Off the Wire

Off The Wire Archive

News items for October 2007

Interview with the Head of Nokia Product Security
Janne Uusilehto is responsible for product security development at the world’s number 1 mobile device manufacturer. He is a member of several Nokia internal security related management boards, and Nokia’s main representative in the Trusted Computing Group and EICTA’s Mobile Security Group. [more]
Wednesday, 31 October 2007, 11:59 PM CET


How to secure Ubuntu with AppArmor
AppArmor is one way to protect your assets on your Ubuntu Gutsy system. [more]
Wednesday, 31 October 2007, 10:06 PM CET


Apache authentication and authorization using LDAP
Network administrators frequently use the Lightweight Directory Access Protocol (LDAP) to implement a centralized directory server. You can use LDAP to authenticate users in Apache. [more]
Wednesday, 31 October 2007, 12:16 PM CET


Whois may be scrapped to break deadlock
Tech industry lawyer Mark Bohannon frequently taps a group of searchable databases called Whois to figure out who may be behind a Web site that distributes pirated software or tricks visitors into revealing passwords. [more]
Tuesday, 30 October 2007, 7:31 PM CET


Book review: Ubuntu Linux for Non-Geeks, 2nd Edition
Many still believe that using Linux requires some advanced knowledge and that it's far for being user friendly. With time, user friendliness has become an important part of this OS and an increasing number of users have started to investigate it. This book is aimed at an audience of new users that wish to get things done with Ubuntu Linux. [more]
Tuesday, 30 October 2007, 7:30 PM CET


Spammers tempt surfers to help solve captchas
Call it an online game of strip poker, only spammers are the ones walking away with all the winnings. [more]
Tuesday, 30 October 2007, 5:33 PM CET


AT&T invents programming language for mass surveillance
From the company that brought you the C programming language comes Hancock, a C variant developed by AT&T researchers to mine gigabytes of the company's telephone and internet records for surveillance purposes. [more]
Tuesday, 30 October 2007, 9:54 AM CET


VA reports progress on information security
A Government Accountability Office report on our realignment progress correctly identified that more work needs to be done to have a successful transition from a decentralized to a centralized organization. [more]
Monday, 29 October 2007, 10:50 PM CET


Block data leakage at the source
Given how hard organisations try to prevent information about data leakage and data theft getting into the public domain, the fact that incidents are now being reported in the press on an almost weekly basis shows the potential size of the problem. And this problem ranges from high profile, highly publicised incidents down to individuals with key information on their laptops. [more]
Monday, 29 October 2007, 6:18 PM CET


Worst cybersecurity meltdowns
Most computer-security professionals don't believe in security. [more]
Monday, 29 October 2007, 12:00 AM CET


The risk of too much risk management
IT controls. Corporate governance. Decision support. Right-sized spending (another phrase I thought I coined, but I see it gets three hits in Google). These are all part of the all-too-nebulous activity often referred to as data security risk management. [more]
Friday, 26 October 2007, 7:57 PM CET


Securing data: the castle versus the tank
Most companies keep their data on storage they own. This storage is located in the datacentre.
[more]
Thursday, 25 October 2007, 7:18 PM CET


Theft and snooping alarm for your MacBook
iAlertU is a simple utility that turns your MacBook into a motion sensitive remote controlled alarm system. This article covers the software usage. [more]
Thursday, 25 October 2007, 7:13 PM CET


Are you secure? Prove it.
Are you operating a process that maintains an acceptable level of perceived risk? [more]
Thursday, 25 October 2007, 4:34 PM CET


A security focus on China outsourcing
Over the past 7-10 years, many security risk analysis and reviews have resulted in controls being implemented in most facets of security: administratively, physically and technically. Contracts now have the appropriate language to protect sensitive data and physical security measures have been built to align with the client’s company policies and standards. The technical measures continue to build upon a strong foundation built in partnerships with government and outsourcing firms. [more]
Wednesday, 24 October 2007, 8:02 PM CET


TJX breach was twice as bad as first reported
The largest digital data theft ever recorded was bigger than originally thought. [more]
Wednesday, 24 October 2007, 7:51 PM CET


Would-be identity thief finds himself stumped without printer drivers
There are a few things in this world that thieves need to keep in mind in order to run a successful criminal operation. [more]
Wednesday, 24 October 2007, 12:55 AM CET


