Alerts
Jan 23, 2009 (13 hours ago)
Monster.com and USAJobs.gov's databases compromised, (Fri, Jan 23rd)
from SANS Internet Storm Center, InfoCON: green
We got a tip from a reader (thanks David!), that apparently Monster.com's database and USAJobs ...(more)...
Security News
9:35 PM (10 hours ago)
Top 10 Mistakes When Crafting a Security RFP, (Fri, Jan 9th)
from SANS Internet Storm Center, InfoCON: green
Creating RFPs for security solutions and processing the responses is not an easy task. Having respon ...(more)...
10:14 PM (9 hours ago)
Monster.com: yet another breach
from CGISecurity - Website and Application Security News by Romain Gaucher
Monster.com has recently experienced yet another breach. "As is the case with many companies that maintain large databases of information, Monster is the target of illegal attempts to access and extract information from its database. We recently learned our database was illegally accessed and certain contact and account data were taken,...
Jan 23, 2009 (20 hours ago)
Pay to install free software
from McAfee Avert Labs by Oliver Devane
I was dealing with customer escalations the other day and came across this interesting sample. If you believe the filename install_wrar380.exe it would install WinRar on your system, for some reason I didn’t believe it .
9:14 PM (10 hours ago)
Monster.com suffers database breach deja vu
from The Register - Security
Millions (more) at risk
For the second time in 18 months, employment search site Monster.com has lost a wealth of personal data belonging to millions of job seekers after its database was illegally accessed.…
Jan 23, 2009 (15 hours ago)
BOFH-loving botmaster wants life as security consultant
from The Register - Security
Feds want him in prison
An American security consultant who stole hundreds of thousands of online bank passwords by employing a massive botnet that he often administered from work deserves at least five years in prison, prosecutors have told a federal judge.…
Jan 23, 2009 (20 hours ago)
TJX closes book on infamous security breach with sale
from The Register - Security
Everything must go
TJX, the discount retailer that was the target of one of the largest information security breaches on record, rewarded customers with a a special sale offering 15 per cent discounts in all its US and Canadian stores on Thursday.…
Jan 23, 2009 (19 hours ago)
Judges grant McKinnon extradition review
from The Register - Security
Gimme shelter
Judges have granted a review of the Home Secretary's decision to continue with extradition proceedings against Pentagon hacker Gary McKinnon.…
Jan 23, 2009 (23 hours ago)
Countdown to Conficker activation begins
from The Register - Security
A superbotnet will rise
Security watchers are bracing themselves to respond to the activitation of the huge botnet created by the Conficker superworm.…
4:58 AM (2 hours ago)
Monster.com reports theft of user data
from Network World on Security
Monster.com is advising its users to change their passwords after data including e-mail addresses, names and phone numbers were stolen from its database.
4:58 AM (2 hours ago)
Conficker hitting hardest in Asia, Latin America
from Network World on Security by Robert McMillan
Computer networks in Asia and Latin America are the most susceptible to a fast-spreading computer worm, which has infected between 6 million and 9 million PCs worldwide, security experts said.
4:58 AM (2 hours ago)
VeriSign buys Certicom after RIM withdraws bid
from Network World on Security
VeriSign said it plans to buy Certicom, just three days after Research In Motion's hostile bid for the security company unraveled.
4:58 AM (2 hours ago)
Fortinet: Holiday season saw spike in Trojan activity, spam
from Network World on Security
The year-end holiday season saw a surge in Trojan activity and spam worldwide, according to network security provider Fortinet.
4:58 AM (2 hours ago)
Gemalto warns against dangerous IT security complacency
from Network World on Security
Digital security firm Gemalto has warned of the risks of the common complacency, across the Asia Pacific, about internet security, despite it being a 'hot region for phishing attacks'.
4:58 AM (2 hours ago)
Social networking sites a hotbed for cyber crime
from Network World on Security
The distribution of malware on social networking sites first occurred in small amounts towards the end of 2007, but that trend appears to be on the rise.
4:58 AM (2 hours ago)
Digital security firm announces Asia expansion
from Network World on Security
Gemalto provides telecommunications, financial services, eGovernment identity and access management, plus IT security and mass transit systems for more than one billion people worldwide. In Singapore, the firm has some 1,000 employees, with 160 engineers engaged in research and development. MIS Asia editor Ross O. Storey, spoke to Ng Fook Seng, Gemalto's Senior Vice-President, Security Business Asia, about the firm's Asia plans.
4:58 AM (2 hours ago)
Downadup/Conflicker worm: When will the next shoe fall?
from Network World on Security by Ellen Messmer
The Downadup worm—also called Conflicker—has now infected an estimated 10 million PCs worldwide, and security experts say they expect to see a dangerous second-stage payload dropped soon.
Jan 23, 2009 (14 hours ago)
Heartland tries to rally industry in wake of data breach
from Network World on Security by Ellen Messmer
The CEO of Heartland Payment Systems is calling for the card payments industry to share security information and consider end-to-end encryption.
