|
May 31, 2006
Microsoft Launches Security for Windows (AP)
Security software makers, the 800-pound gorilla has landed. Microsoft
Corp. was to announce Wednesday that it is releasing software that aims
to better protect people who use its Windows operating system from
Internet attacks.
Kiwi hacker jailed (SC Magazine)
A New Zealand man has been jailed for nearly three years after he was
found guilty of hacking the accounts of internet bank and auction site
users.
Symantec Fixes Flaw in Antivirus Software (AP)
Symantec Corp. has repaired a serious problem with versions of its
leading antivirus software, which protects some of the world's largest
corporations and U.S. government agencies. The flaw lets hackers steal
sensitive data, delete files or implant malicious programs.
_____________________________________________________________________________________
May 30, 2006
Fortinet Thinks Big (darkREADING)
The security company has big designs on the carrier market but no
immediate plans for an IPO.
First StarOffice Virus Detected (PC World)
Proof-of-concept virus uses macros to attack the office suite.
Arizona Leads U.S. in Identity Theft (NewsFactor)
Police in Arizona, which leads the nation in identity theft, say
they're in a constant battle to keep up with the technology used to
steal identities.
Symantec Patches AV Flaw In Five Days (TechWeb)
Symantec finished patching its buggy anti-virus line Sunday, just
days after another security vendor said that machines running Symantec's
enterprise products could be easily hijacked.
New Worm Promises World Cup Tickets (darkREADING)
Banwarum's goal is to steal email addresses and flood the network with
traffic
Password-Stealing Trojan Spreads (PC World)
Malware arrives in German spam that claims to contain an update
from Microsoft.
Bulgaria cracks down on pirates (SC Magazine)
Two Bulgarian men were arrested on Saturday for their part in
what police have called Europe's largest internet piracy ring.
_____________________________________________________________________________________
May 29, 2006
China: U.S. Is in Wireless 'Conspiracy' (AP)
The agency promoting China's wireless encryption standard has accused a
U.S. engineers' group of waging a conspiracy that led a global
organization to reject the Chinese system, the country's official news
agency said Monday.
May 26, 2006
Net Watchdog: The Dangerous Side of Search Engines (PC World)
Popular search engines may lead you to rogue sites. Here's what
you need to know to avoid dangerous downloads, bogus sites, and spam. .
_____________________________________________________________________________________
May 25, 2006
Researchers: Antivirus Software Has Flaw (AP)
Symantec Corp.'s leading antivirus software, which protects some
of the world's largest corporations and U.S. government agencies,
suffers from a flaw that lets hackers seize control of computers to
steal sensitive data, delete files or implant malicious programs,
researchers said Thursday.
Stronger cybersecurity bill passes House committee (SC Magazine)
The U.S. House of Representatives Judiciary Committee today approved a
bill that would significantly strengthen existing federal cybercrime law
and provide law enforcement with increased enforcement tools.
2 Teens Charged With MySpace.com Extortion (AP)
Two New York teenagers were in police custody Wednesday facing illegal
computer access and attempted extortion charges after they allegedly
threatened to shake down the popular Web site MySpace.com unless its
operators paid them $150,000, prosecutors said.
Aerospace, Feds Activate PKI Bridge (darkREADING)
The US Federal government and the aerospace industry are giving new life
to PKI, building a bridge certificate authority to ease federated
identity management.
_____________________________________________________________________________________
May 24, 2006
StopBadware.org Adds to Hall of Shame (PC World)
A gaming app, a screen saver, a spyware scanner, and a utility
all get the dubious honor of being named to the Badware Watch List.
Washington state settles spam case (SC Magazine)
Washington State Attorney General's Office has agreed a
settlement with two Californian spammers accused of bombarding the
Seattle School District and other organizations with junk email.
MetroMesh: A Hacker's Paradise? (darkREADING)
Wireless MetroMesh technology promises a new era in anytime,
anywhere public access Internet for the masses.
"Lawless" Internet proving costly for gamblers (Reuters)
The Internet is a "lawless land", easily accessed 24 hours a day without
stepping out of the house, and for gamblers that can be a costly and
irresistible temptation.
_____________________________________________________________________________________
May 23, 2006
Security Vendors Unleash New Solutions To Protect E-Mail (VAR Business)
In recent weeks, numerous vendors, including Trend Micro and
Postini, have announced solutions to combat an ever-widening messaging
security crisis.
