Off the Wire

Off The Wire Archive

News items for November 2007

New Zealand questions top cyber suspect
Police questioned the suspected teenage kingpin of an international cyber crime network accused of infiltrating 1.3 million computers and skimming millions of dollars from victims' bank accounts, officials said. [more]
Friday, 30 November 2007, 10:40 PM CET

Technology identifies invisible intruders on wireless LANs
Groundbreaking research undertaken by the Queensland University of Technology has led to the creation of systems that can detect invisible intruders on wireless local area networks. [more]
Friday, 30 November 2007, 4:58 PM CET

Teenager arrested over hacking ring
A New Zealand teenager was today arrested on suspicion of stealing millions of pounds from bank accounts around the world and of being the ringleader of a hacking network which infiltrated more than 1.3m computers. [more]
Friday, 30 November 2007, 4:54 PM CET

Honor among thieves?
The Mpack and IcePack exploit packages have been on sale for some time. Now, free releases of these tools are being distributed, but are these free distributions all they are supposed to be? [more]
Friday, 30 November 2007, 3:41 PM CET

WordPress security plugins
While some see potential security issues in deploying extra plugins, there are some good ones that will fuel up your blog's security. [more]
Friday, 30 November 2007, 3:40 PM CET

Flaws found in OpenSSL encryption module
The Open Source Software Institute has released a patch and a workaround for problems found in the OpenSSL library of encryption algorithms. [more]
Friday, 30 November 2007, 11:57 AM CET

Eight indictments for botnet activity
Bot Roast II: 1 million infected PCs, $20 million in losses and 8 indictments. [more]
Friday, 30 November 2007, 2:46 AM CET

How firms and fraudsters deal in data
The information lost by the HMRC could prove very valuable to fraudsters, computer security experts say. [more]
Friday, 30 November 2007, 2:43 AM CET

Hackers hijack web search results
A huge campaign to poison web searches and trick people into visiting malicious websites has been thwarted. [more]
Thursday, 29 November 2007, 5:13 PM CET

Spammers giving up? Google thinks so
Google won't disclose numbers, but the company says that spam attempts, as a percentage of e-mail that's transmitted through its Gmail system, have waned over the last year. [more]
Thursday, 29 November 2007, 10:23 AM CET

Bruce Schneier says whole disk encryption is a good idea
Computer security is hard. Software, computer and network security are all ongoing battles between attacker and defender. [more]
Thursday, 29 November 2007, 10:13 AM CET

Use PlayStation 3 to crack passwords
Using a PS3, a senior security consultant has come up with a way to drastically increase the processing capability of cracking passwords. [more]
Thursday, 29 November 2007, 10:05 AM CET

Injection of client-side attacks with Ettercap
Ettercap is a multipurpose sniffer/interceptor/logger for switched LAN, which makes injection of client-side attacks scarily easy. [more]
Thursday, 29 November 2007, 12:00 AM CET

The case for automated log management in meeting HIPAA compliance
The Health Insurance Portability Accountability Act (HIPAA), was passed in 1996 by the US Department of Health and Human Standards to ensure the privacy and security of confidential patient health information. The Act mandates that all Covered Entities must implement ‘reasonable and appropriate’ procedures for securing patient health information from security breaches, impermissible uses and/or disclosures, with severe penalties mandated to punish non-compliance. [more]
Wednesday, 28 November 2007, 11:30 PM CET

U.S. targets terrorists as online thieves run amok
Since the outbreak of a cybercrime epidemic that has cost the American economy billions of dollars, the federal government has failed to respond with enough resources, attention and determination to combat the cyberthreat, a Mercury News investigation reveals. [more]
Wednesday, 28 November 2007, 3:40 PM CET

Simplifying Apache chroot creation with mod_chroot
Creating a chroot environment for Apache requires you to first identify all the libraries and applications that are required to run the httpd processes. [more]
Wednesday, 28 November 2007, 9:48 AM CET

