Archive for the ‘Security’ Category
Wednesday, August 13th, 2008
IT security and control firm Sophos is reminding computer users to exercise diligence when checking their email in the wake of a new widespread wave of dangerous spam messages that claim to be breaking news alerts from MSNBC. Samples intercepted at SophosLabs, Sophos's global network of virus, spyware and spam ...
Posted in Internet, Privacy, Security | No Comments
Wednesday, August 13th, 2008
There are confirmed reports on a new version of the Gpcode ransomware being spread via a botnet.According to Vitaly Kamluk of Kaspersky Lab (my employer), the Trojan encrypts files on an infected machine (AES-256) and leaves a text file named crypted.txt with a ransom note demanding $10 to decrypt the ...
Posted in General BS, Internet, Networking, Privacy, Security, Windows | No Comments
Tuesday, August 12th, 2008
Google has released Keyczar, billed as a "Toolkit for safe and simple cryptography", under an Apache 2.0 open source licence. Keyczar has been developed by members of the Google security team and aims to make cryptography more accessible to application developers.Keyczar's design goals were to manage the complexity of cryptography ...
Posted in General BS, Internet, Linux, Networking, Privacy, Security, Software, Windows | No Comments
Monday, August 11th, 2008
Say hello to a new security tool called “Surf Jack” which demonstrates a security flaw found in many public sites. The proof of concept tool allows testers to steal session cookies on HTTP and HTTPS sites that do not set the Cookie secure flag. I’ve been working with two banks ...
Posted in Internet, Linux, Networking, Privacy, Security, Windows | No Comments
Sunday, August 10th, 2008
A security researcher at the Defcon hacker conference in Las Vegas on Saturday demonstrated a tool he built that allows attackers to break into your inbox even if you are accessing your Gmail over a persistent, encrypted session (using https:// versus http://).
When you log in to Gmail, Google's servers will ...
Posted in Internet, Privacy, Security | No Comments
Sunday, August 10th, 2008
Microsoft is to release fixes for a dozen serious vulnerabilities next Tuesday, seven of them ranked critical. But the firm has also announced a three-stage process to reducing the effects of future vulnerabilities.Next week’s update (the regular ‘Patch Tuesday’ release which comes in the second week of each month) includes ...
Posted in General BS, Security, Windows | No Comments
Sunday, August 10th, 2008
At the Black Hat conference in Las Vegas on Thursday, Eric Filiol, the head scientist at the French Army Signals Academy's Virology and Cryptology Lab, explained how to steal data from a computer without a network connection.Filiol demonstrated what he called the Windows Jingle Attack, a method for encoding a ...
Posted in General BS, Security, Windows | No Comments
Sunday, August 10th, 2008
The big security news of Summer 2008 has been Dan Kaminsky's discovery of a serious vulnerability in DNS. This vulnerability could allow an attacker to redirect network clients to alternate servers of his own choosing, presumably for ill ends.This all led to a mad dash to patch DNS servers worldwide, ...
Posted in Internet, Linux, Networking, Privacy, Security, Software, Windows | No Comments
Thursday, August 7th, 2008
Facebook users are being targeted by malicious hackers through postings on the popular Wall section of the social-networking site, security companySophos said Thursday.The Wall, a core feature of Facebook profile pages, is used by members to leave each other messages that in addition to text can also contain photos, videos, ...
Posted in Internet, Privacy, Security | No Comments
Thursday, August 7th, 2008
This week at the Black Hat Security Conference two security researchers will discuss their findings which could completely bring Windows Vista to its knees.Mark Dowd of IBM Internet Security Systems (ISS) and Alexander Sotirov, of VMware Inc. have discovered a technique that can be used to bypass all memory protection ...
Posted in Security, Windows | No Comments
