|
Security Headlines
Back
December 29, 2006
Media, tech firms probe possible high-def DVD hack (Reuters)
The companies behind an encryption system for high-definition DVDs are
looking into a hacker's claim that he has cracked the code protecting the
new discs from piracy, a spokesman for one of the companies said on
Thursday.
_____________________________________________________________________________________
December 28,
2006
Year in review: Zero-day mania (CNET)
Cybercrooks found Microsoft's "Patch Tuesdays" too tempting to pass
up. Apple, too, had a rough year when it came to security.
Vista and the Future of OS Security, Part 2 (TechNewsWorld)
The pending January release of Windows Vista raises questions about
the security benefits of using one operating system over another. Microsoft
claims that Vista's new architecture hardens it against vulnerabilities from
viruses, spyware and adware attacks. However, users should be wary of
putting too much faith in Microsoft's ability to give them a locked-down
computing environment.
_____________________________________________________________________________________
December 27,
2006
Firm: Seven steps for a more secure network (SC Magazine)
IT security professionals should rely on personal vigilance and
implemented methodologies - not just the slew of new products hitting the
marketplace - to protect their networks in 2007.
Companies promote affordable all-in-one computer security packages (USATODAY)
The fight to protect consumer PCs from hackers is heating up. Whether
it leaves all digital intruders in the cold could be another matter. Major
product rollouts from Symantec and McAfee incorporate features from acquired
security firms that pack every conceivable cyberdefense into an affordable
package.
New Computer Program Prevents Crashes and Hacker Attacks (Newswise)
Today's computers have more than 2,000 times as much memory as the
machines of yesteryear, yet programmers are still writing code as if memory
is in short supply. Not only does this make programs crash annoyingly, but
it also can make users vulnerable to hacker attacks.
_____________________________________________________________________________________
December 26,
2006
2006: The Year in Security (PC World)
Online attacks, spam, and sneaky cybercrime top list of year's most common
security issues.
MySpace is turf for ID thieves (Baltimore Sun)
'Place-for-friends' Web site has fallen prey to scams MySpace devotee Kary
Rogers was expecting to see a gut-busting video when a friend from the
popular online hangout messaged him a link.
Net Watchdog: Seemingly Unstoppable Spam (PC World)
Spam volumes are rising, and this new breed of junk mail is taking on
an entirely new form.
First Exploit Of Windows Vista Spotted (TechWeb)
It is the first Windows Vista exploit made public since the operating
system was released to volume license customers Nov. 30.
December 22, 2006
Hacker sentenced to home detention for USC breach (Daily Breeze)
A 24-year-old computer security expert was sentenced in Los Angeles
on Thursday to six months of home detention under electronic monitoring for
hacking into USC's application system and accessing personal information
about would-be students.
_____________________________________________________________________________________
December 21, 2006
Boeing Rep Speaks Out On Laptop Thefts And Security (VAR Business)
The aircraft behemoth is dealing with the third stolen company laptop
in two years, despite new security policies, employee education and
technology.
Websense snags leak prevention provider PortAuthority for $90 mil (SC
Magazine)
Internet filtering vendor Websense today joined the hot information
leakage prevention market by acquiring PortAuthority Technologies for $90
million.
_____________________________________________________________________________________
December 20, 2006
Mozilla Addresses Multiple Vulnerabilities (US-CERT)
The Mozilla web browser and derived products contain several
vulnerabilities, the most severe of which could allow a remote attacker to
execute arbitrary code on an affected system.
2007 could be the year of the hacker (Inquirer)
SECURITY OUTFITS are dusting off their usual pre-Christmas warnings
about what they think hackers will be doing next year.
Apple to get a month of security bugs (MacCentral)
Security researchers plan to disclose one Apple vulnerability per day
for the month of January.
Thinking ahead of the spammers (Inquirer)
WHENEVER YOU THINK spam can't possibly get worse, it does. "Our side
is 100 percent reactive," says Scott Chasin, "and that's the difficult
part." Chasin is Chief Technology Office for security specialist MX Logic ,
and he tries but can never quite think ahead of the spammers.
Season's greetings: it's spam for the holidays (Reuters)
The holiday season brings festive parties, family gatherings -- and a deluge
of spam.
_____________________________________________________________________________________
December 19, 2006
All About Linux: Various Ways of Detecting Rootkits in GNU/Linux (Linux
Today)
"Consider this scenario... Your machine running GNU/Linux has been
penetrated by a hacker without your knowledge and he has swapped the passwd
program which you use to change the user password with one of his own.
