 |
 |
 |
|
| John Stith > |
|
Google Gets A Win Against DOJ A federal court ruled Friday in favor of Google, protecting their ability to keep their searches private. The Justice Dept. requested information they claimed would help them in protecting an antipornography law currently being challenged in the court system.
Clagger K Trojan Bucking For Amazon Users The ever-popular world of Trojans has another horse for the stable in the form of the Troj/Clagger-K, currently being distributed as an attachment. The email claims to come from Amazon and says the recipient will be debited over $500.
Microsoft Gunning For Cybercriminals At a technology debate hosted by EuroISPA, the European Internet Services Providers Association, and co-sponsored by Interpol in Brussels today, Neil Holloway, president of Microsoft Europe, Middle East and Africa (EMEA), unveiled a global law enforcement campaign that will target cybercriminals behind phishing attacks.
House Slated to Pass Data Breach Bill The Financial Data and Protection Act of 2005 (HB3997) currently in the House of Representatives has some problems. The bill, supposedly meant to offer relief for consumers who've been victims of data breaches, is really very weak, particularly compared states laws like California's version. In fact, some may say it offers consumers even less protection than they have now.
British Want Backdoor Closed On Joint Strike Fighter The British government expressed disdain with the United States over the Joint Strike Fighter (JSF), or more specifically, the software code. They claim the U.S. had manufacturers put in a backdoor code in them to control the jets.
Zippo Trojan Choose Extortion For $300 A new virus called the Zippo Trojan is floating about the net and is demanding $300 to unencrypt data it claims to have stolen and encrypted. The Trojan goes through a user's files and moves them into a password protected zip file.
Microsoft’s New BlueHat Security Blog Microsoft's just completed their third BlueHat conference and they've created a blog, called "BlueHat Security Briefings," to discuss topics from the conference as well as get thoughts and ideas from those attending. The blog will also include a lot of information from Channel 9 and other Microsoft venues for purposes of their Blue Hat conferences.
Microsoft Goes After Online Seller Pirates The wizards in Redmond launched an attack against Internet pirates selling their wares on online auction sites like eBay. The attack takes the form of eight lawsuits against sellers moving counterfeit Microsoft product, utilizing eBay auction.
Milosevic Trojan Horse Recently deceased Serbian strongman Slobodan Milosevic became the focus of a Trojan loaded email. The message claims evidence Milosevic was killed and instead a Trojan horse leaves some horse apples in the form of Dropper-FB.
Feds Crack Internet Child Porn Ring Attorney General Alberto Gonzalez held a press conference in Chicago on Wednesday to announce the cracking of a child pornography ring. In all, 27 people in the United State, Canada, Australia and England were charged in connection with the ring.
Critical Vulnerabilities In Flash Macromedia's Flash Player has been tagged with some vulnerabilities that could allow attackers to take control of an affected system. Although an SWF must be loaded into the system for someone to take it over, mistakes are made. Macromedia recommends users to upgrade immediately.
RFID Tags Vulnerable To Viruses A new study, released in Europe shows it's possible to put viruses in the tags containing RFID chips. The little radio identification tags will soon be in more and more products and tracking all kinds of things and now, it seems they will be loaded with viruses too.
Liberty Alliance Sees 1 Billion Adopters In an ever expanding and interconnected business world, secure federated identities are absolutely important. Companies and individuals need reliable methods to maneuver through their networks safely. The Liberty Alliance developed a standard for interoperable federated identities and they expect to hit 1 billion identities by the end of the year.
60% Of Wireless Networks Vulnerable PandaLabs released their new report on Tuesday on the strengths and weaknesses of WiFi networks. They found about 60% of those networks are vulnerable and highlights deficiencies in WEP, one of the more common protocols in WiFi environments.
More Apple Security Updates Apple continues improvements on OS X security with the second update in as many weeks. The new update, released today, comes as Apple has received much scrutiny recently regarding the security of the operating system and its accompanying programs.
Microsoft’s Patch Tuesday Microsoft's monthly Patch Tuesday included an update rated critical, tied to Microsoft Office and one as important, tied to Windows itself. Users should go on and run the updates.
