|
April 28, 2006
British hacker fears US extradition (SC Magazine)
Gary McKinnon, the US government's most wanted IT geek spoke out at
Infosecurity Europe yesterday against his possible extradition to the
states where he will face charges of hacking into the US Military's
computer systems.
Web users blind to spyware (SC Magazine)
Internet users who think websites with clean, appealing graphics and
national advertisers on their home pages are always safe need to think
again as such seemingly respectable sites often harbor malware, security
watchers have warned.
UK government squeezes BlackBerry security (SC Magazine)
CESG - the Information Assurance arm of the UK Government
Communication Headquarters (GCHQ) yesterday granted approval for UK
government employees to use BlackBerry devices from Canadian vendor
Research In Motion (RIM) to handle restricted data.
_____________________________________________________________________________________
April 27, 2006
Security Advice From a Wanted Hacker (PC World)
British hacker tells security conference that easy steps bolster
IT security.
Vista To Handcuff Firewall (TechWeb)
Microsoft plans to turn off half the firewall in Windows Vista when the
new operating system ships later this year because it doesn't think most
users need all the firewall's functionality or can handle its
management.
Trojan Demands $10.99 Ransom To Free Files (TechWeb)
A new Trojan horse demands a $10.99 ransom payment to stop
erasing files on the infected PC's hard drive, a security firm said
Thursday.
NCSA launches IT security campaign for small businesses (SC Magazine)
The National Cyber Security Alliance (NCSA) today unveiled the latest
initiative in its on-going campaign to educate small businesses about
cyber security issues.
E-crime experts warn of the ‘enemy within’ (SC Magazine)
A new survey revealed today that almost half of global e-crime experts
believe the biggest threat to organizations’ data comes from “the enemy
within”, rather than external hackers.
_____________________________________________________________________________________
April 26, 2006
97 Percent Fail Spyware Sniff Test (TechWeb)
Just 3 out of 100 Internet users are able to sniff out sites
ready to drop spyware or adware onto their computers, a security firm
says.
Is VoIP the Next Target? (NewsFactor)
Although there has yet to be a recognized instance of a VoIP-coordinated
denial-of-service attack, at least one organization says it is only a
matter of time.
Simple passwords put firms at risk, survey (SC Magazine)
Simple passwords are putting companies at risk, according to a
new survey unveiled at the Infosec Europe 2006 show in London.
IT security top of the agenda for three quarters of UK execs (SC
Magazine)
Three-quarters of UK businesses rate security as a high or very high
priority for their senior management or board of directors, according to
the latest Government-sponsored survey of information security breaches
in the UK released at Infosec in London yesterday.
Oracle Locks DBAs in the Vault (eWeek)
Oracle's new Database Vault technology restricts data access
rights of even powerful users, while its new encryption technology,
Secure Backup, encrypts data to tape.
Spam evolves into a dangerous time waster (SC Magazine)
Security firm Panda Labs has hit out at spam, warning that it has become
an increasingly dangerous threat going beyond the traditional perception
of it being nothing more than a nuisance.
_____________________________________________________________________________________
April 25, 2006
Phishers Snare Victims With VoIP (TechWeb)
Phishing comes to VoIP. A security firm has found a phishing
scheme in which the scammers used Internet telephony to copy a bank's
automated voice system in order to steal customers' passwords, account
numbers and other personal information.
Microsoft Unveils Repatched Patch (TechWeb)
As promised, Microsoft releases an updated edition of its April
11 MS06-016 security bulletin.
Novell's eSecurity acquisition highlights trend toward consolidation (SC
Magazine)
Novell is aiming to boost its integrated security management
capability with its recent purchase of e-Security, Gartner noted today.
According to the analyst firm, the move highlights a growing industry
trend of a vendor of security information and event management
technology being acquired by broad-scope vendors.
Spam Slayer: Biggest Spam Hassles Solved (PC World)
Our Spam Slayer cracks open the mailbag to answer readers' most pressing
questions.
U.K. governments and industry join forces to tackle online abuse (SC
Magazine)
New guidance to protect children using chatrooms and search engines was
published yesterday by the U.K. Home Office, which is also preparing to
launch a new Child Exploitation and Online Protection Centre (CEOP).
_____________________________________________________________________________________
April 24, 2006
Hacker 'Smartbomb' Toolkit Attacks Unpatched Computers (TechWeb)
A dirt-cheap, do-it-yourself hacking kit sold by a Russian Web
site is reportedly being used by more than 1,000 malicious Web sites.