Dems want tighter VA restrictions after massive breach (SC Magazine)
U.S. House Democrats called on the Department of Veterans Affairs
(VA) this week to tighten employee access restrictions after the VA
announced that the personal information of as many as 26.5 million
veterans was stolen in a home burglary.
New Worm Targets Yahoo Messenger (NewsFactor)
There is a new worm making the rounds, targeting the popular
Yahoo Messenger application with the purpose of hijacking PCs and
installing malicious software on them.
German file-sharers hit with criminal charges (Reuters)
German police have filed criminal charges against more than 2,000 people
accused of using the eDonkey file-sharing network to share copyrighted
music illegally, the recording industry's trade group said on Tuesday.
Software Piracy Said Down in China, Russia (AP)
Makers of computer software report that piracy rates, while still high,
declined slightly in both China and Russia last year, but that global
losses from the use of illegal computer software rose to $34 billion.
_____________________________________________________________________________________
May 22, 2006
Personal info of 26.5 million veterans lost (SC Magazine)
Electronic data containing the personal information of as many as
26.5 million veterans and some spouses has been stolen from the home of
a Department of Veterans Affairs (VA) employee who violated agency
policy by leaving the office with the information.
Microsoft's Security Ambitions (VAR Business)
Microsoft continues to reveal its security ambitions in very
obvious ways.
IM Worm Installs Bogus Browser (PC World)
Malware that spreads via Yahoo Messenger also plays screeching
music and hijacks IE's home page.
Trojan Targets Microsoft Word Flaw (NewsFactor)
Microsoft software is under attack again, this time through a flaw in
Word, according to security authority Symantec, which has warned of a
new Word Trojan targeting large businesses.
Southeast Asian cyber attacks still way off: expert (Reuters)
Southeast Asian extremist groups have turned to the Internet to recruit
people and raise funds but they have not yet been able to mount cyber
attacks, a security expert said on Monday.
Anti-Spyware Leader Unfazed by Microsoft (AP)
For millions of PC users, the privacy-snatching programs known as
spyware have been nothing but a headache as they swipe personal
information, slow systems to a crawl and crash computers. For Webroot
Software Inc., the annoying programs have been the foundation of
success.
May 19, 2006
Mobile Devices: Growing Security Threat (NewsFactor)
Smartphones and other wireless devices commonly used in the
enterprise might pose significant risks for companies that do not take
adequate measures to protect their networks.
U.S. Consumers Taking Steps To Stymie ID Theft (TechWeb)
According to the poll, 73 percent of 2,100 U.S. adults surveyed
said that they now monitor their bank and/or credit card accounts for
suspicious activity.
MS Word Zero-Day Hack Underway (TechWeb)
Symantec raised its overall Internet alert Friday on the news that a
zero-day vulnerability in Microsoft Word was being exploited by hackers
hoping to hijack PCs.
Targeted attack: experience from the trenches (SANS)
Michael reported on an unnamed organization being hit by a limited,
targeted attack. Detection is mostly the very hard part in these
attacks. This case seems to have been detected by a very alert user
detecting a domainname in an email that wasn't completely right.
_____________________________________________________________________________________
May 18, 2006
Poker site aced by new trojan (SC Magazine)
Knowing when to fold ‘em wasn’t enough to save some poker players
from putting their bankrolls at risk.
Microsoft Gobbles Up Whale, Enters Secure Access Market (CRN)
Microsoft has signed an agreement to acquire Whale
Communications, a move that enables the software giant to jump into the
secure access software market.
Spam Fighter Brought to Its Knees (NewsFactor)
Blue Security, a company that fought spam with spam, has thrown in the
towel following a massive attack by a Russian-based spam organization
that some say is connected to a crime syndicate.
_____________________________________________________________________________________
May 17, 2006
Blue Security Waves White Flag on Spam Attack (PC World)
Massive denial-of-service attack shutters anti-spam firm.
Websense: Men surf more personal sites at work (SC Magazine)
Men are more likely to surf personal websites – including adult
sites – at work, according to a study published this week.
Symantec Warns Of Bot Sniffing For Veritas Vulnerability (TechWeb)
A bot is aggressively sniffing for systems equipped with
unpatched Veritas software, Symantec warned Wednesday.