Consumers don't understand the privacy risks of Web 2.0
Privacy may soon become a much bigger deal to the Web 2.0 world. [more]
Wednesday, 24 October 2007, 12:52 AM CET


Book review: Wi-Fi Hotspots
These days, if you find yourself at the airport, in a hotel or coffee shop, you're bound to see someone using a notebook, smartphone or PDA connected to the Internet. This is due to the increasing proliferation of wireless hotspots, both free and commercial. Read on to discover how this book tackles the topic. [more]
Tuesday, 23 October 2007, 7:06 PM CET


How Leopard will improve your security
With the release last week of the feature list for Mac OS X 10.5 Leopard, the security world is buzzing about some extremely important updates. [more]
Tuesday, 23 October 2007, 12:06 AM CET


High-level reverse engineering
This paper aims to present a methodical framework for high-level reverse engineering. The methodology is a culmination of existing tools and techniques within the IT security research community, which presents ways to identify process operation at a higher-level of abstraction than traditional binary reversing. [more]
Monday, 22 October 2007, 5:26 PM CET


A hacker for the MPAA tells it all
Promises of Hollywood fame and fortune persuaded a young hacker to betray former associates in the BitTorrent scene to Tinseltown's anti-piracy lobby, according to the hacker. [more]
Monday, 22 October 2007, 9:45 AM CET


SELinux sparks tussle over Linux security model
Should Security Enhanced Linux be designated as the sole security framework for Linux? [more]
Monday, 22 October 2007, 2:21 AM CET


Rising laptop thefts push prevention initiatives
It's the stuff of nightmares: A business executive on the road leaves a laptop computer in a parked car or on a restaurant table. [more]
Monday, 22 October 2007, 1:06 AM CET


BitLocker and the complexities of trust
I'd like to build a case detailing why I believe there are sound reasons for giving BitLocker a chance. [more]
Monday, 22 October 2007, 12:21 AM CET


Security service targets gamers
A British intelligence agency has targeted a new generation of recruits by advertising in computer games. [more]
Monday, 22 October 2007, 12:00 AM CET


Security and privacy enhancements for Firefox users through CustomizeGoogle
CustomizeGoogle extension for Firefox contains a number of security enhancements that could make your online life much easier and more private. This is an overview of these security functions. [more]
Friday, 19 October 2007, 11:57 PM CET


Wi-fi security system is 'broken'
More holes have been picked in the security measure designed to protect the privacy and data of wi-fi users. [more]
Friday, 19 October 2007, 6:08 PM CET


P2P networks threaten home PC security
Media-sharing software loaded by kids can expose trove of financial data. [more]
Friday, 19 October 2007, 12:39 AM CET


Senate and Bush agree on terms of spying bill
Some telecom companies would receive immunity. [more]
Thursday, 18 October 2007, 5:35 PM CET


CardSpace: first time sign-in experience
One of the biggest goals for CardSpace in the .NET Framework 3.5 is to simplify and improve the user experience. [more]
Thursday, 18 October 2007, 9:16 AM CET


Man accused of hacking into 911
Washington man accused of faking emergency call that sent armed response to unsuspecting Lake Forest family's home. [more]
Thursday, 18 October 2007, 12:06 AM CET


Book review: Linux Firewalls
Countless security professionals turn to Linux when it comes to deploying firewalls using open source tools and Michael Rash, the author of this book, is one of them. Read on to see what you can find in this title. [more]
Wednesday, 17 October 2007, 10:15 PM CET


Myth vs. reality: wireless SSIDs
Do you ever wonder sometimes how it is that some ideas just won't die? Like the thought that not broadcasting your wireless network's SSID will somehow make you more secure? [more]
Wednesday, 17 October 2007, 6:36 AM CET


Bill would let ID theft victims seek restitution
Legislation would also give prosecutors more tools to combat cyber crime. [more]
Wednesday, 17 October 2007, 6:35 AM CET


Rogue access points: back doors into your network
Let's say that an employee in your company gets a new laptop. He's excited about the laptop's WiFi capabilities, but the company he works for doesn't have wireless capabilities. What's he do? [more]
Wednesday, 17 October 2007, 6:25 AM CET