Symantec Tunes Up IM Monitoring (NewsFactor)
With Release 8.0 of its IM Manager software, Symantec is adding tools to
apply security policies to VoIP and videoconferencing and is expanding
its ability to do the same to instant messaging.
Half of business travelers worried by hotspot security (SC Magazine)
More than half of all business travelers are still concerned about
security levels offered by wireless, according to a global survey.
Easter eggs on U.K. identity thieves (SC Magazine)
Research carried out this Easter outside Victoria Station in London has
found that 81 percent of people were willing to part with all the
personal information needed to steal their identity for the chance to
win an Easter egg.
Security firm warns of fake blog ‘virus’ (SC Magazine)
Security firm PandaLabs has issued a warning about a false virus for
blogs that is causing confusion among blog writers and readers.
April 21, 2006
OECD calls for global action to combat spam (SC Magazine)
The Organization for Economic Cooperation and Development (OECD) has
launched a global campaign that aims to step up cross-border law
enforcement cooperation to combat spam.
Demand ramps up for all-in-one integrated security solutions (SC
Magazine)
The complexity of managing security technologies is the third-highest
challenge organizations will face over the next year, according to IDC.
_____________________________________________________________________________________
April 20, 2006
Microsoft To Release Fixed MS06-015 Patch Next Week (CRN)
Microsoft plans to re-release a Windows patch next week to fix
problems related to HP devices and NVIDIA cards.
ISPs Look to New Spam-Fighting Tech (NewsFactor)
E-mail providers are bolstering their defenses against the onslaught of
spam and phishing attacks through the adoption of new
e-mail-authentication technologies.
Feds Issue Security Alert On Firefox (TechWeb)
People are being advised to upgrade to the latest versions of the
Firefox Web browser and the Thunderbird email program to plug numerous
critical security holes.
'High risk’ malware poses as Symantec update (SC Magazine)
Security watchers yesterday warned internet users to be on their
guard against a “high risk” malicious email which appears to be a
Symantec Virus advisory, but which actually contains a payload designed
to disable anti-virus updates.
Novell pays $72m to acquire e-Security (SC Magazine)
Novell yesterday announced that it has paid $72m to acquire e-Security,
a developer of real-time event monitoring, response and reporting
software.
_____________________________________________________________________________________
April 19, 2006
One-third of companies don't know if they've been hacked (SC Magazine)
A third of senior managers do not know if their company has been
hacked, according to new findings.
Microsoft touts Sender ID to can spam (SC Magazine)
Microsoft yesterday promised to increase efforts to combat spam
by pushing adoption of its Sender ID framework for email authentication.
BigFix Broadens Appeal of Patch Management Suite (eWeek)
The security configuration management company prepares a new release of
its Big Fix Enterprise Suite with new software distribution and asset
management functions.
FTC cans two U.S. spammers (SC Magazine)
Two spammers who hijacked consumers’ computers and turned them into spam
spewing zombies have agreed to settle Federal Trade Commission (FTC)
charges. The individuals admitted sending illegal emails hawking
mortgage opportunities, a device for improving gas mileage, and other
products and services.
_____________________________________________________________________________________
April 18, 2006
Oracle Plugs 36 Holes in Critical Patch Update (eWeek)
The database vendor patches multiple security flaws, including
one that was at the center of a debate on disclosure at the Black Hat
Federal briefings.
Microsoft to Unveil New Patch Management Software (PC World)
Next version of Windows Server Update Services is on the way.
Half of companies not completely protected against vulnerabilities (SC
Magazine)
Nearly half of IT professional believe their infrastructure is not
completely protected against vulnerabilities, new research found.
Holographic breakthrough boosts data encryption and storage (SC
Magazine)
Japanese scientists have predicted a bright future for holographic data
encryption and storage, promising that holographic technology could be
developed to allow massive amounts of encrypted data to be accessed at
very high speeds.
Experts warns of the rise of the rootkit (SC Magazine)
The use of rootkits to conceal both malware and commercially
viable Potentially Unwanted Programs (PUPs) is on the rise, new research
warned today.
_____________________________________________________________________________________
April 17, 2006
Beware Bagels Updating (TechWeb)
A new round of Bagle worm updates are going out to
already-infected PCs.
McAfee: Massive increase in rootkit use (SC Magazine)
The number of malicious programs employing stealth technology to
make them virtually undetectable by PCs is rapidly increasing, giving
rise to more sophisticated Windows-based attacks, according to new
research conducted by McAfee AVERT Labs.
Hacked PCs Receive Updated Spam Tool (PC World)
Computers infected with the Bagle virus began downloading new malware
over the weekend.
