Off the Wire

Off The Wire Archive

News items for August 2004

Tests reveal e-passport security flaw
The Department of Homeland Security's first tests of electronic-passport interoperability exposed technology flaws, including myopic and dyslexic smart-card readers. [more]
Tuesday, 31 August 2004, 2:38 PM CET

SSH bouncing - how to get through firewalls easily
Often you'll have firewalls or other network equipment that doesn't allow direct SSH access to machines behind it. Using a bit of trickery, you can get through without seemingly jumping through any hoops. [more]
Tuesday, 31 August 2004, 2:37 PM CET

Embedded network security
i3 micro's IP set-top box integrates AMD Alchemy Au1550 processor for embedded network security. [more]
Tuesday, 31 August 2004, 2:34 PM CET

Simulated hacker attacks
WesCorp uses Skybox View software to look at its systems through hackers' eyes and identify the key vulnerabilities that need to be fixed quickly. [more]
Tuesday, 31 August 2004, 2:25 PM CET

Inside crimes reap millions
Unsophisticated criminals on the inside pose a greater threat than expert external hackers, according to a US study. [more]
Tuesday, 31 August 2004, 1:54 PM CET

System administration with PHP
Wouldn't it be great if you could extend your use of the language to carry out general system administration tasks? [more]
Tuesday, 31 August 2004, 1:28 PM CET

IBM, Red Hat get high security certification
IBM and Red Hat say that they have achieved the CAPP/EAL3+ evaluation level on the Common Criteria tests with Red Hat's Enterprise Linux 3 WS on xSeries servers as well as Enterprise Linux 3 AS on IBM's full line of servers. [more]
Tuesday, 31 August 2004, 1:08 PM CET

New virus makes spyware sleazier
A new worm, the W32/Rhot-GR, invades users' privacy in their home or workplace by taking control of their webcams and microphones to spy on them. Like earlier worms, it also steals personal data. [more]
Tuesday, 31 August 2004, 10:26 AM CET

Fine-tuning SpamAssassin
SpamAssassin is a popular spam classifier on Linux. [more]
Tuesday, 31 August 2004, 9:44 AM CET

Microsoft's war on bugs
Stephen Toulouse, Microsoft's security program manager, talks to Wired. [more]
Tuesday, 31 August 2004, 9:41 AM CET

Secret Service and CERT analyze insider threats
It doesn’t take a techie to abuse an IT system from the inside, and inside attackers do not fit any common profile. Those are among the findings of the Secret Service and the CERT Coordination Center in a study of insider attacks against financial organizations. [more]
Tuesday, 31 August 2004, 9:38 AM CET

Juniper adds security software support
JEDI group takes saber to security issues. [more]
Tuesday, 31 August 2004, 9:35 AM CET

4 steps to protect Wi-Fi networks
Here are four steps that can help you keep your home network and personal information secure. [more]
Tuesday, 31 August 2004, 9:32 AM CET

Attackers hijack federal computers
Hundreds of powerful computers at the Defense Department and U.S. Senate were hijacked by hackers who used them to send spam e-mail, federal authorities say. [more]
Tuesday, 31 August 2004, 9:31 AM CET

Simplify security update process
The havoc caused in businesses over the past few years by a series of increasingly devious computer viruses has highlighted the importance of having a policy on patching vulnerable software. [more]
Tuesday, 31 August 2004, 9:30 AM CET

US website offers Caller ID falsification service
Overdue debtors beware: You may not be able to rely on Caller ID to screen out those annoying bill collectors much longer. [more]
Monday, 30 August 2004, 2:13 PM CET

Cybercrime crackdown
Two U.S. Justice Department operations have resulted in more than 150 arrests involving computer crimes that bilked an estimated 150,000 victims out of more than $215 million. [more]
Monday, 30 August 2004, 2:11 PM CET

A quantum leap in computing
One of the fundamental problems with computers as they exist today is the two-pronged problem of security. [more]
Monday, 30 August 2004, 1:44 PM CET

Spies like us
There’s no doubt online security — including ID theft — is still perhaps the biggest issue facing PC World readers. [more]
Monday, 30 August 2004, 1:40 PM CET

Colleges fear XP update will jam networks
Microsoft Corp.'s decision to release a major upgrade for its flagship operating system in the same month that hundreds of thousands of students are reporting to college campuses across the nation is causing a major headache for some universities. [more]
Monday, 30 August 2004, 1:39 PM CET

Attackers target French ISP Wanadoo
A hacker compromised the corporate website of France Télécom's internet service provider (ISP) subsidiary Wanadoo, causing the site to try to install a malicious software program on computers of visitors. [more]
Monday, 30 August 2004, 1:37 PM CET

Spam blockers tackle broader content-security issues
FrontBridge Technologies Inc., Proofpoint Inc. and MailFrontier Inc. are augmenting their respective spam-filtering offerings to address enterprises' broader e-mail content security needs. [more]
Monday, 30 August 2004, 1:17 PM CET

Hackers continue to experiment with 64-bit viruses
Shruggle virus could be 'a taste of things to come', warn experts. [more]
Monday, 30 August 2004, 1:02 PM CET

Video interview with Gerhard Eschelbeck, CTO of Qualys
In this video Mr. Eschelbeck discusses computer security at the enterprise level, inside and outside threats, computer security trends in the USA and Europe, and more. [more]
Monday, 30 August 2004, 12:56 PM CET

Closing wireless backdoors
Wireless LAN analyzers detect rogue users and devices. [more]
Monday, 30 August 2004, 12:12 PM CET

Deploying network access quarantine control, part 2
This article discusses Network Access Quarantine Control in Windows Server 2003, which allows administrators to quarantine mobile users and verify their security posture before giving them full access to the network. [more]
Monday, 30 August 2004, 12:10 PM CET

Microsoft plays down SP2 security glitches
Glitches between Windows XP Service Pack 2 (SP2) and critical applications continue to emerge, with McAfee admitting its flagship VirusScan product prior to version 7.1 requires a customised patch to be operational with Windows Security Center, part of SP2. [more]
Monday, 30 August 2004, 10:59 AM CET

Insiders, not crooks, still biggest security threat
US study shows attacks happening in working hours on company premises. [more]
Friday, 27 August 2004, 11:32 AM CET

Windows XP SP2 security center spoofing threat
Through an anonymous tip, PC Magazine confirmed a core vulnerability that could lead to spoofing in the Windows Security Center, the new control panel for a PC's security status. [more]
Friday, 27 August 2004, 9:06 AM CET

A checklist for buying a security event management system
To better protect themselves against the proliferation and wide range of network security threats, organizations are building more complex, device-laden security networks. [more]
Friday, 27 August 2004, 8:54 AM CET

