|
Security Headlines
Back
November 30, 2006
Apple issues Mac security update (BBC News)
A patch program fixing more than 20 flaws in OS X has been released
by Apple.
The Hacker Academy Announces 'Midnight Hacker' Classes (PR Web)
Like other information security training companies, The Hacker
Academy offers standard five day "white hat" hacking courses and on-site
training, but now comes an interesting twist ... "Midnight Hacking."
Microsoft to Release Pro Vista Today (AP)
For the first time in five years, Microsoft Corp. is finally unveiling a new
system for operating personal computers. Now the company must persuade PC
buyers that the launch really matters to them.
_____________________________________________________________________________________
November 29, 2006
Apple Releases Security Update to Address Multiple Vulnerabilities (US-CERT)
Apple has released Security Update 2006-007 to correct multiple
vulnerabilities affecting
Mac OS X, Mac OS X Server, Safari web browser. Vulnerabilities in OpenSSL,
gzip, and other products are also addressed. The most serious of these
vulnerabilities may allow a remote attacker to execute arbitrary code.
Attackers may take advantage of the less serious vulnerabilities to bypass
security restrictions or cause a denial of service.
Broadband PCs attacked over 100 times a day (Stuff)
New Zealand broadband computer users are being attacked by would-be
intruders more than a hundred times a day, a study released today says.
Phishing for information (The Marietta Times)
It may be the start of hunting season, but people who make a business
of scamming others on the Internet are going phishing. No, that’s not a
typo.
_____________________________________________________________________________________
November 28, 2006
Cyber Crime: E-Mail Identity Theft (WXII-TV)
According to the Federal Trade Commission, almost 6,000 North Carolinians
reported ID theft in 2005. Of those, 1.7 percent involved the Internet or
e-mail.
Canada experts find path round Internet firewalls (Reuters)
Canadian university researchers have developed software that will let
users hop over governments' Internet firewalls, raising the prospect of
unfettered Internet access in countries that have long tried to control how
residents use the Web.
Gartner:Consumer security fears cause $2 billion loss in 2006 (SC Magazine)
An analyst from Gartner announced today that consumer anxiety about
Internet security has caused a $2 billion impact on e-commerce and banking
transactions this year.
Apple Macs vulnerable to adware, warns F-Secure (Computer Weekly)
Apple Mac computers could be vulnerable to adware installed by
hackers using a new technique, security experts have warned
Etisalat raises
awareness about Cyber Attacks at Cybercrimes Conference (AME Info)
Etisalat presented participants at the Cybercrimes Conference with a
informed perspective on the growing scale and complexity of cyber attacks
facing individuals and enterprises.
Taking a laptop? Keep it and your precious data safe (Honolulu Advertiser)
If you're one of the millions of Americans who travel with a laptop
computer for business or pleasure, are you sure you're properly protecting
your computer companion?
_____________________________________________________________________________________
November 27, 2006
Researchers Develop Chip That Blocks PC Viruses (ChannelWeb)
Researchers in Japan have developed a microchip that blocks computer
viruses before they enter PCs, an advance that could change how security
software is used.
ID Theft: America's Fastest Growing Crime (WSB-TV)
About 10 million people a year find themselves in trouble involving
their identity. How do you avoid being one of them?
Catching Cyber-Criminals By Thinking Like Them (PR Web)
This December, representatives from a number of international,
federal, state, and local law enforcement agencies will be learning to think
like hackers by becoming hackers. Representatives from various industries
and corporations will be present as well. All will be immersed in the
techniques and methodologies used by cyber-criminals throughout the world.
How
to shop online and stay safe (Sify News)
As more consumers do their holiday shopping online, the thieves are bound to
follow. But there are things shoppers can do to reduce their risk. Here's
how to avoid getting more than you asked for this holiday season.
Japanese Chip Can Stop PC Viruses, But Cost A Hurdle (InformationWeek)
A researcher at Japan's government-funded National Institute of Advanced
Industrial Science and Technology thinks putting an anti-virus chip in a
router is the best way to head off viruses.
November 24, 2006
Firefox 2 Browser Struck by Password Flaw (NewsFactor)
Mozilla's Firefox 2.0 has long been considered a safer Web
browser than Microsoft's Internet Explorer, but a new flaw in the
Firefox Password Manager, which lets users store usernames and passwords
for trusted Web sites, could let hackers steal their login data. The
problem, known as a reverse cross-site request, or RCSR, was first
discovered by Robert Chapin, a Microsoft Certified Systems
Data Agency Broke Privacy Laws (AP)
A report by an EU panel released Thursday said the bank data transfer
agency SWIFT broke European privacy laws by handing over personal data
to U.S. authorities for use in anti-terror investigations.
