Off the Wire

Off The Wire Archive

News items for June 2003

Interview with Brian Hatch
Brian Hatch is Chief Hacker at Onsight, Inc. where he is a Unix/Linux and network security consultant. In this interview he discusses his latest book, linux security and more. [more]
Monday, 30 June 2003, 6:18 PM CET

HNS Newsletter Issue 168 has been released
You can read the Newsletter in TXT or PDF format. If you haven't done it yet, consider subscribing. [more]
Monday, 30 June 2003, 6:15 PM CET

Open source firewalls explained
Hackers have computers too and want to keep their own machines free of intrusion from the Internet. Paradoxically, these computers may be the most secure computers on the Internet, because the hackers use free software that they can examine for security problems, they are the first to discover (or create) security weaknesses, and they fix their own systems as soon as loopholes are discovered. [more]
Monday, 30 June 2003, 1:50 PM CET

PetCo plugs credit card leak
Pet supply site offered more than kitty litter and flea collars. [more]
Monday, 30 June 2003, 1:45 PM CET

Defending your site against spam
Like so many other people out on the Internet, I get unsolicited commercial email or "spam". Until recently, I could handle spam by just deleting it or using email aliases. Unfortunately, my server was rendered useless by a spam attack launched by an unknown spammer. [more]
Monday, 30 June 2003, 1:44 PM CET

ZoneAlarm bells ring over freeware vuln
A recent post on Bugtraq has revealed a serious flaw in the core design of the freely-available personal firewall ZoneAlarm running on MS Windows. [more]
Monday, 30 June 2003, 1:40 PM CET

Interior Net systems ordered shut down
A federal judge pulled the plug Friday on many of the Interior Department's Internet systems - the second time the judge has ordered such a shutdown to keep hackers from reaching $1 billion in American Indian money managed by the department. [more]
Monday, 30 June 2003, 1:38 PM CET

Young cyber-terrorists hold top US firms to ransom in Transylvania
Several top American companies have been blackmailed to the tune of $50,000 a head by Romanian hackers practising 'cyber- terrorism' from the backwoods of Transylvania. [more]
Monday, 30 June 2003, 1:36 PM CET

How to secure your company
There's no one thing a company can do to be secure. First, every company is unique; what works well for one might not work for another. [more]
Monday, 30 June 2003, 10:23 AM CET

How viruses (and your PC) are used to send spam
Spammers have a new way to avoid detection: using virus-infected PCs to send out their junk e-mail. Robert tells you all about this unsettling trend--plus how to find out if your system's been infected. [more]
Monday, 30 June 2003, 10:14 AM CET

Public sector workers cautious about e-government security
Public sector staff are unwilling to use e-government services for financial transactions, although most are quite happy to conduct similar transactions on commercial websites, according to a snapshot poll. [more]
Monday, 30 June 2003, 10:10 AM CET

Group claims Linux advance on Xbox
A group of Xbox security researchers say they have found a way to run Linux on the Xbox game console without a so-called mod chip and will go public with the technique if Microsoft won't talk to them about releasing an official Linux boot loader. [more]
Monday, 30 June 2003, 10:09 AM CET

Securing VoIP on the Internet
Two start-ups take aim at securing IP voice outside the corporate firewall. [more]
Friday, 27 June 2003, 12:33 PM CET

Legendary con artist warns: Hackers play mind games
The biggest danger of hackers comes not from massive coding assaults but smiles and conversations. [more]
Friday, 27 June 2003, 12:32 PM CET

Closing gaps in corporate privacy programs
Are you vulnerable to a privacy breach? Mind the gaps. [more]
Friday, 27 June 2003, 12:32 PM CET

Reporter exploits weak Wi-Fi network; accesses student info
When the Palo Alto Unified School District decided to go high-tech and install wireless computer connections throughout it offices and on some campuses, it obviously hadn't gambled on security becoming an issue. [more]
Friday, 27 June 2003, 12:31 PM CET

Is your financial data really safe?
The threat is remote but real. With a world of hackers, hijackers and spoofers out there waiting to steal your stuff, a little caution is in order - online and off. [more]
Friday, 27 June 2003, 12:30 PM CET

Network programming with the Twisted framework, Part 1
Twisted is an increasingly popular pure-Python framework for programming network services and applications. [more]
Friday, 27 June 2003, 12:27 PM CET

Hacker how-to good summer reading
Stealing the Network is an entertaining hacking manual that purports to get inside the minds of hackers, explaining how they think. It's a good read, but it may infuriate some security types. [more]
Friday, 27 June 2003, 12:25 PM CET

ActivCard gets physical (security) with Linux
There is a tale that gets told around the offices of LinuxPlanet that never fails to bring a chuckle when it's shared. I will share it, but names have been hidden to protect the innocent and the pompous. [more]
Friday, 27 June 2003, 12:22 PM CET

How to hire a security guru
"There are personality traits that are important, like the ability to work extremely independently and to navigate competing technologies," Yankee Group senior analyst Eric Ogren told the E-Commerce Times. [more]
Friday, 27 June 2003, 12:20 PM CET

RFID chips are here
RFID chips are being embedded in everything from jeans to paper money, and your privacy is at stake. [more]
Friday, 27 June 2003, 12:18 PM CET

Conference on Mobile and Wireless Security announced
Conference sessions are divided into two tracks, Anti-Hacking and Tools and Techniques, to ensure targeted, relevant learning throughout the event. [more]
Thursday, 26 June 2003, 4:11 PM CET

Aladdin Knowledge Systems launches advanced anti-spam service
Aladdin Knowledge Systems announced its collaboration with Cobion so now Aladdin's new Advanced Anti-Spam Service includes Cobion technology for URL Classification, Hash Signature Data, and Heuristic Text Analysis for full text classification including comparison to Cobion's database of known spam. [more]
Thursday, 26 June 2003, 3:54 PM CET

Techno cops needed to catch cyber criminals - Blunkett
Police must embrace cutting edge technology to stay ahead of criminals in the fight against crime, the Home Secretary will tell an audience of senior policemen tonight. [more]
Thursday, 26 June 2003, 2:43 PM CET

Microsoft readies Windows Server 2003 SP1 - for December
Microsoft will roll out the final release of the first service pack for Windows Server 2003 in December and include a new security wizard that lets administrators lock down unnecessary processes and ports. [more]
Thursday, 26 June 2003, 2:36 PM CET

Online piracy spurs high-tech arms race
Sharing illegal copies of songs and movies on the Internet is a common practice, with the risks of getting caught slim. [more]
Thursday, 26 June 2003, 2:34 PM CET

Stumbler mapping networks for future attacks
The recently discovered Stumbler network-mapping tool represents a variety of malware that leaves enterprises with little in the way of defense, other than to lock down networks and employ intrusion detection, experts said. [more]
Thursday, 26 June 2003, 2:28 PM CET

