Off the Wire

Off The Wire Archive

News items for February 2005

Phishers chip away at web security
13,000 new scam emails reported in January alone. [more]
Monday, 28 February 2005, 5:34 PM CET

Security+ added as MCSA/MCSE exam options
David Lowe, product manager for security with Microsoft's Training and Certification group, confirmed in a phone conversation that CompTIA's Security+ exam can now be used to satisfy the elective portion of the MCSA and MCSE on Windows 2000 tracks. [more]
Monday, 28 February 2005, 3:01 PM CET

Caught a virus?
It can be hard to tell if your PC is infected. Here's what to do if you suspect the worst. [more]
Monday, 28 February 2005, 1:42 PM CET

Do we need a new SPIM law?
Existing statutes may not be enough to crack down on Instant Messaging spammers. [more]
Monday, 28 February 2005, 1:27 PM CET

McAfee works WiFi security
Security software vendor McAfee has unveiled a free online tool for scanning wireless networks. [more]
Monday, 28 February 2005, 1:24 PM CET

eBay provides a backdoor for phishers
Phishers are exploiting a redirection script on eBay's site to make fraudulent emails look more convincing. [more]
Monday, 28 February 2005, 1:23 PM CET

Strong authentication
In this video Mr. Andrew Nash, Director of Technology, Office of the CTO, RSA Security, talks about strong authentication and how identity has become an increasing concern. [more]
Monday, 28 February 2005, 1:21 PM CET

The cost of anti-piracy
Mobile makers will have to pay a pretty penny for open-standard, anti-piracy technology. [more]
Monday, 28 February 2005, 11:36 AM CET

Mozilla warns of security holes, patches Firefox
Several security vulnerabilities in Firefox and the Mozilla Suite of Internet software put users of the open-source products at risk of hacker attacks, the Mozilla Foundation warned Thursday. [more]
Monday, 28 February 2005, 11:32 AM CET

Loki puts donations toward $1m MPAA payoff
Give the MPAA credit for a huge win against P2P file-trading technology. A recent settlement has exposed the scaly underbelly of some P2P site operators. In particular, the MPAA has outed Edward Webber - the owner of BitTorrent hub LokiTorrent. [more]
Monday, 28 February 2005, 11:31 AM CET

Understanding the ISA 2004 access rule processing
This article explores how ISA Server 2004 process the different rule lists and how a particular rule is chosen to validate a particular outgoing request. [more]
Monday, 28 February 2005, 11:27 AM CET

Microsoft patches "blue screen of death" In Windows XP SP2
It may not be the second Tuesday of the month -- Microsoft's normal day to release security bulletins and patches -- but the Redmonddeveloper has posted a critical fix to Windows XP SP2. [more]
Friday, 25 February 2005, 8:53 AM CET

ID theft victims face lifetime of vigilance
Warren Lambert thought it was just another piece of junk mail until he read the letter more closely and learned that con artists may have obtained his Social Security number, name and address -- just what they need to steal his identity and ruin his credit. [more]
Friday, 25 February 2005, 8:51 AM CET

Hilton hack underscores mobile security lapses
Kevin Kissell, an architect at MIPS Technologies Inc., said he wondered "whether the hackers accessed numbers stored in the phone — a default for most mobiles — or on the SIM card." He also wondered "whether the outcome might have been different if Ms. Hilton had stored her numbers on the SIM." [more]
Friday, 25 February 2005, 8:42 AM CET

California woman sues ChoicePoint
A California woman has filed the first lawsuit against ChoicePoint for fraud and negligence in the wake of the company's recent disclosure that it sold personal information about more than 140,000 people to identity thieves. [more]
Friday, 25 February 2005, 6:45 AM CET

Courts question anti-piracy rule
The US broadcast regulator has been told by appeal judges it has "crossed the line" with an anti-piracy tag which stops programmes being copied. [more]
Friday, 25 February 2005, 5:04 AM CET

You are your worst security liability
While IT managers scramble to buy products to guard against external threats, they're ignoring the enemy within: Their own errors in setting up network security. [more]
Friday, 25 February 2005, 4:22 AM CET

Four passwords needed to foil hackers
CompTIA warned that people should use multiple passwords, because if one is compromised or stolen they could become the victim of identity theft or financial loss. And if the lost password is the same one used at work, the organization warned that "the consequences for your employer could be disastrous." [more]
Friday, 25 February 2005, 3:29 AM CET

Spy fears spook IBM-Lenovo deal
For years the Chinese government fretted that the US was using its technology lead to spy on the country - but now the tables are turned. [more]
Friday, 25 February 2005, 2:06 AM CET

China walks out of wireless LAN security talks
China walked out of a wireless standards meeting this week, accusing the International Organization for Standardization of favoring the IEEE's 802.11i ANSI-certified wireless LAN security scheme over its own controverisal proposal, EE Times has learned. [more]
Friday, 25 February 2005, 1:16 AM CET

Keeping your organization’s security current
Although cyber security is critically important, there are those people whose jobs are so demanding that security gets neglected. [more]
Friday, 25 February 2005, 12:17 AM CET

Reuters reviews IT security
Need to integrate security with storage and business continuity. [more]
Thursday, 24 February 2005, 12:07 PM CET

GSA works on ID guide
General Services Administration officials are developing a guidebook to help federal agencies comply with the upcoming standards on issuing secure credentials to their employees and contractors. [more]
Thursday, 24 February 2005, 12:06 PM CET

No encryption for e-passports
Despite cries from security watchdogs, the United States plans to roll out RFID-enabled passports without encrypting the personal data, downplaying theft threats. [more]
Thursday, 24 February 2005, 12:05 PM CET

