Off the Wire

Off The Wire Archive

News items for July 2002

OpenSSL security vulnerabilities roundup
There are four remotely exploitable buffer overflows in OpenSSL plus encoding problems in the ASN.1 library. This roundup contains vulnerability information, security advisories and patches on this topic. [more]
Wednesday, 31 July 2002, 1:01 PM CET

Security warning draws DMCA threat
Hewlett Packard has found a new club to use to pound researchers who unearth flaws in the company's software: the Digital Millennium Copyright Act. [more]
Wednesday, 31 July 2002, 12:24 PM CET

Hacking the Invisible Network: Insecurities in 802.11x
This paper addresses the vulnerabilities inherent in 802.11x networks, how to determine if a WLAN is vulnerable using freeware tools and how to best secure them. [more]
Wednesday, 31 July 2002, 12:55 AM CET

IT Nightmare: the enemy within
The discovery that employees are attacking internal systems is a challenge because the majority of security monitoring is focused on the outside perimeter of the organization, not on the inside. [more]
Wednesday, 31 July 2002, 12:54 AM CET

Honeypots turn the tables on hackers
Honeypots are positioned to become a key tool to defend the corporate enterprise from hacker attacks, but some security watchers worry they could bring a new set of security worries with them. [more]
Wednesday, 31 July 2002, 12:38 AM CET

Scam sweep targets 19 online fraudsters
Federal and state law enforcement authorities said Tuesday they had taken action against 19 Internet-based scams that they say collectively bilked consumers out of millions of dollars. [more]
Wednesday, 31 July 2002, 12:36 AM CET

Princeton Apologizes for web breach
Princeton University President Shirley Tilghman apologized for snooping by at least one Princeton admissions officer into online files of high school seniors who had applied to Yale University. [more]
Wednesday, 31 July 2002, 12:33 AM CET

New trends in virus technology
Many machines are falling prey to attackers who are using back-door viruses to take over computers to use them in distributed denial-of-service attacks. [more]
Wednesday, 31 July 2002, 12:28 AM CET

LinuxSecurity Magazine Brasil is here
LinuxSecurity Brasil announced the first edition of its online Magazine, the LinuxSecurity Magazine that represents the result of several IT Brazilian professionals' efforts to bring free knowledge for the community. [more]
Wednesday, 31 July 2002, 12:10 AM CET

RIAA hackers get their own back
A denial of service attack knocked the Recording Industry Association of America's website off the net over the weekend. [more]
Wednesday, 31 July 2002, 12:02 AM CET

Proxy-Based Security Protocols in Networked Mobile Devices
A prototype system has been constructed, which allows for secure, yet efficient, access to networked, mobile devices. The authors present a quantitative evaluation of this system using various metrics. [more]
Tuesday, 30 July 2002, 12:24 PM CET

XML Web services need a firewall
Security is the biggest obstacle to deploying XML Web services. Traditional network firewalls won't do the job. You need the authentication and access control of an XML application firewall. [more]
Tuesday, 30 July 2002, 12:10 PM CET

Wartime spies' code gets new life on CD
A firm has built encryption software it claims offers the highest level of encryption available, but a local expert questions its practicality. [more]
Tuesday, 30 July 2002, 11:44 AM CET

Fighting internet abuse: things you can do
It takes about ten seconds to find that a particular IP address maps back to a certain ISP, whereupon you can simply drill down to the relevant contact e-mail addresses for the abuse admins. [more]
Tuesday, 30 July 2002, 11:43 AM CET

Cyberinsurance may cover damage of computer woes
Cyberinsurance covers almost anything related to information technology, including losses resulting from viruses, hacker or denial of service attacks, extortion, and copyright and privacy infringement. [more]
Tuesday, 30 July 2002, 11:42 AM CET

Microsoft taps academics on security
The Trustworthy Computing Academic Advisory Board will contribute to Microsoft's recent effort to improve the security and reliability of its products. [more]
Tuesday, 30 July 2002, 11:38 AM CET

Students help fight cybercrime
In an unusual arrangement, Tulsa, police are teaming up with students at the University of Tulsa to help investigate and stop cybercrime. [more]
Tuesday, 30 July 2002, 11:32 AM CET

Archiving PF Firewall Logs
This article looks at the problem of automating the transfer of logs from the firewall to one of the workstations connected to the internal private network segment. [more]
Tuesday, 30 July 2002, 11:30 AM CET

Handheld OSes due for security advances
Palm Inc. and Microsoft Corp., have seized on security as a selling point in their offerings, and we can expect significant security advances in the next-generation handheld operating systems from these companies. [more]
Tuesday, 30 July 2002, 11:28 AM CET

Turning the Spotlight to Internal IT Security
Is your company data an asset or a threat? The issue will be discussed with particular reference to the U.K. [more]
Tuesday, 30 July 2002, 11:26 AM CET

HNS Newsletter issue 121 has been released
You can read the Newsletter in TXT or PDF format. If you haven't done it yet, consider subscribing. [more]
Monday, 29 July 2002, 4:37 PM CET

Defeating Forensic Analysis on Unix
Digital forensic analysis is rapidly becoming an integral part of incident response, capitalising on a steady increase in the number of trained forensic investigators and forensic toolkits available. [more]
Monday, 29 July 2002, 4:34 PM CET

Introduction to password cracking
Password and user account exploitation is one of largest issues in network security. This article looks at password cracking and how and ways to combat it. [more]
Monday, 29 July 2002, 2:10 PM CET

Palladium debate heats up
As Microsoft shares more details of Palladium, there is a growing unease in the security community about not only the technology but also Microsoft's intentions. [more]
Monday, 29 July 2002, 2:02 PM CET

Inside security attacks are more frequent than external
Contrary to a popular belief, hackers are less of a threat. Companies are mostly at risk from inside - from discontented employees, reckless employees, or disgruntled ex-employees. [more]
Monday, 29 July 2002, 2:00 PM CET

The right to defend
Is it criminal to reach out and hack an infected machine that's attacking your network? [more]
Monday, 29 July 2002, 1:25 PM CET

Improvements tighten Lucent's Security Management Server
LSMS 7.0 comes with QoS support, DHCP Relay and Brick DHCP client support, HTTP application filtering, robust TCP protocol inspection, and it also includes new software for Lucent's Brick firewalls. [more]
Monday, 29 July 2002, 1:21 PM CET

Wi Fi Honeypots a new hacker trap
War drivers beware, the next wireless network you tap might be part of an elaborate sting. [more]
Monday, 29 July 2002, 1:16 PM CET