DirectRevenue Settles Up Adware distributor DirectRevenue settled up with Illinois over DirectRevenue's nasty adware that is incredibly difficult to get rid. The lawsuit, filed in April, included charges like using deceptive business practices and bundling adware and spyware.
CIA And The Internet: Now We Know The Central Intelligence Agency (CIA) must fight a new enemy in maintaining the secrecy of their undercover agents: the Internet. In an era of terrorism, the rules for covert operatives are changing, however the Internet makes remaining undercover extraordinarily difficult.
McAfee Messed Up Security software monster McAfee distributed a new virus definition list on Friday morning. The result was pandemonium as the list tagged a number of software programs, including Microsoft's Excel and lots of other applications. Fortunately for both consumer and enterprise antivirus users, they corrected the problem quickly.
Phishing Attacks From Chinese Bank Servers A major, state-owned bank in China runs a web server hosting phishing sites going after major U.S. banks and other institutions. These scams include both Chase Bank and eBay customers and started circulating on Saturday.
Holey Open Source Encryption In the realm of cyber security idiocy, many companies fail to encrypt their huge swathes of consumer data. Normally encrypting is a good thing. However, an open source encryption software program appears to have a problem. There's a security hole in it.
Webroot’s New Toy Webroot Software, Inc now offers a feature to their Premium Channel Edge partners in the form of their Webroot Enterprise SpyAudit tool. The tool can be used to evaluate customers' level of spyware risk.
Kaspersky Lends Malware Support to DeepNines Moscow-based Kaspersky Lab hooked up with Dallas-based DeepNines as they announced a technology partnership on Thursday that will integrate Kaspersky's antivirus and anti-spyware technology into DeepNines' Security Edge Platform.
Lockheed Takes Crack At FBI Computers Defense contractor Lockheed Martin won the job of upgrading the Federal Bureau of Investigation's (FBI) dated computer system. This isn't the first time a company has attempted this costly venture and many wonder if Lockheed is up to the task. Also under consideration is if the budget involved is up to the task after some conceivable estimates hitting $800 million.
Online Terrorist Communities Google's Orkut property seems to be a gathering place for sympathizers of terrorist groups like Al Qaeda. The online social community springing up to support Osama Bin Laden's efforts share videos and links to promote their cause, namely and recruit non-Arabic speaking westerners.
Idiot Watch: Porn Billing Blows Your Wad Online payment service iBill got hit with a money shot when the company managed to get hacked, having some 17 million names stolen. The names have already been circulating around the fraudster/spammer markets.
Google Gives Firefox AntiPhishing Line Firefox, in efforts to improve their own security, is getting a hand from the kids at Google. Google is working with Mozilla to build anti-phishing technology into the next release of Firefox, due out at the end of summer. The proposed phishing shield will be a major feature in Firefox 2.
Lipstick Causes Cancer? A new chain letter is floating around, claiming lipstick causes cancer. The email lists certain brands, suggesting they contain high doses of lead, leading to the horrific disease. Security companies are warning their customers not get suckered into such a thing and just delete the email.
Mac Crack Contest Killed One of the big controversies right now in security right now has been the ability to hack a Mac… or the lack thereof. A contest put together by a Mac guru to test that notion launched at the University of Wisconsin-Madison but it was pulled after 38 hours. How did Mac OS X do in those 38 hours.
Patch Tuesday Preview Thursday Microsoft posted their advanced notification for their upcoming monthly update cycle. There are two security updates, one receiving a critical rating and affecting Microsoft Office, the other an important rating and affects Windows. They're also updating the Malicious Software Removal Tool as usual.
Spam Love In February Spam levels continue to rise according to the latest statistics from Postini. They announced on Monday that spam and encryption volumes were on the rise, virus levels were normal and IM attacks were down in February.
Rogue AntiSpyware Distributes Spyware Rogue antispyware programs sometimes are the best products out there. They're not beholding to any other companies, they probably won't get sued, etc. Occasionally one comes along through causes as many problems as it solves. This time, it seems to be Spy-Shield.
