Off the Wire

Off The Wire Archive

News items for December 2007

Book review - Endpoint Security
Endpoint security is currently one of the "hot topics" in the information security market. Often neglected, this vital part of your company network organization can very quickly turn into a nightmare. In this book, author Mark Kadrich tries to provide a comprehensive endpoint strategy that works. [more]
Monday, 31 December 2007, 3:50 PM CET

Privacy rights 'fragile' in 2007
Threats to personal privacy got more severe in 2007, a report has claimed. [more]
Monday, 31 December 2007, 3:48 PM CET

Crime and punishment: the botnet barons
Less a rogues' gallery than a losers' lounge, but what did you expect? [more]
Monday, 31 December 2007, 3:46 PM CET

Establishing a practical routine for reviewing security logs
The term security information management (SIM) refers to the discipline of collecting and analyzing security events to detect or investigate malicious activities. [more]
Monday, 31 December 2007, 12:06 AM CET

Inside IBM's billion-dollar security push
Can money buy security? [more]
Monday, 31 December 2007, 12:03 AM CET

RIAA’s target in 2008: you
The RIAA has lodged documents in the ongoing case of the Record Industry vs Jeffrey Howell that argues that ripping music from legally purchased CD’s is illegal. [more]
Monday, 31 December 2007, 12:00 AM CET

Regulating the Japanese cyberspace, one step at a time
With little fanfare from local or foreign media, the Japanese government made major moves this month toward legislating extensive regulation over online communication and information exchange within its national borders. [more]
Friday, 28 December 2007, 11:45 AM CET

Secure your WLAN with Aircrack-ng
This open source suite of applications can help you locate all the access points in your offices, check that the networks are protected by encryption, and test the strength of the keys or passphrases that are in use. [more]
Friday, 28 December 2007, 10:28 AM CET

Vista is a great example of the bandaid paradox
Theoretically, Microsoft has put a lot more security into Vista than they have ever done to Windows before. But I can’t see how any of it will get used by most users. [more]
Friday, 28 December 2007, 10:27 AM CET

Blogspot blogs help spread Storm worm attacks
In an attack that showcases what cyber criminals have in store for Web 2.0 next year, the individual or group behind the Storm worm is distributing new versions of the malware with the help of hijacked and newly-created Google Blogspot blogs. [more]
Friday, 28 December 2007, 10:26 AM CET

How to choose the best WRT54G router for you
If any wireless router could be described as famous it would be the Linksys/Cisco WRT54G. Should you rummage through the search logs at Google, its quite possible that somewhere just behind "nude" and "Paris Hilton" you would find "wrt54g," possibly all from the same IP addresses. But, the WRT54G is famous not so much for what it is, but what it can be.
Friday, 28 December 2007, 10:24 AM CET

Online advertising vs. personal privacy
Google cleared an important regulatory hurdle when the Federal Trade Commission last week approved its $3.1 billion merger with ad placement giant DoubleClick, but congressional hearings on privacy are set for this spring, and consumer advocates are clamoring for limits on Google's use of behavioral data. [more]
Friday, 28 December 2007, 12:18 AM CET

Using leak tests to evaluate firewall effectiveness
A firewall provides security which is additional to that provided by other security solutions and appliances. [more]
Friday, 28 December 2007, 12:15 AM CET

The 2007 security hall of shame
Bad breaches, ghastly gaffes and five people we'd like to forget. [more]
Friday, 28 December 2007, 12:10 AM CET

Build a usable security plan
While there is nothing wrong with information security departments that like to use an ounce--or even a pound--of prevention, what if they don’t have an ounce of cure? [more]
Friday, 28 December 2007, 12:09 AM CET

eBay goes to Romania to fight fraud
The country is the top source of organized scams on the auction site. The company has sent over equipment and a team to help the authorities there. [more]
Friday, 28 December 2007, 12:03 AM CET

Microsoft's Windows Home Server corrupts files
'Don't edit' list includes photos, as well as Quicken and QuickBooks files, warns Microsoft; no word on patch. [more]
Friday, 28 December 2007, 12:00 AM CET

FBI to put criminals, security issues up in digital billboard lights
The FBI today said it wants to install 150 digital billboards in 20 major U.S. cities in the next few weeks to show fugitive mug shots, missing people and high-priority security messages from the big bureau. [more]
Thursday, 27 December 2007, 4:21 PM CET

