April 28, 2008
Bull publicizes bootable USB drive
By Dave Nixon
Bull has a gadget for businesses concerned about the security of data stored on laptops, namely a bootable, portable password-protected hard disk drive with an embedded cryptographic processor that shields data if the device is misplaced or stolen.
Globull is a bright red item about the size and weight of an iPod Classic. It has [...]
April 28, 2008
Apple improves software download utility for Windows with version 2.1
By Janine de Blois
Apple has responded to critism of its “Software Update” tool for Windows. In version 2.1 users now see a split window with two separate lists for updates and new software.
The complaint from many security (and other) sources had been that users of the old version often ended up with new software they had not [...]
April 28, 2008
Microsoft warns web-hosting providers of zero-day flaw
By Janine de Blois
The vulnerability affects Windows XP Service Pack 2 as well as all supported versions and editions of Windows Server 2003, Windows Vista, and Windows Server 2008. It allows for elevation of privilege from authenticated user to LocalSystem.
An attack is possible through authenticated user provided code. Internet Information Services (IIS) and SQL [...]
April 27, 2008
Malware targets Oympic emails
By Brian Turner
MessageLabs has reported that it has identified at least thirteen different Olympic themed attacks, using email to try and fool users into downloading trojans.
With legitimate-sounding email subject titles such as “The Beijing 2008 Torch Relay” and “National Olympic Committee and Ticket Sales Agents”, some attacks purport to be from the International Olympic Committee, based in [...]
April 20, 2008
UK phishing attacks double
By Dave Nixon
Phishing attacks on UK customers have more than doubled for the first quarter of this year, according to Apacs, the UK payment association.
Apacs recorded more than 10,000 reported phishing incidents in the first quarter of 2008, in excess of 200 percent up from the same period last year.
Online banking victims due to fraud [...]
April 20, 2008
Zero-day flaw uncovered in Microsoft Works
By Dave Nixon
Chinese-language blogs are specifying a zero-day susceptibility in Microsoft Works, the company’s lower-end office productivity suite, according to security vendor McAfee.
The vulnerability is inside an ActiveX control for the Works’ Image Server, wrote McAfee analyst Kevin Beets. A PC would need to visit a website engineered to exploit the flaw, Beets wrote.
A zero-day [...]
April 20, 2008
Apple finally fixes $10k fault
By Dave Nixon
Apple has released a security patch for its Safari web browser, fixing the flaw that earned one security researcher $10,000 at the CanSecWest security conference.
The flaw was exploited by Independent Security Evaluators Researcher Charlie Miller to gain access to a MacBook Air computer three weeks ago. It lies in the WebKit open-source HTML rendering [...]
April 20, 2008
Tibet struggle usurped to install rootkit
By Dave Nixon
A cartoon that mocks the efforts of a Chinese gymnast at the Olympic games is the most recent tactic used by cyber-criminals to infect Windows PCs, according to McAfee’s Avert labs.
While the movie files, which show the cartoon followed by images supporting a free Tibet, are playing, a keystroke logging tool, hidden by a [...]
April 20, 2008
Vendor claims to nix URL-bypassing sites
By Dave Nixon
Proxy blocking company 8e6 has stated that its software can now curtail the proxy scripts that have lately swamped the Internet as a way of bypassing URL blocking systems.
Such scripts give non-expert users a method to evade the conventional web URL filtering systems employed by government, libraries, universities and companies by initiating private web [...]
April 20, 2008
Google Apps hit by session-stealing assault
By Dave Nixon
A security researcher has exposed a grave flaw in Google Spreadsheets, which could give an attacker access to all of a user’s Google services.
While the bug, a cross-site scripting (XSS) flaw, has now been fixed by Google, it is a sign of the dangers that can go together with the growing popularity of Software [...]
April 20, 2008
ISPs accused of tampering with web pages
By Dave Nixon
Approximately one percent of the Internet web pages are being altered in transit, sometimes in a detrimental way, according to researchers at the University of Washington.
In a paper, set to be delivered Wednesday, the researchers document some worrying practices. In July and August they tested data sent to about 50,000 computers and revealed that [...]
April 18, 2008
Browser attacks becoming more sophisticated say experts
By Janine de Blois
Security experts at the RSA Conference 2008 warn that browser attacks are becoming more sophisticated. Infected websites can allow a browser to be taken over in bot-like fashion.
For example on a virtual world site, an avatar could walk out on the screen, turn off mouse and key controls-making it difficult stop the attack. [...]
April 18, 2008
New Standards For Credit Card Processing and Collection
By Lashan Clarke
Information released by the PCI Security Council detail the use of a new version of the standards used to process credit cards.
The standards will be known as the Payment Application Data Security Standard or the PA-DSS.
The highlight of the PA-DSS is that is sets out the information needed to merchants to properly process [...]
April 17, 2008
Only 21% Reveal Passwords
By Lashan Clarke
A wise person will be protective of their password in the times we live in. However, current research has shown that not everyone is as wise to protect their personal information.
Using a survey conducted outside of Liverpool Street Station, the results showed that a little more than twenty percent of people gave up their [...]
April 16, 2008
Hacker Attacks CCP’s Popular Game
By Lashan Clarke
The source code for another game has supposedly been hacked. A computer hacker has stated that he or she hacked the source for the game EVE Online. In order to prove this was true, the hacker then posted the code to numerous P2P websites.
The hacker has stated it will only remove the hacked source [...]
April 15, 2008
DOJ Highlights Fight Against Money Laundering
By Lashan Clarke
At the recent RSA Security Conference, two attorneys for the Department Of Justice section that deals with cybercrime, highlighted two online sites that have been used in the past to launder money.
Working with the Computer Crime and Intellectual Property Section (CCIPS), the attorneys stated that Web sites E-gold and Neteller have previously been used [...]
April 14, 2008
DHS Secretary Hopes To Improve Defense Against CyberCrime
By Lashan Clarke
At a meeting for the Department of Homeland Security (DHS), the Secretary of the DHS spent time emphasising how the government feels about cybrsecurity and what role it plans to take in tackling it in the future.
The federal government would like to continue to see private and public firms develop a sense of togetherness [...]
April 14, 2008
Rift Caused By Malfunctioning Voting Machines
By Lashan Clarke
There has been a rift that continues to widen between security scientists, and manufacturers of voting machines. The rift has been widening to the point that many at the RSA Security Conference was calling on both industries to consider a “truce”.
Numerous flaws have been found in the softwared used in electronic voting machines, and this [...]
April 11, 2008
Adobe Issues Flash Update
By Lashan Clarke
After the recent fall of the Windows Vista laptop using a security hole in Adobe Flash, Adobe issued a new update to correct the hole within the software.
This update was issued to correct the compromise that was realised at the CanSecWest Conference. The new update was also issued to correct other problems within the [...]
April 11, 2008
Fortinet wins Deep Throat Porn filter check
By Dave Nixon
The contentious ‘Deep Throat Fight Club’ test of porn filters held at this week’s RSA security show has affirmed a winner. According to organisers Untangle, the best performer was Fortinet.
Fortinet detected 97.7 percent on the main blocking porn test, only a whisker ahead of rivals Watchguard (97.3 percent), Websense (97.0 percent), SonicWall (96.1 percent), [...]