Tips on setting up a wireless LAN
When setting up a wireless LAN for your company, there are a couple of things you should keep in mind, according to Craig Mathias, a mobile and wireless analyst and founder of Ashland, Mass.-based Farpoint Group. [more]
Thursday, 26 June 2003, 1:31 PM CET

Web privacy policies confuse Net surfers
Privacy policies that explain a company's Web surveillance habits have done little to dispel confusion among Internet users about how they are tracked online, according to a report released Wednesday. [more]
Thursday, 26 June 2003, 1:29 PM CET

Security survey says life's a breach
More than two-thirds of financial institutions globally have reported their information security procedures were "compromised" in the past year. [more]
Thursday, 26 June 2003, 1:28 PM CET

U.S. House approves $30 billion security blanket
The U.S House of Representatives has cast its vote in favor of sending $29.4 billion to the Homeland Security Department, and some Democrats don't think this is enough. [more]
Thursday, 26 June 2003, 1:18 PM CET

Federal government has a ways to go to secure systems
Federal officials and the GAO tell House subcommittee that agencies must continue to improve IT security. [more]
Thursday, 26 June 2003, 1:16 PM CET

Gates: security isn't all big brother
On the 100th anniversary of George Orwell's birth, Microsoft Chairman Bill Gates said the author of 1984 was only partially correct and predicted that technology will help preserve privacy rights. [more]
Thursday, 26 June 2003, 1:10 PM CET

Doing it all with OpenSSH, part 2
Welcome back to the Sysadmin's Corner and the continuing saga of secure communications, SSH-style. [more]
Wednesday, 25 June 2003, 11:14 AM CET

TCP/IP connection cutting on Linux firewalls and routers
This article describes how a Linux IPTables based firewall/router can be used to send the right combination of TCP/IP packets to both ends of a connection to cause them to abort the conversation. [more]
Wednesday, 25 June 2003, 11:12 AM CET

IDS criticisms kindle debate
Intrusion detection is more trouble than it's worth, Gartner says. [more]
Wednesday, 25 June 2003, 11:09 AM CET

Trusting ID management technology
The escalating need for identity management systems is driving privacy concerns to the forefront. [more]
Wednesday, 25 June 2003, 11:08 AM CET

Hackers move on to hijacking
Some call it “cyberjacking.” Others call it corporate identity theft. It’s the latest twist among computer hackers who have figured out new ways to hijack Web sites and use them to launch all kinds of unauthorized activity. [more]
Wednesday, 25 June 2003, 11:04 AM CET

Hacker targets NASA via university
A hacker has broken into a server at Kobe University and installed a program attempting to gain illegal access to the National Aeronautics and Space Administration's servers in the United States. [more]
Wednesday, 25 June 2003, 11:03 AM CET

A new breed of "hacktivists" takes on internet censorship
The free exchange of information over the Internet has proven to be a threat to the social and political control that repressive governments covet. [more]
Wednesday, 25 June 2003, 11:02 AM CET

DDoS attack hits clickbank and
The attack, which began sometime on Saturday June 21, has flooded both companies' servers with bogus traffic, having the effect of blocking access to legitimate users' service requests. [more]
Wednesday, 25 June 2003, 11:00 AM CET

Toward a spam-free future
Unsolicited commercial email is a spreading plague that feeds off the unique power of the Internet to connect hundreds of millions of computer users around the world, at virtually no cost. [more]
Wednesday, 25 June 2003, 10:59 AM CET

Joe Public blames banks for credit card fraud
Over half of all consumers (54%) feel that banks and building societies aren't doing enough to protect them from credit and debit card fraud, according to the results of a survey published today. [more]
Wednesday, 25 June 2003, 10:57 AM CET

MS worker 'ran' $17m software racket
A Microsoft worker has been charged with stealing $17 million of software from Microsoft's internal store in the second case of its type in recent months. [more]
Tuesday, 24 June 2003, 5:25 PM CET

Vendors face hostility over security reporting
Industry plans to change the way third parties report security vulnerabilities in software systems will probably be ignored say experts. [more]
Tuesday, 24 June 2003, 5:23 PM CET

Outsourcing – potential security nightmare?
This article examines the major reason why so many corporations, who have recognised the compelling arguments for outsourcing, go right to the brink of making a decision and then pull back. [more]
Tuesday, 24 June 2003, 5:17 PM CET

Tool analyzes patches
The new Radia Patch Manager applies a policy-based model to the process of updating security patches across servers, workstations and mobile devices. It will initially support Windows servers but will quickly follow up with support for a variety of Unix platforms, officials said. [more]
Tuesday, 24 June 2003, 5:12 PM CET

A dictionary for vulnerabilities
CVE gives users, vendors, and toolmakers a common vocabulary for vulnerabilities. Unfortunately, the bad guys move quite a bit faster. [more]
Tuesday, 24 June 2003, 5:08 PM CET

EU backs biometric passports
European Union governments last week agreed to embed computer chips containing biometric data in passports. [more]
Tuesday, 24 June 2003, 4:53 PM CET

Credit cards cancelled over fraud fears
Banks have been forced to recall thousands of Irish credit cards amid fears they may have been used by fraudsters in the US. [more]
Tuesday, 24 June 2003, 4:45 PM CET

DVD-piracy paranoia proves counterproductive
A little program called DeCSS caused a lot of commotion when it surfaced on the Internet four years ago. [more]
Tuesday, 24 June 2003, 4:44 PM CET

Best buy warns of e-mail scam
Some consumers were tricked into sharing personal info. [more]
Tuesday, 24 June 2003, 4:36 PM CET

Wi-Fi - New bundles improve management and security options
Wi-Fi networks have, up until this point, been a bit like the Wild West: exciting, but difficult to control and keep safe. [more]
Tuesday, 24 June 2003, 4:23 PM CET

Security firm develops new PDA protection
Network Associates releases antivirus application for wireless handhelds. [more]
Tuesday, 24 June 2003, 4:17 PM CET

Interview with Kevin Day
The author of "Inside the Security Mind: Making the Tough Decisions" and one of the founders of Relational Security Corporation discusses his book and various computer security issues. [more]
Tuesday, 24 June 2003, 4:12 PM CET

Securing PHP step-by-step
This article shows the basic steps in securing PHP, one of the most popular scripting languages used to create dynamic web pages on the Internet. [more]
Tuesday, 24 June 2003, 3:44 PM CET

Has Internet mystery code been tracked?
Worm? Trojan? Attack tool? Network administrators and security experts continue to search for the cause of an increasing amount of odd data that has been detected on the Internet. [more]
Monday, 23 June 2003, 3:18 PM CET

Review - TCP/IP Unleashed
This is an attempt to collect all information about the TCP/IP protocol suite and its implementation in today's operating systems. Is the book right for you? Read on to find out. [more]
Monday, 23 June 2003, 3:16 PM CET

HNS Newsletter Issue 167 has been released
You can read the Newsletter in TXT or PDF format. If you haven't done it yet, consider subscribing. [more]
Monday, 23 June 2003, 3:15 PM CET