Preventing NAC attacks
Industry standards and trusted hardware keep out unauthorized users and equipment. [more]
Wednesday, 28 November 2007, 12:30 AM CET

No-nonsense network monitoring tools
Linux is an excellent platform for network administration. If you want to monitor your network traffic, you can find many tools -- some accessible from a Web interface, others using a graphical interface -- but nothing beats the speed of the command line. [more]
Wednesday, 28 November 2007, 12:21 AM CET

Advanced SSH configuration and tunneling
This article will show a pragmatic implementation of SSH port forwarding by demonstrating how to use configuration files and conditional statements to create permanent, yet dynamic, SSH configurations for your home, office, and any virtual machines you may have on your systems. [more]
Tuesday, 27 November 2007, 4:59 PM CET

Tips for taming SELinux
There is a lot of (mostly uninformed) buzz around SELinux (Security Enhanced Linux); it is touted as doing all kinds of wonderful things that it probably doesn't do. [more]
Tuesday, 27 November 2007, 1:44 PM CET

Privacy: erase your hard drive
You may not be aware of this, but merely erasing your data the regular way does not make it disappear for good. Some of it can still be retrieved with the use of recovery tools. This means that your personal information is not at risk only if your computer is stolen or broken into, but also if you simply sell it before getting a new one. If your hard drive was not wiped clean you've potentially given another person access to a variety of personal information. [more]
Tuesday, 27 November 2007, 1:39 PM CET

Al Gore's Web site hacked
A blog set up to promote former U.S. Vice President Al Gore's film, An Inconvenient Truth, has been hacked and is hosting links to Web sites hawking online pharmaceuticals. [more]
Tuesday, 27 November 2007, 1:28 AM CET

Pirate Bay laughs off three-pronged legal assault
The Pirate Bay faces three separate legal challenges this holiday season, though site administrators tell Ars that they're not worried by any of the pending cases. [more]
Tuesday, 27 November 2007, 12:15 AM CET

Tougher card security
Retail merchants that fail to comply with a security standard for payment cards could face thousands of dollars in fines. [more]
Monday, 26 November 2007, 2:54 PM CET

Network Access Control
This article presents the NAC architecture with the details of major components and their functionality, along with considerations in implementation in real production environments. [more]
Monday, 26 November 2007, 2:51 PM CET

Privacy: What are we telling the kids?
Five ways we're giving the next generation the wrong idea. [more]
Monday, 26 November 2007, 12:30 PM CET

Software piracy fight makes enemies
Michael Gaertner worried he could lose his company. A group called the Business Software Alliance had written him to claim that his 10-person architectural firm in Galveston, Texas, was using unlicensed software. [more]
Monday, 26 November 2007, 11:25 AM CET

New QuickTime bug opens XP, Vista to attack
Apple forgot to turn on Vista security feature, claims researcher. [more]
Monday, 26 November 2007, 4:42 AM CET

Security concerns cloud virtualisation deployments
Virtual servers are prone to the same attacks that plague physical servers, as well as to new threats that exploit weaknesses in hypervisor technology, experts warn. [more]
Monday, 26 November 2007, 4:09 AM CET

Did Microsoft's security focus help Vista?
Microsoft's emphasis on improvements to security features in Windows Vista may have undermined business adoption of the OS, as many business and enterprise customers are still holding off on upgrading to the OS nearly a year after its release to them. [more]
Monday, 26 November 2007, 3:09 AM CET

Security chief asks Saudis to monitor Internet use
Saudis should do more to help the government monitor use of the Internet to help fight Islamic militancy, intelligence chief Prince Muqrin bin Abdul-Aziz said on Saturday. [more]
Monday, 26 November 2007, 2:03 AM CET

Useful security and privacy for IM
In this talk, I will discuss "Off-the-Record Messaging" (OTR), a widely used software tool for secure and private instant messaging. [more]
Monday, 26 November 2007, 1:21 AM CET

Windows XP SP3 boasts speed boost, testers claim
Same outfit that dissed Vista SP1 say XP's 'must-have update' 10% faster than SP2. [more]
Monday, 26 November 2007, 1:00 AM CET

