Meta
Archives
Categories
Category Archives: security
Microsoft Dumps Partner For Fake Support Call Scam
An anonymous reader writes “Microsoft has broken its relationship with one of its Gold Partners, after it discovered that the partner was involved in a scam involving bogus tech support calls. India-based Comantra is said to have cold-called computer u… Continue reading
Protecting a Laptop From Sophisticated Attacks
mike_cardwell sends in a detailed writeup of how he went about protecting a Ubuntu laptop from attacks of varying levels of sophistication, covering disk encryption, defense against cold boot attacks, and even simple smash-and-grabs. (He also acknowled… Continue reading
Apache Warns Web Server Admins of DoS Attack Tool
CWmike writes “Developers of the Apache open-source project warned users of the Web server software on Wednesday that a denial-of-service (DoS) tool is circulating that exploits a bug in the program. ‘Apache Killer’ showed up last Friday in a post to t… Continue reading
New Research Cracks AES Keys 3-5x Faster
Landing his first accepted submission, qpgmr writes “AES, generally thought to be the gold standard for encryption, is showing weaknesses. From Computerworld: ‘Researchers from Microsoft and the [Belgian] Katholieke Universiteit Leuven have discovered … Continue reading
Safe Browsing Tool | WOT (Web of Trust)
“The WOT add-on shows you which websites you can trust based on millions of users’ experiences.
Our safe surfing browser tool is easy-to-use, fast and completely free.” Continue reading
Posted in security, syndicated
Tagged bookmark, extension, Fraud, Scams, skepticism, syndicated
Comments Off
Daily Sony Hacking Occurs On Schedule
jjp9999 writes “LulzSec was compromised and a member of the group, Robert Cavanaugh, was arrested by the FBI on June 6. Meanwhile, LulzSec hacked Sony again, this time leaking the Sony Developer Network source code through file sharing websites.”
RSA SecurID breach linked to hacker attack on Lockheed Martin; other US military contractors may be affected
[F-35 Lightning II, also known as the Joint Strike Fighter (JSF), planes built by Lockheed Martin arrive at Edwards Air Force Base in California in this May 2010 photo. REUTERS/Tom Reynolds/Lockheed Martin]
This week, Lockheed Martin—the largest … Continue reading
Sony BMG Greece hacked, company’s security woes continue
It’s the security nightmare that just won’t end, and right now there’s got to be plenty of Sony executives beginning to wish someone would pinch them already. After taking quite a PR and financial beating over the PSN breach, now the Greek site of S… Continue reading
Posted in security, syndicated
Tagged attack, customer data, CustomerData, greece, hack, hacked, hacks, sony, Sony BMG, sony bmg greece, SonyBmg, SonyBmgGreece, syndicated
Comments Off
Sony hacked again, used to host phishing site
With Anonymous Denial of Service attacks and then the twin hacks of PlayStation Network and Sony Online Entertainment, Sony's online infrastructure has been taking a battering over the last few weeks—and it's not over y… Continue reading
France to require unhashed password storage
France’s new data retention law requires online service providers to retain databases of their users’ addresses, real names and passwords, and to supply these to police on demand. Leaving aside the risk of retaining all this personal information (ident… Continue reading
SSL certificate authorities put us all at risk by handing out certs for “mail” “webmail” and other unqualified domains
In the wake of the revelation that a major SSL certificate provider suffered a serious breach, Chris Palmer from the Electronic Frontier Foundation has analysis of the common practice of issuing certificates for unqualified domain names, such as “mail”… Continue reading
Posted in security, syndicated, technology
Tagged Action, Business, eff, ssl, syndicated
Comments Off
World’s largest spam botnet goes down (for now?)
Brian Krebs reports on the takedown of the command-and-control servers for Rustock, the largest and most successful spam botnet. The botnet’s output has fallen from thousands of spams per second to one or two spams per second:
It may yet be too soo… Continue reading
Posted in security, syndicated, technology
Tagged Action, botnet, Business, infosec, spam, syndicated
Comments Off
Amazon Security Flaw May Make Your Old Password Easy to Crack [Security]
It seems that if you haven’t changed your Amazon.com password in awhile and it’s more than eight characters, anything after the first eight characters doesn’t matter so much. For example, if your pass… Continue reading
Secunia Personal Software Inspector (PSI)
The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Continue reading
Amazon EC2 Enables Cheap Brute-Force Attacks
snydeq writes "German white-hat hacker Thomas Roth claims he can crack WPA-PSK-protected networks in six minutes using Amazon EC2 compute power — an attack that would cost him $1.68. The key? Amazon's new cluster GPU instances. 'GPUs are… Continue reading
Car immobilizers cracked due to crappy proprietary crypto
Karsten Nohl of Security Research Labs, a white-hat hacker, believes that a recent spike in car theft is due to a break in the car immobilizer security systems; thieves are able to re-mobilize the immobilized vehicles. My question is: how long until so… Continue reading
Posted in security, syndicated, technology
Tagged automotive, Business, copyfight, syndicated
Comments Off
Tiny Watcher: keep your Windows clean
The way Tiny Watcher works is pretty simple: basically, it starts by taking a snapshot of important parts of your Windows system; then it tracks changes (every time you log in, or whenever you want to). When a change is detected, you are notified. Continue reading
Posted in security, syndicated
Tagged bookmark, freeware, monitoring, software, syndicated, System, windows
Comments Off
Spammers Using Soft Hyphen To Hide Malicious URLs
Trailrunner7 writes with this excerpt from ThreatPost illustrating the ongoing Spy-vs.-Spy battle between spammers and the rest of us: “Spammers have jumped on the little-used soft hyphen (or SHY character) to fool URL filtering devices. According to r… Continue reading
Searching For Backdoors From Rogue IT Staff
WHiTe VaMPiRe writes “When IT staff are terminated under duress, there is often justification for a complete infrastructure audit to reduce future risk to a company. Here is an exploration of the steps necessary to maintain security.” Of course the fir… Continue reading
Your Password Should Be At Least 12 Random Characters Long to Be Safe [Security]
According to a study at Georgia Tech Research Institute, your password should be at least 12 random characters long (and include letters, numbers, and symbols) if you want to consider yourself safe from brute force password hacks. From M… Continue reading