Search
Archives
- May 2012
- April 2012
- March 2012
- February 2012
- January 2012
- December 2011
- November 2011
- October 2011
- September 2011
- August 2011
- July 2011
- June 2011
- May 2011
- April 2011
- March 2011
- February 2011
- January 2011
- December 2010
- November 2010
- October 2010
- September 2010
- August 2010
- July 2010
- June 2010
- May 2010
- April 2010
- March 2010
- February 2010
- January 2010
- December 2009
- November 2009
- October 2009
- September 2009
- August 2009
- July 2009
- June 2009
- May 2009
- April 2009
- March 2009
- February 2009
- January 2009
- December 2008
- November 2008
- October 2008
- September 2008
- August 2008
- July 2008
- June 2008
- May 2008
- April 2008
- March 2008
- February 2008
- January 2008
- December 2007
- November 2007
- October 2007
- September 2007
- August 2007
- July 2007
- June 2007
- May 2007
- April 2007
- March 2007
- February 2007
- January 2007
- December 2006
- November 2006
- October 2006
- August 2006
- July 2006
- June 2006
- May 2006
- March 2006
- February 2006
- January 2006
Partners
Tag Archives: security
Plug-ins should check for updates
Jon Kibler, a security guru, posted an e-mail to the “DShield mailing list”:http://lists.dshield.org/mailman/listinfo/list. He did such a good job making an important point that I requested his permission to repost part of his e-mail. He graciously agreed. bq. The Adobe … Continue reading
Tagged security, stopbadware
Comments Off
Scammers Aiming Straight for the Money
Targeted “spear phishing”:http://www.wordspy.com/words/spear-phishing.asp campaigns are using money to lure victims. Brian Krebs “blogged”:http://blog.washingtonpost.com/securityfix/2008/06/beware_of_error_messages_at_ba_1.html this week about a two part spear-phishing attack targeting small and medium sized businesses. The attack focuses on gaining access to circumnavigating two-part authentication used in banking … Continue reading
Safari Security Questioned; SBW Encourages Action
You may recall that StopBadware.org recently “played a role”:http://blogs.stopbadware.org/articles/2008/04/17/apple-responds-to-community-concerns in successfully encouraging Apple to improve its disclosure in pushing the Safari web browser to users through its Apple Software Update application. Now, Nitesh Dhanjani, a security researcher, “writes”:http://www.oreillynet.com/onlamp/blog/2008/05/safari_carpet_bomb.html about his … Continue reading
Drive-By-Download Follows on Heels of Fake Media Download
Over the last several weeks, users downloaded more than they were bargaining for from several P2P networks. “TechNewsWorld”:http://www.technewsworld.com/story/Trojan-Infected-MP3s-Have-PC-Users-Singing-the-Blues-62936.html?welcome=1210700213 reported on “McAfee’s Avert Labs”:http://www.mcAfee.com that more than 500,000 computers have been infected. Users download a faux-mp3 file from a legitimate music … Continue reading
Zango vs Kaspersky Gains Broad Range of Interest
Brian Krebs “blogged yesterday”:http://blog.washingtonpost.com/securityfix/2008/05/tech_groups_back_kaspersky_in.html about a broad coalition of technology groups supporting Kaspersky, an internet security company, during its legal fight with Zango. Krebs writes that in May 2007 Zango sued Kaspersky “charging that the company interfered with its business” … Continue reading
Tagged adware, kaspersky, litigation, security, zango
Comments Off
Whose side is your hardware on?
In a paper titled “Designing and implementing malicious hardware”:http://www.usenix.org/event/leet08/tech/full_papers/king/king_html/ a team from University of Illinios Urbana (Samuel T. King, Joseph Tucek, Anthony Cozzie, Chris Grier, Weihang Jiang, and Yuanyuan Zhou) delved into the possiblity of malicious curcuits being used to … Continue reading
Advertising Practices Endanger Internet Users
Several major ISPs are substituting ad pages for the error messages normally displayed when users navigate to non-existing subdomains. Ryan Singel “writes in Wired”:http://blog.wired.com/27bstroke6/2008/04/isps-error-page.html that: bq. “The rub comes when a user is asking for a nonexistent subdomain of a … Continue reading
Tagged isp, security, stopbadware, subdomain
Comments Off
Important WordPress security update
From the official “WordPress.org blog”:http://wordpress.org/development/2008/04/wordpress-251/: bq. Version 2.5.1 of WordPress is now available. It includes a number of bug fixes, performance enhancements, and one very important security fix. We recommend everyone update immediately, particularly if your blog has open registration. … Continue reading
Two Interesting Security Challenges
Two noteworthy exploits have surfaced recently. This blog post will cover: _first_ a server-based attack-tool and _second_ the discovery of a now-patched vulnerability in Flash. *First:* Tornado, a web-based exploit tool, can exploit more than a dozen browser vulnerabilities. ITNews … Continue reading
Rock Phish Adds a Trojan to Arsenal
Earlier this week, “RSA”:http://www.rsa.com/ issued a warning that Rock Phish has updated their “attack methods”:http://www.darkreading.com/document.asp?doc_id=151558&WT.svl=wire_2. Dark Reading “writes”:http://www.darkreading.com/document.asp?doc_id=151558&WT.svl=wire_2 “Rock Phish attacks are estimated to account for more than 50% of phishing attacks world-wide and to be responsible for the theft … Continue reading
Tagged phishing, security, stopbadware, trojan
Comments Off
