Off the Wire

Off The Wire Archive

News items for May 2004

The grsecurity project is about to disappear
Beginning May 31, 2004, development of grsecurity will cease. [more]
Monday, 31 May 2004, 10:12 PM CET

Microsoft, Sun security paths diverge
Identity management is rapidly becoming a new battleground for rivals Microsoft Corp. and Sun Microsystems Inc., each of which is committing support for different standards. [more]
Monday, 31 May 2004, 6:51 PM CET

Wi-Fi is hot, security is not
Mike Outmesguine ventured off to sniff out wireless networks between Los Angeles and San Francisco. He got a big whiff of insecurity. [more]
Monday, 31 May 2004, 7:47 AM CET

Report: FDIC data vulnerable
Lax security in the Depression-era agency that protects American's bank deposits is the focus of a report by the General Accounting Office. The study says major losses of money, information and other data are possible. [more]
Monday, 31 May 2004, 7:40 AM CET

Mmanaging security for mobile users (part two)
Part two of this article completes the discussion and presents ways of providing additional layers of defense to help protect the valuable, mobile data.
Friday, 28 May 2004, 4:05 PM CET

Security spend boosts enterprise router sales
Global sales of enterprise router devices have begun to pick up, largely driven by healthy spending in the secure router segment. [more]
Friday, 28 May 2004, 1:34 PM CET

Taiwanese nabbed for creating virus used by Chinese hackers
A Taiwanese computer engineer was arrested for allegedly designing a vorm that was used to attack the island's business and government systems, police said Thursday. [more]
Friday, 28 May 2004, 1:34 PM CET

Aussie police to gain access to stored messages
Australian Attorney General Philip Ruddock has introduced amendments to federal parliament that would ease police access in the country to stored voice mails, e-mails and text messages. [more]
Friday, 28 May 2004, 11:22 AM CET

California Senate approves anti-Gmail bill
The California state Senate on Thursday approved a bill that takes aim at Google's new Gmail service, placing strict limits on e-mail providers seeking to scan customer messages for advertising and other purposes. [more]
Friday, 28 May 2004, 11:20 AM CET

Spammer sentenced to seven years in prison
A man who sent 850 million junk e-mails through accounts he opened with stolen identities was sentenced to up to seven years in prison on Thursday. [more]
Friday, 28 May 2004, 11:16 AM CET

First 64-bit virus is discovered by Symantec
Symantec in Canada have discovered the first known virus for the 64 bit version of Microsoft Windows. Called W64.Rugrat.3344, the virus is a direct action infector. [more]
Thursday, 27 May 2004, 9:00 PM CET

Windows worms tax ISPs
Computer worms will cost European ISPs an estimated €123m this year, according to a study to traffic management firm Sandvine out today. [more]
Thursday, 27 May 2004, 5:12 PM CET

Better security will help wireless growth
The security of wireless hot spots for internet access for IT users on the road was the subject of discussion at the CeBIT America 2004 conference in New York. [more]
Thursday, 27 May 2004, 5:10 PM CET

Yahoo adds antispyware service to toolbar
Yahoo Inc. began testing a new antispyware feature on its toolbar Thursday, allowing users to scan for and delete the small software applications often responsible for displaying pop-up ads etc. [more]
Thursday, 27 May 2004, 5:08 PM CET

Deloitte survey shows rise in attacks but flat security budgets
A survey of top financial services firms by Deloitte showed that a majority of organizations have suffered external attacks within the past year but many don't expect their security budgets to grow.
Thursday, 27 May 2004, 4:28 PM CET

Microsoft to merge Caller ID for email with SPF anti-spam technology
On Tuesday, Microsoft revealed that it will merge its Caller ID for Email technology with a competing scheme for email authentication, dubbed Sender Policy Framework. [more]
Thursday, 27 May 2004, 4:27 PM CET

RSA Security touts success with web services federation
RSA Security said it has successfully tested complete interoperability of the WS-Federation specification. Several vendors including Microsoft and IBM participated in the test, the firm said. [more]
Thursday, 27 May 2004, 1:11 PM CET

Microsoft security spend greater than the Star Wars missile system
Microsoft has spent more on securing its software than was spent on the Star Wars missile project, the company's head of security has told conference guests. [more]
Thursday, 27 May 2004, 1:09 PM CET

Russia - a happy haven for hackers
For all its disadvantages, the former Soviet Union had one hugely overlooked advantage: it kept hackers, crackers and virus writers confined inside the country by restricting their access to the internet. [more]
Thursday, 27 May 2004, 1:08 PM CET

Investigating computer crimes
One of the most important conditions to improve activity of operational structures is to strengthen informational relations between police divisions. [more]
Thursday, 27 May 2004, 1:07 PM CET

Will code-check tools make for worm-proof software?
When Microsoft needed help in taming the large number of flaws, it looked to technology known as "static source-code checkers" and a company called Intrinsa. [more]
Wednesday, 26 May 2004, 3:47 PM CET

Nokia updates security appliance OS
Nokia has unveiled the latest version of its IPSO server operating system, claiming that version 3.8 of the security-hardened platform will deliver significant performance improvements. [more]
Wednesday, 26 May 2004, 3:44 PM CET

