Friday, April 11th, 2008
Up to 80% of Web sites flagged as malicious by antivirus and search engine indexes are legitimate businesses, according to security experts.
Experts said while the security industry is on top of conventional spam and phishing attacks, more effort needs to be put into preventing and eliminating so-called drive-by-downloads.
The attacks allow ...
Posted in Internet, Security | No Comments
Wednesday, April 9th, 2008
Online malware attacks are becoming more pervasive, targeted, and refined as the underground threat economy continues to evolve and take on the characteristics of an organized industry.
The latest iteration of Symantec's Internet Security Threat Report -- covering its research over the final six months of calendar 2007 and released on ...
Posted in Internet, Privacy, Security | No Comments
Monday, April 7th, 2008
Hackers are using a new multiple-attack package composed of seven ActiveX exploits, many of them never seen in the wild before, said a security company on Friday.
Fewer than half of the flawed ActiveX controls have been patched.
The attack framework probes Windows PCs for vulnerable ActiveX controls from software vendors Microsoft, ...
Posted in Internet, Security, Windows | No Comments
Monday, April 7th, 2008
In the tiger team operations we have been involved with, I often end up hacking through the least interesting systems. If you ask AP, a password-cracking ninja and master of hacking through simplicity, the less interesting the system is, the higher the chances to be insecure. A successful exploitation of ...
Posted in Hardware, Security, Software | No Comments
Monday, April 7th, 2008
Recycling an old social engineering technique and using two different attack methods, a new spam run emerges as a threat to Web users before Microsoft’s Patch Tuesday. And not because it exploits soon-to-be named vulnerabilities.
What this spamming operation takes advantage of is the anticipation itself for the release of patches ...
Posted in Coding, Internet, Privacy, Security, Windows | No Comments
Thursday, April 3rd, 2008
New Additions
Target-Based support to allow rules to use an attribute table describing services running on various hosts on the network. Eliminates reliance on port-based rules.
Support for GRE encapsulation for both IPv4 & IPv6.
Support for IP over IP tunneling for both IPv4 & IPv6.
SSL preprocessor to allow ability to not inspect ...
Posted in Internet, Linux, Networking, Privacy, Security, Software, Windows | No Comments
Wednesday, April 2nd, 2008
A British security researcher has demonstrated a "biologging" system for intercepting biometric authentication data, warning that attacks on biometric systems could become relatively straightforward if current practices don't change.
Matthew Lewis, of London-based Information Risk Management, demonstrated a proof-of-concept biologger last week at Black Hat Amsterdam and released the tool's source ...
Posted in Hardware, Privacy, Security | No Comments
Wednesday, April 2nd, 2008
Injected iframes into legitimate sites are becoming more and more common these days. One of the latest targets is a Chinese government site at www.zhangzhu.gov.cn:
Please note that while the site adminstrators have been notified, the injected iframe is still present in the site at the time of this posting.
The iframe ...
Posted in Coding, Internet, Security | No Comments
Monday, March 31st, 2008
This page was designed to be PC Sympathy's One-Stop Source for protecting your PC, online and offline, from viruses and other malicious programs that you may encounter.
Each section below will provide you with the resources you need for various levels of protection. While there are many choices out there, ...
Posted in Uncategorized | No Comments
Monday, March 31st, 2008
A wave of April Fool's Day related Storm mails have just been sent out. Similar as the other times with a link that points to an IP address.
Posted in Coding, Internet, Privacy, Security | No Comments