T-Mobile voice mail compromised - how to protect yourself
It’s very strange to listen to an MP3 recording of your own voice mail. [more]
Thursday, 24 February 2005, 11:09 AM CET

Windows firewall has a backdoor?
I was just poking around with the Windows Firewall on my system. When I went to look at the exceptions, I was confronted with an entry that I couldn't recognize, rk.exe. [more]
Thursday, 24 February 2005, 10:58 AM CET

Oracle wraps top-notch security around Linux
Oracle has tightened up the security of a number of its products to allow customers to use them in critical national infrastructures, including in conjunction with open source technology from Linux. [more]
Thursday, 24 February 2005, 10:56 AM CET

Security concern constant but not consistent
Research from Netegrity has shown that security remains a key issue for UK businesses, but its implementation in the face of current corporate pressures, most notably access management and regulatory compliance, is not consistent. [more]
Thursday, 24 February 2005, 10:49 AM CET

Feds square off with organized cyber crime
Computer intruders are learning to play well with others, and that's bad news for the Internet, according to a panel of law enforcement officials and legal experts speaking at the RSA Conference in San Francisco last week. [more]
Thursday, 24 February 2005, 10:48 AM CET

How cell phones get hacked
A cell phone virus turned up at an electronics store in Santa Monica earlier this week. [more]
Thursday, 24 February 2005, 10:47 AM CET

UK gets official virus alert site
A rapid alerting service that tells home computer users about serious internet security problems is being launched by the UK government. [more]
Thursday, 24 February 2005, 10:45 AM CET

Vendors agree vulnerability scoring system
Leading IT suppliers are banding together to develop a system designed to standardise the rating of security vulnerabilities. [more]
Wednesday, 23 February 2005, 3:49 PM CET

Microsoft settles with Dutch site over AntiSpyware row
Microsoft to compensate and apologize for flagging the company's homepage as malicious content. [more]
Wednesday, 23 February 2005, 3:48 PM CET

MS and security: good effort but no cigar
The low-hanging fruit of millions of insecure Windows machines is rapidly falling from the tree. [more]
Wednesday, 23 February 2005, 12:09 PM CET

ID theft victims could lose twice
People who suffer losses as a result of the recent ChoicePoint security breach are not likely to find a friend in the courts, even if they can prove the company is negligent in protecting their data. [more]
Wednesday, 23 February 2005, 12:06 PM CET

Feds prepare security test
The federal government and several international partners will hold a cyber preparedness exercise in November, Homeland Security Department officials said here at the RSA Conference. [more]
Wednesday, 23 February 2005, 12:04 PM CET

HP's ProCurve tightens network security
New routers and access controller module expected in April. [more]
Wednesday, 23 February 2005, 12:03 PM CET

Telecom fraud: the cost of doing nothing just went up
In today's business environment, IT network security is vitally important, with security breaches across voice and data networks growing by the day. [more]
Wednesday, 23 February 2005, 10:37 AM CET

Virus alert: don't open FBI e-mail
Don't open those e-mail attachments that appear to be from the FBI. They might contain a computer virus. [more]
Wednesday, 23 February 2005, 10:11 AM CET

How serious is that security flaw?
Microsoft and Symantec are backing a plan to create a severity scoring system for software holes. [more]
Wednesday, 23 February 2005, 10:07 AM CET

EU offers privacy guidelines for RFID
Commission offers assessment of privacy and data protection issues related to RFID. [more]
Wednesday, 23 February 2005, 10:03 AM CET

Keep online documents secure
As companies look for better ways to secure online documents and E-mail, whether to protect sensitive information or to comply with government regulations, they're increasingly turning to a growing class of security software known as enterprise digital-rights management. [more]
Wednesday, 23 February 2005, 9:57 AM CET

Security managers take heart
IT security is out of hand - too many security threats, too many security products, too many devices, too much at risk. [more]
Wednesday, 23 February 2005, 9:55 AM CET

Will Firefox's growing profile make it a target for attackers?
Do we live in a perfect world? No. Will additional Firefox vulnerabilities appear over time? Absolutely. Is Firefox still significantly safer than Internet Explorer? In my opinion, the answer unequivocally is yes. [more]
Tuesday, 22 February 2005, 3:49 PM CET

New Sober worm moving fast
Latest variant of Sober worm is spreading itself aggressively. [more]
Tuesday, 22 February 2005, 3:38 PM CET

T-Mobile - another high profile compromise of customer data
The phone book, email addresses, and notes from celebrity Paris Hilton’s T-Mobile Sidekick were posted on the web, and rapidly circulated by various online news websites / blogs with perhaps a questionable disregard of privacy for Paris Hilton herself. [more]
Tuesday, 22 February 2005, 9:15 AM CET

Ending the age of the password
IT directors face the constant challenge of giving the business enough flexibility to access IT however, wherever and whenever end-users need to, while keeping out intruders. [more]
Tuesday, 22 February 2005, 9:01 AM CET

Is your personal identity being harvested?
The terms "farming" and "fishing" have taken on new meaning, and this year's "bumper crop" might include the harvesting of your personal and business identity. [more]
Tuesday, 22 February 2005, 9:00 AM CET

Novell appliance takes security to the edge
Novell has developed a Linux-based "perimeter security" hardware appliance that protects companies against security threats such as hackers, viruses, worms, spam and network intrusions. [more]
Tuesday, 22 February 2005, 8:56 AM CET

Safe and secure - HP's iPAQ hx2750
Corporate computing is about reliability, connectivity and security, and HP's iPAQ hx2750 (also known as hx2755) covers all these bases. [more]
Tuesday, 22 February 2005, 3:09 AM CET

Is variable reponse the key to secure systems?
Intrusion detection software (IDS) first made a serious impression on the European security market in the late 1990s. [more]
Tuesday, 22 February 2005, 1:41 AM CET

