Off the Wire

Off The Wire Archive

News items for October 2003

Linux security: tips from the experts
Is Linux more secure than Windows, or vice versa? Fueled by conflicting industry reports, this controversy keeps raging. [more]
Friday, 31 October 2003, 1:06 PM CET

Host-based intrusion detection key to security
Cisco security solutions specialist Eric van Gend says the increasing speed and sophistication of virus and hacker attacks demands that networks become more adaptive, self managing, self protecting, and self healing. [more]
Friday, 31 October 2003, 1:04 PM CET

Microsoft shows next-generation security code
Developers get preliminary versions of former Palladium technology. [more]
Friday, 31 October 2003, 1:01 PM CET

Q&A: Bruce Schneier, founder and CTO of Counterpane
Companies must stop treating IT security in isolation from other business processes, according to Bruce Schneier founder of Counterpane and keynote speaker at next week's RSA Conference. [more]
Friday, 31 October 2003, 12:43 PM CET

Worms and toasters turn up heat on corporate security
Within the next few years, corporate security systems will not only be attacked by worms and viruses, toasters could also get in on the act. [more]
Friday, 31 October 2003, 12:33 PM CET

Apple upgrades AirPort Extreme Wi-Fi security
Apple has updated its AirPort WLAN client and base-station software to add support for the WPA security protocol. [more]
Friday, 31 October 2003, 12:28 PM CET

Australian head of Nigerian scam caught
An Australian pensioner managed to defraud $5 million from unsuspecting victims, including a Saudi Arabian sheikh, in a global internet scam. [more]
Friday, 31 October 2003, 12:24 PM CET

Expect more intrusive IT regulation, security chiefs warned
The rising tide of cybercrime could result in more intrusive regulation and legislation of IT, corporate security chiefs have been warned. [more]
Friday, 31 October 2003, 11:58 AM CET

Security flaws make Macs vulnerable to attacks
Security research firm @stake is warning Macintosh users about three security problems with the Mac OS X 10.2.8 and previous versions. It ranks two of the flaws as high. [more]
Friday, 31 October 2003, 11:58 AM CET

Firms tap encyption over complex security
Despite the availability of sophisticated hardware security solutions, it seems many businesses aren't interested in doing much more than encrypting data. [more]
Friday, 31 October 2003, 11:47 AM CET

In depth look: Devil-Linux 1.0
Devil-Linux is a distribution which boots and runs completely from CDROM. Devil Linux was originally intended to be a dedicated firewall/router but now Devil-Linux can also be used as a server for many applications. [more]
Thursday, 30 October 2003, 4:03 PM CET

Tips from veteran Linux programmer Spence Murray
Linux developers will benefit from the useful, common-practice shell scripting techniques that Murray and his Codemonks Consulting partners employ on a daily basis in their Linux development and applications services work. [more]
Thursday, 30 October 2003, 3:58 PM CET

New identity theft alert system tested
Victims of identity theft can alert banks and credit companies through one-stop dialing, thanks to a pilot program announced Tuesday by the financial services industry. [more]
Thursday, 30 October 2003, 3:44 PM CET

UK firms fare poorly in virus protection
British firms are among the most lax in western Europe when it comes to electronic security. [more]
Thursday, 30 October 2003, 3:39 PM CET

Tackling the top 10 security issues
Delegates who attend the upcoming “Security – IT's ultimate challenge” conference, to be hosted by the Meta Group and ITWeb in November, will be well positioned to cope with the top 10 security issues as identified by the research house. [more]
Thursday, 30 October 2003, 1:50 PM CET

Bugged by spyware?
Are there any other programs running silently in the background, monitoring employee activity and sending confidential information about your company back to other organisations? There's a pretty good chance that this is indeed the case in your company. [more]
Thursday, 30 October 2003, 1:32 PM CET

Panther: a £99 security update?
Users may have to upgrade to the latest version of Mac OS X in order to fix some serious flaws, leading to criticism from security experts. [more]
Thursday, 30 October 2003, 12:22 PM CET

Computer security divides Europe
Europe is a continent divided by its approach to viruses, hack attacks and spam, a survey has found. [more]
Thursday, 30 October 2003, 12:21 PM CET

Unlucky phisher pleads guilty
Woman who unwittingly spammed the FBI in her scheme to harvest credit card numbers pleads guilty to federal conspiracy charges. [more]
Thursday, 30 October 2003, 11:51 AM CET

Microsoft, security and the road ahead
"Our goal is simple," Microsoft CEO Steve Ballmer said. "Get our customers secure and keep them secure. Our commitment is to protect our customers from the growing wave of criminal attacks." [more]
Thursday, 30 October 2003, 11:25 AM CET

Wireless LAN security to be solved, what about management?
META Group analyst Chris Kozup joins IT executives from leading corporations to discuss the approaches to wireless LAN monitoring to improve security and management for enterprise WLANs. [more]
Thursday, 30 October 2003, 1:14 AM CET

Review - Incident Response: Computer Forensics Toolkit
At the end of every year I read reports on almost all computer security related news outlets that promise more incidents, vulnerabilities and viruses in the upcoming year. They all say that security has never been weaker and that we're up for some really bad days. One of the things that you can do to assure the safety of your network is to be prepared, for anything. This book promises to prepare you to efficiently respond to an incident, discover what happened and secure your system for the future. Does it deliver? Read on and find out. [more]
Wednesday, 29 October 2003, 4:47 PM CET

Advanced cross site scripting and client automation
This paper discusses one method of exploiting POST variables vulnerable to cross site scripting and secured areas protected by a temporary session. [more]
Wednesday, 29 October 2003, 2:57 PM CET

Sober virus in the wild but slow-moving
An e-mail-borne virus that apparently originated in Germany is in the wild but has not yet spread widely or affected many users, an anti-virus researcher said Monday. [more]
Wednesday, 29 October 2003, 2:28 PM CET

Hackers defense: the computer did it
Prosecutors looking to throw the book at accused computer hackers have come across a legal defense expected to become even more widespread in an era of hijacked PCs and laptops that threatens to blur the lines of personal responsibility: the computer did it. [more]
Wednesday, 29 October 2003, 2:27 PM CET

Introduction to Nessus
This article shall endeavor to cover the basics of Nessus setup and configuration. The features of the current versions of Nessus (Nessus 2.0.8a and NessusWX 1.4.4) will be discussed. [more]
Wednesday, 29 October 2003, 2:26 PM CET

XML: a growing security threat?
The data-swapping standard, now incorporated into Microsoft's Office 2003, may be the next big route for malicious attacks. [more]
Wednesday, 29 October 2003, 2:19 PM CET

Bug busters: keeping your PC virus free
If you think worms are the gardener's friend and 'SoBig' is something you say when you're gesticulating to the assistant in B&Q's timber department, then count yourself lucky. [more]
Wednesday, 29 October 2003, 2:19 PM CET

Security and web integration is key to Longhorn
Microsoft unveiled early bits of Longhorn at its Professional Developer Conference (PDC) and provided more extensive details around the key components of its next Windows operating system expected out in 2006. [more]
Wednesday, 29 October 2003, 2:18 PM CET

Applications - the weakest link?
While companies are still grappling with which firewall to buy and whether intrusion detection systems are worth the trouble they put the administration through, security professionals are putting the spotlight on another part of the IT enterprise. [more]
Wednesday, 29 October 2003, 2:16 PM CET

