Off the Wire

Off The Wire Archive

News items for February 2003

Interview with Eric Greenberg
The author of "Mission-Critical Security Planner: When Hackers Won't Take No for an Answer" speaks about his book and general security issues. [more]
Friday, 28 February 2003, 5:17 PM CET


McAfee preps 'worm-killer' VirusScan
McAfee next week will unveil VirusScan Enterprise 7.0, its first major update to VirusScan in years. [more]
Friday, 28 February 2003, 5:15 PM CET


Hollywood, software fire suits at pirates
Two major trade groups filed on Thursday a slew of civil lawsuits against people they claim were selling pirated copies of films and software via online auction sites. [more]
Friday, 28 February 2003, 5:14 PM CET


UK e-commerce sites: Top 10 flaws
UK customer credit card details and sensitive data is at risk because of simple e-commerce flaws, according to a study. [more]
Friday, 28 February 2003, 3:05 PM CET


Root 101
For many who are accustomed to single-user operating systems the concept of root is an unfamiliar one. This article is intended to help explain what root access is, whether you need it, what you can do with it. [more]
Friday, 28 February 2003, 3:04 PM CET


No need to feel insecure about Zeroconf / Rendezvous security
Jim Banahan describes how he set up a multi-platform networking environment for a local business. [more]
Friday, 28 February 2003, 1:08 PM CET


Identity theft problems in Australia
Within five years automatic teller machines will be scanning eyes before handing out the cash. It is just one of the measures to thwart identity theft, the fastest growing crime in Australia. [more]
Friday, 28 February 2003, 1:05 PM CET


Is vigilante hacking legal?
A legal expert is arguing that those under attack from 'zombie servers' and other Internet nuisances may be able to legally strike back - as long as they are careful. [more]
Friday, 28 February 2003, 1:04 PM CET


Book Review: Cisco Secure Intrusion Detection System
The book offers a comprehensive guide through all the perspectives of planning, deploying and maintaining Cisco Secure IDS. [more]
Thursday, 27 February 2003, 10:57 PM CET


Singapore nets record piracy haul
The police in Singapore uncovered the city-state's biggest-ever cache of pirated goods, which included software, CDs and games. [more]
Thursday, 27 February 2003, 5:03 PM CET


Spy Agencies Tight-Fisted on Data
While the U.S. government fine-tunes its computer networks to better fight terrorism, federal intelligence agencies can't agree on the best way to share crucial information with each other. [more]
Thursday, 27 February 2003, 4:52 PM CET


SSL 'inventor' sues VeriSign and RSA
A retired engineer has claimed he owns the patent for SSL, an authentication standard used by millions of Web sites. [more]
Thursday, 27 February 2003, 4:51 PM CET


ACLU Admits Another Privacy Gaffe
Protecting personal information on the digital frontier remains a tough task, even for the most ardent privacy activists. [more]
Thursday, 27 February 2003, 4:48 PM CET


Secure apps to stop network attacks
When securing your network, don't neglect the applications running on it. These tips will help you secure your network against attacks that exploit application vulnerabilities. [more]
Thursday, 27 February 2003, 1:39 PM CET


'Smart cards' in demand as concerns about security rise
With security tighter than ever, "smart card" IDs are becoming a first line of defense against attackers seeking to penetrate computer networks and office buildings. [more]
Thursday, 27 February 2003, 1:39 PM CET


Interview with Aviel Rubin
The Computer Science Professor at Johns Hopkins University and Technical Director of the JHU Information Security Institute talks about firewalls and computer security in general. [more]
Wednesday, 26 February 2003, 3:13 PM CET


Software Reports the Appearance of Three New Worms
Three worms -Lovgate.A, W32/Tang and Kingpdt- and two Trojans -Nzlog and Aileen- are the subjects of this week's report on malicious code. [more]
Wednesday, 26 February 2003, 3:11 PM CET


Much Ado About Kevin Mitnick
Until Mitnick does something noteworthy with his non-criminal career, let the guy be. He's served his time and has earned the right to be known as something other than a former computer criminal. [more]
Wednesday, 26 February 2003, 1:26 PM CET


U.S. Information Security Law, Part One
This article addresses the legal framework for protection of information systems and the role of information security professionals in the creation of trade secret interests, one type of intellectual property. [more]
Wednesday, 26 February 2003, 1:16 PM CET


Chipping Away at Workers' Privacy
Employers rely more and more on technology - from sensors to cameras to keystroke recorders to GPS - to keep an eye on workers. A new book paints a picture of an increasingly privacy-free workplace. [more]
Wednesday, 26 February 2003, 1:10 PM CET


The Open Road: Alternative Nameservers - PowerDNS
PowerDNS is an authoritative-only nameserver, which means that it will answer queries about zones that it is responsible for, but it won't attempt to find information on another zone/domain. [more]
Wednesday, 26 February 2003, 1:07 PM CET