NewsPortal flaws reported (SC Magazine)
New flaws have been identified in NewsPortal that can be used to
conduct cross-site scripting attacks by malicious users.
Apple Fixes Firmware, Nixes MacBook Pro Heat Problems (TechWeb)
Apple quietly issues a firmware update for its Intel-based
systems that users said fixed overheating problems in the MacBook Pro
notebook.
Firm: Malware higher with new PC owners (SC Magazine)
A leading malware research company announced this week that it
found a substantial uptick in the spyware and malware infection rate
among new PC owners.
Hurricane Katrina Scams (ScamBusters)
Many different types of Hurricane Katrina scams have made the rounds --
find out what they are, how to protect yourself, and how you can help.
_____________________________________________________________________________________
May 16, 2006
Software Makers Crack Down on Net Piracy (AP)
Computer software makers launched a crackdown on illegal Internet
sales of their products Tuesday by suing suspected pirates who have set
up shop on the popular online auction site eBay Inc.
Cyber-Crooks Target Online Gamers (TechWeb)
In a new malware dynamic, cyber-crooks are going after login
details needed to install and access online games.
A Helpful Trojan Horse? (darkREADING)
A new Trojan horse seeks out and eliminates movies and MP3 tracks
from users' machines, saving IT the trouble
RealVNC
Exploits, Bleeding Snort Signature (NEW) (SANS)
Matt Jonkman posted some signatures to bleeding snort that identifies
the exploit attempt. Matt reports good success with these so far.
_____________________________________________________________________________________
May 15, 2006
Banks Get Wise to Phishing Fraud (NewsFactor)
In response to the growing threat of Internet fraud, financial
institutions around the world are beefing up their security systems to
try and make online banking bulletproof.
New Wireless, Security Features On Tap From HP's ProCurve Division (CRN)
Hewlett-Packard's ProCurve Networking unit plans this week to
expand its wireless lineup while touting the security road map of its
networking portfolio.
Backdoor Found in Diebold Voting Machines (PC World)
Company says it will make changes to the electronic voting
machines before the November 7 general election.
Chat Rooms Help FBI Hunt for Pedophiles (AP)
Seconds after she announces her presence in an online chat room, the
girl is besieged by a half-dozen men who want to know more about her.
Cyber-Threats To U.S. Business Grow More Dangerous (VAR Business)
Attacks on U.S. computer networks could escalate from mere
inconveniences to disasters that ruin companies or even kill people,
according to the head of a cyber-security unit working with the U.S.
government.
May 12, 2006
Apple Mac Products Affected by Multiple Vulnerabilities (US-CERT)
Apple has released Security Update 2006-003 to correct multiple
vulnerabilities affecting Mac OS X, Mac OS X Server, Safari web browser,
Mail, and other products. The most serious of these vulnerabilities may
allow a remote attacker to execute arbitrary code. Impacts of other
vulnerabilities include bypassing security restrictions and denial of
service.
Owl worm hits network printers (SC Magazine)
Experts have discovered a worm that attempts to send a photograph of an
owl to attached network printers.
Trusted websites not to be trusted (SC Magazine)
Although most of web users feel relatively safe when we click on search
results or visit the web sites or blogs of trusted businesses or
friends, we should not be so carefree, according to security expert
Roger Thompson.
FTC charges internet marketers over CAN-SPAM violations (SC Magazine)
The Federal Trade Commission has charged two internet marketers with
violating the U.S. CAN-SPAM Act.
_____________________________________________________________________________________
May 11, 2006
Rootkit-spreading Spyware Shop Shuts Down (TechWeb)
A spyware distributor noted for an extensive use of rootkits that
make its software difficult to delete has closed shop.
Considering the Security of RFID Systems (NewsFactor)
Sometimes our anxieties about security make us lose sight of how a
technology is used. Such is the case with RFID, which offers big
efficiencies and has yet to have real-world security problems.
U.S. court jails Ukrainian software pirate (SC Magazine)
Self-confessed software pirate Maksym Vysochanskyy, a Ukrainian
national, has been sentenced in a San Jose, California, federal court to
35 months in prison, three years probation, and deportation to his
native country of Ukraine.
Vista's security features lack polish, but still an improvement (SC
Magazine)
Though Microsoft has made drastic security improvements within its
upcoming Vista designs, there will be some usability hiccups within its
new security features and there will still be plenty of room for
security developers to sell aftermarket products, the Yankee Group said
this week.
_____________________________________________________________________________________
May 10, 2006
Webroot Uncovers Thousands of Stolen Identities (PC World)
Company believes the info--which includes names and social
security numbers--was collected by a Trojan horse.
Worm Could Wreck Exchange (TechWeb)
The bug in Exchange that Microsoft disclosed Tuesday is too juicy
a target for hackers to pass up, security companies warned Wednesday,
and users should expect to see a worm pop up any time.
Spyware stages ‘significant counterattack’ (SC Magazine)
Spyware staged a significant counterattack during the first
quarter of 2006, new threat monitoring research has revealed.
Computer hacker set for U.S. extradition (Reuters)
A British computer expert accused by Washington of the world's "biggest
military hack of all time" can be extradited to the United States, a
court ruled on Wednesday.
BSA under fire for raising U.K. anti-piracy rewards (SC Magazine)
The Business Software Alliance today came under fire for launching a
U.K. anti-piracy program that aims to appeal to disgruntled employees by
offering generous financial incentives in exchange for anonymous tips
reporting software license violations. Recently, the organization
announced that it is doubling potential reward money in the U.K. from
£10,000, to up to £20,000.
_____________________________________________________________________________________
May 9, 2006
Microsoft Patches Windows, Exchange Flaws (PC World)
Monthly updates repair 'critical' server hole and address Flash
glitch.
Microsoft Windows and Exchange Server Vulnerabilities (US-CERT)
Microsoft has released updates that address critical
vulnerabilities in Microsoft Windows and Exchange Server. Exploitation
of these vulnerabilities could allow a remote, unauthenticated attacker
to execute arbitrary code or cause a denial of service on a vulnerable
system.
USC Hacker Case Pivotal To Future Web Security (InformationWeek)
Eric McCarty claims he hacked into the University of Southern
California's computer system to warn of its vulnerabilities. The case
could be a watershed event in the area of security research.
Yankee Group Urges Restraint on Vista (NewsFactor)
A new report from Yankee Group suggests that, despite Microsoft's
efforts to make Vista a hassle-free system that offers airtight
security, the software maker still has some work to do.
NCSA launches national campaign to keep kids safe online (SC Magazine)
The National Cyber Security Alliance (NCSA), yesterday launched a
national awareness campaign titled, "Help Keep Kids Connected and
Protected" to educate teachers and parents about safe online practices
for teens using social networking sites or online communities.
_____________________________________________________________________________________
May 8, 2006
Vista's Security Will Be Pain In The Neck: Analyst (TechWeb)
Security will be one of Microsoft's biggest selling points when
Windows Vista rolls out, but it may also be a stumbling block. At least
one analyst thinks all the new security features will annoy users and
end up hurting sales.
Microsoft Preps Windows Updates (NewsFactor)
Microsoft plans to release two security updates tomorrow for
Windows and a single patch for Exchange. The release is part of
Redmond's regular patch cycle on the second Tuesday of each month.
Antispam Firm Claims Attack (PC World)
Blue Security blames spammer PharmaMaster, but draws ire for its
defense tactic.
Malware targeting Linux on the increase (SC Magazine)
The number of malicious programs that attacked Linux operating
systems during 2005 was more than double the previous year’s figure,
according to new research.
Click Fraud Concerns Hound Google (AP)
John Thys still hasn't figured out how much his company has paid
Google Inc. for bogus sales referrals caused by "click fraud" - a sham
aimed at a perceived weakness in the Internet search leader's lucrative
advertising network.
May 5, 2006
Cybercrooks turn to malware for financial gain (SC Magazine)
Malicious software coded by cyber criminals for financial gain
accounted for some 70 percent of all malware detected during the first
quarter of 2006, it was claimed today.
Football fans warned over World Cup trojan (SC Magazine)
Security experts warned football fans about a trojan horse that poses
as a wallchart for the World Cup tournament due to take place in Germany
in five weeks time.
Mac OS X vulnerabilities jump 228 percent (SC Magazine)
Security experts today warned that malware attacks targeting Mac OS X
are on the rise.