Cabir mobile phone virus hits the US
Bluetooth hijacker spreading slowly but surely. [more]
Tuesday, 22 February 2005, 12:54 AM CET

Security breakthrough kills 'evil twins'
Delayed password disclosure protocol could thwart wireless hacks. [more]
Monday, 21 February 2005, 5:07 PM CET

Gartner: Microsoft security a 'missed opportunity'
Analyst Gartner has criticised Microsoft’s latest security announcements, made last week at the RSA conference, as a "missed opportunity". [more]
Monday, 21 February 2005, 5:05 PM CET

Online dangers increase
Online firms face growing crime menace. [more]
Monday, 21 February 2005, 5:04 PM CET

Security moving closer to OS, networks
RSA show highlights need for security companies to redefine roles. [more]
Monday, 21 February 2005, 4:28 PM CET

Security experts: hacking attacks rarely made public
A security breach that placed consumers at risk for identity theft grabbed headlines this week but most hacking incidents go unreported to police or the public, experts said on Thursday. [more]
Monday, 21 February 2005, 3:33 PM CET

PGP moving to stronger SHA Algorithm
PGP Corporation is planning to migrate to a more secure version of the Secure Hash Algorithm (SHA) in the upcoming releases of its PGP Desktop and PGP Universal encryption solutions. [more]
Monday, 21 February 2005, 3:31 PM CET

Automated patching
Patch management is an essential administration task within today’s busy IT networks with the constant threat of new security bugs. Some companies will wait for an attack before taking necessary action to protect themselves from further threat whilst others consider patching as often as possible. [more]
Monday, 21 February 2005, 3:30 PM CET

IT administrators told to get hacking
Time to learn the tricks of the trade, says security expert. [more]
Monday, 21 February 2005, 3:23 PM CET

Decision to sell antivirus products places Microsoft in quandary
If Microsoft Corp. doesn't do more to stem Internet attacks, the company risks further alienating customers unhappy with the multitude of threats already facing its ubiquitous software. [more]
Monday, 21 February 2005, 2:33 AM CET

How to build a simple wireless authenticated gateway using OpenBSD
Without spending a lot of money you to can build an authenticated gateway solution to verify your WIFI users. [more]
Monday, 21 February 2005, 1:45 AM CET

Understanding and implementing ISA 2004 as an application firewall
ISA Server 2004 (ISA firewall) includes a number of technologies that provide enhanced security performance for corporate network infrastructures. [more]
Monday, 21 February 2005, 12:32 AM CET

Clarke rips Microsoft over security
Former White House adviser alludes to its vulnerabilities. [more]
Friday, 18 February 2005, 10:56 AM CET

Check your filesystems' integrity with afick
With new threats showing up every day, administrators find it increasingly hard to establish continued trust with their filesystems. [more]
Friday, 18 February 2005, 10:53 AM CET

Teething problems for wireless LANs
The Wireless LAN is an emerging trend, but as with most young technologies, it is plagued by insecurities. [more]
Friday, 18 February 2005, 10:52 AM CET

Security experts warn of 'scary' new web scam
A Lancashire-based PC hardware site has become the victim of a sophisticated and disturbing new online fraud. [more]
Friday, 18 February 2005, 10:51 AM CET

Warning on hard drives' security
Half the hard disks studied had personal or commercial information. [more]
Friday, 18 February 2005, 10:48 AM CET

Security card keeps up with 10Gbit/s networks
The MTP-10G is billed as the world's first wire-speed 10Gbit/s network intrusion detection and prevention system. [more]
Friday, 18 February 2005, 10:47 AM CET

Study finds Windows more secure than Linux
Believe it or not, a Windows Web server is more secure than a similarly set-up Linux server, according to a study presented yesterday by two Florida researchers. [more]
Friday, 18 February 2005, 4:10 AM CET

Startup digs out network worms
The designers of security semiconductors are finding they must inspect application flows ever more closely if they are to wall off computer viruses and worms that are crawling higher up the software stack. [more]
Friday, 18 February 2005, 3:28 AM CET

Analyst: Microsoft security moves 'mandatory'
"These are must-do moves for Microsoft," says Yankee Group analyst Laura DiDio. "They need to show the industry at large -- their customers, prospective customers, press, analysts and critics -- that they're stepping up to the plate and making every possible effort to make their systems more secure." [more]
Friday, 18 February 2005, 2:16 AM CET

Cryptographers to Hollywood: prepare to fail on DRM
Movie industry representatives at RSA 2005 in San Francisco today called on the IT industry in thwarting illegal file sharing before the problem threatened its revenues. [more]
Friday, 18 February 2005, 1:01 AM CET

Researchers: typing style can be a password
The way you type is as unique as your eye color or speech patterns and can be used instead of a password to protect your computer, researchers at Louisiana Tech and Penn State say. [more]
Thursday, 17 February 2005, 4:53 PM CET

Treating infected systems
So your computer has a virus, a Trojan, or one of the other growing range of pests, what do you do? [more]
Thursday, 17 February 2005, 3:57 PM CET

Users bypass copy protection on portable Napster
Users have found a way to skirt copy protection on Napster Inc's portable music subscription service just days after its high-profile launch, potentially letting them make CDs with hundreds of thousands of songs for free. [more]
Thursday, 17 February 2005, 3:29 PM CET

Is Linux security a myth?
There are rare occasions in IT when a particular architecture reaches a point where it stops being purely IT driven and takes on a life of its own. [more]
Thursday, 17 February 2005, 3:21 PM CET