Fluffy Bunny no longer energized
Brian McWilliams says that the hacker group that once contemplated a massive, distributed DoS attack on the Net's 13 domain-name root servers has been awfully quiet this year. [more]
Monday, 29 July 2002, 1:10 PM CET

Secure site seals may be misleading: Netcraft
Secure site seals handed out to sites by certificate authorities and lock icons shown by browsers can often mislead consumers into believing that a site is more secure than it actually is. [more]
Monday, 29 July 2002, 10:37 AM CET

Security in Plan 9
The security architecture of the Plan 9 OS has been redesigned to address some technical shortcomings. This redesign provided an opportunity to make the system more convenient to use securely. [more]
Friday, 26 July 2002, 1:53 PM CET

Executives advised to take role in internet security
Security issues need to be addressed in boardrooms and executive suites, not just data centers and network storage closets. [more]
Friday, 26 July 2002, 1:52 PM CET

Unix shell scripting malware
Unix/Linux binary malware can be very dependent upon distribution flavour and kernel version. What are the possibilities in the Unix world for malicious code using scripting? [more]
Friday, 26 July 2002, 1:23 PM CET

Securing your network is no easy task, but it has to be done
Information security is becoming increasingly critical, especially as companies suffer from more and more nefarious attacks, including from viruses and DoS attacks. [more]
Friday, 26 July 2002, 1:14 PM CET

Verio tries to get off its back
Web-hosting company won its battle against an antispam activist, but the war is far from over. [more]
Friday, 26 July 2002, 1:11 PM CET

Cybersecurity confusion hampers government
U.S. cybersecurity policy and the protection of critical infrastructure is being hampered by a failure to communicate between the large number of federal organizations which have responsibilities in the area. [more]
Friday, 26 July 2002, 1:06 PM CET

Firewalls: The soft option
There is no excuse for failing to protect data on a network and there are plenty of firewall options on the market. [more]
Friday, 26 July 2002, 12:33 PM CET

Find a Bug? Don't E-Mail Microsoft
It may be the most-used vendor bug reporting address in history. This week Redmond put "" out to pasture in favor of a handy Web form. [more]
Friday, 26 July 2002, 12:29 PM CET

US union defends hacker code
A cornerstone of digital copy-protection law is about to be challenged in court by the American Civil Liberties Union. [more]
Friday, 26 July 2002, 12:26 PM CET

Yale accuses Princeton of hacking into admissions Web site
Yale University complained to the FBI on Thursday that admissions officials at Princeton hacked into a Yale Web site that was set up for prospective students. [more]
Friday, 26 July 2002, 11:40 AM CET

Five Microsoft Security bulletins released
Microsoft was pretty active the past few days, as they released five security bulletins dealing with SQL Server 2000, Windows Media Player, Microsoft Metadirectory and Microsoft Exchange 5.5 security issues. [more]
Thursday, 25 July 2002, 10:12 PM CET

My Guide To Linux Security
If you are an active proponent of computer security, this article will be a review. If you do not have any security practices, you should read on to get a general idea of how to secure a Linux box. [more]
Thursday, 25 July 2002, 9:56 PM CET

The Open Web Application Security Project
This is a group of devoted volunteers that are building a very comprehensive resource regarding security information and ways to manage potential security threats on web based systems. [more]
Thursday, 25 July 2002, 9:53 PM CET

How-to from hackers
Even if you're not sure you'd hire a former hacker, your staff can learn a great deal from talking with one. Here are six lessons developers can learn from hackers. [more]
Thursday, 25 July 2002, 9:51 PM CET

Detecting and Removing Malicious Code
Crackers have access to countless variations of malicious code, all designed to breach your security. This article will explain techniques to get their system back on-line and prevent it from happening again. [more]
Thursday, 25 July 2002, 9:50 PM CET

Shavlik eases Microsoft patch management
Shavlik Technologies announced more real-time features for its Microsoft security and patch management tools. [more]
Thursday, 25 July 2002, 9:49 PM CET

Hackers use Wi-Fi invisibility cloak
Insecure Wi-Fi does not just put your data at risk. If hackers use it to hack other companies, you could be vulnerable to lawsuits. [more]
Thursday, 25 July 2002, 9:41 PM CET

Group unveils flash memory security spec
A group of electronics manufacturers is looking to expand the uses for removable flash memory cards with a new security specification. [more]
Thursday, 25 July 2002, 9:36 PM CET

Web Security May Hide Biz Secrets
The Bush administration wants Congress to relax open-government laws to beef up computer security. But one lawmaker protests, saying companies could hide sensitive information from public scrutiny. [more]
Thursday, 25 July 2002, 9:35 PM CET

Congress to turn hacks into hackers
If House Hollywood sock puppet Howard Berman gets his way, it will become legal to hack a network in efforts to impede the on-line illicit trade in copyrighted works. [more]
Thursday, 25 July 2002, 9:32 PM CET

An Open-Source Solution to Web Spoofing
This paper reports the results of work to systematically defend against Web spoofing, by creating a trusted path from the browser to the user. [more]
Wednesday, 24 July 2002, 8:37 PM CET

Coming Soon: Attack Of The Super Worms
The threat to computer networks from worms is multiplying in both sophistication and potential for damage. [more]
Wednesday, 24 July 2002, 8:27 PM CET

Additional Security in the Linux Kernel?
On Slashtot nyx says that he's been looking for some way to improve security on his linux boxes. He found a few linux patches and wonders if anyone can share some experiences with him. [more]
Wednesday, 24 July 2002, 8:27 PM CET

Report urges states to organize against cyberterror
The National Association of State Chief Information Officers is urging government leaders to set aside political differences and make cybersecurity and critical-infrastructure protection a top priority. [more]
Wednesday, 24 July 2002, 7:50 PM CET

Microsoft talks the talk on security
Microsoft is making a bid to change from the company the rest of us blame for security issues and it is not at all abashed about it. [more]
Wednesday, 24 July 2002, 7:42 PM CET

Will Hackers Unite and Take Over?
If the Web falls prey to a massive shutdown, I do not want to see finger-pointing. I want to see handcuffing. [more]
Wednesday, 24 July 2002, 7:06 PM CET

WebTV 'virus' calls the cops
The malicious code causes the machine to dial 911, the US emergency services number, and has reportedly resulted in police officers being dispatched to WebTV users' homes. [more]
Wednesday, 24 July 2002, 7:04 PM CET