Report highlights blog censorship
Bloggers are now finding themselves prey to censorship from repressive governments as much as journalists in traditional media, a report says. [more]
Wednesday, 17 October 2007, 6:17 AM CET


Of supplicants and keys: the lowdown on WiFi security
Wireless security protocols have improved considerably, despite the lackadaisical attitude of most users towards their computer security. [more]
Wednesday, 17 October 2007, 6:16 AM CET


Removable devices: the menace within
This article looks at the threat businesses face from handheld USB devices and how to secure core business systems against them, without sacrificing productivity. [more]
Tuesday, 16 October 2007, 6:15 PM CET


Additional security doesn’t mean additional money
IT managers trying to figure out how much money to budget for information security purposes each year might want to take note of some recent advice from Gartner. [more]
Tuesday, 16 October 2007, 5:29 PM CET


Skype Defender malware alert
Some Windows users have been affected by a malware program that imitates Skype software and attempts to steal sensitive information. [more]
Tuesday, 16 October 2007, 12:14 PM CET


Lessons learned from five years of building more secure software
Security is not a static field—it constantly evolves as attackers attack, defenders defend, and each party learns more about the other's techniques. [more]
Tuesday, 16 October 2007, 11:50 AM CET


Bypass any firewall or throttling ISP with SSH
On some networks it’s impossible to use BitTorrent. [more]
Tuesday, 16 October 2007, 2:35 AM CET


27 suspended for Clooney file peek
More than two dozen employees at Palisades Medical Center have been suspended after accessing the personal medical records of actor George Clooney, who was taken to the North Bergen, N.J., hospital last month after a motorcycle accident. [more]
Tuesday, 16 October 2007, 2:15 AM CET


The Federal Bureau of Investigation - capabilities and service
This article provides an overview of FBI teams, InfraGard and the FBI Citizens' Academy. Gideon T. Rasmussen wrote it after attending 8 weeks of FBI Citizens' Academy briefings. The topics discussed within will be of interest to security professionals (e.g. the computer crime program, the white collar crime program, engagement models, and others). [more]
Monday, 15 October 2007, 7:42 PM CET


Hackers target Finnish forum, crack logins for 79,000 users
A group of hackers has disclosed the login information of approximately 79,000 forum users in Finland. [more]
Monday, 15 October 2007, 5:27 PM CET


Secure data warehouses rise again
They are among the most fortified institutions in greater Washington. [more]
Monday, 15 October 2007, 9:23 AM CET


Privacy concerns dog IT efforts to implement RFID
Employees often rebel against plans to include chips in corporate ID badges. [more]
Monday, 15 October 2007, 9:17 AM CET


Virtual security and digital panic
Many within Central and Eastern Europe are unaware that Big Brother has not only put on a three-piece suit, but has also gone digital. [more]
Monday, 15 October 2007, 9:07 AM CET


Air Force to get ‘cyber sidearms’
The Air Force will soon give service members working on networks a new tool to help detect cyberattacks, service officials said. [more]
Friday, 12 October 2007, 11:32 PM CET


One of the best forgers in Europe sentenced in the UK
Magic fingers and an unerring eye gave “Hologram Tam”, one of the best forgers in Europe, the skills to produce counterfeit banknotes so authentic that when he was arrested nearly £700,000 worth were in circulation. [more]
Friday, 12 October 2007, 8:50 PM CET


Where have all the good fingerprinters gone?
Historically, there are a lot of programs that attempted to do this. They weren’t necessarily very good, but at least they attempted to figure out what was running where. [more]
Friday, 12 October 2007, 5:17 PM CET


Implicit trust in DNS servers
How many people actually know which DNS server they're using? [more]
Friday, 12 October 2007, 3:23 PM CET


Implement Windows' encrypting file system
This article takes a deeper look into what it takes to roll out EFS in your organization. [more]
Friday, 12 October 2007, 3:03 PM CET


How to stop snarfing and other common switch hacks
ARP poisoning, SNMP snarfing, and "fuzzing" are common hacks perpetrated on Ethernet switch gear. Cisco networking expert Jimmy Ray Purser explains how to guard against these hacks.
[more]
Friday, 12 October 2007, 10:51 AM CET


