Off the Wire

Off The Wire Archive

News items for December 2003

Security predictions for 2004
While attending the RSA Conference 2003 in Amsterdam, we met up with some key people in the security industry and asked them to share their thoughts on the future of computer security. In this video you can see what experts believe we're facing in 2004 as they discuss online security, wireless security, SSL VPNs, and other information security topics. [more]
Wednesday, 31 December 2003, 1:50 PM CET

Companies to spend little on security and governance
When it comes to tackling security, governance and compliance in 2004, Australian organizations are likely to take the same approach they have taken for the last few years, that is, continuing to "spend as little as they can get away with." [more]
Tuesday, 30 December 2003, 4:53 PM CET

Cyber blackmail targets office workers
Cyber blackmail artists are shaking down office workers, threatening to delete computer files or install pornographic images on their work PCs unless they pay a ransom, police and security experts said. [more]
Tuesday, 30 December 2003, 4:50 PM CET

Electronic voting firm has site hacked
A company developing security technology for electronic voting suffered an embarrassing hacker break-in that executives think was tied to the rancorous debate over the safety of casting ballots online. [more]
Tuesday, 30 December 2003, 2:08 PM CET

Malaysian e-mail virus exploits terrorism fears
A virus hidden in an e-mail purporting to warn of planned terrorist attacks is spreading in Malaysia, according to published reports. [more]
Tuesday, 30 December 2003, 2:07 PM CET

Increase security, banks urged
Banks should shift from password-based authentication to digital certificates and digital signatures to help prevent financial fraud, said Badrul Hisham Mahari, chief executive officer of MSC [more]
Monday, 29 December 2003, 11:15 AM CET

Looking back at wireless security in 2003
This article covers some of the most interesting wireless security topics and events in 2003. Find out about wireless security happenings, software tools, interesting books, a brief positive rant on corporate security world and a Q&A with three wireless security experts working at Funk Software, AirScanner Corporation and IBM. [more]
Friday, 26 December 2003, 5:01 PM CET

Proliferation of wireless data forms new security market
Wireless carriers are expanding their data services, and more consumer and business devices are supporting wireless connectivity. There are a number of security risks associated with wireless data, which has driven the creation of a new wireless security market. [more]
Friday, 26 December 2003, 3:19 PM CET

Jail threat might tighten cybersecurity
Perhaps producers of substandard software should face jail, now that corrupt accounting carries a heavy penalty. [more]
Friday, 26 December 2003, 10:21 AM CET

IT enthusiasts taking up 'self-defence' hacking courses
More IT professionals and enthusiasts are learning how to hack into computer systems in order to protect their own. [more]
Friday, 26 December 2003, 10:11 AM CET

Online crime up in 2003
It seems 2003 was a productive year for phishers, online auction scammers and Nigerians professing a deep sense of purpose and utmost sincerity, judging from the latest stats from the Internet Fraud Complaint Center. [more]
Friday, 26 December 2003, 10:05 AM CET

Reflecting on Linux security in 2003
Here's a look at some interesting happenings with Linux security in 2003 with comments by Bob Toxen (one of the 162 recognized developers of Berkeley UNIX and author of "Real World Linux Security") and Marcel Gagne (President of Salmar Consulting, Inc. and author of "Linux System Administration - A User's Guide" and "Moving to Linux"). [more]
Wednesday, 24 December 2003, 1:41 PM CET

Network monitoring with Ethereal
We all hope that our networks just do what they are supposed to but that often is not the case. Two systems that should talk to each other, don't; a network becomes saturated with traffic for no apparent reason; you need to know what some non-Linux device is doing. Ethereal may be the tool that saves the day. [more]
Wednesday, 24 December 2003, 10:06 AM CET

Xmas issue of the "The Hitchhiker's World" e-zine is here
The e-zine features mainly open source/coding and various projects relevant to security technology, though as well a forum for personal expression. [more]
Wednesday, 24 December 2003, 12:38 AM CET

Sober worm threatens holiday
Antivirus vendors post fixes for family of Sober viruses. [more]
Wednesday, 24 December 2003, 12:33 AM CET

Computer sleuths ply Internet
A 13-year-old girl sat at a computer in Orangeburg, making arrangements to have sex with an older man from Charleston. At least that's what the man thought. [more]
Wednesday, 24 December 2003, 12:32 AM CET

Net map services spark stalking fears
Type a phone number into Google or other sites for a map with door-to-door directions. Now those resources are provoking a backlash. Spooked people worried about stalkers are striking their particulars from Internet listings. [more]
Wednesday, 24 December 2003, 12:31 AM CET

2003 'worst year ever' for viruses
In no other year have computer viruses and worms wreaked so much havoc and caused so much damage as in this past year, according to security analysts. [more]
Wednesday, 24 December 2003, 12:29 AM CET

A look into the viruses that caused havoc in 2003
Discover the malicious code that infected millions machines worldwide with insightful comments from people such as Mikko H. Hypponen (Director of Anti-Virus Research, F-Secure Corporation) and Graham Cluley (Senior Technology Consultant, Sophos). [more]
Tuesday, 23 December 2003, 4:59 PM CET

Oh Dan Geer, where art thou?
Remember Dan Geer-Dr. Dan Geer to you-who was fired from security firm @stake in late September for sounding off against Microsoft. [more]
Tuesday, 23 December 2003, 2:34 PM CET

DDoS: in depth
Distributed Denial of Service Attacks have recently emerged as one of the most newsworthy, if not the greatest, weaknesses of the Internet. [more]
Tuesday, 23 December 2003, 2:27 PM CET

Security fears over spyware
Consumers are under threat from a devious form of software that could become as rampant as spam. Mike Barton reports. [more]
Tuesday, 23 December 2003, 9:54 AM CET

