|
July 31, 2006
E-mail Threats Plunge In July (TechWeb)
Only 1 in 222 e-mail messages processed by U.K.-based security
vendor Sophos during July carried a malicious payload.
Two Navy laptops with recruit information stolen (SC Magazine)
Two laptops containing the personal information of 31,000 U.S.
Navy recruits and applicants were stolen in the past two months from
recruiting stations in New Jersey.
Apache Quickly Patches Bug (darkREADING)
Fix is for vulnerability found in Apache HTTP Server that lets an
attacker take control of the Web server or crash it
IE 7 to be pushed as a security patch (SC Magazine)
Microsoft will push Internet Explorer 7 (IE 7) for Windows XP as
a high priority security patch through Automatic Updates later this
year.
July 28, 2006
Europe responsible for most spam (SC Magazine)
Europe is the most prolific source of spam, according to new
research.
'Kazaa' Makers Settle Piracy Lawsuits (AP)
One of the big guns of the Wild West days of freely downloading
music and movies over the Internet is going straight.
_____________________________________________________________________________________
July 27, 2006
Mozilla Patches 13 Firefox Flaws (TechWeb)
Mozilla rolls out a Firefox security update that patches 13
vulnerabilities, 8 of them judged "critical." The overall update has
been tagged as "highly critical."
Researchers Target DDoS at the Edge (NewsFactor)
Computer researchers are developing a prototype architecture for
halting distributed denial-of-service attacks, where a barrage of
traffic is directed at a server to shut it down.
Misdirected bounce attacks on the rise (SC Magazine)
IronPort announced this week that the number of email bounce
attacks and misdirected bounces are on the rise this year.
_____________________________________________________________________________________
July 26, 2006
Cisco VPNs Open To Denial-Of-Service Attacks (CRN)
A flaw in one of the protocols used by Cisco Systems' VPN 3000
Series concentrators could open up the devices to denial-of-service
attacks.
OS X still safer, but not perfect (SC Magazine)
Machines powered by the Macintosh OS X remain more secure than
other those running under other platforms, but the increasingly popular
Apple version does contain software flaws that will continue to draw the
attention of attackers, a new Kaspersky Lab analysis piece says.
Tumbleweed Tightens E-Mail Security (NewsFactor)
Tlimbleweed recently announced the latest addition to its line of
e-mail security appliances, the high-end MailGate Appliance 6500
designed for companies with 10,000 employees or more.
Trojan
Cloaks Itself as Firefox Extension (PC World)
Malicious software can steal credit card numbers and passwords from PCs.
_____________________________________________________________________________________
July 25, 2006
Trojan Spoofs Firefox Extension, Steals IDs (TechWeb)
An identity-stealing keylogger that disguises itself as a Firefox
extension and installs silently in the background has been detected by
McAfee.
Hacking the Vista Kernel (darkREADING)
More fun at Black Hat: How to slip malware into the Vista Beta 2
kernel and take control of the machine
Study: Email-borne malware successfully hit 80 percent of businesses (SC
Magazine)
Multiple variants of malware carried through emails have
successfully entered more than eight out of 10 businesses, a new report
shows.
Yahoo, Symantec unveil security service (Reuters)
Yahoo Inc. and Symantec Corp. unveiled a joint consumer Internet
security service on Monday that will help the two companies compete
against major rivals such as Google Inc. and Microsoft
Net Watchdog: Hacked Site Cause Headaches (PC World)
Many Web site owners are feeling the pain of hack attacks. Here's what
you should know.
_____________________________________________________________________________________
July 24, 2006
Private eye, about to address hacker conference, arrested (SC Magazine)
FBI agents arrested a private investigator over the weekend as he
was preparing to address a hacker conference in New York City, several
media outlets reported today.
JavaScript Malware Targets Intranets (darkREADING)
Malware, cross-site scripting use browsers to break into
intranets, with demo planned for next week's Black Hat conference
What Does the NSA Know About You? (NewsFactor)
Like an onion being peeled layer-by-layer, the NSA has been the
subject of one revelation after another concerning domestic spying --
and it's been enough to make civil libertarians cry.
Ransomware getting harder to decrypt (SC Magazine)
Ransomware is becoming more complex and anti-virus companies are worried
they may not be able to decrypt ransomed files, according to a new
report. July 21, 2006
UBS Trial Aftermath: Top 10 Tips for a Successful Postmortem
(InformationWeek)
The government's forensics investigator says UBS took an
important step when it examined the 2002 attack on its system. Here's
some tips on creating your own successful postmortem report.
Fake Google Site Hides Trojan Horse (PC World)
Scammers have set up a fake site to lure users into downloading
malware.
New email scam claims Aids cure (SC Magazine)
In-boxes are being plagued by thousands of messages related to an email
scam that attempts to fool people into believing that the sender has
found a cure to AIDS.
Websites with exploits extend beyond illicit addresses (SC Magazine)
Experts warned today that innocent internet users are
increasingly at risk of visiting innocuous websites that have been taken
over by stealthy bad guys.
_____________________________________________________________________________________
July 20, 2006
U.K. government moves to ban hackers from internet (SC Magazine)
The U.K.'s Home Office is planning broad powers to ban hackers
from using the internet.
Web Firms Violating Human Rights (AP)
Amnesty International accused Yahoo, Microsoft and Google on
Thursday of violating human rights principles by cooperating with
China's efforts to censor the Web and called on them to lobby for the
release of jailed cyber-dissidents.
Amnesty accuses US firms over China Web censorship (Reuters)
Microsoft Corp, Google Inc and Yahoo Inc have breached the Universal
Declaration on Human Rights in colluding with China to censor the
Internet, Amnesty International said on Thursday.
OpenSSL in a FIPS flap (SC Magazine)
The leading developer of open source encryption technology
reported this week that its government certification was under question
for the second time in a year.
_____________________________________________________________________________________
July 19, 2006
Oracle Products Contain Multiple Vulnerabilities (US-CERT)
Oracle products and components are affected by multiple
vulnerabilities. The impacts of these vulnerabilities include remote
execution of arbitrary code, information disclosure, and denial of
service.
New adware tricks users with security promise (SC Magazine)
A new adware program that tries to trick users into installing
fake security applications on their PC is has been spotted in the wild.
Vonage Denies Spyware Charges (Networking Pipeline)
Vonage denies that it uses spyware to deliver its advertising, as
charged yesterday by spyware researcher Ben Edelman.
Oracle releases fixes for 65 flaws (SC magazine)
Oracle Corp. released fixes for 65 security vulnerabilities today.
_____________________________________________________________________________________
July 18, 2006
Microsoft: Shun Unexpected Office Docs (TechWeb)
Microsoft tells users not to open or save unexpected Office
files, even those received from trusted sources.
Microsoft Moves Private Folder To Recycle Bin (NewsFactor)
Less than two weeks after launching a free add-on program that
let users create password protected folders on PCs running Windows XP,
Microsoft removed the application.
New Tool Searches Google for Malware (PC World)
Researcher releases code that can be used to mine Google's
database for malicious software.
Microsoft sues resellers over piracy (Reuters)
Microsoft Corp. said on Tuesday it had filed 26 lawsuits that allege
computer dealers sold illegal software.
Open source phone system open to DoS attack (SC Magazine)
Hackers could launch denial-of-service attacks against telephone
systems, research revealed.
_____________________________________________________________________________________
July 17, 2006
Online Banks Strengthen Security (NewsFactor)
About five times a month, customers try to renege on purchases
and transfers they've made through their online accounts. Each time, the
new security system proves they're lying.
Malware Now a Group Effort (PC World)
McAfee says hackers are learning from open-source developers.
Aussie drivers in internet switch scam (SC Magazine)
Drivers in New South Wales, Australia, are using the internet to trade
demerit points in a bid to keep hold of their driving licences,
according to reports.
FBI: Cybercrime losses down last year (SC Magazine)
The financial losses related to cybercrime are going down and the number
of businesses willing to report these crimes is going up according to a
new survey co-sponsored by the Federal Bureau of Investigations (FBI).