Firefox Wins Over Internet Explorer in Vulnerability Numbers Mozilla Firefox, the current up and coming young browser on the block is creating no end of problems for Internet Explorer (IE) regarding vulnerability numbers. While this debate will continue to rage on, Symantec put together some pretty impressive numbers and they give Firefox the edge.
Stay-At-Home Mom And Porn Spammer A New Hampshire woman pleaded guilty in Arizona federal court and faces up to 15 years in the penitentiary for violations of the CAN SPAM Act, in the form of distributing pornographic spam.
IM Worms Get Smackdown On PCs The worms are everywhere and right now, one place they're coming from is instant messengers. Both Microsoft's and AOL's IM needed a good wormer to fix their problems. These worms are deleting files and hijacking computers. Not good.
Macs Being Badgered In Wisconsin A recent challenge from a Mac owner prompted hackers to come in and take control of his system. While the debate continues over the validity of that contest, the University of Wisconsin put out a challenge to see if, under standard, protected conditions, someone could get into the vaunted Mac.
Symantec Tracks Rise In CyberCrime Cupertino, California-based Symantec released its newest volume of their Internet Security Threat Report. Symantec notes in the report attacks continue to zero in on poaching personal information from PCs and that the notion of merely damaging and destroying data may be a thing of the past.
Married Couple Rides Trojan Horse Authorities in London extradited and Israeli couple from Tel Aviv and charged them with developing, marketing and distributing a trojan horse for use in corporate espionage. They sold the spyware to various investigators for use in spying on clients' rivals.
The Mac Attack Is On A Swedish Mac daddy threw down the gauntlet for hackers to come after his Mac Mini set up as a server on February 22nd. They promptly picked up the gauntlet and smacked him with it. The hacked happened inside of 30 minutes. Yep, the Mac is definitely safer than Windows.
Idiot Watch: Citibank Locks Down ATM Cards One of the largest banking chains in the world, Citibank ran a lockdown of ATM cards for customer traveling or otherwise in Canada, Europe or Russia. Apparently, the network had been hacked. Unfortunately, Citibank seems somewhat lacking as some reported Citibank failed to notify them before they used their card to attempt to retrieve money. Yep… the idiot watch sees something new.
Symantec and Hotbar Love Fest Mega-security software firm Symantec is tangling with marketing company Hotbar in a legal settlement defining Hotbar as "low-risk" adware. The settlement comes from a lawsuit filed by Symantec back in June to get a ruling supporting their position that Hotbar's programs that Hotbar software is adware.
Bagles Busting Chops In another recent, yet delightful development, SophosLabs discovered a new flavor of bagle for your computer's consumption. The W32/Bagle-DO worm began making its way through computers, threatening lawsuits against everyone who gets the email.
Idiot Watch: College Loses 93,000 Names Another "Idiot Watch" story, this time applies to an institution of higher learning. Metropolitan State College in Denver appears to have a problem hanging on vital information regarding its students. While a laptop stolen from a home couldn't necessarily be helped, the fact none of the pertinent information was encrypted could.
March: Fraud Prevention Month The Federal Trade Commission (FTC) and Canadian consumer protection agencies met on Wednesday in Ottawa to kick off Fraud Prevention Month. This is part of an ongoing international effort to raise public awareness of the dangers of fraud and then education the public on how to spot it and report it.
Security Core of Apple’s Update In response to recent holes pointed out in Apple's OS X operating system, the Cupertino kids released a security update patching some 20 holes. The update takes care of the problems from the concept codes as well other security problems.
F-Secure’s World Map Finnish security phenom F-Secure put their "view of the world" online with a map of known virus outbreaks around the world on Thursday. The F-Secure World Map will allow anyone checking in on the map to see the outbreaks real time, on a roughly one hour delay.
ProBlogger Got DoSed The blogging guru Darren Rowse had his blog, ProBlogger, pummeled by a denial-of-service (DoS) on Tuesday. Rowse acknowledged the assault on his blog on Wednesday morning. This is just another in recent trend of attacking bloggers.