How do you stop the threat from within?
The biggest threat to security is not from outside, it is from the company employee. Julie Jervis from SC Magazine asked security experts throughout the U.S. how they are educating these end-users. [more]
Tuesday, 23 December 2003, 5:15 AM CET

Terminating a systems administrator
When it's time for an employee to go, eliminate all the ways that person can access your network. [more]
Tuesday, 23 December 2003, 5:07 AM CET

Merging managed security
Verisign Inc.'s acquisition of Guardent Inc. last week not only brought together the two strongest managed security services providers, but it may also spark a new wave of consolidation and innovation in the MSSP sector as the remaining players scramble to hold customers. [more]
Tuesday, 23 December 2003, 5:04 AM CET

Secure wireless makes sense
Problems encountered by wireless more a training than a technology issue. [more]
Tuesday, 23 December 2003, 4:54 AM CET

A very small step for music-kind
The District of Columbia Court of Appeals' decision in the Verizon v. RIAA case will likely be a small and pyrrhic victory for downloaders. [more]
Tuesday, 23 December 2003, 4:53 AM CET

EU travel privacy battle heats up
Some European leaders, concerned about inadequate privacy protections, are mounting an effort to stop EU governments from sharing travelers' personal information with the United States. [more]
Tuesday, 23 December 2003, 4:52 AM CET

Legal victory for 'DVD hacker'
An appeals court has cleared a Norwegian man of DVD piracy charges. [more]
Monday, 22 December 2003, 5:49 PM CET

An in-depth look into Windows security in 2003
Find out what were the hottest topics related to Windows security in 2003. The experts that voice their opinion for this article are Russ Cooper (Surgeon General of TruSecure Corporation/NTBugtraq Editor), Ed Skoudis (a security geek who is focused on computer attacks and defenses, author of "Counter Hack" and "Malware: Fighting Malicious Code") and Arne Vidstrom (a security researcher and author of many security tools for Windows). [more]
Monday, 22 December 2003, 5:21 PM CET

Top five technologies to fight spam in 2004
In 2004, the threat of spam will continue to grow, with some industry experts estimating that spam will comprise as much as 70 per cent of business email. Secure content providers Nemx, provide their point of view on spam fighting. [more]
Monday, 22 December 2003, 4:06 PM CET

Build a grid app with Python, Part 3: Security
This tutorial, the third part in our Python grid series, focuses on the issues surrounding the security within your grid when developing a grid solution with Python. [more]
Monday, 22 December 2003, 3:28 PM CET

German embassies connected by secure network
By connecting the German embassies in Hanoi, Libreville, Nairobi, Taipei and Tirana, Secunet has successfully completed a global Gigabit Ethernet network of the German Federal Foreign Office. [more]
Monday, 22 December 2003, 3:22 PM CET

HNS Newsletter issue 193 has been released
You can read the Newsletter in TXT or PDF format. If you haven't done it yet, consider subscribing. [more]
Monday, 22 December 2003, 3:13 PM CET

Can spam? Or new can of worms?
On New Year's Day, Americans will wake up to more than a crushing hangover; they will have a new federal antispam law and, according to one commercial group, a new definition of spam. [more]
Monday, 22 December 2003, 2:27 PM CET

Is wireless security a lost cause?
"WPA is better than WEP, but we still have a way to go before true wireless network security," Robert Moskowitz, senior technical director of ICSA Labs at TruSecure, told the E-Commerce Times. "A lot of cryptologists don't like WPA because it's based on older ciphers." [more]
Monday, 22 December 2003, 11:54 AM CET

Has security come to this?
There are many costs associated with security, or the lack of it. Sometimes that cost is to the spirit. [more]
Monday, 22 December 2003, 11:53 AM CET

An unencrypted look at FileVault
When Apple introduced Panther and its 150 new features, who would have thought that FileVault, an extra-strength security technology, would raise so many questions and lead to so many debates? [more]
Monday, 22 December 2003, 11:53 AM CET

Virus attacks increase in severity
While the number of virus attacks decreased in the last year, the scale and the impact they have had on the Internet have increased significantly, says security software developer, Kaspersky Labs. [more]
Monday, 22 December 2003, 11:50 AM CET

The most destructive viruses of all time
With the SQL Slammer virus, more than 500,000 servers worldwide were infected, there was a general slowdown all over the Internet, and many corporations took their systems offline altogether. [more]
Friday, 19 December 2003, 4:33 PM CET

Apple issues Panther update; security fixes to follow
Apple Computer issued an update late Wednesday night for its Mac OS X, also known as Panther, and will come out with a security update for the operating system on Friday. [more]
Friday, 19 December 2003, 4:32 PM CET

Teen hacker billed for £21,000 damage
All because he wanted to download his tunes faster, the scamp... [more]
Friday, 19 December 2003, 4:31 PM CET

Linux 2.6.0 kernel released
Version 2.6.0 of the Linux kernel is ready for business. Readers of the linux-kernel mailing list learned that testing of the open-source operating system's new core ended late Wednesday, when Linus Torvalds sent an e-mail beginning with the cryptic phrase "The beaver is out of detox." [more]
Friday, 19 December 2003, 2:33 PM CET

Mitnick calls for hackers' war stories
Kevin Mitnick is collating tales of hackers' 'art' into a book. [more]
Friday, 19 December 2003, 2:31 PM CET

Secret Service airbrushes aerial photos
The White House and other government buildings get the Photoshop treatment when the agency tinkers with publicly-funded overhead images of Washington D.C. [more]
Friday, 19 December 2003, 2:25 PM CET

Interview with Jon Edney, author of "Real 802.11 Security"
Jon Edney specializes in wireless networking and is a key contributor to the development of IEEE 802.11 systems. In this interview he discusses various wireless security topics as well as his book. [more]
Thursday, 18 December 2003, 3:02 PM CET