Pump-and-dump scam spam switches on video
Uses video clips to shill stock and dodge antispam defenses. [more]
Thursday, 27 December 2007, 1:42 PM CET

Easy Wi-Fi security
Locking down your wireless network no longer requires an engineering degree. [more]
Thursday, 27 December 2007, 1:39 PM CET

Dissecting and digging application source code for vulnerabilities
Application source code scanning for vulnerability detection is an interesting challenge and relatively complex problem as well. There are several security issues which are difficult to identify using blackbox testing and these issues can be identified by using whitebox source code testing methodlogy. Application layer security issues may be residing at logical layer and it is very important to have source code audit done to unearth these categories of bugs. [more]
Thursday, 27 December 2007, 1:36 PM CET

Book review - Designing BSD Rootkits
This book covers a very technical and fascinating topic that hasn't received much bookshelf space before this book was released. This title aims to give you the knowledge necessary to understand rootkits while exploring the FreeBSD operating system and kernel. [more]
Thursday, 27 December 2007, 1:28 PM CET

Australia cancels controversial national ID program
Opponents of Australia's controversial Access Card received an early Christmas present earlier this month when the incoming Rudd Labor Government finally axed the controversial ID program. [more]
Thursday, 27 December 2007, 10:22 AM CET

Hacks and smack-talking make hi-def format war even uglier
The format war between Blu-ray and HD DVD continues, but now the participants are really getting feisty. [more]
Thursday, 27 December 2007, 1:40 AM CET

Is Google Reader sharing too much?
A small privacy debate is igniting over a new sharing feature in Google Reader. [more]
Thursday, 27 December 2007, 1:39 AM CET

Schneier preaches security to Linux faithful
Schneier is one of three keynote speakers at 2008 and speaks with Dahna McConnachie about his presentation, books and thoughts. [more]
Thursday, 27 December 2007, 1:36 AM CET

Herd intelligence benefits IT security
The rise of customized malware is forcing security software vendors to change their tactics quickly and begin using customers' machines as their initial line of threat detection intelligence, according to a new report from Yankee Group. [more]
Thursday, 27 December 2007, 1:36 AM CET

Inside the data encryption revolution
Just encrypting data is not the hard part. [more]
Thursday, 27 December 2007, 1:33 AM CET

Job exam piracy rising
Websites aid test cheating by professionals. [more]
Thursday, 27 December 2007, 1:31 AM CET

Video: theory and practice of cryptography
This talk by Steve Weis is one in a series hosted by Google University. [more]
Wednesday, 26 December 2007, 12:03 AM CET

Windows Explorer identified as malware
Windows Explorer, one of the most crucial components of Microsoft's operating system, was quarantined last week after being falsely identified as malicious code by an antivirus company. [more]
Tuesday, 25 December 2007, 7:56 PM CET

Your holiday family security checklist
If you read this blog, odds are today and tomorrow you’ll be responsible for “fixing” the computers of your extended family. [more]
Tuesday, 25 December 2007, 9:30 AM CET

The theory and practice of secure data mining
Data mining isn't always about structured data. Text mining - or text data mining - is about comprehending natural language and extracting high quality information from it. Natural languages have structure, too. These structures are generally more complex than a schema, especially one designed for data mining. [more]
Tuesday, 25 December 2007, 3:57 AM CET

Analysis of a modern malware distribution system
Pushdo is usually classified as a "downloader" trojan - meaning its true purpose is to download and install additional malicious software. [more]
Tuesday, 25 December 2007, 3:55 AM CET

Digital vigilantes: the white knight of phish-busting
An Alabama man works frustration with an attack on his employer's Web site into a full-time career of catching phishers and online fraudsters. [more]
Tuesday, 25 December 2007, 3:51 AM CET

Cyber cold war a threat to all
Governments worldwide are preparing for an increase in attacks on crucial services. [more]
Tuesday, 25 December 2007, 3:48 AM CET

Privacy tsar warns over data losses
The series of data security breaches that has seen the personal details of tens of millions of people lost is pushing Britain to a "tipping point" over how such records are handled, the information commissioner has warned. [more]
Tuesday, 25 December 2007, 3:45 AM CET

Who's got the fastest firewall?
Crossbeam, IBM win raw performance test; Juniper, Watchguard score on price/performance. [more]
Monday, 24 December 2007, 6:51 AM CET