Psyciatrist Suckered By 419 Scam The LA Times is reporting today on a prominent psychiatrist still teaching at UC-Irvine being taken in by Nigerian emails trying to set up phony business deals. Dr. Louis A. Gottschaly, 89, may have lost as much as $3 million dollars over the last 10 years according to charges from his son.
Vulnerabilities in Gmail A lad named Anthony, 14, claimed to have found a vulnerability in Google's email service, Gmail. According to his blog he found a problem with javascript running within the preview of the message.
SEC Slams “Paid Autosurf” Ponzi Scheme The Securities and Exchange Commission (SEC) filed charges against Charis Johnson, 33, of Charlotte, N.C. and her companies, 12dailypro and LifeClicks, LLC. According the SEC statement, the scheme took in 300,000 global investors and netted more than $50 million after promising a 44% return on the investment.
PayPal + Spamming+ Trojan= Clagger-H It looks like someone else came up with another way to irritate PayPal customers. The email warns users that their PayPal account has been "temporarily limited" because of a Trojan horse spammed out. All users have to do is open the attached file and if there are any issues contact them
Italian Government Goes After Gambling Italian ISPs railed against new restrictions on gambling sites put in place by the Italian government. The measures put in place as of February 24th imposes dimming of betting and gambling sites that aren't up-to-date with proper authorizations.
Looking For Mr. Goodmail Part 2 America Online claims they want to protect their customers from spam and other nasty things coming through the email. Everyone knows spam is a problem for sure. AOL's done a decent job of it so far. The problem is, now they're going to start charging emailers for the "privilege" of sending safe, secure emails to users who want it. But who's really going to benefit?
Hacker Defender Guru Yields Hacker Defender wasn't just A rootkit, it was THE rootkit for the longest time. The creator, called Holy_father, of said rootkit lowered his sword and yielded the way by taking down his antidetection service.
AOL Reels In Big Phishes America Online (AOL) filed suits in its home state of Virginia utilizing the first anti-phishing law in the country. The suits targets three international groups, charging they stole information from AOL users by sending malicious email in the guise of an "official" email from the company.
Oracle’s Early Security Patch Release: 11i Update Database monster Oracle released an out-of-cycle security patch with multiple fixes for what are considered high-risk vulnerabilities for their enterprise customers. The product in question relates to the Oracle Diagnostics troubleshooting feature of the E-Business Suite 11i and it comes as nearly two months ahead of schedule.
Politically Motivated Cyber Attacks On the Rise Politically motivated cyber attacks were on the rise in 2005 according to statistics released by Zone-H. The numbers of attacks from Jyhadi cyber hackers as well as the attacks of Chinese hackers on U.S. military sites figure into the study as well. The information shows the problem is only getting worse.
OS X In Hacker’s Gun Sites Recent debates over the safety of Mac OS X or the lack thereof have been traveling around the Internet. Loyal Mac folks chomp at the bit every time someone suggests their machine may be becoming unsafe but the reality is just that. The cold fact is Macs aren't as safe as they used to be and it's only going to get worse.
Idiot Watch II: Ernst & Young Data Breach Sometimes crass profanities are truly the best descriptors, though generally not acceptable in a professional world. Last week, software security firm McAfee said their accounting firm, big four member Deloitte & Touche, left a CD with lots of employee information on the plane. Another big four member, Ernst & Young, announced they lost information too.
Trojans For Java Using Mobiles Cybercriminals seem to be constantly expanding their scope. This time they're moving further into the mobile phone market, targeting phones that are Java application capable. A new Trojan called RedBrowser looks to be making the rounds now and while it is annoying, it's easily beatable.
IBM Bucks Microsoft’s Infocard IBM announced they are developing an open source initiative they call "Project Higgins" that will compete directly with Microsoft's recently announced Infocard. The purpose is to develop online identity management, giving people more control while protecting the relevant information.
Computer Security Awareness Video Contest The EDUCAUSE/ Internet2 Computer and Network Security Taskforce (NSTF) along with the National Cyber Security Alliance (NCSA) sponsored a video contest in order to teach people the dangers involved in cyber security.
Record Heist In UK Most features here regard cyber security and various issues surrounding it. This story is a story of a security breach not in the security world but at a security facility in Kent, UK. The heist, carried out during the cold early morning of February 22nd, hit a total of ₤53 million or $92 million, making it the largest cash robbery in British history.
