|
March 31, 2006
Attorney General Says Feds Balance Privacy, Security (eWeek)
U.S. Attorney General Alberto Gonzalez says his department is very
conscious of the sensitive balance between privacy rights and the need
to defend the nation from terrorist threats.
Security firms launch new anti-phishing task force (SC Magazine)
Two security firms have teamed up in a bid to create an
anti-phishing task force of volunteers to help consumers and businesses
combat phishing scams and online identity theft.
Experts detect sharp hike in ‘script kiddie’ phishing tools (SC
Magazine)
Almost a third of phishing attacks during February 2006 were
generated by technically unskilled individuals using so-called script
kiddie kits, new monitoring data has revealed.
_____________________________________________________________________________________
March 30, 2006
Arrests Made in Debit Card Fraud Case (PC World)
Fraud forces reissue of millions of debit cards nationwide.
NTT joins Liberty Alliance management board (SC Magazine)
The Liberty Alliance Project, the global consortium dedicated to
developing open federated identity, strong authentication and
identity-enabled web services, today announced Nippon Telegraph and
Telephone Corporation (NTT) as the newest member of the its management
board.
Microsoft Updates E-Mail Protection (AP)
Microsoft Corp. is releasing new versions of its software
packages for safeguarding and archiving e-mails and other corporate
messages.
U.K. clamps down on 145 software pirates (SC Magazine)
Up to 145 of the 150 individuals identified following a recent
U.K. court order for illegally sharing software over peer-to-peer (P2P)
networks have been targeted in an anti-piracy initiative launched today
by the Federation Against Software Theft (FAST).
Microsoft Security Advisory Notification (Microsoft)
Vulnerability in the way HTML Objects Handle Unexpected Method Calls
Could Allow Remote Code Execution
_____________________________________________________________________________________
March 29, 2006
Hackers Serve Rootkits with Bagles (eWeek)
Anti-virus researchers find rootkit features in the latest Bagle
mutants, confirming fears that existing malware threats present new,
stealthy dangers.
Experts warn of 'aggressive' rise in child porn spam (SC Magazine)
Security experts yesterday warned computer users of an increase
in highly offensive emails designed to lure traffic to child-porn
websites. As a result of these new "aggressive" spam campaigns, security
firm Sophos has recorded a threefold increase in the amount of illegal
child-porn websites over the past week.
Tips & Tweaks: Matters of Importance (PC World)
Copyright issues, phishing scams, hearing loss, Macs, and a hot new
video game.
Web Analytics Association outlines anti-spyware principles (SC Magazine)
The Web Analytics Association (WAA) has adopted an anti-spyware
statement of principles to help differentiate honest web analytics
vendors that use browser cookies to legitimately measure website traffic
from the deceptive makers of spyware. The move was endorsed by an
overwhelming vote of more than 750 of WAA's corporate and professional
members.
_____________________________________________________________________________________
March 28, 2006
Microsoft Security Advisory (Microsoft)
Vulnerability in the way HTML Objects Handle Unexpected Method
Calls Could Allow Remote Code Execution
Small Businesses Get Security Help (PC World)
Business group, tech vendors launch a program to protect against
data breaches.
Critical Internet Explorer Flaw Patched by Third Party (NewsFactor)
While Microsoft works on a patch for a critical Internet Explorer 6
script vulnerability that can allow a hacker to take control of a
Windows PC, another firm has released a fix for the problem.
Spam Slayer: Don't Can Spam, Cube It (PC World)
Device called the Spam Cube protects computers on a small network from
junk e-mail, viruses, and phishing attacks.
U.K. firms suffer from the enemy within (SC Magazine)
Staff misusing the internet by accessing inappropriate websites or
engaging in excessive web surfing remains the second largest cause of
reported security incidents after viruses for large U.K. companies.
_____________________________________________________________________________________
March 27, 2006
Trojan-creating couple gets prison time (SC Magazine)
An Israeli couple that created a trojan that helped Israeli
companies spy on each other were sentenced to prison today, several
media outlets reported.
