Off the Wire

Off The Wire Archive

News items for October 2004

Secret Service busts cyber gangs
Operation Firewall nets 28 suspects alledgedly involved in online fraud and conspiracy. [more]
Friday, 29 October 2004, 10:09 PM CET


Protect against weak authentication protocols and passwords
Did you know that your Windows computers store and send weak password hashes which are very easy to crack? [more]
Friday, 29 October 2004, 2:39 PM CET


Biometrics early adopters reveal secrets, challenges
In a conference room overlooking the site of the World Trade Center, early adopters of biometrics technology this week stressed the importance of determining someone’s true identity. [more]
Friday, 29 October 2004, 2:38 PM CET


Linux users: welcome to the world of malware
Linux users are often smug about the state of their computer security, rightly criticizing Windows for its numerous security holes, but overlooking their own vulnerabilities. [more]
Friday, 29 October 2004, 1:38 PM CET


Too many users fall for cyber security urban myths
Commonly held misconceptions highlight problems. [more]
Friday, 29 October 2004, 1:32 PM CET


Xacta to certify USDA systems
Xacta Corp. officials will help two Agriculture Department agencies obtain federal security certification and accreditation requirements for their information systems, company officials announced this week. [more]
Friday, 29 October 2004, 1:09 PM CET


Smartcard MCU aims for applications growth
STMicroelectronics has added a new contactless smartcard microcontroller with 2Kbyte of EEPROM to its successful ST19 family of field-proven secure MCUs. [more]
Friday, 29 October 2004, 1:06 PM CET


Microsoft and IT security
Microsoft has come in for heavy criticism in recent years on the IT Security front, for obvious reasons. [more]
Friday, 29 October 2004, 1:04 PM CET


Banking on e-authentication
Banks are getting behind the federal government's E-Authentication initiative, giving a significant push to federal efforts to use electronic identities for e-government and e-commerce, said Steven Timchak, director of the initiative at the General Services Administration. [more]
Thursday, 28 October 2004, 11:59 AM CET


New Caller I.D. spoofing site opens
Web-based caller I.D. spoofing is back, and this time it's available to everyone. [more]
Thursday, 28 October 2004, 10:25 AM CET


RSA Security unveils DRM solution for mobile devices
RSA Security announced a standards-based security solution for digital rights management (DRM) that provides a security infrastructure for consumer-device manufacturers and service providers alike. [more]
Thursday, 28 October 2004, 10:21 AM CET


Access to Bush site cut for 'security reasons
US President George W. Bush's re-election campaign said on Wednesday it had cut its website off from access from certain foreign countries "for security reasons," but declined to elaborate. [more]
Thursday, 28 October 2004, 5:26 AM CET


What really sells security managers on one AV vendor over another?
With a malware storm always on the horizon, you'd expect AV vendors to have among the best customer support programs. Check out what Ed Skoudis found out. [more]
Thursday, 28 October 2004, 5:12 AM CET


NTT DoCoMo, IBM, Intel team to secure mobile devices
Trusted Mobile Platform is designed to protect wireless devices against viruses. [more]
Thursday, 28 October 2004, 5:06 AM CET


Big.biz struggles against security threats
Most large companies are struggling to protect themselves against security threats, a survey from security consultancy NetSec published today reveals. [more]
Thursday, 28 October 2004, 4:57 AM CET


Symantec unveils security strategy
Symantec has launched a new strategy for enterprise I.T. security that is designed to help businesses manage and protect the massive amounts of digital information on their networks. [more]
Thursday, 28 October 2004, 4:47 AM CET


EBay virus fears dismissed as scaremongering
Security fears sparked by the recently identified W32/Myfip virus are unfounded, according to a security industry executive who claims the concern is nothing more than empty scaremongering by antivirus firms. [more]
Thursday, 28 October 2004, 4:40 AM CET


Bluetooth poses security risk
Red-M, a vendor of intrusion detection tools, says many firms underestimate the danger of Bluetooth. [more]
Wednesday, 27 October 2004, 2:07 PM CET


US Bancorp teams up with VeriSign on banking security
US Bancorp will use a hardware-token based authentication service from VeriSign to secure access to commercial banking services for its customers. [more]
Wednesday, 27 October 2004, 2:06 PM CET


VOIP brings associated security risks
As local companies gear up to take advantage of the new legislation allowing voice over IP, many have not fully considered the additional security risks associated with the converged network. [more]
Wednesday, 27 October 2004, 2:03 PM CET


Mac worm sparks security concerns
Anti-virus experts have warned Mac users and system administrators against becoming complacent about security after the discovery of a worm targeting the Mac OS X operating system. [more]
Wednesday, 27 October 2004, 12:42 PM CET


Why current generation intrusion prevention systems fails business
The problem is that current generation intrusion detection and prevention (IDP) lacks context about the network. It may positively identify an attack, but it knows nothing about the target’s likelihood of succumbing to the attack. [more]
Wednesday, 27 October 2004, 12:39 PM CET


Spammers go on trial
Three people who allegedly sent America Online customers millions of junk e-mail messages touting penny stocks and other Internet gimmicks went on trial Tuesday in the nation's first such felony case. [more]
Wednesday, 27 October 2004, 12:28 PM CET


Insecurity begins at home
Spyware is rife and virus infection commonplace yet many home users reckon they are safe from online threats. [more]
Wednesday, 27 October 2004, 12:19 PM CET


The DNSdoctor utility
This utility will perform tests of a DNS zone or domain name. There are two versions available for download. [more]
Wednesday, 27 October 2004, 12:15 PM CET


Easy to remain untraceable
Breaking into computer networks and remaining untraceable after the breach has been detected is apparently easier than anyone would like it to be, said The Grugq, a Britain-based hacker. [more]
Wednesday, 27 October 2004, 12:13 PM CET