Piracy and free software not always counted
A flaw in the way annual software usage statistics are compiled may have led to legal distribution of open-source programs being lumped with illegal trafficking in desktop applications, inflating losses. [more]
Wednesday, 24 July 2002, 7:02 PM CET

Here's one more trick up hackers' sleeves
Even if hackers can't hijack your computer, they can still gain access to your personal info--and your Web e-mail--through something called cross-site scripting. Robert tells you the best way to protect yourself. [more]
Wednesday, 24 July 2002, 6:57 PM CET

Wireless (in)security: are your networks snoop-proof?
Now, someone can steal your company's most sensitive data by snatching it out of thin air - right from the company parking lot. [more]
Wednesday, 24 July 2002, 6:51 PM CET

Secure Execution Via Program Shepherding
We introduce program shepherding, a method for monitoring control flow transfers during program execution to enforce a security policy. [more]
Tuesday, 23 July 2002, 3:34 PM CET

Illegal XP owners beware
Microsoft is planning what could end up being quite a shock for the Windows XP warez world... [more]
Tuesday, 23 July 2002, 3:33 PM CET

Firewall safeguards web-enabled applications
Reactivity Inc. is hoping to help fill the void in Web services security with its new firewall (Service Firewall 1.0) designed specifically to protect Web-enabled applications. [more]
Tuesday, 23 July 2002, 3:25 PM CET

Hard disk will have hackers seeing double
Web sites could be kept safe by using a hard disk with two heads, security company says. [more]
Tuesday, 23 July 2002, 11:48 AM CET

Security Synergy
Can IT projects and government requirements be aligned to benefit both security and business goals? [more]
Tuesday, 23 July 2002, 11:46 AM CET

Internet extends long arm of the law
Police in Italy didn't care that five Web sites they deemed blasphemous and thus illegal were located in the United States, where First Amendment protections apply. [more]
Tuesday, 23 July 2002, 11:45 AM CET

NetBSD 1.5.3 maintenance release officially available
The NetBSD Project released a maintenance release for its stable 1.5 branch. Since the last release various improvements, new hardware support, and a few security fixes have been integrated. [more]
Tuesday, 23 July 2002, 11:44 AM CET

What does the future hold for PGP?
Network Associates no longer supports the encryption technology, but that doesn't mean it will disappear. [more]
Tuesday, 23 July 2002, 11:41 AM CET

High-Flying Schmidt
Unstoppable viruses, massive blackouts, hacked pacemakers? The government's number two cyber security guy wasn't this apocalyptic when he worked for Microsoft. [more]
Tuesday, 23 July 2002, 11:39 AM CET

Symantec's SecurityFocus buyout met with pessimism
While Symantec has stated that it will not exert influence on BugTraq, which it now owns, list members find that assurance hard to trust. [more]
Tuesday, 23 July 2002, 10:43 AM CET

HNS Newsletter issue 120 has been released
You can read the Newsletter in TXT or PDF format. If you haven't done it yet, consider subscribing. [more]
Monday, 22 July 2002, 2:18 PM CET

New book on steganography by Peter Wayner
When Peter Wayner wrote a book on the practice of steganography in 1996, the term seemed so arcane, so daunting, that his publisher insisted he not use that word in the title. [more]
Monday, 22 July 2002, 12:26 PM CET

Liverpool: I wanna hold your spam
Once it discovered that its 6,000-strong staff were sending 100,000-plus internal e-mails a day, the Liverpool City Council, previously famous for the Beatles, banned such activities one day a week. [more]
Monday, 22 July 2002, 12:22 PM CET

New Swiss surveillance law
A record of almost every email sent to and from Switzerland is to be logged and stored for at least six months, under a new Swiss surveillance law. [more]
Monday, 22 July 2002, 12:20 PM CET

U.S. companies unprepared for cyber terror
Michael Vatis, director of the Institute for Security Technology Studies, says corporate America is vulnerable to attack, and he wants to create a team reminiscent of the Manhattan Project to tackle the problem. [more]
Monday, 22 July 2002, 12:17 PM CET

Hacker nabbed for Bt1.8m scam
Police arrested a computer hacker, Sipho Hasiya, 21, on charges relating to a Bt1.8-million scam involving the billing of mobile-phone users and the hacking of credit-card accounts. [more]
Monday, 22 July 2002, 12:16 PM CET

Security concerns loom in new wireless world
Wireless networks are full of holes that criminals can enter. But home and business users can take steps that go a long way toward plugging security leaks. [more]
Monday, 22 July 2002, 12:14 PM CET

Hacking in the name of security
Barry "The Key" Wels picks locks for the sport of it, but also to make a broader point. [more]
Monday, 22 July 2002, 12:11 PM CET

Increased security boosts biometrics market
The impact of the terrorist attacks on security applications will boost the value of the biometrics market to $2.05bn in 2006, according to a report from analyst Frost & Sullivan. [more]
Monday, 22 July 2002, 12:03 PM CET

Audit your LAN before the bad guys do with nmap
Because nmap is so good at what it does, it is the tool of choice for crackers, which raises some ethical questions: is it OK to portscan other people's networks? [more]
Monday, 22 July 2002, 12:02 PM CET

Face recognition fails in Boston airport
Test runs of the Identix magical face-recognition terrorist finder at Boston's Logan Airport have failed miserably, as expected. [more]
Monday, 22 July 2002, 12:00 PM CET

Setuid Demystified
Access control in Unix is mainly based on user IDs. The system calls that modify user IDs such as setuid, are poorly designed and misused. This caused many vulnerabilities in application programs. [more]
Friday, 19 July 2002, 4:21 AM CET

Hackers try a bank job
A rival bank has been hacking into the website on which UBS Warburg stores information on derivatives trading for its staff and using this unauthorised information to assess their own market positions. [more]
Friday, 19 July 2002, 4:12 AM CET

Gates says Microsoft security push cost $100 mln
Bill Gates said the company's campaign to improve the security of its software had cost at least $100 million this year, but said the expense was paying off in better products. [more]
Friday, 19 July 2002, 4:08 AM CET

Justifying the expense of IDS, part one
This article will seek to demonstrate the value associated with a well thought out implementation and effective lifecycle management of IDS technology. [more]
Friday, 19 July 2002, 3:40 AM CET

Star phone hacker arrested
A 34 year-old Hertfordshire man has been arrested over allegations that he hacked into the phone line of television presenter Angus Deayton. The man is thought to be a BT engineer. [more]
Friday, 19 July 2002, 3:36 AM CET