McAfee Mauled By Deloitte And Touche It's always interesting to see one of the world's best-known security software firms be involved in its own identity fraud problems. This time it's tied to big four accounting firm Deloitte and Touche.
Michelle Malkin Hit By Jyhadi Cyberhackers Political columnist and blogger Michelle Malkin was the victim of denial of service (DoS) attack on Thursday after Turkish hackers knocked her site down. While the blog is back up and running, the problem of cyber attacks is still there.
Sophos Fixes False Positive Security software firm Sophos recently had a breakthrough announcement with the discovery of virus concepts related to the OS X operating system for Apple Macs. The cure they offered in the form of a security update looks to have been worse than the disease.
Will Consumer Data Legislation Really Help? Two weeks ago, Congressman Ed Markey (D-MA) proposed legislation designed to protect consumer data by forcing various companies to destroy the consumer information after a reasonable period of time. The big question is will it work?
CardSystems Solutions Redux: The Settlement The company CardSystems Solutions reached a settlement with the Federal Trade Commission (FTC). They were part of the ninth and largest financial data breach in history, compromising tens of millions of people's financial information.
Islamic Hacker Picked Up In France One of the latest trends in terrorism is to vandalize websites through defacement. Sites are hacked and various messages resembling cyber-graffiti will be left on the sites. On Tuesday, the Paris PJ arrested the Moroccan hacker known as Yanis in Metz.
2005 CyberStalking Statistics The cybercrime watchdog group, Working to Halt Online Abuse (WHOA) released their 2005. They're finding out some of the major harassers are white-collar folks including teachers, lawyers and businesspeople. It could even be your neighbor.
Microsoft Defensive Toward iDefense This had to dig in Microsoft's gut just a little bit. Security software company and division of Verisign, iDefense, announced last week they would offer a $10,000 bounty for vulnerabilities Microsoft classifies as "Critical." Perhaps this is a new sort of "viral marketing."
McAfee Rattles Photoshop Adobe, makers of wonderful software, including Photoshop, posted a bulletin regarding the image software. It seems a problem with McAfee VirusScan 8.0i crept up and it's affecting Photoshop CS2 dramatically.
OverPhishing Continues To Grow Phishing websites grew by leaps and bounds according to a new report by the Anti-Phishing Working Group. The number of phishing sites as well as the site that spread malware for password-stealing continued to proliferate in December 2005 and show no signs of getting any better.
Safari Shell-Shocked By Scripts Mac lovers are in a tizzy over the continued onslaught against their beloved Mac OS X. This time Safari is the victim as German website Heise reports on a security flaw in the browser. The option "Open ‘safe' files after downloading" in Safari seems to be doing the dirty deed and the groovy thing is it's activated by default.
Teen Bloggers Offer Too Much Information A new study of teen bloggers, aged 13 to 17, turned a lot of new and useful information about teen bloggers. Unfortunately, some of that information wasn't so good. Teenagers tend to open up on their online diaries and in so doing reveal all kinds of information like names, phone numbers and details of their life.
Chinese Hack Into Lineage South Korean network security firm GEOT blamed Chinese hackers for a massive hit, raiding private information from tens of thousands of people involved in the popular South Korean mmorpg known as "Lineage.
More Mac Viral Love: Inqtana F-Secure picked up on two more variants of the Inqtana worms. While the worms are extremely limited in their lifespan, they do show hackers are beginning to play with the code and more serious threats will be coming soon.
Big Mac Attack Debate Continues One of the hottest security issues running right now remains the Mac OS X virus discovered by Sophos last week. While some argue this OS X virus isn't cause for alarm or even something to be taken seriously, after reading the information, common sense would dictate otherwise.
New Mare Kicks At Linux Much attention is going to other viral issues on other operating systems right now. That doesn't mean operating systems like Linux don't feel the love because it does. The delightfully well-received Mare family of worms has yet another offspring and this one exploits a vulnerability in Mambo.