PostNuke open source CMS attacked
On the morning of October 26th the developers of the free software content management system PostNuke posted a security announcement saying that a vulnerability in the paFileDB download management software allowed an attacker to put up a hacked version of PostNuke for download. [more]
Wednesday, 27 October 2004, 12:04 PM CET


Your PC may be less secure than you think
A survey conducted by AOL found that 20 percent of home computers were infected by a virus or worm, and that various forms of snooping programs such as spyware and adware are on a whopping 80 percent of systems. [more]
Wednesday, 27 October 2004, 11:57 AM CET


Tighten security now
Network attacks are increasing " and at an alarming pace, according to IBM's Global Security Intelligence Services. [more]
Wednesday, 27 October 2004, 11:56 AM CET


How spyware and the weapons against it are evolving
Spyware has reached epidemic proportions and is only getting worse. [more]
Tuesday, 26 October 2004, 5:10 PM CET


VoIP security a moving target
Those who want to operate secure VoIP networks must be mindful of myriad threats because the technology is susceptible to vulnerabilities that might be foreign to traditional telecom managers and their staffs. [more]
Tuesday, 26 October 2004, 4:25 PM CET


Users see spyware and viruses through rose-colored glasses
People who believe their PCs are free of malware that can track their computer usage or gain control over their machines are most likely wrong. [more]
Tuesday, 26 October 2004, 4:24 PM CET


The Stylistic ST5000 Tablet PC updated with security features
The device keeps your data protected with a number of security features. [more]
Tuesday, 26 October 2004, 3:10 PM CET


Immunizing PCs from new threats
Defensive software mimics human immune system to block worms. [more]
Tuesday, 26 October 2004, 2:42 PM CET


Hacking: the must-have business tool
A new federal case illustrates the role computer intrusion is taking in the high-stakes world of niche Internet commerce. [more]
Tuesday, 26 October 2004, 1:36 PM CET


80% US home PCs have spyware: study
A survey of of 329 dial-up and broadband adult computer users by the US National Cyber Security Alliance and America Online has found that 80 percent of home computers were infected with spyware or adware of some kind. [more]
Tuesday, 26 October 2004, 1:30 PM CET


Issues discovering compromised machines
This article discusses the discovery of compromised machines in large enterprise environments, and offers some suggestions on correlating NIDS and HIPS logs to avoid false positives. [more]
Tuesday, 26 October 2004, 1:29 PM CET


Setting up a simple Linux firewall
This is an overview of the things I think you need to know if you're going to try and set up a simple firewall using linux on an old PC. [more]
Tuesday, 26 October 2004, 1:26 PM CET


Security with ease: Accordance ARAID 2000
Due to its closed RAID architecture, the ARAID 2000 works completely without additional drivers; the software provided by chipset makers for their controllers is enough. [more]
Tuesday, 26 October 2004, 1:23 PM CET


Still no OS X viruses
The sky began to fall October 22, thanks to this discussion on MacInTouch. Readers learned that the first ever virus for Mac OS X had been found. Again! [more]
Tuesday, 26 October 2004, 1:21 PM CET


IBM to start security reporting
IT giant IBM is to start releasing a monthly report detailing threats to corporate networks from hackers, viruses and worms. [more]
Monday, 25 October 2004, 4:44 PM CET


Intel outlines wireless USB security
Intel is backing the 128-bit AES encryption protocol for securing wireless USB connections. [more]
Monday, 25 October 2004, 4:44 PM CET


As the worms return
The most unwelcome guests always stay the longest. [more]
Monday, 25 October 2004, 4:41 PM CET


Understanding e-mail spoofing
E-mail spoofing is a growing problem and has reached the point where you cannot rely on the information displayed in your e-mail client to tell you who really sent a message. This article takes a look at the problem and the proposed solutions. [more]
Monday, 25 October 2004, 4:21 PM CET


Critical server needs and the Linux Kernel
A discussion of four of the kernel features needed for mission-critical server environments, including telecom. [more]
Monday, 25 October 2004, 1:34 PM CET


Are hackers now gunning for the Mac?
Since the last Mac OS X security update was the third in a month, and because some of the holes looked ripe for exploiting, I have to wonder whether the Mac is now attracting more unwanted attention from hackers. [more]
Monday, 25 October 2004, 1:30 PM CET


Security report: Windows vs Linux
Much ado has been made about whether or not Linux is truly more secure than Windows. [more]
Monday, 25 October 2004, 1:29 PM CET


Ballmer flags security for a pre-Longhorn 'Release 2'
Speaking at the Gartner Symposium and ITxpo 2004 Steve Ballmer outlined new security initiatives, some of which would make it into a pre-Longhorn 'Release 2' for Windows, next year. [more]
Monday, 25 October 2004, 1:26 PM CET


Worm targets Mac OS X users
Security experts have warned Mac users about the emergence of a new worm that "represents a huge security headache". [more]
Monday, 25 October 2004, 1:22 PM CET


Security for Internet users deemed weak
Internet users at home are not nearly as safe online as they believe, according to a nationwide inspection by researchers. [more]
Monday, 25 October 2004, 1:20 PM CET


Secure your wireless with IPSec
This article will show you one method for locking down your wireless network so that nobody but you can use it. [more]
Friday, 22 October 2004, 12:22 PM CET


Tolerance 'no index of browser security'
A researcher who used random malformed HTML to test a variety of browsers, says that the fact that he found Internet Explorer to be the most tolerant of bad mark-up should not in any way be interpeted as a reflection on the security of the browser. [more]
Friday, 22 October 2004, 9:54 AM CET