Securing Windows 2000 Server Documentation
This prescriptive solution is aimed at helping reduce security vulnerabilities and lower the costs of exposure and security management in the Windows 2000 environment. [more]
Tuesday, 25 February 2003, 4:23 PM CET


The New FirewallAnalyzer 3.0 Supports Leading Firewalls
eIQnetworks released version 3.0 of their FirewallAnalyzer. This tool is the industry’s first browser-based, cross-platform Firewall/VPN analysis and reporting solution with support for all leading firewalls. [more]
Tuesday, 25 February 2003, 4:23 PM CET


Worm Becomes Part Of The Windows OS
BitDefender released a free removal tool against the worm LovGate (its last version is Win32.LovGate.C@mm), which has widely spread in the wild in the last four days. [more]
Tuesday, 25 February 2003, 4:21 PM CET


Corporate Security
Most businesses use digital technologies to run more efficiently. Unfortunately, these also pose a threat to system integrity with security breaches being reported regularly. [more]
Tuesday, 25 February 2003, 4:19 PM CET


Program Hides Secret Messages in Executables
A new steganography application turns other programs into covert carrier pigeons. [more]
Tuesday, 25 February 2003, 1:36 PM CET


Nessus 2.0.0 stable is out
The free, powerful and easy to use remote security scanner just got better. See what's new in this release. [more]
Tuesday, 25 February 2003, 12:26 PM CET


VPN experts downplay 'splitting' headache
Most say split tunneling does not necessarily undermine security. [more]
Tuesday, 25 February 2003, 12:23 PM CET


Media Gone Mad
Why last week's big Windows security hole is nothing more than technology press hot air. [more]
Tuesday, 25 February 2003, 12:16 PM CET


CIOs debate security, privacy, Linux and outsourcing issues
CIOs from some of the nation's largest companies outlined their fears and hopes about their jobs and about the direction of technology in the year ahead. [more]
Tuesday, 25 February 2003, 12:13 PM CET


Lovegate worm's got a hold on PCs
The mass-mailing worm has infected a moderate number of PCs, installing a back-door that leaves them open to control. [more]
Tuesday, 25 February 2003, 12:12 PM CET


Interview with Cyrus Peikari
The CEO of AirScanner Mobile Security and co-author of "Maximum Wireless Security" talks about wireless security. [more]
Monday, 24 February 2003, 6:50 PM CET


HNS Book Giveaway - Counter Hack
We are giving away 3 copies of "Counter Hack: A Step-by-Step Guide to Computer Attacks and Effective Defenses" by Ed Skoudis. Want some knowledge? [more]
Monday, 24 February 2003, 6:44 PM CET


HNS Newsletter Issue 150 has been released
Get it in TXT or PDF format. If you haven't done it yet, consider subscribing. This issue is sponsored by Application Security. Get a FREE sample vulnerability assessment of your database and applications. [more]
Monday, 24 February 2003, 6:24 PM CET


Wi-Fi Security Gets a Boost
802.11i standard will plug security holes, but products may not be available for almost a year. [more]
Monday, 24 February 2003, 6:21 PM CET


HNS Book Giveaway
We gave away 3 copies of "Cisco Secure PIX Firewalls" and 3 copies of "Web Security Field Guide". Are you one of the winners? [more]
Monday, 24 February 2003, 6:04 PM CET


White hat hacking school
After five days learning how to enter networks illicitly, 12 more white-hat hackers have joined the growing ranks of IT experts who think and act as the bad guys do. [more]
Monday, 24 February 2003, 5:43 PM CET


Swiss crack e-mail encryption code
Researchers at a Swiss university have cracked the technology used to keep people from eavesdropping on e-mail sent over the Web, but U.S. experts said that the impact would likely be minimal. [more]
Monday, 24 February 2003, 5:41 PM CET


Citibank gags crypto researchers
The High Court in London has imposed an injunction on Cambridge University security experts who claim to have uncovered serious failings in the system banks use to secure ATM PIN codes. [more]
Monday, 24 February 2003, 4:23 PM CET


Sysadmin Tales of Terror
The biggest challenge a system administrator ever faces is inheriting a networking mess: taking on a new job, or a new client, with a computing infrastructure that has grown without rhyme or reason. [more]
Monday, 24 February 2003, 4:19 PM CET


Book Review: Mission-Critical Security Planner
If you want to do security planning and you don't know where to start, this book is mandatory reading material. It will make your life easier and your system more secure. [more]
Friday, 21 February 2003, 7:29 PM CET


Weekly Virus Report
Three worms -Lovgate.A, W32/Tang and Kingpdt- and two Trojans -Nzlog and Aileen- are the subjects of this report on malicious code. [more]
Friday, 21 February 2003, 7:19 PM CET