Apple’s Words of Wisdom It seems Apple has sent a warning to hackers. As the first viruses for the vaunted inherently more secure Mac OS X, Apple left messages sprinkled throughout their operating system for would-be hackers with pirating plans.
Mac OS X Viral Infections The Mac from Apple was long thought to be relatively safe from viruses and the like, but a new virus is worming its way through via iChat and it's doing a good job. That was yesterday. Another proof of concept worm appeared today. This one gets in through Bluetooth.
Another Company With Microsoft Anti-Spyware Problems Microsoft is a mixed bag for many regarding cyber security. Last week, Microsoft's anti-spyware beta scanned computer with Symantec's Norton anti-virus and called it a password stealer. Now another company, BitDefender, reports similar problems. They weren't too happy either.
Microsoft Weekly Security Release Microsoft released their monthly security patch on Tuesday and it included seven security bulletins. The bulletins varied and cover a number of different problems. Two of those bulletins were rated critical and five were rated as important.
Olympic Gold Medalist And Spyware Distributor Australian skier and Olympic Gold Medalist Dale Begg-Smith also looks to be a first-rate spyware distributor. The site StopScum.com put together the information discussing Begg-Smith and his brother and their background because the only thing they do as well as skiing is spyware.
A Worm In The Apple Abingdon, England-based SophosLabs discovered a worm in the Apple OS X platform. The virus named OSX/Leap-A or OSX/Oompa-A moves through instant messaging, specifically, the iChat client.
Spyware Is Everywhere Everyone knows spyware on the Internet is a huge problem. There's tons of malicious software out there solely for the purpose of gleaning information on various users. And they do. A recent study done at the University of Washington explains just how much is out there and it's not pretty. The problem is nearly all of this is for Internet Explorer (IE) alone.
UK Wants Backdoor Into Windows The UK wants in through the backdoor of Windows and they're negotiating with Microsoft over it. The logic from the UK is the new Windows: Vista will make it more difficult for police to peruse suspects' computer files.
Judge Says Companies Don’t Need To Encrypt A federal judge in Minnesota decided companies don't necessarily need to encrypt data as part of their cyber security framework. Stacy Lawton Guin filed suit against Brazos Higher Education Service saying encryption should be part of the standard security. The judge said no.
Croatian Crashes BitDefender For Beer, Vampires Security software company BitDefender recently held a contest called "Crash and Win," inviting Linux junkies to take a shot at their beta version of Mail Protection for Enterprises product. While obviously a promotional ploy, it's definitely cool as first prize was a road trip to Transylvania (Romania) and 1,024 German beers to enjoy on the way.
NCSA Examines 2006 Cyber Threats In conjunction with the Department of Homeland Security (DHS), the National Cyber Security Alliance (NCSA) announced their Internet threat list for 2006 and online best practices to help protect consumers from online threats.
Brazilian Hacker Smash Brazilian authorities raided a phishing scam, arresting 55 people, in which authorities believe millions of dollars were stolen. The scams reportedly swiped $4.6 million from 200 accounts in six different banks.
Microsoft Doesn't Show Norton The Love If one didn't know better, one would think Symantec was lovelorn over Microsoft's new anti-spyware beta. Usually it's a good idea to bring a trojan on a date. This time, however, Microsoft's Anti-Spyware beta tagged Symantec's Norton Anti-Virus as password stealing trojan virus.
Olympic Computer Viruses The Olympics is meant to be a symbol of international cooperation and goodwill. Hundreds of athletes from all over the world compete in the winter and summer Olympic games. With the Winter Olympiad currently underway in Torino, Italy, it also provides an excellent opportunity for a few jerks to load pass out new viruses.
New Danish Websites Hacked Muslim hackers continue their retaliatory assault on Danish websites over the political cartoons run in Danish newspapers last year and more recently in other European publications. As this story is being written, the number is up to 1819 Danish sites alone and continues to rise.
China Can’t Deal With Pirates Most of the time, pirates in any venue are looked down upon. Those who spread secrets aren't always the good guys. In China, however, these two groups, while being looked down upon are becoming heroes to some as they attempt to break through China's intense scrutiny and censorship of all types of media.
|