Gartner: Microsoft will delay Vista until mid-2007 (SC Magazine)
A team of Gartner analysts predicted this week that Microsoft will
not meet its current release schedule for its upcoming Vista operating
system.
_____________________________________________________________________________________
May 4, 2006
Security Threats Rising For Apple Macs, Report Shows (TechWeb)
Apple Computer products are increasingly in the crosshairs of
malware authors.
Spyware Operator Slapped with Big Fine (NewsFactor)
A court has ordered Stanford Wallace, the man who was at the
center of the nation's first spyware case, to give up $4 million of his
ill-gotten gains.
Volume of IM attacks jumps sharply (SC Magazine)
Instant messaging (IM) attacks jumped sharply during April, while
spam and virus volumes held steady, new threat assessment data has
revealed.
Tech.gov: A Gated Net, the Sequel (PC World)
A proposed federal law would make it easier for telecom firms to offer
IPTV. But it would not prevent other content from ending up in the Net's
slow lane.
Russian virus exchange creator sent to jail (SC Magazine)
Russian authorities have jailed a hacker who not only created his
own malware, but ran two websites distributing more than 4,000 different
computer viruses.
_____________________________________________________________________________________
May 3, 2006
Spammer Identifies 'Secure' E-Mails (AP)
One spammer has managed to identify e-mail addresses on a
"do-not-spam" list touted as secure, taking advantage of an obvious flaw
with such lists and prompting critics to wonder what took so long.
Massive DoS Attack Knocks Out TypePad, LiveJournal (TechWeb)
Millions of blogs hosted by LiveJournal and TypePad by a massive
denial-of-service attack that struck their servers.
U.S. tops global malware league (SC Magazine)
The U.S. continues to account for more malware, spam and phishing
attacks than any other nation, new research has claimed.
Movie piracy losses bigger than expected: report (Reuters)
Lost sales from pirated DVD movies and Internet downloads are higher
than previously thought, a report in the Wall Street Journal said on
Wednesday.
Vietnamese police strike against porn trojan DDOS attacker (SC Magazine)
A man has been arrested in Vietnam accused of launching a large-scale
distributed denial-of-service (DDOS) attack against a commercial
website. The attack on Vietco's website caused huge losses to the
company, which was forced to draft in 40 emergency technicians and left
computer users unable to access the site.
_____________________________________________________________________________________
May 2, 2006
Firefox Updated With Critical Security Fix (TechWeb)
Mozilla releases a patch for a zero-day critical security hole in
Firefox that could be exploited to crash the browser or install
malicious code.
Internet Criminals Are Getting Faster (Newsfactor)
Two Internet security surveys released Monday underscore an ominous
shift in Web intrusions: They are becoming more stealthy and targeted --
and honed to make a quick buck.
UK Cabinet Office partners for Security Enhanced Linux (SC Magazine)
Dr Steve Marsh, director, of the UK government’s Central Sponsor for
Information Assurance (CSIA), has announced that IBM, and its partners
Tresys Technology and Belmin Group, are working with the UK Cabinet
Office to demonstrate one of the first mainstream Mandatory Access
Control environments. The design is based upon Security Enhanced Linux
and IBM WebSphere.
UK government grants IT security quality mark to first managed service
(SC Magazine)
The MessageLabs Anti-Virus Service has become the first managed service
to be awarded the CSIA Claims Tested (CCT) Mark - a government quality
mark initiative for information security products and services.
_____________________________________________________________________________________
May 1, 2006
Microsoft Exec Warns of Rootkits (NewsFactor)
If your system gets infiltrated by a rootkit, you might as well
just "waste the system entirely," a Microsoft official told fellow
security professionals at the annual InfoSec Conference.
Smarter Spam Could Mimic Friends' Mail (TechWeb)
The next generation of spam and phishing e-mails could fool both
software filters and the most cautious people by mimicking the way
friends and real companies write messages.
SANS Top 20: OS X, Firefox more frequent targets (SC Magazine)
Mac OS X and Mozilla Firefox – widely considered safer than
mainstream counterpart Microsoft Internet Explorer (IE) – are rapidly
becoming new sources for vulnerabilities, according to the latest SANS
Institute Top 20 Internet Security Vulnerabilities report.
Counterfeiters' next step: Faking the whole company (CNET)
Counterfeiters in China set up a parallel NEC that developed its own
products, had links to a network of factories in Asia.
|