University systems hacked to derail student elections
A 21-year-old student was arrested for allegedly hacking into a university computer system during student elections to cast hundreds of votes for a made-up candidate he named American Ninja. [more]
Monday, 23 June 2003, 12:43 PM CET

Biometrics meets e-commerce
Personal traits such as vocal or typing patterns could soon serve as powerful fraud-prevention tools for online shoppers. [more]
Monday, 23 June 2003, 12:40 PM CET

From the Booby Hatch
Senator Orrin Hatch says he wants to destroy music swappers' computers, but what he really means is that kids today have no respect for their elders. [more]
Monday, 23 June 2003, 12:38 PM CET

USENIX the perfect conference for uber geeks
USENIX is that it is not a trade show. At USENIX you see a lot of programmers dressed in casual geek chic: shorts or jeans, lots of sandals (with or without socks), and t-shirts. Especially black t-shirts. [more]
Monday, 23 June 2003, 12:32 PM CET

The feds love Linux
Three weeks ago, John P. Stenbit, chief information officer of the U.S. Department of Defense, issued an agencywide memo that has Linux lovers rejoicing. The brief outlined the DOD's policy on acquiring, using and developing open-source software, including the Linux operating system. [more]
Monday, 23 June 2003, 12:31 PM CET

Microsoft halts GeCAD Linux/Novell antivirus
Software giant's latest acquisition to drop development of non-Windows antivirus software. [more]
Monday, 23 June 2003, 12:27 PM CET

Proxy terminology 101
If you've ever accessed the Internet from an office environment, chances are your communications passed through a proxy. [more]
Monday, 23 June 2003, 12:23 PM CET

Why Managed Security Services are so Popular in Financial Institutions
'Managed Security Services' seems to be one of the new buzzwords in the ICT sector. When signing up with a Managed Security Service Provider (MSSP), this company will take over the real-time monitoring, management and support of your security devices on a 24x7x365 basis. [more]
Friday, 20 June 2003, 2:55 PM CET

Weekly Virus Report
This week's virus report will describe three computer worms: Danvee (W32/Danvee), Sobig.D (W32/Sobig.D) and Mofei.B (W32/Mofei.B). [more]
Friday, 20 June 2003, 2:51 PM CET

VeriSign announces anti-fraud service
VeriSign Inc. is launching a new service to thwart online fraud with support voiced from at least one major credit card company. [more]
Friday, 20 June 2003, 2:22 PM CET

Hackers masquerade as Best Buy to steal credit-card details
An email purporting to be from the electronics chain is directing would-be victims to a fake Best Buy Web site. [more]
Friday, 20 June 2003, 2:15 PM CET

Microsoft readies kit for security initiative
Microsoft at the Microsoft Professional Developers Conference in Los Angeles in October plans to release a preliminary software development kit for its Next-Generation Secure Computing Base (NGSCB) security technology, also known as Palladium. [more]
Friday, 20 June 2003, 1:48 PM CET

Geek challenge - a hack-proof network
It's a task that would challenge even the sharpest of computer geeks: set up a hacker-proof computer network for 190,000 government workers across the country fighting terrorism. [more]
Friday, 20 June 2003, 1:58 AM CET

Identity crisis
Amidst terrorism threats and world turmoil, you'd think that support for security would be at an all-time high. You'd be wrong. [more]
Friday, 20 June 2003, 1:56 AM CET

Best firewalls for the enterprise
How important is a firewall's throughput? According to Check Point Technologies' Mark Kraynak, price performance -- the amount of throughput an enterprise gets versus the dollars it spends -- is more important than top-end throughput. [more]
Friday, 20 June 2003, 1:47 AM CET

Financial institutions' hacking rate high
More than a third of financial institutions worldwide were hacked in the past year, according to a security survey. [more]
Friday, 20 June 2003, 1:41 AM CET

MySQL gets security scanner
Application Security Inc. is rolling out a security scanner for MySQL, the open-source database from MySQL AB, and for Web applications. [more]
Friday, 20 June 2003, 1:39 AM CET

Tough times bring out the best in IT
The 2003 ImageTrak survey shows HP is favourite with UK customers. [more]
Friday, 20 June 2003, 1:37 AM CET

RSA gets into fingerprints
RSA Security is to add biometric recognition technology to its popular line of two-factor authentication products. [more]
Friday, 20 June 2003, 1:35 AM CET

Basic Security Measures for FreeBSD
This document will describe the basic security measures that should be applied to a FreeBSD 4.x workstation. [more]
Thursday, 19 June 2003, 2:11 PM CET

Security researchers nibble at Bluetooth
On Tuesday the organization responsible for the Bluetooth wireless standard unveiled version 1.2. But for real evidence that that the technology is finally gaining acceptance turn to the conference program for this summer's DefCon convention. [more]
Thursday, 19 June 2003, 10:20 AM CET

Tracking down the phantom host
This article explains techniques on how to locate a problem host when you are not sure where it is physically located. [more]
Thursday, 19 June 2003, 10:19 AM CET

NetSec scoops up Defcom
London-based security consultancy Defcom Information Security has been bought out of administration by US managed security services firm NetSec. Financial terms of the deal, announced today, were not disclosed. [more]
Thursday, 19 June 2003, 10:07 AM CET

HP to ship antispam software on new PCs
Saying it wants to protect children from inappropriate material and give customers a more "positive" computing experience, Hewlett Packard will bundle antispam software with its new desktop PCs. [more]
Thursday, 19 June 2003, 9:57 AM CET

Streamlined communications called key to homeland security
Streamlined and secure information management is a critical element for the U.S. Northern Command in providing homeland defense of North America when it assumes its full operational role Oct. 1. [more]
Thursday, 19 June 2003, 9:56 AM CET

Review: Windows Services for UNIX
Everyone knows what Microsoft does by now. What some people do not know is that Microsoft releases a system integration software named Windows services for UNIX. [more]
Thursday, 19 June 2003, 9:50 AM CET

Guess Inc. agrees to tighten Web security
Clothing marketer Guess Inc. will tighten security for its Web site to resolve federal charges that it failed to protect customer credit card information from computer hackers. [more]
Thursday, 19 June 2003, 9:48 AM CET

Destroy 'pirate' PCs, says politician
A US senator wants to develop new technology which would remotely destroy the computers of people who illegally download music tracks. [more]
Thursday, 19 June 2003, 9:45 AM CET

A day in the life of a virus researcher
Yaneza and his fellow researchers analyze and describe the latest malicious code to hit the Internet. But they don't study malware for the sake of knowledge; they bust their butts to get information out to Trend Micro's end users as fast and accurately as possible. [more]
Thursday, 19 June 2003, 9:45 AM CET

Government to unveil internet defence plans
What to do if terrorists target the internet? [more]
Thursday, 19 June 2003, 9:41 AM CET

Review - Intrusion Detection with SNORT
When taking a look at the most used security tools, one of the most popular and praised ones is surely Snort. This heavily used product is an open source Network Intrusion Detection System and is available to anyone without any cost. The book I'm taking a look today is a guide through the Snort installation and usage the complete web server environment comprising of Apache, MySQL, PHP and ACID. [more]
Thursday, 19 June 2003, 12:32 AM CET

'Alternative' security conference set to return
The Ruxcon security conference, which drew 300 attendees from all over Australia to the University of Technology, Sydney (UTS) campus in April, will return in 2004. [more]
Wednesday, 18 June 2003, 9:35 AM CET

Cybersecurity starts in the office
When the office networks crash and work comes to a halt, there's probably an irresponsible co-worker somewhere in the building to blame. That's the sentiment many employees expressed in a survey on individual cybersecurity competence released today. [more]
Wednesday, 18 June 2003, 9:30 AM CET

Password-protect your sensitive files and folders
Keep files private in XP and Me by compressing their folders; the last word on killing Messenger in XP Home. [more]
Wednesday, 18 June 2003, 9:27 AM CET

Does privacy pay?
The flat economy has forced companies across America to require any new investments to deliver hard economic returns within short timeframes. Do privacy-related investments generate these kinds of returns? In many cases, absolutely not. [more]
Wednesday, 18 June 2003, 9:26 AM CET

The man who keeps the peace - Linus Torvalds
Linus Torvalds, father of the Linux operating system, reveals how he keeps the revolution from becoming a jihad. [more]
Wednesday, 18 June 2003, 9:20 AM CET

Security vs. accessibility - a fine balance
For companies that need to share information with partners, suppliers and customers via the Internet, it is also crucial that they simultaneously lock down and protect vital corporate data and intellectual property. [more]
Wednesday, 18 June 2003, 9:15 AM CET

PKI - invisibly protecting your digital assets
You may already be using PKI without knowing it if you have relied on certificates or "certs" to identify a web server or to confirm the identity of external websites. It is a critical technology for the Internet and is used in applications as diverse as e-commerce and VPNs. [more]
Wednesday, 18 June 2003, 9:13 AM CET

Improved Wi-Fi security is not for everyone yet
Wireless local area network security is about to improve dramatically, but it will take time before some organizations can reap the rewards. [more]
Wednesday, 18 June 2003, 9:10 AM CET

Cisco beefs up security training
Cisco announced the expansion of its security certification and training program to reflect the latest advances in Cisco security technology and industry expectations for IT professionals. [more]
Wednesday, 18 June 2003, 9:08 AM CET

Microsoft takes spam fight to court
Intensifying its campaign against spammers, Microsoft announced Tuesday that it has taken legal action in the company's home state of Washington and in the United Kingdom. [more]
Wednesday, 18 June 2003, 9:06 AM CET

Building and Implementing a Successful Information Security Policy
The purpose of this paper is to outline the strategies and managing processes behind implementing a successful Security Policy. [more]
Tuesday, 17 June 2003, 4:17 PM CET

Security market evolution
Information technology security is no longer a small niche component of the network infrastructure market and an afterthought to IT projects. [more]
Tuesday, 17 June 2003, 9:48 AM CET

Anti-spam proposals get tougher
A bipartisan group of legislators and some citizen groups, concerned that current legislative proposals to combat e-mail spam are inadequate, are engaged in a push for tougher alternatives. [more]
Tuesday, 17 June 2003, 9:41 AM CET

Where does security fit into the organizational chart?
CSOs offer plenty of opinions, but consensus is hard to come by. [more]
Tuesday, 17 June 2003, 9:33 AM CET

Denial of service attacks
Last year nearly 40% of all business on the web experienced a DoS attack. While the migration from private to public networks might have made global reach of business possible, it has also exposed the networks to a large variety of security threats. [more]
Tuesday, 17 June 2003, 9:20 AM CET

A little-known security threat
Are your employees giving away confidential security information? [more]
Tuesday, 17 June 2003, 9:16 AM CET

Info with a bell and chain - piracy and privacy issues
Stopping piracy and increasing privacy makes sense. But what will we lose by locking up our songs, movies, books, files and e-mails? [more]
Tuesday, 17 June 2003, 9:14 AM CET

Expert assesses the state of cyber security at CMU
Computer users beware: As the bad guys disrupt traffic on the information highway, cyber security becomes an increasing concern. [more]
Tuesday, 17 June 2003, 9:09 AM CET

Hacker tips CERT's hand on Linux/PDF flaw
Confidential vulnerability information managed by the CERT Coordination Center has again been leaked to the public, following a flurry of such leaks in March. [more]
Tuesday, 17 June 2003, 9:07 AM CET

Port knocking
An introduction to how trusted users can manipulate firewall rules to transmit information across closed ports. [more]
Tuesday, 17 June 2003, 9:06 AM CET

Security group in the hot seat
The Homeland Security Department had the right idea when it created the National Cyber Security Division earlier this month, government and industry officials say, but many observers are withholding judgment until they see what the new division accomplishes. [more]
Tuesday, 17 June 2003, 9:01 AM CET

Review - Trend Micro OfficeScan Corporate Edition
Michael Oliveri takes a look at Trend Micro OfficeScan Corporate Edition Version 3.54 and gives his take on this product. Is it right for your needs? Read on to find out. [more]
Monday, 16 June 2003, 9:46 PM CET

Firebox SOHO 6 Wireless Security Product Line Announced
Featuring an integrated 802.11b Wireless Access Point, 4-port LAN 10/100 switch and remote management capabilities, the SOHO 6 Wireless line includes three models to fit the diverse requirements of small businesses, remote offices and telecommuters. [more]
Monday, 16 June 2003, 9:45 PM CET

Sybari Releases Antigen 7.0 for Domino
According to the media release, this new version of Antigen for Domino will further strengthen Antigen's global appeal as the antivirus solution of choice for Domino/Notes administrators that need to support multiple operating systems and maintain virus-free messaging and collaboration environments. [more]
Monday, 16 June 2003, 9:45 PM CET

HNS Newsletter Issue 166 has been released
You can read the Newsletter in TXT or PDF format. If you haven't done it yet, consider subscribing. [more]
Monday, 16 June 2003, 9:40 PM CET

Penetration test for web applications - part one
This article provides the penetration tester with an overview of Web applications - how they work, how they interact with users, and most importantly how developers can expose data and systems with poorly written and secured Web application front-ends. [more]
Monday, 16 June 2003, 6:06 PM CET

Encryption is for data at rest, not just in transit
Everybody knows that it is easier to hit a stationary target than a fast-moving target. Yet an enormous amount of resources are being used to encrypt data in motion, while the bigger risk is in data at rest. [more]
Monday, 16 June 2003, 5:22 PM CET

India gears up to fight hackers
India's first internet security centre is due to become operational in July. [more]
Monday, 16 June 2003, 5:17 PM CET