Data breaches, regulations fueling data encryption
US Government agencies, banks at forefront of data encryption usage. [more]
Monday, 24 December 2007, 6:24 AM CET

Russians to prosecute the authors of the 'Pinch' Trojan
Nikolay Patrushev, head of the Federal Security Services, announced the results of the measures taken to combat cyber crime in 2007. [more]
Monday, 24 December 2007, 5:30 AM CET

Australia to get net censorship
New restrictions on online chatrooms, websites and mobile phone content will be introduced within a month to stop children viewing unsuitable material. [more]
Monday, 24 December 2007, 4:15 AM CET

FBI works on huge biometrics database
The FBI is embarking on a $US1 billion ($A1.17 billion) project to build the world's largest computer database of biometrics to give the US government more ways to identify people at home and abroad, the Washington Post reported. [more]
Monday, 24 December 2007, 3:30 AM CET

The army is buying Macs to increase security
This past year was a particularly tough one for military cybersecurity. [more]
Monday, 24 December 2007, 2:09 AM CET

What happens here if the IRS loses our data?
Could the loss of data from the huge Internal Revenue Service master files cause a financial meltdown in this country? [more]
Monday, 24 December 2007, 1:18 AM CET

Serious Flash vulns menace tens of thousands websites
Researchers from Google have documented serious vulnerabilities in Adobe Flash content which leave tens of thousands of websites susceptible to attacks that steal the personal details of visitors. [more]
Monday, 24 December 2007, 12:21 AM CET

Advanced AJAX security
Billy Hoffman gave a talk on advanced AJAX security at the recent Google Web Toolkit (GWT) conference in San Francisco. [more]
Monday, 24 December 2007, 12:00 AM CET

Vista vs Mac OS X security: why ZDNet vulnerability numerology is absurd
Notorious Zoon Award winner George Ou is again trying to convince the world that Mac OS X’s security is in shambles while Microsoft has solved the security crisis in created, at least for users of new PCs and when excluding that pesky problem of vast existing networks of compromised Windows bots that plague us all with mountains of spam no matter what platform we use. [more]
Friday, 21 December 2007, 6:35 PM CET

Safe and promiscuous Web browsers
A quick tip for keeping yourself safe online - if you don’t mind extreme web browsing. [more]
Friday, 21 December 2007, 4:29 PM CET

Computers with DMV info stolen
In the state's third high-profile breach of personal privacy this year,the Department of Motor Vehicles will begin mailing letters today to 155 customerstelling them that their personal information might have been compromised. [more]
Friday, 21 December 2007, 3:30 PM CET

Kerberos policy management in IBM Network Authentication Service for AIX 5.3
Use IBM Network Authentication Service (IBM NAS) for AIX to learn about the Kerberos policy management for passwords, and get acquainted with anything and everything about IBM NAS policy. [more]
Friday, 21 December 2007, 10:14 AM CET

Using camcorder tapes to back up files
DV and MiniDV camcorder tapes can be used for more than just storing audio and video recordings. If you have a camcorder and a FireWire connection to your computer, you can also use them to store files. [more]
Thursday, 20 December 2007, 6:10 PM CET

Build secure Web applications with OWASP
Developing secure applications has always been a difficult task. [more]
Thursday, 20 December 2007, 10:54 AM CET

The botnet ecosystem: do botnets need Windows?
Botnet clients have been seen in the wilds running on Unix-based systems, too. [more]
Thursday, 20 December 2007, 10:54 AM CET

FBI agents skip court orders to spy on cellphone users
By now it's well known that FBI agents can't always be troubled to get a court order before going after a surveillance target's telephone and internet records. But newly released FBI documents show that aggressive surveillance tactics have even caused friction within the bureau. [more]
Thursday, 20 December 2007, 10:52 AM CET

Microsoft confirms IE update snafu, offers work-around
Microsoft admitted late yesterday that security patches issued last week for Internet Explorer (IE) crippled the browser for some users, but rather than rework the fix, the company offered up a registry hack work-around. [more]
Wednesday, 19 December 2007, 8:32 PM CET

Managing terabytes of customer data
Usama Fayyad's colleagues say he battles monsters for a living. In the elite engineering circles that this former NASA rocket scientist inhabits, the job description passes for a wisecrack. But, like many jokes, there's truth behind it. [more]
Wednesday, 19 December 2007, 8:08 PM CET

