Archive for July, 2008
Thursday, July 31st, 2008
This is a pretty old issue, but this is an interesting new implementation of an old idea. Using your browser history and by matching your browsing habits the site attempts to guess your gender with a weighting system according to the gender demographics for a list of fairly popular sites.It’s ...
Posted in Internet, Privacy, Security | No Comments
Wednesday, July 30th, 2008
Ok, we have a confirmed instance where the DNS cache poisoning vulnerability was used to compromise a DNS server belonging to AT&T. This PCWorld article covers the incident. The original article makes it sound as though the Metasploit site was 'owned' by this incident when really the issue was ...
Posted in Internet, Privacy, Security | No Comments
Wednesday, July 30th, 2008
It’s déjà vu all over again. Whitelisting technology has enjoyed a resurgence of interest lately, with antivirus companies such as Symantec, McAfee, and Microsoft planning to add it to their blacklisting-based malware detection tools and some enterprises even dropping AV altogether in favor of whitelisting alone. All thanks to the ...
Posted in Internet, Privacy, Security, Software | No Comments
Wednesday, July 30th, 2008
Google’s webmailer Gmail has an apparently* new filter function named “Never send it to Spam”. Ticking this should ensure that a certain email – with criteria you define, like by entering your friend’s name in the “From” field – will not be accidentally sorted into the spam folder. It’s a ...
Posted in Internet, Privacy, Security | No Comments
Tuesday, July 29th, 2008
A recent study of Web browser installations showed that far too few are up to date with the latest security patches. And browsers aren't alone; as my dear old mum can attest, it can be hard to keep up with OS and application patches when all you want to do ...
Posted in Internet, Privacy, Security, Software | No Comments
Tuesday, July 29th, 2008
Cybercriminals increasingly are employing no-tech or low-tech techniques for making big money online -- no exploits or sophisticated hacker tools required.The techniques themselves aren’t new -- some have been around for nearly a decade. But the Web model has made these schemes that capitalize on so-called business logic flaws more ...
Posted in Internet, Privacy, Security | No Comments
Tuesday, July 29th, 2008
An Argentinian security researcher has published a security exploit toolkit targeting the update mechanisms of Java, Mac OS X, OpenOffice.org and other software, and relying on man-in-the-middle techniques such as those made possible by the recently disclosed DNS security hole.
The toolkit, ISR-Evilgrade 1.0, was released by Francisco Amato, a researcher ...
Posted in Internet, Networking, Privacy, Security, Software | No Comments
Tuesday, July 29th, 2008
AVG Technologies' virus scanner contains a DoS vulnerability that allows attackers to crash the scanner. The crash is caused by division by zero when processing UPX-packed files. The vendor has released update 8.0.156, which fixes the problem.Also in this version, the Search-Shield components do not scan web sites for malicious ...
Posted in Internet, Security, Software | No Comments
Tuesday, July 29th, 2008
Online bankers, beware. More than 75 percent of bank Web sites surveyed by a research team had at least one design flaw that could make customers vulnerable to cyber thieves.University of Michigan computer scientist Atul Prakash and his graduate students Laura Falk and Kevin Borders examined the Web sites of ...
Posted in Internet, Privacy, Security | No Comments
Tuesday, July 29th, 2008
New research by IT security and control firm Sophos has identified Blogger (www.blogspot.com) as the leading host for malware. The popular blogging service now accounts for 2 percent of all of the world's malware hosted on the web.
Attacks on Blogger involve hackers either setting up malicious blogs on the service, ...
Posted in Internet, Privacy, Security | No Comments
