Microsoft Responds On New Flaw
Although it is a mildly critical problem that can hit a server with a denial of service attack from a local network, Microsoft has verified a workaround for a newly reported Windows vulnerability that affects XP, Server 2003, and Windows 2000 Server versions.
Directory:
> News > Security News
Date: 2006-07-31
|
When JavaScript Goes Bad
Researchers at SPI Dynamics and WhiteHat Security have discovered a new way in which JavaScript can act as malware. This method of attack can bypass firewalls and other security measures, and affects just about everything connected to target computers, from servers to devices.
Directory:
> News > Security News
Date: 2006-07-31
|
Yahoo Finance Defaced
Yahoo Finance upgraded its site a couple of weeks ago. Apparently the makeover didn't go over so well with some people - Yahoo Finance was defaced over the weekend, according to a report from Zone-H.
Directory:
> News > Security News
Date: 2006-07-31
|
SiteKey Security Can Be Defeated
The SiteKey system used by financial institutions like Bank of America can offer a false sense of security due to the potential for a man-in-the-middle attack exploiting the system.
Directory:
> News > Security News
Date: 2006-07-31
|
Homeland Security Unprepared For Cyberattack?
Senator Tom Coburn heavily criticized the U.S. Department of Homeland Security today, citing large amounts of money spent and little progress to show for it. The Republican from Oklahoma pushed for changes in the organization.
Directory:
> News > Security News
Date: 2006-07-28
|
Security Issues Are Users' Fault?
David Chisnall thinks the biggest problem with computer security is you. Maybe not you, specifically, but users in general are often the "weakest link," as Chisnall pointed out in an article titled "Security Is a UI Problem."
Directory:
> News > Security News
Date: 2006-07-28
|
Phish Shut Down At American Express
Someone who did the coding for the American Express website made an error that allowed a redirect to load a fake Italian bank website into a frame on American Express' search page.
Directory:
> News > Security News
Date: 2006-07-28
|
The Russians Are Everywhere
There are two truisms in the technology world that few in government want to state with any conviction - intellectual property piracy is rampant in China, and online crime operates unabated in Russia.
Directory:
> News > Security News
Date: 2006-07-28
|
VoIP Hacking Pitfalls And Prevention
VoIP hacking is a new term that strikes fear into the hearts of many residential and corporate users thinking about upgrading from their existing traditional phone network and in some cases even dissuades them from doing so.
Directory:
> News > Security News
Date: 2006-07-27
|
Junk E-Mail Reaches Astronomic Levels
Everyone knows that there is a lot of less-than-great e-mail out there. An article released today indicates levels that are shockingly high, though - "95% of e-mail is junk," it proclaims, and most of that isn't from any certain businesses or organizations. "80% of e-mail came from compromised hosts."
Directory:
> News > Security News
Date: 2006-07-27
|
Mozilla Releases Important Firefox Update
Mozilla has released Firefox 1.5.0.5. This version is a "security update" that patches not one, not two, but twelve security issues. "We recommend that all users upgrade to this latest version," Mozilla said in a decidedly understated fashion.
Directory:
> News > Security News
Date: 2006-07-27
|
Microsoft Finishes Swallowing Whale
Microsoft announced that its acquisition of Whale Communications Ltd. is complete and will offer a discount immediately on incorporated Whale products. This includes Whale Intelligent Application Gateway, Connectivity Modules and Application Optimizers.
Directory:
> News > Security News
Date: 2006-07-26
|
Trojan Invades Through Firefox
McAfee has reported that a new Trojan horse is loose, and this one "is installed as a Mozilla/Firefox component extension." Named "FormSpy," it should only pose a low risk to both corporate and home users.
Directory:
> News > Security News
Date: 2006-07-26
|
Symantec, Yahoo Partner Up
Symantec and Yahoo have announced that they are joining forces "to protect consumers online." The partnership isn't an entirely charitable move, however - "Norton Internet Security provided by Yahoo" will cost $49.99 per year. And that's only the "special promotional annual fee."
Directory:
> News > Security News
Date: 2006-07-25
|
Microsoft Patch Missed The Target?
The existence of a Windows vulnerability (and/or malware that targets it) is announced. Microsoft offers a patch, which everyone downloads, and everything is fine again for a while. That's how it usually goes, anyway. But Microsoft may not have completely secured one recent vulnerability.
Directory:
> News > Security News
Date: 2006-07-25
|
Mac Malware: Here It Comes?
There's a commonly held belief that Macs are safe from viruses, if only because no one bothers to attack Apple's products. New information from the Kaspersky Lab indicates that this "safe" status may be endangered, though.