Firms tackle cyber-sabotage
Cyber-sabotage is regarded as one of the business world's dirty little secrets. And it's one that is coming to light in the wake of scandals like Enron, Global Crossing and WorldCom. [more]
Friday, 19 July 2002, 3:35 AM CET

The case of the missing code
If you were a terrorist schooled in fundamentalist Islam, mass violence, digital cryptography and the pack-rat ethos peculiar to eBay, in which corner of eBay site might you hide your plans for America's end? [more]
Friday, 19 July 2002, 3:26 AM CET

Tech activists protest anti-copying
Enthusiasts of free software disrupted a Commerce Department meeting, insisting on their right to debate the entertainment industry over anti-copying technologies. [more]
Friday, 19 July 2002, 3:15 AM CET

The Devil And The Deep Blue Sea
Why Microsoft's Palladium project threatens to send Linux and open-source into exile. [more]
Friday, 19 July 2002, 3:09 AM CET

South Korean hackers declare war on US
South Korean activists have declared cyber war on the US government following the involvement of US soldiers in the deaths of two teenage girls in a car crash. [more]
Friday, 19 July 2002, 3:02 AM CET

Sharp rise in Web site defacements on Linux servers
The number of defacements of Web sites on Linux-based systems recorded by London security consultancy mi2g Ltd. rose significantly in the first half of 2002. [more]
Thursday, 18 July 2002, 3:01 AM CET

Team demos 'first quantum crypto prototype machine'
Boffins have moved one step closer to a practical implementation of the Holy Grail of encryption - quantum cryptography - by exchanging keys across a 67km fibre optic network. [more]
Thursday, 18 July 2002, 2:59 AM CET

Home users part of net security plan
Keeping your home computer's antivirus software updated is not just sensible – it could be a way to demonstrate your patriotism. [more]
Thursday, 18 July 2002, 2:21 AM CET

Thwart attacks from inside the wire
When security software vendor eEye had its Web site defaced, the company immediately suspected a "disgruntled employee." Most internal attackers, though, are stealthier. [more]
Thursday, 18 July 2002, 2:17 AM CET

Symantec buys three security firms
Symantec said it has entered into deals to acquire three security firms - Recourse Technologies, Riptech and SecurityFocus - for a total of $355 million in cash. [more]
Thursday, 18 July 2002, 1:50 AM CET

Meet the Nigerian E-Mail Grifters
Those increasingly ubiquitous Nigerian e-mails "respectfully requesting your assistance" and promising rewards actually do work - for the Nigerians. An admitted scammer explains how it works. [more]
Thursday, 18 July 2002, 1:48 AM CET

Microsoft Palladium: Access denied!
Microsoft has radical plans to install a 'gatekeeper' on personal computers, all in the name of security. But, asks Andy Goldberg, does this have grave implications for consumers? [more]
Thursday, 18 July 2002, 1:46 AM CET

Student charged with hacking
A University of Delaware student broke into the school's computer system and gave herself passing grades in three courses, police said. [more]
Thursday, 18 July 2002, 1:43 AM CET

Feds devise cybersecurity standard
The Pentagon, the National Security Agency and private organizations have developed security standards for Windows 2000 in order to stop the most common assaults against federal networks. [more]
Thursday, 18 July 2002, 1:42 AM CET

Linux Security Modules
This paper presents the design and implementation of LSM and discusses the challenges in providing a truly general solution that minimally impacts the Linux kernel. [more]
Wednesday, 17 July 2002, 12:38 AM CET

More Enforceable Security Policies
What sorts of security policies can and should we demand of our system? What mechanisms should we implement to enforce these policies? [more]
Wednesday, 17 July 2002, 12:37 AM CET

Wi-Fi hackers are stealing bandwidth
Time Warner has warned cable customers not to use their accounts to provide free internet access to others via wireless connectivity. [more]
Wednesday, 17 July 2002, 12:34 AM CET

Security filter spawns bizarre words on sites
Hundreds of websites have been found to contain bizarre new words because an e-mail security filter used by Yahoo! has been actively changing them. [more]
Wednesday, 17 July 2002, 12:24 AM CET

Government's seal of security
The federal government releases security standards and software it hopes individuals and businesses will adopt, along with government agencies, to configure systems against hackers. [more]
Wednesday, 17 July 2002, 12:15 AM CET

Secret password to a headache
Consumers are suffering "password burnout" because they have to remember so many different codes and number combinations, according to a new report. [more]
Wednesday, 17 July 2002, 12:13 AM CET

IT security spending disappoints
Investors who had hoped that increased security concerns after Sept. 11 would yield an immediate bonanza in the information security sector have been sorely disappointed. [more]
Wednesday, 17 July 2002, 12:11 AM CET

Liberty - is usability compatible with security?
The Liberty 1.0 specification could make the Internet easier to use, but will it make it more or less safe? [more]
Wednesday, 17 July 2002, 12:11 AM CET

CERT: Security flaw reports increasing
The number of reported computer system security flaws has increased dramatically, according to CERT. [more]
Wednesday, 17 July 2002, 12:10 AM CET

The behaviors and tools of today's hackers
The objectives of early hackers are a far cry from the goals of today's hacker. The motivation of the new breed of hackers appears not to be curiosity, or a hunger for knowledge, as it used to be. [more]
Wednesday, 17 July 2002, 12:09 AM CET

Beware of Frethem Worm
An e-mail message that promises to reveal secret information with a password is a variant from the Frethem worm family. [more]
Tuesday, 16 July 2002, 4:25 AM CET

McAfee Security to update line
McAfee Security will update its line of security products in August, including its antivirus and personal firewall software, as well as its system cleaning tool. [more]
Tuesday, 16 July 2002, 4:08 AM CET

Chinese Web portals agree to purge critical content
Internet portals in China, including Yahoo!'s Chinese-language site, have signed a voluntary pledge to purge the Web of content that China's communist government deems subversive. [more]
Tuesday, 16 July 2002, 4:04 AM CET

House OKs life sentences for hackers
The House of Representatives overwhelmingly approved a bill that would allow for life prison sentences for malicious computer hackers. [more]
Tuesday, 16 July 2002, 3:51 AM CET

NetIQ develops tools to kill Camera/Shy
NetIQ announced that it had developed a tool to detect and disable the new anti-censorship application Camera/Shy. [more]
Tuesday, 16 July 2002, 3:48 AM CET

Security Scanning is not Risk Analysis
Many IT decision makers assume that performing a security vulnerability assessment is the same thing as risk analysis. However, these two processes are very different. [more]
Tuesday, 16 July 2002, 2:18 AM CET

H2K2 hackers say they want a revolution
But some charge that dot-com greed robbed the computer underground of its soul. [more]
Tuesday, 16 July 2002, 1:45 AM CET

Cable modems - not just a security problem
As well as securing home-office cable connections, IT managers will have to deal with increased loads on corporate networks, and demands to support users at home. [more]
Tuesday, 16 July 2002, 1:12 AM CET

Security Wars: Can Intrusion Detection Even The Score?
Experts point to lingering gaps in areas that include accuracy, data interoperability, and analysis tools. [more]
Tuesday, 16 July 2002, 1:01 AM CET

FDIC faulted for weak IT security
A federal agency created to help restore economic confidence during the Great Depression isn't winning the confidence of a congressional watchdog agency for its information security practices. [more]
Tuesday, 16 July 2002, 12:59 AM CET

Can Data Security Be Outsourced?
By understanding how ASPs (application service providers) protect your data, you may find it both more economical and safer to outsource your application and data management. [more]
Monday, 15 July 2002, 2:14 PM CET

HNS Newsletter issue 119 has been released
You can read the Newsletter in TXT or PDF format. If you haven't done it yet, consider subscribing. [more]
Monday, 15 July 2002, 2:10 PM CET

Securely Installing Linux
The best place to start cutting packages is in the communications area. You probably don't need an anonymous FTP server, or a telnet server, but they'll be installed if you're not careful... [more]
Monday, 15 July 2002, 2:08 PM CET

Crypto controls are spreading internationally
Hand over that encryption key, mate, monsieur, sir, bloke... [more]
Monday, 15 July 2002, 2:00 PM CET

Win32.Worm.Datom analysis and removal
BitDefender Response Team warns against a new worm for MS Windows, spreading across open shares and identifying itself as a "Copyright Microsoft Corp." code. [more]
Monday, 15 July 2002, 1:33 PM CET

Homer says hack your DVD player
Homer Simpson, cartoon character and a role model for millions, has been caught telling consumers to hack their DVD players. [more]
Monday, 15 July 2002, 12:40 PM CET

AT&T warns staff to be wary of hackers
AT&T has warned employees not to be tricked into surrendering sensitive information about its network to hackers posing as colleagues or customers. [more]
Monday, 15 July 2002, 12:31 PM CET

Chemical industry drafts cybersecurity plan
The U.S. chemical industry has drafted a strategic plan for beefing up cybersecurity that also focuses on industrial control systems. [more]
Monday, 15 July 2002, 12:29 PM CET

Intrusion Detection: Implementation and Operational Issues
This article gives an overview of the most commonly used intrusion detection techniques. [more]
Monday, 15 July 2002, 12:27 PM CET

Liberty Alliance proposes Web security standards
A set of Sun Microsystems Inc-backed web services security specifications could soon pass to a standards-body backed by IBM and Microsoft, Gavin Clarke writes. [more]
Monday, 15 July 2002, 12:25 PM CET

New California unit to deal with security issues
The State of California must cobble together procedures to both procure and secure its multibillion-dollar IT systems. [more]
Friday, 12 July 2002, 11:32 AM CET

USA Today swats hack attack - but not entirely
USA Today experienced a hacker attack last night, which took it out of service for three hours. [more]
Friday, 12 July 2002, 11:30 AM CET

Cyberterrorists don't care about your PC
Forget about viruses. America's real cybersecurity concerns are the vulnerable computer systems that control our power and water supplies. Here are a few ideas about how to keep the infrastructure safe. [more]
Friday, 12 July 2002, 11:25 AM CET

Lock spam and viruses out of Sendmail
Let's take a look at some methods for locking down a popular mail server in the Linux and UNIX realm: Sendmail. [more]
Friday, 12 July 2002, 12:10 AM CET

Time for a spyware takedown
While legislators jabber on about limiting spam, putting a choke collar on ICANN spyware is being perfected. [more]
Friday, 12 July 2002, 12:07 AM CET

Exchange 2000 to get security sweep fixes
Microsoft is planning to release the third service pack for its Exchange 2000 server software, which will include fixes for bugs discovered as part of its lengthy review of the software code. [more]
Friday, 12 July 2002, 12:05 AM CET

Coalition to unveil Net ID system
An industry coalition is set to unveil standards for identity authentication on the Internet, the first step toward making the task of remembering long lists of Web site passwords a thing of the past. [more]
Friday, 12 July 2002, 12:04 AM CET

Uncle Sam's info-tech crisis
Upgrading agencies' info-handling and data-mining capabilities will be costly. Not doing so could exact an even more horrific price. [more]
Friday, 12 July 2002, 12:02 AM CET

Getting tough with online fraudsters
The UK Government is to get tough with rogue online traders in an attempt to make e-commerce more attractive to consumers. [more]
Friday, 12 July 2002, 12:01 AM CET

Remote PGP Outlook encryption plug-in vulnerability
eEye's Marc Maiffret and Riley Hassell were again busy on finding the bugs, so a new advisory hit the "streets" today. As you can see from the title, PGP Outlook Encryption Plug-in is vulnerable. [more]
Thursday, 11 July 2002, 8:08 PM CET

Netcraft survey for June 2002
A June 2002 survey by Netcraft shows that Web sites are more vulnerable than ever because of several recently reported security problems with MS IIS and Apache Web server. [more]
Thursday, 11 July 2002, 8:06 PM CET

DSL Security Whitepaper
This contribution of ideas and suggestions provides an overview of some of the security aspects of DSL-based corporate networks. [more]
Thursday, 11 July 2002, 8:02 PM CET

AppGate receives more VC
VPN vendor AppGate received its second venture capital investment this year, with $2.5 million in new funding, the company said yesterday. [more]
Thursday, 11 July 2002, 8:01 PM CET

Attack of the cyber-terror studies
Last month's BSA report on cyber security concluded that cyber terrorism was going to be really serious. The Reg has a rant on this study. [more]
Thursday, 11 July 2002, 7:59 PM CET

More then 400,000 Optus accounts snatched
Sydney resident has been charged over accusations he hacked Optus and got information on more then 400,000 dial up accounts. [more]
Thursday, 11 July 2002, 7:12 PM CET

XML security: A who's who
When a standard is deployed as openly as XML, businesses are bound to have security concerns. [more]
Thursday, 11 July 2002, 12:52 AM CET

