|
August 31, 2006
Hacker posts war images on website (Boston Globe)
A hacker posted graphic images of injured children and war rubble where
ads for musicals are usually found on the Gloucester Stage Company's
website. The company described the message as supporting Hezbollah and
suspected the hack occurred because Gloucester Stage's cofounder and
artistic director is Israel Horovitz. The company's webmaster re-secured
the site. ``It's not even a mosquito bite,"
Microsoft admits music hack, promises fix (Middle East Times)
Microsoft Corp. acknowledged Wednesday the existence of a program
circulating on the Internet that could circumvent its copy protection
for online music, but said that it was working on a fix.
_____________________________________________________________________________________
August 30, 2006
AT&T: Hackers Accessed Customers' Cards (varbusiness)
Hackers broke into one of AT&T's computer networks and stole
credit card data and other personal information from several thousand
customers who shopped at the telecommunication giant's online store. who
shopped at the telecommunication giant's online store.
TippingPoint reveals 29 unresolved flaws (SC Magazine)
TippingPoint announced on Monday that it has more than 29 different
vulnerabilities that it is working on with manufacturers to resolve
before publicly disclosing them.
Research: Security Issues Alarming But Fixable (varbusiness)
A pair of security surveys released this week shows that protecting
corporate and consumer data is sometimes easier than people might think,
but the broader problem still is confounding far too many organizations.
_____________________________________________________________________________________
August 29, 2006
AT&T says hackers accessed customers' cards (Reuters)
Hackers broke into one of AT&T Inc.'s computer networks and stole
credit card data and other personal information from several thousand
customers who shopped at the telecommunication giant's online store.
Insecure at the Airport? (darkREADING)
Five ways to make your concourse WiFi experience more secure
Hike in Ernesto-related domains could be a sign of scams (SC Magazine)
A spike in the number of registered Tropical Storm Ernesto-related
domain names, as the system churns toward the Florida coast, has some
information security experts thinking fraud could be on the way, too.
AOL Exposed for Secret Software Installs (NewsFactor)
The Google-sponsored Stopbadware project has lashed out against
the free version of AOL's software, launching an investigation into the
application because it behaves like malware.
T-Mobile Hacker Gets Home Detention (AP)
A hacker who infiltrated the network of T-Mobile USA Inc. and accessed
personal information of hundreds of customers, including a Secret
Service agent, was sentenced Monday to one year of home detention.
_____________________________________________________________________________________
August 28, 2006
Most Damaging Attacks Rely On Stolen Log-ins (TechWeb)
The report says attacks based on logging in with stolen or
hijacked credentials cost businesses far more, than the typical worm or
virus assault.
Juniper Adds New Features to Security OS (PC World)
Software that runs hardware firewalls and network appliances now
includes beefed-up security tools.
AOL 9.0 Accused of Behaving Like Badware (PC World)
Anti-malware group says the software deceives users and
interferes with computer use..
August 25, 2006
Cisco releases two security advisories (SC Magazine)
Cisco Systems released two security advisories on Wednesday
warning about vulnerabilities in its firewall and VPN products.
IBM Merger Gets Mixed Responses (darkREADING)
Raise prices? Win more outsourced security? IBM-ISS deal leaves
many wondering what Big Blue will do with its new prize
_____________________________________________________________________________________
August 24, 2006
Crossbeam Does What Check Point Couldn't (varbusiness)
Although Check Point's plan to buy intrusion prevention vendor
Sourcefire was derailed, Crossbeam Systems is deploying Check Point
firewalls and Sourcefire IPS technologies side-by-side as part of its
comprehensive UTM offerings.
IBM's $1.3 Billion Security Buy (NewsFactor)
IBM is acquiring Internet Security Systems (ISS) and integrating
ISS software into its on-demand security systems portfolio in a move to
now offer a comprehensive I.T. protection package.
ArcSight simplfies SIM with new standard (SC Magazine)
One of the industry's leading enterprise security management software
vendors released a new open log management standard on Tuesday that may
make it easier to collect and examine security information.
_____________________________________________________________________________________
August 23, 2006
Viruses, Spyware Cost Users $7.8 Billion (NewsFactor)
Consumers paid as much $7.8 billion over two years to repair or
replace computers that got infected with viruses and spyware, a recently
released Consumer Reports survey found.
Microsoft delays patch re-release (SC Magazine)
Microsoft announced that counter to its announcement last week it
will not release a formal fix for its MS06-042 patch today, resulting in
an announcement from the security community that IT administrators
should find a workaround to deal with a vulnerability caused by the
existing patch.
Spammer's Kin to Allow Initial Search (AP)
The grandparents of a notorious Internet spammer say they will allow AOL
to do an initial search of their property to see if their grandson
buried gold there.
_____________________________________________________________________________________
August 22, 2006
Big Boost in Zombie PCs Seen From Latest Windows Exploit (TechWeb)
Security firms are noting a big boost in the number of machines
that the virus exploiting a bug disclosed in Microsoft's latest security
bulletin have commandeered.
Campaign Targets Web Crimes Against Kids (AP)
Attorney General Alberto Gonzales announced a new public service
campaign Monday that will warn teenage girls against posting information
on the Internet that could put them at risk of attack by child
predators.
Net Watchdog: The Elusive Search for Privacy (PC World)
AOL's search screw-up should be more than just another wake-up call.
_____________________________________________________________________________________
August 21, 2006
Microsoft Fixes Bug in Security Patch (PC World)
Windows updates had been causing some applications to crash.
August 18, 2006
'Analog Hackers' Overlooked, Undetected (darkREADING)
Many enterprises secure electronic access points but fail to
see their own front doors as vulnerable
_____________________________________________________________________________________
August 17, 2006
Treasury report: IRS email systems insecure (SC Magazine)
A new report released last week found that the majority of
employees working for the Internal Revenue Service (IRS) abuse the
agency's email service.
Yahoo Plugs Security Hole in Web Mail Service (PC World)
Fix eliminates serious security vulnerability involving mail
attachments.
How Much Does a Hack Cost? (darkREADING)
We're thinking of a number between $100,000 and $50 million;
here's how to handicap your cost per incident a little more closely
_____________________________________________________________________________________
August 16, 2006
Microsoft Issues First Patches For Vista (TechWeb)
Microsoft confirms that two of the 12 security bulletins issued
last week affect Windows Vista Beta 2.
Black Hat Flaw Eludes Cisco (darkREADING)
Cisco says it can't find the PIX firewall vulnerability disclosed
at Black Hat
FTC on board in spyware case against movie service (SC Magazine)
The Federal Trade Commission (FTC) has joined the Washington
state's Attorney General's Office in efforts to halt a movie download
service that allegedly bombards customers with pop-up advertisements
demanding payment for a free trial membership they never signed up for.
Spyware Infection Rates on the Rise (NewsFactor)
Spyware's threat is getting nastier. Infection rates are on the
rise, in part thanks to the surging popularity of sites like MySpace.com
and the sophisticated nature of new malicious software.
AOL Prepares to Dig for Gold _ Literally (AP)
Dig this: AOL believes a renegade Internet spammer buried gold and
platinum on his parents' property in Massachusetts and wants to bring in
bulldozers to search for the treasure and satisfy a $12.8 million
judgment it won in federal court.
_____________________________________________________________________________________
August 15, 2006
Justice Department Looks To Lock Down Databases (TechWeb)
The agency is focusing on application-level security; the goal is to
examine all its databases, up from 30% today, for potential problems and
to lock them down as tightly as possible.
Malware sets crosshairs on last week's critical Windows flaw (SC
Magazine)
As many IT security experts predicted, malware taking advantage of a
flaw patched by the Aug. 8 MS06-040 bulletin emerged over the weekend,
but Microsoft experts maintain the exploit poses little threat.
_____________________________________________________________________________________
August 14, 2006
Image spam triples in three months (SC Magazine)
Ever-resourceful spammers tripled the amount of image spam sent
to users in the last three months, researchers announced today.
Core Security Updates Impact Vulnerability Tester (TechWeb)
Core Security Technologies Monday updated its flagship Impact
penetration testing application to v. 6.0, which sports a retooled
framework that simplifies probing for client-side openings.
Beyond NAC: The Internal Controls (NewsFactor)
While some of the biggest guns are focusing on network access control, a
few small companies, including Applied Identity, are asking how to
regulate where users go once they're inside.
Hackers Exploit Windows 'MS06-040' Security Vulnerability (TechWeb)
An attack against unpatched PCs, largely targeting Windows 2000,
developed over the weekend, although it has come in the form of
one-at-a-time bot pinpricks rather than an all-out worm war.
August 11, 2006
Users Eye New WiFi Security Issues (darkREADING)
Enterprise WiFi users may have to switch off initially to protect
against latest vulnerability
Officials Probe Lieberman Web Site Crash (AP)
U.S. Sen. Joe Lieberman's campaign Web site remained offline
Thursday, and federal and state authorities were investigating why it
crashed on the eve of this week's defeat in a high-profile primary.
_____________________________________________________________________________________
August 10, 2006
U.S. Warns of Windows Security Flaw (NewsFactor)
The U.S. government warned Windows users that a flaw in the
operating system could enable a hacker to hijack their computers and
install a virus, delete programs, or gain access to accounts.
Credit Protection Due Vets in Data Theft (AP)
Millions of veterans and active-duty troops whose sensitive
personal information was lost by the Veterans Affairs Department will
receive some form of credit protection against identity theft, the
government said Wednesday.
Western Internet firms "act as censors" in China (Reuters)
A rights group accused Western Internet companies on Thursday of
complicity with censorship in China and called on Microsoft Corp.,
Google Inc. and Yahoo Inc. to resist Beijing's demands.
_____________________________________________________________________________________
August 9, 2006
Researcher: Hacker Sophistication Outpacing Forensics (CRN)
Attackers are using increasingly sophisticated methods to stay
ahead of security incident response teams, says Kevin Mandia, president
of Mandiant, an Alexandria, Va.-based security consultancy.
PoC trojan a new burden for BlackBerry devices (SC Magazine)
A security researcher has developed a proof-of-concept trojan
that could hack into organizations that have BlackBerry servers behind
their firewalls.
Vista: No Silver Bullet for Security (darkREADING)
Microsoft's Vista operating system will be more secure than its
predecessors, but keep your Patch Tuesdays open
Microsoft Releases 12 Security Fixes (AP)
Microsoft Corp. on Tuesday released 12 security fixes for its
Windows operating system and Office business software.
_____________________________________________________________________________________
August 8, 2006
One In Three Users Are Victims of Viruses, Spyware, or Phishers
(TechWeb)
Still, things aren't that much worse than they used to be. The
odds of becoming a cyber-victim were the same as last year.
Microsoft Windows, Office, and Internet Explorer Vulnerabilities (CERT
Advisory)
Microsoft has released updates that address critical
vulnerabilities in Microsoft Windows, Office, and Internet Explorer.
Exploitation of these vulnerabilities could allow a remote,
unauthenticated attacker to execute arbitrary code or cause a denial of
service on a vulnerable system.
Database security (SC Magazine)
Database security is the biggest problem facing the IT industry,
according to a security expert.
Consumer survey says security affects brand trust (SC Magazine)
Experts from the security and marketing world released survey
results today that confirmed many suspicions that security can have
consequences for corporate brands.
_____________________________________________________________________________________
August 7, 2006
AOL draws fire after releasing user search data (Reuters)
AOL on Monday apologized for releasing information on about 20
million keyword searches in a move that ignited a firestorm of criticism
about privacy rights on the Internet.
New Google Warnings Protect Surfers (NewsFactor)
Google is taking a proactive approach to Web surfing security by
issuing warnings about potentially harmful sites detected during an
Internet search.
419 scam master arrested (SC Magazine)
Police in Nigeria have arrested the suspected ringleader of an email
scam that stole up to two million US dollars.
August 4, 2006
Survey: Hacks Decline, Worries Don't (varbusiness)
For the fourth year in a row, losses due to network compromises
and hacker attacks fell, according to the annual CSI/FBI Computer Crime
and Security Survey.
Internet's pilot bandit strikes again (Hollywood Reporter)
"The Adventures of Big Handsome Guy and His Little Friend," a
comedy series passed over by Fox Broadcasting Co. for the fall schedule,
has mysteriously popped up on at least three different viral-video Web
sites.
_____________________________________________________________________________________
August 3, 2006
Another big Patch Tuesday coming next week (SC Magazine)
For the second time in three months, Microsoft will release a
dozen security fixes as part of its monthly Patch Tuesday release cycle.
Microsoft Invites Hackers to Test Vista (AP)
After suffering embarrassing security exploits over the past
several years, Microsoft Corp. is trying a new tactic: inviting some of
the world's best-known computer experts to try to poke holes in Vista,
the next generation of its Windows operating system.
No Wires & No Policies (darkREADING)
Despite the convenience of wireless and portable devices, most
security policies still don't embrace them, according to a new Dark
Reading survey.
_____________________________________________________________________________________
August 2, 2006
Black Hat Presentation Shows Flaws In NAC (varbusiness)
An IT security expert will give a speech warning that virtually
any network access control system (NAC) may be dangerously flawed.
McAfee Patches Security Center Flaw (NewsFactor)
Security firm McAfee released a fix on Wednesday for a flaw in
its SecurityCenter software that could have exposed user passwords to
hackers, and even allow an intruder to gain remote control users' PCs.
More than two dozen Mac flaws fixed (SC Magazine)
Apple patched 26 flaws - a number of which exposed end users to
remote code execution - in a software release this week.
Web Search Engines to Fight Click Fraud (AP)
The Internet's leading search engines are teaming up with an
advertising trade group to find a better way to identify and measure
"click fraud," a scam that has raised doubts about the Web's
trustworthiness as a marketing vehicle.
_____________________________________________________________________________________
August 1, 2006
KaZaa users warned of p2p worm (SC Magazine)
Researchers are warning peer-to-peer (p2p) application users of a
new proof-of-concept virus that acts similarly to the W97M/Melissa
malware.
Internet Privacy: A License for Libel? (NewsFactor)
Although some people have succeeded in tracking down the
perpetrators of online defamation, it's far more common for such attacks
to go unpunished under the banner of Internet privacy.
Nasa website hacked in protest over Israeli bombings (SC Magazine)
A large number of U.S. government, military and university
websites have been defaced in protest over the current Mid-East crisis.
McAfee Security Programs May Expose Data (AP)
Consumer versions of McAfee Inc.'s leading software for securing PCs is
susceptible to a flaw that can expose passwords and other sensitive
information stored on personal computers, researchers said Monday.
|