Directory:
> News > Security News
Date: 2006-07-24
|
PowerPoint Attack May Have Been Espionage
Somebody's been causing Microsoft a headache with a zero-day attack against PowerPoint. That's not terribly remarkable - Microsoft products are often targeted by cybercriminals. But researchers at Symantec believe this attack could be an example of industrial espionage.
Directory:
> News > Security News
Date: 2006-07-21
|
ID Theft - Name, Rank and Social Security Number
Identity theft is the fastest growing crime in the U.S. The U.S. Secret Service has estimated that consumers nationwide lose $745 million to identity theft each year. According to the Identity Theft Resource Center, the average victim spends 607 hours and averages $1,000 just to clear their credit records.
Directory:
> News > Security News
Date: 2006-07-21
|
Scam E-Mail Impersonates SpysoftCentral
If you want to keep your computer safe, be careful about accepting random offers of protection against spyware, even if they appear to be from legitimate corporations. This lesson (which many people have already learned) came out of one of the latest e-mail scams.
Directory:
> News > Security News
Date: 2006-07-21
|
The Intelligent Explorer Nightmare
I recently hit, by mistake, what I thought was an Explorer upgrade option. It turned out to be a pop-up appearing legitimate but really was not. It uploaded a product called Intelligent Explorer on my machine. What a nightmare!
Directory:
> News > Security News
Date: 2006-07-20
|
PayPal Flaw Gets Accidental Two-Year Reprieve?
A recent development has shaken many users' confidence in PayPal. It seems a security flaw that was "discovered" last month was actually nothing new at all; the same vulnerability was supposedly first identified about two years earlier.
Directory:
> News > Security News
Date: 2006-07-20
|
Another MySpace-Related Security Problem
A new security issue has arisen with MySpace, the popular social networking site. This spyware is the latest in a string of MySpace-related problems. There's good news, though - if run Windows, and if you've bothered to update it since January, you should be safe from this threat.
Directory:
> News > Security News
Date: 2006-07-20
|
Symantec Warns VARs About Limiting Prospects
The sales team at Symantec, taking a hard look at opportunities within the value added reseller (VAR) market, indicated that its security partners need to be more aggressive in looking for opportunities to expand their offerings.
Directory:
> News > Security News
Date: 2006-07-19
|
Yahoo Mail Popular With Fraudsters
Early Warning, a British company that specializes in "preventing CNP card fraud," has compiled a "list of top ten email addresses used by online card fraudsters." Bad news for people hoping to tighten up their spam filter - they're all services that are pretty common. Gmail managed to stay off the list, but Yahoo, Hotmail, AOL, and MSN are all present.
Directory:
> News > Security News
Date: 2006-07-18
|
Symantec Finds Fault With Vista
Did you expect Microsoft to stick to the latest Vista launch date? Don't hold your breath. The security firm Symantec says it has discovered a number of bugs and flaws in the operating system's networking technology. Microsoft's response was decidedly waspish.
Directory:
> News > Security News
Date: 2006-07-18
|
Microsoft Wins Over Winternals
The Austin-based company recently settled a lawsuit with electronics retailer Best Buy, and will now be part of the operating system company their software was designed to troubleshoot.
Directory:
> News > Security News
Date: 2006-07-18
|
McAfee Points Finger At Open-Source Techniques
Open-source software is often thought of in rather soft and cuddly terms. After all, it's free, and usually works to everyone's benefit (or at least tries to). But now, researchers at McAfee have made public their belief that hackers are using open-source tools to their own advantage.
Directory:
> News > Security News
Date: 2006-07-17
|
New Microsoft Tool Fights Spamming
Microsoft wants to end the problem of search engine spamming, and company researchers have created a tool to do it. Called the Strider Search Defender, its less slick subtitle (which also describes how it works) is "Automatic and Systematic Discovery of Search Spammers through Non-Content Analysis."
Directory:
> News > Security News
Date: 2006-07-14
|
Vulnerabilities On The Auction Block
If you happened to discover a security vulnerability, what would you do with that information? Perhaps nothing, and just continue to sit on your rear. Maybe you'd tell the affected company about it and hope for good karma. And apparently there's another (not necessarily malicious) possibility - you might try to sell the vulnerability.
Directory:
> News > Security News
Date: 2006-07-14
|
A Rootkit Under The Radar
Although the threat of a virtualization rootkit, undetectable by normal means, has been proven, it is not in the wild yet; Rustock/Mailbot has been floating around since June, and is nearly impossible to track down.
Directory:
> News > Security News
Date: 2006-07-13
|
Microsoft Hands Vista Over To Hackers
Microsoft has announced plans to attend the Hack in the Box Security Conference 2006, an Asian hackers' conference. What's more, the company intends to bring along Vista. This isn't as strange as it sounds - an increasing number of businesses like to solicit the opinions of security communities (even shady ones) on their new products.
Directory:
> News > Security News
Date: 2006-07-13
|
Microsoft Employees Offer Protection From Google Results
Some of the sites Google indexes will automatically redirect you to executable files. This can be convenient, if you're trying to download something like Firefox, as Claudiu Spulber was. But it might not be such a good thing if some sort of malware is on the other end of that link.
Directory:
> News > Security News
Date: 2006-07-12
|
Cisco Scammers Lassoed In London
American law enforcement agencies worked with counterparts in the United Kingdom to takedown a pair of Russians accused of working a warranty scam against networking giant Cisco.
Directory:
> News > Security News
Date: 2006-07-12
|
Citibank, OCBC Bank Affected By Phishing
A recent phishing scam targeting Citibank and OCBC Bank customers went a step beyond most by spoofing two-factor identification. E-mails asked the individuals to supply their user name, password, and a token-generated key.
Directory:
> News > Security News
Date: 2006-07-11
|
FBI Wants To Tap Your Internet
Were you aware that American citizens had elected the FBI to Congress? Did you know the FBI could draft legislation? Apparently the law enforcement agency can and has produced a bill that will expand wiretapping initiatives to Internet service providers and network builders in order to make it easier to eaves drop.
Directory:
> News > Security News
Date: 2006-07-11
|
Fake Blacklists?
A customer had momentary trouble sending mail to someone. The first attempt failed, but the second went through. An examination of the logs revealed a couple of interesting things.
Directory:
> News > Security News
Date: 2006-07-10
|
SARA Secuity Scanner
I installed and tested SARA on Linux and Mac OS X. It compiled easily and cleanly on both platforms: ./configure;make; sudo make install.
Directory:
> News > Security News
Date: 2006-07-10
|
Microsoft Offers Privacy
Microsoft has released a software tool called Private Folder 1.0, which is made to protect a user's private files through a password.
Directory:
> News > Security News
Date: 2006-07-10
|
Watchdogs Join Up To Fight ID Theft
Identity theft prevention company LifeLock has joined forces with the National Crime Prevention Center (NCPC) to raise awareness of and promote the prevention of ID theft through the United States.
Directory:
> News > Security News
Date: 2006-07-10
|
V.i. Labs Dons Its CodeArmor
After picking up a first-round of funding from a group led by Rockford Capital, V.i. Labs is ready to ride the wave of software protection needs of application developers.
Directory:
> News > Security News
Date: 2006-07-07
|
Hacker's Extradition Moves Forward
Gary McKinnon, the British hacker who was charged with breaking into a number of U.S. military systems, is one step closer to being extradited to the U.S. Britain's Interior Minister John Reid approved the transfer, although McKinnon has said he will challenge the decision.
Directory:
> News > Security News
Date: 2006-07-07
|
Microsoft: You Say “Security Threat,” I Say “Feature”
It turns out that something Microsoft considers a "legitimate feature" of Windows XP and Internet Explorer is also something of a security risk. By entering an address into the Web browser, users could inadvertently (or intentionally, as Microsoft argues) open an executable file.
Directory:
> News > Security News
Date: 2006-07-06
|
Spam Shifts To IM, Blogs
Cybercriminals are diversifying, according to a new report from MessageLabs. Their data indicates that threats are being transmitted through less-common methods such as "mobile text messaging, Web-based instant messaging, weblogs and social networking communities such as MySpace.com."
Directory:
> News > Security News
Date: 2006-07-06
|
ISPs Fear Zombies
A report from StreamShield Networks revealed that the greatest concern for ISPs in the UK is the "potential disruption to service that spam zombie machines can cause." Chainsaw sales have risen sharply accordingly. (Okay, not really.)
Directory:
> News > Security News
Date: 2006-07-05
|
Security Firm Says Get A Mac
Before a brutal wave of Trojan horses can invade PCs globally, one security company recommends switching from the world of Windows to the joy of Macs.
Directory:
> News > Security News
Date: 2006-07-05
|
Workers Feel Railroaded After ID Theft
Names and Social Security numbers belonging to 30,000 Union Pacific railroad workers could be in the hands of thieves after someone stole a computer containing that information from an employee.
Directory:
> News > Security News
Date: 2006-07-05
|
Software Flaws Can Be Predicted
A model developed at Colorado State University can make more accurate estimates of the number and severity of vulnerabilities a piece of software may contain.
Directory:
> News > Security News
Date: 2006-07-03
|
|
|
RSS
Archive
Contact Us
Advertise