Microsoft gets Windows XP update ready
Microsoft is set to release a test version of the next update to Windows XP, which adds security features as well as improved support for Bluetooth and Wi-Fi networks. [more]
Thursday, 18 December 2003, 2:34 PM CET

Microsoft unleashes legal attack dogs on spammers
Microsoft is to hold a press conference today in New York with Eliot Spitzer, the city's attorney general, to promote a joint crackdown against spam. [more]
Thursday, 18 December 2003, 2:27 PM CET

New Mobile Encrypter arrives and Mobile Sniffer is discontinued
The Airscanner Mobile Encrypter is an application that secures the user's data residing on the personal data assistant and provides the facility to lock the device in order to disallow its use by other users. [more]
Thursday, 18 December 2003, 2:25 PM CET

VeriSign acquires security service provider
VeriSign is buying managed security service provider Guardent. [more]
Thursday, 18 December 2003, 1:33 PM CET

Two more scam victims tell their tales
At least two Australians have fallen foul of a money-for-nothing scam which offers victims 10 per cent of funds transferred into their bank account. [more]
Thursday, 18 December 2003, 12:53 PM CET

Trustworthy open-source computing
Open-source software relies on the confidence we have that project leaders can detect and respond to security compromises. Here's why that needs to change. [more]
Thursday, 18 December 2003, 12:46 PM CET

Feds unite on security benchmarks
A group of high-level IT officials in the federal government has begun collaborating on configuration benchmarks that government agencies could be required to use in future purchases of hardware and software. [more]
Thursday, 18 December 2003, 12:45 PM CET

Microsoft warns: your new PC is already out of date
Microsoft has warned consumers that the first thing they need to do when they open their new computers this Christmas is to protect and update them. [more]
Thursday, 18 December 2003, 12:44 PM CET

NASA sites hit by anti-war hackers
NASA's Web sites have been attacked by anti-war hackers, says an online defacement archive. [more]
Thursday, 18 December 2003, 12:43 PM CET

The virus that came from outer space
An American website has published a warning of the possible appearance of a virus from outer space. Who, why, how? Read on... [more]
Wednesday, 17 December 2003, 5:17 PM CET

A quick guide to Linux backup and recovery
IBM e-business architect Chris Walden is your guide through a nine-part developerWorks series on moving your operational skills from a Windows to a Linux environment. In this part, we take stock of what is on the system, and plan and implement regular backups with an eye to recovery as well as security. [more]
Wednesday, 17 December 2003, 3:44 PM CET

PivX denies Microsoft involved in removal of IE vulns page
Security solutions provider PivX Solutions has denied that Microsoft in any way influenced a decision to remove from its website a page which listed a fair number of unpatched vulnerabilities in Internet Explorer. [more]
Wednesday, 17 December 2003, 3:43 PM CET

Windows 98's demise leaves questions on security
Microsoft's plan to stop issuing security patches for the Windows 98 next month could pose significant security challenges for organisations still running the operating system, experts have warned. [more]
Wednesday, 17 December 2003, 2:27 PM CET

Turn your antivirus strategy inside out
Computer viruses, worms, and hacker Trojan Horses are arriving with more frequency and with ever greater destructive power. Current systems are doing little to stem the tide. Something has to change, and the answer may lie in "fencing in." [more]
Wednesday, 17 December 2003, 2:25 PM CET

Nessus, part 2: scanning
This article, the second in the series, provides direction through the scanning process with Nessus, a powerful open source vulnerability scanner. [more]
Wednesday, 17 December 2003, 12:10 PM CET

Apache and SSL
When you want to transmit information through an untrusted channel (i.e. internet) and want to keep that information private, guarantee it's integrity and keep the authenticity then you need something like SSL. [more]
Wednesday, 17 December 2003, 12:06 PM CET

Cyber threats risk net's future
The hunger in poor nations for going online is not without danger. With improved access, comes the threat of ever more internet security violations. [more]
Wednesday, 17 December 2003, 12:04 PM CET

Windows-style security hell stalks Mac OS X? Yeah, you wish...
Since Apple released Mac OS X, even the PC industry trade publications have raved about its quality, design, and features. [more]
Wednesday, 17 December 2003, 12:03 PM CET

Ukrainian hacker to be extradited
A Thai court Tuesday approved the extradition of a Ukrainian man to the United States for alleged computer crimes, including the sale of counterfeit software that deprived American companies of millions of dollars. [more]
Wednesday, 17 December 2003, 11:58 AM CET

Mainframe security: good enough for the 21st century?
The mainframe is the hub of a network of connected devices, making it ever more vulnerable to attacks. [more]
Wednesday, 17 December 2003, 11:57 AM CET

Sales leap for corporate security appliances
Sales of high-end security appliances have surged in the third quarter of 2003, as enterprises install them in their main networks, having seen lower-end devices prove themselves in branch offices, according to the latest figures from analyst firm IDC. [more]
Wednesday, 17 December 2003, 11:57 AM CET

Faster, more secure WiFi
But 802.11g does beat 802.11b in terms of security. The older WiFi used a scheme called WEP to defy eavesdropping attempts - but in practice, even semi-skilled hackers can defeat it. [more]
Tuesday, 16 December 2003, 7:14 PM CET

"Sombria:" a witness to potential cyber crimes
The second report of Sombria provides a more succinct and focused overview of the main events "witnessed" by the honeypot system during the months of August, September and October 2003. [more]
Tuesday, 16 December 2003, 4:51 PM CET

Xmas virus on the cards
Users warned to beware emails bearing .gifs. [more]
Tuesday, 16 December 2003, 4:01 PM CET

SCO attacks keep coming back
More Internet attacks cut off access to the SCO Group's servers this past weekend and again on Monday, as the Unix software company struggled to stop the hackers. [more]
Tuesday, 16 December 2003, 3:57 PM CET

Stop! ID thief!
Identity theft is common—but keeping a watchful eye on your credit card accounts is now easy. [more]
Tuesday, 16 December 2003, 3:51 PM CET

Don't leave holes in your patching policies
With network device vulnerabilities being discovered all the time, should you be monitoring patch management yourself, or is outsourcing the best option? [more]
Tuesday, 16 December 2003, 3:50 PM CET

Bush set to OK spam bill - but critics not convinced
President Bush is expected to sign the "CAN-SPAM" bill Tuesday, creating the first federal law regulating spam, a move backers say would be a major step in the war against e-mail solicitations for pornography, Viagra, diet pills, get-rich-quick schemes and the like. [more]
Tuesday, 16 December 2003, 3:46 PM CET

Cisco releases security patch for Aironet
Aironet wireless access point users faced a rushed upgrade following a Cisco security alert two weeks ago. [more]
Tuesday, 16 December 2003, 3:44 PM CET

The year of the worm
The year 2003 has clearly been the worst in virus history. At the same time, the entire computer virus phenomenon saw its 20th birthday this year. [more]
Monday, 15 December 2003, 3:53 PM CET

SCO: 'We have proof DOS attack was real'
The editors of received an email from the SCO Group's public relations agency, with the subject "DDOS ATTACK ON SCO WAS REAL." Read more to see what was inside. [more]
Monday, 15 December 2003, 1:37 PM CET

Spam wars play out across Internet
Rules are simple: One side floods the market, other side hits delete. [more]
Monday, 15 December 2003, 1:34 PM CET

Migrating to Astaro Security Linux
Fed up with expensive, complicated firewalls, e-gaming company opts for open-source security solution. [more]
Monday, 15 December 2003, 1:29 PM CET

Hacking for dollars
The lone computer geek—a bit rebellious, but with a heart of gold—is being eclipsed by the hardened professional criminal, who uses the Internet for spying, stealing and extortion. [more]
Monday, 15 December 2003, 1:27 PM CET

E-crime guidelines good for security sales
NHTCU framework could drive sales of security products and services to SMEs. [more]
Monday, 15 December 2003, 1:26 PM CET

E-shot in the terrorist’s arm
The potential growth areas of cyber crime include virus-writing, hacking and auction fraud. According to an expert on Net security, fraudsters can easily reprint credit cards using the numbers pillaged during manual swipes and use it for transactions that appear quite legitimate on the face of it. [more]
Monday, 15 December 2003, 1:20 PM CET

Will VoIP be wiretap-ready?
Widespread consumer Internet telephony could come with an easy-to-use government surveillance capability. [more]
Monday, 15 December 2003, 1:19 PM CET

Linux in the security crosshairs
Compared to Windows, Linux has enjoyed a reputation as a stable and secure operating systems, thanks in large part to an enthusiastic open source community that plugs holes before they create problems. [more]
Monday, 15 December 2003, 1:18 PM CET

Packet sniffing on layer 2 switched local area networks
This paper discusses several methods that result in packet sniffing on Layer 2 switched networks. Each of the sniffing methods will be explained in detail. The purpose of the paper is to show how sniffing can be accomplished on switched networks, and to understand how it can be prevented. [more]
Monday, 15 December 2003, 1:08 PM CET

HNS Newsletter issue 192 has been released
You can read the Newsletter in TXT or PDF format. If you haven't done it yet, consider subscribing. [more]
Monday, 15 December 2003, 1:06 PM CET

Commentary: DOS attack--paying for others' problems
It's hard to feel sympathy for the SCO Group these days. The litigious company has tried to lay claim to some key parts of the Linux operating system as part of its contract dispute with IBM, a move that has distracted an important part of software development. [more]
Friday, 12 December 2003, 12:19 PM CET

Los Alamos National Lab suffers security lapse
Officials say they can't account for a high-capacity disk and nine diskettes but that they may have been destroyed and simply not accounted for. [more]
Friday, 12 December 2003, 12:09 PM CET

The CIO as a security strategist
While some pundits say that security should be the responsibility of a separate individual, a chief security officer (CSO), corporate India still relies on its CIOs to protect information from the barbarians at the gate, says Rahul Neel Mani. [more]
Friday, 12 December 2003, 11:54 AM CET

InfoSec 2003: 'Zero-day' attacks seen as growing threat
"Zero-day" attacks that take advantage of software vulnerabilities for which there are no available fixes are emerging as a major threat to corporate security. [more]
Friday, 12 December 2003, 11:47 AM CET

Virginia nabs two big spammers
Two prolific spammers from North Carolina are facing four felony charges for sending thousands of unsolicited e-mail pitches. Each count under Virginia's tough antispam law carries up to five years in prison and fines of up to $2,500. [more]
Friday, 12 December 2003, 11:46 AM CET

My sysadmin is a special constable
Parliamentary lobby group EURIM is working with MPs and industry groups to draw a blueprint for the fight against cyber-crime. [more]
Friday, 12 December 2003, 11:29 AM CET

Counterfeiters have new imaging tech, too
Forged checks have always been a problem, but increasingly sophisticated technology is making it easier to create these checks. Today, it is not uncommon to see forged checks of more than one million dollars-so banks must be on the alert. [more]
Friday, 12 December 2003, 11:29 AM CET

Bill Gates to address RSA Conference
Microsoft Corp. Chairman and Chief Software Architect Bill Gates will address the RSA Conference 2004 in February. [more]
Friday, 12 December 2003, 11:28 AM CET

Macs are not invulnerable
I know this is wrong, but in one respect I was happy to learn earlier this month about the discovery of a significant security hole in the Jaguar and Panther versions (10.2 and 10.3, respectively) of the Apple operating system (OS). [more]
Friday, 12 December 2003, 11:25 AM CET