Digital copyright protection goes mobile
Technology designed to prevent mobile phone users sharing copyrighted ring tones, graphics and games is to be developed under a new agreement between IBM and Nokia. [more]
Thursday, 11 July 2002, 12:46 AM CET

Security device makers want shield from lawsuits
The companies making new homeland security devices, such as bomb detectors and biological weapon alarms, want the government to pick up the tab if their products fail and they are sued. [more]
Thursday, 11 July 2002, 12:25 AM CET

Focus turned on security officials
Updated guidance for agencies' annual reports on information security management capabilities includes a new focus on performance measures for officials who are accountable for systems security. [more]
Thursday, 11 July 2002, 12:22 AM CET

Microsoft SQL Server Passwords
This paper will discuss the function in detail and show some weaknesses in the way SQL Server stores the password hash. [more]
Wednesday, 10 July 2002, 3:41 PM CET

Automating security systems
Automation is a key factor in the formulation of a resilient security strategy, says Idris Cassim, business unit manager: security at Datacentrix. [more]
Wednesday, 10 July 2002, 3:32 PM CET

Benjamin worm gets a "B" version
BitDefender did an analysis on a new version of the KaZaA worm. The main difference is that version B uses the names of files in the KaZaA shared folder. [more]
Wednesday, 10 July 2002, 3:29 PM CET

Use Snort for Lightweight Intrusion Detection
Snort is a free, cross-platform packet sniffer, logger, and intrusion detector for monitoring smaller TCP/IP networks. It takes mere minutes to install and start using it. [more]
Wednesday, 10 July 2002, 3:24 PM CET

Tools for secure networks
A vast number of programs can be loosely described as network management tools. This reflects both users’ desperate need for help and the broad range of problems you can encounter on a network. [more]
Wednesday, 10 July 2002, 3:21 PM CET

Italian police black out 'blasphemous' websites
Italian authorities have shut down five Internet sites which reportedly carried blasphemies against God and the Virgin Mary, following a complaint by the Vatican's newspaper. [more]
Wednesday, 10 July 2002, 3:14 PM CET

Security breach leaves student data open
The breach allowed outsiders to search for the names, Social Security numbers, and addresses of about 2,000 students who registered with Resicom via its Web site. [more]
Wednesday, 10 July 2002, 3:10 PM CET

Giants move forward on security standard
A long-awaited Web services security specification will soon be submitted to the Organisation for the Advancement of Structured Information Standards standards body. [more]
Wednesday, 10 July 2002, 3:08 PM CET

Hard drive security tool ships
PC Guardian Updates Encryption Plus, on-the-fly file encryption program for networked PCs. [more]
Wednesday, 10 July 2002, 2:56 PM CET

Apple warned of update exploit
Apple is under the gun to address a reported security gap that could allow attackers to attach malicious code to automatic updates for Mac OS X. [more]
Wednesday, 10 July 2002, 1:42 AM CET

Freedom Downtime LA screening
The 2600 documentary on the hacker culture and the Free Kevin movement will be screening in Los Angeles on Sunday, July 21. Mitnick will be there. [more]
Wednesday, 10 July 2002, 1:38 AM CET

Security in Open versus Closed Systems
Which code is more secure: open-source or closed-source? Ross Anderson gives his insights on this subject. [more]
Tuesday, 9 July 2002, 1:27 PM CET

Report: Cyberattacks against energy firms rise
Power and energy companies have become targets for hackers, who have managed to penetrate their networks and other systems. [more]
Tuesday, 9 July 2002, 1:25 PM CET

Hackers warn of 'crackers'
Meet Mack and Jack, not their real names. They are hackers or whiz kids of the computer. Mack, 17, is a student, Jack, 29, is in business. Neither wants his name used, nor to be identified. [more]
Tuesday, 9 July 2002, 1:13 PM CET

China vows to punish Falun Gong for TV piracy incident
Officials in Beijing are vowing to hunt down and punish sympathizers of the Falun Gong spiritual movement, who have been hijacking Chinese satellite TV signals. [more]
Tuesday, 9 July 2002, 1:08 PM CET

Klez.I leads the top list
In June and for the third month running, Klez.I tops the virus list, compiled from the results of the free online virus scanner, Panda ActiveScan. [more]
Tuesday, 9 July 2002, 12:58 PM CET

Hackers' paradise
Which part of the world has the dubious distinction of being the most active hotbed of computer hacking? [more]
Tuesday, 9 July 2002, 12:48 PM CET

Rescuing Linux Systems
The time comes when every Linux system administrator experiences a system failure... [more]
Tuesday, 9 July 2002, 12:45 PM CET

Facing the security risks of cable modems
Cable access is a great value fast connection for tele-workers and small offices. But how do you deal with the security risks? [more]
Tuesday, 9 July 2002, 12:44 PM CET

Show us the bugs - users want full disclosure
End-users overwhelmingly support the full disclosure of security vulnerabilities, according to a survey by analysts Hurwitz Group. [more]
Tuesday, 9 July 2002, 12:41 PM CET

Much ado about nothing
Forget any new laws canning spam and don't expect Uncle Sam to step in and protect your privacy. When it comes to technology, Congress is aggressively doing very little this year. [more]
Tuesday, 9 July 2002, 12:37 PM CET

MicronPC unveils a more secure notebook
New T1000 features an embedded biometric fingerprint scanner, allowing you to leave your passwords in the past. [more]
Tuesday, 9 July 2002, 12:29 PM CET

HNS Newsletter issue 118 has been released
You can read the Newsletter in TXT or PDF format. If you haven't done it yet, consider subscribing. [more]
Monday, 8 July 2002, 2:41 PM CET

Worm blocks access to The Register
Virus writers have created a worm which, among other tricks, blocks access to The Register. [more]
Monday, 8 July 2002, 2:34 PM CET

Crypto challenge has geeks scratching their heads
A cryptography challenge run by Thawte Computing is attracting interest from around the world with entrants from as far as Afghanistan and Barbados struggling to crack the code posted on its Web site. [more]
Monday, 8 July 2002, 2:31 PM CET

Survey: IT Embracing Security
Although attackers are becoming more persistent by the day, the defenses that security administrators are putting up around their networks appear to be working to reduce the number of intrusions. [more]
Monday, 8 July 2002, 2:29 PM CET

Apple: Taking OS X security seriously
Apple hasn't had a great record when it comes to keeping users informed about security vulnerabilities or supplying timely fixes. But the company now seems to be actually trying to improve its rep. [more]
Monday, 8 July 2002, 2:28 PM CET

Palladium holds Promise, and Peril
Whether Microsoft's ambitious project is a security solution or a Trojan horse depends much on the company's intentions. [more]
Monday, 8 July 2002, 2:24 PM CET

X marks the spot for hackers
There are chalked symbols on the walls of Melbourne's city buildings. They are the marks of the "war chalkers" - hackers who are trying to find open or unguarded wireless computer networks they can penetrate. [more]
Monday, 8 July 2002, 1:17 PM CET

Securing Servers With PHP
This article by Maguma software developer Jim Barcelona shows how to create a simple yet effective port scanning application in PHP. [more]
Monday, 8 July 2002, 1:14 PM CET

IBM pursues security agenda
Determined to embed its technology at the core of emerging Web services standards, IBM is set to unveil a set of APIs designed to address critical security and third-party integration needs. [more]
Monday, 8 July 2002, 1:12 PM CET

Etap virus author mails Virus Bulletin
In a letter to Virus Bulletin, The Mental Driller, author of Linux/Etap virus, explains his unhappiness with other people claiming his work. [more]
Monday, 8 July 2002, 1:11 PM CET

Creating Arbitrary Shellcode In Unicode Expanded Strings
This paper introduces a technique that can be used to permit the execution of a small amount of arbitrary code in a situation where a buffer overflow occurs in a "Unicode" string on the Intel x86 processors. [more]
Friday, 5 July 2002, 7:35 PM CET

Holder wants to stop the McAfee deal
A shareholder of Corp. filed a purported class-action lawsuit seeking an injunction to stop the company from being bought by its majority shareholder, Network Associates. [more]
Friday, 5 July 2002, 7:34 PM CET

The Security Concerns of Licensing Agreements
This article discusses why security professionals need to be particularly aware of some issues that these licensing agreements present. [more]
Friday, 5 July 2002, 5:57 PM CET

Hacker swipes $35,000 from Sing bank
A Chinese national hacked into 21 online accounts at Singapore bank DBS, transferred $35,000 into his own account, withdrew the money at a bank branch and then fled the country. [more]
Friday, 5 July 2002, 5:53 PM CET

Managed security tipped as next success story
Although the local managed security services industry is still in its infancy, because of a shortage of IT security skills and budgetary pressures, managed services will become a growth area. [more]
Friday, 5 July 2002, 5:47 PM CET

Perl Advisor: Parsing and Summarizing a Logfile
Randal L. Schwartz shows us how to create customized data-reduction tools for log analysis. [more]
Friday, 5 July 2002, 2:15 PM CET

Virginia Beach tests facial-recognition software
If you're a criminal, a runaway or a terrorist, a day at the beach here may soon be anything but that. [more]
Friday, 5 July 2002, 2:12 PM CET

Spam-cramming foils vacationers
The spam epidemic is frustrating holiday-goers who vow not to read e-mail on the road. If they don't clear their inboxes, their ISPs may start rejecting the messages they want. [more]
Friday, 5 July 2002, 2:08 PM CET

Hide messages in images
Hacktivismo is developing a product called Camera/Shy capable of creating and displaying images with messages which would likely get a Web site shut down or filtered in some places. [more]
Friday, 5 July 2002, 1:54 PM CET

New approach for encryption
An unlikely combination of interests - cartoons and math - has inspired a sophomore at the University of Dayton to develop a new encryption technology. [more]
Friday, 5 July 2002, 1:52 PM CET

Information Survivability: Required Shifts in Perspective
This paper describes the seven shifts in perspective that are necessary to improve information survivability. [more]
Thursday, 4 July 2002, 2:59 AM CET

Corporate layoffs create security havoc for IT pros
Big corporate layoffs are creating a nightmare of security risks as IT workers scramble to close down network connections and plug up dangerous holes as employees are walked out the door. [more]
Thursday, 4 July 2002, 2:43 AM CET

In global trouble spots, cells of "hacktivists" are waging e-war on rival states. [more]
Thursday, 4 July 2002, 2:43 AM CET

OpenSSH remote vulnerability roundup updated
Stuff updated in the roundup includes: Compaq Security Bulletin, revised Mandrake Linux and SuSE Linux advisories, new EnGarde Secure Linux advisory and OpenSSH kbd-interactive Buffer Overflow. [more]
Thursday, 4 July 2002, 2:33 AM CET

How the Apache worm could have been prevented
Internet Security Services jumped the gun when it put out an all-points bulletin over a security hole in Apache servers. The resulting worm raises the question: When should we ring the alarms? [more]
Thursday, 4 July 2002, 2:07 AM CET

Klez: the virus that won't die?
Brace yourself for another round: A variant of the resilient worm is wriggling alive this week. [more]
Thursday, 4 July 2002, 2:04 AM CET

Why e-commerce law enforcement is an oxymoron
The Internet is simply too vast, stretching across too many borders and encompassing too many cultures, for the current scattershot approach to be effective. [more]
Thursday, 4 July 2002, 1:59 AM CET

Twenty Don'ts for ASP Developers
Thinking securely is often an unnatural transition for programmers. While there is much to do when building a secure Web application, you can at least start with these twenty things you shouldn't do. [more]
Thursday, 4 July 2002, 1:59 AM CET

How one spam leads to another
Once your e-mail gets on a spam list, you're basically doomed. Now there's a "map" that illustrates that doomsday path. [more]
Thursday, 4 July 2002, 1:56 AM CET

Europeans bust Net child porn ring
Police in seven European countries struck at a sophisticated child abuse and pornography ring dubbed "Shadowz Brotherhood," arresting 50 people and seizing computer equipment, CD-ROMs and videos. [more]
Thursday, 4 July 2002, 1:51 AM CET

Backdoor.K0wbot Analysis
This is another Internet worm that uses the popular file sharing KaZaA network to spread. Read on for complete details. [more]
Wednesday, 3 July 2002, 3:25 AM CET

(more) Advanced SQL Injection
This paper addresses the subject of SQL Injection in a Microsoft SQL Server/IIS/Active Server Pages environment, but most of the techniques discussed have equivalents in other database environments. [more]
Wednesday, 3 July 2002, 3:16 AM CET

IDAR project prototype
The Incident Detection, Analysis, and Response project has developed a prototype that demonstrates the feasibility of using a computer-based system to assist inexperienced system and network administrators during a network attack. [more]
Wednesday, 3 July 2002, 3:07 AM CET

What's Coming?
Peter Morley from Network Associates Inc. writes: "This article is an attempt to forecast the future, based on recent history. You may be in for some surprises, even if you're an industry guru!" [more]
Wednesday, 3 July 2002, 2:45 AM CET