France unveils anti-piracy plan
French web users caught pirating movies or music could soon be thrown offline. [more]
Monday, 26 November 2007, 12:21 AM CET

MPAA university 'toolkit' raises privacy concerns
The Motion Picture of Association of America is urging some of the nation's largest universities to deploy custom software designed to pinpoint students who may be using the schools' networks to illegally download pirated movies. [more]
Friday, 23 November 2007, 7:00 PM CET

Prepare for governments to lose plenty of personal information about you
It takes a lot to produce gasps of astonishment from British politicians. [more]
Friday, 23 November 2007, 12:00 AM CET

Hundreds of databases with personal details at risk
The private details of UK individuals are on as many as 600 private and public databases, often without their knowledge, a study will reveal next month. [more]
Thursday, 22 November 2007, 7:06 PM CET

Skype encryption stumps German police
German police are unable to decipher the encryption used in the Internet telephone software Skype to monitor calls by suspected criminals and terrorists. [more]
Thursday, 22 November 2007, 7:06 PM CET

Microsoft: XP contains random number generator bug
Microsoft admits recently discovered Windows 2000 flaw exists in XP too. [more]
Thursday, 22 November 2007, 6:22 PM CET

Security plugins for Movable Type
Movable Type is a popular weblog publishing system that supports a variety of plugins. This article lists some very useful security-oriented plugins that can enhance your blogging experience. [more]
Thursday, 22 November 2007, 6:15 PM CET

fwknop Windows UI
Sean Greven, a contributor to the fwknop project, has developed a UI for generating fwknop Single Packet Authorization messages from Windows systems without the need for the regular fwknop client to be installed. [more]
Thursday, 22 November 2007, 5:16 PM CET

Cisco hacking suspect convicted in Sweden
A Swedish teenager who is suspected of hacking into the computer network of Cisco Systems Inc. in the U.S. was convicted Monday of intruding on the networks of three Swedish universities. [more]
Thursday, 22 November 2007, 12:39 PM CET

Online security: many passwords and many risks
Mail theft and dumpster-diving are still the tools of choice for identity thieves, but cybercrime is a growing problem, and poorly protected passwords are a key vulnerability. [more]
Thursday, 22 November 2007, 9:38 AM CET

State's hunger for personal data raises security fears
There are increasing fears that Britain could suffer a repeat of the HM Revenue & Customs data loss as the scale and breadth of personal information held by government bodies continues to grow inexorably. [more]
Thursday, 22 November 2007, 9:33 AM CET

Cyberbullying suicide stokes the Internet fury machine
Sarah Wells makes an unlikely cyber-vigilante. [more]
Thursday, 22 November 2007, 12:03 AM CET

CRSF vs. AT&T: your world delivered - to someone else
The internet was not designed with security in mind. As a result, it is not only possible, but trivial to perform a specific type of attack against almost any online user — an attack that can result in a lost of a user/pass, an infected system, or a stolen identity. [more]
Wednesday, 21 November 2007, 7:30 PM CET

Safeguard your organization with proper password management
Access control is one way to ensure security in your organization. An intruder can break into your network by compromising accounts with weak passwords. If the compromised account turns out to be a privileged account, or if the intruder escalates privileges, then you may face significant damage to your IT systems. [more]
Wednesday, 21 November 2007, 7:09 PM CET

Master iptables with GUI firewall builders
I believe that any network or system administrator who wishes to maintain an iptables firewall should learn iptables well, and be able to easily whip up a basic firewall from scratch. [more]
Wednesday, 21 November 2007, 4:35 PM CET

Battle of the SSH protocols: SSHv1 v SSHv2
Telnet has been eclipsed by two feature-laden Secure Shell protocols. But which one is best? [more]
Wednesday, 21 November 2007, 4:29 PM CET

Germany to bug terrorists' computers
Germany is hiring software specialists to design "white-hat" viruses that could infiltrate terrorists' computers and help police detect upcoming attacks, an Interior Ministry spokeswoman in Berlin confirmed Saturday. [more]
Wednesday, 21 November 2007, 4:29 PM CET