Hardening Linux networks with open source tools, part two
Network architect Todd Sanders offers a granular look at his work with POP Mail, Simple Network Management Protocol (SNMP) and F-Prot.
[more]
Friday, 22 October 2004, 9:52 AM CET


Anti-phishing app looks for users
A Sydney firm has developed software which can help in stopping the rash of successes enjoyed by the senders of phishing emails - only this time, the software works at the user's end. [more]
Friday, 22 October 2004, 9:45 AM CET


Security, 1994-2004: then and now
Comparing the state of security in 1994 versus 2004, has anything really changed over the course of ten years? [more]
Friday, 22 October 2004, 9:42 AM CET


HP beefs up security on Pavilion, Presario lines
Hewlett-Packard announced it would add third-party security and anti-virus software to its consumer and small-business Pavilion and Presario platforms, a move similar to Dell's announcement Wednesday that it needed to beef up security on its desktops. [more]
Friday, 22 October 2004, 9:40 AM CET


Viruses leap through window of opportunity
Mass mailing viruses could be consigned to the dustbin of history if only anti-virus vendors were quicker off the mark. [more]
Friday, 22 October 2004, 12:24 AM CET


Is a culture clash risking your security?
A clash of cultures between different security factions within the same company is putting security efforts at risk, according to a new study. [more]
Friday, 22 October 2004, 12:23 AM CET


Do service providers pose a security risk?
Although IT security standards at some offshore development centers may seem shoddy, one Canadian outsourcing service provider says that shouldn't deter North American companies from handing off work to reputable companies in Canada or overseas -- as long as they do their homework first. [more]
Friday, 22 October 2004, 12:22 AM CET


53 arrested in phishing crackdown
53 people arrested in Brazil for online banking fraud. [more]
Friday, 22 October 2004, 12:21 AM CET


nVidia puts a firewall on a motherboard
Upcoming chip set will include built-in security features for your PC. [more]
Thursday, 21 October 2004, 3:57 PM CET


Replace Windows passwords with passphrases
A Microsoft security manager is advocating the use of multi-word "passphrases" rather than passwords to secure Windows networks, arguing that passwords of less than 10 characters are inadequate against the latest hacking techniques. [more]
Thursday, 21 October 2004, 3:54 PM CET


Microsoft CEO: hackers getting smarter
Steve Ballmer believes it's naive to suggest the software giant can eliminate all security vulnerabilities in its various products even though engineers are trying hard to do so. [more]
Thursday, 21 October 2004, 3:47 PM CET


Liberty Alliance holdout IBM ends resistance, joins
Company now part of Sun-led identity management initiative. [more]
Thursday, 21 October 2004, 3:24 PM CET


California discloses massive ID theft
The compromised information includes names, addresses, telephone numbers, Social Security numbers and birth dates of about 1.4 million people. [more]
Thursday, 21 October 2004, 3:19 PM CET


IT chiefs use scare tactics to tighten security
Hacking and virus threat often exaggerated to win management support, says survey. [more]
Thursday, 21 October 2004, 3:13 PM CET


Tips on securing instant messaging
According to one of the latest research studies, 92% of all commerical and non-commerical organizations are using instant messaging in the enterprise. Tom Buoniello, VP of Product Management at Sybari talks to HNS about the current security of instant messaging deployments and provides insightful tips on what should enterprises do to make their IM secure. [more]
Thursday, 21 October 2004, 2:37 PM CET


American passports to get chipped
The United States plans to issue passports with personal data stored on radio frequency identification chips. The documents would be harder to forge, but might leave holders vulnerable to identity theft. [more]
Thursday, 21 October 2004, 12:35 PM CET


Security Information Management Systems (SIMS)
The computer security industry is guilty of overhyping and underdelivering. Again and again, it tells customers that they must buy a certain product to be secure. Again and again, they buy the products -- and are still insecure. [more]
Thursday, 21 October 2004, 12:13 PM CET


Panel: Let domestic security technology move forward
Effect of civil liberty groups on technological innovation discussed in panel discussion. [more]
Thursday, 21 October 2004, 12:09 PM CET


Ex-staff pose threat to data
Twenty-three per cent of companies leave networks exposed. [more]
Wednesday, 20 October 2004, 5:22 PM CET


ATMs in peril from computer worms?
Some anti-virus firm are trying to carve out a new market for their technology by trying to persuade that banks Automatic Teller Machines (ATMs) running Windows need protecting from computer worms. [more]
Wednesday, 20 October 2004, 5:22 PM CET


EU agency to promote information security
Nations must take security seriously to become IT leaders. [more]
Wednesday, 20 October 2004, 5:21 PM CET


Securing Exchange with ISA Server 2004
This article will highlight the security issues involved with providing Outlook Web Access or full Outlook client connections over the Internet, and then discuss how Microsoft's new ISA Server 2004 can be configured to mitigate these threats. [more]
Wednesday, 20 October 2004, 5:18 PM CET


Oracle's security luck runs out
Oracle is so well known for its security that it may have become complacent. "This is a wake-up call to Oracle to take security more seriously," said Noel Yuhanna, senior analyst with Forrester Research. [more]
Wednesday, 20 October 2004, 5:16 PM CET


'Swiss army knife' software tools not right for patching specific IT problems
Traditional patch management solutions are better at installing software than they are at patching and upgrading. [more]
Wednesday, 20 October 2004, 5:15 PM CET


Traditional anti-virus can't meet new threats
The need to defend networked electronic gear like PDAs and smart phones will drive anti-virus defenses away from the signature-based techniques of today and toward next-generation behavioral-based tactics. [more]
Wednesday, 20 October 2004, 5:10 PM CET


enKoo adds device for securing e-mail and applications
Support for LDAP a key feature. [more]
Wednesday, 20 October 2004, 5:09 PM CET