Microsoft on 'rootkits': be afraid, be very afraid.
Microsoft security researchers are warning about a new generation of powerful system monitoring programs, or "rootkits," that are almost impossible to detect using current security products and that could pose a serious risk to corporations and individuals. [more]
Thursday, 17 February 2005, 3:19 PM CET

Novell takes enterprise security focus
Novell is using the platform of this week's LinuxWorld show to roll out a string of products and open source activities aimed at boosting Linux security, in many cases to enterprise levels. [more]
Thursday, 17 February 2005, 3:16 PM CET

New MyDoom worm uses search engines to spread
Worm variant is using e-mail addresses found through popular search engines. [more]
Thursday, 17 February 2005, 2:54 PM CET

More watchful, probably not safer
Are you safer now than you were four years ago? [more]
Thursday, 17 February 2005, 2:53 PM CET

Security at risk from failure to wipe disks
Study of old PCs shows basic protection measures are being overlooked. [more]
Thursday, 17 February 2005, 2:51 PM CET

Digital-rights management a key theme at RSA conference
Authentica, Liquid Machines, and Microsoft were among the companies offering new or enhanced versions of DRM software. [more]
Thursday, 17 February 2005, 2:49 PM CET

Researchers find security flaw in SHA-1
Discovery could speed up cracking of the widely used encryption algorithm. [more]
Thursday, 17 February 2005, 2:48 PM CET

Security software shootout
Not only is Symantec ready for Microsoft's looming invasion of its turf, its feisty CEO John Thompson is positively spoiling for a fight. [more]
Thursday, 17 February 2005, 2:46 PM CET

Microsoft promises heavy investment to tackle security threats
Microsoft is spending a third of its $6bn research and development budget on IT security. [more]
Thursday, 17 February 2005, 2:40 PM CET

Spam gets vocal with VoIP
We're all learning to live with spam but an even more annoying nuisance lies just around the corner. Spit (Spam over internet telephony) is set to become the next pervasive medium for scammers, penis pill purveyors and the rest. [more]
Thursday, 17 February 2005, 2:34 PM CET

New security tools focus on the data
The increasing mobility of digitized data and a growing concern over privacy is driving security from the network perimeter down to the data level. [more]
Wednesday, 16 February 2005, 3:40 PM CET

Linux users feeling more secure
There are thousands of programmers across the world helping to develop Linux and other open-source applications, and they can quickly jump to the rescue of users with problems associated with hackers, said Stephan Scholz of Astaro Corp. and David Allen of CR Consulting. [more]
Wednesday, 16 February 2005, 3:00 PM CET

Mitsubishi preps Zigbee for enterprise security apps
Mitsubishi readies wireless system that can carry data at up to 250Kbps and uses very little power. [more]
Wednesday, 16 February 2005, 2:59 PM CET

Hacking victims face legal threat
Or is it an insurance sales pitch? [more]
Wednesday, 16 February 2005, 1:49 PM CET

Providing database encryption
In this paper, we explore a new approach for data privacy and security in which a security administrator protecting privacy at the level of individual fields and records, and providing seamless mechanisms to create, store, and securely access databases. [more]
Wednesday, 16 February 2005, 1:35 PM CET

Microsoft will make antispyware software free of charge
Microsoft Corp. will give away software to battle spyware, adware and other privacy-invading pests, company co-founder Bill Gates said Tuesday. [more]
Wednesday, 16 February 2005, 1:08 PM CET

Microsoft plans new IE browser, better security
Microsoft Corp. will release a new version of Internet Explorer, the world's most widely used Web browsing software, with stronger, built-in security features, chairman Bill Gates said on Tuesday. [more]
Wednesday, 16 February 2005, 12:32 PM CET

T-Mobile hacker pleads guilty in Los Angeles
A hacker who broke into the network of T-Mobile USA and accessed personal information of hundreds of customers including a Secret Service agent has pleaded guilty to a single felony hacking charge. [more]
Wednesday, 16 February 2005, 12:31 PM CET

Security fears still hurting e-commerce
Many consumers reluctant to shop or bank online. [more]
Wednesday, 16 February 2005, 12:30 PM CET

Defense picks two for PKI
Defense Department officials selected two companies to provide digital certificate validation for the department's public-key infrastructure (PKI), a decision that some officials feel could spur a faster move to paperless e-government. [more]
Wednesday, 16 February 2005, 12:29 PM CET

How much security will Microsoft be allowed?
Microsoft's announcements at the RSA conference are good news for Windows users, but one has to wonder if they'll really go through unchallenged. [more]
Wednesday, 16 February 2005, 12:24 PM CET

Passwords? We don't need no stinking passwords
Concerns over online security are continuing to slow consumer e-commerce growth. [more]
Wednesday, 16 February 2005, 12:23 PM CET

Protecting the administrator account
There are some basic and advanced options that you can configure within Windows Active Directory to protect this valued account. [more]
Wednesday, 16 February 2005, 12:18 PM CET

Cisco unveils security offerings
Cisco Systems today is unveiling nine new software and hardware products, and upgrades to protect corporate computer networks from hackers and other Internet threats. [more]
Tuesday, 15 February 2005, 1:15 PM CET

Keeping secrets
Most organisations would be shocked to learn of the amount of commercially sensitive information stored in notebook PCs walking out their office doors each day. [more]
Tuesday, 15 February 2005, 1:04 PM CET

White House may make NSA the 'traffic cop' over U.S. computer networks
The Bush administration is considering making the National Security Agency -- famous for eavesdropping and code breaking -- its "traffic cop" for ambitious plans to share homeland security information across government computer networks, a senior NSA official says. [more]
Tuesday, 15 February 2005, 1:02 PM CET

Feather Linux for firewalls
The firewall infrastructure of GNU/Linux consists of two parts, the kernel (netfilter) and the configuration structure (iptables). [more]
Tuesday, 15 February 2005, 1:01 PM CET