IT Security: The Actuarial Table (WebProNews)
Earlier this week I talked about building out an actuarial table for
defining risk in information security as something that would work in
helping information security professionals being insured against the work
that they do. Now, Dark Reading has a similar article written by Tim Wilson,
the Site editor for Dark Reading, as part of the response to McAfee's report
" International Perspectives on ...
Worm may be spreading via Skype chat (PC Advisor)
Computer security analysts are studying reports of a worm that may be
circulating via a feature in Skype's popular Voip (voice over Internet
protocol) service.
_____________________________________________________________________________________
December 18, 2006
Worm Attacks Through Antivirus Flaw (NewsFactor)
A new worm is making the rounds, attacking some business computers
through a known -- and already patched -- flaw in a popular antivirus
software suite from security firm Symantec.
Universities
vulnerable to ID thieves (MSNBC)
A major database breach at the University of California, Los Angeles that
went undetected for more than a year and a smaller breach at the University
of Texas are the latest examples of how vulnerable colleges are to such
attacks.
Computer worm attacks business PCs (USA Today)
A computer worm is attacking some business PCs through a flaw in anti-virus
software by Symantec Corp., a security company warned Friday. The worm,
dubbed "Big Yellow," began attacking some computer systems on Thursday --
seven months after eEye first discovered the flaw. December 15, 2006
Ethical Hacking -- New Solution to Build a Reliable Network Security Program
(PR Web)
Why is adequate security such a difficult objective?
Top 10 Tips to Avoid Identity Theft, Internet & Email Scams This Holiday
Shopping Season (PRWeb)
Criminals around the world are stealing credit card information, bank
account passwords and other sensitive or personal information in greater
numbers than ever before.
Cybercrime set to develop its own economy (vnunet)
Hackers and criminals will share more tools, says Websense Organised
criminals will join forces with the hacker community to form a more
organised cybercrime economy, predicts vendor Websense. Criminals will buy,
sell and trade hot commodities such as ready made cyber-attack...
_____________________________________________________________________________________
December 14, 2006
"Logic bomb" backfires on hacker (Reuters)
A former UBS PaineWebber employee was sentenced to eight years in
prison on Wednesday for planting a computer "logic bomb" on company networks
and betting its stock would go down.
UTD computer hack worse than feared (Dallas Morning News)
The University of Texas at Dallas said Wednesday that more people may be
affected by a computer attack than first believed, raising the total to
6,000 current and former students, faculty, staff and others.
Websense warns on organised cybercrime (ITP)
Websense has predicted that a more organised cybercrime economy will develop
in 2007. The web security and web filtering software specialist reckons that
organised criminals will team up with the hacker community, creating even
more security headaches for CIOs, IT managers and end-users.
_____________________________________________________________________________________
December 13, 2006
Rustock Trojan A Model For Future Threats (InformationWeek)
Among Rustock's distinguishing characteristics are its heavy reliance
on advanced rootkit technologies to hide from security software and its
changeling-like ability to morph itself each time it infects a file.
Hotmail used to launch extortion scam (ZDNet)
A Hotmail user logged into their account this week to find that scammers had
deleted all their e-mails except for one, which was from a hacker demanding
cash in exchange for restoring the lost information, according to Websense.
Boeing laptop stolen, putting 382,000 at risk for identity theft (KWQC-TV)
CHICAGO The theft of a laptop belonging to Chicago-based Boeing has
put 382-thousand workers and retirees at risk for identity theft and
credit-card fraud.
_____________________________________________________________________________________
December 12, 2006
Microsoft Updates for Multiple Vulnerabilities (US-CERT)
Microsoft has released updates that address critical vulnerabilities
in Microsoft Windows, Visual Studio, Microsoft Outlook Express, Microsoft
Media Player, and Microsoft Internet Explorer. Exploitation of these
vulnerabilities could allow a remote, unauthenticated attacker to execute
arbitrary code or cause a denial of service on a vulnerable system.
Hacker attack at UCLA affects 800,000 people (CNN)
Officials at the University of California Los Angeles alerted about 800,000
current and former students, faculty and staff on Tuesday that their names
and certain personal information were exposed after a hacker broke into a
campus computer system.
Why Spam Won't Go Away (Forbes)
Economics and technology conspire to keep your inbox clogged with junk mail.
_____________________________________________________________________________________
December 11, 2006
Avert Labs snags PoC mobile spyware (SC Magazine)
Researchers from McAfee Avert Labs claim to have discovered proof of
concept (PoC) spyware for mobile devices.