'Electronic Jihad' fails to materialise
Rumours that the Internet would witness a sustained and devastating cyber-attack by Islamic "cyber-terrorists" today have turned out to be completely baseless. [more]
Friday, 27 August 2004, 8:53 AM CET

FBI busts alleged DDoS Mafia
A corporate executive goes on the lam after being charged with paying hackers to virtually rub out the competition. [more]
Friday, 27 August 2004, 8:47 AM CET

Windows XP SP2 worrisome to I.T. managers
A flaw in Internet Explorer could leave users who upgrade to Microsoft's Windows XP Service Pack 2 open to attack, according to press reports. Microsoft has dismissed that particular fear, but new research by Meta Group indicates that one-third of I.T. managers have "no idea what to expect" when deploying SP2. [more]
Friday, 27 August 2004, 8:44 AM CET

IEEE 802.11i and wireless security
IEEE's wireless security amendment adds stronger encryption, authentication, and key management strategies that go a long way toward guaranteeing data and system security. [more]
Friday, 27 August 2004, 8:43 AM CET

Will new security fears drag e-commerce down?
Most identity-theft crimes occur when employees steal records from employers, not when consumers type credit-card numbers on a secure Web site. That is why this type of crime is just as likely to affect victims who never shop online as those who do. [more]
Friday, 27 August 2004, 8:42 AM CET

Feds wrap up online-crime dragnet
A summer-long effort targeting internet crime has resulted in dozens of arrests and convictions. [more]
Friday, 27 August 2004, 8:40 AM CET

Deutsche Bank hit again by phishing attack
Company claims it blocked access to psuedo site. [more]
Thursday, 26 August 2004, 10:06 AM CET

Draft security guidelines released
The National Institute of Standards and Technology is building a repository for IT security baseline checklists, and has published guidelines for users of and contributors to the collection. [more]
Thursday, 26 August 2004, 10:04 AM CET

Securing Web services: be your own CA
In this article we continue our discussion of some of the foundations of PKI that we began in an earlier article. [more]
Thursday, 26 August 2004, 9:29 AM CET

Trading privacy for convenience
'Registered travelers' give up personal information for shorter airport lines. [more]
Thursday, 26 August 2004, 9:27 AM CET

Why spam will revolutionize tech
Spam may provide the impetus for a true revolution in information technology--one we've been expecting for more than fifty years. [more]
Thursday, 26 August 2004, 9:25 AM CET

The open road: Ethereal
This article discusses Ethereal, a tool for browsing network traffic interactively and analyzing network traffic. [more]
Thursday, 26 August 2004, 9:22 AM CET

Digital attacks on Winamp use 'skins' for camouflage
Beware of wolves in llama's clothing. [more]
Thursday, 26 August 2004, 9:18 AM CET

Linux and national security
As the open source industry grows and becomes more widely accepted, the use of Linux as a secure operating system is becoming a prominent choice among corporations, educational institutions and government sectors. With national security concerns at an all time high, the question remains: Is Linux secure enough to successfully operate the government and military's most critical IT applications? [more]
Thursday, 26 August 2004, 9:17 AM CET

India to get tough on foreign data security
Audits and background checks proposed. [more]
Thursday, 26 August 2004, 9:16 AM CET

Building a diskless 2.6 firewall
For your next DIY project, pick up an old Pentium computer and a CompactFlash card and build a custom router/firewall. [more]
Thursday, 26 August 2004, 9:09 AM CET

Critical Netscape hole could be widespread
Security company Internet Security Systems Inc. (ISS) is warning its customers about a critical security hole in a commonly used technology from the Mozilla Foundation called the Netscape Network Security Services (NSS) library that could make Web servers vulnerable to remote attack. [more]
Wednesday, 25 August 2004, 12:58 PM CET

Defcon 12 wireless contest report
It is Saturday, July 31, approaching one in the afternoon. The Defcon 12 Running Man contest is about to begin... [more]
Wednesday, 25 August 2004, 12:56 PM CET

Top six settings in Windows security templates
Understanding what the security templates can provide could be invaluable. [more]
Wednesday, 25 August 2004, 12:54 PM CET

Using Libwhisker
This article discusses the use of Libwhisker, a PERL module which allows for the creation of custom HTTP packets and can be used for penetration testing various web applications. [more]
Wednesday, 25 August 2004, 12:53 PM CET

Police smash 100-strong hacking gang
Polish authorities say suspects used hacked computers to sell pirated goods. [more]
Wednesday, 25 August 2004, 12:49 PM CET

Nokia mobile phones get encryption
Security a concern after Cabir worm... [more]
Wednesday, 25 August 2004, 12:48 PM CET

Wiretapping on the Net: who pays?
The preliminary FCC decision, announced on Aug. 4, is a major step in the long process of deciding how Internet-based conversations could be monitored. Regulators will now hear three months of public testimony on the ruling. Few expect a resolution of the issue this year, but most know who will ultimately pay for the wiretapping capability: the consumers. [more]
Wednesday, 25 August 2004, 12:47 PM CET

Site slams IE's security
The 'Browse Happy' campaign suggests that insecurities in Microsoft's browser should prompt people to switch. [more]
Wednesday, 25 August 2004, 12:43 PM CET

Is security ripe for outsourcing?
Security demands for online applications such as e-commerce and Web services are prompting more corporate customers to hand off security functions - such as intrusion detection and firewalls - to outside service providers. [more]
Wednesday, 25 August 2004, 12:39 PM CET

Microsoft patches the patch
Windows XP Service Pack 2 gets a 'hotfix' for VPNs. [more]
Wednesday, 25 August 2004, 12:38 PM CET

Managing security in Lotus Workplace
Understand how security is implemented in IBM Lotus Workplace products including the IBM Workplace Client Technology, rich client edition and how to configure the available security options to create a safe and robust Lotus Workplace environment. [more]
Tuesday, 24 August 2004, 12:41 PM CET

Windows XP SP2 network protection technologies
This document is Part 2 of "Changes to Functionality in Windows XP Service Pack 2" and provides detailed information about the network protection technologies included in Microsoft Windows XP Service Pack 2. [more]
Tuesday, 24 August 2004, 12:37 PM CET

Enterprises look at outsourcing security
The need to stay ahead of the hacker curve will drive nearly 90 percent of US enterprises to outsource their security to managed service providers by the end of the decade, a report released this week suggested. [more]
Tuesday, 24 August 2004, 12:34 PM CET

Tightly shod footprints toughen security
How can you make your wireless network less accessible to intruders? [more]
Tuesday, 24 August 2004, 12:27 PM CET