Security boost for SQL Server
Microsoft is to add data encryption to its SQL Server database as well as seek US federal government security certification for the platform at its TechEd conference in San Diego, California. [more]
Wednesday, 26 May 2004, 3:42 PM CET

Buffalo adds new security scheme to 802.11g
Buffalo Technology has announced a new lineup of 802.11g wireless products featuring their AirStation One-Touch Secure System security solution. [more]
Wednesday, 26 May 2004, 3:39 PM CET

Microsoft tightens database security
Microsoft is making its newest database software tougher to crack. [more]
Wednesday, 26 May 2004, 5:26 AM CET

GUI administration with KSysguard
This app has absolutely nothing to do with guarding anything. KSysguard lets you manage processes and monitor resources on local or remote systems. According to the documentation, it can be built on Solaris, BSD, and Linux. [more]
Wednesday, 26 May 2004, 5:25 AM CET

Linux and Windows security compared
In this study, we compare Microsoft Windows and Linux security across these seven categories. [more]
Wednesday, 26 May 2004, 5:22 AM CET

The rising cost of protecting your identity
With identity theft rampant, we need to be cautious with our personal information. But consumer advocates say there's something else we ought to be vigilant about: expensive services for identity theft protection. [more]
Wednesday, 26 May 2004, 5:21 AM CET

Weighing profits against peril
Denying XP pirates the SP2 upgrade would hurt the Internet to protect Microsoft's bottom line. [more]
Wednesday, 26 May 2004, 5:20 AM CET

Lawmaker tones down anti-Gmail bill
A California lawmaker has revised a proposal to block Google's new e-mail service on privacy grounds, removing key provisions that would have have made it difficult or impossible for the Web search giant to operate Gmail in the state. [more]
Wednesday, 26 May 2004, 5:19 AM CET

Key considerations for outsourcing security
This article will look at certain key issues for determining when outsourcing security is the best approach to take. [more]
Tuesday, 25 May 2004, 2:02 PM CET

HP to sell Microsoft firewall apps
Microsoft has said that hardware makers will sell its forthcoming Internet Security and Acceleration (ISA) Server 2004 software preinstalled on hardware appliances. [more]
Tuesday, 25 May 2004, 1:55 PM CET

Practice safe resets: secure your password solution
Organisations are discovering an easy way to reduce the workload of IT and help desk administrators - password self-service. [more]
Tuesday, 25 May 2004, 1:54 PM CET

CA preps wireless site management software
Computer Associates International Inc. previewed Monday at its user show in Las Vegas a new tool for managing wireless networks that early users say provides critical monitoring and security functionality. [more]
Tuesday, 25 May 2004, 10:15 AM CET

Microsoft to show off ID federation
Microsoft will display on Tuesday software that lets customers sign in to a Web site and then take their identity with them as they browse the Web to other federated sites, a representative said. [more]
Tuesday, 25 May 2004, 10:12 AM CET

Spam now two thirds of all e-mail
There is no sign of relief for companies already overwhelmed by the sheer volume of unsolicited and unwanted e-mail messages clogging their mail systems. [more]
Tuesday, 25 May 2004, 12:22 AM CET

Microsoft makes security push
Microsoft Corp. said Monday it will begin selling network security software pre-installed on computers, taking aim at a market dominated by appliance security vendors. [more]
Tuesday, 25 May 2004, 12:20 AM CET

Good methods foster security
Software engineering expert Martyn Thomas explains how IT disciplines and management practices can help to minimise risk. [more]
Tuesday, 25 May 2004, 12:18 AM CET

The biggest spammer on the Net? Comcast?
Comcast's high-speed Internet subscribers have long been rumored to be an unusually persistent source of junk e-mail. [more]
Monday, 24 May 2004, 4:43 PM CET

What's in a name- identity theft
One of the most precious things you own is your good name. [more]
Monday, 24 May 2004, 4:41 PM CET

Snort up for revamp, says creator
The creator of Snort, the open-source network-based Intrusion Detection System (IDS), says the software is up for an overhaul. [more]
Monday, 24 May 2004, 4:37 PM CET

Secure coding attracts interest, investment
Security firm @stake helps developers search computer code for errors, security holes. [more]
Monday, 24 May 2004, 4:33 PM CET

Automated penetration testing with CORE IMPACT 4.0
The new release of CORE IMPACT features an industry first step-by-step automation of the penetration testing process. Check the exclusive screenshots of the product in action. [more]
Monday, 24 May 2004, 4:31 PM CET

Security in an ERP world
Security in the e-business, integrated enterprise resource planning (ERP) world requires a new way of thinking about security - not just about the bits and bytes of network traffic, but about business transactions that inflict financial losses from systems-based fraud, abuse and errors. [more]
Monday, 24 May 2004, 3:18 PM CET

Why Windows is a security nightmare
Security in all mainstream operating systems is non-existent; however, things are especially bad for Windows. [more]
Monday, 24 May 2004, 2:58 PM CET

Remote backup using ssh, tar and cron
Are you looking for a solution to backup your data to a remote location? [more]
Monday, 24 May 2004, 2:50 PM CET

Starting up network services from xinetd
xinetd is started on bootup, and listens on ports designated in /etc/xinetd.conf for incoming network connections. When a new connection is made, xinetd starts up the corresponding network service. [more]
Monday, 24 May 2004, 2:38 PM CET

DHS privacy director: We're paying attention
Individual rights will be upheld despite the war on terrorism. [more]
Monday, 24 May 2004, 2:36 PM CET

Secure email specs could merge
After submitting its Caller ID email authentication specification to a standards body, Microsoft is discussing merging its spec with another, called sender policy framework, or SPF. [more]
Monday, 24 May 2004, 2:33 PM CET

Audio interview with Brian Cohen, SPI Dynamics CEO
Mr. Cohen introduces his company, discusses the current state and future of the web application security market and provides information on the SPI Dynamics WebInspect product line. [more]
Friday, 21 May 2004, 9:01 PM CET

Athens Olympics braced for wave of cyberattacks
The Athens Olympics organizers are bracing themselves for a wave of cyberattacks once the games are under way, but insist that a physical breach of security still represents the biggest threat. [more]
Friday, 21 May 2004, 4:11 PM CET

Malware analysis for administrators
The purpose of this article is to help administrators and power users use behavioral analysis to determine if a binary is harmful malware, by analyzing it in a lab environment without the use of anti-virus software, debuggers, or code disassembly. [more]
Friday, 21 May 2004, 4:09 PM CET

U.S. may get a privacy czar
To protect the privacy and civil liberties of Americans, the federal government may get a privacy czar if two congressional representatives have their way. [more]
Friday, 21 May 2004, 4:01 PM CET

FBI plans spammer smackdown
It's been nearly six months since President Bush signed the first federal spam law with criminal sanctions--and not one bulk e-mailer has been criminally charged under it so far. [more]
Friday, 21 May 2004, 8:46 AM CET

Spam adversaries to meet, debate
Alleged spammer Scott Richter and SpamCop founder Julian Haight will meet next month to duke it out in a public debate. It could get nasty. [more]
Friday, 21 May 2004, 8:45 AM CET

How to stop viruses? Build a 'killer bot'
The computer virus is, it seems, as unstoppable as its biological forebears--and possesses the same appetite for evolution. [more]
Friday, 21 May 2004, 8:43 AM CET

Google defines good manners for adware
In an attempt to cut down on misbehaving adware and spyware, Google has released a set of suggested principles for software makers to follow when writing programs that embed themselves on Internet users' PCs. [more]
Thursday, 20 May 2004, 6:21 AM CET

Flaws drill holes in open-source repository
Flaws in two popular source code repository applications could allow attackers to access and corrupt open-source software projects, a security researcher said Wednesday. [more]
Thursday, 20 May 2004, 6:12 AM CET

How are script kiddies outwitting I.T. experts?
"Ten years ago, you needed good programming skills to write a virus, but today there are ready made virus-writing programs on the market so you can write a virus and not know much about programming," explains Mikael Albrecht of F-Secure. [more]
Thursday, 20 May 2004, 6:09 AM CET

Cisco to patent security fix
Cisco Systems has applied for patents on technology that it claims will fix a flaw that has recently been found in one of the most common communications protocols. [more]
Thursday, 20 May 2004, 6:08 AM CET

VIA paves path to enhanced processor security
"Our approach to processor design allows small, fanless devices to carry out the most demanding security operations while simultaneously processing today's increasingly sophisticated digital entertainment applications," said Glenn Henry, president of Centaur Technology, a company recently acquired by VIA and producer of the new core. [more]
Thursday, 20 May 2004, 6:07 AM CET

Top execs urged to zero in on security
The Business Roundtable, a national trade association for corporate executives, said Wednesday that company board members and chief executives need to pay more attention to computer security. [more]
Thursday, 20 May 2004, 6:05 AM CET

Police lack skills to tackle cyber-crime
More officers need to be trained in computer forensics, says lobby group. [more]
Wednesday, 19 May 2004, 2:54 PM CET

Embracing the art of hacking
If you can avoid some of the tedious bits, Paul Graham has some good points to make about the relationship between art and coding. [more]
Wednesday, 19 May 2004, 12:22 PM CET

WLAN security shootout
WLAN switches have deposed the intelligent access points of yesteryear. Are they really better? And which WLAN switch is best? [more]
Wednesday, 19 May 2004, 1:54 AM CET

TCP/IP skills required for security analysts
This article guides users new to the security field through some of the key skills required to work as a security analyst. The focus is on core TCP/IP competency and related technologies such as intrusion detection systems, firewalls and routers. [more]
Wednesday, 19 May 2004, 1:16 AM CET

Critical security hole found in Mac OS X
Security research group Secunia is warning all Mac OS X users about what it calls a "highly critical" vulnerability. [more]
Wednesday, 19 May 2004, 1:09 AM CET

Yahoo sets up standard to combat spam
Internet portal Yahoo on Tuesday released an e-mail standard that prevents spam marketers from hiding unwanted messages behind legitimate e-mail addresses. [more]
Wednesday, 19 May 2004, 1:01 AM CET

A new Chinese specialty: spam
Despite Beijing's Net censorship, the country appears to be playing host to thousands of the sites spammers want you to visit. [more]
Wednesday, 19 May 2004, 12:42 AM CET

Web services security draft released
The Web Services Interoperability Organization (WS-I) on Tuesday announced availability of the WS-I Basic Security Profile Working Group Draft, an early version of what is intended to be a guide for use of standards in the development of interoperable Web services. [more]
Wednesday, 19 May 2004, 12:23 AM CET

Why Windows is a security nightmare
Security in all mainstream operating systems is non-existent; however, things are especially bad for Windows. [more]
Wednesday, 19 May 2004, 12:22 AM CET

Johannesburg hacker found guilty
A 32-year-old Johannesburg man has been found guilty of loading a virus onto the computers of Edgars, an act which the company claims cost them R20 million and affected up to 700 stores. [more]
Tuesday, 18 May 2004, 8:24 PM CET

Funds sought to aid virus writer
The Sasser web worm caused trouble for thousands of net users but its author does at least have some fans. [more]
Tuesday, 18 May 2004, 6:38 PM CET

Security experts play down Cisco leak
The leak of a significant amount of Cisco Systems' source code for its latest network devices will not result in a large number of discovered vulnerabilities, security experts said Monday. [more]
Tuesday, 18 May 2004, 2:51 PM CET

Inside Windows Server 2003
Microsoft Windows 2003 has been out for a while and many books have been released about it. What I have before me is a huge hardcover title covering a lot of ground. The title certainly does promise a lot. Does it deliver? Read on to find out. [more]
Tuesday, 18 May 2004, 2:44 PM CET

European researchers craft new encryption
Quantum cryptography uses photons' properties to block Echelon, other eavesdropping technology. [more]
Tuesday, 18 May 2004, 7:43 AM CET

Criminal gangs exploit Internet employment sites
Online job sites like, CareerBuilder and HotJobs have given employers a better way to find workers, but it turns out that crime rings are targeting the sites, too. [more]
Tuesday, 18 May 2004, 7:42 AM CET

Symantec takes bite off virus-ID spam
Symantec has shown the way for other antivirus firms to finally end the proliferation of false virus notifications, which wrongly identify the source of an e-mail-borne virus and add to the general deluge swamping users' inboxes. [more]
Monday, 17 May 2004, 5:33 PM CET

Phishing expeditions are multiplying
More bad news about phishing attacks arrived Friday via message filtering firm SurfControl when it unveiled numbers showing the scams have increased nearly 500% since January. [more]
Monday, 17 May 2004, 3:22 PM CET

Stop skirting network security
Network security has become the thing that keeps executives up at night. [more]
Monday, 17 May 2004, 2:32 PM CET

Centralizing the management of network security
Few would argue against the necessity and value of security for a network. Yet for organizations purchasing PCs or servers regularly and deploying them across geographically disparate locations, the implementation of security measures can be a long, tedious task requiring extensive man-hours. And the more locations an organization has, the more likely there are inconsistencies between those locations. [more]
Monday, 17 May 2004, 2:22 PM CET

Sasser suspect fanclub launches appeal
The German teenager fingered as the author of the Sasser and NetSky worms may not be popular among IT professionals, but fans of the accused miscreant have already sprung to his defense and, apparently, opened their wallets. [more]
Monday, 17 May 2004, 1:20 PM CET

How to sell - the danger within
The sheer scale of the security threat presented by employees should not be underestimated. [more]
Monday, 17 May 2004, 1:14 PM CET

Cisco investigates source code leak
An unspecified amount of the proprietary source code that drives Cisco Systems' networking hardware has appeared on the Internet, the technology giant acknowledged early Monday. [more]
Monday, 17 May 2004, 1:13 PM CET

Windows XP Service Pack 2 still in flux
Even in the eleventh hour, Redmond is continuing to make changes to its Windows XP update code. [more]
Monday, 17 May 2004, 1:11 PM CET

No WLAN? You still need wireless security
It was nearly impossible to traverse a significant part of the show floor at this year's Networld+Interop without encountering solutions that dealt with the thorny issue of wireless security. [more]
Monday, 17 May 2004, 1:08 PM CET

VOIP is as secure as you make it
VOIP & Telephony Center Editor Ellen Muraskin says that enterprise VOIP is just as secure as traditional voice— as long as you keep your LAN under wraps. [more]
Monday, 17 May 2004, 1:05 PM CET

MS returns to base
Changes to security technology will make it easier to configure. [more]
Monday, 17 May 2004, 1:03 PM CET

Court takes gag off antispam service
A district court judge has rescinded a temporary restraining order against antispam operation SpamCop, in an early blow to a case brought by self-professed "Spam King" Scott Richter. [more]
Friday, 14 May 2004, 9:51 AM CET

Congress mulls revisions to DMCA
Congress has taken a step toward revising the Digital Millennium Copyright Act, which has attracted extensive criticism over the past six years. [more]
Friday, 14 May 2004, 8:36 AM CET

Help: I got hacked. Now what do I do?
So, you didn’t patch the system and it got hacked. What to do? The Security Program Manager at Microsoft Corporation will tell you. [more]
Friday, 14 May 2004, 8:28 AM CET

Privacy jam on California highway
The pictures show a driver peering angrily out his window at the photographer. In one, his middle finger is raised at the camera. In the last, his license plate is captured on digital film as he drives away. [more]
Friday, 14 May 2004, 8:24 AM CET

'Survivor' site contains malicious code
Code embedded in a site likely to be surfed by fans of the 'Survivor' TV show takes advantage of known software flaws. [more]
Friday, 14 May 2004, 8:20 AM CET

HNS learning session: introduction to computer forensics
In this audio session the Senior Security Engineer at Guidance Software discusses the need and importance of forensics in the IT environment and gives a number of valuable tips regarding the process, including creating methodology guidelines, incident simulation and more. [more]
Thursday, 13 May 2004, 5:37 PM CET

German police raid five homes in Sasser case
German police have widened the hunt for the vandals responsible for the distribution of the infamous Sasser and NetSky worms by raiding the homes of five new suspects. All are close to the home of Sven Jaschan, the prime suspect. [more]
Thursday, 13 May 2004, 3:27 PM CET

Symantec patches four critical firewall flaws
Symantec has issued patches for most of its firewall and antivirus products in order to fix four serious security holes. [more]
Thursday, 13 May 2004, 3:14 PM CET

NetWorld+Interop security briefing
Enterprises on the lookout for answers to security struggles have plenty of wares to pick from at the NetWorld+Interop 2004 conference, as suppliers such as FaceTime Communications, RedSiren and Senforce Technologies introduced offerings. [more]
Thursday, 13 May 2004, 3:13 PM CET

Acoustic cryptanalysis
Preliminary analysis of acoustic emanations from personal computers shows them to be a surprisingly rich source of information on CPU activity. [more]
Thursday, 13 May 2004, 2:40 PM CET

Wallon virus wrecks Windows Media Player
A new mass-mailing virus called Wallon, which destroys Windows media player and is activated when a user tries to play MP3 or video files from an infected PC, was discovered in Europe on Tuesday. [more]
Thursday, 13 May 2004, 2:36 PM CET

Microsoft to battle spyware
Microsoft says the upcoming release of Windows XP Service Pack 2 will make it much harder to sneak deceptive software onto users' computers. Is it game over for spyware authors? [more]
Thursday, 13 May 2004, 2:33 PM CET

Why are virus writers so tough to catch?
The fight to rout Sasser and its ilk is fraught with ethical ambiguities. "Out of the 75,000 viruses that are written each year, all but 1,000 never infect anybody. So is it a crime to just write a virus?" asked David Perry of Trend Micro. "We are an open society. Do we give up all those [liberties] that make us Americans?" [more]
Thursday, 13 May 2004, 2:29 PM CET

US considers "legalising hacking" with copyright ruling
The people v the entertainment industry - who carries the most sway? [more]
Thursday, 13 May 2004, 2:27 PM CET

A third of UK corporates open to hackers
Firms ignoring basic flaws as they fight high-risk vulnerabilities, warns research. [more]
Thursday, 13 May 2004, 2:24 PM CET

Feds combine smart card buys
Five federal agencies have agreed to pool their smart card needs into a large contract buy of up to 40 million cards during the next three years. [more]
Thursday, 13 May 2004, 2:23 PM CET

Apache authentication
This article describes authentication and how to control user access. [more]
Wednesday, 12 May 2004, 5:26 PM CET

'Whispering keyboards' could be next attack trend
Listen to this: Eavesdroppers can decipher what is typed by simply listening to the sound of a keystroke, according to a scientist at this week's IEEE Symposium of Security and Privacy in Oakland, Calif. [more]
Wednesday, 12 May 2004, 5:22 PM CET

Browser hijackers ruining lives
Malicious programs called browser hijackers install a lot of nasty stuff on people's computers. Some victims are facing firings, divorces and even criminal prosecution. [more]
Wednesday, 12 May 2004, 5:20 PM CET

Antivirus companies muting false alarms
They were wrong, and they were annoying, so now they've been stopped. [more]
Wednesday, 12 May 2004, 5:14 PM CET

Analyst: security woes add to Windows cost
Prominent security analyst John Pescatore has put a new twist on the Windows cost of ownership debate with a call for enterprises to add the expense of managed intrusion prevention software to the price of Microsoft's operating systems. [more]
Wednesday, 12 May 2004, 12:11 AM CET

RSA founders give perspective on cryptography
Rivest, Shamir and Adleman implemented public-key cryptography in the 1970s following the landmark work of Whitfield Diffie, Martin Hellman and Ralph Merkle. They then founded RSA Security, which became one of the most respected security companies in the world. [more]
Wednesday, 12 May 2004, 12:10 AM CET

Microsoft corrects: no XP SP2 for pirated copies
Despite reports indicating that Microsoft Corp. was planning to allow users with pirated copies of Windows XP to install Service Pack 2, the company has confirmed to that this will not be the case. [more]
Wednesday, 12 May 2004, 12:08 AM CET

Sasser copycats get busy
Copycat virus authors have released a pair of worms targeted at the same vulnerability in Microsoft's operating system exploited by the infamous Sasser worm. [more]
Wednesday, 12 May 2004, 12:06 AM CET

Virus arrests continue, as do worms
Gartner research vice president Richard Stiennon told TechNewsWorld that the recent arrests are likely to deter lower-level virus writers. [more]
Wednesday, 12 May 2004, 12:05 AM CET

Microsoft patches new Windows flaw
Microsoft on Tuesday detailed a new vulnerability in Windows XP and Windows Server 2003 that could enable an attacker to remotely execute malicious code. [more]
Wednesday, 12 May 2004, 12:04 AM CET

Understanding TCP reset attacks
To better understand the reality of this threat, KernelTrap spoke with Theo de Raadt, the creator of OpenBSD, an operating system which among other goals proactively focuses on security. [more]
Tuesday, 11 May 2004, 11:56 AM CET

Spec in works to secure wireless networks
The Trusted Computing Group said Monday that it is working on a specification to ensure that wireless clients connecting to a network won't serve as a back door to worms and crackers. [more]
Tuesday, 11 May 2004, 11:40 AM CET

Why computer security's so primitive
We've only been working on it for a few years. [more]
Tuesday, 11 May 2004, 11:39 AM CET

Lottery scams new flavour of the month
Lottery scam emails are increasing at an alarming rate, according to Fraudwatch International, the Australian website that protects consumers from identify theft. [more]
Tuesday, 11 May 2004, 11:38 AM CET

DMCA challenge to be considered this week
The Digital Millennium Copyright Act, better known as the DMCA, is a travesty of law. [more]
Tuesday, 11 May 2004, 12:52 AM CET

Experts: timing of new Sasser worm raises questions
Questions raised on whether sole author is in custody. [more]
Tuesday, 11 May 2004, 12:47 AM CET

HP debuts RFID services
Hewlett-Packard unveiled on Monday services for companies trying to start radio frequency identification projects. [more]
Tuesday, 11 May 2004, 12:45 AM CET

Security threats raise concerns about Bluetooth
Some IT managers take steps to limit wireless use; vendors claim risks aren't widespread. [more]
Tuesday, 11 May 2004, 12:43 AM CET

Phishing spreads in Europe
Phishing is slowly becoming more common in languages like Spanish, French, Dutch and German, a senior official of a company that markets security devices for online transactions says. [more]
Tuesday, 11 May 2004, 12:42 AM CET

Can Microsoft bounty end viruses?
Microsoft's $5 million reward for antivirus informants may help catch script kiddies such as the German teenager suspected of authoring a variant of the Sasser worm, but it is unlikely to have any effect on virus writers working for organized crime syndicates, according to security experts. [more]
Tuesday, 11 May 2004, 12:35 AM CET

Hand over security
Physical and information security have been converging, often under the control of IT. But companies are increasingly moving the role of policing security out of IT and into the hands of an independent CSO. Here's why you should consider doing the same. [more]
Monday, 10 May 2004, 12:48 PM CET

Cyber-crime laws hurt more than they help
The Council of Europe's Convention on Cybercrime is too far-reaching. [more]
Monday, 10 May 2004, 12:46 PM CET

A guide to centralized spam and virus filtering
This article explores the integration of Sendmail, MIMEDefang, ClamAV, SpamAssassin, and Vipul's Razor as a partial measure against spam and viruses. [more]
Monday, 10 May 2004, 12:41 PM CET

Combating Internet worms
In recent years, not only has the number of network and computer attacks been on the rise, but also the level of complexity and sophistication with which they strike. The most common and perhaps most damaging of these attacks are called worms. [more]
Monday, 10 May 2004, 12:37 PM CET

Combating the cyber criminals
Detective Chief Superintendent Len Hynds, Head of the National Hi-Tech Crime Unit discusses the problems associated with hi-tech crime. [more]
Monday, 10 May 2004, 12:36 PM CET

Microsoft modifying Palladium
Company officials said that a published report that Microsoft has decided to do away with the hardware and software security project was completely inaccurate. [more]
Monday, 10 May 2004, 12:19 AM CET

Mystery of MS's missing AV software
Microsoft's plans to improve the security of Windows through the purchase of an anti-virus company almost a year ago appear to be stuck in limbo. The software giant entered the AV market with the surprise acquisition of little known Romanian AV firm GeCAD Software for an undisclosed sum in June last year. [more]
Monday, 10 May 2004, 12:13 AM CET

Police: Sasser suspect confesses
A German high school student has confessed to creating the "Sasser" worm that generated chaos across the globe by infecting hundreds of thousands of computers, authorities said Saturday. [more]
Monday, 10 May 2004, 12:11 AM CET

Wi-Fi security standard to require new hardware
In June the IEEE is expected to finally ratify the 802.11i security standard that uses for the first time AES (Advanced Encryption Standard) technology, a powerful 128-bit encryption technology. [more]
Monday, 10 May 2004, 12:08 AM CET

E-Postmark may thwart cyber crooks
"Right now, none of the ISPs or router vendors is motivated to act, because Microsoft has promised to solve the spam problem by 2006," Penn State professor George Kesidis said. "They have the presumptive monopoly, and they're calling the shots." [more]
Monday, 10 May 2004, 12:05 AM CET

Windows XP Service Pack 2 even for unlicensed users
Both legitimate and unlicensed users of Microsoft's XP operating system software will be able to download the Service Pack 2 security patch for free. [more]
Monday, 10 May 2004, 12:01 AM CET

NVIDIA firewall certified by ICSA Labs
The firewall will be integrated into new NVIDIA nForce media and communication processors, including the NVIDIA nForce3 250Gb MCP. [more]
Friday, 7 May 2004, 3:30 PM CET

Sasser infection rate accelerates
The rapidly evolving Sasser computer worm has torn across the internet, disrupting home computer and corporate systems, including Westpac Bank, and stoking fears of more potent outbreaks to come. [more]
Friday, 7 May 2004, 2:18 PM CET

Mac virus fears grow
Recent vulnerabilities could make Macs vulnerable to virus attacks. [more]
Friday, 7 May 2004, 1:59 PM CET

Britain's biometric ID cards postponed
Technical problems have delayed the British government's trials for biometric ID cards by three months. [more]
Friday, 7 May 2004, 10:22 AM CET

Net watchers wary of Sasser fallout
Though the damage wrought by Sasser failed to reach the levels of MSBlast and other major infections, security experts are warning that there could still be more trouble to come from the worm. [more]
Friday, 7 May 2004, 1:14 AM CET

Prison time for cyber stock swindler
Teen scammer hacked a brokerage account to dump worthless Cisco options. Diary entry: "Even if I go to jail -- big deal -- I will learn something there. Hahaha." [more]
Friday, 7 May 2004, 1:12 AM CET

U.S. hit by rise in 'phishing' attacks
An estimated one in five Americans were the target of a "phishing" attack in the past year, as the number of such Internet scams rose dramatically, according to a study released on Thursday. [more]
Friday, 7 May 2004, 1:07 AM CET

Small businesses left vulnerable to virus attacks
As the new Sasser virus does the rounds, research shows almost two-thirds of the country's small businesses have been the victim of a malicious online attack. [more]
Friday, 7 May 2004, 1:06 AM CET

Longhorn: Microsoft's security bull?
"Ultimately, [Microsoft's forthcoming Windows XP Service Pack 2] will be a solution to many of these [security] problems. But when it first comes out, the situation will be the same as how people treat patches now," says Jimmy Kuo, a research fellow at Network Associates. [more]
Friday, 7 May 2004, 1:04 AM CET

Defences tested by virus attacks
The reaction times of companies are being tested by the accelerating rate that new viruses, worms and other forms of malicious code are appearing. [more]
Thursday, 6 May 2004, 2:12 PM CET

Longhorn will feature 'secure' components
Microsoft says it still wants to incorporate major security features into its next operating system. [more]
Thursday, 6 May 2004, 11:00 AM CET

Customers won't tolerate security breaches
Latest research shows that firms who fall victim to hacking, viruses or phishing may have to worry about more than just patching up their systems. [more]
Thursday, 6 May 2004, 11:00 AM CET

Security firms team for new product
Antivirus-technology companies Network Associates and Check Point Software co-released on Wednesday an automated Internet and desktop security package designed for small businesses. [more]
Thursday, 6 May 2004, 4:38 AM CET

Wi-Fi security improves
New standards will be certified and products shipping this year, say developers. [more]
Thursday, 6 May 2004, 4:37 AM CET

Worms part of IT diet
Some security experts believe that it's only a matter of time before a "superworm" is unleashed. Others have brushed it aside as mere myth. [more]
Thursday, 6 May 2004, 4:30 AM CET

Sasser is fastest written Windows worm
The "Sasser" computer worm now plaguing computers around the world was based on a critical software flaw revealed by Microsoft just 17 days before the worm's release. [more]
Wednesday, 5 May 2004, 4:36 PM CET

Security has its privileges
Maybe an innocent bystander can be excused for not seeing and stopping a crime about to happen, but IT security administrators can't. [more]
Wednesday, 5 May 2004, 4:03 PM CET

UK police arrest 12 phishing mule suspects
The UK's National Hi-Tech Crime Unit (NHTCU) today arrested six men and six women from Eastern Europe suspected of laundering funds from bank accounts seized through phishing scams. [more]
Wednesday, 5 May 2004, 3:52 PM CET

Hunt on for Sasser worm culprit
Security experts began the daunting task on Wednesday of trying to track down the authors of "Sasser," a tenacious computer worm expected to infect millions of machines before it runs its course. [more]
Wednesday, 5 May 2004, 3:49 PM CET

Security funds dry up
On May 3, federal civilian agencies were put on notice that they could have a harder time next year finding money for certifying their computer systems' security. [more]
Wednesday, 5 May 2004, 3:45 PM CET

Worm crashes Coastguard computers
Computers at the Coastguard Agency were among millions of PCs hit yesterday by a new worm that spreads over the internet. [more]
Wednesday, 5 May 2004, 3:42 PM CET

Cyber-crime fight may need new laws
Computer Misuse Act needs updating 'to address the network world', experts tell inquiry. [more]
Wednesday, 5 May 2004, 3:39 PM CET

Student hacks iTunes for compatibility
Weakness in Apple's authentication technology is music to iTunes hacker's ears. [more]
Wednesday, 5 May 2004, 3:36 PM CET

Worm damage could have been reduced
Far fewer computers would have been disabled by the latest Internet worm had their owners configured them to automatically get the latest security fixes. [more]
Wednesday, 5 May 2004, 3:33 PM CET

Boffins beef-up WiFi security
Security sits high on the WiFi development agenda this year as global adoption of the technology reaches a high. [more]
Wednesday, 5 May 2004, 3:30 PM CET

'Deceptive Duo' hacker charged
A Florida man has been charged in federal court in Washington DC for his alleged role as one half of the high-profile hacking team "The Deceptive Duo". [more]
Tuesday, 4 May 2004, 1:50 PM CET

We are all security customers
National security is a hot political topic right now, as both presidential candidates are asking us to decide which one of them is better fit to secure the country. [more]
Tuesday, 4 May 2004, 1:48 PM CET

Microsoft signs security pact with Germany
Microsoft signed a security-related agreement Monday with the federal government of Germany, where the software giant has seen numerous challenges involving open-source products. [more]
Tuesday, 4 May 2004, 11:10 AM CET

Sasser worm spreading quickly
Computer security experts are dealing with at least four variants of a worm that is spreading quickly through Windows operating systems. [more]
Tuesday, 4 May 2004, 3:27 AM CET

WiFi high crimes
Before WiFi can entirely fulfill its promise, we'll have to confront an oppressive latticework of outdated criminal laws. [more]
Tuesday, 4 May 2004, 3:14 AM CET

Mitnick busts bomb hoaxer
Ex-hacker Kevin Mitnick is a hero to the small town of River Rouge, Michigan, after using his tech skills to help officials nab the culprit behind a harrowing series of bomb threats. [more]
Tuesday, 4 May 2004, 3:10 AM CET

Netsky authors possibly penned Sasser
The unknown team of programmers who created the latest variant of the Netsky virus claim to be the authors of the Sasser worm--and researchers have found evidence that supports that assertion. [more]
Tuesday, 4 May 2004, 3:05 AM CET

Biometric IDs OK with U.K.
About 80 percent of 1,000 British adults recently surveyed say they want a biometric identification card, citing concerns about illegal immigration and identity theft. [more]
Tuesday, 4 May 2004, 3:01 AM CET

Microsoft unveils new antipiracy tools
Microsoft has released details of a long-delayed update to its content protection technology, offering new features aimed at bringing piracy-proof digital content to mobile devices and home networks. [more]
Monday, 3 May 2004, 3:14 PM CET

Scanning the horizon
Let's look at the key features of a vulnerability assessment scanner and how to get the most out of this essential tool. [more]
Monday, 3 May 2004, 2:44 PM CET

HNS learning session: DDoS threats
In this ten minute audio you are introduced to the enormous threat of Distributed Denial of Service attacks in the Internet era and you hear what should organizations do to stop them. [more]
Monday, 3 May 2004, 2:43 PM CET

Give it up: info for protection
Derek V. Smith sees bad people lurking everywhere: terrorists, quack doctors, identity thieves. And yet Smith colors himself an optimist, insisting that society can protect itself from such dicey characters, using information as a shield. [more]
Monday, 3 May 2004, 2:27 PM CET

Steamed about security
Lawmakers increasingly push agencies for specifics. [more]
Monday, 3 May 2004, 2:23 PM CET

Intruder alert - preparing for the worst-case scenario
Is the "worst-case scenario" thinking helpful when it comes to network security and can imagining an extremely potent attack give IT security personnel a better picture of their infrastructure's strengths and weaknesses? [more]
Monday, 3 May 2004, 2:20 PM CET

Linux has its own security holes
There may be fewer viruses designed to attack the Linux operating system, but experts warn that Linux is no more bulletproof than any other system. [more]
Monday, 3 May 2004, 2:17 PM CET

Why your personal firewall could be obsolete
If your business has turned the use of personal firewalls into a required countermeasure, now's a good time to start thinking more strategically before buying any more personal firewall technology from a third party. [more]
Monday, 3 May 2004, 3:26 AM CET

Firms spend more on printers than security
Users are spending less on security than printers, according to a report from IDC. However, the company does not think that pouring in more money is necessarily the answer. [more]
Monday, 3 May 2004, 12:49 AM CET

New worm's got sass, but not much else
The security researchers at eEye Digital Security are not impressed with the Sasser worm. [more]
Monday, 3 May 2004, 12:48 AM CET

U.S. charges 4 under new law against 'spam' e-mails
Federal authorities say they managed to pierce the murky underworld of Internet spam e-mails, filing the first criminal charges under the government's new "can spam" legislation. [more]
Monday, 3 May 2004, 12:47 AM CET


The synergy of hackers and tools at the Black Hat Arsenal

Posted on 27 August 2014.  |  Tucked away from the glamour of the vendor booths and the large presentation rooms filled with rockstar sessions, was the Arsenal - a place where developers were able to present their security tools and grow their community.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.


Mon, Sep 1st