Are your servers vulnerable to DNS attacks?
DNS servers are an oft-neglected but essential part of infrastructure. [more]
Wednesday, 21 November 2007, 4:27 PM CET

PGP creator defends Hushmail
Phil Zimmermann, the coder who created the Pretty Good Privacy (PGP) email encryption scheme in 1991, defended encrypted online webmail company Hushmail's turning over of the unscrambled emails to the government. [more]
Tuesday, 20 November 2007, 2:15 PM CET

Mac security freeware
In a series of articles on Mac security freeware I will be covering a number of newly released security tools for Mac OS X. This time I am taking a look at two confidential data storage utilities - Pastor 1.7.5 and Pocket Cache 1.3.0. [more]
Tuesday, 20 November 2007, 1:21 PM CET

The future of Internet immune systems
Our network defenses are automated, instantaneous, and sweeping. But our fallback and oversight systems are slow, understaffed, and unresponsive. [more]
Tuesday, 20 November 2007, 7:09 AM CET

Duplicates, duplicates, and duplicate rates
Following Larry Suto’s analysis of NTOSpider, IBM’s AppScan, and HP’s WebInspect, where he compared code coverage to links crawled and vulnerabilities found, some questioned the accuracy of his results. [more]
Tuesday, 20 November 2007, 6:45 AM CET

Thumb twiddling Mozilla promises fix for privacy-biting bug
Mozilla's head of security has promised a patch for a dangerous vulnerability that's been lurking in the popular Firefox browser for more than eight months. [more]
Tuesday, 20 November 2007, 5:15 AM CET

Trojan horse spreads quickly through Microsoft's IM
A new Trojan horse that started to spread early Sunday via Microsoft Corp.'s instant messaging client has already infected about 11,000 PCs, a security company said today. [more]
Tuesday, 20 November 2007, 3:15 AM CET

DNS users put higher premium on security
Use of Windows DNS Server is falling off dramatically as more users are concerned about the security implications in using the technology. [more]
Tuesday, 20 November 2007, 12:03 AM CET

A multi layered approach to prevent data leakage
Databases hold much of the most sensitive and valuable data – information about customers, transactions, financial performance numbers and human resource data to give a few examples. Despite this, databases remain one of the least protected areas in the enterprise. While perimeter and network security measures create a barrier against some type of attacks, there are attack patterns that take advantage of database-specific vulnerabilities. [more]
Monday, 19 November 2007, 8:30 PM CET

Be your own personal privacy czar
Like most journalists I know I'm very sloppy about keeping my online communications secure. [more]
Monday, 19 November 2007, 3:20 PM CET

Lose an unencrypted laptop and 'face criminal action'
Britain's data protection commissioner finally calls for some teeth. [more]
Monday, 19 November 2007, 3:19 PM CET

University computer security breach
Some IPFW students are at risk for identity theft tonight, after a computer security incident. [more]
Monday, 19 November 2007, 10:52 AM CET

Honeybees inspire efficient servers
Researchers at the Georgia Institute of Technology have developed a honeybee dance-inspired communications system, which they claim helps Internet servers work more efficiently. [more]
Monday, 19 November 2007, 10:49 AM CET

Disaster recovery is a disaster
Disaster recovery simply doesn’t work. [more]
Monday, 19 November 2007, 10:47 AM CET

Japan passes measure to fingerprint foreigners
Japan's cabinet has given final approval to a plan to fingerprint and photograph all adult foreigners entering the country, six years after the country dropped a similar requirement because of privacy concerns. [more]
Monday, 19 November 2007, 10:38 AM CET

One tiny math mistake and the terrorists win?
Two days ago we learned from security expert Bruce Schneier that the government – specifically, the terrorist-fighting National Safety Administration – may have left itself a secret back door in an officially sanctioned cryptographic random-number generator that would allow the good guys to easily decipher encrypted messages sent between bad guys. [more]
Monday, 19 November 2007, 10:38 AM CET

Hands-on with Windows Vista Service Pack 1
Microsoft's first service pack for Windows Vista focuses on stability and security. [more]
Monday, 19 November 2007, 12:45 AM CET

Single Packet Authorization with fwknop
Single Packet Authorization (SPA) using "fwknop" is probably one of the coolest recent innovations in server and network access control technology. [more]
Monday, 19 November 2007, 12:03 AM CET

IT security: time to hand out nightsticks?
IT security experts work tirelessly to secure computing assets from attacks. Most of the experts you speak to will tell you tales of the politics, budget issues and vendor software problems they've run into. [more]
Friday, 16 November 2007, 9:29 AM CET

Police swoop on 'hacker of the year'
The Swedish hacker who perpetrated the so-called hack of the year has been arrested in a dramatic raid on his apartment, during which he was taken in for questioning and several of his computers confiscated. [more]
Thursday, 15 November 2007, 8:04 PM CET

With Web 2.0, a new breed of malware evolves
Web 2.0 technologies may be laying the groundwork for a new generation of hacker tools, a noted security researcher said Wednesday. [more]
Thursday, 15 November 2007, 9:53 AM CET

Hunt for Russia's web criminals
The Russian Business Network - which some blame for 60% of all internet crime - appears to have gone to ground. But, asks Peter Warren, has it really disappeared? [more]
Thursday, 15 November 2007, 9:52 AM CET

Did NSA put a secret backdoor in new encryption standard?
Random numbers are critical for cryptography: for encryption keys, random authentication challenges, initialization vectors, nonces, key-agreement schemes, generating prime numbers and so on. [more]
Thursday, 15 November 2007, 9:51 AM CET

'Virtual theft' leads to arrest
A Dutch teenager has been arrested for allegedly stealing virtual furniture from "rooms" in Habbo Hotel, a 3D social networking website. [more]
Wednesday, 14 November 2007, 7:17 PM CET

Searching for a cure to web malware
Search engines have increasingly become a gateway for exposing businesses to security risks, such as Trojans, spyware, and keyloggers. Unsuspecting web users can be exposed to such malware from a wide range of web sites—including legitimate sites that have been compromised to unwittingly host malware. This malware can easily install itself on the corporate network and severely disrupt business operations. [more]
Tuesday, 13 November 2007, 11:39 PM CET

Multiple Snort_inline processes with Vuurmuur
One of the cool things of the Snort_inline project is the support for NFQUEUE. [more]
Tuesday, 13 November 2007, 10:59 AM CET

Russian hacker gang vanishes again, day after moving to China
The shadowy hacker and malware hosting network that only recently fled Russia to set up operations in China has now pulled the plug there and vanished yet again, researchers said late Friday. [more]
Tuesday, 13 November 2007, 10:56 AM CET

Turning your iPod touch into a handheld hacking device
This is a brief guide for all iPhone and iPod touch hackers looking to turn your device into a truly portable and powerful hacking tool. [more]
Tuesday, 13 November 2007, 10:56 AM CET

Windows is the wrong system for the security-unconscious
While Microsoft alone cannot be responsible for ensuring people understand computers and the Internet, Apple and the various GNU/Linux distributions take radically different approaches to the problem. [more]
Tuesday, 13 November 2007, 12:03 AM CET

PolicyKit: looser limitations, tighter security for Linux applications
We’re used to think of system-enforced access policies as crude and coarse-grained, such as the setuid permission bit that lets a user execute a program as the file’s owner. [more]
Monday, 12 November 2007, 5:24 PM CET

Interview with Michael Rash, security architect and author of "Linux Firewalls"
Michael Rash is a frequent contributor to open source projects and the creator of psad, fwknop, and fwsnort. Rash is an expert on firewalls, intrusion detection systems, passive OS fingerprinting, and the Snort rules language. [more]
Monday, 12 November 2007, 5:23 PM CET

