Welcome to TechNet Blogs Sign in | Join | Help

April 2008 - Posts

Web 2.0, meet Internet attack 2.0

The glitzy, interactive abilities of Web 2.0 have led to a profusion of new applications, but the technology also is bringing a new era of security vulnerabilities, a security researcher warned Wednesday. "Security was a challenge to begin with, but if Read More...
Posted Wednesday, April 30, 2008 10:47 AM by chsecblo | 0 Comments

To defeat a malicious botnet, build a friendly one

Beating the "botnets"–armies of infected computers used to attack websites–requires borrowing tactics from the bad guys, say computer security researchers. A team at the University of Washington, US, wants to marshal swarms of good computers to neutralize Read More...
Posted Wednesday, April 30, 2008 10:45 AM by chsecblo | 0 Comments

Modern 'primitive' could ease the pain of encrypting massive amounts of data

Researchers have devised an encryption scheme that could simplify the protection of sensitive information by allowing banks, hospitals, and other organizations to lock files using keys that are based on specific attributes, such as an employee's position Read More...
Posted Wednesday, April 30, 2008 10:44 AM by chsecblo | 2 Comments

Researchers find hole in 'flawless' encryption technology

Quantum cryptography, a new technology until now considered 100 per cent secure against attacks on sensitive data traffic, has a flaw after all, Swedish researchers say. "In computer terms, we've found a bug," said Jan-Aake Larsson, an associate professor Read More...
Posted Wednesday, April 30, 2008 10:40 AM by chsecblo | 1 Comments

Microsoft: We took out Storm botnet

Microsoft Corp. today took credit for crushing the Storm botnet, saying that the malware search-and-destroy tool it distributes to Windows users disinfected so many bots that the hackers threw in the towel. "They realized they were in our gun sights," Read More...
Posted Wednesday, April 30, 2008 10:28 AM by chsecblo | 0 Comments

Infosec/Microsoft: Security community must work together

Microsoft has called on companies to work together to improve overall security, and not just rely on the police to do it for them. Ed Gibson, Microsoft's chief security advisor in the UK, said during his keynote at Infosecurity Europe 2008 that security Read More...
Posted Wednesday, April 30, 2008 10:22 AM by chsecblo | 0 Comments

FBI organizes defense against cyber-attacks

The FBI quietly established last summer a task force involving U.S. intelligence and other agencies to identify and respond to cyberthreats against the United States. Called the National Cyber Investigative Joint Task Force, the group has "several dozen" Read More...
Posted Wednesday, April 30, 2008 10:19 AM by chsecblo | 0 Comments
Filed under: ,

Shrinking patch windows hit by automated attacks

The length of time between the development of security patches and the development of exploits targeting the security holes they address has been dropping for some time. Hackers exploit this period of time - the so-called patch window - to launch attacks Read More...
Posted Wednesday, April 30, 2008 10:03 AM by chsecblo | 0 Comments

Cyber Criminals Shifting Targets To Mobiles

Mobile networks and handsets are becoming more of a target for criminals with a technical bent, security experts are warning. "There's a real transition from online in to the mobile space," said Simeon Coney, head of business development at Adaptive Mobile, Read More...
Posted Wednesday, April 30, 2008 10:01 AM by chsecblo | 0 Comments

Automatic Patch-Based Exploit Generation

Paper Abstract: In this paper, we propose techniques for automatic patch-based exploit generation, and show that our techniques can automatically generate exploits for vulnerable programs based upon patches provided via Windows Update. In many cases we Read More...
Posted Wednesday, April 30, 2008 9:57 AM by chsecblo | 1 Comments

Security is no match for chocolate and good looking women

A survey out today by the organizers of the tech-security conference Infosecurity Europe found that 21% of 576 London office workers stopped on the street were willing to share their computer passwords with a good looking woman holding a clipboard. People Read More...
Posted Monday, April 28, 2008 11:03 AM by chsecblo | 0 Comments

Beta release of Microsoft Windows Live OneCare 2.5

A beta release of Windows Live OneCare 2.5, Microsoft's automated security suite for home users and small businesses, is available for testing from the Microsoft Connect Web site. Microsoft stated through its blog that there is little apparent difference Read More...
Posted Monday, April 28, 2008 11:01 AM by chsecblo | 0 Comments

Microsoft Releases Beta of Integrated Security System Forefront “Stirling”

At RSA Conference 2008, Microsoft announced the availability of the public beta release of its next-generation Microsoft Forefront security solution, currently code-named “Stirling.” Microsoft Forefront “Stirling” is an integrated security system that Read More...
Posted Friday, April 11, 2008 12:41 PM by chsecblo | 1 Comments