Symantec Intros Integrated Gateway Security (eWeek)
The security applications giant is pulling together its anti-spam,
anti-virus and content filtering applications for internal Internet
e-mail gateways.
Rootkits, Smarter Hackers Pose Growing Security Threats (eWeek)
IT security is under attack from increasingly sophisticated programs and
a collaborative community of malware authors, according to research by
anti-virus companies McAfee and Kaspersky Lab.
April 14, 2006
ISP snooping gaining support (CNET)
States getting behind idea of requiring records to be kept of customers'
online activities for police access.
_____________________________________________________________________________________
April 13, 2006
Mozilla Plugs Firefox Code Execution Hole (eWeek)
A new version of the open-source Firefox browser ships with
"significant security and stability improvements."
Rootkits, blackmail scams on the rise (SC Magazine)
Online blackmailing grew in frequency during the first quarter of
2006, according to a study by one security vendor.
Fear of viruses, spyware cut down illegal downloads (SC Magazine)
The amount of illegal downloading by U.S. residents between 8- and
18-years-old has dropped by 17 percent in the last two years, due mainly
to growing fear of viruses and spyware, new research has claimed.
Symantec CEO Ready To Fend Off Microsoft Challenge (VarBusiness)
Acquisitions, a recent reorganization, and increased spending on
marketing will help Symantec fend off challenges the company's CEO said.
_____________________________________________________________________________________
April 12, 2006
Microsoft Updates Worm Killer (TechWeb)
Microsoft also updated the Windows Malicious Software Tool, a
free utility that detects and deletes a limited number of worms,
viruses, Trojans, and rootkits.
Czech police collar phishing gang member (SC Magazine)
Czech police have arrested a man suspected of involvement in a gang
which stole from the bank accounts of innocent internet users.
U.K. firms put customers’ data at risk (SC Magazine)
UK businesses are failing to adopt the security controls needed to
protect their customers' information, according to the data released
today from the 2006 Department of Trade and Industry's biennial
Information Security Breaches Survey.
Microsoft warned of RDS Windows XP bug (SC Magazine)
Security researchers have informed Microsoft of a bypass and cross zone
scripting vulnerability in Windows XP which could allow hackers to gain
full control over and remotely execute code on user's machines using
Internet Explorer.
_____________________________________________________________________________________
April 11, 2006
Microsoft Releases Three Windows Patches (AP)
Microsoft Corp. released three critical patches Tuesday for its
Windows operating system, including one to fix an Internet Explorer
browser flaw that had already been exploited in some Internet attacks.
Microsoft Windows and Internet Explorer Vulnerabilities (US-CERT)
Microsoft has released updates that address critical
vulnerabilities in Microsoft Windows and Internet Explorer. Exploitation
of these vulnerabilities could allow a remote, unauthenticated attacker
to execute arbitrary code or cause a denial of service on a vulnerable
system.
Political ‘hackers’ accused of targeting Amazon (SC Magazine)
Politically motivated "hackers" have been accused of tricking
Amazon into sending a message "to possibly hundreds of thousands" of its
customers drawing attention to a controversial book, "Samson Blinded: A
Machiavellian Perspective on the Middle East Conflict". The message was
phrased in terms designed to irritate its recipients.
MySpace.com hires child safety czar from Microsoft (Reuters)
News Corp. is set on Tuesday to name a security czar to oversee
child safety measures on MySpace.com, the popular teen dating and music
site that has provoked an outcry among parents who fear they have not
done enough to thwart sexual predators.
'Fat Spaniard' hacker faces 40 years in jail (SC Magazine)
An individual suspected of hacking hundreds of thousands of euros
from bank accounts has been extradited from Argentina by international
authorities.
_____________________________________________________________________________________
April 10, 2006
IBM unveils new processor encryption technology (SC Magazine)
IBM announced today that it is changing the way security can be
built into devices and consumer products.
McAfee Unveils Threat Center Portal (PC World)
Security software maker offers free information on security
topics.
MXI Security Locks Down Storage on Portable Devices (eWeek)
The new stand-alone MXP product offers devices and tokens
featuring integrated digital identity, authentication and cryptography
capabilities.
Web fraud costs victims $180M (SC Magazine)
Victims lost more than $180 million in web fraud incidents reported by
the Internet Crime Complaint Center (IC3) last year, according to the
IC3’s fifth-annual Internet Crime Report.
IM, P2P Attacks Up 700 Percent (TechWeb)
Malicious software attacks across instant messaging (IM), chat, and
peer-to-peer (P2P) were up more than 700 percent over the same quarter
last year.