4:58 AM (2 hours ago)
Compensation, Data Center Budgets, Social Spammers and More
from Network World on Security
A Call to Tie Pay to Risk
Jan 23, 2009 (14 hours ago)
Researchers wait for Downadup worm's second act
from Network World on Security
The worm that's infected millions of Windows PCs is a "very well-engineered" piece of malware, according to one security expert. But researchers still have no clear idea what the hackers plan to do with the collection of computers they've compromised with "Downadup."
Jan 23, 2009 (14 hours ago)
Amazon cloud could be security hole
from Network World on Security
Cloud services are now vulnerable to malicious use, a security company has suggested, after a techie worked out how Amazon's EC2 service could be used as a BitTorrent file harvester and host.
Jan 23, 2009 (14 hours ago)
F-Secure Internet Security 2009
from Network World on Security
F-Secure Internet Security 2009 (US$60 for three users as of 12/23/08) ranked an unimpressive seventh out of the group of nine in "Paying for Protection," our 2009 roundup of security suites. It started with middling malware detection, and then it slipped further due to its generally slow scan speed and its lack of extra features, such as backup and antiphishing. The suite's reasonably intuitive and easy-to-use interface, as well as its useful startup wizard, weren't enough to outweigh its faults.
Jan 23, 2009 (14 hours ago)
Kaspersky Internet Security 2009
from Network World on Security
Kaspersky Internet Security 2009 was the most expensive security package we tested for "Paying for Protection," our 2009 roundup of nine security suites (US$80 for three users as of 12/23/08). That cost might be justified if the package delivered top-notch performance and a smooth user experience--but it doesn't. Its overall malware-detection rate was below average, and the suite proved aggravating to use in several different scenarios.
Jan 23, 2009 (14 hours ago)
Webroot Internet Security Essentials
from Network World on Security
Webroot's Internet Security Essentials (US$60 for three users as of 12/23/08) marks the antispyware company's first foray into security suites. This patchwork suite brings together an antivirus scanner from Sophos, a firewall from Privacyware, and online backup using Webroot's own servers. But it lacks parental controls, antispam, and browser-based antiphishing capabilities, and it fared poorly at the core task of identifying malicious software.
Jan 23, 2009 (14 hours ago)
Avira Premium Security Suite 8.2
from Network World on Security
Avira Premium Security Suite (US$54 for one user as of 12/23/08) excels where it counts. This package beat the competition in "Paying for Protection," our 2009 roundup of nine security suites, in detection tests, continuing Avira's long history of strong performance in such tests.
Jan 23, 2009 (14 hours ago)
McAfee Internet Security Suite 2009
from Network World on Security
McAfee Internet Security Suite 2009 (US$60 for three users as of 12/23/08) landed smack dab in the middle of the rankings for "Paying for Protection," our 2009 roundup of security suites, ranking fifth out of the nine tested products. The 2009 version features Artemis, a new Internet-based malware detection feature. Offsetting Artemis and McAfee's otherwise generally good malware detection rate, however, were its slow scanning speed, its interface annoyances, and its very poor performance in proactive, behavioral detection tests.
Jan 23, 2009 (14 hours ago)
Trend Micro Internet Security Pro 2009
from Network World on Security
Trend Micro Internet Security Pro 2009 (US$70 for three users as of 12/24/08) fails badly at any security suite's most important task: Identifying malware before it can attack your PC. In tests for "Paying for Protection," our 2009 roundup of nine security suites, Trend Micro's newest offering didn't just come in last place in that crucial category--its dismal 69.3 percent detection rate was a full 20 percentage points behind the next worst competitor. In AV-Test.org's tests, which put each suite up against a huge array of bots, password stealers, and other malware, top performers tagged about 99 percent of the 654,914 samples--but Trend Micro's package let three out of every ten pieces of malicious software go by untouched. That just doesn't cut it for security software.
Jan 23, 2009 (14 hours ago)
Panda Internet Security 2009 Security Software
from Network World on Security
Panda Internet Security 2009 boasts an extensive feature set and an easy-to-use interface, both of which helped it attain a third-place finish in "Paying for Protection," our 2009 roundup of security suites, after Norton Internet Security 2009 and BitDefender Internet Security 2009. But its ability to block malicious software didn't rank as well, and the suite had some genuine difficulty dealing with some especially nasty malware, despite its new Internet-based scanning feature.
Jan 23, 2009 (20 hours ago)
Brief: Obama pledges better cybersecurity, top advisor
from SecurityFocus News
Obama pledges better cybersecurity, top advisor
Jan 23, 2009 (23 hours ago)
“Physicalized” servers may offer virtualization alternative
from Ars Technica by jhruska@arstechnica.com (Joel Hruska)
Server virtualization has become increasingly popular in recent years as a way of improving data center efficiency and lowering IT costs. There are alternatives, however, including what one company is referring to as physicalization.
10:06 PM (9 hours ago)
Monster.com Reports Theft of User Data
from PC World Latest Technology News
Monster.com revealed that information including user e-mails has been stolen from its database.
10:06 PM (9 hours ago)
Conficker Hitting Hardest in Asia, Latin America
from PC World Latest Technology News
Asia and Latin America have been hardest hit by the Conficker worm, security experts say.
Jan 23, 2009 (13 hours ago)
Study: Spam Is Getting More Malicious
from PC World Latest Technology News
Sophos study confirms that, beyond being a major annoyance, spam is even more malicious than ever.
Jan 23, 2009 (13 hours ago)
Mac BitTorrent Users Warned of Trojan
from PC World Latest Technology News
Pirated copies of Apple's iWork 09 software include a most unpleasant surprise.
Jan 23, 2009 (19 hours ago)
Security Software Makers Respond to IWork Trojan Threat
from PC World Latest Technology News
Following Intego's announcement Thursday that pirated copies of iWork '09 may contain a trojan horse, Symantec and...
-- Aurora Report says Monster, Conficker, Cyberczar, and internet security suites reviewed as Mac exposed as virus target too.
Subscribe to:
Post Comments (Atom)
My Blog List
-
-
Oxford Uni student data pwned yet again - this time via career platform breach - Totally different attack from the break-in last month. Oh so that's OK then1 day ago
-
Hackers Used Meta’s AI Support Bot to Seize Instagram Accounts - The Instagram accounts for the Obama White House and the Chief Master Sergeant of the U.S. Space Force were briefly defaced with pro-Iranian images and mes...6 days ago
-
Mandiant Global Median Dwell Time Deteriorates from 11 to 14 Days - Oh snap. My single most important cybersecurity metric deteriorated again. In the M-Trends report for calendar year 2024, Mandiant’s global median dwe...
2 months ago -
MSSQLand – Lightweight MS-SQL Interaction Tool for Lateral Movement and Post-Exploitation - MSSQLand enables red teams to interact with MS-SQL servers and linked instances in restricted environments without complex T-SQL queries. Assembly-ready to...2 months ago
-
Today's NYT Mini Crossword Answers for Tuesday, Oct. 7 - Here are the answers for The New York Times Mini Crossword for Oct. 7.
8 months ago -
Today's NYT Mini Crossword Answers for Tuesday, Oct. 7 - Here are the answers for The New York Times Mini Crossword for Oct. 7.
8 months ago
-
Announcing SecTemplates.com release #6: Security Partner Program Pack v1 - I have built several security partner programs at companies such as Box Inc. and Coinbase, with over 8 years of experience leading them. I have consistentl...1 year ago
-
Anybody knows that this URL is about? Maybe Balena API request?, (Wed, Feb 7th) - Yesterday, I noticed a new URL in our honeypots: /v5/device/heartbeat. But I have no idea what this URL may be associated with. Based on some googleing, I ...2 years ago
-
Comic for March 12, 2023 - Dilbert readers - Please visit Dilbert.com to read this feature. Due to changes with our feeds, we are now making this RSS feed a link to Dilbert.com.3 years ago
-
87% of Container Images in Production Have Critical or High-Severity Vulnerabilities - At the inaugural CloudNativeSecurityCon, DevSecOps practitioners discussed how to shore up the software supply chain.3 years ago
-
Vulnerability Summary for the Week of November 29, 2021 - Original release date: December 6, 2021 High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info abb -- rtu50...4 years ago
-
AA21-336A: APT Actors Exploiting CVE-2021-44077 in Zoho ManageEngine ServiceDesk Plus - Original release date: December 2, 2021 Summary *This joint Cybersecurity Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (AT...4 years ago
-
Ransomware: Why one city chose to the pay the ransom after falling victim - Posted by InfoSec News on Aug 12 https://www.zdnet.com/article/ransomware-why-one-city-chose-to-the-pay-the-ransom-after-falling-victim/ By Danny Palmer Z...5 years ago
-
What the newly released Checkra1n jailbreak means for iDevice security - There are reasons to embrace it. There are reasons to be wary of it. Here's the breakdown.6 years ago
-
Privacy and Mobile Device Apps - Original release date: July 9, 2019 | Last revised: November 15, 2019 What are the risks associated with mobile device apps? Applications (apps) on your sm...6 years ago
-
44CON 2018 - 12th-14th September, London (UK) - Posted by Steve on Feb 28 44CON 2018 is the UK's best annual Security Conference and Training event. The conference spans 2.5 days with training on the 1...8 years ago
-
Cryptopp Crypto++ 5.6.4 octets Remote Code Execution Vulnerability - Crypto++ (aka cryptopp and libcrypto++) 5.6.4 contained a bug in its ASN.1 BER decoding routine. The library will allocate a memory block based on the leng...8 years ago
-
V2V Communications security considerations - The future of vehicles, road infrastructure and driving are changing. We are progressing with vehicle-to-vehicle (V2V) and vehicle-to-infrastructure (V2I) ...9 years ago
-
vTech – ignorance is no defence (and neither are weasel words) - This morning, Troy Hunt published a blog post alerting to a recent change in the Terms & Conditions published by children’s toy manufacturer vTech. The cha...10 years ago
-
DOJ probing claims U.S. drug agency 'collaborated' with NSA on intelligence - The U.S. Justice Dept. said it was "looking into the issues" raised by an Reuters story, that one of its law enforcement agencies collaborated with the NSA...12 years ago
-
-
-
-
-
-
-
-
-
Posts
No comments:
Post a Comment