The evolution of CyberCrime Inc

There is no storefront or corporate headquarters for Cybercrime Inc., but savvy salesmen in a murky, borderless economy are moving merchandise by shilling credit card numbers - "two for the price one." "Sell fresh CC," promised one salesman who offered Read More...
Posted Friday, April 11, 2008 12:34 PM by chsecblo | 1 Comments

Microsoft calls for talks on Internet trust, safety

Microsoft today called for broad discussions about the safety of the Internet in an initiative it dubbed "End to End Trust" in a white paper released during the RSA Conference that opened today in San Francisco. In a keynote address at the security conference, Read More...
Posted Friday, April 11, 2008 12:16 PM by chsecblo | 0 Comments

Outsource your code & you're more likely to be hacked

In a new report released by European information technology analysis group, Quocirca, organisations that admitted to being frequently hacked, all outsource at least some of their coding practice, with 90 percent outsourcing more than 40 percent! With Read More...
Posted Friday, April 11, 2008 12:13 PM by chsecblo | 0 Comments

Windows Vista SP1 Prerequisite KB937287

Back in February, Microsoft posted about the release of prerequisites for Windows Vista Service Pack 1. While several million customers installed the updates successfully, you may have read that a few customers experienced an endless reboot cycle while Read More...
Posted Thursday, April 10, 2008 11:01 AM by chsecblo | 0 Comments

IC3's 2007 Internet Crime Report

The USA's Internet Crime Complaint Center (IC3) is a partnership between the FBI and the National White Collar Crime Center (NW3C). Last week, the IC3 released its annual report for 2007. You can download a copy from here . From F-Secure: Malicious software Read More...
Posted Thursday, April 10, 2008 10:57 AM by chsecblo | 0 Comments

New massive Botnet twice the size of Storm

A new botnet twice the size of Storm has ballooned to an army of over 400,000 bots, including machines in the Fortune 500, according to botnet researchers at Damballa. The so-called Kraken botnet has been spotted in at least 50 Fortune 500 companies and Read More...
Posted Thursday, April 10, 2008 10:54 AM by chsecblo | 0 Comments

The difference between feeling and reality in Security

Security is both a feeling and a reality, and they're different. You can feel secure even though you're not, and you can be secure even though you don't feel it. There are two different concepts mapped onto the same word — the English language isn't working Read More...
Posted Tuesday, April 08, 2008 12:29 PM by chsecblo | 0 Comments

Don't blame 'stupid users' for data breaches

Security breaches that can be traced back to the actions of one individual are not the fault of one "stupid" employee but rather a failure to educate and engage the whole workforce around the importance of good security practice, according to a leading Read More...
Posted Tuesday, April 08, 2008 12:26 PM by chsecblo | 0 Comments

PGP adds encryption to Windows Mobile Smartphones

PGP Corp. has introduced an encryption application that lets enterprise users protect all the data they carry around in their smartphones. PGP Mobile encrypts Windows Mobile-based data automatically, but still allows mobile data to be shared securely Read More...
Posted Tuesday, April 08, 2008 12:24 PM by chsecblo | 0 Comments

Internet Telephony has Security problems

Phone calls that are routed through the Internet instead of telephone wires are increasingly popular with businesses looking to cut telephony costs. But they have security problems that might leave a business that uses this technology vulnerable to a Read More...
Posted Tuesday, April 08, 2008 12:21 PM by chsecblo | 0 Comments
Filed under:

Hacker group threatens to release Merkel's fingerprints

The Chaos Computer Club (CCC), one of Germany's oldest and largest hacker organisations, threatened to publish Chancellor Angela Merkel's fingerprints as part of a campaign against the government's use of biometric data in new passports, media reported Read More...
Posted Thursday, April 03, 2008 1:45 PM by chsecblo | 0 Comments
Filed under: ,

Interview: Mitnick on avoiding fraudsters

You know that hidden bomb shtick in the movies? There's a bomb that's going to go off and kill a gazillion people. First, the good guys have to find it. Then they have to figure how to get into it to disarm it. Then they almost have it disarmed when they Read More...
Posted Thursday, April 03, 2008 1:41 PM by chsecblo | 0 Comments
Filed under:

Black Hat: new operating systems security metric

At the Black Hat Security Conference currently taking place in Amsterdam, researchers from the Zurich ETH (Swiss Federal Institute of Technology) have reported a new model for determining the security of operating systems. They don't just count the number Read More...
Posted Thursday, April 03, 2008 1:37 PM by chsecblo | 0 Comments
 
Page view tracker