_____________________________________________________________________________________
November 23, 2006
Security flaw detected on Firefox and IE7 (EARTHtimes)
A security flaw has been discovered in Mozilla Foundation's Firefox 2
and Microsoft's Internet Explorer 7 web browsers. Hackers can use this
flaw to capture the username and password of users.
'Evil twin' Wi-Fi hacks target the rich (Infomatics)
Locations popular with high net worth individuals are being targeted by
hackers using phoney wireless access points to steal personal
information. So called 'evil twin' attacks involve putting a wireless
access point near a commercial hotspot and giving it the same name.
_____________________________________________________________________________________
November 21, 2006
"Highly critical" Mac OS X kernel hole unearthed (Silicon.com)
It's open to malicious elements...
Old cell phones attract hackers (Detroit News)
Sam Bachman is a frequent upgrader. Not of cars or homes, but of his
"smart phone." Hooked on the convenience of a cell phone that's also a
mini PC, calendar and address book, the social worker just bought his
sixth Treo smart phone. And before advertising his old model for sale
online, he took what he thought was a savvy step: He "reset" the device
to wipe it free of data.
Drivers License Swipes Raise Privacy Concerns (Slashdot)
Clubs in New York, New Jersey, and elsewhere are requiring
patrons to give up their drivers licenses for a swipe through a card
reader. Some bars do this too. The card reader displays their birth date
and the establishments let it be assumed that the only purpose of the
swipe is to check the customer's age. They rarely if ever disclose that
the personal data stored on the license — the customer's
_____________________________________________________________________________________
November 21, 2006
Expert cracks biometric passport data (Computer Weekly)
The security being developed for the government's ID cards and
biometric passports programmes has been thrown into question after a
Guardian reporter and a security expert took just 48 hours to access
encrypted data on a biometric passport's RFID chip.
Net Watchdog: Tips for Safer Online Shopping (PC World)
'Tis the season for online scams, spam, and malware attacks. Here's what
you need to know.
Shoppers Ignore Basic IT Security (RedNova)
Consumers are ignoring basic internet security procedures and
that could open them up to online fraud, according to a new report.
Research from Barclay-card found that one in ten shoppers made
elementary mistakes when buying online.
_____________________________________________________________________________________
November 20, 2006
SEVEN BILLION SPAMS A MONTH (Daily Record)
THE number of spam junk emails received around the world has
reached a record high - trebling in the last five months. This month,
more than seven billion of the unwanted and often obscene messages were
sent - meaning they now make up nine out of 10 emails delivered across
the globe.
As Far As PC Security, Goldilocks Got It Just Right (RedNova)
When Jud Fink decided to protect his PC, he treated it like a glorified
science project.
3SG invites troublemakers to teach it a lesson (Anchorage Daily News)
To hackers, it looks like any one of the thousands of vulnerable
computers connected to the Internet. But to the folks at Anchorage-based
network-security company 3SG, it's a powerful tool that helps turn the
tables on an ever-growing swarm of cyber scoundrels.
Security flaw discovered in microchips (Independent Online)
The ability to process data faster compromises the level of security of
microchips, a publication reports.
Webroot Adding Parental-Control Software (AP)
Webroot Software Inc., known for its anti-spyware program Spy Sweeper,
is bringing back a product to help parents limit where and how long
their children go online.
November 17, 2006
Experts raise Windows security alarm (ZDNet)
Computer code that exploits a "critical" Windows 2000
vulnerability has been released on the Internet, increasing the
likelihood of attacks, experts warned Thursday.
The Top 10 Worst Spam Offenders (DailyTech)
It's like the FBI's most wanted list for spam...
Thin Client Notebook helps solve security problems. (ThomasNet)
With no hard drive and no ability to store information locally,
Neoware m100 poses no data security risk.
Polite Hackers Kick It in Korea (Wired News)
Security researchers at South Korea's first international hacker
conference rip holes in Linux and VOIP. But where are the drinking
games? Quinn Norton reports from Seoul.
Security firms clash over phishy e-mails (ZDNet)
Banks and security experts cannot agree if it is safe for banks
to use e-mail for communicating with their customers because the medium
has been hijacked by criminals who try and fool online banking users
into divulging their log-in details.
_____________________________________________________________________________________
November 16, 2006
HACKER NABBED FOR WARNING OF LAYOFFS (New York Post)
Once a hacker, always a hacker. FBI agents yesterday arrested the
former technology boss of New York financial publisher Source Media -
parent of American Banker and The Bond Buyer - for hacking into his old
job to warn employees who were about to...