New security wares
Information security managers at agencies and businesses have more options for protecting the organizations from cyberattacks and insider threats thanks to new wares from several security information management vendors. [more]
Wednesday, 20 October 2004, 5:05 PM CET


Hacker hits California university computer
A computer hacker accessed names and Social Security numbers of about 1.4 million Californians after breaking into a University of California. [more]
Wednesday, 20 October 2004, 5:02 PM CET


Protecting MySQL sessions with SSH tunnel (port forwarding)
This article briefly describes how SSH Tunnel encrypts all traffic (including passwords) to effectively eliminate eavesdropping, connection hijacking, and other network-level attacks. [more]
Tuesday, 19 October 2004, 4:10 PM CET


Security designs of SSL VPNs
The audio session stresses out the need of an extensive pre-deployment audit for the purposes of determing what kind of access should be made possible for diffent type of users. [more]
Tuesday, 19 October 2004, 3:49 PM CET


UK preps major security awareness campaign
A major UK government campaign to help small businesses and consumers protect themselves from Internet security threats will launch in the UK next year. [more]
Tuesday, 19 October 2004, 3:13 PM CET


Linux: secure computing API
Andrea Arcangli released an updated version of his secure computing patch for the 2.6 Linux kernel. [more]
Tuesday, 19 October 2004, 2:25 PM CET


Managed security suite protects Wi-Fi LANs
Wavelink has introduced the industry's first integrated system for managing the security of wireless LANs. [more]
Tuesday, 19 October 2004, 2:03 PM CET


Hacking for a greater good
Many of us associate the term "hacker" with an anti-social teenager who uses his computing talent for nefarious ends, terrorising people with malicious viruses or defacing websites. What we are not aware of are "white hackers" — do-gooders who attempt to break into systems or networks to help the owners of these systems discover security flaws. [more]
Tuesday, 19 October 2004, 12:14 PM CET


DeepNines President Dan Jackson on network security
"We've had a focus on education because we felt if we could demonstrate to the marketplace that we could sit in the wildest of environments, it would demonstrate true security functionality," said DeepNines President Dan Jackson. [more]
Tuesday, 19 October 2004, 12:13 PM CET


More security needed for broadband business to thrive
We need government to give security more attention and resources than it has so far been willing to allocate. [more]
Tuesday, 19 October 2004, 12:05 PM CET


Your employees are your worst security liabilities
Your employees are probably more of a security liability than asset. And it's your hindquarters on the line. Analyst Rob Enderle provides tips and web resources on how to maximize your most valuable security defense: the two-legged kind. [more]
Tuesday, 19 October 2004, 11:57 AM CET


Microsoft, Cisco partner on network-access security
Microsoft and Cisco Systems will collaborate to make their emerging products for network security compatible. [more]
Tuesday, 19 October 2004, 11:56 AM CET


Build a high-availability Linux Web server
Set up a heartbeat failover cluster that lets a good server pick up where a bad one leaves off, ensuring that your site is never down for long. [more]
Monday, 18 October 2004, 3:08 PM CET


Fighting fire with fire: designing a "good" computer virus
Cyrus Peikari demonstrates methods to design and test a live, attenuated computer virus vaccine using real-world simulation. [more]
Monday, 18 October 2004, 3:07 PM CET


Microsoft delivers SP1 for Windows server soon
New Security Configuration Wizard lets users define specific roles for servers. [more]
Monday, 18 October 2004, 2:19 PM CET


Hackers software helping to automate online theft
Ben Kittridge admits that spamming violates traditional hacker ethics. But with computer programming jobs scarce, the eighteen-year-old Florida software whiz has joined the spam trade. [more]
Monday, 18 October 2004, 2:16 PM CET


Security chiefs pass test
Certified security professional qualifications are proving popular. [more]
Monday, 18 October 2004, 2:15 PM CET


Cisco looks to collaboration to ease security threats
Networking giant Cisco is to team up with other industry heavyweights to tackle the problem of security, promising to alleviate the burden of managing the threat for IT departments. [more]
Monday, 18 October 2004, 2:13 PM CET


Watch out, there's a scammer about
The British government has unveiled a new website to help punters "wise up to scams". [more]
Monday, 18 October 2004, 2:12 PM CET


On-chip firewall guards PCs
Nvidia chipset includes a hardware firewall to secure desktops. [more]
Monday, 18 October 2004, 2:11 PM CET


PC hacks for Linux
PC Hacks author Jim Aspinwall handpicks two Linux-specific hacks to share from his new book. [more]
Monday, 18 October 2004, 2:09 PM CET


Keypads secure financial applications
The W.series of fully customisable banking keypads and keyboards, are guaranteed to meet the demanding security requirements of banks and other financial institutions. [more]
Monday, 18 October 2004, 2:07 PM CET


IT security professionals wanted
With a reported 300% growth in demand for security experts in the region, only 22% of enterprises in Middle East have high level in-house technology security operations. [more]
Friday, 15 October 2004, 5:23 PM CET


Four charged in landmark UK phishing case
Four eastern Europeans appeared in a London court yesterday charged with defrauding online banks of hundreds of thousands through an elaborate 'phishing' scam. [more]
Friday, 15 October 2004, 2:03 PM CET


As bad as spyware
Where do we draw the line between spyware and pre-installed trial software that tricks people into paying for it? I have had enough. [more]
Friday, 15 October 2004, 1:30 PM CET


How to shop for a small-business firewall
So your business has outgrown the el cheapo hardware firewall you picked up at the mall? Learn how to find top-of-the-line capabilities without paying top-of-the-line prices. [more]
Friday, 15 October 2004, 1:28 PM CET


ZoneMinder: Linux home security par excellence
ZoneMinder was written by and is maintained by Philip Coombes, who explains on his site that he wrote ZoneMinder after having been burgled. [more]
Friday, 15 October 2004, 11:10 AM CET


SSH host key protection
This is the first in a series of articles on SSH in-depth. We start with looking at standard SSH host keys by examining the verification process to ensure you have not been the victim of an attack. [more]
Friday, 15 October 2004, 11:04 AM CET


Are hackers now gunning for the Mac?
Macs still have fewer bugs than Windows PCs, but Apple moves to plug security holes before problems crop up. [more]
Friday, 15 October 2004, 10:58 AM CET


Viruses in handheld devices
The advertising of computer systems is increasingly centered on handheld devices or PDAs. Prices of these devices have gone down considerably making them more accessible to the general public. With their popularization fears over possible viruses which might infect them have come up for discussion again. [more]
Thursday, 14 October 2004, 12:35 AM CET


Secure communication with Stunnel
Stunnel is an SSL encryption wrapper that allows what are normally plain text and insecure communications to be encrypted during transmission. [more]
Thursday, 14 October 2004, 12:26 AM CET


U.S., India to cooperate on tech security
India and the United States agreed Wednesday to develop new ways of securing data and to expand cooperation to protect networks from destructive viruses and computer hackers. [more]
Thursday, 14 October 2004, 12:25 AM CET


How to reset forgotten root passwords
Suppose you have just taken over as a new system administrator from another person just before they left and they forgot to give you the root password. [more]
Thursday, 14 October 2004, 12:24 AM CET


Enterprise security is the worst ever
Despite the number of IT security products and services cramming the market, businesses are more exposed than ever to emerging threats, according to industry experts speaking at the Etre technology conference in Cannes. [more]
Thursday, 14 October 2004, 12:15 AM CET


Broadband progress raises security issues
Industry expert warns public to be aware of threat. [more]
Thursday, 14 October 2004, 12:15 AM CET


Why Snort, Nessus, OSS build secure IT fortresses
There's no way that Todd Sanders would ever think of building network security and monitoring applications for businesses without using open source tools. [more]
Thursday, 14 October 2004, 12:14 AM CET


Cardholders targetted by Phishing attack using visa-secure.com
A new and widely disseminated phishing attack aimed at Visa cardholders uses the visa-secure.com domain to collect authentication information from Visa customers. [more]
Wednesday, 13 October 2004, 2:07 PM CET


Sniffing out the cyber Hannibals
Cyber sleuths are studying the bad guys to crack down on internet crime, writes Helen Meredith. They act like bait or decoys, helping network administrators detect anyone "sniffing" their network. [more]
Wednesday, 13 October 2004, 1:49 PM CET


Patriot Act tour carried a hefty price tag
U.S. Attorney General Ashcroft spent $200,000 of taxpayer money promoting the embattled surveillance law coast-to-coast. [more]
Wednesday, 13 October 2004, 1:46 PM CET


Web and e-mail monitoring is common in the workplace
Big Brother may not be watching you, but Big Employer probably is. [more]
Wednesday, 13 October 2004, 1:41 PM CET


Microsoft pushes out 'critical' security fixes
Microsoft has released 10 software security patches for its products, including seven it deemed critical and that could allow remote attackers to take control of systems running the company's software. [more]
Wednesday, 13 October 2004, 1:21 PM CET


Prosecutor resigns over hacked PC
A leading Dutch prosecuter resigned yesterday after hackers entered his mail box and revealed yet another classified letter addressed to the public prosecutor's office. [more]
Wednesday, 13 October 2004, 1:20 PM CET


Motorola signs for secure cores
Actel has licensed its DirectCore intellectual property (IP) for use in its ProASIC Plus FPGAs)to the Motorola Broadband Communications Sector. [more]
Wednesday, 13 October 2004, 1:19 PM CET


WarDriving: Drive, Detect, Defend, A Guide to Wireless Security
Wardriving is extremely important for the state of wireless security, as it shows how many unprotected WLANs are out there and is therefore directly influencing wireless security awareness. The book will both teach you how to participate in wardriving projects as well as to get familiar on what kind of information outsiders can discover about your wireless networks. [more]
Tuesday, 12 October 2004, 6:41 PM CET


Beckham + strumpet pic actually Trojan
Virus writers have moved on from using Osama bin Laden's or Arnold Schwarzenegger's supposed suicides as a lure to trying a similar trick involving "compromising pictures" of football superstar David Beckham. [more]
Tuesday, 12 October 2004, 6:03 PM CET


Solaris security suffers image problem
A highly critical security hole has been reported in the X Pixmap (libXpm) technology shipped with Solaris and JDS for Linux, which could allow someone to run code on your system if a modified X Pixmmap (.xpm) image is loaded. [more]
Tuesday, 12 October 2004, 6:00 PM CET


SonicWall releases stand-alone content filtering device
Device helps companies restrict Web sites their users can access. [more]
Tuesday, 12 October 2004, 5:43 PM CET


Cracking the wireless security code
Is it possible to deploy a secure wireless LAN with technology available today? [more]
Tuesday, 12 October 2004, 5:38 PM CET


Secure programmer: prevent race conditions
Resource contention can be used against you. [more]
Tuesday, 12 October 2004, 5:31 PM CET


Webroot: spyware is Windows-only
Spyware, those annoying programs that snoop on a user's actions, remain a Windows-only phenomenon. [more]
Tuesday, 12 October 2004, 5:20 PM CET


Fortress buys WLAN security technology from Legra
Wireless networks specialist Fortress Technologies has acquired some technology and assets of failed LAN switch developer Legra Systems Inc. for an undisclosed sum. [more]
Tuesday, 12 October 2004, 5:19 PM CET