Stopping spam at the source
New antispam technology standards are on the way that promise to hit spammers where it hurts the most--their wallets. [more]
Tuesday, 24 August 2004, 12:19 PM CET

Hosting wireless apps without compromising stability & security
This article introduces a new solution that can prevent rogue application behaviour, such as uncontrolled SMS or MMS blasts or over-consumption of resources leading to an interruption in service. [more]
Tuesday, 24 August 2004, 12:09 PM CET

An illustrated guide to cryptographic hashes
A "hash" (also called a "digest", and informally a "checksum") is a kind of "signature" for a stream of data that represents the contents. The closest real-life analog we can think is "a temper-evident seal on a software package": if you open the box (change the file), it's detected. [more]
Tuesday, 24 August 2004, 12:06 PM CET

Pursuing a career in ethical hacking
Popular IT Certification signifies a skilled professional who understands and knows how to look for the weaknesses and vulnerabilities in IT systems and infrastructure and uses the same knowledge and tools as a malicious hacker to protect them. [more]
Tuesday, 24 August 2004, 11:56 AM CET

First 64-bit virus unleashed
Virus released before the software it tries to exploit. [more]
Tuesday, 24 August 2004, 11:54 AM CET

A proactive approach to security
Symantec chief technical officer Robert Clyde talks to about the future of IT security. [more]
Tuesday, 24 August 2004, 11:53 AM CET

Defending the network
Extending and blurring the boundaries of computing brings new security challenges. Many organizations’ security is like a soft-boiled egg. The firewall provides a shell, which is supposed to protect all internal networks and data. However, once the defense is cracked, the intruder is free to access the soft, GUI centre of the organization’s data repositories. [more]
Monday, 23 August 2004, 4:50 PM CET

Attracting attackers: Windows vs. Unix
The number of attacks of each kind doesn't reflect the relative dominance of the targets, which leaves us free to pursue alternative hypotheses, including my favorite: Windows gets attacked more simply because it's easier and therefore more profitable for comparable levels of effort. [more]
Monday, 23 August 2004, 3:31 PM CET

User, beware of new XP patch
Microsoft has a massive patch for some of the many bugs and security holes in Windows XP. If you're using Windows XP, you might want to download the software patch and install it. But then maybe you shouldn't. [more]
Monday, 23 August 2004, 3:16 PM CET

DNA technique protects against 'evil' emails
A technique originally designed to analyse DNA sequences is the latest weapon in the war against spam. [more]
Monday, 23 August 2004, 3:15 PM CET

Cryptanalysis of MD5 and SHA: time for a new standard
Crypto researchers report weaknesses in common hash functions. [more]
Monday, 23 August 2004, 12:38 PM CET

Do hackers have your hardware singing the blues?
Bluetooth, which is becoming common, is insecure. Attacks demonstrated at this year's Black Hat and Defcon conferences targeted mobile phones but also suggest that printers and other Bluetooth-enabled devices could be next. [more]
Monday, 23 August 2004, 12:37 PM CET

Encryption gets a boost
A new standard re-energizes industry of data protection. [more]
Monday, 23 August 2004, 12:36 PM CET

Cyber front has favorable bytes
In a post-9/11 world, even the computers that run the Olympics have color-coded warnings for threats. [more]
Monday, 23 August 2004, 12:36 PM CET

Worms put on burst of speed
The survival time of unpatched PCs has been halved, research has claimed. [more]
Monday, 23 August 2004, 12:35 PM CET

How secure are your syndication feeds?
The most common mistake I've seen is giving your syndication software the wrong permission mask. For instance, if you provide only one feed for all of your forums, then you need to make sure that any hidden forums (such as sections for administrators and moderators) are not added to the feed. [more]
Monday, 23 August 2004, 12:33 PM CET

Download.Ject - the worm that didn't have to be
A new variant on the Download.Ject worm has appeared on the Internet, threatening users who have not yet installed Microsoft patch MS04-25. The worm spreads through instant-messaging systems, such as AIM, luring users to a Web site that delivers the infection. [more]
Monday, 23 August 2004, 12:31 PM CET

Microsoft gets good grades on SP2
Microsoft has begun sending Windows XP Service Pack 2 to home users via of its automatic update system. Despite a few flaws that already have been found in the massive patch, the update will strengthen system security for most Windows XP users. [more]
Friday, 20 August 2004, 12:24 PM CET

New worm travels by IM
Next generation of Scob pest can be stopped by existing patches. [more]
Friday, 20 August 2004, 12:23 PM CET

Hackers enable iTunes swapping
OurTunes allows music to be shared via Apple's iTunes jukebox but swappers must be on the same local network. [more]
Friday, 20 August 2004, 11:57 AM CET

Valuing secure access to personal information
What about the personal information of individuals? Are the protections afforded to other types of information increasing apace for the data pertaining to a single person? What about identity theft? [more]
Friday, 20 August 2004, 10:44 AM CET

Your regularly scheduled software patch
Oracle is ready to declare its own monthly "Patch Day." [more]
Friday, 20 August 2004, 10:40 AM CET

Attack pierces fully patched XP machines
Security researchers have identified a new version of the Download.Ject attack that is now being used on the Internet and can compromise fully patched Windows XP machines. [more]
Friday, 20 August 2004, 10:39 AM CET

Interview with Kismet's author, Mike Kershaw
Kismet is simply the best war driving tool out there plus it's free as in GPL. [more]
Friday, 20 August 2004, 10:37 AM CET

So you want to be a cybercrook...
Some Web sites are now offering surfers the chance to download free "phishing kits" containing all the graphics, Web code and text required to construct the kind of bogus Web sites used in Internet phishing scams. [more]
Friday, 20 August 2004, 10:34 AM CET

US security IT lacks strategy
The US government department responsible for dealing with terrorist threats has no appropriate strategy for managing its IT systems, say an official report. [more]
Thursday, 19 August 2004, 2:19 PM CET

Audio learning session: e-mail security
In this audio learning session, Joseph Zacharias, Managing Director at Kerio Technologies UK, discusses the major aspects of e-mail security, including viral threats and different anti-spam techniques. He especially focuses on the new Microsoft Caller ID technology. [more]
Thursday, 19 August 2004, 1:57 PM CET

Open-source backups using Amanda
This well tested network backup tool depends on standard tools such as dump, cron and GNU tar. Find out how to set up regular backups for your whole network. [more]
Thursday, 19 August 2004, 1:38 PM CET

Bosses may lose right to monitor without notice
Californian employers will have to notify staff in writing if their email and Internet activity is monitored, if a new bill becomes law. [more]
Thursday, 19 August 2004, 1:37 PM CET