Automated Patching Helping Zero-Day Exploits (InternetNews)
Latest SANS Institute top 20 list puts IE and Office squarely in hackers
crosshairs. Are efforts to protect them fueling the rise?
_____________________________________________________________________________________
November 15, 2006
Major Browsers Battle Over Which One Fights Phishing Better (PC World)
Mozilla releases study finding that Firefox's antiphishing tool
is better than IE 7, despite Microsoft's claims to the contrary.
OneCare labels Gmail as malicous (SC Magazine)
Customers of Windows Live OneCare were advised by Microsoft this week to
update their antivirus signature after the service began tagging
Google's e-mail service as malicious.
Kevin Mitnick's Security Advice (Wired News)
The hacker-turned-security consultant shares his best tips for securing
your desktop against internet villains.
_____________________________________________________________________________________
November 14, 2006
Microsoft Security Updates for Windows, Internet Explorer, and Adobe
Flash (US-CERT)
Microsoft has released updates that address critical
vulnerabilities in Microsoft Windows, Internet Explorer, and Adobe
Flash. Exploitation of these vulnerabilities could allow a remote,
unauthenticated attacker to execute arbitrary code or cause a denial of
service on a vulnerable system.
OneCare slaps viral warning on Gmail (The Register)
Bats in the belfry Faulty signature updates resulted in
Microsoft's Live OneCare anti-virus service falsely reporting Gmail's
website was infected with a computer virus.
Broadcom flaw could allow hacker to control Wi-Fi PCs (Computer Weekly)
Exploit code for a security flaw in Broadcom Wireless drivers is
in the public domain and could allow hackers to take control of PCs via
a Wi-Fi connection, according to Symantec.
Hackers Steal Data From Landis Lab (Kerrville Daily Times)
A hacker stole data from computers at the French anti-doping lab
where tests are being challenged by American cyclist Floyd Landis,
police said Tuesday.
Data Theft, Beware Of Disgruntled Employees (BIOS)
Have you just started the annual round of appraisals? Are you
about to inform staff that promotions or pay rises are thin on the
ground this year or that some have underachieved? With January
approaching, many employees unhappy with their appraisals look to star.
_____________________________________________________________________________________
November 13, 2006
Broadcom's Buffer Problem (darkREADING)
Security researcher 'Johnny Cache' highlights another WiFi driver
security issue
Hackers target online brokerages (Infomatics)
Identity thieves have moved on from banks and are now targeting online
brokerages with increasingly sophisticated attacks, according to an
expert in security and authentication.
Trojan Pervert Jailed; Wake Up to Online Threats or This Will Happen
Again, warns Sophos (Kansas City InfoZine)
Ten years jail for hacker who blackmailed schoolgirls won't deter
computer criminals
Surfing Wireless? Protect Your Identity (Eyewitness News 3)
Without taking precautions, your wireless Internet use could prove more
risky than convenient.
Cyber-criminals gear up for a merry Christmas (Infomatics)
As online shoppers gear up for a season of intensive spending in
the run up to Christmas, online fraudsters are also preparing for their
busiest time of the year.
November 10, 2006
Microsoft: Six fixes teed up for Patch Tuesday (SC Magazine)
Microsoft told its users today that it is prepared to let loose
six security fixes on Tuesday during its latest round of monthly patch
releases.
_____________________________________________________________________________________
November 9, 2006
Fathers 4 Justice hacker spared jail (Infomatics)
A security firm has criticised the UK courts for inconsistent
sentencing of cyber-criminals after a Fathers 4 Justice campaigner who
admitted hacking a website and distributing viruses was spared a jail
sentence.
Wireless world, be worried (Rochester Campus Times)
Beyond the whirlwind that is election time, there exists a danger flying
under the radar of most citizens these days. Wireless technologies are
increasing daily, posing a danger to the uninformed or the lethargic.
How to get a stolen computer back (NorthJersey)
In recent weeks, several laptops were stolen in Bergen County,
one from a large business and another from a high school.
_____________________________________________________________________________________
November 8, 2006
Mozilla Updates for Multiple Vulnerabilities (US-CERT)
The Mozilla web browser and derived products contain several
vulnerabilities, the most serious of which could allow a remote attacker
to execute arbitrary code on an affected system.