Microsoft Launches IE Bug Database (TechWeb)
Microsoft is launching a public bug database for Internet
Explorer 7, which is currently in beta, but it isn't for reporting
security issues. That would be another site, the Microsoft Security
Response Center.
Check Point Misses Critical Opportunity (VarBusiness)
Check Point says it will look for ways to collaborate with its
former acquisition target, Sourcefire.
Most U.K. staff would report their bosses for illegal software use (SC
Magazine)
Almost half of U.K. employees have suffered from exposure to
"illegal or inappropriate activities" at work including being asked to
use pirated software, research has claimed.
Protegrity snaps up OmniSecure (SC Magazine)
Data security management solutions firm Protegrity has announced
the acquisition of OmniSecure, a privately held data security company
based in Santa Clara, California. Financial terms of the deal were not
disclosed.
Colo. Police Use MySpace to ID Suspects (AP)
Detectives used profiles posted on the MySpace social networking
Web site to identify six suspects in a rape and robbery that began when
a party turned violent, leaving blood "in almost every room of the
house," officials said. March 24, 2006
Microsoft Security Advisory Notification (Microsoft)
Vulnerability in the way HTML Objects Handle Unexpected Method
Calls Could Allow Remote Code Execution
Check Point Software boosts board of directors (SC Magazine)
Check Point Software Technologies yesterday announced that it has
appointed Dan Propper to its board of directors.
DNS servers do hackers' dirty work (CNET)
A new twist on denial-of-service attacks intensifies threats to
online businesses by cybercriminals.
No Copying With First HD Video Players (PC World)
First version of antipiracy rules for next-gen DVD doesn't allow
consumer copies.
One in five firms has no disaster recovery plan (SC Magazine)
One in five global companies have no formalized business continuity (BC)
plans, new research has claimed.
_____________________________________________________________________________________
March 23, 2006
Microsoft Warns Of Dangerous IE Exploit (TechWeb)
An exploit for a new zero-day bug in Internet Explorer appeared
Thursday, causing security companies to ring alarms and Microsoft to
issue a security advisory that promised it would patch the problem.
Serious security bug found in Sendmail (SC Magazine)
Security experts at Internet Security Systems (ISS) yesterday revealed
the existence of a serious vulnerability in the Sendmail SMTP server
software.
Tech thieves target U.S. citizens filing online tax returns (SC
Magazine)
As the April 15th annual tax deadline approaches, cyber
fraudsters are ramping up attacks against online American tax filers to
steal confidential information, security experts warned today.
_____________________________________________________________________________________
March 22, 2006
DoS Attack Brings Down Sun Grid Demo (eWeek)
A text-to-speech translation application that Sun offered on the
public Internet to demonstrate the power of its Grid computing system
was quickly brought down by a denial-of-service attack.
Sendmail Race Condition Vulnerability (US-CERT)
Sendmail contains a race condition caused by the improper
handling of asynchronous signals. In particular, by forcing the SMTP
server to have an I/O timeout at exactly the correct instant, an
attacker may be able to execute arbitrary code with the privileges of
the Sendmail process.
Microsoft Confirms 'Highly Critical' IE Hole (eWeek)
Microsoft plans to release a pre-patch advisory to provide mitigation
guidance and workarounds for a code execution browser flaw that could
lead to PC takeover attacks.
Double attack fires 650,000 trojan-laden emails at UK firms (SC
Magazine)
A double virus attack hit UK businesses with an estimated 650,000
trojan-laden emails before antivirus vendors were able to issue patch
against the new malware, a security firm claimed yesterday.
Watchdog Group Releases Software Report (AP)
A corporate-backed watchdog group that monitors software for deceptive
and abusive practices on Wednesday named a widely used file-sharing
program and three other applications as violators of its guidelines.
Internet industry unites against child pornography (SC Magazine)
In a bid to clamp down on internet child pornography eighteen of the
world's most prominent financial institutions and internet industry
firms have joined with the International Centre for Missing & Exploited
Children (ICMEC), and its sister organization, the National Center for
Missing & Exploited Children (NCMEC). The goal of the alliance is to
eradicate commercial child pornography by 2008.