Wireless kitchen
Manage your wireless networking settings as you move from place to place, and keep an eye out for the spot with the best signal. [more]
Thursday, 19 August 2004, 1:23 PM CET

802.11n: the next WLAN frontier
The wireless industry is raring to go with its next connectivity technology, 802.11n. But before the 100Mbit/sec. minimum throughput wireless LAN technology can see a standard, things could get ugly. [more]
Thursday, 19 August 2004, 12:38 PM CET

Sewers host cryptography system
The first bank transfer performed using quantum cryptography based on entangled photons takes place in Vienna's sewers. [more]
Thursday, 19 August 2004, 12:27 PM CET

Virus writers shouldn't get off so easy
Strong punishments could deter script kiddies... [more]
Thursday, 19 August 2004, 11:55 AM CET

Forces secure digital map access
£1.5m retrieval systems gets the green light. [more]
Thursday, 19 August 2004, 11:54 AM CET

HP tests latest security tool
Hewlett-Packard (HP) has moved its Active Counter Measures network security software into beta tests with a select group of European and US customers in hopes of readying the product for a 2005 release. [more]
Thursday, 19 August 2004, 11:53 AM CET

Automatic download of SP2 put off again
Windows XP Service Pack 2 faces another delay. Microsoft says that based on feedback from I.T. companies, it is giving users more time to prepare for SP2, which reportedly has incompatibility issues with existing software. [more]
Thursday, 19 August 2004, 11:23 AM CET

AMD misses a trick in security battle
AMD could have been making it known that it was ahead of the game on buffer-overflow protection all year but it has instead opted not to - why? [more]
Wednesday, 18 August 2004, 2:08 PM CET

Stop SQL injection attacks before they stop you
The power of ASP.NET and SQL can easily be used against you by hackers mounting an all-too-common class of attack—the SQL injection attack. [more]
Wednesday, 18 August 2004, 1:51 PM CET

Security expert warns schools about infected laptops
Last year, George Washington University's e-mail filters, which usually sift about 11,000 viruses a month from its network, screened 117,000 of them from their system on a single day. [more]
Wednesday, 18 August 2004, 1:48 PM CET

Sue a spoofer today
Spoofers forge e-mail headers to make spam look respectable. ISIPP wants to make them pay. [more]
Wednesday, 18 August 2004, 1:38 PM CET

Homeland security 101
As college students return to campus this month, they'll have their pick of courses tied to homeland security. Options range from a brief history of Islamic jihad to instruction in how to design buildings that can withstand acts of terrorism. [more]
Wednesday, 18 August 2004, 1:32 PM CET

PivX software to deters security breaches in Windows
PivX Solutions has unveiled Qwik-Fix Pro, an intrusion prevention software product which disables or modifies features of Microsoft Windows and the Internet Explorer web browser that are frequent targets of malicious computer hackers and virus writers. [more]
Wednesday, 18 August 2004, 1:27 PM CET

Japanese bank uses RFID for document security
NEC has signed a contract with a Japanese bank for a radio frequency ID-based document management system. [more]
Wednesday, 18 August 2004, 1:03 PM CET

Microsoft lists XP SP2 problems
Microsoft has released a long list of programs that are affected by its new XP SP 2 patch, including many of its own products, and security experts are counseling companies to take a wary approach to using the update. "Don't apply it until you know that it's working," says Secunia CTO Thomas Kristensen. [more]
Wednesday, 18 August 2004, 10:21 AM CET

Study: spammers, virus writers getting chummy
A new MessageLabs report says more than 86% of the e-mail it sampled in June was spam--and nearly one in 10 contained a virus. [more]
Wednesday, 18 August 2004, 10:19 AM CET

Crypto researchers abuzz over flaws
Encryption circles are buzzing with news that mathematical functions embedded in common security applications have previously unknown weaknesses. [more]
Wednesday, 18 August 2004, 10:15 AM CET

IT still playing catch-up on e-mail security
The IT community is falling behind in the race against spam, phishing and the like. [more]
Tuesday, 17 August 2004, 12:51 PM CET

CLI magic - sending and reading secret mail
In an earlier column, we went over the basics of creating key-pairs: the public and secret versions of your GNU Privacy Guard (GnuPG) keys. But if you're a government employee who wants to become a whistle-blower and report corruption, evil-doers, or gross mismanagement, you'll need to do more than create your keys. You'll need to encrypt and sign the email you send me with your exposé. [more]
Tuesday, 17 August 2004, 12:49 PM CET

Setting up a software restriction and wireless network policy with Windows 2003 group policy
Keep those unwanted applications from running on client machines and set the rules for how wireless clients operate in your Windows 2003 domain. Jesse Smith shows you how to set up a GPO with software restriction and wireless network policies for a network operating with a Windows Server 2003 server as the primary domain controller. [more]
Tuesday, 17 August 2004, 12:46 PM CET

New Mydoom virus is not a pretty picture
Latest variant poses as collection of humorous photos. [more]
Tuesday, 17 August 2004, 12:39 PM CET

Footing the Big Brother webtap bill
On 9 August 2004, the US Federal Communications Commission (FCC) took a major step toward mandating the creation and implementation of new Internet Protocol standards to make all Internet communications less safe and less secure. [more]
Tuesday, 17 August 2004, 12:31 PM CET

Hackers take aim at GOP
Online protests targeting GOP websites could turn out to be more than symbolic during this month's Republican National Convention, possibly blocking a critical communications tool for the party. [more]
Tuesday, 17 August 2004, 12:30 PM CET

Detecting worms and abnormal activities with NetFlow, part 1
This paper discusses the use of NetFlow, a traffic profile monitoring technology available on many routers, for use in the early detection of worms, spammers, and other abnormal network activity in large enterprise networks and service providers. [more]
Tuesday, 17 August 2004, 11:54 AM CET

Security pro: Windows easier to 'own'
Microsoft has been waiting for security researchers to say that its Windows operating system has a lower total cost of ownership. One finally has, but that's not good news. [more]
Tuesday, 17 August 2004, 11:33 AM CET

Alcatel hopes security will get users to switch
Alcatel is focusing on security in an effort to gain a foothold in corporate switching, a market long dominated by Cisco Systems. [more]
Tuesday, 17 August 2004, 10:57 AM CET

Users backing away from Windows XP SP2
Now that the long wait for Microsoft's Windows XP SP2 update is over, I.T. administrators around the globe are making "X's" with their fingers to ward off the glitchy software. Early adopters have reported a range of problems with Windows XP SP2, and warnings abound to exercise extreme caution before installing it. [more]
Tuesday, 17 August 2004, 10:57 AM CET