Hacker Profiling Stirs Controversy (darkReading)
Mixed comments surrounding a project to create profiles of
hackers could help investigators 'see' the face behind the attack
Watchfire automates bottleneck in web security testing (Computer
Business Review)
One of the most time-consuming aspects of testing website
security is ensuring that a user cannot by mistake or on purpose gain
access to more privileges than they are entitled to. Watchfire Corp,
whose testing tools simulate hackers, has just automated this task.
_____________________________________________________________________________________
November 7, 2006
PhishTank: PayPal, eBay most misrepresented by phishers; U.S. hosts
quarter of world's spoof sites (SC Magazine)
A new online community that tracks phishing sites released its
first monthly statistical review this week.
Hackers Target Windows Bug (NewsFactor)
Security experts are warning about a newly discovered, and
unpatched, vulnerability in an XML module on most versions of
Microsoft's Windows operating system.
Phishing Gang Arrested in USA and Eastern Europe After FBi Investigation
(Kansas City InfoZine)
17 individuals held in investigation that covered USA, Poland and
Romania
Chile arrests 4 accused of hacking foreign governments' Web sites
(Pravda)
Chilean police arrested four suspected computer hackers accused of being
part of an international group that has broken into thousands of
government Web sites around the globe in recent years.
_____________________________________________________________________________________
November 6, 2006
Secure Service transports off-network IT assets (ThomasNet)
Offered through Redemtech, Brink's Secure Data Solutions
transportation service protects sensitive data during transit of
computers taken off network to be reused, resold, or recycled. It
ensures integrity and control of chain-of-custody, reducing potential
for loss or theft of data-bearing IT assets. Suited for companies in
privacy-regulated industries, service combines use of tamper-resistant
Make sure your wireless network isn't open to everyone (Sun-Sentinel)
Vasco Bilbao never thought about securing his home wireless
network.
Wikipedia Targeted by Malware Writers (NewsFactor)
Malware writers have used a Wikipedia article to lead users to a
booby-trapped page that contained malicious code designed to plant
viruses on the computers of unsuspecting users.
Attacks exploit Microsoft XML Core Services flaw (SC Magazine)
Attacks exploiting a dangerous zero-day vulnerability in
Microsoft XML Core Services were spotted over the weekend.
November 3, 2006
Security threat changing, says Symantec CEO (InfoWorld)
The threat posed to computer users and companies by hackers is
shifting from attacks on the computers to attacks on electronic
transactions, according to the head of one of the world's largest
security software vendors. John Thompson, chairman and CEO of Symantec,
said the change has been taking place over the last few years but has
recently been accelerating.
BuzzCut: Can Microsoft Lead on Data Privacy? (NWC)
The Redmond giant recently released groundbreaking guidelines
aimed at helping software and service developers address privacy
concerns.
_____________________________________________________________________________________
November 2, 2006
Another VA breach affects 1,600 veterans from New York system (SC
Magazine)
The Department of Veterans Affairs (VA) is again warning veterans
their identity may be at risk following the theft of an unencrypted
laptop from the agency's New York Harbor Healthcare System.
Second Minor Firefox 2.0 Bug Found (PC World)
Mozilla pledges to fix glitch that causes browser to crash when
visiting a specially coded Web page.
Technology's Threat to National Security (NewsFactor)
The offshore exodus of software programming has given rise to a huge
industry in India. Now a debate has begun about whether the
globalization of software is a threat to national security.
FBI catches up with Azuza man they say took $2.4 million in identity
thefts (Daily Bulletin)
FBI agents on Wednesday arrested a 46-year-old Azusa man known as
"The Hacker," who authorities say had been on the run for four months.
Once officials determined where he lived, Jeffrey Brett Goodin was found
in his Lee Drive residence, said Laura Eimiller, FBI spokeswoman.
Apple hacker highlights insecure Macs (PC Advisor)
The security of Apple's wireless drivers is under scrutiny again, thanks
to a new hacker project.
_____________________________________________________________________________________
November 1, 2006
Windows XP Firewall Hack Released (NewsFactor)
Security researchers say hackers have published code that could
let an attacker disable the built-in firewall on computers running
Microsoft's Windows XP operating system.
Critical Visual Studio 2005 exploit (PC Advisor)
A vulnerability in Microsoft?s Visual Studio 2005 application
development tool could let an attacker execute code on a targeted
Windows machine, the company has revealed
Hackers break into water system network (InfoWorld)
An infected laptop gave hackers access to computer systems at a
Harrisburg, Pennsylvania, water treatment plant earlier this month. The
plant's systems were accessed in early October after an employee's
laptop computer was compromised via the Internet, and then used as an
entry point to install a computer virus and spyware on the plant's
computer system...
|
