Archive for August, 2008
Friday, August 29th, 2008
ISR-evilgrade is a modular framework that allow us to take advantage of poor upgrade implementations by injecting fake updates and exploiting the system or software.
How does it work?
It works with modules, each module implements the structure needed to emulate a false update of specific applications/systems. Evilgrade needs the manipulation of ...
Posted in Internet, Networking, Privacy, Security, Software | No Comments
Thursday, August 28th, 2008
Everyone knows that some people get more spam than others, but new research shows that it may have something to do with the first letter of your email address.
Richard Clayton, a security researcher at the University of Cambridge in the U.K., says he found evidence that the more common the ...
Posted in Internet, Privacy, Security | No Comments
Thursday, August 28th, 2008
A pair of security researchers recently demonstrated that a theoretical attack possible against the internet’s most embedded infrastructure can, in fact, be very real.
The attack exploits normal behavior in the internet routing protocol BGP, which ISPs use to determine how best to route traffic destined for other parts of the ...
Posted in Hardware, Internet, Networking, Privacy, Security | No Comments
Wednesday, August 27th, 2008
The rumors were right: Internet Explorer 8 will have new privacy features akin to those in Apple Safari. What role should they play in the enterprise?
InPrivate Browsing ("Private Browsing" was already taken by Apple) lets the user control whether or not IE saves potentially privacy-related data, including cookies (all cookies ...
Posted in Internet, Privacy, Security, Windows | No Comments
Wednesday, August 27th, 2008
You're a smart, safety conscious iPhone user, right? You keep the phone set to require a 4-digit passcode every time it wakes up, so if you ever lose your baby, all your personal information is safe. But if you are running v2.0.2 of the iPhone operating system, you might as ...
Posted in General BS, Hardware, Internet, Privacy, Security | No Comments
Wednesday, August 27th, 2008
Do-it-all suites are the name of the security game these days. Sure, you can gather free programs that cover the bases much as a suite would, but who wants to bother with finding out which apps work together and which ones might leave you pulling your hair out?We do. And ...
Posted in Internet, Privacy, Security, Software | No Comments
Tuesday, August 26th, 2008
Researchers at Carnegie Mellon University have released an extension for Firefox 3 that can protect wireless network users from so-called "man-in-the-middle" attacks.
The software, dubbed "Perspectives," is available for download for free.
Perspectives also protects against attacks that exploit a recently exposed flaw in the DNS system, which translates Web addresses into ...
Posted in Internet, Networking, Privacy, Security | No Comments
Tuesday, August 26th, 2008
Criticize the people behind the Asprox botnet, and they take it personal—so much so that they will bombard you with malware, according to a report by SecureWorks.
The botnet, now at least 50,000-strong with bots, is sending out phishing e-mails posing as messages from banks in the United States and United ...
Posted in Internet, Privacy, Security | No Comments
Monday, August 25th, 2008
Secunia, the security services provider, has issued a security advisory about a vulnerability in Trend Micro's OfficeScan 8.0 and Worry-Free Business Security 5.0 that makes it easier for attackers to take control of the web management of those products. According to Secunia, the web-based configuration interface uses a pseudo-random token ...
Posted in Internet, Privacy, Security, Software | No Comments
Monday, August 25th, 2008
Traditionally, the area of information security has been purely defensive. Classic examples of the defensive mechanisms used in order to protect communication networks include firewalls, encryption and IDS (Intrusion Detection Systems). The strategy follows the classical security paradigm of "Protect, Detect and React.” In other words, try to protect the ...
Posted in Hardware, Internet, Networking, Privacy, Security | No Comments