Google ads hijacked?
Advertisements placed by Google in Web pages are being hijacked by so-called trojan software that replaces the intended text with ads from a different provider. [more]
Wednesday, 19 December 2007, 8:07 PM CET

Big Brother is listening
Contrary to popular perception, the NSA does not engage in “wiretapping”; it collects signals intelligence, or “sigint.” [more]
Tuesday, 18 December 2007, 12:19 PM CET

Estonia: cyber superpower
This Baltic country is getting a reputation for being security savvy. Just ask the hackers. [more]
Tuesday, 18 December 2007, 3:21 AM CET

Four ways to keep LAMP secure
This article is about proper LAMP security practices. [more]
Tuesday, 18 December 2007, 2:30 AM CET

Is Google your next hosted-security partner?
Big ideas from a big company betting big on acquisitions. [more]
Tuesday, 18 December 2007, 1:45 AM CET

Surveillance society: cameras are watching you
Liberty Island's video cameras all feed into a computer system. [more]
Tuesday, 18 December 2007, 12:03 AM CET

Insurer gets record fine for ID theft disaster
$6.6 million lifted by social engineers while firm did next to nothing. [more]
Monday, 17 December 2007, 9:02 PM CET

How feds are dropping the ball on IPv6
Six months shy of an IPv6 deadline, few agencies are running the new protocol. [more]
Monday, 17 December 2007, 8:59 PM CET

Facebook sues porn company over hacking
The social network claims a bot from the Canadian porn site tried to gather its members' data. [more]
Monday, 17 December 2007, 4:51 PM CET

Reconstructing the Sony BMG rootkit incident
The article first addresses the market-based rationales that likely influenced Sony BMG's deployment of these DRM systems and reveals that even the most charitable interpretation of Sony BMG's internal strategizing demonstrates a failure to adequately value security and privacy. [more]
Monday, 17 December 2007, 1:13 PM CET

'Sensitive' security data is lost
lectronic details of the new security system protecting Parliament have been lost, sparking a Commons security alert. [more]
Monday, 17 December 2007, 10:09 AM CET

Hans Reiser murder trial zeros in on odd behavior
Week five of the Hans Reiser murder trial zeroed in on the strange behavior witnesses said the Linux programmer exhibited immediately following his wife's disappearance. [more]
Monday, 17 December 2007, 1:15 AM CET

'Big Brother' restaurant spies on diners
Imagine enjoying a friendly lunch with co-workers at the company restaurant. Now imagine every bite, sip and swallow being monitored by company researchers, in a kind of culinary Big Brother scenario. [more]
Monday, 17 December 2007, 12:30 AM CET

NIST working on new method for finding software bugs
Researchers a the National Institute of Standards and Technology and the University of Texas at Arlington hope to release for beta testing next month a tool to help spot possible problems in complex software. [more]
Monday, 17 December 2007, 12:15 AM CET

iptables as a replacement for commercial enterprise firewalls
With IT budgets getting tighter, managers need to trim costs. Service contracts are expensive for any technology; firewalls are no exception. [more]
Friday, 14 December 2007, 2:58 PM CET

Movie "Look" eyes voyeuristic surveillance
Wired News caught up with Rifkin in Los Angeles to learn more about his crafty experiment in surveillance cinema. [more]
Friday, 14 December 2007, 2:57 PM CET

The hunt for Russia's web crims
An online crime network appears to have gone to ground. [more]
Friday, 14 December 2007, 8:12 AM CET

TV industry using piracy as a measure of success
Broadcasters aren’t posting their shows directly on PirateBay yet, but they are talking informally and giving copies of shows to a friend of a friend who is unaffiliated with the company to make a torrent. [more]
Friday, 14 December 2007, 6:28 AM CET

Integrating Ubuntu with a Windows-based network is harder than it should be
Installing Ubuntu Gutsy was easy, but getting it to play with the Windows 2003 login server was really difficult. [more]
Friday, 14 December 2007, 6:18 AM CET

Top FOSS security vulnerabilities
Palamida, the San Francisco company that helps companies to audit their use of open source software, has released a list of what it calls "the top five most overlooked open source vulnerabilities." [more]
Friday, 14 December 2007, 12:21 AM CET

Congress presses Google on privacy
Rep. Joe Barton's letter to Google is not a basis for denying regulatory approval to Google's acquisition of DoubleClick, said analyst Greg Sterling. [more]
Thursday, 13 December 2007, 6:31 PM CET

Is internet banking safe?
Each year online banking customers are being defrauded of more than $25 million. Can we keep the cyber crims from scamming us? [more]
Thursday, 13 December 2007, 6:00 PM CET

Zero-day vulnerabilities: following the trailblazers
In the world of IT, many vendors publish software sprinkled with bugs and potential security holes. [more]
Thursday, 13 December 2007, 2:56 PM CET

Securing your VNC connection using SSH
Once you are connected, traffic between the viewer and the server is unencrypted, and could be sniffed by someone with access to the intervening network. [more]
Thursday, 13 December 2007, 11:19 AM CET

Why 'anonymous' data sometimes isn't
Last year, Netflix published 10 million movie rankings by 500,000 customers, as part of a challenge for people to come up with better recommendation systems than the one the company was using. [more]
Thursday, 13 December 2007, 11:18 AM CET

Exploring Leopard with DTrace
DTrace enables developers and administrators to "see" what their code, and others' code, is doing in a flexible and dynamic way. With the release of Leopard, Apple has brought DTrace to Mac OS X. [more]
Thursday, 13 December 2007, 11:17 AM CET

Security-breach notification laws
In the midst of calls for federal legislation, survey data collected on identity theft reveals that the crime is becoming more complex and difficult to track. [more]
Wednesday, 12 December 2007, 11:08 PM CET

Two sentenced in Italy for massive phishing operation
Two people have been sentenced for their part in a massive phishing operation busted up by Italian police in July. [more]
Tuesday, 11 December 2007, 9:55 PM CET

Top 10 best and worst anti-phishing Web registrars
Web site domain name registrars are increasingly finding themselves at the forefront of the never-ending slog against online con artists and phishers. [more]
Tuesday, 11 December 2007, 4:56 PM CET

Tips and tricks for Linux admins: volatile Debian
Yes folks, it's time for another enticing batch of useful and amazing Linux tips and tricks! [more]
Tuesday, 11 December 2007, 5:45 AM CET

Security: a business problem
Frank Hayes argues the case for security to become a business problem. [more]
Tuesday, 11 December 2007, 3:45 AM CET

'Digital locks' future questioned
One of the world's largest hard disk manufacturers has blocked its customers from sharing online their media files that are stored on networked drives. [more]
Tuesday, 11 December 2007, 1:12 AM CET

CIA tape destruction offers cautionary tale for CIOs
Companies face big fines for not producing electronic evidence. [more]
Tuesday, 11 December 2007, 12:45 AM CET

Animated response to security
Imagine working in a place where your desktop computer restricts access. No personal e-mail. No Internet. [more]
Monday, 10 December 2007, 8:58 PM CET

Key management for enterprise data encryption
Best practices dictate that we must protect sensitive data at the point of capture, as it's transferred over the network (including internal networks) and when it is at rest. Protecting data only sometimes - such as sending sensitive information over wireless devices over the Internet or within your corporate network as clear text - defeats the point of encrypting information in the database. [more]
Monday, 10 December 2007, 6:57 PM CET

Covert channel vulnerabilities in anonymity systems
The spread of wide-scale Internet surveillance has spurred interest in anonymity systems that protect users’ privacy by restricting unauthorised access to their identity. This requirement can be considered as a flow control policy in the well established field of multilevel secure systems. [more]
Monday, 10 December 2007, 4:10 PM CET

Hackers offer judge's bank details
Security breaches that are allowing the financial details of tens of thousands of Britons to be sold on the internet will be investigated by the country's information watchdog. [more]
Monday, 10 December 2007, 4:07 AM CET

Hackers launch major attack on US military labs
Hackers have succeeded in breaking into the computer systems of two of the U.S.' most important science labs, the Oak Ridge National Laboratory and Los Alamos National Laboratory. [more]
Friday, 7 December 2007, 11:58 PM CET

Most unusual data disaster horror stories for 2007
A man in Thailand took the cover of his hard drive off and sprayed the interior with insect repellent. [more]
Friday, 7 December 2007, 9:41 PM CET

Hackers get data of federal lab visitors
The Oak Ridge National Laboratory revealed on Thursday that a "sophisticated cyber attack" over the last few weeks may have allowed personal information about thousands of lab visitors to be stolen. [more]
Friday, 7 December 2007, 6:11 AM CET