Internet shoppers 'in the dark'
Many consumers do not understand their rights or the potential risks when buying goods online, according to the Trading Standards Institute. [more]
Monday, 12 November 2007, 4:29 PM CET

How to lock up laptop security
Even before her state of California put a stake in the ground regarding public disclosure of data breaches, Christy Quinlan could see the wisdom in encrypting client data on mobile devices. [more]
Monday, 12 November 2007, 3:50 PM CET

The hack of the year
A Swedish hacker tells how he infiltrated a global communications network used by scores of embassies over the world, using tools freely available on the internet. [more]
Monday, 12 November 2007, 3:46 PM CET

Cyberwar: myth or reality?
The biggest problems in discussing cyberwar are the definitions. [more]
Monday, 12 November 2007, 3:44 PM CET

Hacker, FBI informant, identity thief led many lives
At 35, Max Ray Butler has led three lives. [more]
Monday, 12 November 2007, 11:10 AM CET

Online information security first person shooter (FPS) game
Is it against the company policy to play games while sitting in your comfortable cubicle? What if the game is computer security related? Symantec marketing team delivered a great way of getting some new leads and potential clients. They created an online FPS where you play a hero that roams around with his Goggles and an anti-infection gun. [more]
Friday, 9 November 2007, 8:34 PM CET

17 charged in massive ID theft bust
The operators of a New York business have been charged with running a massive identity-theft and money-laundering operation that raked in more than $35 million over a four-year period. [more]
Friday, 9 November 2007, 2:31 PM CET

How online crooks are costing us billions of dollars
Somewhere in St. Petersburg, Russia's second city, a tiny start-up has struck Internet gold. [more]
Friday, 9 November 2007, 12:42 PM CET

Encrypted e-mail company Hushmail spills to feds
Hushmail, a longtime provider of encrypted web-based email, markets itself by saying that "not even a Hushmail employee with access to our servers can read your encrypted e-mail, since each message is uniquely encoded before it leaves your computer." [more]
Thursday, 8 November 2007, 8:59 AM CET

Remote control Leopard with TightVNC
With VNC built right into Leopard, you can remote control your Mac from any other Mac via iChat or the Screen Sharing client—OR any PC using the right VNC client. Apple doesn't advertise this, but since Screen Sharing is just regular old VNC, our favorite Windows VNC client, TightVNC, works with it just dandy—with one small catch. [more]
Thursday, 8 November 2007, 1:27 AM CET

EU could collect air passenger data
Part of a new anti-terrorism campaign, a commission proposal would allow member states to collect personal information and keep it for 13 years. [more]
Thursday, 8 November 2007, 12:06 AM CET

How hackers work
Thanks to the media, the word "hacker" has gotten a bad reputation. [more]
Wednesday, 7 November 2007, 7:06 PM CET

Behind the scenes of malicious web servers
This paper provides a brief functional overview of several web exploitation kits, then dwells into answering a series of questions through analysis of these kits and malicious web servers that use it. The web exploitation kits that we will examine are Webattacker, MPack and Icepack. It concludes with implications of the discoveries on client honeypot technology and future studies on malicious web servers. [more]
Wednesday, 7 November 2007, 7:04 PM CET

Installing ModSecurity 2.x in openSUSE 10.x
This article describes the process to install modsecurity on openSUSE 10.x. [more]
Wednesday, 7 November 2007, 6:45 PM CET

The Pirate Bay attempts new software standard
The Pirate Bay is developing a new software standard for Internet downloads in a move that could make it easier to swap media files, which is illegal in many countries. [more]
Wednesday, 7 November 2007, 10:14 AM CET

SSH port forwarding
SSH is well known to Linux administrators as the de facto method for connecting to other systems. [more]
Wednesday, 7 November 2007, 1:10 AM CET

WabiSabiLabi co-founder arrested
WabiSabiLabi, formerly most famous for bringing to market the first public vulnerability market, has once again made the headlines. [more]
Wednesday, 7 November 2007, 1:10 AM CET

Ideal log management tool?
Let’s imagine the idea log management application. [more]
Wednesday, 7 November 2007, 12:00 AM CET

Book review: Security Data Visualization
The visualization of security data is useful to the modern security analyst, and it will certainly become essential in certain environments very soon. Never has there been more traffic, more threats and a variety of other reasons to learn more about it. Read on to see how this book can help you. [more]
Tuesday, 6 November 2007, 10:57 PM CET

The spy in your server room
How many times have you passed an unknown person in the hallway at work, held open a keycard-protected door for a stranger or let an office guest wander unaccompanied to the rest room? [more]
Tuesday, 6 November 2007, 12:03 AM CET

Synthetic-identity fraud
In May 2002, Las Vegas resident Adam Gregory went on a business trip to Phoenix. He stayed at the Ritz-Carlton and charged the $1,082 bill to his American Express card - or so financial records show. [more]
Monday, 5 November 2007, 3:18 PM CET

PCI DSS compliance: a difficult but necessary journey
The need to comply with the Payment Card Industry Data Security Standard (PCI DSS) has been a rude wake up call for thousands of companies who believed their networks are secure and safe from security breaches. [more]
Monday, 5 November 2007, 3:06 PM CET

Yet another way to evade NIDS (and spread malware)
Although online privacy is something we always need to take care of, the use of anonymous proxy services could lead to trouble as well. [more]
Monday, 5 November 2007, 3:03 PM CET

Langevin to study cyber threats
As he wraps up a year as rookie chairman of a little known House subcommittee, Rep. James R. Langevin is about to take the gavel in a new arena that could attract some attention in the year to come. [more]
Monday, 5 November 2007, 1:25 PM CET

First OpenSocial application hacked within 45 minutes
It didn’t take long for someone to hack the first OpenSocial application. In fact, it took just 45 minutes. [more]
Monday, 5 November 2007, 12:00 AM CET

Book review: LAN Switch Security
The majority of security books reviewed on Help Net Security are focused on specific technologies, software platforms and hot security issues everyone is talking about. Cisco Press has a rather extensive line of books discussing their networking and security products and their publications often provide information on some lower level security issues. "LAN Switch Security" is a perfect sample of this kind of publications - authors Vyncke and Paggen are here to tell you why Ethernet switches are not inherently secure. [more]
Friday, 2 November 2007, 10:31 AM CET

Check your OS X Keychain
If you, like me, have essentially kept a single keychain from the dawn of time, there’s a feature in the Keychain Access application you need to know about: “Keychain First Aid.” [more]
Friday, 2 November 2007, 12:30 AM CET

Examining the CIA of data-centric security
CIA - Confidentiality, Integrity and Availability are the 3 tenets of security which every professional knows. [more]
Friday, 2 November 2007, 12:00 AM CET

Simplify backups with Synbak
Making periodic backups is a common task. Synbak can help to simplify it. [more]
Thursday, 1 November 2007, 7:31 PM CET

FTC pleads for more antispyware authority
The FTC has a problem. As the federal agency with the most responsibility for combating spyware, FTC Commissioners would love the power to slap down spyware vendors with massive fines or perhaps even toss them in jail for a while (where they would be shown a computer screen covered with pop-up ads, one hopes). [more]
Thursday, 1 November 2007, 4:32 PM CET

Privacy groups seek 'Do Not Track List'
A number of privacy groups Wednesday called for creation of a "Do Not Track List" that would prohibit advertisers from tracking consumers' online activities. [more]
Thursday, 1 November 2007, 1:27 AM CET

Germany seeks expansion of computer spying
A proposal to secretly scan suspects' hard drives causes unease in a nation with a history of official surveillance. [more]
Thursday, 1 November 2007, 12:45 AM CET


The synergy of hackers and tools at the Black Hat Arsenal

Posted on 27 August 2014.  |  Tucked away from the glamour of the vendor booths and the large presentation rooms filled with rockstar sessions, was the Arsenal - a place where developers were able to present their security tools and grow their community.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.


Fri, Aug 29th