IT Management Begins With Security
David Utter >
Search:
Romanian Pleads Guilty In US Phishing Case
Eighteen months after being indicted by a federal court, one of a group of seven Romanian citizens pleaded guilty to involvement with phishing bank details from people.
WebProNews > Insider Reports > Insider 2008-07-23

DNS Flaw Details Emerge
Security pros have been urged to patch vulnerable DNS systems if they have not done so already.
WebProNews > Insider Reports > Insider 2008-07-22

Server Theft Trumps Server Hacking
The brute force technique applied to physical goods long before it ever came up in the conversation about breaking passwords to gain access to resources.
WebProNews > Insider Reports > Insider 2008-07-21

Critical DNS Issue Threatens Internet
No hyperbole, no joke. People familiar with a flaw in the domain name system sounded a sobering call to administrators everywhere to fix their systems.
WebProNews > Insider Reports > Insider 2008-07-18

Mozilla Patches Firefox 3
A fix for a vulnerability reported a few hours after the Firefox 3 Download Day opened began arriving on people's computers.
WebProNews > Insider Reports > Insider 2008-07-17

Oracle Troubled By Web Component Security
The latest run of vulnerability fixes released by Oracle showed troubling trends with making services available with web-facing resources.
WebProNews > Insider Reports > Insider 2008-07-16

Unpatched Systems Survive Four Minutes Online
The presence of a firewall helps, but without something blocking the path from automated probes to one's PC, its survivability declines rapidly.
WebProNews > Insider Reports > Insider 2008-07-15

Internet Cafes Threatened Ahead Of Olympics
Throngs of visitors to China during the Summer Olympics will include many who want to check up on their email or other online resources. That could be a problem.
WebProNews > Insider Reports > Insider 2008-07-14

Swiss Slammed By Lots Of Spam
Inboxes in the tiny European country picked up far more spam than anywhere else in the world during the month of June.
WebProNews > Insider Reports > Insider 2008-07-11

Microsoft Patch, ZoneAlarm Make PCs Too Secure
A little incompatibility between a fix for the Windows Domain Name System caused users of a popular firewall product to lose their Internet connections.
WebProNews > Insider Reports > Insider 2008-07-10

Get Ready: Windows XP SP3 On Tap
Microsoft pegged July 10th at 1 pm EDT as the release date and time for the third service pack for the Windows XP operating system.
WebProNews > Insider Reports > Insider 2008-07-09

Fortune 500 Lacking In Email Validation
One vendor claimed some 60 percent of the Fortune 500 do not use methods of qualifying outgoing email, which could leave them open to being spoofed by forgers.
WebProNews > Insider Reports > Insider 2008-07-08

Google Discovers Privacy
"Privacy" became part of Google's home page just before the 4th of July. You're forgiven if you missed the switch.
WebProNews > Insider Reports > Insider 2008-07-07

Google Open-Sources Ratproxy Security Tool
An internally-used web application security assessment tool called ratproxy gained broader availability with Google's decision to release it publicly.
WebProNews > Insider Reports > Insider 2008-07-03

Software Should Be Like Food
Researchers of web browser security suggested a "best before" approach to informing people their software may not be so fresh any longer.
WebProNews > Insider Reports > Insider 2008-07-02

Feds Slowly Improving In Computer Security
Federal Information Security Management Act (FISMA) requirements pad on the paperwork for agencies, but the demands of the Act have made a positive impact in computer security.
WebProNews > Insider Reports > Insider 2008-07-01

Canned Air Helped Beat Encrypted Hard Drives
Sure the custom software had something to do with it, but some students at Princeton also found that compressed air enabled an unlikely crack.
WebProNews > Insider Reports > Insider 2008-06-30

ICANN, IANA, Fall Prey To Hacks
Turkish hackers believed responsible for shenanigans with image site Photobucket.com's domain earlier in June struck at two major domains that hold responsibilities affecting the entire Internet.
WebProNews > Insider Reports > Insider 2008-06-27

Microsoft, Google Endorse Health Records Standard
The two big tech companies joined with a variety of insurers and consumer groups in backing standards governing the privacy and accessibility of health information online.
WebProNews > Insider Reports > Insider 2008-06-26

HP Writes Scrawlr For SQL Injection Detection
A recent spate of thousands of SQL injection attacks across the Internet created the need for a tool to diagnose a website's potential vulnerability to them.
WebProNews > Insider Reports > Insider 2008-06-25

Judge, Jury, And Google Trends
A Florida trial will serve as the venue for an interesting defense: determining if searching for adult content is mainstream enough to get a defendant out of an obscenity charge.
WebProNews > Insider Reports > Insider 2008-06-24

Early Russert Wikipedia Update Leads To Firing
Securing confidential trade secrets poses one challenge to security pros, but the spread of private inside chatter via the Internet makes for an impossible task.
WebProNews > Insider Reports > Insider 2008-06-23

Mozilla Sees Little Risk In Firefox 3 Flaw
A vulnerability affecting both the latest version of the Firefox browser as well as the previous one, Firefox 2, poses minimal concerns for users according to Mozilla.
WebProNews > Insider Reports > Insider 2008-06-20

Instant Worm Creation Software Hits The Web
A point and click interface for turning .exe files into self-replicating worms makes malware creation an easy prospect for attackers.
WebProNews > Insider Reports > Insider 2008-06-19

Router Attacks Witnessed In The Wild
A variant of the Zlob Trojan may be carrying an exploit against routers, subjecting them to brute force attacks against login procedures.
WebProNews > Insider Reports > Insider 2008-06-18

Spammers Shield Junk With Google Docs
Another tool in the arsenal of spammers comes courtesy of a well-meaning service from Google.
WebProNews > Insider Reports > Insider 2008-06-17

Universities Show Little Control Over Personal Data
Columbia and the University of Florida are two of the latest schools with personally identifiable information about their students posted by the thousands online.
WebProNews > Insider Reports > Insider 2008-06-16

Voice Phishing Rising In Threat
Vishing, or voice over Internet Protocol phishing, attempts to steal information from people via the phone rather than the computer.
WebProNews > Insider Reports > Insider 2008-06-13

Once Again, China Implicated In Computer Espionage
At the highest levels of government in the United States, some Congressmen believe attackers from China infiltrated their computers.
WebProNews > Insider Reports > Insider 2008-06-12

Microsoft Closes Critical Bluetooth Flaw
The monthly updates from Microsoft brought a few Critical repairs to its customers; one fix corrected a remotely executable vulnerability in the Bluetooth stack.
WebProNews > Insider Reports > Insider 2008-06-11

Microsoft Sues Repeat Offenders Over Piracy
Sellers of counterfeit software continue to bedevil Microsoft, as the company announced a new series of lawsuits against sellers of pirated versions of Windows.
WebProNews > Insider Reports > Insider 2008-06-10

Economy, IRS Figure In May Spam
The monthly look at the State of Spam by security vendor Symantec found the usual efforts to take advantage of current events by spammers.
WebProNews > Insider Reports > Insider 2008-06-09

4Chan Stadium Threat Hoaxer Sentenced
An ex-grocery clerk in Wisconsin who repeatedly posted threats of stadium bombings to a website will spend six months in jail.
WebProNews > Insider Reports > Insider 2008-06-06

Romania, Hong Kong Top List Of Dangerous TLDs
Whatever the reason, .ro domains figured prominently in a look at where the most dangerous sites on the Internet reside.
WebProNews > Insider Reports > Insider 2008-06-05

Walter Reed Medical Suffers Data Breach
File sharing blamed for compromise that may have exposed patient data from the military health system with an outsider.
WebProNews > Insider Reports > Insider 2008-06-04

Gutierrez Possible Victim Of Chinese Cyber Spying
Whispers about a potential malware compromise of computers used by Commerce Secretary Carlos Gutierrez during a trip to China raises suspicions in Washington.
WebProNews > Insider Reports > Insider 2008-06-03

Unlocking The Security Of Locks
Hackers at New York's 'The Last HOPE' conference in July plan to discuss security of a different sort: the humble, physical lock.
WebProNews > Insider Reports > Insider 2008-06-02

TJX Dinged Over Security-Related Firing
A former employee of TJX, which suffered one of the hugest security breaches and exposures of consumer information in recorded history, claimed he had been fired for whistleblowing the company's practices.
WebProNews > Insider Reports > Insider 2008-05-29

Dell Slapped In NY Fraud Case
New York's Attorney General Andrew Cuomo won big against the computer maker, with Dell accused of numerous unsavory business practices regarding its financial and tech support offerings.
WebProNews > Insider Reports > Insider 2008-05-28

Aussie Telco Hands Out Infected USB Drives
A little perk delivered to AusCERT attendees by national telco Telstra contained a little something extra besides their storage capability.
WebProNews > Insider Reports > Insider 2008-05-27

Woops: Oklahoma Auctions Tax Data-Loaded Drive
A computer labeled as coming from the Oklahoma Tax Commission ended up in an auction with personally identifiable information, including Social Security numbers, intact and unencrypted.
WebProNews > Insider Reports > Insider 2008-05-23

White House Parody Site Pranked With Malware
A malicious bit of code injection into whitehouse.org poses a concern because some people don't realize the authentic White House site is at whitehouse.gov.
WebProNews > Insider Reports > Insider 2008-05-21

Terrorism Courts The Web
A Senate Committee isn't happy with the way terrorist groups embraced online video and the web browser as a recruitment tool.
WebProNews > Insider Reports > Insider 2008-05-20

Chinese Sites Hit With Script Injections
A malware attack using a Javascript injection to exploit several old flaws targeted over 327,000 sites in Asia.
WebProNews > Insider Reports > Insider 2008-05-19

Apple's Odd Attitude About Safari
The hallmark of Apple's products makes them work as invisibly as possible for their users. In the case of the Safari web browser, it downloads items without letting people know it's happening.
WebProNews > Insider Reports > Insider 2008-05-16

Rumor: Cisco Rootkit Coming To EuSecWest
A researcher at Core Security allegedly created a rootkit for the widely-used Cisco brand of routers, and will reveal his research next week in London.
WebProNews > Insider Reports > Insider 2008-05-15

Microsoft Fixes Long-Standing MDB Flaw
Remote code execution vulnerabilities received attention from Microsoft in its most recent edition of Patch Tuesday updates; one has been publicly known for seven months.
WebProNews > Insider Reports > Insider 2008-05-14

America's Botnet Needed, Says AF Colonel
An Air Force colonel's suggestion that American needs a botnet provokes a strange idea: that the military and intelligence communities don't have one now.
WebProNews > Insider Reports > Insider 2008-05-13

Gas Savings Spam Fills Inboxes
The inevitable attention of spammers turned to soaring gas prices, with one set of junk messages promising a way to save at the pump.
WebProNews > Insider Reports > Insider 2008-05-12

Google Expands Enterprise Web Security
Security vendors had a stealth competitor enter the marketplace when Google announced it would offer a product that provides web security; Google recently extended security coverage to roaming enterprise users.
WebProNews > Insider Reports > Insider 2008-05-09

Utilities At Risk Over Network Security
Utilities' legacy systems receive updates to allow centralized management of their resources over a computer network. Convenient? Sure. Safe? Questionable.
WebProNews > Insider Reports > Insider 2008-05-08

Trojan Plaguing File Sharing Networks
A massive outbreak of malware began hitting media swappers hundreds of thousands of times nearly a week ago.
WebProNews > Insider Reports > Insider 2008-05-07

EFF Wonders About Digital Music Rights
The disclosure by Microsoft that they will disable license servers and eliminate the ability for MSN Music customers to listen to music purchased from the service on new computers drove the Electronic Frontier Foundation to cry foul.
WebProNews > Insider Reports > Insider 2008-05-06

India Cites Ongoing Chinese Cyber Attacks
A year and a half of electronic warfare against public and private network resources in India has been traced back to a variety of attacks and antagonists in China.
WebProNews > Insider Reports > Insider 2008-05-05

McAfee Digests Spam Experiment
The 30-day challenge to run an unprotected computer and surf the Internet while filling out every form and answering every spam ended with the reinforcement of a lesson: nothing comes for free.
WebProNews > Insider Reports > Insider 2008-05-02

Storm Botnet Subsides
Something new may be on tap to replace Storm as the big botnet pest, as its size decreased substantially in April.
WebProNews > News > Security News 2008-05-02

Forgery Spam Still Hammering Inboxes
Junk mailings touting all kinds of products, including steeply discounted luxury item knockoffs, pose threats beyond dodgy products.
WebProNews > Insider Reports > Insider 2008-05-01

Israeli Private Eyes Stole Corporate Secrets
A private investigation firm made use of spyware to pilfer secrets from companies in Israel; four of their staffers received criminal sentences.
WebProNews > Insider Reports > Insider 2008-04-29

iPhone Gains VPN Boost With Check Point
VPN-1 support from security vendor Check Point for Apple's iPhone arrived as the glitzy gadget continues to gain fans from enterprise users.
WebProNews > Insider Reports > Insider 2008-04-28

Microsoft Patch Process Called Security Risk
Patch Tuesday could be Exploit Tuesday if malicious hackers escalate the rate at which they reverse engineer security patches.
WebProNews > Insider Reports > Insider 2008-04-25

SQL Injections Hitting Thousands Of Sites
The dynamic capabilities of websites powered by back-end databases made thousands of them targets for injections of unsanitized code.
WebProNews > Insider Reports > Insider 2008-04-24

Baker College Takes Cyber Defense Crown
The 3rd annual National Collegiate Cyber Defense Competition (CCDC) featured teams of students working to be the best at defending a business network from threats.
WebProNews > Insider Reports > Insider 2008-04-23

More ISPs Quietly Interfere With P2P
Comcast serves as the most visible target for Internet users' anger over tampering with BitTorrent and other peer to peer traffic, but the issue may extend beyond them to other Internet service providers.
WebProNews > Insider Reports > Insider 2008-04-22

Microsoft Won't Sue Over Legitimate Flaw Discovery
Security researchers do not want to end up being arrested or sued for pointing out problems on a website, and Microsoft would rather know the awful truth than prosecute.
WebProNews > Insider Reports > Insider 2008-04-21

eBay Has Its Romanian Hacker
An arrest in Budapest turned up one Vlad Constantin Duiculescu, aka Vladuz, a thorn in the side of the online marketplace.
WebProNews > News > Security News 2008-04-21

Google Touts Malware Fight, Skips Real Question
The ongoing battle against malware brought plenty of good guys to the fight, but Google's latest discussion of its role leaves out a key question.
WebProNews > Insider Reports > Insider 2008-04-18

Mozilla Fixes Critical Firefox JavaScript Issue
Garbage collection in the Firefox JavaScript engine caused browser crashes for some people.
WebProNews > Insider Reports > Insider 2008-04-17

Oracle Issues Critical Product Fixes
Patches for the Oracle database and other products arrived as part of the company's quarterly fix cycle.
WebProNews > Insider Reports > Insider 2008-04-16

US District Court Spoofed By Malware Criminals
A wave of phishing spam tries to fake out recipients by spoofing a subpoena from a US District Court.
WebProNews > Insider Reports > Insider 2008-04-15

Google Builds Tools To Fight Child Porn
An ongoing effort with the National Center for Missing & Exploited Children (NCMEC) by Google produced video tools for use in finding exploitative images and videos.
WebProNews > News > Security News 2008-04-15

Old Mistakes Cause New Security Problems
The more things change, the more developers keep making the same mistakes, leading to exploits and other problems for visitors.
WebProNews > Insider Reports > Insider 2008-04-14

PayPal Calls For Partnerships Against Phishing
One of the most popular phishing targets on the Internet wants to thwart criminals, but needs a lot of help to do so.
WebProNews > News > Security News 2008-04-14

Should We Know Where To Find Google?
A publication recently put out a list of Google's datacenters by city; though it's interesting to us, Google probably has good reasons for not appreciating it.
WebProNews > Insider Reports > Insider 2008-04-11

Damballa Responds To Kraken Criticisms
Security researchers at Damballa who discussed a big new botnet received lots of pushback from the security community.
WebProNews > Insider Reports > Insider 2008-04-10

Microsoft Patches Crack Down On Drive-Bys
Malicious websites could exploit unpatched components in Internet Explorer and other Microsoft technologies.
WebProNews > Insider Reports > Insider 2008-04-09

Kraken Exceeds Storm Botnet In Size
A new headache for security pros from the Fortune 500 on down emerged in accounts of a wider-reaching botnet called Kraken.
WebProNews > Insider Reports > Insider 2008-04-08

Online Criminals Outsource Their Work
A study by security vendor Finjan suggested a trend in criminal behavior has them farming work out to established rings with a technology infrastructure in place.
WebProNews > News > Security News 2008-04-08

EU: 18 Months Too Long To Keep Search Data
The Article 29 Data Protection Working Party in Europe wants search engines to commit to a much shorter period of data retention than they enjoy today.
WebProNews > Insider Reports > Insider 2008-04-07

Google Street View Becomes Driveway View
While one Pittsburgh couple sues Google over its Street View pictures of their residence, another neighboring home found itself the focus of a Google camera car that drove up its driveway.
WebProNews > News > Security News 2008-04-07

Google Dinged Over SEO Poisoning
The search optimization poisoning attacks against dozens of websites continues its onslaught, with infected search results showing up in Google.
WebProNews > Insider Reports > Insider 2008-04-04

Identity Info Breaches Hitting Everywhere In 2008
Commercial businesses, colleges and universities, government offices, and medical facilities of varying sizes share the common label of being hit by identity thieves.
WebProNews > News > Security News 2008-04-04