Intel Ships processors with enhanced security capabilities
Intel said it had been shipping central processing units with security capability called XD-bit for some time, while a number of retailers began to supply the chips to end-users. [more]
Tuesday, 12 October 2004, 10:48 AM CET


Ballmer promises better security and value
Microsoft chief executive Steve Ballmer showed himself ready to face up to user concerns about security and licensing when he spoke to Computer Weekly in London. [more]
Tuesday, 12 October 2004, 10:47 AM CET


Security awareness and training 101
Security awareness and training are perhaps the most overlooked parts of your security management program. Why is security awareness and training so important and what constitutes a security awareness and training program? [more]
Monday, 11 October 2004, 9:10 PM CET


Reverse engineering the first Pocket PC trojan
This tutorial shows you how to reverse engineer a new example of Windows Mobile malware - step by step. We include our methods for background research and even include a fully annotated IDA disassembly of the ARM binary. [more]
Monday, 11 October 2004, 9:07 PM CET


Security review uncovers rampant virus infections
A journal writer makes a most unpleasant discovery just as the IT auditors arrive. [more]
Monday, 11 October 2004, 5:00 PM CET


Global opens up training
Security vendor sets up a free self-certification process for its partners. [more]
Monday, 11 October 2004, 4:12 PM CET


Security: end users are your first line of defense
My column is dedicated to training and education issues for IT professionals but how much do we think about training for end users, particularly educating users to be security-aware? [more]
Monday, 11 October 2004, 3:14 PM CET


US gov targets spyware outfit
A company which makes software that infiltrates users' computers and demands $30 to be removed has been targeted by US authorities. [more]
Monday, 11 October 2004, 3:07 PM CET


UK ID cards to be issued with first biometric passports
What's left of the 'voluntary' figleaf to the UK's ID scheme will erode in the next few months... [more]
Monday, 11 October 2004, 12:36 PM CET


Companies risk security by not introducing wireless
Enterprise IT managers are interested, but reluctant, to introduce wireless technology to their business for no good reason and, as a result, could be risking security breaches. At least according to a survey by researchers at IDC. [more]
Monday, 11 October 2004, 12:31 PM CET


Keeping the bad guys out
Threat management: organizing defense-in-depth strategies. [more]
Monday, 11 October 2004, 12:30 PM CET


So many worms, so little time
There is no single security countermeasure, or silver bullet, that can protect our networks completely. Over time the threats have grown in both number and complexity, while the timeframe for response has been shortened dramatically. [more]
Monday, 11 October 2004, 12:53 AM CET


Fighting the army of byte-eating zombies
"Over the past six months, Symantec documented more than 4,496 new Windows (particularly Win32) viruses and worms, over four and a half times the number as the same period in 2003." [more]
Friday, 8 October 2004, 2:25 PM CET


Bill imposes prison time over 'spyware'
The House on Thursday passed the second bill in three days that would outlaw "spyware," irritating software that quietly monitors the activities of Internet users. [more]
Friday, 8 October 2004, 2:19 PM CET


Gaps remain in Wi-Fi security
Sadly the new WPA2 security spec won't make your wireless LAN invulnerable. [more]
Friday, 8 October 2004, 12:31 PM CET


How to install a simple network gateway
This HOWTO is aimed at first time Linux users who want to set up a Linux box as a gateway to the Internet. [more]
Friday, 8 October 2004, 12:30 PM CET


Desktop firewalls bring security closer to home
Not just for the perimeter anymore, a firewall for your desktop can help block and control hostile code and intruders from entering machines on the LAN, in remote offices or on the road. Find out why you need one. [more]
Friday, 8 October 2004, 11:25 AM CET


A simple guide to slipstreaming Windows XP SP 2
Slipstreaming a Service Pack, is the process to integrate the Service Pack into the installation so that with every new installation the Operating System and Service Pack are installed at the same time. [more]
Friday, 8 October 2004, 10:50 AM CET


Crypto-loops
A loopback device is a very special device that allows you to mount a normal file as it was a physical device. loopbacks can be encrypted: this becomes very useful sometimes. [more]
Friday, 8 October 2004, 10:46 AM CET


Shifting cyber threats menace factory floors
A new report says that external attackers have overtaken insiders as the most likely cyber threat to remote-controlled factory equipment. [more]
Friday, 8 October 2004, 10:45 AM CET


What you should know about firewalls
It's 2 a.m. Do you know what your PC is doing? If not, you're probably not running a firewall to protect your system from hackers and malcontents. [more]
Friday, 8 October 2004, 10:44 AM CET


Improve security with wireless
Anyone who says wireless networks are insecure just isn't paying attention. [more]
Friday, 8 October 2004, 10:41 AM CET


ISPs not forced to secretly cooperate with the FBI anymore
A New York judge did the right thing last week when he threw out a USA-PATRIOT Act provision that forced ISPs to secretly cooperate with the FBI, and gave them no obvious avenue for appeal. [more]
Thursday, 7 October 2004, 2:29 PM CET


CA delivers virus protection for Windows XP embedded
Computer Associates announced the general availability of eTrust Antivirus for Microsoft Windows XP Embedded - the industry's first virus protection solution designed specifically for Microsoft's componentised version of the Windows XP operating system. [more]
Thursday, 7 October 2004, 2:15 PM CET


Noomy.A virus spreading via chat rooms
IRC users hoodwinked with promise of software cracks and Kournikova screensavers. [more]
Thursday, 7 October 2004, 12:11 PM CET


Understanding Windows security templates
A security template contains hundreds of possible settings that can control a single or multiple computers. [more]
Thursday, 7 October 2004, 10:51 AM CET


Howard Schmidt - CSO at eBay - returns to government
Howard Schmidt, a highly regarded technology executive who was former special adviser to President Bush for cybersecurity, is returning to work with the Homeland Security Department on efforts to protect the nation's computer networks. [more]
Thursday, 7 October 2004, 9:24 AM CET


Security concerns put MSN Messenger beta on hold
Microsoft has suspended the beta testing of the next version of its MSN Messenger client because of a potential security problem. [more]
Thursday, 7 October 2004, 9:23 AM CET


The future of Infosec
Because software is potentially infinitely foul-able it can be said that it is also infinitely insecure. [more]
Thursday, 7 October 2004, 9:19 AM CET


Drive-by hackers get residents' hackles up
The specter of drive-by computer hackers cruising upscale Scottsdale neighborhoods to cherry-pick wireless Web systems has residents worried about a new method of privacy intrusionv [more]
Thursday, 7 October 2004, 9:16 AM CET


New trojan program squashes adware
Downloader.Lunii delete files used by common adware programs, but is not entirely benevolent. [more]
Wednesday, 6 October 2004, 6:53 PM CET


CA buys Netegrity in web security play
In a deal that could expand its identity and access management (IAM) portfolio, Computer Associates is buying software security developer Netegrity for $430 million in cash. [more]
Wednesday, 6 October 2004, 6:51 PM CET


More mobility, more security issues
New survey by Edge Research indicates top security issues include regulatory compliance and remote/mobile access. [more]
Wednesday, 6 October 2004, 5:34 PM CET


Adobe does document security
Electronic document giant Adobe said that it was partnering with digital certificate company GeoTrust to provide technology that will allow documents that use Adobe's popular PDF to be digitally certified. [more]
Wednesday, 6 October 2004, 4:46 PM CET


Windows Forensics And Incident Recovery
The purpose of this book is to explain some technical information about Windows systems with a focus on forensics audits and incident recovery. The author did a good job and by the end of the book you will know how to prepare your system to prevent and detect incidents, how to analyze live forensics data, and more. [more]
Wednesday, 6 October 2004, 3:47 PM CET


Hacking books with Safari web services
For the past three years, Safari Books Online has been making offline technical books available on the Web. This article shows you how to get more out of this resource. [more]
Wednesday, 6 October 2004, 2:46 PM CET


Keys to a secret network
Seclarity's SiNic combines hardware encryption and granular policy management to lock down private LANs. [more]
Wednesday, 6 October 2004, 2:43 PM CET


New security products 'adapting' to threats
Enterprises getting proactive about security. [more]
Wednesday, 6 October 2004, 2:41 PM CET


A history of global hacking
Hacking is not a new problem nor is it isolated to one country. [more]
Wednesday, 6 October 2004, 2:40 PM CET


House passes bill imposing hefty fines over 'spyware'
Companies and others that secretly install "spyware" programs on people's computers to quietly monitor their Internet activities would face hefty federal fines under a bill the House passed Tuesday. [more]
Wednesday, 6 October 2004, 2:38 PM CET


Supply-chain security will take more than RFID
There's no single technology available to solve supply-chain security problems. There's too much hype around RFID technology. [more]
Wednesday, 6 October 2004, 2:35 PM CET


Schneier: Security outsourcing widespread by 2010
Bruce Schneier talks about the safety of open source vs. closed source, the future of security management and spread of blogs. [more]
Tuesday, 5 October 2004, 5:06 PM CET


Who's eavesdropping on your cell?
If you thought that your little chit chats on your mobile phones are safe from eavesdropping, think again, as security experts have revealed that the new generation of mobile phones are highly vulnerable to hackers. [more]
Tuesday, 5 October 2004, 5:01 PM CET


Symantec attacks backup with live state recovery
In an effort to include storage within its empire of security products, Symantec Corp. announced that it is going after the backup market with live state recovery software products that do point-in-time snapshots of entire servers or desktops. [more]
Tuesday, 5 October 2004, 5:00 PM CET


Microsoft takes aim at malware
Gates promises a cure for malicious software. [more]
Tuesday, 5 October 2004, 2:16 PM CET


Security upgrade at WiFi locations
Starting today, users of wireless broadband should find it safer to surf the Web from a T-Mobile HotSpot. [more]
Tuesday, 5 October 2004, 1:20 PM CET


North Korea's computer hackers target south and US?
North Korea has trained as many as 600 computer hackers to be capable of launching a cyber-war on South Korea, the US or Japan, South Korea’s defence ministry said on Monday. [more]
Tuesday, 5 October 2004, 1:03 PM CET


Privacy watchdog condemns US visit
The United States' new biometric system of border controls violates civil rights without delivering security, the head of the London-based civil liberties watchdog Privacy International has warned. [more]
Tuesday, 5 October 2004, 12:54 PM CET


Lessons learned from virus infections
This article discusses how a virus outbreak will produce a few unique opportunities to examine the health of an organization's network -- and learn ways to further harden the network from future automated attacks. [more]
Tuesday, 5 October 2004, 12:45 PM CET


Secure e-mail and PKI: together at last?
New technology and increased regulatory pressures are breathing new life into public key-based e-mail security. [more]
Tuesday, 5 October 2004, 12:34 PM CET


Future Windows component could spur old-school viruses
A planned component for Longhorn is causing consternation among antivirus experts, who say that the new module could give birth to a whole new generation of viruses and remotely exploitable attacks. [more]
Tuesday, 5 October 2004, 12:32 PM CET


Gaim-encryption: simple encryption for instant messages
Instant messaging is everywhere nowadays, but people who use it may be surprised to know how trivial it is to listen in on their private conversations. [more]
Tuesday, 5 October 2004, 12:30 PM CET