Single sign-on security with Tivoli Access Manager tutorial
Here's a good tutorial for optimising the enduser experience in regard to eliminating multiple logons, while maintaining tight website security. [more]
Friday, 12 December 2003, 11:19 AM CET

Review - Wireless Hacks
Wireless networks are something quite new for the majority of computer users. We know its pros and cons, its security issues, but we don't have so much experience to create our own workarounds, helping tools and similar gadgets. Flickenger has that kind of experience and unselfishly shares that knowledge with his readers. [more]
Friday, 12 December 2003, 11:16 AM CET

Overview of Virus Bulletin December 2003 Issue
In this article you discover what's included in the latest issue of the world's authority when it comes to information on viruses. [more]
Thursday, 11 December 2003, 2:06 PM CET

Hackproofing DB2
This presentation by Aaron C. Newman, CTO of Application Security, discusses DB2 security as well as database vulnerabilities. [more]
Thursday, 11 December 2003, 2:05 PM CET

Issues surrounding Linux and implications for IT managers
The purpose of this paper is to provide analysis on the Linux operating system along with Open Source software in general. [more]
Thursday, 11 December 2003, 1:26 PM CET

In a data-mining society, privacy advocates shudder
Edward Socorro had a good thing going as a sales manager with Hilton Hotels Corp. But not long after he started, a company hired by Hilton to do background checks on new employees reported that Socorro once spent six months in jail. [more]
Thursday, 11 December 2003, 1:20 PM CET

To exploit or not to exploit
Hackers tread a thin boundary of what is and is not legally accepted, and what is and is not ethical. They explore computer systems, prod for vulnerabilities, and hope to discover a flaw that has gone unnoticed so far. [more]
Thursday, 11 December 2003, 12:31 PM CET

Bugwatch: Prove you believe in privacy
Privacy issues should not be the concern of IT professionals alone but of all users. [more]
Thursday, 11 December 2003, 12:30 PM CET

IE phishing scam exploit unearthed
Security researchers have discovered a way for scam artists to disguise more effectively the location of bogus Web sites. [more]
Thursday, 11 December 2003, 12:28 PM CET

Worm propagation in protected networks
Many documents explore worm propagation methods across the global Internet. In contrast, this analysis focuses on the impact of three prominent worms (Blaster, Slammer, and Code Red I/II) inside protected networks, once the security perimeter has been breached. [more]
Thursday, 11 December 2003, 12:25 PM CET

SCO web site attacked again? Maybe
SCO has reported that they are experiencing an attack on their servers. Groklaw has been flooded with information that indicates their story doesn't add up. [more]
Thursday, 11 December 2003, 11:59 AM CET

Firms fight 500 internet attacks a month
Small businesses facing onslaught from viruses, worms and DoS attempts, warns research. [more]
Thursday, 11 December 2003, 11:45 AM CET

UK spam ban comes into force
Sending unsolicited e-mails, or spam, in Britain in now a criminal offense under new laws that came into force on Thursday. [more]
Thursday, 11 December 2003, 11:43 AM CET

IE bug lets fake sites look real
Microsoft on Tuesday said it was looking into reports of a potential bug in its Web browser that could help malicious hackers design convincing Web site spoofs. [more]
Thursday, 11 December 2003, 11:26 AM CET

Developers take Linux attacks to heart
A handful of recent online attacks on free and open-source software servers has open-source developers looking over their shoulders. [more]
Wednesday, 10 December 2003, 3:53 PM CET

The highs and lows of the CSO
Pity the public-sector CSO. He has to overcome all the typical security pitfalls - and he gets to do it all in a bureaucratic fishbowl. [more]
Wednesday, 10 December 2003, 3:11 PM CET

Alternative methods for protecting your company from viruses
Microsoft and other software vendors will certainly continue refining their software and issuing patches. [more]
Wednesday, 10 December 2003, 2:34 PM CET

Camera phones are a security risk
Analysts have warned that camera phones represent a risk for employers and could be used to photograph commercially sensitive aspects of a business operation. [more]
Wednesday, 10 December 2003, 2:23 PM CET

E-voting group unites on security concerns
Stung by criticism over whether its e-voting technology is sound, Diebold Election Systems joined with five other electronic voting machine manufacturers Tuesday to "identify and address security concerns" about the industry. [more]
Wednesday, 10 December 2003, 2:22 PM CET

Feds get a 'D' in computer security
U.S. federal departments and agencies are showing some improvement in protecting their computer networks, but many--including the Department of Homeland Security--are failing, according to a government report released Tuesday. [more]
Wednesday, 10 December 2003, 2:09 PM CET

War games online
Seeking an edge in the battle against computer worms and viruses, UC Berkeley researchers are building a virtual playing field for cyber war games. [more]
Wednesday, 10 December 2003, 2:08 PM CET

Chinese security standard could fracture Wi-Fi, says IEEE
The implementation of a Chinese security standard for wireless networking could undermine efforts to develop a global standard for wireless Lans and drive up the cost of networking equipment for end users, warned a senior executive at the Institute of Electrical and Electronics Engineers (IEEE). [more]
Wednesday, 10 December 2003, 2:05 PM CET

Patching: process matters
The list of all-too-familiar names - Nachi, Klez, Lovsan, SoBig, BugBear, Swen, Blaster and Yaha - represents only a sampling of the most prevalent worms and viruses that slithered into corporate networks this fall. But they all have one thing in common: Patches were readily available before most damage had been done. [more]
Wednesday, 10 December 2003, 1:47 PM CET