Securing Linux with mandatory access controls
Some in the security industry say that Linux is inherently insecure, that the way Linux enforces security decsions is fundamentally flawed, and the only way to change this is to redesign the kernel. [more]
Tuesday, 15 February 2005, 12:59 PM CET

Clever service has key to e-mail security
How can you be sure your e-mails are safe from prying eyes? To most of us e-mailing mom or even sending work-related e-mails, security really isn't of great concern. [more]
Tuesday, 15 February 2005, 12:57 PM CET

More advisories, more security
More and more, we see articles questioning the security of a given platform based solely on the number of advisories published - and this approach is simply wrong, writes Thierry Carrez, of Gentoo Linux. [more]
Tuesday, 15 February 2005, 12:54 PM CET

CIOs turn spotlight on Sarbanes security issue
Security group aims to clear up confusion over the impact of Sarbanes-Oxley on ITsecurity and the role of the IT department in ensuring compliance. [more]
Tuesday, 15 February 2005, 12:51 PM CET

Demo@15 show focuses on secure networks
Risk assessment is major theme. [more]
Tuesday, 15 February 2005, 12:50 PM CET

Supplier group to address VoIP security concerns
Suppliers and consultants have reacted to criticism of the security of voice over IP technology by forming a group - the VoIP Security Alliance - to address user concerns. [more]
Tuesday, 15 February 2005, 12:49 PM CET

Wi-Fi alliance to beef up security
The Wi-Fi Alliance is trying to further beef up standard security. [more]
Monday, 14 February 2005, 4:15 PM CET

Novell unveils security appliance
Novell this week is expected to launch a software-based security appliance for small and midsized businesses that will protect them from threats such as hackers, viruses, worms, spam and intrusions. [more]
Monday, 14 February 2005, 4:05 PM CET

E-mail: the threat within
The law treats emails as ‘discoverable documents’ in exactly the same way as all other forms of written communication, and as such, just as much care and attention should be taken regarding the content of emails as with other forms of business communication. [more]
Monday, 14 February 2005, 3:05 PM CET

Next virus threat: wireless phones
McAfee and Innopath teaming up to offer security software. [more]
Monday, 14 February 2005, 1:19 PM CET

Top WLAN gear
We pitted four top names in wireless against one another in a bruising battery of testing. Our previous review's Editor's Choice repeated its victory, thanks to its well-designed switches and sophisticated access points. [more]
Monday, 14 February 2005, 1:02 PM CET

Fear and loathing in information security
If I were to tell you that I'm proud to be a hacker, would you wish I was dead? [more]
Monday, 14 February 2005, 12:54 PM CET

Evaluating your firewall
John Traenkenschuh considers some of the basic problems confronting firewall administrators. What's the point of having a firewall, if it can't keep intruders out? And what are some of the business and networking issues that cause firewalls to fail at their duty? [more]
Monday, 14 February 2005, 12:39 PM CET

Spammers outwit blacklist strategy
Spammers now have a trick to help them sneak around junk mail filters. [more]
Monday, 14 February 2005, 12:36 PM CET

HP introduces server-based anti-worm software
Hewlett-Packard on Friday rolled out a software add-on for its ProLiant servers and HP BladeSystem that shuts down the inside-the-network spread of worms or viruses within milliseconds. [more]
Monday, 14 February 2005, 12:31 PM CET

Wireless security handset mechanism set for demo
Texas Instruments, Orange and Trusted Logic are to demonstrate a new wireless security handset mechanism designed to eliminate unauthorised handset use and fraud. [more]
Monday, 14 February 2005, 12:27 PM CET

Sniffer dog threatens online privacy
Last month the US Supreme Court effectively trashed this principle in a case that could have a profound impact on privacy rights online. [more]
Friday, 11 February 2005, 2:57 PM CET

Microsoft's AntiSpyware hit by a spyware
A Trojan has hit Microsoft's AntiSpyware (Beta), which disables it, and steals banking details login Ids and passwords. [more]
Friday, 11 February 2005, 2:56 PM CET

Linux disaster recovery app brings light to darkened N.Y. firm
In an instant, all the screens went black and the steady hum from the servers' cooling fans ceased, and with each passing second their precious data was unaccounted for, Peter Dominguez faced the potential loss of money and clientele. [more]
Friday, 11 February 2005, 2:52 PM CET

Security best practices for Red Hat and Fedora Core
The Center for Internet Security (CIS) is a non-profit association for the promotion of computer security. [more]
Friday, 11 February 2005, 2:50 PM CET

Virus warning hits Windows Media Player
Users urged to be careful when viewing PNG images. [more]
Friday, 11 February 2005, 2:44 PM CET

HP offers detect and contain security software
HP has started shipping software designed to limit the spread of viruses across corporate networks and reduce the damage they cause during an attack. [more]
Friday, 11 February 2005, 2:44 PM CET

RSA Security to offer big-company security to SMBs
RSA Security is preparing to deliver a powerful authentication solution for the long-neglected small to medium-sized business (SMB) market. [more]
Friday, 11 February 2005, 2:43 PM CET

Gateway to security
A VPN gateway provides three essentials for your data: authentication, confidentiality and integrity. We show you what to look for in an enterprise-class device. [more]
Friday, 11 February 2005, 2:40 PM CET

Why do PC users put up with so many viruses?
Why isn't everyone on a Mac? [more]
Friday, 11 February 2005, 8:37 AM CET

Infosecurity 2005 - innovative method fuels business opportunities
As the Infosecurity conference is UK's top information security conference, UK Trade & Investment, the British Government agency that supports overseas enterprises seeking to set up or expand in the UK, came up with an innovative solution - compensating foreign visitors travelling to the Infosecurity show. [more]
Thursday, 10 February 2005, 4:09 PM CET