Data leak: cyber sherlocks outwit hackers
Matching wits, beating hackers in their own game, computer forensic experts dabble with technology to bring cyber crooks to book. [more]
Friday, 12 October 2007, 10:46 AM CET


Privacy and security depend on program managers
Program managers need to apply privacy and security best practices early when they plan systems if they want to manage risk effectively. [more]
Friday, 12 October 2007, 10:44 AM CET


Behave cautiously online
I can’t always know when I can trust a Web site to guard my private data. So I will take steps to keep personal information personal. [more]
Friday, 12 October 2007, 12:15 AM CET


Guide to online antivirus solutions part 8: CA Online Virus Scanner
This article continues our overview of well-known online antivirus solutions. This week we are taking a look at the CA Online Virus Scanner. [more]
Thursday, 11 October 2007, 4:45 PM CET


The other side of iPhone security
Over the past few weeks, hackers and enthusiasts have given the iPhone’s platform a thorough massage, attempting to break through Apple’s barriers. [more]
Thursday, 11 October 2007, 2:09 PM CET


Yahoo! susceptible to Cross Site Request Forgery (XSRF) attacks
Businesses seem to derive a false sense of security from the fact that these “mobile” web-sites execute lower amount of transactions than the full-fledged version: it is thus incorrectly assumed that the security risk posed by the mobile version is lower. [more]
Thursday, 11 October 2007, 1:27 PM CET


Encrypting exec e-mail addresses security issue
Media giant Bertelsmann is putting a bit of money where its mouth is. [more]
Thursday, 11 October 2007, 12:30 PM CET


New features discovered in Windows XP SP3: is it better than Vista?
According to preliminary reports from Neosmart, testers there found evidence that the company is hardening XP's network security with added features. [more]
Thursday, 11 October 2007, 10:30 AM CET


Oracle fixes glitch in PHP Web applications
The open-source Oracle Call Interface 8 driver repairs a flaw that led to PHP-based Web apps overwhelming Oracle databases with requests. [more]
Thursday, 11 October 2007, 10:28 AM CET


Securing Web services
With the advent of Web Services, backend systems running in data centers and mainframes are available in well-published Web Service APIs. As a result, developers, architects and administrators become more concerned about the security of Web Services. [more]
Thursday, 11 October 2007, 10:25 AM CET


House panel approves new wiretapping legislation
In a party-line 20-14 vote, the House Judiciary Committee today approved legislation expanding federal wiretapping powers while simultaneously imposing some new reporting and oversight requirements. [more]
Thursday, 11 October 2007, 10:00 AM CET


Student who disclosed security breach barely escapes expulsion
A student at Western Oregon University who accidentally discovered a file containing personal data on a publicly accessible university server and then handed that data over to the student newspaper has narrowly escaped being expelled for his actions. [more]
Thursday, 11 October 2007, 9:59 AM CET


'Critical' flaw exposes Adobe Acrobat, Reader
PCs vulnerable to hacks; patch might not be available until late October. [more]
Thursday, 11 October 2007, 12:15 AM CET


Attacking the build through cross-build injection
This paper surveys previous attacks related to building open source software, including attacks against Sendmail, OpenSSH and IRSSI. It then shows how three popular build tools for Java (Apache Ant,1 Maven2 and Ivy3) are commonly misused in ways that make them susceptible to cross-build injection (XBI) vulnerabilities, which can allow attackers to insert Trojans, back doors, or other malicious code. [more]
Wednesday, 10 October 2007, 8:43 PM CET


Hackers could skew US elections
The web may not deserve its reputation as a great democratic tool, security experts say. [more]
Wednesday, 10 October 2007, 8:33 PM CET


US grapples with cybersecurity
A cybersecurity conference in Washington discusses the latest intrusions into US government information systems as a key security official works to make the US 'the most dangerous' place for cyber criminals. [more]
Wednesday, 10 October 2007, 8:31 PM CET


Secure your webserver using SSL and TinyCA
SSL is especially suited for HTTP since it can provide some protection even if only one side of the communication is authenticated. [more]
Wednesday, 10 October 2007, 9:24 AM CET


Audio forensics experts reveal (some) secrets
Some audio forensic examiners go to extraordinary lengths to validate recordings. [more]
Wednesday, 10 October 2007, 9:23 AM CET