Swiss crack email encryption
Researchers have found a way to unlock SSL-encrypted emails, but the real-world impact of their accomplishment is doubtful. [more]
Friday, 21 February 2003, 3:31 PM CET


Secure Chat with YTalk and SSH
Robert Bernier re-introduces the venerable and powerful YTalk and demonstrates how it can be used securely with SSH. [more]
Friday, 21 February 2003, 3:30 PM CET


A user's guide to online security
Computer security used to mean making sure that the door was locked on your way out of the house. Thanks to the internet, security means protecting your computer from electronic assailants as well. [more]
Friday, 21 February 2003, 3:27 PM CET


Lawyers: Hackers sentenced too harshly
A new paper argues that hacking cases should be treated as white-collar fraud, not as terrorism. [more]
Friday, 21 February 2003, 3:26 PM CET


How to get an ATM PIN number in 15 guesses
Cambridge researchers have documented a worrying PIN cracking technique against the hardware security modules commonly used by bank ATM machines. [more]
Friday, 21 February 2003, 3:25 PM CET


Interview with Judy Novak
Judy Novak is the co-author of the acclaimed "Network Intrusion Detection 3/e". Read her opinion on intrusion detection, open source, the disclosure of vulnerabilities and more. [more]
Thursday, 20 February 2003, 6:06 PM CET


First Honeyd Challenge - Test Your Programming Skills
Honeyd is a virtual honeypot running as a small daemon to create virtual hosts on a network. The goal of this challenge is to develop interesting feature additions to Honeyd. [more]
Thursday, 20 February 2003, 6:05 PM CET


DMCA Blocks Tech Progress
Silicon Valley executives and other insiders meet with lawmakers to discuss how the Digital Millennium Copyright Act adversely impacts technology innovation - and what they can do about it. [more]
Thursday, 20 February 2003, 6:02 PM CET


Security: Fighting the enemy within
How do you protect your network against a threat you can't see? New security automation can establish policies, and consistently audit and monitor them for compliance. [more]
Thursday, 20 February 2003, 5:50 PM CET


Root of massive credit card theft found
An attacker who gained access to millions of credit card numbers did it by breaking into a computer system at a company that handles transactions for catalog companies and other direct marketers. [more]
Thursday, 20 February 2003, 5:47 PM CET


Fighting piracy with P2P blocking
For months, the digital equivalent of a postal censor has been sorting through virtually all file-swapping traffic on the University of Wyoming's network. [more]
Thursday, 20 February 2003, 5:46 PM CET


New OpenSSL Security and Bugfix Releases
The OpenSSL announced the release of version 0.9.7a of their open source toolkit for SSL/TLS. This new OpenSSL version is a security and bugfix release. [more]
Thursday, 20 February 2003, 4:03 PM CET


Remote Users Are The Weakest Link
Say there's a remote worker who connects to the corporate net through a VPN, and to the Internet via broadband and a Wi-Fi hub. That broadband link could be vulnerable and let someone "piggyback" into the VPN. [more]
Thursday, 20 February 2003, 1:28 AM CET


Book Review - Cisco Secure Virtual Private Networks
This publication is designed to give the readers basic knowledge of planning, administering and maintaining Virtual Private Networks. [more]
Wednesday, 19 February 2003, 7:56 PM CET


Mitsubishi develops one-time password system
Engineers at Mitsubishi have developed a one-time password system for use on mobile Internet services. [more]
Wednesday, 19 February 2003, 4:17 PM CET


Xitami Web Server Review at Unix Review
Xitami highlights a Web-based administrator, the LRWP Protocol, XML, a built-in FTP server, and more. The commercial version, Xitami Pro, supports full SSL layer 2 and 3, and uses OpenSSL source. [more]
Wednesday, 19 February 2003, 4:12 PM CET


Internet fraud expanding, security experts warn
Corporate computer security professionals should be aware that Internet fraud is not only growing in frequency but also expanding in scope. [more]
Wednesday, 19 February 2003, 3:02 PM CET


Russian Major Cellular Company Client Database Stolen
Russian media have caused a commotion regarding the fact that the client base of Russia's largest cellular operator has been stolen. [more]
Wednesday, 19 February 2003, 2:05 PM CET


Real boss tackles online piracy
The online piracy of songs and films can be stopped but just shutting down illegal file-sharing services is not enough, says Rob Glaser, boss of Real Networks. [more]
Wednesday, 19 February 2003, 1:47 PM CET


Cisco expands its line of intrusion-detection tools
Cisco Systems will announce new intrusion-protection software and firewall enhancements, including functionality designed to lower IT staffing costs by reducing false or irrelevant system-intrusion alarms. [more]
Wednesday, 19 February 2003, 1:39 PM CET