Bad raps for non-hacks
A few odd cases show that you don't have be a digital desparado to be accused of a cybercrime... particularly if you embarrass the wrong bureaucrats. [more]
Monday, 16 June 2003, 5:15 PM CET

Devices tackle multiple security jobs
As IT staffs continue to look for ways to stretch their security budgets, vendors are readying new products that combine multiple security functions in a single offering. [more]
Monday, 16 June 2003, 5:13 PM CET

Security startup's creed: you can't hack what you can't see
Security software startup Trusted Network Technologies Inc. is expected to come out of hiding this week. But it hopes its customers will appreciate the ability to make their networks and critical information systems more clandestine. [more]
Monday, 16 June 2003, 5:09 PM CET

Security efforts for data in motion should be put to rest
Everybody knows that it is easier to hit a stationary target than a fast-moving target. Yet, an enormous amount of resources are being used to encrypt data in motion, while any smart hacker can tell you that data at rest is that much easier to decode and transmit to a second location. [more]
Friday, 13 June 2003, 6:22 PM CET

Business security depends on people
Patents and copyrights aren’t enough to safeguard a company’s treasures, according to Curtis Coleman. The director of worldwide electronic security for Seagate Technology touts the need for an increasing holistic view of corporate security in a competitive world. [more]
Friday, 13 June 2003, 5:16 PM CET

Do no harm: HIPAA's role in preventing ID theft
With the Health Insurance Portability and Accountability Act (HIPAA) privacy deadline recently passed, most health care providers and plan companies are preparing to implement the final rule for security. [more]
Friday, 13 June 2003, 5:15 PM CET

Share vulnerabilities or not?
First the University of Calgary announced plans to offer a class in writing computer viruses and other destructive programs. [more]
Friday, 13 June 2003, 5:15 PM CET

California man to plead guilty in Al-Jazeera hacks
A 24-year-old California man will appear in court on Monday to answer charges that he hijacked the Internet domain of Arabic news service Al-Jazeera in March. [more]
Friday, 13 June 2003, 5:14 PM CET

Privacy and anonymity in e-mail
As convenient as email is, it leaves much to be desired in terms of protecting the privacy of messages. [more]
Friday, 13 June 2003, 4:04 PM CET

Defending your DNS: best practices for reliable DNS and DHCP
Well-publicized attacks against DNS root servers and top-level domains highlight the vulnerability of the DNS infrastructure. [more]
Friday, 13 June 2003, 3:44 PM CET

Give states the right to protect privacy
Congress should let them pass their own laws regulating the sharing of financial data - and thus strengthen the credit system. [more]
Friday, 13 June 2003, 3:39 PM CET

Honeypots: are they illegal?
Honeypots are a new and emerging technology for the security community. The purpose of this paper is to address the most commonly asked issues. [more]
Friday, 13 June 2003, 3:38 PM CET

Interview: Can outsourcing aid security?
Stijn Bijnens, chief executive at security specialist Ubizen, explains the latest advances and the case for outsourcing. [more]
Friday, 13 June 2003, 3:31 PM CET

Spam 'more of a menace than hackers'
Viruses are the number one fear of computer users, but concern over the growing problem of junk email is increasing. [more]
Friday, 13 June 2003, 3:30 PM CET

Turning the network inside out
We challenged networking and firewall vendors to design an enterprise that's secure from the perimeter to the core. Their responses give us a glimpse into the future of network security. [more]
Thursday, 12 June 2003, 3:28 PM CET

Real-time alerting with Snort, part 1 of 3
Snort is built to perform one task and perform it very well. It does a magnificent job of detecting intrusions. Anything beyond intrusion detection is left up to you to handle. One capability you should add is real-time alerting. [more]
Thursday, 12 June 2003, 3:24 PM CET

Magazine, university draw ire of antivirus industry
First the University of Calgary announced plans to offer a class in writing computer viruses and other destructive programs. Then Wired magazine published the code of a virus-like program that caused mass havoc on the Internet this year. [more]
Thursday, 12 June 2003, 3:16 PM CET

Effects of worms on Internet routing stability
This article discusses the impact of worms on Internet endpoints and infrastructure, as well as their impact on global routing instability throughout the Internet. [more]
Thursday, 12 June 2003, 3:13 PM CET

FTC: blame foreigners for spam
The U.S. Federal Trade Commission wants broader powers to crack down on foreign e-mail fraud. The worst varieties of spam are increasingly coming from overseas, it says. [more]
Thursday, 12 June 2003, 3:09 PM CET

Media big hitters slam digital distribution security
A lack of secure standards for distributing digital content is threatening to hold back the development of the media, software and consumer technology industries. [more]
Thursday, 12 June 2003, 2:58 PM CET

Problem solver: getting VPN to work through NAT firewalls
With the rising popularity of telecommuting and the increasing need to protect their electronic assets, companies large and small have been turning to Virtual Private Networking (VPN). [more]
Thursday, 12 June 2003, 2:58 PM CET

Student hacks school, erases class files
Highlighting the vulnerability of most computer networks, a 17-year-old student taking a networking course was arrested for hacking into his school's computers and erasing folders belonging to the junior class, New York State Police said Tuesday. [more]
Thursday, 12 June 2003, 2:56 PM CET

Turning the SEGA Dreamcast into a Linux firewall/router
This highly detailed 101-page how-to article provides the necessary background and procedures to turn a SEGA Dreamcast gaming console into a Linux-based software router with firewalling and virtual private networking capabilities. [more]
Thursday, 12 June 2003, 2:54 PM CET

Storage and security: how real is the threat?
Partially at the behest of a reader, we take a look at the storage-security nexus. [more]
Thursday, 12 June 2003, 2:42 PM CET

Intrusion detection
This paper discusses what is an intrusion detection system, the models and the main techniques. [more]
Wednesday, 11 June 2003, 3:38 PM CET

Review - Oracle Performance Tuning
Writing a good Oracle performance tuning book involves a lot of time and effort. To us, as readers, this book will offer a good fundamental knowledge and serve as a good lead to further expand our Oracle performance tuning knowledge. [more]
Wednesday, 11 June 2003, 3:14 PM CET

New WPA wireless security coming soon
Virtually no one has a kind word to say about WEP, the standard for securing data transmissions on Wi-Fi networks. WEP, which relies on cryptography that can be cracked with a half-hour of laptop time, isn't well-defended, but until recently it's all Wi-Fi fans had. [more]
Wednesday, 11 June 2003, 2:38 PM CET

CIA: agency's high-tech skills exaggerated
The Central Intelligence Agency is so afraid of losing sensitive information to hackers that its analysts work on outdated and poorly integrated computers, according to a newly declassified report. [more]
Wednesday, 11 June 2003, 2:35 PM CET

Media chiefs express fears of digital piracy
Media moguls urge solutions to online piracy. [more]
Wednesday, 11 June 2003, 2:34 PM CET

Hacker arrested in Indian credit card scam
An Indian computer engineer has been arrested for hacking into computers belonging to foreign banks and using their databases to operate a credit card scam, police said yesterday. [more]
Wednesday, 11 June 2003, 2:32 PM CET

Reality check: how safe is Linux?
Many of the programs included in Linux distros have programming errors that lead to things like privilege escalation, whereby a common user tricks a program into thinking it has more privileges than it does, says Guardian Digital CEO Dave Wreski. [more]
Wednesday, 11 June 2003, 2:28 PM CET

Microsoft to fight virus writers head on
Microsoft is develop ing its own anti-virus software to combat the malicious programs plaguing users. [more]
Wednesday, 11 June 2003, 2:27 PM CET

Feds warn banks about Internet attack
The government is warning financial institutions about a virus-like infection that has targeted computers at roughly 1,200 banks worldwide, trying to steal corporate passwords. [more]
Wednesday, 11 June 2003, 2:26 PM CET

Wi-Fi is boost, not bane, to secure networks - Intel
High-speed wireless computer networks, or Wi-Fi, are notoriously vulnerable to unauthorized intrusion, but that may actually help to sell companies on the need to embrace the technology. [more]
Wednesday, 11 June 2003, 2:24 PM CET

Industrial security gets a Linux lock
Control-system specialist Verano has introduced a service and software package to help companies protect their critical infrastructure from digital attacks. [more]
Wednesday, 11 June 2003, 2:22 PM CET

Retailers back online security scheme
Good news for e-commerce as 4,000 European retailers join Verified by Visa initiative. [more]
Wednesday, 11 June 2003, 2:21 PM CET

Taking the threat out of IP voice
Once corporate users have tested voice over IP and proven that it works, they face one last hurdle: making sure it's secure. [more]
Tuesday, 10 June 2003, 4:15 PM CET

Hackers develop tools to thwart forensics
Anti-forensics tools and skills to thwart investigators are emerging in the underground hacker scene. [more]
Tuesday, 10 June 2003, 4:10 PM CET

AOL spam filters go awry
America Online has been blocking an undisclosed number of Comcast subscriber e-mails since late last week and is in the process of resolving the problem. [more]
Tuesday, 10 June 2003, 3:58 PM CET

PGP encryption proves powerful
If the police and FBI can't crack the code, is the technology too strong? [more]
Tuesday, 10 June 2003, 3:54 PM CET

Teaching how to create malicious code
In universities around the world, a question has arisen about computer studies syllabuses: should students be taught how to create viruses and malicious code? [more]
Tuesday, 10 June 2003, 3:54 PM CET

The enemy within: firewalls and backdoors
This article presents an overview of modern backdoor techniques, discusses how they can be used to bypass network firewalls. [more]
Tuesday, 10 June 2003, 3:50 PM CET

Police to sign up IT special constables in war on hackers
Home Office plans on cybercrime strategy will pool expertise from police, government and business. [more]
Tuesday, 10 June 2003, 3:30 PM CET

IT execs share security concerns
Insider threats from employees and trading partners, interconnected networks with no clear boundaries, and the potential for terrorist cyberattacks against corporate networks are among the top worries for technology managers. [more]
Tuesday, 10 June 2003, 3:15 PM CET

Gartner: Pescatore comments on state of enterprise security
Formerly with the National Security Agency and Secret Service, Gartner Inc. vice president John Pescatore has the perspective and experience to comment on just about everything related to IT security. [more]
Tuesday, 10 June 2003, 12:58 PM CET

The two faces of Foundstone: software piracy problems
A leading computer-security company is accused of software piracy. [more]
Monday, 9 June 2003, 3:54 PM CET

CIA spies shun computers
In the movies, spies and intelligence agents are the ones with the cool gadgets and state-of-the-art equipment, but their real life counterparts are far behind. [more]
Monday, 9 June 2003, 3:43 PM CET

Adding security to the cert
Shiftless third-party prep courses have made MCSE certification less valuable. Is Microsoft's new security cert doomed to the same fate? [more]
Monday, 9 June 2003, 2:29 PM CET

Overcoming "security by good intentions"
Last week Microsoft announced plans to revise the process it uses to provide patches that fix problems with its software. [more]
Monday, 9 June 2003, 2:20 PM CET

HNS Book Contest - five great books for one article
Would you like to get the following books: Hacking Exposed: Network Security Secrets and Solutions 4/e, Hacker's Challenge 2: Test Your Network Security and Forensic Skills, Apache Server 2.0: The Complete Reference, Windows XP Professional Security, Hacking Exposed Linux 2/e? By writing an article for HNS, you can win 1944 pages of great reading material. [more]
Monday, 9 June 2003, 1:42 PM CET

Review - SonicWALL Pro
SonicWALL's line of firewalling appliances are recommended for small- to medium-sized networks in various environments. Michael Oliveri, as a user of a SonicWALL product for the past four years, shares his experiences. [more]
Monday, 9 June 2003, 12:11 PM CET

Unix Security: The FormMail Hack
Is your Web server being used as a Spam Mail relay? It could be, and it doesn't even need a daemon listening on the SMTP port. How's it done, and how do you prevent your system from becoming a target? [more]
Monday, 9 June 2003, 11:42 AM CET

HNS Newsletter Issue 165 has been released
You can read the Newsletter in TXT or PDF format. If you haven't done it yet, consider subscribing. [more]
Monday, 9 June 2003, 11:41 AM CET

Gibraltar patches Solaris servers
Gibraltar Software introduced an appliance that remotely patches Solaris servers. [more]
Monday, 9 June 2003, 11:15 AM CET

Fear drives irrational security decisions
It was bad enough that, before 2001, security companies that had products and services to sell generated most of the fear of being hacked on the Internet. But after the 9/11 terrorist attacks, things got wonky. [more]
Monday, 9 June 2003, 11:12 AM CET

Computer hackers gather in Pittsburgh
The 29-year-old tavern owner from Berlin, Germany, is leading SummerCon, a gathering of roughly 200 hackers in Pittsburgh that began Friday and runs through Sunday. [more]
Monday, 9 June 2003, 11:10 AM CET

Wireless authentication, routing, traffic control and accounting
This document exists to detail one solution to those looking to deploy authentication-based, for-profit, tiered network services over any Ethernet-based medium that utilizes industry standard protocols to tie in with existing OSS resources. [more]
Monday, 9 June 2003, 11:02 AM CET

Why schools should teach virus writing
Many antivirus companies oppose new courses on virus writing. But Robert thinks it's a great way to develop better virus prevention--and nudge would-be hackers toward a productive future. [more]
Monday, 9 June 2003, 10:57 AM CET

Weekly Virus Report - Four Worms
This week's virus report looks at five worms: Bugbear.B, Sobig.C, Redisto.B, Festival and Naco.D. Among them, the variant "B" of Bugbear stands out particularly as, in the last few hours it has caused one of the largest epidemics over the last few months. [more]
Sunday, 8 June 2003, 2:33 PM CET

Review - The Practice of Network Security
Last year in an interview for ZDNet, computer security expert Bruce Schneier said: "I think we're finally past the era where people believe in magic security dust, that all they need to do is buy the right set of products and their network will be imbued with the property of "secure." Security is a process. It's a journey." This is exactly what this book is all about as Allan Liska teaches you the best practices to secure your network. [more]
Friday, 6 June 2003, 4:28 PM CET

BugBear.B worm information roundup
This is a collection of information dealing with the B variant of the infamous BugBear worm. Roundup contains AV vendors information, media releases, news coverage and removal tools. [more]
Friday, 6 June 2003, 1:43 PM CET

$2 trillion fine for Microsoft security snafu?
Microsoft's latest security lapse with its Passport information service could trigger a $2.2 trillion fine on the company courtesy of the US government. [more]
Friday, 6 June 2003, 10:21 AM CET

Wired magazine story to detail Slammer Web attack
Wired magazine is planning to publish the underlying code for the Slammer worm that slowed Internet traffic to a crawl in January, raising questions over whether such articles inspire future hackers or educate potential victims. [more]
Friday, 6 June 2003, 10:14 AM CET

New law aids computer security
After an incident last spring in which hackers obtained access to a computer system containing information on 265,000 state employees, Sacramento legislators passed a new law to help protect individuals from misuse of their personal data. [more]
Friday, 6 June 2003, 10:11 AM CET

Behind bars but learning to network
Italian inmates receive training in a Cisco computer program. [more]
Friday, 6 June 2003, 10:07 AM CET

HP desktop embeds security
Hewlett-Packard has launched new business desktops, including one with HP's first embedded security chip. The other is its first post-merger thin client. [more]
Friday, 6 June 2003, 9:39 AM CET

Linux security: The seven deadly sins
"No firewall can keep all hackers out." With these words, security consultant Bob Toxen began his sermon, or workshop, on the "seven deadly sins" of Linux security. Any IT manager who commits one of these sins will "get nailed sooner or later," he said. [more]
Friday, 6 June 2003, 1:08 AM CET

New regulations have companies turning to risk management
Regulatory changes are causing financial services and health care companies to lead the way in rethinking the role of information security. The result is that security is finding a new home in the field of corporate risk management. [more]
Friday, 6 June 2003, 1:06 AM CET

Quantum cryptography stretches 100 kilometres
Communications protected with the complete security of quantum cryptography are now possible over an ordinary 100-kilometre fibre optic cable, thanks to sophisticated photon detection equipment developed by UK researchers. [more]
Friday, 6 June 2003, 1:06 AM CET

EU squabble may sink planned cybercrime agency
Plans for a European agency to tackle cybercrime such as computer viruses and terror attacks may be scuppered by bureaucracy because governments want to monitor it too tightly, EU officials said on Wednesday. [more]
Friday, 6 June 2003, 1:02 AM CET

New Bugbear spreading fast
A new variant of the Bugbear virus - Win32.Bugbear.B - has emerged and threatens corporate and home computer systems, according to anti-virus experts. [more]
Friday, 6 June 2003, 12:57 AM CET

U.S. reviewing old, secret surveillance files
Government prosecutors are reviewing years worth of sensitive telephone and e-mail wiretaps and results from secret searches to decide whether they can file criminal charges against suspected terrorists in the United States. [more]
Thursday, 5 June 2003, 9:57 AM CET

Postfix with SASL authentication over TLS
This article will show you how to force users to authenticate before sending mail through Postfix. [more]
Thursday, 5 June 2003, 9:51 AM CET

Cyber alert: portrait of Kevin Mitnick
A journey into the mind of Kevin Mitnick shows just how vulnerable companies are to Internet crime. [more]
Thursday, 5 June 2003, 9:41 AM CET

Group releases anti-disclosure plan
Security companies and software-makers want your opinion on a proposal to voluntarily limit discussion of security holes. [more]
Thursday, 5 June 2003, 9:38 AM CET

Windows Server 2003 gets first security patch
Despite the embarrassment of having to release a security patch for its Server 2003 operating system barely two months after launch, Microsoft claims the details are a positive sign for trustworthy computing. [more]
Thursday, 5 June 2003, 9:31 AM CET

You've been hacked: Now prevent future attacks
We have already shown you what to do immediately following a hacker attack; now we will look at some longer term measures to prevent a future attacks. [more]
Thursday, 5 June 2003, 9:30 AM CET

Virus-writers spreading worms by spamming
At least that's the finding of two security firms that tracked the spread of Sobig.c, which debuted this weekend and was first noted for the bogus e-mail address of its sender, [more]
Thursday, 5 June 2003, 9:29 AM CET

OpenBSD gets harder to crack
On the security field, nothing is quite as revealing—or as taxing—as the passage of time. [more]
Thursday, 5 June 2003, 9:28 AM CET

Sobig: spam, virus or both?
The quick spread of the recent Sobig.C virus may owe more to the advances in spamming techniques than to the skill of an anonymous virus writer, according to a leading antivirus company. [more]
Thursday, 5 June 2003, 9:27 AM CET

Gartner: war drive illustrates wireless problem
It's not every day you get to ride shotgun on a war drive in the most strategic and sensitive city in the world... [more]
Thursday, 5 June 2003, 9:24 AM CET

Review - Wireless Security End to End
The authors truly provided an end-to-end guide that should suite both the future wireless administrators (although the book isn't so technical), as well as the members of management interested in deploying wireless communications. [more]
Wednesday, 4 June 2003, 11:43 PM CET

Analysis of remote active operating system fingerprinting tools
The purpose of this paper is to show how some tools used for remote active operating system fingerprinting work, and to understand the advantages and disadvantages they each offer. [more]
Wednesday, 4 June 2003, 6:23 PM CET

Snort security holes and strategies for safe network monitoring
In this article the author reviews the attacks that have been launched against Snort in the past, as well as the recent (and more serious) buffer overflows. [more]
Wednesday, 4 June 2003, 3:50 PM CET

Big Brother and the next 50 years
Bruce Sterling calls himself an author, a journalist and an editor--and all that is true. But Sterling, who wrote "The Hacker Crackdown," is also a contrarian and a leading cultural critic of modern technology. [more]
Wednesday, 4 June 2003, 3:48 PM CET

Defcom goes titsup
London-based information security consultancy Defcom has been placed in administrative receivership. [more]
Wednesday, 4 June 2003, 3:47 PM CET

Security fears slow online banking uptake
Long way to go before consumers will trust internet finance, says analyst. [more]
Wednesday, 4 June 2003, 2:24 PM CET

Security now five per cent of IT budget
Compound annual growth rate of 28 per cent since 2001, reports Gartner. [more]
Wednesday, 4 June 2003, 2:24 PM CET

Protecting data with Norton Ghost 2003
Symantec’s Norton Ghost 2003 is the latest rendering of a product that has become many a Windows administrators’ mainstay over the past few years. Emmett heard from a "trusted source" that the new version provides good results with Linux, too. Read his review to find out more. [more]
Wednesday, 4 June 2003, 11:21 AM CET

Microsoft fixes up patch system
Microsoft has opened up its drive to improve software security with a redesigned software patch management system and a partnership with VeriSign to authenticate Web services. [more]
Wednesday, 4 June 2003, 11:17 AM CET

Boy hacks into hosts parents' bank account
A teenage online computer-game junkie tried to steal $10,000 by hacking into his host parents' internet bank account. [more]
Wednesday, 4 June 2003, 11:12 AM CET

Authentication has a long way to go at industrial sites
A panel at Gartner's Sector5 conference examined the distinct issues facing energy, utility and water companies in deploying authentication and other information security measures. [more]
Wednesday, 4 June 2003, 11:11 AM CET

Worry more about insiders than cyberterrorism
Enterprises worried about cybersecurity should pay more attention to their own employees than to the as-of-yet unrealized threat of cyberterrorism. [more]
Wednesday, 4 June 2003, 11:08 AM CET

Cybersecurity report card - serious improvements needed
A Computer Security Institute and Federal Bureau of Investigation survey of 500 U.S. companies shows an increase in reported financial losses of 21 percent, or $455.8 million, for 2002. [more]
Tuesday, 3 June 2003, 4:18 PM CET

Electronic voting 'open to abuse'
The results of a new electronic voting system, set to be used in all future elections, could be altered by rogue hackers, two prominent computer scientists have warned. [more]
Tuesday, 3 June 2003, 4:17 PM CET

Corporations crack down on pirated software
Corporations cracked down on pirated software last year, trimming the glut by a percentage point, an industry report said Tuesday. [more]
Tuesday, 3 June 2003, 4:15 PM CET

Corporate spam overtakes legitimate e-mail
Spam has officially overtaken legitimate e-mail in the workplace, and there’s little relief in sight. [more]
Tuesday, 3 June 2003, 4:14 PM CET

Crypto maker changes course
New leadership at security developer Ntru CryptoSystems Inc. is hoping a new services and consulting strategy will help mitigate the damage caused by problems with the company's core encryption algorithm. [more]
Tuesday, 3 June 2003, 10:55 AM CET

Security is key at IBM conference
Dealing with internal and external security threats will be high on the agenda at the IBM Computer Users Association's security briefing. [more]
Tuesday, 3 June 2003, 10:50 AM CET

3Com starts security partner programme
Vendor seeks reseller support as it attempts to boost presence in security market. [more]
Tuesday, 3 June 2003, 10:49 AM CET

Sourcefire aims to boost network security
New technology enhances intrusion-detection systems. [more]
Tuesday, 3 June 2003, 10:48 AM CET

Greedy staff pose security threat
Security breaches in the future are likely to be driven by greedy employees, a report has found. [more]
Tuesday, 3 June 2003, 10:40 AM CET

Net attack overwhelms computers with complexity
A type of internet attack that involves bamboozling a computer with specially crafted packets of data has been developed by a pair of US researchers. [more]
Tuesday, 3 June 2003, 10:39 AM CET

Antivirus and EFS in Windows Server 2003
When installing an antivirus on a Windows Server 2003 system with EFS it should first be checked whether the antivirus is capable of scanning for viruses even in encrypted files. If not, encrypting a file would leave the antivirus disarmed in the face of malicious code. [more]
Monday, 2 June 2003, 8:32 PM CET

Review - Network Monitoring and Analysis: A Protocol Approach to Troubleshooting
The title of this book is very descriptive, it tells you clearly what's this book about. Network analysis and monitoring consists of employing proper software and/or hardware tools to capture, decode, interpret, and react to the contents of data packets as they transit a network's medias. [more]
Monday, 2 June 2003, 8:31 PM CET

Langa letter: easy encryption
Fred Langa looks at the universe of products that help you protect sensitive files and data from prying eyes and hackers. [more]
Monday, 2 June 2003, 12:47 PM CET

Spam tsunami
International task force testing solutions to stop the flood of junk e-mail. [more]
Monday, 2 June 2003, 12:46 PM CET

North Korea's school for hackers
In North Korea's mountainous Hyungsan region, a military academy specializing in electronic warfare has been churning out 100 cybersoldiers every year for nearly two decades. [more]
Monday, 2 June 2003, 12:40 PM CET

.Net, WebSphere security tested
In the latest salvo in the Web services platform wars, Microsoft Corp. this week will announce that a major security company has found its .Net Framework better than IBM's WebSphere for building and deploying secure Web applications and services. [more]
Monday, 2 June 2003, 12:39 PM CET

Scammers use trust to obtain your personal information
Social Engineering takes advantage of the human element of security. [more]
Monday, 2 June 2003, 12:39 PM CET

Do PDAs pose a security risk?
Virus writers aren't targeting handhelds yet, but risks remain. [more]
Monday, 2 June 2003, 12:37 PM CET

Hacker takes a crack at TiVo
An avid TiVo fan will release a book this summer detailing 100 ways to break into everyone's favorite digital video recorder. While the book's author says he isn't condoning anything illegal, TiVo, the company, said it doesn't encourage people to try the hacks at home. [more]
Monday, 2 June 2003, 12:21 AM CET

802.11i shores up wireless security
The inadequacy of the Wired Equivalent Privacy protocol has delayed widespread adoption of wireless LANs in many corporations. [more]
Monday, 2 June 2003, 12:18 AM CET

Europe imports an American problem - spam
The junk e-mail plaguing Europe has something decidedly in common with the American variety: Nearly all the messages are in English, originate in the U.S. and don't even bother to price their wares in Euros. [more]
Monday, 2 June 2003, 12:16 AM CET

Interview with Fyodor, author of nmap
Slashdot readers asked Fyodor many excellent questions, and his answers are just as excellent. You'll want to set aside significant time to read and digest this interview, because Fyodor didn't just toss off a few words, but put some real time and energy into his answers. [more]
Monday, 2 June 2003, 12:14 AM CET

HNS Newsletter Issue 164 has been released
You can read the Newsletter in TXT or PDF format. If you haven't done it yet, consider subscribing. [more]
Monday, 2 June 2003, 12:08 AM CET

Security disclosure debate reignites
Online security consultancy Spi Dynamics has sparked a new debate over the responsible handling of vulnerability warnings with the release of an alert for multiple security holes in the Sun ONE Application Server 7.0. [more]
Sunday, 1 June 2003, 5:37 PM CET


The synergy of hackers and tools at the Black Hat Arsenal

Posted on 27 August 2014.  |  Tucked away from the glamour of the vendor booths and the large presentation rooms filled with rockstar sessions, was the Arsenal - a place where developers were able to present their security tools and grow their community.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.


Mon, Sep 1st