Microsoft to shoot Messenger in next update
Spam attacks and security vulnerabilities have prompted Microsoft to plan to turn off its troublesome Windows Messenger service in the next Windows XP update. [more]
Wednesday, 29 October 2003, 2:15 PM CET

Orbitz investigates security breach
Online travel agency Orbitz has notified law enforcement authorities about a recent security breach that has resulted in its customers' e-mail addresses falling into the hands of spammers. [more]
Wednesday, 29 October 2003, 2:12 PM CET

Email security testing zone powered up with new exploits
The GFI powered web site was recently updated, bringing the number of security tests to 17. Read on to learn about the new additions. [more]
Tuesday, 28 October 2003, 2:49 PM CET

AirMagnet unveils new wireless LAN management products
The AirMagnet Mobile 3.0 suite adds 22 new features, including support for 802.11g, service level monitoring and assurance for Wi-Fi and voice-over-IP, new denial-of-service protection and expanded signal quality and Quality of Service assessment. [more]
Tuesday, 28 October 2003, 9:15 AM CET

Businesses invite attacks
This is the second part of a interview with two UK hackers dryice and frixion who were implicated in testimony during a recent trial over a denial of service attack on one of the largest ports in the United States. [more]
Tuesday, 28 October 2003, 9:03 AM CET

System recovery with Knoppix
This article shows how to access a non-booting Linux system with a Knoppix CD, get read-write permissions on configuration files, create and manage partitions and filesystems, and copy files to various storage media and over the network. [more]
Tuesday, 28 October 2003, 9:00 AM CET

EU develops cyber crime forensics standards
The IT industry has teamed up with academics and the European Union researchers to develop standards for the investigation of cybercrime. [more]
Tuesday, 28 October 2003, 8:59 AM CET

DNS servers prove resilient
But the core system is still weak at lower levels. [more]
Tuesday, 28 October 2003, 8:58 AM CET

The day of the smartcard is at hand
With national identity cards moving closer, the day of the smartcard is at hand. Bob Walder director of network security specialist the NSS Group provides an overview of the technology and the risks it presents. [more]
Tuesday, 28 October 2003, 8:56 AM CET

Which adware and spyware are the most insidious?
Theres an interesting discussion over at Slashdot where the readers are sharing their opinions on which adware and spyware are the worst and are they legal. [more]
Tuesday, 28 October 2003, 8:46 AM CET

IBM looks to secure online data
IBM has partnered with Watchfire, a provider of online business management services, to help companies adhere to new privacy standards and data-handling regulations. [more]
Tuesday, 28 October 2003, 8:43 AM CET

Pretty good at gettin' by
Whether it's a student slipping contraband past airport metal detectors, or a researcher modeling an unstoppable computer virus -- demonstrations just don't do justice to the real state of security. [more]
Tuesday, 28 October 2003, 8:41 AM CET

Firms need security lobby
Companies are ignoring their responsibilities for network protection. [more]
Tuesday, 28 October 2003, 8:37 AM CET

PGP Desktop 8.0.3 is available
This version adds support for Microsoft Office 2003, including Outlook 2003 and Windows Server 2003, Novell GroupWise 6.5 and Mac OS X 10.3 (Panther). [more]
Monday, 27 October 2003, 6:16 PM CET

SonicWALL announces new TZ 170 security platform
Running the SonicOS 2.0 operating system in either Standard or Enhanced versions, the SonicWALL TZ 170 platform offers simplicity and ease of use for basic networks, while advanced features like ISP Fail-Over and Load Balancing provide complete business continuity for more complex networks. [more]
Monday, 27 October 2003, 5:44 PM CET

HNS Newsletter issue 185 has been released
You can read the Newsletter in TXT or PDF format. If you haven't done it yet, consider subscribing. [more]
Monday, 27 October 2003, 2:04 PM CET

California wins first anti-spam judgement
California won its first anti-spam judgement when a court fined a marketing firm $US2 million ($A2.87 million) for sending out millions of unsolicited emails telling people how to spam, the state's attorney general says. [more]
Monday, 27 October 2003, 10:57 AM CET

NSA buys license for Certicom's encryption technology
In an extraordinary move, the National Security Agency has purchased a license for Certicom Corp.'s elliptic curve cryptography (ECC) system, and plans to make the technology a standard means of securing classified communications. [more]
Monday, 27 October 2003, 10:55 AM CET

Red Hat Linux tips & tricks - using rescue mode
The official Red Hat CD-ROM (disk 1) can serve as a bootable emergency disk for most modern PCs with BIOS that can boot from CD-ROMs. [more]
Monday, 27 October 2003, 10:54 AM CET

Microsoft vs. spam - technology is not enough
It's a big admission to make. But MS knows that software alone can't kill spam. It'll also take industry cooperation, law enforcement, the courts, Congress--and you and me. Here's how we can do it. [more]
Monday, 27 October 2003, 8:43 AM CET

Bringing down the Internet
If you wanted to write a science-fiction thriller about the day the Internet crashed, you’d start with a computer geek. [more]
Monday, 27 October 2003, 8:41 AM CET

What can crackers really do to your PC?
You hear a lot about the havoc criminal hackers wreak on people's PCs. But how likely is this? And what exactly can they do? Turn on your PC? Steal your data? Robert has the answers. [more]
Monday, 27 October 2003, 8:40 AM CET

Brazil becomes a cybercrime lab
With a told-you-so grin, Marcos Flávio Assunção reads out four digits - an Internet banking password - that he has just intercepted as a reporter communicates via laptop with a bank's supposedly secure Web site. [more]
Monday, 27 October 2003, 8:36 AM CET

Intel motherboard locked in secrecy
Intel will launch a new motherboard containing a Trusted Platform Module (TPM), which is an electronic safe that can store encrypted keys to sensitive documents and personal information. [more]
Monday, 27 October 2003, 8:29 AM CET

Yo, Mr. CEO, get our point now?
A privacy group wants banks to know that they shouldn't be allowed to pass customer information around so easily. So they made their point above New York City by having a skywriter paint a bank CEO's Social Security number in the sky. [more]
Monday, 27 October 2003, 8:26 AM CET

NatWest customers targeted in 'phishing' scam
Net fraudsters have targeted NatWest customers in the latest fake email scam. [more]
Monday, 27 October 2003, 8:24 AM CET

Review - HackNotes Linux and Unix Security Portable Reference
Written by an experienced information security consultant, this portable reference delivers just the things we expect from this kind of a publication: important and up-to-date information on the common Linux/Unix security vulnerabilities, ways and tools to exploit those vulnerabilities and useful tips on securing and protecting your systems. [more]
Friday, 24 October 2003, 3:36 PM CET

Taking back control of your network bandwidth
You can’t manage what you can’t see. So it’s not surprising that with corporate networks congested more and more by P2P, streaming media, and other “leisure” traffic, network admins are increasingly turning to specialized network management software packages and appliances to give them the information they need to take back control of their bandwidth. [more]
Friday, 24 October 2003, 12:21 PM CET

December brings hackers to Malaysia
As the organizers note, the main aim of the Hack In The Box Security Conference 2003 is the dissemination, discussion and sharing of network security information. It's going to be held from December 12th to 14th in Kuala Lumpur, Malaysia. [more]
Friday, 24 October 2003, 12:18 PM CET