Secure MySQL Database Design
This article will discuss various methods to secure databases, specifically one of the most popular freeware databases in use today, MySQL. [more]
Wednesday, 19 February 2003, 1:30 PM CET


Interview with Ed Skoudis, author of "Counter Hack"
Ed Skoudis talks about his book and general security issues and tools. [more]
Tuesday, 18 February 2003, 1:38 PM CET


Hacker accesses 5.6 million credit cards
A hacker has gained access to as many as 5.6 million Visa and MasterCard accounts, the two companies announced. [more]
Tuesday, 18 February 2003, 1:37 PM CET


Creating Your Own CA
Become your own Certificate Authority, and sign your own - or others' - SSL certificates. [more]
Tuesday, 18 February 2003, 1:28 PM CET


Users tout open source security
When the right technology doesn't exist or isn't available at the right price, many large companies get creative and build their own custom systems, such as routers, firewalls or VPN gear. [more]
Tuesday, 18 February 2003, 1:08 AM CET


Police issue virus warning
The National Hi-Tech Crime Unit has warned firms not to become complacent about antivirus protection, despite fewer reported virus infections last year. [more]
Tuesday, 18 February 2003, 12:49 AM CET


Book Review - Maximum Wireless Security
This book aims to give you the knowledge you need to bring maximum security to your network, by teaching you how that security can and will be broken. [more]
Monday, 17 February 2003, 1:26 PM CET


HNS Newsletter Issue 149 has been released
Get it in TXT or PDF format. If you haven't done it yet, consider subscribing. This issue is sponsored by Application Security. Get a FREE sample vulnerability assessment of your database and applications. [more]
Monday, 17 February 2003, 1:24 PM CET


Kazoa Worm, NTRootkit Tool and Egrof Trojan
This week's report looks at a Trojan calledEgrof, the 'C' variant of the Kazoa worm and the NTRootkit tool, used by attackers to hide their activity on the computers they attack. [more]
Monday, 17 February 2003, 1:23 PM CET


Richard Clarke's Legacy of Miscalculation
The outgoing cybersecurity czar will be remembered for his steadfast belief in the danger of Internet attacks, even while genuine threats developed elsewhere. [more]
Monday, 17 February 2003, 1:22 PM CET


UK.gov aims to demystify security for SMEs
UK online for business has launched a security section on its Web site, designed to help small business keep abreast of the latest Internet threats and how to combat them. [more]
Monday, 17 February 2003, 1:22 PM CET


Even Security Firms at Risk for Break-Ins
Security engineers at Addamark Technologies noticed that someone accessed a confidential, password-protected document on the company's Web server that contained technical product details... [more]
Monday, 17 February 2003, 1:17 PM CET


HNS Book Giveaway
We are giving away 3 copies of "Cisco Secure PIX Firewalls" and 3 copies of "Web Security Field Guide". Want some knowledge? [more]
Monday, 17 February 2003, 3:01 AM CET


How to use a personal DNS for root-server attack isolation
Provided a couple of programmers are correct, what started out as an attempt to provide better DNS server performance on Windows machines may also be one way to reduce DNS security concerns. [more]
Monday, 17 February 2003, 2:40 AM CET


HNS Book Giveaway Winners
Six lucky winners have been chosen, each one gets a book. Are you one of them? [more]
Monday, 17 February 2003, 1:59 AM CET


Book review - Web Security Field Guide
This "Field guide" should be of interest to the novice and inter-mediate readers interested in enchancing the security of their Microsoft based installations. [more]
Friday, 14 February 2003, 2:55 PM CET


Interview with Adam N. Bosnian
Vice President, Sales and Marketing of Elron Software talks about the company, viruses, spam and internet monitoring. [more]
Friday, 14 February 2003, 10:45 AM CET


FTD.com hole leaks personal information
A security flaw on the Web site leaves private information open to harvesting just before Valentine's Day, one of the busiest times of the year for the online florist. [more]
Friday, 14 February 2003, 10:26 AM CET


Red Hat, Oracle to certify Linux for the government
Red Hat and Oracle have teamed to get Linux evaluated under the Common Criteria, a certification that could open doors for the broader use of open-source software by government agencies. [more]
Friday, 14 February 2003, 10:18 AM CET


Computer Worms Turn, But Business Slow To Insure Against Risk
Economist Bob Hartwig once predicted that cyber insurance would grow to $2.5 billion in sales by 2002. Industry officials doubt that actual sales have topped $100 million yet. [more]
Friday, 14 February 2003, 12:51 AM CET


Are You Infected? Detecting Malware Infection
This article discusses how to determine whether or not the system has been infected and offers tips on to manually disinfect the system. [more]
Friday, 14 February 2003, 12:39 AM CET


Some experts say cyberterrorism is very unlikely
For years, government experts have warned a "cyberterrorism" attack could amount to "an electronic Pearl Harbor." Now, a less alarmist viewpoint is emerging from experts who say the comparison is overblown. [more]
Friday, 14 February 2003, 12:37 AM CET