_____________________________________________________________________________________
March 21, 2006
Spyware Trail Leads to Kazaa, Big Advertisers (eWeek)
Google-funded anti-spyware coalition StopBadware.org releases its
inaugural report to coincide with a study on how big-name advertisers
are helping fund the virulent spread of unwanted software.
VeriSign Service Catalogs Business Cyber Threats (TechWeb)
VeriSign launches Security Risk Profiling Service, a service that
is designed to help businesses pinpoint vulnerable parts of a their
digital infrastructures.
Security: A Continuing Federal Challenge (Security Pipeline)
The latest FISMA scorecards are out, with the grades for
different agencies' efforts in the computer security arena. Amazingly,
the overall grade--for all 24 major agencies in the federal
government--has moved not a notch. Last year's D+ remains intact.
IRS, Security Company Warn of Tax Phishers (PC World)
Taxpayers should be leery of e-mails that purport to come from
the IRS.
Microsoft Takes On Global Phishers (NewsFactor)
As part of its ongoing enforcement actions against phishers,
Microsoft has created a global initiative designed to thwart
large-volume scam artists, no matter where they are in the world.
Bogus Amazon email hides phishing trojan (SC Magazine)
IT security experts yesterday warned internet users to be wary of emails
claiming to come from online retailer Amazon that threaten to delete
more than 300 pounds sterling from recipients’ credit cards.
Microsoft gets tough on cybercriminals (SC Magazine)
Microsoft yesterday unveiled a global law enforcement campaign
aiming to bring down cybercriminal masterminds behind large-scale
phishing attacks.
_____________________________________________________________________________________
March 20, 2006
Third of U.K. business fail to test disaster plans (SC Magazine)
A third of U.K. businesses fail to test their business recovery
regularly, says a new study.
Tracer Utility Is Likely Culprit In Visa's Fujitsu POS Security Alert
(eWeek)
Fujitsu claims Visa overreacted and it's up to customers to use
credit-card software properly.
Microsoft stamps on eBay software pirates (SC Magazine)
Microsoft has filed eight lawsuits against sellers whom the firm
alleges sold counterfeit copies of its Windows and Office software using
eBay auctions.
Pyrotek Finds Hot Security Fix (eWeek)
Case Study: The materials maker is undergoing a rapid acquisition
strategy that challenges its security infrastructure; AIS and Symantec
help fight the fires.
NCL leads calls for action against phishing (SC Magazine)
An initiative led by the National Consumers League (NCL) has brought
together law enforcement organisations, financial services and technical
industries to combat the growing threat of phishing.
March 17, 2006
Cyber criminals turn to extortion with Zippo-A trojan (SC Magazine)
Security experts have identified a tojan horse that encrypts
victims' computer files, and then attempts to extort a ransom of $300 to
restore the hijacked data.
Spyware-killing Vista could take out rivals (CNET)
Updated OS has tougher tools than ever to fight sneaky programs. Some
analysts think it spells trouble for other anti-spyware makers.
Experts expose global botnets controlling 150,000 PCs (SC Magazine)
Acting on an anonymous tip-off security researchers have
uncovered two global botnets that are collectively controlling up to
150,000 compromised computers.
_____________________________________________________________________________________
March 16, 2006
Music Web Site: Breach Exposed Accounts (AP)
A musical instrument and sound gear Web site that advertises its
relationship with artists such as Dave Matthews, Carlos Santana and Mary
J. Blige notified some customers that their credit card information may
have been stolen.
Banks take on debit-card theft (CNET)
roundup Banks offer programs to alert customers to potential
fraud as concerns over debit-card theft build.
Federal IT security well below self-set standard (SC Magazine)
The U.S. House Government Reform Committee released its Federal
Computer Security Scorecards today, and the results were not good for
most government agencies.
New denial-of-service threat emerges (CNET)
Attacks targeted 1,500 IP addresses and delivered a heftier blow
than normal DOS threats, VeriSign security chief says.