Flaw could unleash another Slammer
A research company warned Tuesday that an attacker could use a recently patched Microsoft flaw to create a fast-moving worm similar to SQL Slammer, which spread rapidly across the Internet a year ago. [more]
Wednesday, 10 December 2003, 1:46 PM CET

Review - Open Source Network Administration
You would think that with all the information that comes with a Linux or Unix operating system and the wealth of information that can be found online that a book of this type is unnecessary. When you pick it up you also realize it's not one of those mammoth guides. So what did the author put into this title to make it interesting for all you network administrators using or interested in using open source tools? Read on to find out. [more]
Wednesday, 10 December 2003, 12:33 PM CET

Fighting spam pays better than sending it
There's money to be made fighting spam--more money than even spammers see on their bottom lines, a research firm said Monday. [more]
Tuesday, 9 December 2003, 6:14 PM CET

Oracle patches security flaws
Oracle has issued a security alert and software patches for a set of serious vulnerabilities in the security protocols used by some of its server products. [more]
Tuesday, 9 December 2003, 5:54 PM CET

Mafia muscles in on spam and viruses
Attacks may become less common, but more dangerous, warns antivirus expert. [more]
Tuesday, 9 December 2003, 4:42 PM CET

Remote hot spot - the market for SSL VPNs catches fire
Infonetics Research, for example, predicts that SSL VPNs will become a $607m market opportunity by 2006. Mobile-enabled workers are the future, and SSL VPN networks offer them a secure, straight, simple access route to their data. [more]
Tuesday, 9 December 2003, 4:26 PM CET

Windows takes 7 spots in Symantec's top 10 November flaws
A remote buffer overflow vulnerability in Windows Workstation Service has been rated the biggest risk for computer users during November, from among vulnerabilities discovered or announced during the month. [more]
Tuesday, 9 December 2003, 4:09 PM CET

Home user security: personal firewalls
This article discusses personal firewall alternatives, including freeware firewalls, firewalls included with current Microsoft and Apple OSes, and various commercial offerings of interest to the home user. [more]
Tuesday, 9 December 2003, 4:06 PM CET

Q&A: A two-pronged approach to cybersecurity
The head of the US government's cybersecurity programme explains why he feels that the public and private sectors are making progress towards achieving security. [more]
Tuesday, 9 December 2003, 3:56 PM CET

Congress OKs antispam legislation
The U.S. Congress on Monday gave final approval to the first federal law regulating spam, which President Bush has indicated he will sign before the end of the year. [more]
Tuesday, 9 December 2003, 3:46 PM CET

Good guys versus bad guys - who's ahead?
For Symantec CEO John Thompson, there's always something new to worry about. [more]
Tuesday, 9 December 2003, 3:39 PM CET

Police arrest iPod email suspect
Cambridgeshire force pounces on local man in alleged credit card hoax. [more]
Tuesday, 9 December 2003, 3:38 PM CET

The next Windows: Microsoft's big challenge
Microsoft Corp. has been tarred as an illegal monopoly and a copycat. Its flagship Windows operating system gets knocked for its security holes and user-unfriendly quirks. [more]
Monday, 8 December 2003, 5:43 PM CET

Hackers steal from pirates, to no good end
The people who design rogue programs that take over computers from afar are now applying the tactic that made music pirating programs so effective--and the Internet may never be the same. [more]
Monday, 8 December 2003, 5:40 PM CET

"Invasion of Privacy" author speaks with Help Net Security
In this interview Michael J. Weber discusses the privacy and security issues regular users are troubled with, and offers and insight into his latest book. [more]
Monday, 8 December 2003, 3:16 PM CET

New authentication system tries to block spam
Yahoo said it is working on technology to combat e-mail spam by changing the way the Internet works to require authentication of a message's sender. [more]
Monday, 8 December 2003, 3:11 PM CET

Security fears push users to open source
CIOs look seriously at Linux for the desktop as Microsoft's security problems continue. [more]
Monday, 8 December 2003, 3:08 PM CET

Securing your Linux environment
As Linux gains momentum, Linux systems become more attractive to virus writers. Read on to learn more about antivirus software, end-user education, and safe computing practices that can protect you from attacks. [more]
Monday, 8 December 2003, 2:59 PM CET

Fortune 500 firms pick smartcard security
More than one third of enterprise companies will rely on smartcard technology by 2006. [more]
Monday, 8 December 2003, 2:57 PM CET

Cybersecurity worries keep many from banking online
Alma Villalpando, a program director at Eastfield College in Mesquite, Texas, says she's comfortable using a computer. She even offers training programs on cybersecurity. [more]
Monday, 8 December 2003, 2:56 PM CET

Moving beyond passwords
New options for strong authentication help agencies find the right security for their needs. [more]
Monday, 8 December 2003, 2:56 PM CET

Wi-Fi: secure or not? debate rages
We all know what kind of internet we have. Most of us have dedicated connections at home- whether dialup, broadband, or even faster. But what about Wi-Fi? Is it secure or not? The following article explains the debate between WiFi proponents and detractors. [more]
Monday, 8 December 2003, 2:51 PM CET

HNS Newsletter issue 191 has been released
You can read the Newsletter in TXT or PDF format. If you haven't done it yet, consider subscribing. [more]
Monday, 8 December 2003, 2:46 PM CET

Copping out on cybersecurity
After convincing the government to back off, it's now time for Silicon Valley to come up with a way to plug the lingering security holes in the national network infrastructure. [more]
Friday, 5 December 2003, 4:37 PM CET

Limited choice for Linux virus protection
Boxall's CC, the South African distributor of Norway's Norman data security products, says Norman Virus Control (NVC) is the only locally supported anti-virus solution specifically for Linux. [more]
Friday, 5 December 2003, 2:27 PM CET