Cybercriminals Targeting Small Business (NewsFactor)
Many small businesses are more vulnerable to cybercrime than they
think, according to the 2005 Small Business Information Security Readiness
Study of 1,000 small businesses.
Hackers Attack Using Second Microsoft Word Flaw (PC World)
On eve of Patch Tuesday, hackers jump Word segment of Microsoft Office in
second attack. December 8, 2006
FTC Mails Refund Forms To ChoicePoint Data Breach Victims (TechWeb)
Reparation forms must be postmarked by Feb. 4 to be considered, according to
the FTC.
Trojans Spread Via Unpatched Microsoft Word Vulnerability (InfoZine)
Experts at SophosLabs, Sophos's global network of virus, spyware and
spam analysis centers, have warned internet users to take care when opening
unsolicited Word documents, following the discovery of Trojan horses being
distributed via an unpatched Microsoft security vulnerability.
Cybercriminals sign student 'sleepers' (Guardian Unlimited)
Criminal gangs are talent spotting at universities and offering to fund
students, according to a new report.
Microsoft To Fix Six Flaws Next Week (TechWeb)
Microsoft doesn't disclose the exact components, services, or applications
to be patched prior to delivering the updates, but only offers clues about
what it plans to fix.
_____________________________________________________________________________________
December 7, 2006
Microsoft warns of security hole in Word (King County Journal)
A newly disclosed flaw in Microsoft Word could let malicious hackers
take control of victims' computers by sending them e-mail with a Word
document attached.
Keep watch beyond the perimeter (Computer Weekly)
Wireless connectivity, mobile workers and network convergence make
security a moving target, but too many users still ignore the basics of good
practice
Baldwin lab cracks hacker attacks (Mobile Press-Register)
The suspect's constant keystrokes inside an underground nuclear laboratory
in New Mexico uncovered personal photographs, voice mails and secret
passwords.
'Govt
taking steps on cyber security' (News Today)
The State government, in association with NASSCOM, will come up with the
best practices to ensure cyber security, said C Chandramouli, secretary of
Information Technology Department, Tamilnadu.
_____________________________________________________________________________________
December 6, 2006
How Not to Distribute Security Patches (Washington Post)
Over the weekend MySpace was hit by a password-stealing computer worm
that took advantage of a weakness in Apple's QuickTime media player to
spread rapidly among the online community's users. On Tuesday, MySpace
administrators sent around a memo urging millions of users to download and
install a new Apple patch to prevent future copycat attacks.
Bug Opens Word to Attack (PC World)
Microsoft describes unpatched flaw that could corrupt PC memory and allow
intruders.
_____________________________________________________________________________________
December 5, 2006
CSIA appoints new director as Kurtz departs (SC Magazine)
The Cyber Security Industry Alliance (CSIA) announced on Monday a change of
the guard as its General Counsel Liz Gasster will replace a departing Paul
Kurtz as executive director of the organization in 2007.
Avoid being enlisted into the zombie army (Independent Online)
Don't just assume that your PC is safe from the clutches of the cyber
criminals. Simon Hendery investigates.
Scammers and spammers bombarding e-mail inboxes (The Minnesota Daily)
The information superhighway can be dark and dangerous, especially
when it leads to an unsuspecting e-mail inbox. That's because 90 percent of
e-mails are now spam.
_____________________________________________________________________________________
December 4, 2006
NASA hacker indicted (The Inquirer)
A ROMANIAN 'whitehat' hacker has been charged with conspiracy and nine
counts of computer intrusion by a US court.
Spam: now made in China (The Register)
And viruses make a festive season appearance The politics of unwanted email
is changing with China set to overtake the US any day now as the originator
of most Irish inbox clutter.
Parents put Net security tools to use (Chicago Tribune)
Many limit and monitor their children's online activity, but they still want
help, survey finds I am the mother of a 13-year-old who has a computer in
her room and a laptop that goes with her to school every day.
December 1, 2006
Hack Attack (Forbes)
What to expect next year from hackers of the world? Tip: Watch your
MySpace profile.
Vista Launch: Most security vendors come up empty at Windows release (SC
Magazine)
As Microsoft trumpeted the business release of its Vista operating
system today, most security vendors were still scrambling to offer
third-party antivirus software to aid enterprises in securing the new
Windows ecosystem.
Romanian Charged With Hacking in U.S.(AP)
A Romanian national was indicted on charges of hacking into more than 150
U.S. government computers, causing disruptions that cost NASA, the Energy
Department and the Navy nearly $1.5 million.
|