Another Young Cyber Criminal Eludes Jail
Botnet runner Owen Walker, aka AKILL and other names, committed and profited from his role in a gang that infected over a million computers, but did so under the age of 18.
WebProNews > Insider Reports > Insider 2008-04-03

RealPlayer, QuickTime Get Urgent Updates
Fixes for both products emerged to counter threats against vulnerabilities in these popular multimedia applications.
WebProNews > News > Security News 2008-04-03

Hannaford Grocery Breached With Malware
The introduction of malware into the grocery chain's network allowed outsiders to grab credit card information as it traveled from the point-of-sale to the company's back end systems.
WebProNews > Insider Reports > Insider 2008-04-02

IBM Banned From New Government Contracts
An ongoing dispute with the Environmental Protection Agency led to the EPA, and all government agencies by extension, banning IBM from receiving new contracts and other federal business.
WebProNews > Insider Reports > Insider 2008-04-01

Advance Auto Parts Compromised For Card Data
People who used credit or debit cards at one of 14 locations identified by Advance Auto Parts may have had that information accessed via a network breach.
WebProNews > Insider Reports > Insider 2008-04-01

Virgin Media To Strike Out Music Downloaders
The British ISP plans to obey the will of the music industry by warning and shutting off accounts for individuals accused of illicit file sharing.
WebProNews > Insider Reports > Insider 2008-03-31

McAfee Feeding Volunteers Spam For A Month
Fifty global volunteers armed with clean laptops and new email addresses will spend 30 days exploring the Internet while unprotected from its threats.
WebProNews > News > Security News 2008-03-31

Euro 2008 Ticket Reseller Infecting Site Visitors
It appears another code injection attack at a site reselling tickets for the Euro 2008 soccer matches put visitors at risk of a drive-by infection.
WebProNews > Insider Reports > Insider 2008-03-28

IM, P2P Attacks Persist, Pose Low Risk
The immediacy of someone potentially clicking on a malicious link delivered by instant messenger or a peer to peer network conversely makes these attacks a low risk.
WebProNews > News > Security News 2008-03-28

SafeCentral Locks Down Online Transactions
Authentium's Virtual ATM concept reemerged as a secure desktop-to-web application called SafeCentral, which looks like an ideal choice to prevent identity theft.
WebProNews > Insider Reports > Insider 2008-03-27

Porn, Viagra Ads Hawk Fake Security Software
A case in Washington state concerns a man using bogus security software to spam other computers via a Windows service.
WebProNews > Insider Reports > Insider 2008-03-26

NSA End Run Gave It Total Information Awareness
When Congress ended funding for TIA in 2003, the Bush Administration simply packed up the pieces and sent them to the National Security Agency.
WebProNews > News > Security News 2008-03-26

Microsoft Admits Ignoring Jet Flaw
Security engineers at Microsoft ignored addressing this latest exploit for years, as they believed existing protections mitigated the threat.
WebProNews > Insider Reports > Insider 2008-03-25

Canadian Privacy, US Laws, And Google

WebProNews > News > Security News 2008-03-25

Google AdWords Phish In The Wild
Don't get reeled in by this one if you are a Google AdWords client: a new stream of phishing emails aimed at you have been hitting inboxes.
WebProNews > Insider Reports > Insider 2008-03-24

Sequoia Voting Thwarts New Jersey Investigation
Discrepancies in the vote recording by machines provided by Sequoia Voting Systems for the New Jersey primary spurred calls for an investigation, one that Sequoia fought off with legal threats.
WebProNews > News > Security News 2008-03-24

Government Digital Security Leaks, We Bleed
A glacial readjustment of security priorities from the evil-outsider model to the accidental internal leaker of data leaves federal resources playing a frantic game of catch-up.
WebProNews > Insider Reports > Insider 2008-03-21

Justice Catching Up To Spammers
Daniel Mascia and Robert Soloway face federal penalties for their spamming, while Robert Bentley awaits a decision on leniency in exchange for his help in tracking down botnetters.
WebProNews > Insider Reports > Insider 2008-03-20

Software Spotlighted Spitzer Shenanigans
The US Government hates money laundering and anything that might indicate someone trying to evade taxes, or worse, fund terrorist activity.
WebProNews > Insider Reports > Insider 2008-03-19

Grocery Chain Bagged By Online Criminals
As many as 4.2 million credit card numbers were exposed during a security breach lasting several months at East Coast grocer Hannaford Bros.
WebProNews > Insider Reports > Insider 2008-03-18

Berners-Lee: Protect Consumers From Online Tracking</