Detecting Server Compromises
How can I determine if my Linux server has been hacked? How can I be sure that I haven't been hacked? Jay Beale responds. [more]
Friday, 14 February 2003, 12:35 AM CET


New celebrity virus: Catherine Zeta-Jones
The popularity of Catherine Zeta-Jones has led to the actress being used as a hook to tempt users into launching a virus on their PCs. [more]
Friday, 14 February 2003, 12:31 AM CET


Government warns 'patriot hackers'
The FBI's National Infrastructure Protection Center warned that growing tensions between the United States and Iraq could lead to an increase in global computer hacking activities on both sides. [more]
Friday, 14 February 2003, 12:30 AM CET


Interview with Martin Croome
The European General Manager of Socket Communications talks about the company and wireless security issues. [more]
Thursday, 13 February 2003, 1:11 PM CET


Mitnick Banned From Security Group
The famous ex-hacker is a member of the world's largest not-for-profit computer security organization... for about two minutes. [more]
Thursday, 13 February 2003, 1:10 PM CET


Web services changes the security game
Peter Judge: People don't want to wait for Web services - so the security industry is going to have to shift a generation pretty quickly. [more]
Thursday, 13 February 2003, 12:50 PM CET


New Linux Support Policies are Ominous
Red Hat and Mandrake are cutting support for older versions of their Linux distributions. The results will be a security nightmare for the Internet. [more]
Thursday, 13 February 2003, 5:44 AM CET


Police recover disk at centre of ID theft flap
A hard drive that contained confidential details about hundreds of thousands of insurance company clients has been recovered by Canadian police. [more]
Thursday, 13 February 2003, 5:43 AM CET


How to tighten the loose security in wireless networks
If proper security precautions are implemented into a wireless deployment at the outset, the risks associated with this enabling technology can be greatly reduced. [more]
Thursday, 13 February 2003, 5:39 AM CET


Spam Offers: Some Legit, Most Not
Ever wonder what happens when you respond to unsolicited e-mail come-ons to make money at home, pump up your manhood or spy on anyone online? Turns out, spam begets spam. And that's usually about it. [more]
Thursday, 13 February 2003, 5:36 AM CET


Interview with Rich Bowen
The co-author of Apache Administrator's Handbook talks about his book and Apache in general. [more]
Wednesday, 12 February 2003, 1:56 PM CET


KaVaDo: New Version of ScanDo Web Application Scanner
ScanDo is a Web application scanner that assesses the entire Web application to identify security loopholes. [more]
Wednesday, 12 February 2003, 1:54 PM CET


One in Every 145 Emails is a Virus
One in every 145 e-mails sent and received by small- to medium-sized enterprises during January 2003 contained a virus, according to VIA NET.WORKS UK, a provider of managed Internet services for business. [more]
Wednesday, 12 February 2003, 1:52 PM CET


Panda Reports the Appearance of a New Worm/Trojan
Panda Software Reports the Appearance of a New Worm/Trojan: Kazoa.C, alias Gool. [more]
Wednesday, 12 February 2003, 1:52 PM CET


Microsoft offers E-mail security newsletter
Microsoft, in an effort to boost security awareness after a recent high-profile breach of its software, said that it would start sending e-mail newsletters to users about computer security threats and issues. [more]
Wednesday, 12 February 2003, 12:36 PM CET


Open and closed security are roughly equivalent
Open and closed approaches to security are basically equivalent, with opening a system up to inspection helps both attackers and defenders. [more]
Wednesday, 12 February 2003, 12:33 PM CET


Cybercrime show tackles terrorism
Amid heightened awareness of terrorism and computer attacks, computer crime professionals gathered at the Foxwoods Resort Casino here this week to hone their cybersleuthing skills at the annual Cybercrime conference. [more]
Wednesday, 12 February 2003, 12:04 PM CET


Forensics on the Windows Platform, Part Two
In this article we will concentrate on the areas of a Windows file system that are likely to be of most interest to forensic investigators and the software tools that can be used to carry out an investigation. [more]
Wednesday, 12 February 2003, 11:29 AM CET


FTP Server Offers Key to the Store
Sloppy practices leave critical user IDs and passwords available for public download. [more]
Wednesday, 12 February 2003, 11:25 AM CET


How we can stop identity theft--for good
This crime will not stop until the government steps in to regulate corporate privacy policies, and companies that handle your personal data are held liable for any abuses carried out by their employees. [more]
Wednesday, 12 February 2003, 11:14 AM CET


Interview with Charles R. Elden
The independent security consultant, former CIA employee and co-author of "Wireless Security and Privacy" talks about wireless security. [more]
Tuesday, 11 February 2003, 4:33 PM CET