My car has a virus (and other security threats)
IBM has identified viruses on mobile devices and IP telephony security threats as looming network security risks for 2005. Last year viruses spam and phishing attacks posed the greatest problems. [more]
Thursday, 10 February 2005, 12:18 PM CET

Unexpected attack vectors
A new round of attacks and phishing attempts use some unexpected attack vectors that we should have been paying attention to, but weren't. [more]
Thursday, 10 February 2005, 12:15 PM CET

Security management for the littler guy
Security information management (SIM) systems aren't cheap; prices generally start in the tens of thousands of dollars. [more]
Thursday, 10 February 2005, 12:12 PM CET

Symantec hit by large-scale flaw
Security hole affects nearly every product Symantec sells. [more]
Thursday, 10 February 2005, 12:11 PM CET

Penetration testing IPsec VPNs
This article discusses a methodology to assess the security posture of an organization's IPsec based VPN architecture. [more]
Thursday, 10 February 2005, 12:09 PM CET

IIS 6.0 SSL Certificate export and ISA Server 2004 import
Sometimes you want to take an SSL certificate that you already own that is installed on your web server and import it into the ISA firewall’s machine certificate store. [more]
Thursday, 10 February 2005, 12:05 PM CET

Task force to focus on common security
Officials from the Homeland Security Department and the Office of Management and Budget will lead an intra-agency task force on developing common solutions for cybersecurity. [more]
Thursday, 10 February 2005, 12:04 PM CET

The root of MySQL's security evil?
The recent worm attack that hit thousands of MySQL installations reflects a growing trend in the malware world. [more]
Thursday, 10 February 2005, 12:03 PM CET

Hackers sued for tinkering with Xbox games
In the first case of its kind, a California video game maker is suing an entire community of software tinkerers for reverse engineering and modifying Xbox games that they legally purchased. [more]
Thursday, 10 February 2005, 12:03 PM CET

NICTA begins Web services security project
National ICT Australia (Nicta) has announced a three-year, $2 million agreement with Microsoft for A collaborative research project into the development of technologies to improve Web security. [more]
Thursday, 10 February 2005, 12:01 PM CET

Biometrics: the legal challenge
One of the key drivers behind the push to take up biometric technologies is that governments are beginning to mandate that biometric identifiers such as facial images and fingerprints be used in official documents, including passports. [more]
Wednesday, 9 February 2005, 1:18 PM CET

Windows Server 2003 SP1 RC2 has been released
Install Microsoft Windows Server 2003 Service Pack 1 (SP1) Release Candidate 2 (RC2) to help secure your server. [more]
Wednesday, 9 February 2005, 12:37 PM CET

Access control lists
If you've used Linux for a long time, you're probably quite familiar with file permissions. Indeed, managing permissions is a critical part of managing a Linux system. [more]
Wednesday, 9 February 2005, 12:34 PM CET

Nessus assesses system vulnerabilities
Keeping a server or workstation updated with the latest security patches can be a daunting task. [more]
Wednesday, 9 February 2005, 12:33 PM CET

Feds look to finalize IT security controls
NIST has issued the last draft of the new requirements. [more]
Wednesday, 9 February 2005, 12:32 PM CET

Are your servers secure?
In a word, No. No machine connected to the internet is 100% secure. [more]
Wednesday, 9 February 2005, 12:31 PM CET

Microsoft announces critical security bugs
Microsoft Corp. released eight security fixes Tuesday that carry its highest threat rating and urged computer users to install them quickly because all the vulnerabilities they address could let attackers take complete control of systems. [more]
Wednesday, 9 February 2005, 12:29 PM CET

Users want security rethink
Jericho calls for new approach to enterprise security. [more]
Wednesday, 9 February 2005, 12:28 PM CET

Keeping wireless rogues in check
After months of testing and taking budget constraints into consideration, our security manager comes up with a wireless policy. [more]
Wednesday, 9 February 2005, 12:26 PM CET

Spoofing flaw hits web browsers
Security firm warns of phishing risk with Firefox, Opera and others. [more]
Wednesday, 9 February 2005, 12:21 PM CET

Microsoft to buy Sybari Software
Microsoft said Tuesday that it plans to buy Sybari Software, a New York company that makes products to protect business computer systems from Internet threats, including viruses and spam. [more]
Wednesday, 9 February 2005, 12:20 PM CET

Hashing out encryption
Federal agencies have been put on notice that National Institute of Standards and Technology officials plan to phase out a widely used cryptographic hash function known as SHA-1 in favor of larger and stronger hash functions such as SHA-256 and SHA-512. [more]
Tuesday, 8 February 2005, 12:16 PM CET

Embedded platform takes virus control onboard
The Advantech XP Embedded Ready Platform is a ready-to-run ePlatform preloaded with Windows XP Embedded. [more]
Tuesday, 8 February 2005, 11:48 AM CET

Summit to tackle internet crime
Police and computer experts in Wales will join force for an event aimed at finding ways of tackling the growing problem of internet crime. [more]
Tuesday, 8 February 2005, 11:10 AM CET

IT security pushes for professional status
(ISC)2, the global organisation dedicated to training and accrediting IT security staff, has launched an international drive to highlight the professionalism of information security. [more]
Tuesday, 8 February 2005, 10:59 AM CET

Bush backs boost for cybersecurity
President Bush's proposed budget for fiscal 2006 would spend 7 percent more on information technology security year-over-year and add cybersecurity to the stable of cross-agency lines of business. [more]
Tuesday, 8 February 2005, 10:58 AM CET