A testing ground for tools to defend the Web
A consortium of university and industrial scientists has created a computer network designed to test a new generation of tools that may one day lead to a smarter, more secure Internet that can spot problems like congestion and viruses before they affect individual computers. [more]
Friday, 24 October 2003, 11:51 AM CET

Son of MSBlast on the way?
A program that exploits a software vulnerability Microsoft recently described could spell trouble for companies that haven't quickly patched their system, security experts said this week. [more]
Friday, 24 October 2003, 11:37 AM CET

Fighting Internet worms with honeypots
This paper evaluates the usefulness of using honeypots to fight Internet worms, including a discussion on capturing a worm, redirecting worm traffic to fake services, launching counter attacks to clean infected hosts, and finally removing the worm or negating its effects. [more]
Friday, 24 October 2003, 11:36 AM CET

Defense Department wants RFID tags on everything but sand
The US Department of Defense has announced a sweeping policy to slap an electronic tag on every item in its inventory - well, almost every item. [more]
Friday, 24 October 2003, 11:34 AM CET

US study finds 7 percent bought products in response to 'spam'
Seven percent of American email users have ordered a product or service offered in an unsolicited email, although not all of this is pure "spam", according to a study by Pew Internet and American Life. [more]
Friday, 24 October 2003, 11:33 AM CET

Hackers steal easily guessed passwords
Users remain the weakest link when it comes to IT security, according to a survey. [more]
Friday, 24 October 2003, 11:27 AM CET

Security woes hit Microsoft balance sheet
A wave of security problems is hurting Microsoft's bottom line. [more]
Friday, 24 October 2003, 11:23 AM CET

Joe average user is in trouble
As security professionals we're at the forefront, like it or not, and it's up to us to help lessen the myriad of user problems we see around us. [more]
Friday, 24 October 2003, 11:23 AM CET

Internet security woes boost Symantec's bottom line
A summer of big virus and worm attacks, such as Sobig and Blaster, provided a healthy boost to Internet security company Symantec Corp.'s bottom line. [more]
Friday, 24 October 2003, 11:18 AM CET

SA companies started later but moving faster with security
Though information and communications technology (ICT) security issues don't change fundamentally from country to country, the speed and extent of adoption of enterprise-wide security measures depends on country-specific triggers. [more]
Thursday, 23 October 2003, 3:25 PM CET

Security and the much needed unification of servers
Today news sites repeated the monthly Microsoft execute says "Linux is insecure" articles. And while they are comparing apples with eggs (as Linux distributions ship with far more servers and network services than Microsoft offers), it’s hard to deny the fact that Linux is also insecure. [more]
Thursday, 23 October 2003, 12:17 PM CET

Be careful in creating passwords
I registered with my credit card company so I could view my transactions online, but I typed in the wrong password and checked the "remember my password" box. Now when I try to get to the credit card information, it is grayed out, and the Web site rejects me. [more]
Thursday, 23 October 2003, 12:14 PM CET

Security in CEO spotlight
Execs extol improvements despite Web services challenge. [more]
Thursday, 23 October 2003, 12:12 PM CET

Locally based resource center supports victims of identity theft
About 6:30 a.m., the nationally known Identity Theft Resource Center opens for business when Jay Foley steps from his living room into the cramped office carved out of the foyer of a modest Mira Mesa home. [more]
Thursday, 23 October 2003, 12:08 PM CET

Justice e-censorship gaffe sparks controversy
The Department of Justice used Microsoft Word's highlight tool to black out the sensitive portions of a key report on internal workplace diversity, before releasing it to the public as a PDF file. Guess what happened next. [more]
Thursday, 23 October 2003, 12:05 PM CET

Proper tools secure Internet connections
You've made the leap to broadband. Now what? [more]
Thursday, 23 October 2003, 11:49 AM CET

Defense Department begins IPv6 interoperability tests
The Moonv6 network project will be used to study next-generation Internet technology. [more]
Thursday, 23 October 2003, 11:46 AM CET

The HNS book giveaway winners have been chosen
The winners of the latest HNS Book Giveaway have been chosen and they are listed here, each with the corresponding book. [more]
Wednesday, 22 October 2003, 1:11 PM CET

Security woes aren't unique to Microsoft
Sure, Microsoft's security snafus are easy targets for critics, but the truth is that the company is doing a good job shouldering responsibility for issues related to its software. Or is it? [more]
Wednesday, 22 October 2003, 12:25 PM CET

Network Associates' new focus: intrusion prevention
Network Associates laid out a new product strategy focused on intrusion prevention before a gathering of 650 customers and partners. [more]
Wednesday, 22 October 2003, 12:00 PM CET

Ballmer: Windows is as secure as Linux
Security in the Windows operating system matches that of Linux, its open source rival, Microsoft Chief Executive Officer Steve Ballmer told delegates to the Gartner Symposium in Orlando. [more]
Wednesday, 22 October 2003, 11:54 AM CET

Entrust to provide PKI for FBI
Northrop Grumman Information Technology selected Entrust Inc. to provide public-key infrastructure (PKI) for the FBI. [more]
Wednesday, 22 October 2003, 11:53 AM CET

The case of the Trojan Wookiee
The complex nature of trials involving Trojan horses and flaws in Windows not only puts juries to sleep, it also potentially opens the door to some wacky defence arguments. [more]
Wednesday, 22 October 2003, 11:48 AM CET

What the hack, it’s mobilephones now
For computer-hackers and virus-writers, the next frontier in mischief is the cellphone. [more]
Wednesday, 22 October 2003, 11:47 AM CET

Getting the Point on security software
Residents of Israel, a country surrounded by potential enemies, learn to take security seriously. It is not surprising that Check Point software emerged from this environment. [more]
Wednesday, 22 October 2003, 11:46 AM CET

An easy way to avoid spam
Here's a method of filtering e-mail by using a customizable Perl script. [more]
Wednesday, 22 October 2003, 11:42 AM CET

SSL-VPNs sizzle
The SSL-VPN market is expected to heat up with NetScreen's recent US$265 million ($461.1 million) acquisition of Neoteris. [more]
Wednesday, 22 October 2003, 11:39 AM CET

The great american privacy makeover
An exclusive PC World survey reveals that even savvy Web users can do more to safeguard their privacy and data. Take the quiz and find out how vulnerable you are; then use our tips to improve your score. [more]
Wednesday, 22 October 2003, 11:36 AM CET

New service helps enterprise IT address endpoint vulnerabilities
The iPass Endpoint Policy Management service helps the IT department stay out in front of threats to the corporate network caused by worms, viruses and other malicious agents, reducing the risk of lost productivity and network downtime. [more]
Wednesday, 22 October 2003, 11:32 AM CET

Wireless data services security product announced
Bluefire Security Technologies announced the offering of an OEM solution designed to help wireless carriers spur adoption of data services by eliminating the mobile security concerns of enterprise customers. [more]
Tuesday, 21 October 2003, 6:23 PM CET

The evolution of a cryptographer
Bruce Schneier, who literally wrote the book on cryptography, talks with Senior Editor Scott Berinato about his holistic view of security, both physical and technical. [more]
Tuesday, 21 October 2003, 5:26 PM CET

Disclosure plan won't help
Encouraging publicly-traded companies to disclose their cyber security efforts would only force them to choose between providing vague and useless platitudes, or specific and dangerous details. [more]
Tuesday, 21 October 2003, 1:50 PM CET

Woman sentenced for reading e-mail of husband's ex-wife
A judge sentenced an Arizona woman to 60 days home detention for intercepting her husband's ex-wife's e-mail, saying the penalty is a warning to others who might be tempted to do the same. [more]
Tuesday, 21 October 2003, 1:46 PM CET

Microsoft pushes for security in Longhorn
Microsoft will preview its forthcoming server-stack software at the Professional Developers Conference in Los Angeles. [more]
Tuesday, 21 October 2003, 1:43 PM CET

VeriSign puts its security news online
Verisign warns of increased fraud. [more]
Tuesday, 21 October 2003, 1:42 PM CET

Phone, power, computers vulnerable, expert says
The nation's phone system, power grid and computer networks remain vulnerable to a large-scale terrorist attack, a security expert warned Monday. [more]
Tuesday, 21 October 2003, 1:40 PM CET

Risk management falls short
A new report argues that business leaders have a poor understanding of IT-related risks and responsibilities. [more]
Tuesday, 21 October 2003, 1:40 PM CET

Spam fighters defeat nuisance junk mail lawsuit
Anti-spam activists have won an important legal battle against Florida-based junk mailers. [more]
Tuesday, 21 October 2003, 1:38 PM CET

Microsoft answers EU antitrust charges
Despite complaining this month that it wanted more time, Microsoft Corp. filed its response to European Union antitrust charges just before the deadline expired, an EU spokeswoman said Monday. [more]
Tuesday, 21 October 2003, 1:36 PM CET

Computer viruses rampant in China
If you use a computer in China, the chances are that you have to do battle with a virus sooner or later. [more]
Tuesday, 21 October 2003, 1:32 PM CET

Attaining web services security
There's no security in the Web services standards and XML is human-readable, so Web services are inherently insecure. [more]
Monday, 20 October 2003, 1:34 PM CET

An overview of high-tech surveillance
In our high-tech world, machines track personal records, see through walls, and screen facial features. Will electronic surveillance mean better security, or an end to privacy? [more]
Monday, 20 October 2003, 1:31 PM CET

For cybersecurity, it's share and share alike
Executives warn that groups must work together to protect infrastructures. [more]
Monday, 20 October 2003, 1:16 PM CET

Peering through firewalls
New keynote service tracks end-to-end net performance. [more]
Monday, 20 October 2003, 1:11 PM CET

PC whiz cleared in Houston hacking
A British court has cleared a teenager of hacking into the computer of the U.S. port of Houston, Texas, after the youth testified his own computer had been taken over by someone else to mount the attack. [more]
Monday, 20 October 2003, 1:10 PM CET

Interview with Arne Vidstrom
The Swedish security reseacher, author of various security tools, who runs the web site talks with Help Net Security about online security issues, offers network security tips, shares his thoughts on the full disclosure of vulnerabilities, and much more. [more]
Monday, 20 October 2003, 12:57 PM CET

mod_security 1.7 Apache module released
Mod_security is an Apache module whose purpose is to protect vulnerable applications and reject human or automated attacks. It is an open source intrusion detection and prevention system for Apache. [more]
Monday, 20 October 2003, 12:53 PM CET

HNS Newsletter issue 184 has been released
You can read the Newsletter in TXT or PDF format. If you haven't done it yet, consider subscribing. [more]
Monday, 20 October 2003, 12:51 PM CET

Romania emerges as nexus of cybercrime
It was nearly 70 degrees below zero outside, but the e-mail on a computer at the South Pole Research Center sent a different kind of chill through the scientists inside. [more]
Monday, 20 October 2003, 11:49 AM CET

After Trojan Horses and worms, here comes the Beast
Adapted spyware software is the ultimate in online security threats, allowing hackers to take full control of victims' computers. [more]
Monday, 20 October 2003, 11:43 AM CET

Let common sense guide security ROI
I got another letter from a reader the other day telling me that companies will always consider security a "grudge" spend, despite the increasing awareness of the need to protect our computers, networks, and information. Why? Because there's no demonstrable ROI for executives making purchase decisions. [more]
Monday, 20 October 2003, 11:42 AM CET

Desktop and server security pull together
Network Associates will launch an integrated software security system that covers desktop and server systems. [more]
Monday, 20 October 2003, 11:41 AM CET

Application security comes to firewalls
Firewall maker NetScreen is giving its products the ability to inspect application data, in order to protect networks better. However, other vendors such as NetContinuum say the idea is not so new. [more]
Monday, 20 October 2003, 11:39 AM CET

Characterizing the performance of network intrusion detection sensors
This study measures and compares two major components of the NIDS processing cost on a number of diverse systems to pinpoint performance bottlenecks and to determine the impact of operating system and architecture differences. [more]
Friday, 17 October 2003, 6:46 PM CET

Unclassified documents restored to Pentagon site
The Pentagon restored Internet access Thursday to hundreds of unclassified documents that it recently took offline, including directives on myriad topics, from defining policies on conscientious objectors to displaying flags at half-staff. [more]
Friday, 17 October 2003, 6:42 PM CET

Broadband MSN gets blanket security
Microsoft on Friday said it would bundle McAfee security products with an upcoming broadband version of its Internet service to help users fend off virus attacks and hackers. [more]
Friday, 17 October 2003, 6:22 PM CET

Shell corner: miscellaneous Unix tips
This month, Ed Schaefer presents part IV in his Miscellaneous Unix Tips series. Kyle Douglass submitted a method for finding the top 10 files (by size) on a file system, a Korn shell technique for testing two files for the same inode, etc. [more]
Friday, 17 October 2003, 6:20 PM CET

Rudy Giuliani, the anti-hacker
Former NYC mayor's consulting company teams up with Ernst & Young to protect against hacker threat. [more]
Friday, 17 October 2003, 6:17 PM CET

Put a finger on your password
Attention confounded consumers: There's a high-tech solution that could render obsolete your growing jumble of credit card pin numbers and computer passwords -- and it's as plain as the nose on your face or fingerprint. [more]
Friday, 17 October 2003, 2:28 PM CET

The cultural divide and the Internet's future
After a couple of weeks on the hot seat, VeriSign CEO Stratton Sclavos is turning up the fire on his company's severest critics. [more]
Friday, 17 October 2003, 2:27 PM CET

Oracle ships security software
Oracle unveiled Thursday security software that streamlines the process of controlling access to corporate applications and information. [more]
Friday, 17 October 2003, 2:26 PM CET

Review - Secure Coding: Principles & Practices
The security issues and challenges facing information technology today have their roots in the software development process. One might say that's the root of all evil - or better, of all vulnerabilities. Written by two eminent software security experts, Mark G. Graff and Kenneth R. van Wyk, this book basically tries to answer the question - 'Why do good people write bad software?', and how can this be corrected. [more]
Friday, 17 October 2003, 12:58 PM CET

Incident response tools for Unix, part two: file-system tools
This article is the second in a three-part series on tools that are useful during incident response and investigation after a compromise has occurred on a OpenBSD, Linux, or Solaris system. This installment will focus on file system tools. [more]
Friday, 17 October 2003, 12:20 PM CET

A tech veteran's security warning
Rep. Adam Putnam, R-Fla., chairman of the House subcommittee on technology, delivered a keynote speech on critical security issues. In the days following the event, PC Magazine also caught up with Howard Schmidt, who is eBay's chief information security officer. Each man provided illuminating comments on both corporate and government security. [more]
Friday, 17 October 2003, 12:05 PM CET

Shattering Windows: is a disaster lurking?
One of the scarier things I've read about in security circles is what are called "shatter attacks." These are software-based attacks that take advantage of a basic architectural flaw in Windows. [more]
Thursday, 16 October 2003, 4:07 PM CET

Security flaw found in Hotmail
Hole could leave account info, credit card numbers at risk, company warns. [more]
Thursday, 16 October 2003, 3:56 PM CET

Cold War encryption laws stand, but not as firmly
A pioneering attempt to overturn the U.S. government's Cold War-era laws restricting the publication of some forms of encryption code ended quietly Wednesday when a federal judge dismissed the lawsuit--but only after assurances that the anticrypto laws would not be enforced. [more]
Thursday, 16 October 2003, 3:55 PM CET

Linux more secure than Windows XP
Evans Data Corporation's Fall 2003 North American Development Survey has found that Linux has increased its lead in developers' minds as the "most innately secure operating system" from 19% six months ago to 23% today. [more]
Thursday, 16 October 2003, 3:50 PM CET

Too many hacks
The open-source community should abandon its piecemeal approach to securing Linux - and soon. [more]
Thursday, 16 October 2003, 3:49 PM CET

Another laptop with sensitive data stolen
The search goes on for a stolen laptop computer, a computer that contains sensitive information about security at all the commercial airports in the U.S. [more]
Thursday, 16 October 2003, 3:47 PM CET

Prosecutors admits error in hack case
Federal prosecutors said they made a mistake in getting a computer administrator convicted for exposing flaws in his employer’s computer system and asked an appeals court to reverse his conviction. [more]
Thursday, 16 October 2003, 3:46 PM CET

Transparent, bridging firewall devices
This article examines the concept of a transparent or bridging firewall which sits hidden in-line with the network it protects. [more]
Thursday, 16 October 2003, 3:44 PM CET

Threat of mobile virus attack real
Mobile phone operators say it is only a matter of time before the wireless world is hit by the same sorts of viruses and worms that attack computer software. [more]
Thursday, 16 October 2003, 3:42 PM CET

Why Ballmer doesn't get it on security
Microsoft has come a long way in understanding security, but comments made last week by its chief executive Steve Ballmer show it still has a way to go. [more]
Thursday, 16 October 2003, 3:41 PM CET

UK's Internet infrastructure open to prying eyes
Network Penetration conducted a survey at the start of 2003 to check the status of the UK's DNS infrastructure. There are still some serious holes in major areas, but much improvement has been made in the last 8 months. [more]
Wednesday, 15 October 2003, 2:35 PM CET

Spam filtering with GNU/Linux, Postfix, procmail, and SpamAssassin
This step-by-step guide shows you how to install procmail and SpamAssassin and how to configure the Postfix mail transport agent to mark potential spam before it reaches your mail program. [more]
Wednesday, 15 October 2003, 1:58 PM CET

Google sponsoring coder contest
Here's your chance to be Silicon Valley Chief Geek: Beat out thousands of the nation's programmers in a Google-run contest to solve coding problems on deadline. [more]
Wednesday, 15 October 2003, 1:37 PM CET

Fan to RIAA: it ain't me, babe
A second person claims the recording industry has wrongly accused him of illegally sharing songs. [more]
Wednesday, 15 October 2003, 1:36 PM CET

Build a network router on Linux
This article shows how our authors set up Zebra and used it to manage routes dynamically in conjunction with real Cisco hardware. [more]
Wednesday, 15 October 2003, 1:33 PM CET

Intrusion detection should be a function, not a product
Intrusion detection's permanent placement in the Trough of Disillusionment of the Gartner Hype Cycle for Information Security does not mean that it is obsolete. [more]
Wednesday, 15 October 2003, 1:10 PM CET

Study: Internet fraud and attacks rise in tandem
The number of security incidents almost doubled between May and August of this year. [more]
Wednesday, 15 October 2003, 12:59 PM CET

Beginners guides: encryption and online privacy
Rules to keep your Credit Card number private, your personal information personal, and your money, in your account. [more]
Wednesday, 15 October 2003, 12:54 PM CET

Prosecutors admit error in whistleblower conviction
Federal prosecutors in Los Angeles will ask a court to set aside the conviction of a man who served 16 months in federal prison for blowing the whistle on an ex-employer's cybersecurity holes, officials said Tuesday. [more]
Wednesday, 15 October 2003, 12:53 PM CET

Five tips for managed security outsourcing
Yankee Group’s recommendations for getting the most from managed security outsourcing. [more]
Wednesday, 15 October 2003, 12:53 PM CET

Computer CPU makers debate multithreading, security
Computer microprocessor makers debated the merits of multithreading and hardware security at the Microprocessor Forum. [more]
Wednesday, 15 October 2003, 12:52 PM CET

Gore: Intrusive technology may make us less secure
Efforts should focus on interpreting information, not gathering more of it. [more]
Tuesday, 14 October 2003, 2:29 PM CET

Vendors face security calls
Firms should take legal responsibility for flawed software, according to some experts. [more]
Tuesday, 14 October 2003, 2:25 PM CET

Security firm removes details of unpatched IE holes
Security firm PivX Solutions has suddenly removed the web page which provided details of 30 unpatched vulnerabilities in Internet Explorer. [more]
Tuesday, 14 October 2003, 2:20 PM CET

Microsoft toughens up Outlook
The new version of Microsoft's popular e-mail program has added security features and spam-fighting capabilities. But critics say Outlook 2003 offers nothing that isn't already available in other programs. [more]
Tuesday, 14 October 2003, 1:46 PM CET

BEA unlocks first security product
Out to change the way developers secure applications, BEA Systems this week will release WLES (WebLogic Enterprise Security), its first stand-alone security software product. [more]
Tuesday, 14 October 2003, 1:44 PM CET

Attackers seek weaknesses inside the firewall - Symantec
The security firm says cyber-attackers are refocusing their efforts on PCs inside the perimeter of corporate networks. [more]
Tuesday, 14 October 2003, 1:41 PM CET

Banks must pay up if hacked
Customers who lose money to Internet bank crackers have a legal right to be refunded by the bank, a leading lawyer said this week. [more]
Tuesday, 14 October 2003, 1:38 PM CET

Houston suspect ran "hacker" gang
A teenager accused of bringing computers at America's biggest port to a standstill was part of a gang of "hackers", a court has heard. [more]
Tuesday, 14 October 2003, 1:37 PM CET

Talking Internet security
He's not a household name, but Bob Muglia is part of a small constellation of executives Bill Gates and Steve Ballmer have repeatedly entrusted with important projects over the years. [more]
Tuesday, 14 October 2003, 1:26 PM CET

T-Mobile works to tighten Wi-Fi security
T-Mobile USA is adopting a specification that's designed to prevent the hijacking of information between a Wi-Fi network and a client device, a move that's aimed at improving the security of its wireless hot spots. [more]
Tuesday, 14 October 2003, 1:24 PM CET

CCIA report is bad medicine
The proposed cure for the Internet's security woes might help Microsoft competitors, but it would only make our security problems worse. [more]
Monday, 13 October 2003, 3:37 PM CET

Nmap version detection rocks
The newest version of Nmap can fingerprint the protocol and software versions that it discovers, giving you a more accurate picture of your network. [more]
Monday, 13 October 2003, 3:36 PM CET

Spanish experts set up hacker competition
Two Spanish security experts are inviting computer buffs to participate in a competition to deface a website on a production server. [more]
Monday, 13 October 2003, 3:34 PM CET

Security tops concerns
IT directors fret over security and economic climate. [more]
Monday, 13 October 2003, 3:33 PM CET

Review - HackNotes Windows Security Portable Reference
If you want to learn more about Windows security, there's a plethora of security books you can use. Most of these titles are large volumes that contain information on a variety of topics and explain them in detail. Needless to say, these books are not very portable. The idea behind the HackNotes series is to give you critical information in a small number of pages that make a very portable reference guide. [more]
Monday, 13 October 2003, 3:32 PM CET

HNS Newsletter issue 183 has been released
You can read the Newsletter in TXT or PDF format. If you haven't done it yet, consider subscribing. [more]
Monday, 13 October 2003, 3:30 PM CET

Corporate espionage: a real threat
Corporate espionage does more to damage business than any other security intrusion, yet U.S. businesses do little to protect themselves. A smart CIO, armed with the latest technologies, can be the best line of defense. [more]
Monday, 13 October 2003, 3:30 PM CET

A fortress in a box
FortiGate 3600 offers a smorgasbord of security services on one machine. [more]
Monday, 13 October 2003, 3:24 PM CET

HNS book giveaway
Get some free knowledge on Linux security, Internet security, wireless security or Google. Enter our book giveaway right away and try out your luck. You just may win an O'Reilly book! [more]
Friday, 10 October 2003, 3:16 PM CET

Building an advanced mail server, part 2
Today we are going to add a web interface to our new mail server using SquirrelMail and Apache. [more]
Friday, 10 October 2003, 3:08 PM CET

Is your site being hacked without your knowledge?
Hackers manage to successfully break into systems much more often than you might realise. Just ask any member of a penetration testing team. These people hack for a living, with the explicit permission of the companies whose systems they are targeting, in order to highlight weaknesses. [more]
Friday, 10 October 2003, 2:46 PM CET

Web site welcomes hackers
Two Spanish security experts are inviting computer buffs to participate in a competition to deface a Web site on a production server. [more]
Friday, 10 October 2003, 2:42 PM CET

Ballmer: How we'll help customer security
In a speech at Microsoft's worldwide partner conference last night, CEO Steve Ballmer outlined new initiatives in the company's security efforts, including “improved patch management processes…and technologies”, global education programmes and tools for securing systems. [more]
Friday, 10 October 2003, 2:41 PM CET

EBay laptop fraud case widens
In what prosecutors say is the nation's marquee cyber fraud case, a federal grand jury has handed up a new indictment against a Utah man for allegedly bilking hundreds of would-be eBay laptop computer buyers. [more]
Friday, 10 October 2003, 2:33 PM CET

IT managers become cyber security guards
After the spate of critical updates and warnings over computer viruses issued in August and September, IT managers themselves may feel that they are on the verge of crashing. [more]
Friday, 10 October 2003, 2:30 PM CET

Public firms may be forced to disclose computer security steps
Companies that sell stock to the public may be required to disclose what they are doing to protect their computer systems, Homeland Security Secretary Tom Ridge said Thursday. [more]
Friday, 10 October 2003, 9:41 AM CET

Expert undermines hacking suspect's defence
An expert witness has undermined the hacking suspect's claim that he was framed for an Internet attack on a major US port. [more]
Friday, 10 October 2003, 9:10 AM CET

Snoop software gains power and raises privacy concerns
Mr. Eaton is the founder of TrueActive, which makes a computer program that buyers can install on a target computer and monitor everything that the machine's user does on the PC. [more]
Friday, 10 October 2003, 9:03 AM CET

Princeton student sued over paper on CD copying
Three days after a Princeton graduate student posted a paper on his Web site detailing how to defeat the copy-protection software on a new music CD by pressing a single computer key, the maker of the software said on Thursday it would sue him. [more]
Friday, 10 October 2003, 9:02 AM CET

Hacker busted for identity theft
Teen tricked surfers into downloading a key-logging tool. [more]
Friday, 10 October 2003, 8:57 AM CET

Technology helps to remember passwords
The software kicks in when the user visits a specific web site - the sign-on page for your online bank, for example - and fills in your user name and password and will even click the Submit button for you. [more]
Thursday, 9 October 2003, 3:06 PM CET

Gates answers cop’s plea for help
A “really rotten day” at work in late January prompted a just-about-had-it Toronto police officer to e-mail a spontaneous plea to the world’s richest man for help fighting child pornography. [more]
Thursday, 9 October 2003, 3:03 PM CET

IBM unveils wireless IDS service
Citing the "explosion" of wireless hotspots in public spaces, homes and businesses, IBM Corp. on Wednesday unveiled a new managed IDS (intrusion detection service) targeted at wireless networks. [more]
Thursday, 9 October 2003, 2:57 PM CET

Disgruntled Phillies fan arrested in hacking
Federal officers arrested a disgruntled Philadelphia Phillies fan in California on charges of hacking into computers and sending thousands of spam e-mails to sports writers at two Philadelphia newspapers. [more]
Thursday, 9 October 2003, 2:51 PM CET

Updated top 20 vulnerabilities list by SANS
The Top Twenty is a consensus list of vulnerabilities that require immediate remediation. It is the result of a process that brought together dozens of leading security experts. [more]
Thursday, 9 October 2003, 2:40 PM CET

No 'big bang' security fix - Microsoft
Microsoft says any changes it makes to improve security will be evolutionary rather than having an instant effect. [more]
Thursday, 9 October 2003, 2:34 PM CET

11,000 IP addresses found on accused hacker's PC
Police found a file containing more than 11,000 vulnerable servers on the PC owned by a teenager accused of attacking a US port with a massive DDoS attack, a court heard today. [more]
Thursday, 9 October 2003, 2:24 PM CET

What to do before the RIAA knocks
You don't want to be subpoenaed, but if you are served, be prepared. [more]
Thursday, 9 October 2003, 2:19 PM CET

House votes to lock out P2P threat
The U.S. House of Representatives voted on Wednesday to require the government to set up its computers so they are not exposed to security risks associated with peer-to-peer networks. [more]
Thursday, 9 October 2003, 2:17 PM CET

Cloaking device made for spammers
Once looked down upon, the junk e-mail business is now luring money-grubbing crackers. One of the first fruits of the new cracker-spammer union is "invisible" websites that can't be traced. [more]
Thursday, 9 October 2003, 2:16 PM CET

RSA Security Supports Microsoft Security Initiatives
RSA Security offered support for Microsoft Corp.'s newly announced enhanced security initiatives, including a commitment to continued product development and industry education on the impact of information security threats on individuals and businesses. [more]
Thursday, 9 October 2003, 1:17 PM CET

A harvest of security certifications
Emmett Dulaney provides a bountiful (and alphabetical!) list of security certifications. [more]
Wednesday, 8 October 2003, 8:03 PM CET

More enterprises planning secure WLAN rollouts
IT administrators have pretty much conceded that wireless (news - web sites) local area networks are an inevitability for the enterprise (news - web sites). [more]
Wednesday, 8 October 2003, 8:02 PM CET

Review - Red Hat Linux 9 Unleashed
To be honest, I don't like books that try to cover all about one complex system such as a new version of Red Hat, although I must admit I did enjoy this book. The beauty behind this book is that the authors have put many small, but valuable tips on configuring services or utilities. [more]
Wednesday, 8 October 2003, 6:45 PM CET

Accused port hacker says log files were 'edited'
A teenager accused of launching an attack on one of the US's biggest ports has claimed flaws in Windows allowed the real attacker to frame him. [more]
Wednesday, 8 October 2003, 5:53 PM CET

UK law: two years for file swapping?
UK file swappers face up to two years' imprisonment under new copyright regulations under the provisions of a European directive, that are expected to take effect in the UK this month. [more]
Wednesday, 8 October 2003, 5:51 PM CET

Interview with Jamie Cameron
The author of "Managing Linux Systems with Webmin" discusses the book and the development of Webmin. [more]
Wednesday, 8 October 2003, 5:07 PM CET

Companies still get it wrong on security
Hardware and software vendors are guilty of hyping external IT security threats while failing to warn companies sufficiently about internal risks, according to a survey of senior executives by the Economist Intelligence Unit in association with AT&T. [more]
Wednesday, 8 October 2003, 4:03 PM CET

Build an Internet server on a shoestring
If you're thinking about setting up an Internet server but don't have much money, this article is for you. It describes how to build and deploy a Web server for under $250.00, using a broadband connection, Red Hat Linux and other free software—and a very small budget. [more]
Wednesday, 8 October 2003, 8:28 AM CET

Bosses are the weakest link
Security best practice? I'll phone a friend. [more]
Wednesday, 8 October 2003, 8:26 AM CET

Expect terrorist attacks on global financial system
A successful terrorist attack on America's financial infrastructure could bring the US and global economies to a standstill, and the real surprise is that it hasn't been attempted yet. [more]
Wednesday, 8 October 2003, 8:17 AM CET

Shift key breaks CD copy locks
A Princeton University student has published instructions for disabling the new anticopying measures being tested on CDs by BMG--and they're as simple as holding down a computer's Shift key. [more]
Wednesday, 8 October 2003, 8:05 AM CET

Virus terror links probed
Britain's task force against high-tech crime is investigating possible links between virus writers and extremist groups. [more]
Wednesday, 8 October 2003, 7:58 AM CET

FBI slammed over handling of hacker case
The Justice Department said Monday the FBI didn't follow proper procedure when it notified reporters their notes might be subpoenaed in the case against Adrian Lamo. [more]
Tuesday, 7 October 2003, 9:52 AM CET

Fired @stake CTO Dan Geer talks
Geer defends decision to involve CCIA in security report's release. [more]
Tuesday, 7 October 2003, 9:49 AM CET

Security: a federal case
The department of energy has done something unusual for a federal agency. It has become an example of excellent cyber-security practice. [more]
Tuesday, 7 October 2003, 9:45 AM CET

E-voting: democratic or dangerous?
California goes to the polls on Tuesday to select its governor in an election where many will cast their votes not by putting a cross on a ballot paper, or by punching holes in a piece of card, but on computerised electronic voting machines. [more]
Tuesday, 7 October 2003, 9:44 AM CET

Hacker attack left port in chaos
Busiest US port hit after Dorset teenager allegedly launched electronic sabotage against chatroom user. [more]
Tuesday, 7 October 2003, 9:40 AM CET

Ex-ViewSonic employee pleads guilty to hack
A former network administrator for computer-monitor maker ViewSonic pleaded guilty Monday to illegally accessing a company server and deleting critical data two weeks after the firm had fired him, the U.S. Department of Justice said in a statement. [more]
Tuesday, 7 October 2003, 9:19 AM CET

Linux vs. Windows viruses: a rebuttal
The single biggest security issue facing Linux users at the moment is the misconception perpetuated by highly vocal advocates that Linux is somehow impenetrable to security-based attacks, and in particular, viruses and other malware. [more]
Tuesday, 7 October 2003, 9:19 AM CET

Security worries prompt P2P upgrade
Earthstation 5 has released a new edition of its file-swapping software, responding to reports that running older versions could let hackers delete critical files on a users' computer. [more]
Tuesday, 7 October 2003, 9:17 AM CET

Rise of wireless VPNs could improve PC security
The development of wireless technology and virtual private networks offers the possibility of major changes to network architecture. [more]
Tuesday, 7 October 2003, 9:17 AM CET

Time to recall e-vote machines?
Recent reports claim the software in Diebold electronic voting machines is insecure. But the policies and procedures for using the system in California's recall election raise concerns that the software isn't the only problem. [more]
Tuesday, 7 October 2003, 9:09 AM CET

Security for cable modem, DSL, and other remote user Internet connections
While modern Internet connection services are a boon to telecommuting and other off-premises applications, it is critical that they are safely deployed and maintained through prudent protection and security testing practices. [more]
Monday, 6 October 2003, 5:01 PM CET

HNS Newsletter issue 182 has been released
You can read the Newsletter in TXT or PDF format. If you haven't done it yet, consider subscribing. [more]
Monday, 6 October 2003, 4:51 PM CET

Demystifying those Microsoft vulnerabilities
Microsoft issues patches for vulnerabilities in its software at the rate of about one a week - the 40 weeks of 2003 have seen exactly the same number of advisories though some weeks have been more "patchy" than others. [more]
Monday, 6 October 2003, 4:33 PM CET

Smart cards get really smart
Researchers at the University of Pennsylvania have developed smart credit cards with embedded microchips. [more]
Monday, 6 October 2003, 4:31 PM CET

Hackers steal entire Half-Life 2 code
The entire source code for the much-anticipated Half-Life 2 has been leaked to the Internet, according to a security expert. [more]
Monday, 6 October 2003, 4:28 PM CET

Confessions of a hacker
By the age of 20, Benjamin Breuninger's life was a mess. Estranged from his mother and stepfather, a dropout with no job and months behind on his rent, he often went a day or more without eating. [more]
Monday, 6 October 2003, 4:25 PM CET

Students toil as spyware hunters
A pair of high school seniors team up to track down the creators behind Xupiter, a particularly agressive spyware invading thousands of computers. They are donating many hours of their time to help bring them to court. [more]
Monday, 6 October 2003, 4:24 PM CET

Organised crime targets all IT staff
Employees persuaded to infiltrate IT systems, warns High Tech Crime Unit. [more]
Monday, 6 October 2003, 4:20 PM CET

Front line security - screen savers
Activating a password-protected screensaver on users' desktops often provides more protection from unauthorized access than by issuing them with strong network login passwords, according to TruSecure. [more]
Monday, 6 October 2003, 4:20 PM CET

DHS launches cybersecurity monitoring project
System will analyze attacks, virus and worm outbreaks in real time. [more]
Monday, 6 October 2003, 4:19 PM CET

Fame, infame, all the same
Blowing the lid off the altruistic computer security town-crier angle. [more]
Monday, 6 October 2003, 4:17 PM CET

IM menace quadruples
Attacks against firms via instant messaging services are rising rapidly, according to experts. [more]
Monday, 6 October 2003, 4:13 PM CET

Review - 802.11 Security
Spread over just about 190 pages, "802.11 Security" is an easy to read technical guide that goes directly to the point and presents the reader with practical step-by-step information on creating a secure and stable wireless network. [more]
Friday, 3 October 2003, 5:45 PM CET

US intros tougher sentences for computer crimes
US authorities are to introduce harsher sentences for convicted computer criminals starting next month. [more]
Friday, 3 October 2003, 4:45 PM CET

EFA slams proposed anti-spam bill
The proposed anti-spam law can hardly be described as such and should not be enacted in its current form, Electronic Frontiers Australia has said. [more]
Friday, 3 October 2003, 4:45 PM CET

Practical security steps
Peter takes on the very practical task of describing practical security steps that don't require lots of time, effort, or money. They are steps that, if taken broadly, would make the world of computing a safer place. [more]
Friday, 3 October 2003, 4:39 PM CET

Linux vs. Windows viruses
To mess up a Linux box, you need to work at it; to mess up your Windows box, you just need to work on it. [more]
Friday, 3 October 2003, 4:34 PM CET

Microsoft sued for weak security
Microsoft faces a proposed class-action lawsuit in California based on the claim that its market-dominant software is vulnerable to viruses capable of triggering "massive, cascading failures" in global computer networks. [more]
Friday, 3 October 2003, 4:30 PM CET

Trojan horse exploits Explorer flaw
A program dubbed QHosts takes advantage of a hole in Microsoft's Internet browser to install itself without users being aware. [more]
Friday, 3 October 2003, 4:28 PM CET

The new security risk of VoIP
"This is the first time that a computer virus can stop your telephones from working," Mark Lobel, a senior manager at PricewaterhouseCoopers, told the E-Commerce Times. "There is a whole new class of attacks that can occur." [more]
Friday, 3 October 2003, 4:27 PM CET

'Unholy alliance' poses huge security threat
An unholy alliance is developing between the peddlers of pornography and the hacking community that will pose the biggest threat to the security and integrity of the data held on this world's computer systems - large and small. [more]
Friday, 3 October 2003, 4:24 PM CET

Cisco warns its WLAN security can be cracked
The proprietary security system used by Cisco Systems to protect wireless Lans widely deployed by enterprises can be defeated by a "dictionary attack" designed to crack passwords. [more]
Friday, 3 October 2003, 4:24 PM CET

Symantec on alert after Net activity surge
Symantec's security service has been placed on alert in response to a substantial jump in domain name server-related activity across the globe. [more]
Friday, 3 October 2003, 4:20 PM CET

Hacking outside the box
How do you protect yourself from the smooth-talking hacker whose only "tools" might be a floppy disk and a smile? [more]
Thursday, 2 October 2003, 2:49 PM CET

Internet attacks on the rise
Attacks on computer systems by virus writers and hackers continued to rise during the first half of the year, the Internet-security firm Symantec Corp said. [more]
Thursday, 2 October 2003, 2:48 PM CET

Microsoft shifts security strategy
Microsoft is looking for new ways to 'secure the perimeter' after conceding its focus on patches does not work. [more]
Thursday, 2 October 2003, 2:44 PM CET

FBI targets reporters' hacker notes
The FBI has notified 13 reporters that it might subpoena their records regarding a hacker charged with breaking into The New York Times' computer system. [more]
Thursday, 2 October 2003, 2:43 PM CET

From maven to outlaw: evolution of 'Hacker'
What is the difference between a "hacker" and a "cracker"? [more]
Thursday, 2 October 2003, 2:41 PM CET

Official: crackers have broken into GPRS billing
Some time today, the GPRS world will reveal that it has a security vulnerability which has seen an undisclosed number of its customers ripped off. [more]
Thursday, 2 October 2003, 2:28 PM CET

Hacker had access to personal records of about 40 students
A breach in computer security could have given hackers access to the personal information of as many as 40 students. [more]
Thursday, 2 October 2003, 2:27 PM CET

Beware of the telephone
I recently attended a presentation by Kevin Mitnick, the infamous and reformed hacker and president of Defensive Thinking, a consulting and training company aimed at helping clients prevent information theft. [more]
Thursday, 2 October 2003, 2:26 PM CET

Hackers threaten power network
Norway's power grid is subject to aggressive hacking every day, carried out by computer terrorists apparently intent on cutting electricity to wide areas of the country. [more]
Thursday, 2 October 2003, 2:25 PM CET

Devious virus attacks on the rise
Virus and hacker attacks have shot up by 20% in the first six months of this year, according to security experts. [more]
Thursday, 2 October 2003, 2:22 PM CET

Texas computer centre offers ethical hacking course
A Texas-based computer education centre has started offering a course in ethical hacking called the Certified Ethical Hacker certification. [more]
Wednesday, 1 October 2003, 3:14 PM CET

Avoid mobile security headaches
This article shows you how to avoid mobile security headaches by implementing the right safety measures. [more]
Wednesday, 1 October 2003, 3:08 PM CET

Forgotten war dialling risk leaves networks in peril
War Dialling, the scanning of telephone lines to find insecure modems that provide a back door route into corporate networks, is ignored as a risk by many organisations, security testing outfit NTA Monitor warns. [more]
Wednesday, 1 October 2003, 3:07 PM CET

Basic cryptography, part 10. block ciphers
All of the cypher systems we have looked at so far have been single-key character cyphers. By this, we mean that the same key which is used to encrypt the plaintext into the ciphertext is used to recover the plaintext from the ciphertext, and the cypher operates on only one character at a time. [more]
Wednesday, 1 October 2003, 3:06 PM CET

Ousted official back at nuke lab
Stanley Busboom, former head of security at the Los Alamos lab, is back as a consultant. But how's that? Six months ago, he was forced to resign after whistle-blowers were sacked for uncovering security problems. [more]
Wednesday, 1 October 2003, 2:58 PM CET

Shell history overview, part 1
There are many articles and books on that topic but we want to show our own point of view, share the experience, configs and describe problems you may face. [more]
Wednesday, 1 October 2003, 2:51 PM CET

Security firm charged with computer crimes
Forensic Tec Solutions' hacking into US government and military computers was designed as a publicity stunt, according to an indictment. [more]
Wednesday, 1 October 2003, 2:48 PM CET

Simplifying data protection decisions
Just as a business takes precautions against fraud and mismanagement, data protection should definitely be a key element of any risk management plan. [more]
Wednesday, 1 October 2003, 2:45 PM CET

Virus experts ask: what's in a name?
Current naming system often leaves everyone confused, industry insiders agree. [more]
Wednesday, 1 October 2003, 2:44 PM CET

Motorola builds security into network chips
Integrating authentication, encryption into chip will boost performance and lower cost of network gear. [more]
Wednesday, 1 October 2003, 2:43 PM CET

Six spam fighters face real-world test
After reviewing RFP responses from more than 30 anti-spam vendors, eWEEK Labs and service provider WiscNet invited six companies to show what they could do to help WiscNet solve its spam problem. [more]
Wednesday, 1 October 2003, 2:41 PM CET

Author of "Secure Shell in the Enterprise" speaks with HNS
Jason Reid is a Member of Technical Staff with Sun Microsystems. In this interview he discusses his book and various security topics. [more]
Wednesday, 1 October 2003, 2:37 PM CET


The synergy of hackers and tools at the Black Hat Arsenal

Posted on 27 August 2014.  |  Tucked away from the glamour of the vendor booths and the large presentation rooms filled with rockstar sessions, was the Arsenal - a place where developers were able to present their security tools and grow their community.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.


Fri, Aug 29th