Monday, May 12th, 2008
It happens to everyone. You have so many usernames and passwords that you can't remember them all. Fortunately, Facebook, Gmail, and about a billion other online services have a "forgot password" link. Just click it and the web service will either email your password to you or allow you to ...
Posted in Linux, Privacy, Security, Software | No Comments
Friday, May 9th, 2008
The Internet Crime Complaint Center (IC3) on Thursday issued a warning about a phishing campaign designed to steal personal information from consumers using the promise of a tax rebate check as bait.IC3 is jointly run by the Federal Bureau of Investigation, the National White Collar Crime Center, and the Bureau ...
Posted in General BS, Privacy, Security | No Comments
Thursday, May 8th, 2008
It takes the average attacker less than 10 seconds to hack in and out of a database -- hardly enough time for the database administrator even notice the intruder. So it’s no surprise that many database attacks go unnoticed by organizations until long after the data has been compromised.
And surprisingly, ...
Posted in Internet, Security | No Comments
Friday, May 2nd, 2008
IronKey Inc., maker of the world's most secure flash drive, announced today availability of the
8GB-capacity of its IronKey secure USB devices. IronKey brings unprecedented mobile data convenience and security to individuals and organizations with its rugged, waterproof and tamper resistant USB drives that include always-on hardware encryption, strong authentication, portable ...
Posted in Hardware, Privacy, Security | No Comments
Thursday, May 1st, 2008
The fundamental problem with two factor (2FA) session authentication is that the approach is vulnerable to Man in the Middle and Man in the Browser attacks. 2FA requires that customers present not only a password (something they know) when they log into online banking, but also demonstrate that they possess ...
Posted in Internet, Privacy, Security | No Comments
Tuesday, April 29th, 2008
It's long been assumed that Microsoft has built in various "backdoors" for law enforcement to get around its own security, but now reader Kevin Stapp writes in to let us know that the company has also been literally handing out the keys to law enforcement. Apparently, they're giving out special ...
Posted in Hardware, Privacy, Security, Windows | No Comments
Tuesday, April 29th, 2008
The latest versions of fgdump and pwdump have been released by the foofus.net team. Looks like the most important change is that both tools support 64-bit targets. Here is the official announcement:
"The foofus.net team is pleased to announce updates to both fgdump (2.0.0) and pwdump (1.7.1), which incorporate a number ...
Posted in Coding, Linux, Privacy, Security | No Comments
Monday, April 28th, 2008
The notorious Rock Phish gang has added a new twist to its phishing exploits that doesn’t require its victim to visit a malicious Website -- instead, it just loads a malicious keylogging Trojan onto the victim’s machine that steals information or credentials.
Both Trend Microand F-Secure over the past few days ...
Posted in Internet, Privacy, Security | No Comments
Saturday, April 26th, 2008
It works seamlessly with any hardware and operating system combination supporting USB keyboards such as Windows, MacOS, Linux and others. The Key generates and sends unique time-variant authentication codes by emulating keystrokes through the standard keyboard interface. The computer to which the Key is attached receives this authentication code character ...
Posted in Hardware, Privacy, Security | No Comments
Saturday, April 26th, 2008
WordPress 2.5.1 came out recently. It includes a critical security fix for a cookie integrity bug that would allow an attacker to impersonate other users, including WordPress admins, by manipulating the contents of an HTTP cookie. Whenever I read about a vulnerability predicated on the user identity being embedded ...
Posted in Coding, Internet, Privacy, Security, Software | 1 Comment