BT develops formal career plan for security staff
BT is creating formal career development programmes for more than 400 full-time IT security professionals as it gears up to create an integrated cross-company security practice. [more]
Tuesday, 8 February 2005, 10:45 AM CET

FBI turns off unclassified e-mail system
"We use these accounts to communicate with you folks, view Internet sites, and conduct other non-sensitive bureau business, such as sending out press releases," Special Agent Steve Lazarus, the FBI's media coordinator in Atlanta, says in an e-mail describing the problem. [more]
Tuesday, 8 February 2005, 10:44 AM CET

Security's inseparable couple
The most familiar names in network security are neither vendors nor geeks: Try Alice and Bob. [more]
Tuesday, 8 February 2005, 10:42 AM CET

Experts predict Firefox spyware will show up this year
Spyware experts indicate that with its increased popularity, Firefox itself will become a target for spyware creators, who are already poking at the open source browser alternative. [more]
Tuesday, 8 February 2005, 10:28 AM CET

Hold the phone, VOIP isn't safe
In recognition of the fact that new technologies are just as valuable to wrongdoers as to those in the right, a new industry group has formed to look at the security threats inherent in voice over internet protocol. [more]
Tuesday, 8 February 2005, 10:27 AM CET

13 EU countries link up to fight spam
Anti-spam enforcement authorities in 13 European countries have agreed to work together when investigating complaints about cross-border spam from anywhere within the EU. [more]
Tuesday, 8 February 2005, 10:27 AM CET

Phishers target Microsoft security initiative
Phishers are taking advantage of Microsoft’s new software anti-piracy initiative by launching a wave of phishing e-mails in an attempt to get credit card numbers from Microsoft customers. [more]
Monday, 7 February 2005, 3:50 PM CET

Users want security rethink
Jericho calls for new approach to enterprise security. [more]
Monday, 7 February 2005, 12:13 PM CET

Safe from a cyberattack?
Nuclear regulatory officials formalize security standards for safety systems. [more]
Monday, 7 February 2005, 11:33 AM CET

Ex-AOL worker pleads guilty
A former software engineer for America Online is charged with selling 92 million screen names and e-mail addresses to spammers. A judge finally lets the guy plead guilty to conspiracy. [more]
Monday, 7 February 2005, 10:55 AM CET

Online banking victim files suit
A Miami businessman is suing Bank of America over $90,000 he says was stolen from his online banking account in a case that highlights the thorny question of who is responsible when a customer's computer is hacked into. [more]
Monday, 7 February 2005, 10:54 AM CET

CLI magic: OpenSSH
Let's explore OpenSSH, which replaces telnet and does a whole lot more. [more]
Monday, 7 February 2005, 10:52 AM CET

RIAA sues the dead
Death is no obstacle to feeling the long arm of the Recording Industry Ass. of America. [more]
Monday, 7 February 2005, 10:50 AM CET

A .NET developer's guide to Windows security
Understanding just what user profiles are, and how they interact with the Windows registry system is key to keeping a secure system. Making sure that your programs store settings in the user-specific settings trees, rather than the program directory, will help keep passwords and other vital information secure. [more]
Monday, 7 February 2005, 10:41 AM CET

Complaint dropped against DDoS mafia
Federal authorities in Los Angeles have dismissed a criminal complaint filed last August against four men accused of performing DDoS attacks for hire. [more]
Monday, 7 February 2005, 8:58 AM CET

Combating the hidden dangers of adware
Adware may remain a threat to your Web users, but by adopting proactive filtering, you can ensure that the only unwanted advertisements they see are on TV. [more]
Monday, 7 February 2005, 8:29 AM CET

Linux Kernel security is lacking
Recent events have shown that the way security in the Linux kernel is handled is broken, and it needs to be fixed right now. [more]
Monday, 7 February 2005, 1:55 AM CET

Eudora open to multiple high risk flaws
Windows version of popular email client at risk. [more]
Friday, 4 February 2005, 12:52 PM CET

Canadians fight for privacy
British Columbians are fighting to halt an outsourcing contract recently signed by their government that would place millions of their health records in the hands of a private American company. [more]
Friday, 4 February 2005, 12:51 PM CET

The talented Mr. Mitnick
he former hacker perpetrated a series of high-profile corporate break-ins in the 1990s—and served five years in federal prison for it. [more]
Friday, 4 February 2005, 9:55 AM CET

Defense contractor warns employees following computer theft
Thieves stole several computers containing personal information on 45,000 current and former shareholders of defense contractor Science Applications International Corp. [more]
Friday, 4 February 2005, 9:28 AM CET

Online mob (poll) would hang hackers high
The teenager sentenced to 18 months in federal prison for spawning a variant of the MSBlast worm deserved tougher punishment, an online poll says. [more]
Friday, 4 February 2005, 1:24 AM CET

Heading off hackers
Security intelligence services can give a heads-up on threats and how to deal with them. [more]
Friday, 4 February 2005, 12:49 AM CET

The commercialisation of malware
Virus writers are waking up and smelling the money. [more]
Friday, 4 February 2005, 12:08 AM CET

Spammers turn to directory harvest attacks
Have you been done by a harvester before? [more]
Friday, 4 February 2005, 12:06 AM CET

Testifying in a computer crimes case
In this article, we examine the basics of testifying in either capacity in a case involving computer crimes, and how you can move into the lucrative field of computer forensics, on either a full- or part-time basis. [more]
Friday, 4 February 2005, 12:01 AM CET

Linux security is a 'myth', claims Microsoft
Open source OS 'not ready for mission-critical computing'. [more]
Thursday, 3 February 2005, 10:34 AM CET

Root kit surfaces after Jabber attack
The Jabber Software Foundation (JSF) - the open source instant messaging organisation - has advised developers to check their code, after discovering that a hack attack against its website was more serious than first suspected. [more]
Thursday, 3 February 2005, 9:28 AM CET

New zombie spam technique may increase spam levels
If the warnings of security experts are to be believed, we are on the verge of a major onslaught of spam. [more]
Thursday, 3 February 2005, 9:21 AM CET

FTC: At least $548 million lost to identity theft
Americans lost at least $548 million to identity theft and consumer fraud last year as the Internet provided new victims for age-old scams. [more]
Thursday, 3 February 2005, 9:20 AM CET

Microsoft: bypass is not a security threat
A method of bypassing security features in Windows XP Service Pack 2 (SP2) isn't actually a security threat, Microsoft has claimed. [more]
Thursday, 3 February 2005, 9:19 AM CET

The 'hacker tool' worm that gurned
The old English practice of gurning, in which participants pull a funny or scary face, is being used by a newly discovered worm to distract PC users while their machines are being compromised. [more]
Thursday, 3 February 2005, 9:18 AM CET

Hackers see 3G as prize target
Despite more paranoia and stiffer security than ever, IP-based telecommunications servers are fast becoming the new 'holy grail' for the black hat hacking community, with a highly embarrassing intrusion at US based carrier T-Mobile the latest ugly incident. [more]
Thursday, 3 February 2005, 9:14 AM CET

Supreme Court puts hacker sentences up for grabs
A landmark U.S. Supreme Court decision last month giving judges more leeway in deciding federal prison terms could be good news for computer intruders who don't fit the classic criminal mold, legal experts say. [more]
Thursday, 3 February 2005, 9:11 AM CET

ITAA favors current smart card specs
Members of the Information Technology Association of America say they hope to persuade federal officials to modify a proposed biometric smart card specification. [more]
Wednesday, 2 February 2005, 11:11 AM CET

AOL aims to secure surfing with new Netscape browser
Users will be alerted to Web sites that are connected with scams. [more]
Wednesday, 2 February 2005, 9:16 AM CET

Downloadable databases pose security dangers
It's baffling that so many database administrators or casual non-DBA downloaders were responsible for leaving weak or default passwords on MySQL databases. [more]
Wednesday, 2 February 2005, 9:14 AM CET

A simple guide to securing USB memory sticks
USB memory sticks can be used safely and securely if the risks are understood and proper measures are taken to mitigate them. This article first discusses the primary risks associated with USB memory sticks and then Cryptainer LE, a free software program, is introduced as a way to mitigate the loss of confidentiality through the use of encryption. [more]
Wednesday, 2 February 2005, 12:33 AM CET

Gates to unveil new government security program
Company is increasing its participation with governments. [more]
Wednesday, 2 February 2005, 12:05 AM CET

CryptoStor combines storage, security
NeoScale Systems on Monday announced its CryptoStor for Tape 700, a new family of tape media security appliances. [more]
Wednesday, 2 February 2005, 12:05 AM CET

Mass mailed worms here to stay
Predictions of the demise of the mass-mailed worm are premature, a security researcher said Tuesday. [more]
Wednesday, 2 February 2005, 12:04 AM CET

Nokia expands security platforms
Nokia announced the expansion of its family of network security platforms with the addition of Nokia IP260 and Nokia IP265. [more]
Wednesday, 2 February 2005, 12:03 AM CET

Cost of malware soars to $166bn in 2004
Viruses, worms and Trojans taking their toll. [more]
Wednesday, 2 February 2005, 12:01 AM CET

Microsoft seen poised to push anti-virus
Consensus is building among industry watchers that Microsoft will have anti-spyware and anti-virus products on the market for businesses and consumers by year-end. [more]
Wednesday, 2 February 2005, 12:00 AM CET

No improvement in wireless network security
Two-thirds of enterprise wireless networks across the UK and Ireland are easily open to hackers. [more]
Tuesday, 1 February 2005, 11:59 PM CET

Microsoft, German partners back secure Net project
Microsoft Corp chairman Bill Gates and leaders of Germany's computer industry launched Monday a project to protect millions of computer users from Internet dangers such as viruses. [more]
Tuesday, 1 February 2005, 3:28 PM CET

Malware maelstrom boosts SurfControl sales
Shares in UK-based censorware outfit SurfControl rose more than three per cent this morning with the release of healthy quarterly earnings results. [more]
Tuesday, 1 February 2005, 3:26 PM CET

Microsoft's velvet glove
Redmond's plan to make you install Windows authentication software before downloading vital security patches is a reasonable and gentle effort to limit piracy. [more]
Tuesday, 1 February 2005, 2:08 PM CET

Nine out of 10 VPNs 'not secure'
Exploitable vulnerabilities across all products, warns analyst. [more]
Tuesday, 1 February 2005, 2:07 PM CET

Digital evidence: today's fingerprints
Electronic world increasingly being used to solve crimes. [more]
Tuesday, 1 February 2005, 2:05 PM CET

Secure horizons
Companies look to policies and standards-not just products-to secure their data. [more]
Tuesday, 1 February 2005, 2:04 PM CET

Security company pokes hole in XP SP2
Patch is available, but some experts advise against installing it. [more]
Tuesday, 1 February 2005, 6:32 AM CET

Phishing morphs into pharming
Fraudsters and mischief makers are developing more insidious techniques for tricking users into visiting bogus websites. [more]
Tuesday, 1 February 2005, 6:26 AM CET


The synergy of hackers and tools at the Black Hat Arsenal

Posted on 27 August 2014.  |  Tucked away from the glamour of the vendor booths and the large presentation rooms filled with rockstar sessions, was the Arsenal - a place where developers were able to present their security tools and grow their community.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.


Mon, Sep 1st