Adobe Macromedia Flash Products Contain Vulnerabilities (US-CERT)
There are critical vulnerabilities in Macromedia Flash player and
related software. Exploitation of these vulnerabilities could allow a
remote, unauthenticated attacker to execute arbitrary code or cause a
denial of service on a vulnerable system.
Milosevic murder trojan spreading rapidly (SC Magazine)
An email purporting to contain proof that the recently deceased Yugoslav
permier Slobodan Milosevic was murdered is being used to spread a
malicious trojan, security watchers warned.
Hackers Get Intel Mac to Run Windows XP (PC World)
Making Microsoft's OS run on Apple's hardware was not an easy task, but
it has been done.
Computer Researchers Warn of Net Attacks (AP)
A new variety of unusually powerful Internet attacks can overwhelm
popular Web sites and disrupt e-mails by exploiting the computers that
help manage global Internet traffic, according to security researchers.
_____________________________________________________________________________________
March 15, 2006
Child porn ring transmitted acts live on Web (Reuters)
U.S. and Canadian authorities said on Wednesday they had cracked
an international child pornography network that in some cases
transmitted molestations live over the Internet.
Has FISMA helped? (SC Magazine)
After blasting federal agencies with an average grade of D+ in
information security practices last year, the U.S. House of
Representatives Government Reform Committee will announce on Thursday
whether the federal government has improved its preparedness against
major cyber attacks.
FrSIRT Puts Exploits Up for Sale (eWeek)
The go-to site for exploits and proof-of-concept code has shut down
public access to its database and launched a paid-subscription service.
Israeli court to jail husband and wife trojan team (SC Magazine)
A married couple are to be jailed for developing and selling an
industrial espionage spyware trojan horse that helped private
investigators spy on their clients' business competitors.
Tribble on Apple's security troubles (CNET)
When it comes to patches, software honcho Bud Tribble says the company
doesn't believe in schedules or severity rankings.
Skype branded danger to enterprise IT security (SC Magazine)
Although cost savings and improved communications are luring enterprises
to consider Skype, the popular Voice over IP service may violate
security policies, industry experts have warned.
_____________________________________________________________________________________
March 14, 2006
Study says RFID tags are vulnerable to viruses (CNET)
Researchers demonstrate that it is possible to insert a software
virus into radio frequency identification tags.
Man Charged With Hacking Into GM Database (AP)
A former security guard at General Motors Corp.'s Warren technical
center is accused of taking employee Social Security numbers and using
them to hack into the company's employee vehicle database.
Faulty McAfee Update Wreaks Havoc (PC World)
VirusScan update prompted users to delete good software along with
viruses.
Microsoft Office and Excel Vulnerabilities (US-CERT)
Microsoft has released updates that address critical
vulnerabilities in Microsoft Office and Excel. Exploitation of these
vulnerabilities could allow a remote, unauthenticated attacker to
execute arbitrary code or cause a denial of service on a vulnerable
system.
Microsoft Security Advisory Notification (Microsoft)
Adobe Security Bulletin: APSB06-03 Flash Player Update to Address
Security Vulnerabilities and Vulnerability in Windows Service ACLs
Gartner warns of 'PIN block' hacking scams (SC Magazine)
Recent automated teller machine (ATM) fraud involving Citibank
and other banks points to a new wave of "personal identification number
(PIN) block" schemes, Gartner has warned.
Microsoft to offer free parental Web monitoring (Reuters)
Microsoft Corp. said on Monday it plans to include a free service to
help parents control and monitor what their children are doing online in
its upcoming Windows Live offering of Web services.
Phishers cast off with bogus Chase Manhattan poll (SC Magazine)
Internet users have been warned to guard against a newly detected
email phishing scam that poses as a survey from Chase Manhattan bank.
_____________________________________________________________________________________
March 13, 2006
Prosecutor: Debit card crime ring busted (CNET)
Authorities link 14 people to credit and debit card information
that a prosecutor says was stolen from OfficeMax and other businesses.
Cryzip Trojan Encrypts Files, Demands Ransom (eWeek)
Security researchers discover a new "ransomware" Trojan that encrypts
files on an infected PC and then demands $300 in exchange for a
decryption password.
Security Hole Found in GPG Crypto Program (PC World)
Could allow attacker to place code in signed e-mail.
Analyst, End-Users Mad About Windows Live OneCare Updates (TechWeb)
Not everyone is happy with updates Microsoft issued for its
OneCare security service. In fact, some are cautioning others to steer
clear.
Experts warn users not to fall for ‘lipstick causes cancer’ chain letter
(SC Magazine)
Security experts have warned users not to fall for a chain letter
that is spreading across the internet, claiming that lipstick causes
cancer.
Mac Skeptic: More on Mac Security (PC World)
Some advice after a handful of mostly harmless worms shows that
Macs are vulnerable to attack.
U.K. firms under fire for ignoring internet acceptable usage policies
(SC Magazine)
Widespread failure to implement or enforce internet Acceptable Usage
Policies (AUPs) is leaving many U.K. companies open to potentially
serious IT security breaches, newly published research has claimed.
March 10, 2006
Web banking fraud losses double in U.K. (SC Magazine)
A sharp hike in the volume and sophistication of phishing scams
pushed British online banking fraud losses to record levels of £23.2m in
2005 – almost double the previous year’s losses of £12.2m, APACS, the UK
payments association warned yesterday.
Court OKs computer searches for child porn (CNET)
U.S. appeals court rules police can do search if computer owner
subscribes to child-porn Web site.
Several
eerata have been patched (Red Hat Network Alert)
Patches for chkconfig, udev, libuser, and shadow-utils are now
available.
Feds bust fans for pirated Ryan Adams tunes (CNET)
Defendants face up to 11 years in prison for violating FECA, law banning
unauthorized prerelease distribution.
U.S. researchers pioneer digital fingerprint forensics to nab cyber
thieves (SC Magazine)
US researchers have demonstrated a new forensics technology
designed to help catch cyber thieves and digital pirates. The digital
fingerprinting technology, which developed by academics at the
University of Maryland's A. James Clark School of Engineering, is
designed to help protect digital assets and identify national security
leak sources.
_____________________________________________________________________________________
March 9, 2006
No Citibank withdrawals north of the border (SC Magazine)
Citibank has blocked customers from using their ATM cards for
cash withdrawals in three countries after detecting several hundred
fraudulent withdrawals in those locations, the company said in a
statement.
Microsoft Plans Two Patches Next Week (TechWeb)
Microsoft will issue security patches next week for Microsoft
Office and Windows. The Windows Malicious Software Removal Tool will
also be refreshed.
Several
eerata have been fixed (Red Hat Network Alert)
Patches for bugs in gnome-pilot-conduits, evolution, iputils,
sysstat, kernel-utils, and file are now available.
CeBIT: Fujitsu Shows Smaller, Faster Palm Vein Sensor (PC World)
Biometric security device is also cheaper than the company's
previous model.
Industry clamps down on hackers selling custom trojans (SC Magazine)
A network of websites used by cyber criminals to create and sell
custom-designed trojans that could be used for corporate espionage and
ID theft has been shut down after a concerted effort by IT security
firms.
Tech.gov: Your Phone Records in Peril (PC World)
Unscrupulous companies have conned phone records from carriers in
order to sell them. Will Congress protect your privacy?
Google to Pay $90M in 'Click Fraud' Case (AP)
Google Inc. has agreed to pay up to $90 million to settle a
lawsuit alleging the online search engine leader overcharged thousands
of advertisers who paid for bogus sales referrals generated through a
ruse known as "click fraud."
SSL tunnels create ‘invisible’ backdoors into corporate networks (SC
Magazine)
Encrypted Secure Socket Layer (SSL) communications between
internal corporate employees and external internet applications is
"invisible" to companies and so comprises a "risk to the enterprise",
new research has claimed.
_____________________________________________________________________________________
March 8, 2006
Hack-My-Mac Challenge Leaves System Shipshape (TechWeb)
A senior systems engineer at the University of Wisconsin launches
a contest by setting up a fully-patched Mac mini hosting a Web page, and
challenging attackers to have at it, and the results are in.
U.K. clamps down on online child porn (SC Magazine)
The number of web-based child abuse images hosted from U.K.
servers has plummeted from 18 percent in 1997 to just 0.4 percent today,
according to the Internet Watch Foundation (IWF) 2005 Annual Report.
Famed "computer terrorist" teaches anti-hacking (Reuters)
He can find George Bush senior's social security number and Leonardo
DiCaprio's mother's maiden name in under 15 seconds, and led the FBI on
a three-year manhunt as he hacked his way into the world's biggest firms.
Cyber criminals attempt to dodge phishing site shutdowns (SC Magazine)
Online fraudsters have developed a new phishing technique, in response
to increasingly aggressive moves to identify and shut-down traditional
phishing sites. Dubbed Smart Redirection Attacks the new type of threat
is designed to ensure that potential phishing victims always link to a
live website.
_____________________________________________________________________________________
March 7, 2006
New IM Worms Delete Files, Hijack PCs (TechWeb)
An anti-virus vendor warned Tuesday that two new worms spreading
on Microsoft's and America Online's instant messaging networks delete
files and leave systems open to hijacking.
Profit driven hackers a growing threat (SC Magazine)
Quiet, targeted and profit-driven. These are the adjectives describing
the current attacks ruling the IT threat landscape, according to
Symantec’s latest Internet Security Threat Report, released today.
Mac OS X patch faces scrutiny (CNET)
Experts say Apple's most recent security patch doesn't completely
fix a high-profile flaw, leaving users exposed to cyberattacks.
Cybercrime networks take over hacking and virus writing (SC Magazine)
Virus and other malware attacks directed against individuals or
enterprises are increasingly motivated by financial gain, which has led
to a higher number of increasingly dangerous attacks, industry experts
warned today.
Does the GPL Violate Sarbanes-Oxley? (eWeek)
The Software Freedom Law Center refutes claims by embedded systems
seller Wasabi Systems that companies using the GPL could be in violation
of the Sarbanes-Oxley Act.
Cyber criminals stepping up targeted attacks: report (Reuters)
Cyber criminals are stepping up smaller, more targeted attacks as
they seek to avoid detection and reap bigger profits by stealing
personal and financial information, according to a report issued on
Monday.
Husband and wife trojan team indicted for computer crimes (SC Magazine)
Two individuals who are alleged to have developed an industrial
espionage trojan that helped companies spy on their competitors, were
indicted this weekend in the Tel Aviv District court for a series of
computer crimes.
_____________________________________________________________________________________
March 6, 2006
Researcher Hacks Microsoft Fingerprint Reader (PC World)
Hackers could steal your fingerprint information.
Israeli Couple In Spyware Ring Confess, Strike Plea Bargain (TechWeb)
It is a tangled web, but authorities say there's been some action in an
complex case involving Trojans, private investigators, raiding
competitors' secrets from hacked databases and more.
Bagle mutant threatens legal action (SC Magazine)
IT security experts have warned users to guard against a new
version of the Bagle worm which poses as a lawsuit against the
recipient.
Boffins use quantum 'decoys' to secure data (SC Magazine)
A new system of protecting sensitive data while it is being
transmitted over fibre optic cables has been described by its University
of Toronto inventors as “the protective equivalent of a fire-breathing
dragon”.
March 3, 2006
Apple Mac Products are Affected by Multiple Vulnerabilities (US-CERT)
Apple has released Security Update 2006-001 to correct multiple
vulnerabilities affecting Mac OS X, Mac OS X Server, Safari web browser,
and other products. The most serious of these vulnerabilities may allow
a remote attacker to execute arbitrary code. Impacts of other
vulnerabilities include bypassing security restrictions and denial of
service.
Korean online RPG in class action suit (SC Magazine)
Lawyers in South Korea have brought a class action lawsuit on behalf of
224,000 online gamers whose identities were stolen by hackers.
Researcher develops 'active cookies' to take a bite out of cyber crooks
(SC Magazine)
An Indiana University School of Informatics scientist claims that his
newly developed active cookie technology provides a “strong shield”
against identity theft and cyber attacks.
Worms turn to top malware threat list (SC Magazine)
For the ninth month running, Sdbot.ftp has topped the list of the most
prevalent global IT security threats, according to a newly published
monitoring report. The study, based on the malware most frequently
detected by Panda Software’s online antivirus offering during February
2005, also notes that there have been “a significant number” of
detections of Netsky.P, one of the oldest examples of malware in the
ranking.
Feds serve up a stormy cup of tea to Check Point & Sourcefire (SC
Magazine)
Government fears over national security have slowed the completion of
Check Point Software Technologies’ $225 million acquisition of
Sourcefire Inc.
_____________________________________________________________________________________
March 2, 2006
Bagle Bullies Users Into Infections (Security Pipeline)
A variant of the long-running Bagle worm appeared Wednesday, and
tried to bully people into installing its payload.
FedEx Kinko's payment card cracked (CNET)
Anyone with some extra hardware and technical know-how could add
value to the card, but FedEx says company and customers aren't at risk.
Teenager Claims to Find Flaw in Gmail (PC World)
Blogger says he has discovered a flaw in Google's e-mail service that
allows JavaScript to run.
Symantec Offers Online Threat Meter (NewsFactor)
Symantec has launched a free online tool that promises to provide
up-to-date info on the risk levels associated with e-mail and other
common online activities.
Botnet threat growing at an 'alarming rate' (SC Magazine)
The trend of hackers and cyber criminals using botnets to conduct
large-scale denial-of-service attacks increased at an “alarming rate”
during the second half of last year, new research has revealed.
Hunt Intensifies for Botnet Command & Controls (eWeek)
The never-ending search for the command-and-control infrastructure that
powers zombie machines in botnets has been expanded with a new open
mailing list and a call for increased public participation.
Online banks must try harder to boost IT security (SC Magazine)
Banks offering online banking services to retail customers need
to beef up their security features, especially in light of the Federal
Financial Institutions Examination Council's (FFIEC’s) 2006 mandate,
warns a recently published report.
_____________________________________________________________________________________
March 1, 2006
tar security update (Red Hat Network Alert)
An updated tar package that fixes a buffer overflow bug is now
available for Red Hat Enterprise Linux 4.
Technology Facilitates Caller ID Spoofing (AP)
Last fall, U.S. Rep. Tim Murphy's office started getting phone
calls from constituents who complained about receiving recorded phone
messages that bad-mouthed Murphy.
Search Engines Are At the Center Of Privacy Debate (Security Pipeline)
The more user information gathered by Google, Yahoo and Microsoft
MSN, the more often they will become the targets of governments.
NetSky, Mytob lead February virus counts (SC Magazine)
A couple of familiar faces are leading security firms' lists of top
February viruses.
Mobile Phone Spam is Here to Stay (eWeek)
Spam, typically offering dating services, pornography and get-rich
schemes, has moved beyond traditional e-mail and into text-messaging and
mobile e-mail.
New mobile virus runs up huge bills (SC Magazine)
Hackers have a created a new trojan that infects Java-based mobile
phones and sends text messages to premium rate phone numbers costing
unwitting users $6 each time.
Mystery Surrounds PC-to-PDA Virus (PC World)
Antivirus vendors say they cannot confirm the existence of the
Crossover virus.
Game on for FTC's battle against online auction fraud (SC Magazine)
The Federal Trade Commission (FTC) today reported that it
received 80,450 complaints related to internet auctions in 2005,
representing about 12 percent of the total number of complaints.
According to the organization, the latest figures indicate that web
auction fraud has become responsible for the second most common kind of
complaint after those about identity theft.
IP convergence paves way for ‘security over IP’ (SC Magazine)
As firms move towards single converged voice-data IP networks, IT
departments will increasingly become responsible for the physical
security of buildings via deployment of systems such as biometric access
controls, IP-CCTV and card readers, new research has predicted.
|