NAI Unveils 'InfiniStream Security Forensics' Solution
InfiniStream Security Forensics is a forensics analysis solution that allows enterprise customers worldwide to reconstruct, understand and prevent harmful network activity and security events. [more]
Tuesday, 11 February 2003, 4:31 PM CET


Wireless LAN Security: Risks & Defenses Web Seminar
In this one hour AirDefense web seminar, you should be informed how you can protect your WLANs with a layered security approach. [more]
Tuesday, 11 February 2003, 4:31 PM CET


Go the extra mile - secure Windows admin account
Here's a look at the steps you can take to manage access to the Windows administrator account and improve security of how it's used by IT staff. [more]
Tuesday, 11 February 2003, 4:30 PM CET


Spyware found in 30% of European businesses
Almost one-third of European companies have been infected with spyware applications on their networks, according to research. [more]
Tuesday, 11 February 2003, 3:29 PM CET


HNS Newsletter Issue 148 has been released
Get it in TXT or PDF format. If you haven't done it yet, consider subscribing. This issue is sponsored by Application Security. Get a FREE sample vulnerability assessment of your database and applications. [more]
Tuesday, 11 February 2003, 3:20 PM CET


How Vulnerable Is the Internet Now?
According to Gartner research director Richard Stiennon, it would not be difficult for an attacker to send spoofed routing tables to poorly configured routers and misdirect traffic across large parts of the Internet. [more]
Tuesday, 11 February 2003, 2:20 PM CET


Secure future for SSL VPNs
Simplifying VPNs by using the browser-based SSL will instigate a fundamental change in the use of VPNs in enterprises, according to research from The Tolly Group. [more]
Tuesday, 11 February 2003, 2:14 PM CET


Interview with David W. Chapman
The President and Principal Consultant for SecureNet Consulting talks about firewalls. [more]
Monday, 10 February 2003, 10:53 PM CET


NetIQ and Cisco Security Web Seminars
If you like to participate in online web seminars, you may find these two interesting: NetIQ's Security Webcast Featuring Kevin Mitnick and Cisco's Enhancing Network Security Monitoring with IDS Technology Webcast. [more]
Monday, 10 February 2003, 5:06 PM CET


Feds Consider Waging Cyber War
The government is studying ways to use cyberattacks against their enemies. [more]
Monday, 10 February 2003, 4:13 PM CET


GSM security flaws exposed
Steve Lord, consultant, X-Force Security Assessment Services for Internet Security Systems, argues that, while some functions of GSM offer impressive levels of security, others should not be trusted. [more]
Monday, 10 February 2003, 4:08 PM CET


HNS Book Giveaway
We are giving away 3 copies of "Firewalls and Internet Security: Repelling the Wily Hacker 2/e" and 3 copies of "Managing Information Security Risks: The OCTAVE Approach". Want some knowledge? [more]
Monday, 10 February 2003, 12:57 PM CET


SunScreen, Part Two: Policies, Rules, and NAT
This article covers some of the rudimentary facilities in SunScreen such as adding and removing rules, setting up a remote management station, and network address translation. [more]
Monday, 10 February 2003, 12:55 PM CET


Backpackers' savings at risk from online banking scam
Attackers are preying on backpackers, using internet cafes to steal thousands of dollars of travellers' savings from online bank accounts. [more]
Monday, 10 February 2003, 12:48 PM CET


How to build a secure WLAN
For real-time communications like Wi-Fi, a comprehensive real-time network protection strategy is required to enable pervasive, widespread deployment. [more]
Monday, 10 February 2003, 12:37 PM CET


HNS Book Giveaway Winners
Three lucky winners have been chosen, each one gets a copy of "Understanding PKI: Concepts, Standards, and Deployment Considerations 2/e". Are you one of them? [more]
Monday, 10 February 2003, 11:50 AM CET


Book Review: Counter Hack
If you're in charge of the security of a network or just a security enthusiast, you'll find this book of great value. [more]
Friday, 7 February 2003, 2:21 PM CET


Student Charged With Hacking and Information Theft
A Boston College student was indicted on charges he penetrated the campus computers, gathered personal information on more than 4,000 people, and stole about $2,000 in goods and services. [more]
Friday, 7 February 2003, 2:20 PM CET


Stalkers Use GPS to Track Victims
Two recent cases in which stalkers used global positioning system receivers to follow their victims' movements spark concern among law enforcement. Meanwhile, police install GPS systems of their own. [more]
Friday, 7 February 2003, 1:53 PM CET


Man Charged with Hacking ViewSonic System
A former employee of ViewSonic Corp. was arrested on Thursday for allegedly hacking into its computer system and destroying data, shutting down a server that was central to the firm's foreign operations. [more]
Friday, 7 February 2003, 1:42 PM CET