Microsoft security plan shouldn't shut out competitors
Microsoft should take care that its recently announced software security plan doesn't shut out competitors, the European Union's new antitrust enforcer said Monday. [more]
Wednesday, 3 July 2002, 2:25 AM CET

Security comes first for remote workers
Lots of users do significant amounts of work away from the office, either from their homes or on the road. Getting these users set up, supported and secured is a major challenge for IT. [more]
Wednesday, 3 July 2002, 2:10 AM CET

FBI to valley: tell us about attacks
Businesses don't report cyberattacks for fear that the bad publicity would also bombard their bottom lines. The FBI now offers them anonymity and critical information in exchange for their cooperation. [more]
Wednesday, 3 July 2002, 2:07 AM CET

Security steps up a notch
An emerging subscription model for vulnerability scanning is breathing new life into security solution providers. [more]
Wednesday, 3 July 2002, 1:56 AM CET

ZoneLabs: the hot stuff in firewalls
Despite the tech doldrums, this computer-security outfit has just secured $24.3 million in new VC funding, and sales are exploding. [more]
Wednesday, 3 July 2002, 1:51 AM CET

Cybersecurity's Leaky Dikes
While interest is rising in protecting computer networks, too often the tools aren't powerful enough to keep hackers out. [more]
Wednesday, 3 July 2002, 1:38 AM CET

Network InSecurity
This technical brief will overview the inherent flaws that plague the internet today, making it vulnerable to corporate espionage, money laundering, grand larceny, trading frauds, and worst of all, cyber terrorism. [more]
Tuesday, 2 July 2002, 3:17 PM CET

Windows 32 viruses rule the waves
Sophos published an overview of the most common viruses reported in the first six months of 2002. During this period, the single most prevalent virus was Klez-H. [more]
Tuesday, 2 July 2002, 2:36 PM CET

ScannerX free vulnerability assessment test
ScannerX still offers one free vulnerability assessment check for your computer systems, so be sure to try it out. [more]
Tuesday, 2 July 2002, 2:09 PM CET

Computer viruses mimic real thing
Computer and human viruses behave in similar ways, and the IT industry could ward off infections by adopting methods used by the medical profession, according to researchers. [more]
Tuesday, 2 July 2002, 1:10 PM CET

Zimmermann wants PGP open-sourced
"I would strongly prefer PGP be Open Source compared with the current scenario, because right now it's locked in intellectual property prison and no one can get it," he says. "Open Source would be much better." [more]
Tuesday, 2 July 2002, 1:08 PM CET

The keys to a more secure future
What are the factors that will determine how safe our world can be made? Here's a look at several, including some basic human qualities. [more]
Tuesday, 2 July 2002, 1:05 PM CET

Remote access doesn't have to be a security risk
Citrix iForum 2002 Africa, to be held on 23 July, will address how companies can go about securing the virtual workplace. [more]
Tuesday, 2 July 2002, 12:58 PM CET

Cyberwar is Hell
The campaign against cyber terrorism has at least one thing in common with genuine conflicts: wartime profiteers. [more]
Tuesday, 2 July 2002, 12:57 PM CET

The State of Anomaly Detection
This article offers a brief overview of anomaly detection, including what it is, how it works, different ADS techniques, and the current state of anomaly detection. [more]
Tuesday, 2 July 2002, 12:50 PM CET

Where wireless is most vulnerable
This article shows four ways an attacker can hack the airwaves and get access to your network and beyond. [more]
Tuesday, 2 July 2002, 12:49 PM CET

DNS resolver buffer overflow vulnerability
A vulnerability exists in the DNS resolver library used by BSD and ISC BIND. An attacker who is able to control DNS responses could exploit arbitrary code or cause a DoS attack on vulnerable systems. [more]
Monday, 1 July 2002, 3:09 PM CET

HNS Newsletter issue 117 has been released
You can read the Newsletter in TXT or PDF format. If you haven't done it yet, consider subscribing. [more]
Monday, 1 July 2002, 2:22 PM CET

Web ripe for massive worm attack
A new survey finds that the Web is more vulnerable to attack than ever before, due to the chance discovery of several vulnerabilities within days of one another. [more]
Monday, 1 July 2002, 2:21 PM CET

Indian hackers crack Pakistani sites
The Pakistan government's official website has been hit by Indian hackers, seemingly as part of a cyber turf war between rival groups. [more]
Monday, 1 July 2002, 2:18 PM CET

Canada's hero hacker unmasked
The mystery hacker whose online infiltration has led to several arrests of suspected child predators was a 19-year-old who penetrated 3,000 computers around the world from a basement in Langley, B.C. [more]
Monday, 1 July 2002, 1:15 PM CET

OpenSSH remote vulnerability roundup updated
Stuff updated in the roundup includes: Debian, Conectiva, Red Hat, NetBSD, Trustix, Cisco, Caldera and CERT security advisories, SUN commentary and OpenBSD 3.1 sshd remote root exploit. [more]
Monday, 1 July 2002, 1:02 PM CET

A paper on various aspects of SELinux
This paper describes the security architecture, security mechanisms, application programming interface, security policy configuration, and performance of SELinux. [more]
Monday, 1 July 2002, 12:41 PM CET

Bank accounts raided in Singapore
Singapore's DBS Bank, the banking unit of DBS Group Holdings, says a computer hacker has siphoned money from 21 online bank accounts in amounts ranging from 73 to 1,800 pounds. [more]
Monday, 1 July 2002, 12:32 PM CET

Seven Common SSL Pitfalls
This article discusses the seven most common pitfalls when deploying SSL-enabled applications with OpenSSL. [more]
Monday, 1 July 2002, 12:28 PM CET

Religious sect hacks Chinese TV
Chinese religious sect Falun Gong successfully hijacked satellite TV broadcasts to homes in the Shandong province last week. [more]
Monday, 1 July 2002, 12:21 PM CET

Kevin Mitnick wrote a book
"The Art of Deception" describes more than a dozen scenarios where tricksters dupe computer network administrators into divulging passwords, encryption keys and other coveted security details. [more]
Monday, 1 July 2002, 12:18 PM CET


The synergy of hackers and tools at the Black Hat Arsenal

Posted on 27 August 2014.  |  Tucked away from the glamour of the vendor booths and the large presentation rooms filled with rockstar sessions, was the Arsenal - a place where developers were able to present their security tools and grow their community.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.


Mon, Sep 1st