Virus Targets Linux or Windows (PC World)
Hackers have released code for a virus that could threaten both
Linux and Windows PCs.
Readying for Microsoft Patch Tuesday (SC Magazine)
Tomorrow will be one of the busiest days of the month for IT
security professionals updating their anti-malware protection.
April 7, 2006
U.S. adults demand better web banking security (SC Magazine)
Almost 90 percent of U.S. bank account-holders would like their
financial services providers to monitor online banking sessions for
signs of irregular activity in the way they currently scrutinize credit
card transactions, recently released research has found.
Court filings tell of Internet spying (CNET)
Former AT&T technician said company cooperated with NSA to install
equipment capable of "vacuum cleaner" Net surveillance.
Malicious e-greeting spam conceals keylogger (SC Magazine)
Security watchers have identified a new batch of malicious e-greeting
spam which conceals keylogging spyware designed to steal online banking
passwords and other sensitive information.
_____________________________________________________________________________________
April 6, 2006
Nigerian E-Mail Scam Price Tag: $5K Per Victim (Security Pipeline)
Half of victims of the fraud admit losing $5,000 or more, far
more than any other online scam, a government report reveals.
Four in ten execs think they will be cybervictim (SC Magazine)
Nearly four in ten executives believe their company will be the
victim of a successful cybercrime attack, according to a new survey.
Rogue anti-spyware app knocks out antivirus systems (SC Magazine)
Security experts warned today of a newly detected rogue anti-spyware
application, UnSpyPC, which falsely identifies popular security products
and well-known file system tools as spyware.
Vicious emerging threats fuel security support spending boom (SC
Magazine)
Ill-prepared global IT organizations are trying to cover up after
being "sucker-punched" with a vicious combination of emerging security
threats, IDC warned yesterday.
_____________________________________________________________________________________
April 5, 2006
Cyber criminals count on sudoku to infect victim PCs (SC Magazine)
Security experts yesterday warned that a growing number of
maliciously coded web pages are downloading spyware programs onto
computers without the consent of the sites' visitors.
Tech.gov: Data Protection, the Federal Way (PC World)
Congress wants to protect your data and make sure you're notified
when there's a problem. Will the latest bills do the job?
P2P network users targeted in European piracy clamp down (SC Magazine)
Illegal P2P file-sharers across the world faced a fresh wave of
legal actions yesterday as the recording industry announced an
escalation of its campaign against digital music piracy. The latest
actions come with a new warning to parents to check what their children
are doing online as they could face financial penalties if their
children access illegal material.
_____________________________________________________________________________________
April 4, 2006
OS X firmware flaw fixed (SC Magazine)
Apple this week issued its third security update of the year,
this one correcting a flaw in firmware that could allow some Mac OS X
user passwords to be bypassed.
Bug Spoofs Internet Explorer Addresses (TechWeb)
Microsoft's Internet Explorer, already stunned with a bug
currently being used by hackers to infect PCs with spyware, suffers from
yet another vulnerability, a researcher said Tuesday.
Microsoft revamps hosted security offerings (SC Magazine)
Microsoft has revamped its hosted security offerings with the launch of
Exchange Hosted Services (EHS), formerly known as FrontBridge
Technologies. The move sees the software giant offering four key
products in its software as a service strategy including Hosted
Filtering, Hosted Archive, Hosted Continuity and Hosted Encryption.
Web 'neighbourhood watch' launched to combat phishers (SC Magazine)
An IT security firm has unveiled an online "neighbourhood watch"
scheme in a bid to clamp down on phishers.
_____________________________________________________________________________________
April 3, 2006
Payment processor fears credit card crooks (CNET)
Authorize.Net says its service was used in an attempt to charge
money to stolen credit and debit cards.
New IE flaw has faster payload (SC Magazine)
Hackers now are employing new software to more quickly exploit a
highly critical Internet Explorer zero-day vulnerability.
Users Fail To Spot Phishing Sites (NewsFactor)
Web users largely ignore the browser warning signals that could allow
them to verify the authenticity and trustworthiness of a Web site,
research has claimed.
How Common Is Identity Theft? (PC World)
ID theft affects millions of households and costs billions of
dollars, government says.
One in 33 homes experience ID theft (SC Magazine)
About 3 percent of the nation’s households were victims of identity
theft during a six-month period in 2004, losing about $3.2 billion to
fraudsters, the U.S. Justice Department announced Sunday.
Symantec Addresses IM Security, Compliance (Security Pipeline)
Symantec released Monday a new version of its IM Manager designed
to shore up vulnerabilities in instant messaging networks and address
compliance issues.
|