Improving the database logging performance of the Snort network intrusion detection sensor
The performance requirements of the popular Snort NIDS has been studied before. However, in addition to the performance of the NIDS sensor itself, the database that receives and stores alerts can play a role in determining overall performance. [more]
Friday, 5 December 2003, 11:28 AM CET

15 company networks penetrated
A computer expert who hacked into the networks of 15 Londonderry firms in an afternoon, today defended his illegal bid to expose lax computer security. [more]
Friday, 5 December 2003, 11:12 AM CET

Time is right for database encryption
Are data-privacy regulations and dreams about stolen employee data keeping you up at night? It may be time to protect your data where it lives--in your database. [more]
Friday, 5 December 2003, 11:10 AM CET

Wi-Fi products roll despite security debate
A Cisco security problem punctuates arguments for and against widespread deployment of wireless networks. [more]
Friday, 5 December 2003, 11:01 AM CET

Hollywood: Norwegian hacker a burgler
A Norwegian hacker who has angered Hollywood by cracking a DVD copy protection code is a cyberspace version of a burglar, plaintiffs told an Oslo appeals court Thursday. [more]
Friday, 5 December 2003, 11:00 AM CET

The growing problem of identity theft
Losses from identity theft in the US in the past year are estimated to have amounted to around $50 billion. [more]
Friday, 5 December 2003, 10:57 AM CET

Reporter's notebook: at the DHS National Cyber Security Summit
Officials urged the IT community to take the threat of cyberterrorism seriously. [more]
Friday, 5 December 2003, 10:51 AM CET

Sobig-F wins 2003 war of the worms
Sobig-F worm has accounted for almost a fifth of all reports to Sophos during 2003. Besides Sobig and top malware of 2003, the article covers the new trends in viruses and spam. [more]
Thursday, 4 December 2003, 1:35 PM CET

Security flaw found in Yahoo Messenger
Vulnerability in popular instant messaging app rated critical. [more]
Thursday, 4 December 2003, 11:57 AM CET

Cybersecurity talk is cheap
Less than a year after the Bush administration unveiled its National Strategy to Secure Cyberspace, the finger pointing over who is to blame for failing to implement its recommendations has already begun. [more]
Thursday, 4 December 2003, 11:56 AM CET

Microsoft official: Web virus authors winning battle
Creators of computer viruses are winning the battle with law enforcers and getting away with crimes that cost the global economy some $13 billion this year, a Microsoft official said on Wednesday. [more]
Thursday, 4 December 2003, 11:51 AM CET

Linux security expert defends Debian
Debian Project leaders did a good job before and after a breach that took down their servers Nov. 21 said Jay Beale, lead developer on the Bastille Linux project and a consultant at JJB Security Consulting & Training. [more]
Thursday, 4 December 2003, 11:47 AM CET

Cisco Wi-Fi kit in minor security flap
Cisco yesterday warned of a security vulnerability in the software running on its popular line of Aironet wireless LAN access points. [more]
Thursday, 4 December 2003, 11:41 AM CET

Heckenkamp challenges computer ban
Accused eBay hacker Jerome Heckenkamp is back in federal court in California this month, but it isn't for his ever-slipping trial date. [more]
Thursday, 4 December 2003, 11:40 AM CET

Crackers strike Gentoo Linux server, code unharmed
In the latest of what is becoming a string of high-profile attacks on Linux, someone broke into one of the servers used to distribute versions of Gentoo Linux on Tuesday. [more]
Thursday, 4 December 2003, 11:38 AM CET

Tech industry works to stem new security rules
Large vendors are trying to persuade the government that the rules are unnecessary because they're already taking aggressive steps to defend against hackers. [more]
Thursday, 4 December 2003, 11:35 AM CET

Tech industry put on security notice
At first blush, the National Cyber Security Summit had all the makings of a tech industry love fest. [more]
Thursday, 4 December 2003, 11:26 AM CET

Review - antivirus products
Jim Ryan of Network Computing set out to see which antivirus products could best fend off the new generation of network worm and virus attacks. [more]
Thursday, 4 December 2003, 11:25 AM CET

Circumventing validation
Web developers spend a lot of time planning out complex chains of events to make thier web applications work. Within the planning and outlines, implicit control over the chain of events is often assumed. This paper is an introduction to breaking those assumptions and realizing just how vulnerable those chaulk board outlines can be in the real world. [more]
Wednesday, 3 December 2003, 2:07 PM CET

Virus attacks anti-spam sites
Security experts have warned that yet another new variant of the malicious computer worm Mimail is on the loose. [more]
Wednesday, 3 December 2003, 1:34 PM CET

Dell to techs: don't help customers remove spyware
As seen in the latest newsletter from SpyWareInfo, Dell sent an internal memo to its tech support minions which says in part: "NOTICE: Use of spyware removal software may conflict with user license agreements of other applications installed on your system. Please consult your user license agreements for further information. Dell does not endorse the use of spyware removal software and cannot provide support on these products." [more]
Wednesday, 3 December 2003, 1:16 PM CET

Best practices: avoiding computer worms
Despite the stories pervading headlines about computer criminals, a disproportionate number of security incidents occur because that age-old problem: user error. [more]
Wednesday, 3 December 2003, 1:11 PM CET

A plague on all our networks
The number of attacks on UK networks is soaring, with even the smallest firms facing an average 500 assaults each month from viruses, worms and denial of service attempts. [more]
Wednesday, 3 December 2003, 1:10 PM CET

Agencies to get security scores
Agencies will soon receive grades for their progress in information security. [more]
Wednesday, 3 December 2003, 1:07 PM CET

Linux users: are you at risk from kernel exploit?
Using this bug it is possible for a userland program to trick the kernel into giving access to the full kernel address space. [more]
Wednesday, 3 December 2003, 4:06 AM CET

China implements new Wi-Fi security standard
Chinese government agencies are prohibiting the import, manufacture and sale of Wi-Fi gear that does not use China's new security specification, which is incompatible with standards technology industry groups developed. [more]
Wednesday, 3 December 2003, 3:38 AM CET

Windows ATMs raise security concerns
Use of general-purpose platform expected to increase risks. [more]
Wednesday, 3 December 2003, 3:36 AM CET

Biggest security problem--it's human
If we can rely on one other certainty in this world other than death and taxes, it is forgotten passwords. [more]
Wednesday, 3 December 2003, 3:35 AM CET

Study: Firewall sales to spread
The market for firewall software and devices will jump 25 percent in the next two years to nearly $2.5 billion in worldwide sales, research firm Meta Group has predicted in its latest report. [more]
Wednesday, 3 December 2003, 3:30 AM CET

Real world XSS
This paper covers most aspects of XSS attacks including: injection points, attack scenarios, attacker motivations and techniques, code obfuscation examples, starts laying a foundation on proper filtering framework. [more]
Tuesday, 2 December 2003, 1:47 PM CET

Kernel exploit cause of Debian compromise
The cause of the recent Debian Project server compromise has been published by the Debian security team. [more]
Tuesday, 2 December 2003, 1:29 PM CET

SQL server security tips: part 1
Greg Robidoux, a Microsoft SQL Server expert who focuses on security, is chairman of the Professional Association for SQL Server DBA Special Interest Group (PASS DBA SIG). [more]
Tuesday, 2 December 2003, 1:24 PM CET

The perfect setup - Debian
This is a detailed description about the steps to be taken to setup a Debian based server that offers all services needed by ISPs and hosters. [more]
Tuesday, 2 December 2003, 1:04 PM CET

Spammers turn to classic prose
Poetry is probably not top of the list of things you expect to see in the spam and junk mail messages landing in your inbox everyday. [more]
Tuesday, 2 December 2003, 12:45 PM CET

Exploiting Cisco routers: part 2
This is the second of a two-part series that focuses on identifying and then exploiting vulnerabilities and poor configurations in Cisco routers. This article will look at what we can do once we've gotten in. [more]
Tuesday, 2 December 2003, 12:43 PM CET

Crime sometimes pays
Most spam is simply advertising. However, a small proportion of messages have a malicious purpose, which can range from simple vandalism through to theft and industrial espionage. [more]
Tuesday, 2 December 2003, 12:39 PM CET

North Korea launches 'secure' email
Little is known about how many people are online in North Korea, but the country is claiming to have have launched an email service with 'guaranteed' security. [more]
Tuesday, 2 December 2003, 12:39 PM CET

Rogue diallers now use satellite
The German site Dialerschutz (Dialler Protection) warns Internet users against new rogue diallers which connect through Emsat, Eutelsat's satellite system. Internet users have been faced with exceptionally high phone bills. [more]
Tuesday, 2 December 2003, 12:38 PM CET

Government role in IT security - free hand or iron fist
Cyberspace is not what it used to be. The on-line world is hostage to a motley crew of unsavory characters determined to milk it for all it is worth. [more]
Tuesday, 2 December 2003, 12:36 PM CET

A two-pronged approach to cybersecurity
In September, Amit Yoran became the United States' top cybersecurity defender. [more]
Tuesday, 2 December 2003, 10:46 AM CET

HNS Newsletter issue 190 has been released
You can read the Newsletter in TXT or PDF format. If you haven't done it yet, consider subscribing. [more]
Monday, 1 December 2003, 2:09 PM CET

Debian attacker may have used new exploit
An as-yet-unknown security exploit in Linux may have been responsible for a recent compromise of's servers, according to a system administrator with the Debian operating system project. [more]
Monday, 1 December 2003, 1:29 PM CET

Readers wouldn't buy security products from Microsoft
Microsoft's latest security initiative, "Securing the Perimeter," shows it hasn't given up in its battle against hackers and virus writers. [more]
Monday, 1 December 2003, 1:11 PM CET

Password hint: Think whether yours is good enough
Problems and costs, tips and alternatives. Tony Hallett reports on what the industry is saying - and whether passwords are enough. [more]
Monday, 1 December 2003, 1:10 PM CET

Symantec calls for partner teamwork
Vendors and resellers urged to collaborate on end-to-end security products. [more]
Monday, 1 December 2003, 11:43 AM CET

The ten commandments of PC security
Fight off nasty viruses, worms, and Trojan horses by following these simple rules. [more]
Monday, 1 December 2003, 11:29 AM CET

Red Hat Linux to gain security stamp of approval
Red Hat is pushing to have its commercial Enterprise Linux software certified under the Common Criteria (CC) Scheme worldwide, and has anticipated the OS solution will gain accreditation by the end of this year. [more]
Monday, 1 December 2003, 11:28 AM CET

.Name registry website defaced
On Saturday, November 29, 2003 a post on the GNSO mailing list indicated that the .name registry website had been defaced. [more]
Monday, 1 December 2003, 11:27 AM CET

Private records may be at risk
Someone in Asia may be looking at your income tax returns or reading sensitive doctors' notes about your medical history. [more]
Monday, 1 December 2003, 11:10 AM CET

Exchange to receive anti-spam filter
Microsoft to build in similar technology as in Outlook and Hotmail. [more]
Monday, 1 December 2003, 11:09 AM CET

Bill Gates talks seamless computing, security, and Linux
In an interview, Microsoft's chief software architect says customers will be open to new uses of technology once security problems are under control. [more]
Monday, 1 December 2003, 11:07 AM CET


What can we learn from the top 10 biggest data breaches?

Posted on 21 August 2014.  |  Here's a list of the top 10 biggest data breaches of the last five years. It identifies the cause of each breach as well as the resulting financial and reputation damage suffered by each company.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.


Fri, Aug 22nd