1,118 Topics
|
|
|
In a rather ironic turn of events, the US [URL="http://www.dhs.gov/index.shtm"]Department for Homeland Security[/URL] has found itself having to admit to Congress that it has been subject to the odd one or two minor security problems in-house. Well, I say one or two. Actually the figure is more than 800. Well, … |
|
|
As reported [URL="http://www.daniweb.com/blogs/entry1490.html"]here[/URL] last week, three security flaws had been discovered that impacted upon the 2.6.x Kernel. A NULL-pointer dereference within netfilter when handling SCTP connections with unknown chunk types that could be exploited to crash the kernel; a cpuset_task_read() function in /kernel/cpuset.c which had an underflow error that could … 
|
|
|
According to postings at [URL="http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.21.4"]Kernel.org[/URL] concerning a report by Vilmos Nebehaj which was consequently signed off by Linus Torvalds and Chris Wright, the Linux Kernel 2.6.x has multiple security vulnerabilities. Well, to be precise, two vulnerabilities and what is described as a ‘weakness’ which are capable of being exploited by …
|
|
|
Websense [URL="http://www.websense.com/"][/URL]has created a YouTube video [URL="http://www.youtube.com/watch?v=pzKmzO_Xq3k"]here[/URL][URL="http://www.youtube.com/watch?v=pzKmzO_Xq3k"][COLOR=black][/COLOR][/URL] which reveals exactly how a ‘tubing’ attack works. What is tubing? Well according to [URL="http://www.websense.com"]Websense[/URL] it is a new crimeware technique that attempts to dupe the recipient into watching a YouTube video clip that is not all it might seem. While watching the …
|
|
|
Independent Austrian antivirus testing outfit [URL="http://www.av-comparatives.org/"]AV Comparatives[/URL] has a reputation for going the extra mile when putting products through their paces. Something that Microsoft discovered to its cost earlier in the year when, rather embarrassingly, its flagship OneCare antivirus product managed to finish last and fail to get a highly …
|
|
|
[URL="http://www.gentoo.org"]Gentoo[/URL] has issued a security advisory with a high impact rating affecting users of PHP <5.2.2. Several vulnerabilities have been found in PHP, not least a huge number discovered by Stefan Esser during the infamous Month Of PHP Bugs (MOPB) including integer overflows in wbmp.c from the GD library and …
|
|
|
IT security and control firm [URL="http://www.sophos.com"]Sophos[/URL] is warning of an ongoing spam campaign which promises not only a trailer featuring, but also free tickets to see, the ‘Pirates of the Caribbean 3: At World's End’ movie. The warning signs are all there, the familiar skull-and-crossbones logo of the popular film …
|
|
|
IT security professional Didier Stevens has been conducting an experiment into computer user stupidity by running a Google Adwords campaign which offers to infect your PC for free. The advert actually read: [B]Drive-By Download Is your PC virus-free? Get it infected here![/B] Which should be enough to stop all but … 
|
|
|
For the average user spam has always been an annoyance. For the average spammer it has always been about making money. For the criminal gangs that have muscled in on this lucrative industry during the last few years it is now about territory and control. Control, that is, of the … 
|
|
|
According to new research from [URL="http://www.centennial-software.com"]Centennial Software[/URL] removable devices are the single biggest threat to company data so far in 2007, yet four out of five businesses are failing to defend themselves. The research resulted from a survey undertaken at this year's Infosecurity Europe, and discovered that just 16 percent …
|
|
|
GPS satellite navigation devices have become an indispensable part of everyday life for millions of drivers the world over. Without these little technological route planning miracles, many of us would literally crash and burn as we struggled to regain control over that map while driving too fast and drinking a … 
|
|
|
My friends over at security specialists [URL="http://www.sophos.com"]Sophos[/URL] have warned me to be on the lookout for Sandra and her stiletto shoes when using [URL="http://www.skype.com"]Skype[/URL]. Usually it would be my mother offering this advice, but then she would not understand the implications of getting infected by the Pykse-A worm that exploits …
|
|
|
[FONT="][/FONT]A newly published report by [URL="http://www.infosec.co.uk"]Infosecurity Europe[/URL] reveals that out of 300 office workers interviewed at London railway stations and IT professionals at a computer show, an amazing 64 percent were prepared to give their passwords in exchange for a bar of chocolate and a smile. The survey also found …
|
|
|
If you're visiting a known site such as Google.com, you're perfectly safe, right? Wrong. New DNS vulnerabilities in Microsoft's Windows 2000 and 2003 severs could potentially allow a DNS server to get hijacked, and redirect a user to a completely different site than they expected to see. The vulnerability exists … |
|
|
IT security and control firm [URL="http://www.sophos.com"]Sophos[/URL] is urging computer users once again to patch against a critical bug in how Microsoft Windows handles animated cursors (ANI files) as hackers exploit the problem by sending out emails related to professional party girl Paris Hilton and hardcore actress Jenna Jameson. This latest … 
|
|
|
Leading security vendor [URL="http://www.kaspersky.com"]Kaspersky Lab[/URL] has uncovered the first ever proof of concept virus designed with the sole intention of infecting the iPod media player. Like all proof of concept viruses though, Podloso poses no real world threat to users. For a start it requires a Linux installation, not on …
|
|
|
IT security specialist [URL="http://www.sophos.com"]Sophos[/URL] is warning anyone with a website about recently uncovered evidence that spammers are hacking into legitimate sites in order to sell drugs. Online pharmacy spam, be it under the Viagra or just general prescription drug banner, has become one of the most annoying and persistent forms …
|
|
|
If you had any doubts that the code that powers the applications you use is secure, then it's time that you see this in perspective. Because very unsurprisingly, the SANS exam of developers [URL="http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=software_development&articleId=9014307&taxonomyId=63&intsrc=kc_top"]scored terrible overall in terms of security[/URL]. With the increase of hackers and such on the internet … 
|
|
|
Web security company [URL="http://www.scansafe.com"]ScanSafe[/URL] has published its latest monthly Global Threat Report that looks at corporate usage of the web. The results should not be shocking as we all know that if you give someone free access to the Internet at work then they will abuse that access if at …
|
|
|
A number of users are reporting that the new Kaspersky AV component in the latest [URL="http://www.zonealarm.com"]ZoneAlarm [/URL]Security Suite 7 is broken. And broken in such a way as to leave your system unprotected while appearing to be fully functional. The problem manifests itself after a successful installation with the AV …
|
|
|
[URL="http://www.itpro.co.uk/news/107043/alqaeda-plot-to-blow-up-uk-internet.html"]Reports[/URL] have come in over the weekend of a series of dawn raids by the Metropolitan Police on a number of terrorist suspects with Al-Qaeda connections in London. All the suspects have been arrested. The raids follow the seizure of computer files last year suggesting that the target of their … |
|
|
Well, what a weekend that has been. Ever since the reports started emerging online of a brute force attack on the Vista activation code using a modified version of the original software license manager script file I have been, shall we say, dubious as to the authenticity of the claim. …
|
|
|
[URL="http://onecare.live.com"]Microsoft Windows Live OneCare[/URL] was already struggling in the credibility stakes after failing to pass the Virus Bulletin VB100 certification tests as I reported [URL="http://www.daniweb.com/blogs/entry1295.html"]here[/URL] last month. Talk about kicking a wounded animal, now the [URL="http://www.av-comparatives.org/seiten/ergebnisse_2007_02.php"]results [/URL]of the latest, and much respected, [URL="http://www.av-comparatives.org/ tests"]av-comparatives[/URL] are in, and do no make …
|
|
|
During the course of this week there have been numerous reports floating around, mainly online and mainly pretty devoid of any real substance, claiming that the popular anonymous browsing solution [URL="http://tor.eff.org/"]Tor[/URL] has been cracked. In fact, what these reports should have been reporting is the fact that researchers from the … |
|
|
As if Microsoft did not have enough on its security plate, what with the launch of Vista followed by the chorus of ‘it is not quite as secure as you would have us believe is it’ from the worlds media, things only go from bad to worse for the Seattle … 
|
|
|
An independent test of [URL="www.microsoft.com/athome/security/spyware/software/default.mspx"]Windows Defender[/URL] against third party vendors has demonstrated holes in [URL="www.microsoft.com/windows/products/windowsvista/default.mspx"]Microsoft Vista’s[/URL] spyware protection. Calls of Swiss Cheese could be heard coming from the direction of Spyware Doctor vendor [URL="http://www.pctools.com"]PC Tools[/URL] which commissioned Australian concern [URL="http://www.testlab.com.au"]Enex Testlab [/URL]to evaluate how Windows Defender compared to its own … |
|
|
Security specialists [URL="http://www.sophos.com"]Sophos[/URL] has released a warning regarding the inevitable malware posing as a message of love on this, Valentine’s Day. The Dref-AB worm is said by Sophos to be spreading fast across the Internet, helped by a clever distribution campaign which saw it emailed to inboxes late last night …
|
|
|
The biggest test of Internet homeland security went pretty much unnoticed this week. Yet it represents the most serious attack on the Internet itself for five years. On the 6th February a 12 hour concerted Distributed Denial of Service attack took place aimed at the DNS root servers that manage … |
|
|
In something of an embarrassing development for Microsoft, four anti-virus products for Vista have failed to reach the required standard to achieve [URL="http://www.virusbtn.com/vb100/index"]VB100[/URL] certification by the highly respected independent industry body, [URL="http://www.virusbtn.com/index"]Virus Bulletin[/URL]. In something of an even more embarrassing development, Microsoft’s own anti-virus flagship product, [URL="http://onecare.live.com/site/en-us/default.htm"]Live OneCare[/URL], was amongst …
|
|
|
Microsoft Vista has, in the few days that it has been on general release, managed to avoid the embarrassment of anyone poking major holes in its security from the perspective of protection of consumer PC integrity at least. However, everything is not so sweet when it comes to those media …
|
The End.