Couple accused of fraud will pursue plea
College student and boyfriend accused of stealing neighbors' identities. [more]
Friday, 7 December 2007, 6:09 AM CET

Symantec screwup is 'worse than any virus'
Symantec on Monday released a virus definition update that incorrectly identified Solid Oak's CyberSitter filtering program as a virus. [more]
Friday, 7 December 2007, 6:07 AM CET

Best practices for LAN security projects
If you follow a logical plan for planning, testing, and deploying your LAN security architecture and products, you can navigate the complications associated with these projects. [more]
Friday, 7 December 2007, 12:03 AM CET

Linux traffic analysis, quick and simple
Darkstat, a packet sniffer that runs as a background process, gathers statistics about network usage and displays them over HTTP. [more]
Thursday, 6 December 2007, 1:35 PM CET

The botnet ecosystem: what's a botnet?
Since the proliferation of viruses and other forms of malware, we've seen the beginnings of some frightening software behavior. [more]
Thursday, 6 December 2007, 1:33 PM CET

Systems administration toolkit: network scanning
Discover how to scan your network for services and how to regularly monitor your services to keep uptimes to a maximum. [more]
Thursday, 6 December 2007, 3:49 AM CET

Professor uses Youtube, Facebook in copyright fight
Using some of the tools threatened if one doesn't use the tools. [more]
Thursday, 6 December 2007, 12:03 AM CET

Guarding your social security number
Requests to provide our Social Security numbers have become so common that many people just assume they have no choice but to hand it over. [more]
Wednesday, 5 December 2007, 7:27 PM CET

Video: security predictions for 2008
Saumil Shah is the founder and CEO of Net-Square. In this video he presents predictions for 2008 based on what we had seen this year. [more]
Wednesday, 5 December 2007, 7:21 PM CET

Infostealer that is too visible
In Brazil there are many viruses that steal online bank account and password information, which are usually known as infostealer.bancos. [more]
Wednesday, 5 December 2007, 3:51 PM CET

European Commission plans security breach notification law
Security breach laws are common in the US but are still controversial. [more]
Wednesday, 5 December 2007, 1:06 PM CET

Full disclosure is dead
Full Disclosure is dead. Let me explain why. [more]
Wednesday, 5 December 2007, 12:44 PM CET

Passport applicant finds massive privacy breach
A security flaw in Passport Canada's website has allowed easy access to the personal information - including social insurance numbers, dates of birth and driver's licence numbers - of people applying for new passports. [more]
Wednesday, 5 December 2007, 5:36 AM CET

Bruce Schneier: Freakonomics Q&A
Schneier responded in force, taking on nearly every question [more]
Wednesday, 5 December 2007, 3:27 AM CET

Hacking RPMs with rpmrebuild
Rpmrebuild is able to reconstruct an RPM by looking up the information about it on the RPM database that is part of every RPM-based distribution like Fedora. [more]
Wednesday, 5 December 2007, 2:06 AM CET

Blind hacker says he's no friend of convicted SWATters
The FBI is circling around a blind 17-year-old phone hacker in Boston suspected of being the brains behind a gang of phone phreaks who sent police SWAT teams bursting into the homes of party line foes. [more]
Wednesday, 5 December 2007, 12:27 AM CET

Service Pack 1 will turn off Vista's 'kill switch'
After a year of glitches and server issues, Microsoft has announced that Vista Service Pack 1 will no longer include the infamous "kill switch," which puts Vista in "reduced functionality" mode if the license key fails to validate. [more]
Wednesday, 5 December 2007, 12:03 AM CET

Linux: create your own Domain Name Server (DNS)
One vital step to hosting your own domain is to set up a domain name server. One nice solution is to use Linux and the Berkeley Internet Name Domain (BIND) software. [more]
Tuesday, 4 December 2007, 7:36 PM CET

Security extensions for your Joomla! installation
Joomla! is a free, open source Content Management System that allows you to build websites and other online applications. Because it's easy to install and simple to manage, it has attracted a large user-base. Every user of this, or any other CMS, should be worried about security. This article introduces three security extensions can enhance every Joomla! installation. [more]
Tuesday, 4 December 2007, 6:00 PM CET

Cover-up? Special investigator "cures" virus with 7-stage hard drive wipe
The head of the Office of Special Counsel who is currently leading an investigation into allegations against Karl Rove is taking fire over allegations that he improperly and illegally disposed of documents and files. [more]
Tuesday, 4 December 2007, 10:06 AM CET

Why PCI is good for business
Time to take a step back and look at PCI. [more]
Tuesday, 4 December 2007, 9:03 AM CET

Understanding OpenID and CardSpace
OpenID and CardSpace are at the forefront of user-centric identity. Here's how they work. [more]
Tuesday, 4 December 2007, 8:18 AM CET

How to: simple security with Easy Crypt
Add some secret ninja power to your Ubuntu system today with Easy Crypt. [more]
Tuesday, 4 December 2007, 7:21 AM CET

Critical vulnerability in Microsoft metrics
One of the goals of the bug counting report is to demonstrate that Microsoft fixed fewer bugs for IE than Mozilla did for Firefox. Unfortunately for Microsoft (and for anyone trying to use this report as analysis of useful metrics) he does not count all the security issues. [more]
Tuesday, 4 December 2007, 6:27 AM CET

Websites sell secret bank data and PINs
Security breaches that are allowing the financial details of tens of thousands of Britons to be sold on the internet are to be investigated by the country’s information watchdog. [more]
Tuesday, 4 December 2007, 3:12 AM CET

How to track down anyone online
When you're trying to find someone online, Google's not the only game in town. [more]
Tuesday, 4 December 2007, 2:15 AM CET

Rolls-Royce IT network attacked by Chinese hackers
Chinese-backed computer hackers attacked the internal computer network of British airplane engine maker Rolls-Royce. [more]
Tuesday, 4 December 2007, 12:33 AM CET

CCTV could track branded suspects
Brands on the clothes of suspects caught on CCTV cameras could be used to help police track them down. [more]
Tuesday, 4 December 2007, 12:12 AM CET

Conference videos from HITBSecConf2007
The videos from Hack In The Box Security Conference 2007 Malaysia is now available for download! [more]
Tuesday, 4 December 2007, 12:00 AM CET

Server log analysis of phishing web sites
Computer forensics is a powerful instrument available to financial institutions in the battle against online fraud. [more]
Monday, 3 December 2007, 7:12 PM CET

On the security of e-passports
The global introduction of electronic passports is a large coordinated attempt to increase passport security. Issuing countries can use the technology to combat passport forgery and look-alike fraud. While addressing these security problems other security aspects, e.g. privacy, should not be overlooked. This article discusses the theoretical and practical issues, which impact security for both citizens and issuing countries. [more]
Monday, 3 December 2007, 7:11 PM CET

Unsung innovators: Gary Thuerk, the father of spam
It seemed like a good idea at the time, back before junk e-mail even had a nickname, no less a place in computer history. [more]
Monday, 3 December 2007, 12:16 PM CET

Facebook makes privacy changes
Confronted with mounting privacy protests, has scaled back a web monitoring feature that notifies one's friends when the Facebook user visits affiliated websites, the company said. [more]
Monday, 3 December 2007, 3:33 AM CET

MI5 warns over China spy threat
Leading British firms and government agencies have been warned Chinese state organisations may be spying on them. [more]
Monday, 3 December 2007, 2:30 AM CET

DNS hacked again with poisoning attack
Amit Klein, of Israeli security company Trusteer, recently released details on DNS server cache poisoning attacks that affect both BIND (Berkeley Internet Name Domain) and Windows DNS servers. [more]
Monday, 3 December 2007, 2:15 AM CET

Windows: the password drama continues
Setting password policies in Windows Server 2003 and earlier versions can feel a little like a running soap opera. [more]
Monday, 3 December 2007, 1:06 AM CET

Hacker gets 110 years for threats on MySpace
A 33-year-old North Carolina man sentenced Friday to 110 years in prison used "tools of terror" to hack into the computers of Brevard County girls and extort nude pictures from them, an assistant U.S. attorney said. [more]
Monday, 3 December 2007, 12:15 AM CET

IPCop: Linux distro or network traffic cop? It's both!
IPCop is a mature, robust, sophisticated, and well-polished security distribution. [more]
Monday, 3 December 2007, 12:03 AM CET


What can we learn from the top 10 biggest data breaches?

Posted on 21 August 2014.  |  Here's a list of the top 10 biggest data breaches of the last five years. It identifies the cause of each breach as well as the resulting financial and reputation damage suffered by each company.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.


Fri, Aug 22nd