How disaster-tolerant is your company?
Establishing a disaster tolerant infrastructure can be a very complex and costly undertaking. [more]
Wednesday, 10 October 2007, 12:40 AM CET


I will keep my Mac safe from other users
When it comes to security, you may be your own worst enemy. [more]
Wednesday, 10 October 2007, 12:21 AM CET


Some unanswered website vulnerability questions
In the industry we discuss at great length the legal risks and ethical responsibilities of the person disclosing an issue, but not enough about the same when it comes to the business itself. [more]
Wednesday, 10 October 2007, 12:00 AM CET


WLAN security blamed for TJX payment card breach
A new report issued by the Office of the Privacy Commissioner of Canada last week cited Winners Merchant International and its parent company, TJX, for failure to satisfy personal information protection standards during a break-in that compromised 45 million payment cards. [more]
Tuesday, 9 October 2007, 3:28 PM CET


IE 7 bug reopens debate over patch responsibilities
Researchers argue over who to blame; Microsoft again denies there's a bug. [more]
Tuesday, 9 October 2007, 2:40 PM CET


Bastille: classic Linux and Unix security


Avoiding pitfalls of cyberspace [more]
Tuesday, 9 October 2007, 2:32 PM CET


Technology's challenge to privacy
Internet law professor Michael Geist wonders whether technology threatens the legal foundations of privacy law. [more]
Tuesday, 9 October 2007, 2:31 PM CET


Democrats likely to relax stance on wiretaps
Two months after vowing to roll back broad new wiretapping powers won by the Bush administration, congressional Democrats appear ready to make concessions that could extend some of the key powers granted to the National Security Agency. [more]
Tuesday, 9 October 2007, 2:26 PM CET


A preview of Microsoft Windows Vista SP1 beta
Now, roughly nine months after Vista started hitting desktops, Service Pack 1 (SP1) has started its beta run. [more]
Tuesday, 9 October 2007, 12:10 AM CET


Review - Virtual Honeypots: From Botnet Tracking to Intrusion Detection
In order to stay one step ahead the attackers you have to learn what they know. Virtual honeypots enable security professionals to identify potential risks and improve their defensive techniques. Written by two industry veterans, "Virtual Honeypots" promises to tackle this topic heads-on, with lots of technical details. [more]
Monday, 8 October 2007, 8:21 PM CET


Viruses 'hit 1m China computers'
Almost one million Chinese computers were hit by viruses during last week's national holidays, state media has reported. [more]
Monday, 8 October 2007, 7:22 PM CET


MPs call for ID theft czar
UK politicians are calling for the creation of an identity theft "czar" to lead the fight against the growing form of crime. [more]
Monday, 8 October 2007, 7:22 PM CET


Security: whacking hackers
In a single case this summer, an attack by hackers disabled a reported 1,500 Pentagon computers. [more]
Monday, 8 October 2007, 12:27 AM CET


Online campaign 2008: a phishing bonanza?
The 2008 presidential contenders' online fund-raising tactics could encourage one gigantic phishing attack. [more]
Monday, 8 October 2007, 12:00 AM CET


Retailers take swipe at PCI security standard
Frustration growing over card data rules. [more]
Friday, 5 October 2007, 4:18 PM CET


Jury orders woman to pay RIAA $222,000 for illegal music sharing
Verdict possible shot in the arm for recording industry effort. [more]
Friday, 5 October 2007, 3:17 PM CET


Security debate: Mozilla Thunderbird vs. Microsoft Outlook
Face it, what do most people use the Internet for? Web browsing and email are likely to be at the top of just about anyone’s list. What are the most popular browser and emailer? Simple: IE and Outlook, and by a pretty darned big margin.
[more]
Friday, 5 October 2007, 2:29 PM CET


SQL Server 2008: Transparent data encryption feature
TDE should not be perceived as a replacement of the encryption solutions shipped with SQL Server 2005; instead, TDE should be viewed as a complementary feature providing encryption at a coarser granularity level. [more]
Friday, 5 October 2007, 11:46 AM CET


iPhone buffer exploit may lead to jailbreak
A newly discovered iPhone exploit could help developers find another way to run third-party applications on Apple's device. [more]
Friday, 5 October 2007, 11:44 AM CET