Outsourcing firms warned of 'significant cost of security'
International enterprises cannot afford to ignore the potentially serious IT security implications that arise when they decide to outsource core business functions to third party providers, industry analysts have warned. [more]
Tuesday, 5 October 2004, 12:28 PM CET


IIS rounds the security corner
It used to be exciting to read the new Web server share numbers from Netcraft every month. For a while there, Apache and Microsoft's IIS (Internet Information Services) were really duking it out. But these days, the survey has a look of obsolescence. [more]
Tuesday, 5 October 2004, 12:26 PM CET


Consumers unconcerned about cyberthreats
A study conducted by the National Cyber Security Alliance as part of its Cyber Security Awareness Month found that many users grossly underestimate the danger of cyber attacks. Three out of ten think they are more likely to be struck by lightning than hit by hackers. [more]
Tuesday, 5 October 2004, 12:24 PM CET


Decru unveils storage security software
Decru announced a software module for its DataFort storage security product that prevents unauthorized users, IT managers and viruses from accessing network data. [more]
Tuesday, 5 October 2004, 12:22 PM CET


Microsoft previews Windows XP embedded with SP2
New features to strengthen security, deliver greater manageability and fuel innovation. [more]
Monday, 4 October 2004, 5:28 PM CET


Biometrics vendor targets security conscious enterprises
This industry is growing very fast, and some analysts say it will be worth US$2 billion within a couple of years. [more]
Monday, 4 October 2004, 4:25 PM CET


Super-connected users could aid IM worms
Just a few users connected to popular instant messaging networks can cause the spread of worms, while choking off communications from "highly connected" users with many IM correspondents can slow the spread of worms, computer researchers say. [more]
Monday, 4 October 2004, 4:23 PM CET


And the scams go on...
People continue to fall prey to phishing scams regularly. [more]
Monday, 4 October 2004, 4:18 PM CET


Net giants adopt anti-spam system
The fight against spam is getting more serious as the net's big players impose conditions on bulk mail senders. [more]
Monday, 4 October 2004, 4:16 PM CET


ThinkPad with fingerprint reader is introduced
Hoping to drive biometric devices into the mainstream, IBM on Monday unveiled its first ThinkPad that features an integrated fingerprint reader that will work in tandem with an embedded security system. [more]
Monday, 4 October 2004, 4:15 PM CET


California goes after spyware
The Golden State passes a law aimed at cracking down on what some feel is the internet's next scourge -- spyware. But critics say it's only a partial step toward protecting consumers. [more]
Monday, 4 October 2004, 4:10 PM CET


Mobile phone virus goes 'wild'
First outbreak of Cabir reported in Singapore, says F-Secure. [more]
Monday, 4 October 2004, 4:09 PM CET


Poll shows most Americans clueless about virus risks
About one in three Americans think it's more likely they'll be audited by the IRS or win the lottery than fall victim to a virus or worm. [more]
Monday, 4 October 2004, 4:08 PM CET


SurfControl unveils security appliance
Vendor to seek distribution as it enters the hardware arena. [more]
Monday, 4 October 2004, 4:07 PM CET


US cybersecurity czar quits
US cybersecurity czar Amit Yoran announced his resignation on Friday after a year in the job. [more]
Monday, 4 October 2004, 4:06 PM CET


Baselining with security templates
The solution to creating and implementing security baselines on computers in your network is to "just do it." Security baselines establish the foundation for the overall security of a computer. If a computer has no foundation, the chances of it being compromised are very high. [more]
Monday, 4 October 2004, 3:43 PM CET


OSIA questions Gartner claim on Linux and piracy
A Gartner statement claiming that pre-installing Linux on PCs encourages piracy of Windows has been challenged by the Open Source Industry Association. [more]
Friday, 1 October 2004, 2:21 PM CET


Ten steps to e-mail security
Organizations would be wise to establish clearly defined security and e-mail policies. More than 137,000 computer security incidents were reported in 2003, nearly double the figure from 2002, according to the Carnegie Mellon's Computer Emergency Response Team. [more]
Friday, 1 October 2004, 2:08 PM CET


'Cybernapping' danger of unprotected systems
Experts warn of exponential rise in the run-up to Christmas. [more]
Friday, 1 October 2004, 2:06 PM CET


Phishers come up with a new scam
A new kind of phishing scam alters the website of a financial institution. [more]
Friday, 1 October 2004, 9:36 AM CET


Dell to sell more security-proofed business hardware
New ServGate hardware, starting at less than $1000, has integrated antivirus, spam filtering, and other security features. [more]
Friday, 1 October 2004, 9:25 AM CET


Arnold vetoes privacy bill
California Gov. Arnold Schwarzenegger says the bill, which would have required businesses to tell employees that their e-mail and internet usage was being monitored, was overly broad. [more]
Friday, 1 October 2004, 12:38 AM CET


Open source versus closed source security
In the age old battle between open source and closed source operating systems and applications, can either of them really be considered more secure than the other? [more]
Friday, 1 October 2004, 12:29 AM CET


Phishing tab to reach $500 million
By any measure, it is clear that online fraud, or phishing, is bad and getting worse. [more]
Friday, 1 October 2004, 12:02 AM CET


ID rule exists, but can't be seen
Justice Department lawyers say there is indeed a rule requiring passengers to show ID at the airport before boarding a plane, but they say the exact wording of the rule can't be read by the public and can't be challenged. [more]
Friday, 1 October 2004, 12:01 AM CET


Spotlight

The synergy of hackers and tools at the Black Hat Arsenal

Posted on 27 August 2014.  |  Tucked away from the glamour of the vendor booths and the large presentation rooms filled with rockstar sessions, was the Arsenal - a place where developers were able to present their security tools and grow their community.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Mon, Sep 1st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //