]InfoSecurity Europe[/URL] then women are four times as likely to give away their passwords for chocolate than men. This reveals two things: women prefer chocolate to IT and men rather predictably do not. It also reveals that we, as a … |
| | [URL="http://www.itpro.co.uk/news/187851/apple-iphone-vulnerable-through-safari.html"]According to IT Pro[/URL] the Apple iPhone is vulnerable to Denial of Service attacks. These can occur when an iPhone user opens a JavaScript containing HTML page which triggers the vulnerability. An application Denial of Service attack can then crash the Safari browser on the phone, and quite possibly the … |
| | Rather surprisingly, Kaspersky Lab has forecast that the security threat landscape will increase by more than 20 million programs by the end of 2008 when compared to the 2007 year-end figures, a ten-fold increase no less. That is worth repeating: the number of [B]new[/B] malicious applications in circulation by the … |
| | According to [URL="http://www.itpro.co.uk/news/186540/the-security-business-has-no-future-says-ibm.html"]reports[/URL] the general manager of Internet security with IBM has warned that "the security business has no future." Speaking at the RSA conference in San Francisco, IT Pro says, Val Rahmani warned that the enterprise must fundamentally change security strategies if it is to have any success within … |
| | [URL="http://www.fortiguardcenter.com"]According to unified threat management specialist Fortinet[/URL] Facebook users had better start paying attention to the postings that appear on their message wall within the popular social networking site. It appears that spammers are moving away from targeting third party applications, as evidenced in the recent 'Secret Crush' case, and … |
| | I am not an easily shockable person. Anyone who knows me, anyone who has seen me, will understand this. Indeed, other than the usual trio of sexual or racial abuse and mindless violence it takes a lot to drop my jaw in shame and despair while browsing the web. However, … |
| | Researchers at web gateway security specialists [URL="http://www.finjan.com"]Finjan[/URL] have uncovered an underground crime data exchange service which is highly sophisticated in nature. The exchange, known as SellCVV2, promotes the sale of fraudulent credit card data, offering not only volume discounts for fraudsters with bigger ambitions, but guarantees as well. According to … |
| | Computerworld is [URL="http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9071638&source=rss_news6"]reporting the possibility[/URL] of a worm or bot in the wild that is specifically targeting D-Link branded routers. It refers to a three year old vulnerability which Symantec security researchers believe is being exploited by a new exploit. Apparently, the Symantec security response team has seen an increase … |
| | According to [URL="http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9070840&intsrc=hm_list"]reports[/URL] it would appear that Microsoft has confirmed the presence of a critical vulnerability which impacts upon users of MS Word for Windows 2000, XP and Server 2003 SP1. Shame it has taken many weeks for Microsoft to admit this, and only after a second security vendor recently … |
| | According to [URL="http://www.news.com/8301-13578_3-9899151-38.html"]recent reports[/URL] the FBI has been using honey-trap hyperlinks which claim to lead to child pornography in order to entice offenders into clicking them. Last year, it seems, armed raids were carried out on homes in Nevada, New York and Pennsylvania as a direct result of such link …  |
| | [URL="http://www.frsirt.com/english/advisories/2008/0928"]FrSIRT[/URL], the French Security Incident Response Team, has reported that multiple vulnerabilities have been identified in various IP-PBX software applications that can be exploited by attackers to bypass security restrictions and cause denial of service attacks or otherwise compromise vulnerable systems. The software is used by an ever increasing number … |
| | [URL="http://po-ru.com/about/"]Paul Battley[/URL] is a software developer from London who can probably lay claim to being the biggest thorn in the side of the BBC right now. No sooner had the mighty British Broadband Corporation [URL="http://news.bbc.co.uk/1/hi/technology/7293988.stm"]announced[/URL] that his hack which allowed people to download iPlayer TV streams meant for an iPhone …  |
| | Ever wondered just how smart a smartcard is, from the security perspective? Obviously there are problems as detailed in a DaniWeb blog posting last month which described how hackers can [URL="http://www.daniweb.com/blogs/entry2115.html"]exploit hardware RFID weaknesses to access credit card account data[/URL] for example. But now a former member of the team … |
| | [URL="http://www.avertlabs.com/research/blog/index.php/2008/03/12/another-mass-attack-underway/"]Security researchers at McAfee[/URL] have uncovered one of the biggest attacks of its kind to date, with some 10,000 web pages which had been rigged to entrap unsuspecting visitors. Although the infected web pages look the same as they always did, under the hood the cyber-crooks had added some redirection … |
| | According to a newly published [URL="http://www.secure-medicine.org/icd-study/icd-study.pdf%20target="]research paper[/URL] from the Harvard Medical School backed Medical Device Security Center, it appears that hackers could use wireless technology to turn off heart pacemakers. As unlikely as it sounds, the boffins reckon that people with an implantable cardiac defibrillator (or pacemaker as they are … |
| | According to messaging security experts [URL="http://www.messagelabs.com/intelligence.aspx"]MessageLabs[/URL] there has been a 100 percent rise in the amount of spam from Gmail during February, along with a worrying 200 percent increase in targeted Trojan attacks. The February MessageLabs Intelligence Report, published today, paints a sorry picture as far as IT security is … |
| | Bruce Schneier is a security legend, and posts like [URL="http://www.wired.com/politics/security/commentary/securitymatters/2008/03/securitymatters_0306"]this one[/URL] go a long way to proving just why. In this Wired commentary Schneier gives the best explanation I have seen as to why the ‘transparent society’ argument is a myth, why it is not better than privacy but rather … |
| | The Trend Micro [URL="http://blog.trendmicro.com/over-400-phish-kits-on-the-loose/"]TrendLabs Malware Blog[/URL] is reporting that the volume of totally free do it yourself phishing kits available in the wild on the web had moved past the 400 mark. Ironically, some are even used by phishers to phish other phishers… |
| | According to a [URL="http://www.yougov.com"]YouGov[/URL] survey published today by [URL="http://www.verisign.com"]VeriSign[/URL] the average UK consumer is worth £10,077 ($20,000) online in terms of banking, gaming and shopping accounts. The pan-European survey on consumer attitudes to online security concludes that UK Internet users are putting as much as £361 billion ($720 billion) at … |
| | A hearty slap on the back must go to authorities in South Korea who have [URL="http://www.sophos.com/news/2008/03/lee-shin-ja.html"]arrested and charged[/URL] the 41 year old ex-CEO of an antivirus software company with distributing fake security scareware. Lee Shin-ja was formerly CEO with security outfit Media Port, and stands accused of distributing the 'free' … |
| | Unified threat management specialists Fortinet has [URL="http://www.fortiguardcenter.com/reports/roundup_feb_2008.html"]announced[/URL] the most reported high-risk threats during the course of the last month, and it makes interesting reading. According to Fortinet it proves that birds of a feather do flock together as the most definable malware trend was most definitely the fact that the … |
| | [URL="http://www.avertlabs.com"]McAfee Avert Labs[/URL] has warned that the number of spammers which use the 'out of office' functionality of web-based email systems to distribute junk mail is on the increase. The particular technique in question, which involves spammers setting up web-based email accounts which are configured to auto-respond with spam instead … |
| | The Cult of the Dead Cow, the infamous hacking collective, has released a Google hacking utility called Goolag Scan that brings the ability to search the information engine for web-based data that is normally hidden to anyone wannabe with a web browser and half a brain. It does this by …  |
| | According to the Pakistan Telecommunications Authority (PTA) while the blocking of the YouTube website over the weekend in Pakistan was intended the worldwide outage that saw the popular video streaming service become unavailable to huge swathes of the planet was accidental. Anyway, PTA spokesman Khurram Mehran assures us it is … |
| | Last year I [URL="http://www.daniweb.com/blogs/entry1466.html"]exposed[/URL] a security breach involving the online collection of applications for visa documents allowing Indian citizens to visit the UK, an expose that ended up with the [URL="http://www.daniweb.com/blogs/entry1817.html"]UK government itself being found guilty[/URL] of breaking the Data Protection Act and which kick-started something of a sea change … |
| | The [URL="https://www.blackhat.com/"]Black Hat[/URL] security conferences are always good for a crowd pleasing demonstration or two, and security researcher Adam Laurie was happy to oblige at the latest DC based event. In a 'look no hands' fashion, he was able to pull up account data including name, account number and expiration … |
| | It is not often that a drunken discussion provides anything more than a hangover the following morning, but recently a bunch of IT security experts got talking while the beer was flowing and someone asked the question: what is the biggest threat on the IT landscape today? Everything from 'the … |
| | Who could forget [URL="http://en.wikipedia.org/wiki/Jon_Lech_Johansen"]DVD Jon[/URL], the Linux guru who was co-author of DeCSS? This Linux application 'unlocked' DVDs with content otherwise protected by Content Scrambling System (CSS) encryption and landed DVD Jon in front of a judge. Which did not stop him from continuing his quest to free audiovisual content … |
| | It has been estimated that something in the region of 70 percent of the ATMs in current use are based not on the proprietary hardware, software and communication protocol platforms of old but instead on PC/Intel hardware and commodity operating systems, the most popular being Windows XP embedded. In fact, … |
| | IT security and control outfit [URL="http://www.sophos.com"]Sophos[/URL] has revealed the results of a poll that shows the number of people who believe that Apple Macs will be increasingly targeted by cybercriminals in the future has risen from 79 percent two years ago to 93 percent now. Sophos undertook the poll as … |
 | [B]Rumors and speculation about why five undersea cables to the Middle East have been severed — and what it means for IT security[/B]. Since [B]Jan. 30, 2008,[/B] there has been a troubling pattern of underwater anarchy. At first, it was reported that two, then three, then five undersea [URL="http://en.wikipedia.org/wiki/Fiber-optic"]fiber-optic[/URL] cables … |
| | Security researchers at [URL="http://www.sophos.com"]Sophos Labs[/URL] have revealed that nearly 70 percent of all Linux honeypot infections are caused by a single virus. Perhaps even more shocking, all things considered, is the fact that the virus in question, Linux/Rst-B, is actually six years old now. So concerned is Sophos at this … |
| | [URL="http://en.wikipedia.org/wiki/Nicodemo_Scarfo,_Jr."]Nicodemo Scarfo Jr[/URL], a well-connected member of the [B]New York[/B] and [B]Philadelphia[/B] organised crime families, knows all about keylogging. But rather than using the technique to steal or launder money, he was brought down by the [B]Magic Lantern[/B] [URL="http://en.wikipedia.org/wiki/Keylogger"]keylogger[/URL] that the FBI installed on his computer via a Trojan. It … |
| | It has been a couple of months now since a Russian security researcher, Evgeny Legerov, confirmed that the widely deployed media software RealPlayer was vulnerable to a zero-day exploit. The Russian company, Gleg, is in the business of selling information on such exploits and security flaws. Unfortunately, according RealNetworks's Vice …  |
| | In today's heightened threat environment, it is a constant battle for IT security departments to stay on top of all possible attacks and vulnerabilities they could encounter. With insider threats on the rise and the continuous danger posed by external hackers, coupled with the alarmingly quick development of stronger and … |
| | Oh the irony. Windows Vista Service Pack 1 is, quite rightly, being pushed hard on the merits of the numerous security improvements over the original release. However, despite the fact that Vista SP1 will not be made available to end users until March, because it has just been released to … |
The End.