China's Great Firewall turns its attention to RSS feeds
As many readers who follow the antics of the Chinese government know, when it comes to enforcing the "Great Firewall of China," consistency isn't exactly its strong point. [more]
Friday, 5 October 2007, 11:37 AM CET


Secure remote access to your desktop
Accessing your home server safely can be problematic, especially if you don't have a fixed IP address, but with Linux, DynDNS, PAM, and NX Free you can create a safe remote access path to your machine. [more]
Friday, 5 October 2007, 11:34 AM CET


Internet badness: China, Russia and the USA
While sources, types and responses to Internet badness vary widely, there exists a clear intersection in technical and policy implications that may note be completely obvious. [more]
Friday, 5 October 2007, 6:00 AM CET


Automation won't solve weaponized rootkits
Most IT folks have heard the term "rootkit" but most don't truly understand how to mitigate the threat. [more]
Friday, 5 October 2007, 12:01 AM CET


Mac security freeware: password manager, screen locker and MD5 checksum checker
In a series of articles on Mac security freeware I will be covering a number of newly released security tools for Mac OS X. This time I am taking a look at KeyMaster 1.0.1 password manager, Utility Lock 1.0.3b screen locking mechanism and MD5 2.6 checksum checker. [more]
Thursday, 4 October 2007, 8:19 PM CET


Battle to beat fake Ebay e-mails
Fake Ebay and Paypal e-mails which are used to con users out of money are being targeted by a secure mail system. [more]
Thursday, 4 October 2007, 2:40 PM CET


Security for all
With the converged networks of the future, security will not only be built in, it will become one of the applications on the network. [more]
Thursday, 4 October 2007, 12:06 AM CET


Solving the keylogger conundrum
These days the weapons of choice are not sawn-off automatics, or revolvers fitted with silencers. It’s much more likely to be illicitly gathered passwords, user-names and dates of birth. And of the armory at their disposal, keyloggers are an increasingly popular choice. [more]
Wednesday, 3 October 2007, 11:50 PM CET


One more crack at the WEP
Wireless Equivalency Protocol (WEP) has been one of the hottest topics in Irish news over the last few days. One of the leading providers of DSL in Ireland has supplied users with wireless routers protected using WEP. [more]
Wednesday, 3 October 2007, 4:14 PM CET


Web 2.0 is 'security risk', warns analyst
Criminals are taking increasing advantage of “Web 2.0” and social networking to attack companies, according to analyst Christian Christiansen, vice president for security products and services at IDC. [more]
Wednesday, 3 October 2007, 3:50 PM CET


Could Adobe be vulnerable to an AIR attack?
Software vendor faces increasing security challenges due to support for new apps. [more]
Wednesday, 3 October 2007, 10:48 AM CET


Security researchers look beyond Vista
The improved security in Microsoft's newest software products may leave some security researchers looking elsewhere for work. [more]
Wednesday, 3 October 2007, 10:46 AM CET


Traverse corporate firewalls
Censorship has never been popular with American citizens. Unfortunately, censorship is very popular with American corporations. [more]
Wednesday, 3 October 2007, 10:41 AM CET


How to write insecure code
In the interest of ensuring that there will be a future for hackers, criminals, and others who want to destroy the digital future, this paper captures tips from the masters on how to create insecure code. [more]
Wednesday, 3 October 2007, 12:21 AM CET


Civil liberties: surveillance and privacy
Learning to live with Big Brother. [more]
Wednesday, 3 October 2007, 12:00 AM CET


Think your job's tough? Try protecting Net access for the U.S. Army
For most large companies, an attack that brings down the corporate network means millions of dollars in lost revenue and unhappy customers. [more]
Tuesday, 2 October 2007, 1:09 PM CET


Plan a privacy week
Employee education must be part of every agency’s privacy and information security program. So, how do you craft a privacy program that effectively educates your agency’s work force from the chief executive to interns? [more]
Tuesday, 2 October 2007, 11:36 AM CET


Information security and NFL espionage
Over the past several weeks, just as the the 2007-08 NFL regular season comes into full swing, the contents of email boxes everywhere started being bombarded with yet another NFL-driven social engineering vector. [more]
Tuesday, 2 October 2007, 11:12 AM CET