Catching 'phishers' a WholeSecurity sport
WholeSecurity, an Internet security firm in Austin, Texas, has released a program to help companies combat a growing form of online fraud known as "phishing." [more]
Tuesday, 17 August 2004, 10:37 AM CET

J2EE Security for Servlets, EJBs, and Web Services
If you are a java programmer, a system administrator who is in charge of managing J2EE applications, a system architect, or a project manager you will definitely enjoy reading this book. [more]
Monday, 16 August 2004, 3:33 PM CET

Don't fear Internet anonymity tools
There are lots of good reasons for 'net anonymity. [more]
Monday, 16 August 2004, 11:54 AM CET

Arming against viruses
Security community members try to keep up with constantly changing threats. [more]
Monday, 16 August 2004, 11:35 AM CET

Examining a public exploit, part 1
The purpose of this article is to analyze a public exploit in a lab environment, see the alerts generated by an intrusion detection system, and then do some packet analysis of the malicious binary in order to better understand it. [more]
Monday, 16 August 2004, 10:46 AM CET

BOFH: How dangerous are your users?
Sure, your users may look about as likely to rebel as the pack of mindless sheep that they are - but can they be trusted? [more]
Monday, 16 August 2004, 10:43 AM CET

Security study pans Windows
Taking control of a PC is easier if it is running Microsoft's operating system, according to a paper published by a security researcher. [more]
Monday, 16 August 2004, 10:42 AM CET

Windows: security is suddenly job one
This upgrade should zap more viruses, worms, and other nasties. [more]
Monday, 16 August 2004, 10:41 AM CET

An imperfect spy act
Consumers hate spyware programs that slow their PCs and endanger personal data. So why are Congressional efforts to block the malicious software so unpopular? [more]
Monday, 16 August 2004, 10:38 AM CET

Microsoft takes down SP2 swappers
Microsoft has taken steps to stop its security update for Windows being shared on file-swapping networks. [more]
Monday, 16 August 2004, 10:36 AM CET

Hunt for XP SP2 flaws seen in full swing
While users are testing Service Pack 2 (SP2) for Windows XP to prevent compatibility problems, hackers are picking apart the security-focused software update looking for vulnerabilities, security experts said. [more]
Monday, 16 August 2004, 10:29 AM CET

Arkansas center to train officers in cyberterrorism
The center is part of the University of Arkansas' Criminal Justice Institute, and was awarded $2.8 million of the total grant to train rural law enforcement officers to recognize cyberterrorism, preserve the physical evidence as they would any crime scene, and notify the appropriate federal agency. [more]
Monday, 16 August 2004, 10:27 AM CET

US Emergency Alert System open to hack attack
The US Emergency Alert System that lets officials instantly interrupt radio and TV broadcasts to provide emergency information in a crisis suffers from security holes that leave it vulnerable to denial of service attacks, and could even permit hackers to issue their own false regional alerts. [more]
Friday, 13 August 2004, 2:56 PM CET

How to get help with patch problems
Your PC maker is obliged to deal with software woes during your warranty. [more]
Friday, 13 August 2004, 2:53 PM CET

Mosquito virus bites smart phones
A new virus making the rounds forces some cell phones based on the Symbian operating system to generate pricey text messages. [more]
Friday, 13 August 2004, 2:43 PM CET

Public sector security - a cognitive dissonance
There are a number of key areas that can cause security projects in the public sector to fail. These fall into a number of areas, including management, acceptance of responsibility, education, and business continuity issues. [more]
Friday, 13 August 2004, 2:40 PM CET

Credit card crime squad celebrates success
A UK police squad dedicated to fighting out credit card fraud has recovered 36,000 cards and card details in its first two years of operation. [more]
Friday, 13 August 2004, 2:36 PM CET

Securing PHP
In a previous article we looked at installing Apache in a chroot jail. This article looks at the extra steps needed to add PHP to that setup, and goes on to discuss how to run PHP securely on your server. [more]
Friday, 13 August 2004, 8:48 AM CET

Microsoft offers disabled SP2 download
Microsoft Corp. is letting customers disable installation of SP2 until they are ready to deal with the multitude of issues it brings. [more]
Friday, 13 August 2004, 8:47 AM CET

Interview with Bruce Schneier
Bruce Schneier, founder and CTO of Counterpane Internet Security, is one of the world's foremost security experts and author of the influential books Applied Cryptography, Secrets & Lies and Beyond Fear. [more]
Friday, 13 August 2004, 8:45 AM CET

Online data a gold mine for terrorists
IT's high-alert response overlooks corporate sites. [more]
Friday, 13 August 2004, 8:35 AM CET

Hacker cracks Apple's wireless streaming technology
The Norwegian hacker famed for developing DVD encryption-cracking software has apparently struck again—this time breaking the locks on Apple Computer Inc.'s wireless music streaming technology. [more]
Friday, 13 August 2004, 8:30 AM CET

Introduction to OpenVPN
This document will introduce OpenVPN as a free, secure and easy to use and configure SSLbased VPN solution. The document will present some simple (and verified) scenario’s that might be useful for preparing security/networking labs with students, for creating a remote access solution or as a new project for the interested home user. [more]
Thursday, 12 August 2004, 9:32 AM CET

Network analysis a public exploit (part 1 of 2)
The purpose of this article is to analyze a public exploit in a lab environment, see the alerts generated by an intrusion detection system, and then do some packet analysis of the malicious binary in order to better understand it. [more]
Thursday, 12 August 2004, 9:11 AM CET

Biometric tech puts ID at your fingertips
The Statue of Liberty, recently reopened after a two-year closure, stashing a package offers a glimpse into the future. To rent, close and reopen lockers, visitors touch an electronic reader that scans fingerprints. [more]
Thursday, 12 August 2004, 9:01 AM CET

Microcontrollers bring cryptography onboard
Two new PIC Flash microcontrollers feature integrated Keeloq cryptographic peripherals, providing a complete solution for remotely controlled security systems and authentication applications. [more]
Thursday, 12 August 2004, 8:58 AM CET

How a digital signature works
Microsoft's new Service Pack makes life tough for programs lacking the proper electronic credentials. Here's why. [more]
Thursday, 12 August 2004, 8:56 AM CET

SP2 - Redmond's salvation
Service Pack 2 for XP represents a sea change in Microsoft's security posture. Here's why you should ignore the naysayers and start planning your upgrade. [more]
Thursday, 12 August 2004, 8:54 AM CET

Microsoft lets companies block SP2 upgrade
Although Microsoft recommends that consumers turn on Automatic Update to get the latest version of Windows, the company is offering to let companies temporarily block such upgrades. [more]
Thursday, 12 August 2004, 8:48 AM CET

SSH authentication: a basic overview
SSH is most commonly used to gain a remote shell, but it can be used for file transfers, to display remote X applications on a local machine, and even to securely connect to services that lack encryption. [more]
Thursday, 12 August 2004, 8:46 AM CET

MSBlast suspect pleads guilty
A 19-year-old Minneapolis man pleaded guilty Wednesday to unleashing part of the MSBlast worm attack that wreaked havoc on the Internet last summer. [more]
Thursday, 12 August 2004, 8:41 AM CET

Phishing scams: They're the new viruses
Spreading more quickly and adding to the inbox burden... [more]
Thursday, 12 August 2004, 8:40 AM CET

Russian hackers pose an increasing threat
Young, smart Russian hackers are posing an increasing threat to global business. [more]
Thursday, 12 August 2004, 8:39 AM CET

Security's disorderly mess
About five years ago, you couldn't pick up a trade magazine or speak to an IT professional without tripping across the subject of consolidation. [more]
Wednesday, 11 August 2004, 3:54 PM CET

Impact of phishing now equals virus outbreaks
250,000 phishing emails intercepted every month. [more]
Wednesday, 11 August 2004, 2:03 PM CET

'Game virus' bites mobile phones
A mobile phone virus posing as a game is roaming file-sharing and software download sites, say security experts. [more]
Wednesday, 11 August 2004, 2:02 PM CET

Olympics' digital security unprecedented
If you're going to the Olympics, you'd better be careful what you say and do in public. [more]
Wednesday, 11 August 2004, 10:47 AM CET

A practical implementation of a real-time intrusion prevention system for commercial enterprise databases
This paper presents an overview of our work in creating a practical database intrusion detection system. Based on many years of Database Security Research, the proposed solution detects a wide range of specific and general forms of misuse, provides detailed reports, and has a low false-alarm rate. [more]
Wednesday, 11 August 2004, 9:50 AM CET

Securing a new Linux installation
From a security professional's perspective, a number of common Linux distributions are insecure "out of the box", and many of the supplied packages are already out of date by the time they reach the shelves. [more]
Wednesday, 11 August 2004, 9:40 AM CET

A critique of port knocking
Port knocking is a method of "message transmission across closed ports." [more]
Wednesday, 11 August 2004, 9:38 AM CET

Top 10 security modifications in Windows XP SP 2
This XP Service Pack should be called a Security Pack. [more]
Wednesday, 11 August 2004, 8:39 AM CET

Enhancing the enhanced security
You can never have too much security. [more]
Wednesday, 11 August 2004, 12:19 AM CET

Microsoft plugs hole in Exchange
Microsoft published a patch Tuesday for its Exchange 5.5 e-mail and collaboration server software, fixing a flaw graded as "moderate," the second-lowest of four ratings. [more]
Wednesday, 11 August 2004, 12:18 AM CET

How to bypass Active Directory controls
Security threats to Bluetooth wireless technology, credit card hacking and tricks to bypass Windows Active Directory were revealed at the Defcon conference in Las Vegas earlier this month. [more]
Wednesday, 11 August 2004, 12:17 AM CET

'Critical security hole' found in AOL IM
A serious flaw in AOL's Instant Messenger application means users could fall foul of a buffer overflow attack, according to experts. [more]
Tuesday, 10 August 2004, 1:12 PM CET

Automating common tasks with cron
One of the lesser-known gems in every Linux distribution must be cron, a tool that can automatically execute routine tasks at predefined intervals. When it comes to commands (or scripts) that must be performed on a regular basis, administrators and developers naturally reach for cron. Here's a beginner's guide to this powerful tool. [more]
Tuesday, 10 August 2004, 12:52 PM CET

Oracle works to patch rash of security holes
Oracle has yet to release patches for multiple security holes in its software. [more]
Tuesday, 10 August 2004, 12:41 PM CET

It's time to look at real digital security
'Retouching' technologies have good uses—and bad. [more]
Tuesday, 10 August 2004, 12:25 PM CET

New Bagle e-mail worm spreads
Antivirus updates available, but experts say this variant may fool some software. [more]
Tuesday, 10 August 2004, 12:00 PM CET

IBM tells employees not to install Windows XP update
While developers at Microsoft Corp. may be celebrating that they finished work on Service Pack 2 (SP2) for Windows XP, IT departments around the world now face the question on whether they should update their systems, or not. [more]
Tuesday, 10 August 2004, 11:36 AM CET

Fahrenheit FBI
A new U.S. government decision extending wiretapping regulations to the Internet raises far more questions than it answers. [more]
Tuesday, 10 August 2004, 11:34 AM CET

SP2's new firewall: better than nothing, but not good enough
With Microsoft having released Windows XP Service Pack 2 (SP2) to manufacturing, the technology that some have nicknamed "Security Pack 2," coupled with recent rumblings from Microsoft, are spinning the spotlight towards the personal firewall and anti-virus sectors. [more]
Tuesday, 10 August 2004, 11:23 AM CET

Attacking the phishing threat - what every company needs to know
By now just about every person with an email inbox has been exposed to a phishing scam. Spoofs are showing up with alarming frequency and to make matters worse, criminals have upped the ante with increasingly sophisticated coding and graphics. [more]
Monday, 9 August 2004, 2:06 PM CET

Wi-Fi security doesn't have to mean slow
With performance at a premium for enterprises packing their WLANs with heavy-duty applications such as voice over IP, wireless gear makers are finding ways to improve the speed and security of the networks. [more]
Monday, 9 August 2004, 1:19 PM CET

Big business becoming Big Brother
The ACLU says the government is using private companies to snoop on Americans, bypassing legal safeguards. What's worse, Americans share information with companies freely, not knowing where the data may end up. [more]
Monday, 9 August 2004, 12:09 PM CET

Examining the new Linux+ certification
The updates to the Linux+ certification are anything but cosmetic, take an in-depth look at the changes. [more]
Monday, 9 August 2004, 12:08 PM CET

Is sharing Wi-Fi illegal?
Borrowing a neighbor's unsecured Wi-Fi signal could be against the law. Or it might be legal. The law is unclear, said cyberlawyer Mark Rasch. [more]
Monday, 9 August 2004, 12:04 PM CET

The numbers don't lie: CAN-SPAM is a bust. Compliance with CAN-SPAM has fallen to a new low, according to recent data collected by MX Logic. [more]
Monday, 9 August 2004, 12:03 PM CET

Yahoo enhances toolbar with antispyware tool
Feature can remove spyware and adware. [more]
Monday, 9 August 2004, 11:59 AM CET

FBI probes beheading hoax on Web
San Francisco computer expert duped international media on Saturday into believing Islamist kidnappers had executed an American hostage in Iraq by staging his own mock beheading on the Internet. [more]
Monday, 9 August 2004, 11:57 AM CET

Applications at their fingertips
DOD employees test fingerprint authentication system. [more]
Monday, 9 August 2004, 11:56 AM CET

Zone Labs jumps on new Windows security API, do we need more?
With Microsoft having released Windows XP Service Pack 2 (SP2) to manufacturing, the technology that some have nicknamed "Security Pack 2," coupled with recent rumblings from Microsoft, are spinning the spotlight towards the personal firewall and anti-virus sectors. [more]
Monday, 9 August 2004, 11:55 AM CET

Hackers get jail time after using Wi-Fi for break-ins
Federal prosecutors in Charlotte, N.C. said Thursday that three men had pleaded guilty in a case that is likely the first criminal conviction of "wardriving," the hacker tactic of cruising for unsecured wireless networks [more]
Monday, 9 August 2004, 11:54 AM CET

Malicious program aims for Pocket PCs
A malicious Trojan horse program has emerged for Pocket PCs, antivirus companies said Thursday, but they characterized the threat as relatively low. [more]
Friday, 6 August 2004, 4:26 PM CET

UK to lead anti-spam and scam drive
Britain will spearhead co-ordinated worldwide sweep for web fraudsters. [more]
Friday, 6 August 2004, 2:32 PM CET

Security activities ail Bluetooth
Serious flaws discovered in Bluetooth technology used in mobile phones can let an attacker remotely download contact information from victims' address books, read their calendar appointments or peruse text messages on their phones to conduct corporate espionage. [more]
Friday, 6 August 2004, 2:31 PM CET

Nils Magnus (of LinuxTag) on security and aKademy
Michael Renner and Tom Chance interviewed Nils Magnus of LinuxTag about security on the desktop. [more]
Friday, 6 August 2004, 11:53 AM CET

Three plead guilty to trying to hack into Lowe's computer
Three Michigan men have pleaded guilty to charges that they conspired to hack into the national computer system of the Lowe's home improvement chain to steal credit card information, federal authorities said Wednesday. [more]
Friday, 6 August 2004, 11:49 AM CET

Secure your workplace when going on vacation
When going on vacation, leaving computers unattended for a few days can be a problem unless you take the right precautions. [more]
Friday, 6 August 2004, 11:42 AM CET

Anti-identity theft freeze gaining momentum
Little by little, a weapon against identity theft is gaining currency -- but few people know about it. [more]
Friday, 6 August 2004, 11:28 AM CET

Bluefire brings VPN to handhelds
Bluefire Mobile Firewall Plus, a security suite for Windows Mobile devices, will gain virtual private networking in a new release scheduled for this quarter. [more]
Friday, 6 August 2004, 11:24 AM CET

Image flaw pierces PC security
Six vulnerabilities in an open-source image format could allow intruders to compromise computers running Linux and may allow attacks against Windows PCs as well as Macs running OS X. [more]
Friday, 6 August 2004, 11:16 AM CET

Wireless security - is protected access enough?
Wi-Fi finally has real layer-2 security built in. Is it good enough? [more]
Friday, 6 August 2004, 11:10 AM CET

Behind the RFID-standards brawl
"The fact of the matter is," says Gartner research analyst Jeff Woods, "end-users are not paying enough attention to the RFID-standards issue. That makes them vulnerable to being mislead by competing factions and vulnerable to making poor technology choices." [more]
Friday, 6 August 2004, 11:05 AM CET

Serious security hole in PuTTY
A serious security hole has been found in PuTY, version 0.54 and before. [more]
Thursday, 5 August 2004, 1:27 PM CET

Windows XP security update coming
Microsoft's long-awaited revision to Service Pack 2 will fix bugs, add features. [more]
Thursday, 5 August 2004, 1:25 PM CET

Onion routing averts prying eyes
The Navy built a networking technology, called onion routing, to mask the online activities of intelligence employees. Now open-source programmers are using the same system to let users surf the Web anonymously. [more]
Thursday, 5 August 2004, 1:23 PM CET

The legitimate hacker
LinuxWorld Conference & Expo - August 2004. Large corporations are exhibiting. Multitudes of sales and marketing representatives comb the show floor and meetings rooms in search of an opportunity to take a piece of the Linux pie. So where are the hackers? [more]
Thursday, 5 August 2004, 11:40 AM CET

Home invasion
Unwanted search engines, incessant pop-up ads, websites that hijack the browser and programs that promise salvation but bring their own parasites instead - it seems the sneaky are getting sneakier. [more]
Thursday, 5 August 2004, 10:59 AM CET

Jeffrey L. Taylor introduces SuSEfirewall2, which provides some "expertise in a box" if you aren't ready to become a firewall-rules guru. [more]
Thursday, 5 August 2004, 10:57 AM CET

Fingerprinting your files
"Hash" functions identify digital content with mathematical certainty—but is that enough to foil the hackers? [more]
Thursday, 5 August 2004, 10:54 AM CET

Year-old Bluetooth vulnerability invites mobile worm
Mobile phone manufacturers are addressing a security vulnerability that could allow an MSBlast-type worm to spread between Bluetooth devices. [more]
Thursday, 5 August 2004, 10:30 AM CET

Key metrics on computer crime and security
Every year for the past nine years, the Computer Security Institute and the FBI undertake a computer crime and security survey among companies and institutions in the US. [more]
Thursday, 5 August 2004, 10:26 AM CET

AOL acquires Mailblocks anti-spam service
America Online is ratcheting up its spam-fighting efforts with the acquisition of Mailblocks, the developer of technology that blocks unsolicited e-mails by requiring senders to participate in an authentication process. [more]
Thursday, 5 August 2004, 10:22 AM CET

Collaboration in a secure development process, part 1
This paper discusses the collaboration between security and development in the enterprise software development lifecycle. [more]
Wednesday, 4 August 2004, 1:45 PM CET

School of hack
Security consultants join with hackers to learn how to be the first to find web server flaws. [more]
Wednesday, 4 August 2004, 1:21 PM CET

Wanna meet a hacker?
When we think of hackers and crackers congregating in one location to network and strut their stuff, Malaysia is hardly the first place you'd expect to find them. [more]
Wednesday, 4 August 2004, 1:13 PM CET

Monitoring system performance
Monitoring system performance is an integral part of administering any set of servers, whether they be production, test, or development oriented. [more]
Wednesday, 4 August 2004, 1:02 PM CET

Feds seek a few good hackers at Defcon
War on terrorism distracts cybercops from routine hacking, and even encourages alliances. [more]
Wednesday, 4 August 2004, 12:58 PM CET

LinuxWorld to highlight desktop Linux, security
Consumers interested in moving away from the Windows operating system could come to see Linux as a viable alternative. [more]
Wednesday, 4 August 2004, 12:54 PM CET

FBI wants to eavesdrop on fiber links
The FBI wants to force Verizon Communications to make sure that its broadband-over-fiber service can be easily wiretapped by police and spy agencies. [more]
Wednesday, 4 August 2004, 12:46 PM CET

Oracle sat on security patches
The founder of UK-based Next Generation Security Software has sounded an alert on security holes in Oracle's widely used enterprise-database software. The problem, says David Litchfield, is not so much that the software has holes, but that Oracle has been sitting on patches for the vulnerabilities for several months. [more]
Wednesday, 4 August 2004, 12:44 PM CET

Securing Web services: PKI basics
In this article we begin the exploration of applied cryptography foundations by looking at PKI, and specifically keys, certificates, and trust, along with some practical examples of key generation and certificate management tasks. [more]
Wednesday, 4 August 2004, 12:42 PM CET

Networking security concepts
The key to network security can be found in understanding the choices and strategies available to you look to the building blocks of network security. [more]
Wednesday, 4 August 2004, 12:41 PM CET

Security spending to hit high in 2005
Next year will be the high mark in corporate IT security spending, after which spending will drop to around 5% of IT budgets, says Gartner analyst Rich Mogull. [more]
Wednesday, 4 August 2004, 12:37 PM CET

Microsoft offers $1m for secure computing curricula
Microsoft's research group is making available $1m (£550m) to help create courses in computer science, business and law that focus on secure computing. [more]
Tuesday, 3 August 2004, 1:37 PM CET

Mozilla to pay bounty on bugs
Users who identify and report serious security vulnerabilities involving Mozilla are to be rewarded for finding bugs in the open source Web browser software. [more]
Tuesday, 3 August 2004, 1:36 PM CET

Wi-Fi shootout in the desert
Hackers gathering for DefCon's annual conference think they may have broken a world record for Wi-Fi connectivity. But even if they didn't, they had lots of fun trying. [more]
Tuesday, 3 August 2004, 11:44 AM CET

Security flaws found in Oracle software
Oracle is working on patches for a series of flaws that have been found in its database software that could allow malicious hackers to steal personal details. [more]
Tuesday, 3 August 2004, 11:35 AM CET

Data driven attacks using HTTP tunneling
In this article we will look at a means to bypass the access control restrictions of a company's router or firewall. This information is intended to provide help for those who are legitimately testing the security of a network (whether they are in-house expertise or outside consultants). [more]
Tuesday, 3 August 2004, 10:46 AM CET

Linux keeps dodging hackers and viruses
Survey: Fewer than one in four Linux developers say they have been hacked and even fewer have been infected by viruses. [more]
Tuesday, 3 August 2004, 10:43 AM CET

It's official: 2004 is year of the virus
It is officially the year of the virus, with a 21 percent increase in new viruses discovered in Australia in the first six months of 2004 compared to the last year. [more]
Tuesday, 3 August 2004, 10:41 AM CET

Hackers' latest choice: Internet phones
Malicious attacks have already plagued some corporate networks. [more]
Tuesday, 3 August 2004, 10:40 AM CET

Microsoft releases seven new patches, virus tool
Microsoft has released a flurry of new patches -- two of them labeled "critical" -- and a tool that helps users protect their systems from the nefarious Download.ject virus. Critics are complaining that the tool is only a partial fix and does not prevent the virus from spreading to other machines. [more]
Tuesday, 3 August 2004, 10:38 AM CET

Administering Windows Server 2003 remotely
This chapter covers the wealth of tools and options available to administrators in Windows Server 2003, including many enhancements to tools that existed in previous versions of the system. [more]
Tuesday, 3 August 2004, 10:36 AM CET

Anti-spam spamvertisers agree to quit
A Californian company last week promised to stop promoting its ad-blocking software using Internet pop-up ads. [more]
Monday, 2 August 2004, 3:31 PM CET

Black Hat day 2 sounds security alarm
Black Hat day two concluded with a great talk on how to use Google to find vulnerable Websites. RFID vulnerabilities were also discussed in an exclusive THG video interview with RFID expert Lukas Grunwald. [more]
Monday, 2 August 2004, 3:27 PM CET

VPNs (Virtual Private Nightmares)
Here's a question: What's the number 1 vector for security outbreaks today? Virtual Private Networks. Today's convenient world of mobile access to critical applications and information has come with a hefty burden for the world's already overburdened security teams. [more]
Monday, 2 August 2004, 3:25 PM CET

Long-awaited IE patch (finally) arrives
Microsoft released an unscheduled security patch on Friday designed to fix a trio of serious security problems affecting users of its ubiquitous Internet Explorer Web browser. [more]
Monday, 2 August 2004, 12:59 PM CET

US hackers plan three-day contest
Up to 1,000 hackers will attempt to 'capture the flag' in a fight across the Internet. [more]
Monday, 2 August 2004, 12:57 PM CET

A taste of computer security
There are miscreants everywhere — in all domains — from vandals in a representative parking lot to high-profile terrorists on the international scene. [more]
Monday, 2 August 2004, 11:55 AM CET

DNS opens networks to data attacks
The same technology that allows Web surfers to locate and connect to computers on the Internet can be used to create covert communications channels, bypass security measures and store distributed content, a security researcher said Saturday. [more]
Monday, 2 August 2004, 11:47 AM CET

Gov't studies effect of viruses, DDoS on grid computers
By connecting hundreds or even thousands of computers together to work on a single project, computer scientists are more frequently using a technique called grid computing to do previously intractable computations. [more]
Monday, 2 August 2004, 11:44 AM CET

Seven ways to prevent computer hacking
The reality is that any small business with a broadband connection to the Internet risks becoming a victim of a cyber crime. [more]
Monday, 2 August 2004, 11:40 AM CET

Dartmouth computer hackers
Hackers hit the computer system at Dartmouth College last week and got access to sensitive information about thousands of employees and students. [more]
Monday, 2 August 2004, 11:34 AM CET

ISS speaks out over direct sales rumours
Security vendor announces increase in partner margins. [more]
Monday, 2 August 2004, 11:33 AM CET


The synergy of hackers and tools at the Black Hat Arsenal

Posted on 27 August 2014.  |  Tucked away from the glamour of the vendor booths and the large presentation rooms filled with rockstar sessions, was the Arsenal - a place where developers were able to present their security tools and grow their community.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.


Mon, Sep 1st