Estonian Convicted Of DDoS Attacks

By Lashan Clarke

The 20 year old Estonian Dmitri Galushkevich was served a fine of $1,641 when he was convicted of domain service attacks last year. The fine is quite large, and would be consider the annual salary in Estonia. Galushkevich was working along with other accomplices to cause web sites to malfunction, by subjecting them to DDoS [...]

Mozilla Ranks Firefox Bug Threat

By Dave Nixon

Mozilla has increased the threat ranking for an unpatched Firefox bug to “high,” and assures that a fix is imminent in Version 2.0.0.12, now set for release on 5 February.
Window Snyder, the company’s head of security, corroborates that the browser can be exploited to steal “session information, including session cookies and session history, when [...]

Researchers Discredit Microsoft’s Bug Claim

By Dave Nixon

A security researcher has dismissed Microsoft’s assertion that the year’s first critical Windows vulnerability would be “difficult and unlikely” to be exploited by attackers.
On Tuesday, in relation to the TCP/IP flaw spelled out 8 January in Microsoft’s MS08-001 security bulletin, Immunity updated an operational exploit, and published a Flash demonstration of the attack on its [...]

IM Attacks Increasingly Malevolent

By Dave Nixon

According to Akonix, a merchant of messaging security systems, unremitting attacks on instant messaging systems grew more sophisticated and dangerous in January.
The company tracked 14 new attacks on IM systems in January, finding that although the figure was comparatively low, the attacks are improving at targeting users.
IM attacks are a comparatively new trend, but [...]

IBM Embarking on Asset Encryption

By Dave Nixon

In providing 355,000 employees with PGP’s whole-disk encryption to ensure data confidentiality, IBM is embarking on an enormous rollout of desktop and laptop encryption.
Although IBM already uses encryption in areas of its organisation, predominantly with Secure Multipurpose Internet Mail Extensions encryption in Lotus Notes, the rollout of PGP whole-disk encryption symbolizes Big Blue’s biggest-ever [...]

PayPal Acquires Israeli Security Company

By Dave Nixon

EBay’s online payments division, PayPal, will pay US$169 million for the acquisition of an Israeli security company specializing in identifying online fraud.
Private company Fraud Sciences, has developed technology designed to differentiate between real and fraudulent transactions, which will be integrated into PayPal’s anti-fraud systems, which will be “significantly” enhanced this year, eBay said.
Fraud [...]

German Police Skype Hack Leaked

By Dave Nixon

Leaked documents appear to indicate that company has been hired by German police to create Trojans capable of capturing traffic from Skype and SSL.
Appearing on the Wikileaks website in their German form, the two scanned documents are difficult to authenticate, but one appears to describe how a security company, Digitask, was asked to create a [...]

Delay Update Of FISA Act

By Lashan Clarke

The United States Senate has place a hold on the update to the FISA Amendments Act. The Act was created about thirty years ago. The main premise of the FISA Act is to give the government the ability to listen in on all communications.
If the Attorney General approves this action, the ACT would allow [...]

8e6 Technologies Re-Launches in the UK

By Dave Nixon

With the promise to entice SurfControl customers suspicious of being forced to upgrade to products from new proprietor, Websense US web filtering company 8e6 Technologies has re-launched itself in the UK.
The company plans, by using partner and reseller Wick Hill, to advance its R3000 web filtering appliance to the SurfControl customer base, whose products [...]

Update for Metasploit Exploit Tool

By Dave Nixon

In adding a new graphical interface for Windows that will boost the number of researchers and white hat hackers who are able to use the software, the Metasploit Project has updated its signature open-source exploit framework to Version 3.1.
HD Moore, the renowned exploit researcher and Metasploit creator stated “It’s a minor update, but it’s the [...]

ConSentry Connects to Directories for NAC

By Dave Nixon

Secure networking developer ConSentry Networks has introduced what it terms its Intelligent Switch architecture - fundamentally, a firmware upgrade which adds application and role-based control within the network.
The ConSentry devices already had the ability to extract a user’s profile out of an identity store such as MS Active Directory, RADIUS or LDAP, and use [...]

Free Search Tool Inspects Network Alerts

By Dave Nixon

Designed to gather network and system alerts, and assist admins and security analysts analyse them, start-up software developer Packet Analytics is offering a free downloadable search engine.
The browser-based tool, called Net/FSE (network forensic search engine), requires a standard x86 server running Linux or Unix. It is based on work completed at the US Los Alamos [...]

Encryption Order on M&S Laptops

By Dave Nixon

Following the theft last May of an unencrypted laptop which contained the personal information of 26,000 M&S employees, the Information Commissioner’s Office have given Marks & Spencer two months to encrypt all its laptop hard drives.
The laptop, which was stolen from the home of an M&S contractor, contained details of the pension arrangements of [...]

Legitimate Sites the Source of Most Malware

By Dave Nixon

According to a senior security researcher the majority of websites producing malware are legitimate. Dan Hubbard, Websense’s vice president of security research, said that exceptionally, legitimate sites taken over by hackers outnumber malicious ones.
51 percent of the sites it categorised as malicious in the second half of 2007 had been compromised and then [...]

Cybercrimes Increasing

By Lashan Clarke

Cybercrimes are on the increase and are being pulled off by very savvy computer thieves.
In the past six years, an analysis of the identity cases closed by the U.S. Secret Service has shown that the victims did not know the perpetrator nor did the thief have a criminal record.
Since 2004, identity theft makes [...]

Microsoft Releases The MS08-002 Update

By Lashan Clarke

A second update, MS08-002, was released to address a potential attack using local access to Windows 2000, XP, and Server 2003. This attack could be gained by simple access and would allow the attacker to “elevate their privilege” to further access of the system.
Microsoft also updated their Windows Malicious Software Removal Tool [...]

Microsoft Releases TCP Patch

By Lashan Clarke

Microsoft has released a patch for the Transmission Control Protocol/Internet Protocol (TCP/IP) vulnerability in Windows XP and Windows Vista. This critical update, called MS08-001, will secure a Windows XP/Vista system so that potential attackers cannot access and take control, possibly changing user rights and installing programs.
Released in early January, this is the first [...]

The Year Of Security Breaches

By Lashan Clarke

2007 has seen a year with a large amount of data losses from reputable companies. One of the largest losses was with the TJX Companies. TJX Companies, a retail giant, was among those reporting major losses at 46.5 million records in a breach that took nearly 18 months to discover and secure. However, Mastercard [...]

Identity Theft Now Targeting Businesses/Governments

By Lashan Clarke

Identity theft in 2007 went beyond personal attacks – companies and government agencies were targeted as well, losing the personal data of millions of people including those who don’t even own a personal computer.
These attacks spurred legislative action that requires companies and government agencies to disclose such attacks to those people affected.
According to ITRC’s [...]

Russian hacker cracks Yahoo CAPTCHA

By Rachael Grant

CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart), Yahoo’s system for preventing automated access to its systems, has up until now been branded as next to impossible to decode, according to several websites (link) selling CAPTCHA cracks for sites like eBay.
However this week, a programmer going by the name ‘John [...]

Next Page »