Review: Ubuntu Unleashed (2nd edition)
According to the 2007 Desktop Linux Survey, 30 percent of the respondents are using Ubuntu, and this makes it the most popular desktop Linux distribution. With such a large user base, there's always need for books that explore every aspect of a distribution for both novice and knowledgeable users. "Ubuntu Unleashed" is a huge title packed with a ton of content, but does it deliver? Read on to find out. [more]
Tuesday, 2 October 2007, 11:00 AM CET


FBI at risk for internal espionage
Six years after arresting spy Robert Hanssen, bureau still vulnerable. [more]
Tuesday, 2 October 2007, 4:33 AM CET


Vista SP1 offers no new features, focuses on OS tweaks, security
Unlike XP's SP2, this service pack offers mainly under-the-hood changes. [more]
Tuesday, 2 October 2007, 3:12 AM CET


Contested UK encryption disclosure law takes effect
A controversial new British law requires individuals and businesses to decrypt data sought in police investigations. [more]
Tuesday, 2 October 2007, 2:27 AM CET


Public wants surveillance, Bloomberg says
Residents of big cities like New York and London must accept that they are under constant watch by video cameras, New York Mayor Michael Bloomberg said Monday. [more]
Tuesday, 2 October 2007, 2:18 AM CET


Americans wrong about computer security
Most Americans believe their computers are protected against viruses and spyware, but scans found that a large number had outdated or disabled security software, according to a poll released on Monday. [more]
Tuesday, 2 October 2007, 12:15 AM CET


Mac OS X - Automator backup workflow tutorial
Here's an article on how to use Automator to write a very simple backup utility—you’ll be able to compress and copy a given folder with a single mouse click. [more]
Tuesday, 2 October 2007, 12:03 AM CET


Just how bad is the Storm worm?
The Storm worm has earned its share of superlatives, but security experts disagree over just how many computers running Microsoft Windows have been compromised by the e-mail worm. [more]
Monday, 1 October 2007, 7:14 PM CET


Remote kernel exploitation
As little as three years ago, the concept of remote kernel exploitation remained arcane for most people in the security industry and was believed in some circles to be practically impossible, mostly due to reliability issues. [more]
Monday, 1 October 2007, 7:05 PM CET


Beware the default password
The default password exists to allow an administrator initial access, for setup and configuration, and you are generally forced, or at least you should be, to change the password to something more complicated as the configuration advances. Unfortunately, this is not a step that everyone takes. [more]
Monday, 1 October 2007, 7:03 PM CET


Random placement of security checkpoints
To help combat the terrorism threat, officials at Los Angeles International Airport are introducing a bold new idea into their arsenal: random placement of security checkpoints. Can game theory help keep us safe? [more]
Monday, 1 October 2007, 4:00 AM CET


Coppola plea after computer theft
Film director Francis Ford Coppola has appealed for the return of his computer backup device following a robbery at his house in Argentina on Wednesday. [more]
Monday, 1 October 2007, 1:03 AM CET


Stolen laptop had Gap job applicants' data
The Gap company says a thief stole a laptop computer that contained the personal information of about 800,000 job applicants. [more]
Monday, 1 October 2007, 12:30 AM CET


Enforce data security rules
A state-owned computer stolen from a revenue agency employee on Long Island last month also contained bank account information and routing numbers for more than 1,600 Connecticut businesses. [more]
Monday, 1 October 2007, 12:21 AM CET


Morgan Stanley must pay millions for withholding e-mails
The Financial Industry Regulatory Authority this week said Morgan Stanley has to pay $12.5 million in fines to resolve charges that it mishandled e-mail. [more]
Monday, 1 October 2007, 12:09 AM CET


The new security disclosure landscape
Security disclosure has always been a contested topic, pitting “those that find the bugs” against “those that are responsible for the bugs.” [more]
Monday, 1 October 2007, 12:00 AM CET


Spotlight

The synergy of hackers and tools at the Black Hat Arsenal

Posted on 27 August 2014.  |  Tucked away from the glamour of the vendor booths and the large presentation rooms filled with rockstar sessions, was the Arsenal - a place where developers were able to present their security tools and grow their community.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Aug 29th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //