Wednesday, January 28, 2009

Around The Horn vol.1,23

Alerts

Jan 27, 2009 (18 hours ago)
Conficker - Re-Booted from Windows Embedded, (Tue, Jan 27th)

from SANS Internet Storm Center, InfoCON: green
Anyone with funny stories about Conficker infected Windows Embedded systems you can share please sub ...(more)...

Security News

9:22 PM (9 hours ago)
Microsoft Fixes Clickjacking in IE8

from CGISecurity - Website and Application Security News by Robert A.
"Microsoft has introduced a release client version of its latest browser, Internet Explorer 8 (IE8), and the new iteration of the application includes several security improvements, including a noteworthy attempt to address the emerging problem of clickjacking attacks. For those who don't recall, clickjacking is a relatively new technique -- first...

Jan 27, 2009 (17 hours ago)
Web Application Scanners Comparison

from CGISecurity - Website and Application Security News by Robert A.
anantasec posted a scanner comparison to the web security mailing list today. "In the past weeks, I've performed an evaluation/comparison of threepopular web vulnerability scanners.This evaluation was ordered by apenetration testing company that will remain anonymous. The vendorswere not contacted during or after the evaluation.The applications (web scanners) included in this...

Jan 27, 2009 (18 hours ago)
Isreali Government Utilized SEO To Control Criticism

from CGISecurity - Website and Application Security News by Robert A.
"In what may prove to be one of the ways global conflicts are fought in the 21st century, Israel used search engine optimization (SEO) to halt the online backlash it was receiving during the recent conflict in Gaza.As well as some search engine optimization work (SEO) done by a Texas company...

8:14 PM (10 hours ago)
ICANN freezes over fast flux fury

from The Register - Security
Botnet deadlock
The non-profit group that oversees the internet's address system is seeking the public's help in deciding what to do about the growing use of a technology known as fast flux, which is used by cybercriminals to thwart take-down efforts, but which can also be used for legitimate purposes as well.…

Jan 27, 2009 (14 hours ago)
Microsoft boasts 'out of box' IE8 clickjack protection

from The Register - Security
Imperfect solution to perfect storm
Analysis Microsoft has beefed up its latest Internet Explorer browser with an "out of the box" feature that it says will protect users against a serious class of attacks that allows maliciously controlled websites to manipulate the links visitors click on.…

Jan 27, 2009 (16 hours ago)
MyBarackObama profile hack punts malware

from The Register - Security
Inaugural Trojan
Virus authors are exploiting a website associated with President Barack Obama in order to distribute a Trojan.…

Jan 27, 2009 (20 hours ago)
Easy updates best for browser patching

from The Register - Security
Google and Swiss researchers prod insecure surfers
Easy update mechanisms have a far greater effect on browser patching than perceived threats or other factors, according to a new study by Google and Swiss academics.…

Jan 27, 2009 (23 hours ago)
Spammers target Twitter

from The Register - Security
Twammers will punish you for your inane burblings
After undermining the usefulness of email, turning newsgroups into a forum for promoting sex sites and filling blog comment sections with adverts for penis pill adverts and get rich quick schemes, spammers have set their sights on a new target - Twitter.…

Jan 27, 2009 (18 hours ago)
Kiwi finds US military secrets on 'MP3 player'

from The Register - Security
Will return, if asked
A New Zealand man has been declared the latest winner of find-the-USB-device-containing-classified-government-data hide-and-seek.…

5:12 AM (1 hour ago)
Encrypt USB Flash Disks for Free

from Network World on Security
I've got a desk full of USB flash disks that I'm prone to lose. I don't care too much about losing the hardware--most are small freebies from tradeshows. But I do care about the data. Here's how to use TrueCrypt to create an encrypted area on a drive. It's like buying a fancy, off-the-shelf, encrypted USB thumb drive, but with a little more hassle and less cost. Now my data stays protected even if lost.

5:12 AM (1 hour ago)
IE8's clickjacking fix not much help, experts say

from Network World on Security by Robert McMillan
New Microsoft technology designed to protect Internet Explorer users from a powerful new Web-based attack will not fix the problem, security experts said Tuesday.

5:12 AM (1 hour ago)
How to Beat Card Skimmer Scams, Other Money Drains

from Network World on Security
When you think of technology security scams, you think of dangers to your PC more often than dangers to your pocketbook.

5:12 AM (1 hour ago)
Businesses use NAC for something other than what it was designed for

from Network World on Security by Tim Greene
Few customers of network-access control use it for what it was intended, preferring instead to deploy the security technology to keep guests and contractors away from corporate production networks, according to a new report.


5:12 AM (1 hour ago)
The 7 dirty secrets of the security industry

from Network World on Security
Do you ever get the feeling your security providers are failing to tell you the whole truth? We entrust the industry to protect us from unacceptable risk. But we must confront the underlying truth: The goal of the security market is to make money.

5:12 AM (1 hour ago)
Cisco delivers security, storage and unified communications for small business

from Network World on Security by Jim Duffy
Cisco this week unveiled products specifically for small companies as part of its recently announced $100 million commitment to that business market.

Jan 27, 2009 (16 hours ago)
Security Firm Sees Alarming Rise in 'Transient' Threats

from Network World on Security
Anti-virus firm AVG Technologies says an alarming rise in the number of virus-laden sites that are here today and gone tomorrow is causing security experts to re-think traditional virus protection strategies.

Jan 27, 2009 (16 hours ago)
AVG notes rise in number of malicious Web sites

from Network World on Security
Web sites rigged with malicious code are becoming more numerous by the day, but the time those sites are online is declining, according to new research from security vendor AVG Technologies.

Jan 27, 2009 (16 hours ago)
Monster.com Breach: Evolution of a Disclosure Letter

from Network World on Security
When Monster.com suffered a data breach last year, two disclosure letters went out to customers -- one from Monster itself and another from US AJOBS, a federal employment organization that relied on Monster.com databases for its job listings. Though they covered the same breach, each letter was starkly different.

Jan 27, 2009 (16 hours ago)
ICANN ponders ways to stop scammy Web sites

from Network World on Security
The overseer of the Internet's addressing system is soliciting ideas for how to fix a problem that is enabling spammers and fraudulent Web sites to flourish.

5:12 AM (1 hour ago)
12 tips for managing your information footprint

from Network World on Security
When it comes to managing personal information online, most people are their own worst enemies. Many of us fail to adequately protect our personal data before it gets online, but once information makes its way to the Internet, it can be quickly replicated and is often difficult, if not impossible, to remove.

5:12 AM (1 hour ago)
Websense buys Defensio to keep user-generated content clean

from Network World on Security by Ellen Messmer
Websense is acquiring Defensio, whose technology defends against spam and malware posted as comments to blogs, user forums and social-networking sites.

5:12 AM (1 hour ago)
Coming soon: Full-disk encryption for all computer drives

from Network World on Security
The world's six largest computer drive makers Tuesday published the final specifications (download PDF) for a single, full-disk encryption standard that can be used across all hard disk drives, solid state drives (SSD) and encryption key management applications. Once enabled, any disk that uses the specification will be locked without a password -- and the password will be needed even before a computer boots.

4:04 AM (2 hours ago)
Independent Web Vulnerability Scanner Comparison - Acunetix WVS, IBM Rational AppScan & HP WebInspect

from Darknet - The Darkside by Darknet
I saw a relevant paper published today by an individual that claims the comparison was ordered by a penetration testing company (a company which remains unnamed). The vendors were not contacted during or after the evaluation. Testing Procedure The author tested 13 web applications (some of them containing a lot of vulnerabilities), 3 demo...

Jan 27, 2009 (19 hours ago)
Brief: Spam nears pre-McColo-shutdown levels

from SecurityFocus News
Spam nears pre-McColo-shutdown levels

Jan 27, 2009 (12 hours ago)
Online Privacy Advice for Kids

from PC World Latest Technology News
To stay safe online, teens should do as adults say -- not as they do.

Jan 27, 2009 (13 hours ago)
With Acquisition Websense to Silence Comment Spam

from PC World Latest Technology News
Websense has bought comment spam protection provider Defensio.

Jan 27, 2009 (16 hours ago)
What the Web Knows About You

from PC World Latest Technology News
What information is available about you in cybersapce? Where does it come from, and what risks does it present?

Jan 27, 2009 (17 hours ago)
How Secure Is Google Chrome?

from PC World Latest Technology News
Google's new open source Web browser is a frustrating blend of excellent security model and questionable decisions.

Jan 27, 2009 (17 hours ago)
New Apple Trojan Slays Adobe Pirates

from PC World Latest Technology News
The Trojan that was being distributed last week in pirated copies of Apple's iWork 09 program on BitTorrent has reappeared.

Jan 27, 2009 (17 hours ago)
Don't Bite That Apple, It's Full of Worms

from PC World Latest Technology News
Talk about kicking somebody when they're down.

Other News

9:43 PM (9 hours ago)
Google Delivers Offline Access for Gmail

from PC World Latest Technology News
Google will roll out a much-awaited ability to use Gmail without an Internet connection.

Jan 27, 2009 (14 hours ago)
Apple Releases IPhone Software 2.2.1

from PC World Latest Technology News
Apple on Tuesday released a software update for its iPhone and iPhone 3G devices.

-- Aurora Report says an hour of prevention each day, keeps the hackers at bay.

No comments:

Post a Comment

My Blog List