July 14, 2006
Trojans account for over half of malware (SC Magazine)
Over fifty-four percent of the new malware in the second quarter
of 2006 were trojans, according to new data.
_____________________________________________________________________________________
July 13, 2006
Cybercrooks Turn to Multipronged Hacks (NewsFactor)
In a widely aired TV commercial, a hip-looking dude personifying
Apple products wipes the nose of a sickly businessman representing
Windows, and smugly declares Apple's immunity to PC viruses.
Trojan spread through Russian President death spam (SC Magazine)
A new spam campaign that poses as a breaking news report about
the death of Russian President Vladimir Putin is actually an attempt by
hackers to infect computer users with a trojan.
News Corp. Launches Online Safety Campaign (AP)
The parent company of MySpace.com and Fox is devoting millions of
dollars in television air time and online ad space for a public service
campaign on Internet safety.
Online sexual enhancement products risky: FDA (Reuters)
Some sexual enhancement products sold on the Internet contain the same
ingredients as prescription drugs such as Viagra and are not only
illegal but dangerous, the U.S. Food and Drug Administration cautioned
on Wednesday..
_____________________________________________________________________________________
July 12, 2006
Cisco Details New VoIP, Router Vulnerabilities (CRN)
Cisco Wednesday revealed a pair of vulnerabilities, one in its
Unified CallManager 5.0 software, the other in the Web-based interface
used to configure Cisco routers.
Spam Ratios on the Rise; Threats Grow (NewsFactor)
Spam rates are rising while cyber threats such as viruses and
phishing attacks are shifting from traditional methods to more targeted
attacks, according to security firm MessageLabs.
Adware targets Myspace users (SC Magazine)
Users of the popular social networking website Myspace.com were
warned against downloading videos from friends after it was revealed
that the videos led to adware being installed on computers.
State Dept. investigating computer 'anomalies'(Reuters)
The State Department is investigating "anomalies" in its
unclassified computer system, the agency said on Tuesday, declining to
comment on a report that the department's computers had been hacked.
Secure Computing and CipherTrust merge with $273.6 million deal (SC
Magazine)
Secure Computing Corporation announced late this afternoon that
it is purchasing CipherTrust for total consideration of $273.6 million.
Tech.gov: Censorship, Human Rights, and Capitalism (PC World)
Congress wants to protect freedom of information on the Internet by
legislating how companies work with restrictive regimes overseas.
_____________________________________________________________________________________
July 11, 2006
Microsoft Windows, Office, and IIS Vulnerabilities (US-CERT)
Microsoft has released updates that address critical
vulnerabilities in Microsoft Windows, IIS, and Office. Exploitation of
these vulnerabilities could allow a remote, unauthenticated attacker to
execute arbitrary code or cause a denial of service on a vulnerable
system.
Security Experts Google For Malicious Sites (TechWeb)
Security researchers at Websense have figured out how to use
Google's search engine to sniff out thousands of malicious Web sites.
Gmail users warned of new phishing scheme (SC Magazine)
Security experts are warning of a new "widespread" phishing
scheme that attempts to dupe users of Google's email service, Gmail,
into offering account details in exchange for a bogus cash prize.
IT Security spending set to grow significantly (SC Magazine)
IT security spending is set to grow significantly this year, according
to a new report.
_____________________________________________________________________________________
July 10,
2006
Personal info of 100K sailors, Marines posted to public site (SC
Magazine)
The personal information of more than 100,000 U.S. Navy and
Marine Corps members was errantly posted on the Naval Safety Center
website, the Navy announced in a statement Friday.
Internet providers urged to lock out file-sharers (Reuters)
The British music industry stepped up its campaign against illegal
file-sharing on Monday by demanding that two Internet service providers
suspend 59 accounts it believes are being used to swap copyrighted songs.
Online Video Boom Raises Risks, Concerns (AP)
As if porn sites and pedophiles in chat rooms weren't frustrating
enough for parents whose children use the Internet, now online postings
of amateur video featuring skin and violence are raising concerns. The
explosion in online video-sharing sites, where clips of any nature can
be easily uploaded for the world to see, has become the latest challenge
for parents trying to protect their children and for Web sites coping
with obscene submittals.
July 7,
2006
Microsoft Adds Privacy Folder To Windows (TechWeb)
Microsoft Private Folder 1.0, an add-on to Windows XP for storing
private documents and files, has some enterprise administrators
squawking.
Britain OKs Extradition Of Hacker To U.S. (TechWeb)
Gary McKinnon, called "the biggest military hacker ever" and
accused of hacking into scores of U.S. government computers, could face
up to 70 years in prison if convicted on all counts.
Cisco Buys WLAN Security Smarts (darkREADING)
Cisco returns to the security sector, buying software-based secure WLAN
access specialist Meetinghouse
_____________________________________________________________________________________
July 6,
2006
Hacker Goes Public with Browser Bugs (NewsFactor)
A well-known hacker has vowed to disclose the details of at least
one Web browser flaw every day in July as part of a project designed to
call attention to unpatched security vulnerabilities.
Microsoft Plans Patches for Windows, Office (PC World)
Seven software patches expected next week from Microsoft.
Sensitive FBI data hacked (SC Magazine)
A former government consultant breached sensitive portions of the FBI's
classified computer system to obtain the passwords of 38,000 employees –
including that of FBI Director Robert S. Mueller III, according to a
report today in the Washington Post.
Security Still Key WLAN Concern (darkREADING)
But 64 percent of businesses intend to increase WLAN deployment during
the next 12 months, according to the analyst firm
_____________________________________________________________________________________
July 5,
2006
Trojan Horses on the Rise (PC World)
Updated Sophos report finds a huge drop in viruses and worms--and
increase in other malicious attacks.
Hidden Dangers of Instant Messaging (NewsFactor)
Unlike water-cooler chatter, IMs leave a trail -- one that can be
tracked by employers, regulators, and law-enforcement officials. And
like e-mail, IMs are considered legal documents.
20 Years Of PC Viruses (TechWeb)
This year marks the 20th anniversary of the first PC virus. We
look back at the highs and lows (well, mostly lows) of the ongoing
struggle against malware.
Sophos report tempers good with the bad (SC Magazine)
The latest Threat Management Report from Sophos paints mixed
picture, carries a recommendation that will put a smile on Steve Jobs
face.
China cracks online betting ring (Reuters)
Police in China's southwestern province of Sichuan have brought
down a 1 billion yuan ($125 million) soccer gambling ring, a Chinese
newspaper reported on Wednesday, as World Cup betting reaches fever
pitch.
Mac OS X Calling Cupertino (PC World)
New Dashboard process contacts Apple servers without user knowledge.
_____________________________________________________________________________________
July 4,
2006
New PoC virus can infect both Windows and Linux (SC Magazine)
Kaspersky Lab today reported a new proof of concept (PoC)
cross-platform virus that creates malicious code to infect both Linux
and Microsoft Windows operating systems.
Music Cos. Preparing Suit vs. Yahoo China (AP)
A group of major music companies are preparing to sue Yahoo China over
complaints the popular search engine violates copyrights by linking to
Web sites that offer pirated music, the group's chairman said Tuesday.
_____________________________________________________________________________________
July 3,
2006
Viruses Shift from E-Mail to Web Sites (NewsFactor)
Malware authors are turning away from e-mail attachments and
attempting to lure victims to specially crafted Web sites from which
malware is downloaded.
UK lawsuit proceeds against Russian MP3 site (Reuters)
The British music industry's trade group has been cleared to sue
the controversial Russian music download site AllofMP3.com in London's
High Court.
Analysts: EMC-RSA deal different than Symantec-Veritas (SC Magazine)
Though the recently announced marriage between EMC and RSA
resembles last year’s merger between Symantec and Veritas, analysts say
that the new merger is more targeted to integrate security into
information lifecycle management (ILM).
|