The hackers are coming to town
There was a time when the term hacker, even to the generalist, was nothing uncomplimentary. There were people of all ages who had this urge to fiddle with computer hardware or meddle with code. [more]
Friday, 7 February 2003, 1:39 PM CET


Brother, can you spare some privacy?
Companies that wish to display the TRUSTe seal on their Web site will have to demonstrate a higher level of privacy protection. [more]
Friday, 7 February 2003, 1:03 PM CET


ISA to consumers: Think security
A coalition of technology companies and others doing business on the Internet have released a list of nine steps they believe consumers should take to protect themselves. [more]
Friday, 7 February 2003, 12:43 PM CET


Web worm suspects bailed
Two people suspected of creating the TK web worm have been released on bail. [more]
Friday, 7 February 2003, 11:20 AM CET


Book Review: Managing Information Security Risks
This book provides a powerful documentation on CERT/CC's Operationally Critical Threat, Asset, and Vulnerability Evaluation. [more]
Thursday, 6 February 2003, 2:20 PM CET


Interview with Dr. Nicko van Someren, CTO of nCipher
Dr. Nicko van Someren talks about nCipher, XML security, enterprise security and more. [more]
Thursday, 6 February 2003, 1:17 PM CET


Secure Configuration of Servers Stops SQLSlammer and Others
Here are some basic protection measures, with a particular emphasis on those that provide Internet services. [more]
Thursday, 6 February 2003, 1:16 PM CET


India gets its first cyber convict
A 24-year-old engineer from Delhi has earned the dubious distinction of being the first person in India to be convicted for a cyber crime. A city court convicted Asif Azim for using an American citizen's credit card to make an online purchase. [more]
Thursday, 6 February 2003, 1:14 PM CET


The Great IDS Debate
In this article, we'll examine and compare the two different techniques: signature analysis and protocol analysis. [more]
Thursday, 6 February 2003, 1:13 PM CET


Online child porn arrests total 1,600
More than 1,600 men have so far been arrested in Operation Ore, the huge UK police investigation into child porn on the internet. [more]
Thursday, 6 February 2003, 1:10 PM CET


Open wireless networks pose dilemma
If you want to know how unsecure today's wireless networks are, just ask the people who make it their mission to locate the access points designated by companies and consumers around the world. [more]
Thursday, 6 February 2003, 1:06 PM CET


Worm spread worldwide in 10 minutes
It only took 10 minutes for the SQL Slammer worm to race across the globe and wreak havoc on the Internet two weeks ago, making it the fastest-spreading computer infection ever seen. [more]
Thursday, 6 February 2003, 1:02 PM CET


Bush's database faces privacy, not technical, concerns
Bush's plan for a massive antiterrorism database center, could be up and running within months from a technology standpoint, but harder to overcome will be privacy concerns of a non-technical nature. [more]
Thursday, 6 February 2003, 1:01 PM CET


Mac turns security guard
A Mac video motion-detection package has been released as a home-and-office security solution. [more]
Thursday, 6 February 2003, 12:52 PM CET


Interview with Ratmir Timashev, CEO of Aelita Software
Ratmir Timashev talks about his company, backup and recovery problems, as well as general security issues. [more]
Wednesday, 5 February 2003, 4:08 PM CET


Advantages of Block-Based Protocol Analysis for Security Testing
This paper describes a effective method for black-box testing of unknown or arbitrarily complex network protocols for common problems relating to the security of a program or system. [more]
Wednesday, 5 February 2003, 4:04 PM CET


ActiveState PureMessage Tested for UnixReview
PureMessage is a full-featured mail filtering system that can be used as a combination filter/MTA solution or a standalone filter that passes messages on to a MTA for delivery. Here's a test. [more]
Wednesday, 5 February 2003, 3:59 PM CET


The Crypto Gardening Guide and Planting Tips
The intent of this document is to cover some of the real-world constraints for cryptographers, to point out problems that their designs will run into when attempts are made to deploy them. [more]
Wednesday, 5 February 2003, 3:50 PM CET


Secure your DNS - replace BIND
BIND has become the most popular DNS server on the Internet. It is also a favorite attacker target. For organisations that require a more secure DNS infrastructure, the djbdns package may be the answer. [more]
Wednesday, 5 February 2003, 1:10 PM CET


Smallpot: Tracking the Slapper and Scalper Unix Worms
This article will look at the Smallpot Project, a generic honeypot designed to track almost any malware on the Internet, using the Slapper and Scalper worms as a case study. [more]
Wednesday, 5 February 2003, 12:59 PM CET


The Big Lessons of a Little Worm
If Slammer's weekend assault had come just 48 hours later, the end result might have been a virtual Net shutdown. Institutional investors unable to make trades could have lost billions of dollars. [more]
Wednesday, 5 February 2003, 12:55 PM CET


