Off the Wire

Off The Wire Archive

News items for June 2008

Q&A: The threat of malware to mobile phones
Richard R. Roscitt is the CEO of SMobile Systems. He keynoted at world-class forums and is regularly featured in leading business and industry trade print and electronic media, having appeared often on CNBC, Bloomberg TV, and CNN/FN. In this interview he discusses the threat of malware to mobile phones. [more]
Monday, 30 June 2008, 7:17 PM CET

Top 10 strangest anti-terrorism patents
Technology has always played a big role in fighting terrorism. [more]
Monday, 30 June 2008, 7:16 PM CET

Whitepaper: Backup and recovery - top 10 reasons to upgrade
A new gold standard in continuous data protection and complete system recovery is here—Symantec Backup Exec 12 and Backup Exec System Recovery 8. [more]
Monday, 30 June 2008, 7:14 PM CET

I've seen the future, and it has a kill switch
It used to be that just the entertainment industries wanted to control your computers - and televisions and iPods and everything else - to ensure that you didn't violate any copyright rules. But now everyone else wants to get their hooks into your gear. [more]
Thursday, 26 June 2008, 2:23 PM CET

(IN)SECURE Magazine issue 17 has been released
(IN)SECURE Magazine is a free digital security magazine in PDF format. In this issue you can read about open redirect vulnerabilities, securing the enterprise data flow against advanced attacks, bypassing and enhancing live behavioral protection, security flaws identification and technical risk analysis through threat modeling, building a secure wireless network for under $300, reverse engineering software armoring, and much more! Download your FREE copy today! [more]
Wednesday, 25 June 2008, 10:33 PM CET

Whitepaper - the latest advancements in SSL technology
Learn how to get the strongest SSL encryption and increase customer confidence with Extended Validation (EV) SSL Certificates, which trigger the green address bar in high security browsers, allowing your customers to feel safe online. [more]
Wednesday, 25 June 2008, 10:23 PM CET

Q&A: The DNSChanger Trojan
Christoph Alme is the Principal Engineer and Team Lead of anti-malware research at Secure Computing Corporation. He is the inventor of several patent-pending key technologies in the field of proactive malware detection. In this interview he discusses a new variant of the DNSChanger Trojan. [more]
Tuesday, 24 June 2008, 10:08 PM CET

CCTV cameras 'taught to listen'
CCTV cameras which use artificial intelligence software are being developed to "hear" sounds like windows smashing, researchers have revealed. [more]
Tuesday, 24 June 2008, 6:47 PM CET

Hacking and mashing at the Palace
The ingredients for Mashed are simple. Bring the best web developers from around the United Kingdom; mix them together with new web tools, applications and services; then leave them for a whole weekend to see what they will come up with. [more]
Tuesday, 24 June 2008, 12:29 PM CET

What privacy policy?
Want to know how well a company protects its customers' data? Don't talk to its security and compliance officers. Instead, try its marketing department. [more]
Tuesday, 24 June 2008, 12:00 AM CET

C2 systems: no longer a proprietary issue
The past five years have seen remarkable transformation in how military Command and Control (C2) systems are designed and procured. Proprietary and costly custom developed systems are now giving way to commercial off-the-shelf networking products with the same level of reliability and capability. While the benefits are numerous, the resistance from traditional vendors and contractors is equally significant. [more]
Monday, 23 June 2008, 10:57 PM CET

Creating chroot sftp jails with Jailkit
A few months back I was given an assignment to create some chroot jails for a group of customers so that they could securely upload files with sftp. [more]
Monday, 23 June 2008, 12:00 AM CET

France to ban illegal downloaders
Anyone who persists in illicit downloading of music or films will be barred from broadband access under a controversial new law that makes France a pioneer in combating internet piracy. [more]
Friday, 20 June 2008, 10:00 AM CET

Choosing the right security personnel
In the new edition of the HNS podcast, Simon Heron from Network Box discusses why choosing the right security personnel is every bit as important as opting for the right security technology. [more]
Thursday, 19 June 2008, 9:54 PM CET

Compressed web phone calls are easy to bug
Plans to compress internet (VoIP) phone calls so they use less bandwidth could make them vulnerable to eavesdropping. [more]
Thursday, 19 June 2008, 2:21 PM CET

Citibank hack blamed for alleged ATM crime spree
A computer intrusion into a Citibank server that processes ATM withdrawals led to two Brooklyn men making hundreds of fraudulent withdrawals from New York City cash machines in February, pocketing at least $750,000 in cash, according to federal prosecutors. [more]
Thursday, 19 June 2008, 2:13 PM CET

'Geek girl' helps keep Mozilla safe in scary times
Window Snyder isn't your average security czar. [more]
Thursday, 19 June 2008, 9:30 AM CET

Starting SSH connections simply with SSHMenu
SSHMenu adds a button to your GNOME panel that displays a configurable drop-down list of hosts that you have might like to connect to with SSH. [more]
Wednesday, 18 June 2008, 11:25 AM CET

Cyber security coordination
The level and sophistication of growing online threats and attacks highlight the imminent need for government agencies to coordinate and implement comprehensive information assurance practices with one another. But the responsibility must be one that is shared with the business community, who wrestle with these issues on a daily basis. [more]
Tuesday, 17 June 2008, 11:56 PM CET

Code development and security
How do we know our code is bug free? What makes us believe that our application is always going to work? [more]
Tuesday, 17 June 2008, 7:59 PM CET

MySpace wins another verdict against alleged spammer
MySpace can collect $6 million from a notorious Internet marketer accused by the popular online hangout of spamming its users. [more]
Tuesday, 17 June 2008, 4:04 PM CET

Q&A: iPhone security and the enterprise market
In this interview, the Director of Business Development for the Mobile group at Check Point discusses iPhone's break into the enterprise, steps users should take in order to protect their devices as well as Check Point's support for the iPhone. [more]
Monday, 16 June 2008, 11:54 PM CET

Secret terror files left on train
Police are investigating a "serious" security breach after a civil servant lost top-secret documents containing the latest intelligence on al-Qaeda. [more]
Friday, 13 June 2008, 2:22 PM CET

Video - PCI compliance explained
Learn about the Payment Card Industry Data Security Standard (PCI DSS), a security standard that includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures. [more]
Friday, 13 June 2008, 9:46 AM CET

Critical vulnerability in Citect's SCADA software
Thousands of companies using SCADA systems could unknowingly be exposing critical industrial processes and assets that they otherwise sought to protect if they do not immediately move to apply the vendor-provided patch, or other suggested workarounds for the vulnerability issued by the software maker. [more]
Thursday, 12 June 2008, 4:21 PM CET

The rise of user circumvention and risky unauthorized activities
In the new edition of the HNS podcast, Chris King from Palo Alto Networks discusses user circumvention - how end users are actively skirting IT security controls with anonymous, external proxies and tunneling applications, enabling risky and unauthorized activities. [more]
Wednesday, 11 June 2008, 7:08 PM CET

PCI mandate stresses importance of web application security
On June 30, another refresh of the Payment Card Industry (PCI) Data Security Standards (PCI DSS) will upgrade Web application security testing from a best practice to a mandatory practice. The deadline forces merchants and vendors to take a closer look at application-layer security and emphasizes its importance in fighting increasing online threats. [more]
Tuesday, 10 June 2008, 11:58 PM CET

Q&A on e-mail security threats and countermeasures
David Vella is the Director of Product Management at GFI with experience in quality assurance, network administration and software development. In this Q&A he provides insight into e-mail security threats. [more]
Monday, 9 June 2008, 11:14 PM CET

Digital forensics: 5 ways to spot a fake photo
Composite images made of pieces from different photographs can display subtle differences in the lighting conditions under which each person or object was originally photographed. Such discrepancies will often go unnoticed by the naked eye. [more]
Thursday, 5 June 2008, 2:12 PM CET

Politically motivated Distributed Denial of Service attacks
In the new edition of the HNS podcast we have Dr. Jose Nazario, Arbor Networks senior security researcher, talking about politically motivated DDoS attacks around the world. [more]
Wednesday, 4 June 2008, 7:50 PM CET

Google accused over privacy law
Privacy groups are accusing Google of violating California law in its reluctance to provide a direct link to its privacy policy on its homepage. [more]
Wednesday, 4 June 2008, 10:17 AM CET

Blind SQL injection discovery and exploitation technique
This paper describes a technique to deal with blind SQL injection spot with ASP/ASP.NET applications running with access to XP_CMDSHELL. It is possible to perform a pen test against this scenario by not having any kind of reverse access or display of error messages. [more]
Tuesday, 3 June 2008, 4:59 PM CET

Cost-effective quantum key distribution
Researchers at the National Institute of Standards and Technology (NIST) have demonstrated a simpler and potentially lower-cost method for distributing strings of digits, or "keys," for use in quantum cryptography, the most secure method of transmitting data. [more]
Tuesday, 3 June 2008, 9:17 AM CET

Gun T-shirt was a security risk
A man wearing a T-shirt depicting a cartoon character holding a gun was stopped from boarding a flight by the security at Heathrow's Terminal 5. [more]
Tuesday, 3 June 2008, 3:36 AM CET

New spy cam software blurs faces of the innocent
Cities and corporations are stringing up thousands and thousands of surveillance cameras, armed with advanced video intelligence algorithms, to watch out for terrorists and crooks. Too bad the rest of us get caught on tape, while the electronic eyes make their spy sweeps. And no one knows what the spycams are recording. [more]
Tuesday, 3 June 2008, 3:21 AM CET

Book review - Crimeware: Understanding New Attacks and Defenses
Even as the security industry celebrates solid sales thanks to compliance laws, the last few years have not been characterized by a state of growing security. In fact, evolving attacks have fueled a strong underground economy and malware authors now have a solid cash incentive to make sure their malicious code infects as many computers as possible and avoids detection. Two well-known security researchers and several contributors are the authors behind "Crimeware", a book that promises to deliver information about new attacks and provide advice when it comes to defenses. Read on to find out what it offers. [more]
Monday, 2 June 2008, 6:54 PM CET

Full disclosure and why vendors hate it
The problem with too many secrets is that they frequently rub against the notion of privacy. [more]
Monday, 2 June 2008, 12:03 AM CET

In-flight surveillance could foil terrorists in the sky
CCTV cameras are bringing more and more public places under surveillance – and passenger aircraft could be next. [more]
Monday, 2 June 2008, 12:00 AM CET


The synergy of hackers and tools at the Black Hat Arsenal

Posted on 27 August 2014.  |  Tucked away from the glamour of the vendor booths and the large presentation rooms filled with rockstar sessions, was the Arsenal - a place where developers were able to present their security tools and grow their community.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.


Fri, Aug 29th