Thursday, April 17th, 2008
The SANS Institute has uncovered what they've termed a "rare gem" as far as computer security investigations go that sheds new light on how up to 20,000 Web sites have been hacked since January.
They found a sneaky software tool that uses Google's search engine to hunt for Web sites running ...
Posted in Coding, Internet, Security, Software | No Comments
Wednesday, April 16th, 2008
For years, hackers have focused on finding bugs in computer software that give them unauthorised access to computer systems, but now there's another way to break in: hack the microprocessor.
Researchers at the University of Illinois at Urbana-Champaign demonstrated how they altered a computer chip to grant attackers back-door access to ...
Posted in Hardware, Privacy, Security | No Comments
Sunday, April 13th, 2008
Apple is quietly adding several key anti-hacker security features into its flagship QuickTime media player as part of a deliberate plan to reduce the effectiveness of malicious exploits.
The XPMs (exploit prevention mechanisms) have been fitted into the WIndows and Mac OS X versions of QuickTime 7.4.5, a new update that ...
Posted in Security, Software, Windows | No Comments
Saturday, April 12th, 2008
Threats against browsers are getting more sophisticated and branching out into such exotic areas as gaming, experts told attendees at the recent RSA Conference 2008.
New attacks from games and virtual-world Web sites can deliver bot-like control of browsers to attackers, said Ed Skoudis, a security consultant with Intelguardians, speaking at ...
Posted in Coding, Internet, Privacy, Security | No Comments
Friday, April 11th, 2008
Up to 80% of Web sites flagged as malicious by antivirus and search engine indexes are legitimate businesses, according to security experts.
Experts said while the security industry is on top of conventional spam and phishing attacks, more effort needs to be put into preventing and eliminating so-called drive-by-downloads.
The attacks allow ...
Posted in Internet, Security | No Comments
Wednesday, April 9th, 2008
Online malware attacks are becoming more pervasive, targeted, and refined as the underground threat economy continues to evolve and take on the characteristics of an organized industry.
The latest iteration of Symantec's Internet Security Threat Report -- covering its research over the final six months of calendar 2007 and released on ...
Posted in Internet, Privacy, Security | No Comments
Monday, April 7th, 2008
Hackers are using a new multiple-attack package composed of seven ActiveX exploits, many of them never seen in the wild before, said a security company on Friday.
Fewer than half of the flawed ActiveX controls have been patched.
The attack framework probes Windows PCs for vulnerable ActiveX controls from software vendors Microsoft, ...
Posted in Internet, Security, Windows | No Comments
Monday, April 7th, 2008
In the tiger team operations we have been involved with, I often end up hacking through the least interesting systems. If you ask AP, a password-cracking ninja and master of hacking through simplicity, the less interesting the system is, the higher the chances to be insecure. A successful exploitation of ...
Posted in Hardware, Security, Software | No Comments
Monday, April 7th, 2008
Recycling an old social engineering technique and using two different attack methods, a new spam run emerges as a threat to Web users before Microsoft’s Patch Tuesday. And not because it exploits soon-to-be named vulnerabilities.
What this spamming operation takes advantage of is the anticipation itself for the release of patches ...
Posted in Coding, Internet, Privacy, Security, Windows | No Comments
Thursday, April 3rd, 2008
New Additions
Target-Based support to allow rules to use an attribute table describing services running on various hosts on the network. Eliminates reliance on port-based rules.
Support for GRE encapsulation for both IPv4 & IPv6.
Support for IP over IP tunneling for both IPv4 & IPv6.
SSL preprocessor to allow ability to not inspect ...
Posted in Internet, Linux, Networking, Privacy, Security, Software, Windows | No Comments