Web services group still seeking security
A group working to ensure the compatibility of Web services software is preparing to tackle its biggest challenge yet: Security. [more]
Wednesday, 5 February 2003, 12:53 PM CET


Responding In Kind
Microsoft Security Response Center revamps its advisory and patch processes. [more]
Wednesday, 5 February 2003, 12:50 PM CET


HNS Book Giveaway - Understanding PKI
We are giving away 3 copies of "Understanding PKI: Concepts, Standards, and Deployment Considerations 2/e" by Carlisle Adams and Steve Lloyd. Want some knowledge? [more]
Tuesday, 4 February 2003, 2:00 PM CET


HNS Book Giveaway Winners
Six lucky winners have been chosen, each one gets a book. Are you one of them? [more]
Tuesday, 4 February 2003, 1:57 PM CET


Webcast - Eliminate the SANS/FBI Top 20 Internet Vulnerabilities
In the following two briefings, Jason Fossen and Hal Pomeranz will provide highlights from their courses that will help you eliminate the SANS/FBI Top 20 vulnerabilities. [more]
Tuesday, 4 February 2003, 1:04 PM CET


Snooping stalled
The U.S. House of Representatives and President Bush should concur with a unanimous Senate vote that struck a blow for the privacy rights of Americans. [more]
Tuesday, 4 February 2003, 1:02 PM CET


Mitigating Voice Telephony Security and Fraud Risks
The trend toward the convergence of telephony and computer systems has exposed voice systems to abusers. IT executives should implement plans that will mitigate the chances of a hacker's success. [more]
Tuesday, 4 February 2003, 11:58 AM CET


Cyber attacks down, but vulns soar
The level of cyber attacks decreased for the first time in the second half of 2002, dropping six per cent. [more]
Tuesday, 4 February 2003, 11:30 AM CET


Securing Systems with chroot
One popular technique crackers use to compromise machines is exploiting buffer overflows. Learn how to minimize the damage by using chroot. [more]
Tuesday, 4 February 2003, 11:27 AM CET


Security strategies: fortress or airport?
CIOs are scratching their heads, trying to figure out if they should adopt fortress-type security systems or move towards a multi-layered security strategy. [more]
Tuesday, 4 February 2003, 11:21 AM CET


Worm turns on The Archers
The BBC has been hit by a virus for the second time in a month. [more]
Tuesday, 4 February 2003, 11:16 AM CET


Interview with Steven Dabbs, CEO & President of ScannerX
We have talked with Steven Dabbs, CEO & President of ScannerX, about automated vulnerability assessment services his company offers and vulnerabilities in general. [more]
Monday, 3 February 2003, 4:36 PM CET


eSecurity: Towards a more secure Internet environment
eSecurity is not only a concern in specialised areas such as aerospace, military applications and banking, but an issue for governments, businesses and consumers alike. [more]
Monday, 3 February 2003, 4:15 PM CET


HNS Newsletter Issue 147 has been released
You can read the Newsletter in TXT or PDF format. If you haven't done it yet, consider subscribing. This issue is sponsored by ScannerX. [more]
Monday, 3 February 2003, 4:00 PM CET


Secure Linux preparing for industrial control
A version of Linux hardened by the US Government is being proposed for industrial control systems. [more]
Monday, 3 February 2003, 3:27 PM CET


Something Needs to Change
With the Slammer worm network security becomes literally a matter of life and death. Where do we go from here? [more]
Monday, 3 February 2003, 2:48 PM CET


Mobile users face growing virus threat
Virus writers are not yet targeting mobile platforms, but is this the calm before the storm? [more]
Monday, 3 February 2003, 2:46 PM CET


TightVNC: Remote X the secure, fast & easy way
Looking for a software solution to help him access his home desktop remotely, Joe Barr finds more than he'd hoped for in TightVNC. [more]
Monday, 3 February 2003, 11:17 AM CET


Slammer Didn't Hurt, But the Next One Might
Agency says its air traffic control network wasn't compromised by worm's attack on the Internet, but admits it could happen in the future. [more]
Monday, 3 February 2003, 11:12 AM CET


Microsoft security gets an 'F'
"Trustworthy Computing is failing," Russ Cooper of TruSecure Corp. said of the Microsoft initiative. "I gave it a 'D-minus' at the beginning of the year, and now I'd give it an 'F."' [more]
Monday, 3 February 2003, 11:08 AM CET


Should Microsoft pay your security patch costs?
The cost of keeping your network and systems secure should be a shared burden, not just a cost of doing business. [more]
Monday, 3 February 2003, 11:04 AM CET


Spotlight

The psychology of phishing

Posted on 23 July 2014.  |  Cybercriminals no longer send out thousands of emails at random hoping to get a handful of hits, today they create highly targeted phishing emails which are tailored to suit their recipients.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Thu, Jul 24th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //