"In the age of personal information versus aggregated information collected from search engines and other Internet services, one's privacy can no longer be assured. Mark Rasch looks at a recent Amazon patent application that shows how the laws need to be tightened because the lines of privacy are becoming blurred..."
http://www.securityfocus.com/columnists/414?ref=rss
Good article about the topic of anonymity and privacy and amazon's approach: think privacy.
-Urs
Ever wondered what is behind Spam? How professional the spammers are? How they work?
There is a really interesting analysis by BBC News: http://news.bbc.co.uk/1/hi/technology/5371078.stm
Roger
There is a lot of discussion goiung on regarding the VML-0-day at the moment. Wonder how you could use ISA Server to mitigate those attacks?
Read yourself: http://www.microsoft.com/technet/isa/2006/how-to-block-vml.mspx
If you want to automate it (unsupported but by a guy, knowing what he is doing):
http://www.isatools.org/block_vml.vbs
You probably (hopefully) read about the new VML-0-day in IE. Jesper wrote a blog entry about how to disbale this component via Group Policy.
This could be a workaround: http://msinfluentials.com/blogs/jesper/archive/2006/09/19/Block-VML-Zero_2D00_Day-Vuln-on-a-domain.aspx
This is a pretty interesting study: McAfee looked into the different search engines and the result to often used searches. There they checked the safety of the site that was referred (e.g. the presence of malware etc.). You shoudl read their study yourself but here is their conclusion:
It's a jungle out there. Users should be careful where they go and what they do when choosing sites based on search engine results. Despite search engines' efforts, we see too many sites trying to deceive unsuspecting users. These tricky sites span a range of content areas, keywords, and business models – so there is no simple advice as to how to stay safe. Users can't count on search engines to protect them; to the contrary, we find that search result rankings often do not reflect site safety. Users are at especially high risk when visiting search engine advertisers -- even though search engines are well equipped to impose strict guidelines on sites buying prominent placement.
You can read the whole study here: http://www.siteadvisor.com/studies/search_safety_may2006.html
Since quite some time, I was talking about the changes in the Threat Landscape. I am pretty convinced that the probablity of having something like Blaster or Slammer again is decreasing. This is the good news. The bad news is that threats like targeted attacks are on the raise.
There is a pretty good article covering this: http://www.securitypronews.com/news/securitynews/spn-45-20060911EvolutionoftheHackerThreat.html
I think it was a little bit more than an year ago, where there were signs of a hybrid worm. Now it seems that this new sort of attack starts to really materialize. At least F-Secure is telling it. Read yourself: http://www.f-secure.com/weblog/archives/archive-082006.html#00000960