Wednesday, July 9th, 2008
US-CERT and other security experts have warned of a critical design problem affecting all DNS implementations. The Domain Name Service is responsible for converting readable names like www.heise-online.co.uk into the IP addresses that computers can handle, such as 193.99.144.85. DNS is thus the internet equivalent to a phonebook and without ...
Posted in Internet, Privacy, Security | No Comments
Wednesday, July 2nd, 2008
Internet Explorer's getting a little bit safer. Microsoft Wednesday unveiled significant new security features that will be in the next version of the company's Web browser, Internet Explorer 8, currently in public beta testing.
From Microsoft's standpoint, any improvement in security is a plus, and the company seems to be taking ...
Posted in Coding, Internet, Privacy, Security, Windows | No Comments
Friday, June 6th, 2008
Opera has beefed up security in its upcoming Web browser as it looks to challenge Firefox and Internet Explorer in the area of Web security.
Putting a bulls-eye on Web-based threats, the Opera has formed a partnership with Haute Secure, a Seattle-based security vendor founded in 2006, to protect users from ...
Posted in Internet, Privacy, Security | No Comments
Wednesday, June 4th, 2008
Recently Arshan Dabirsiaghi, Director of Research of Aspect Security, published a white paper entitled “Bypassing URL Authentication and Authorization with HTTP Verb Tampering”. Initially there was a lot of confusion about what exactly was being explained or claimed. Including, is it real? Is it novel? Is it dangerous? What is ...
Posted in Coding, Internet, Privacy, Security | No Comments
Tuesday, June 3rd, 2008
Trend Micro Monday announced a line of desktop and server security products intended for small to midsize businesses.
Worry-Free Business Security 5.0 represents a re-branding of Trend's SMB client/server messaging security product line plus upgrades that integrate features such as behavior-based antimalware monitoring and an option for in-the-cloud Web security services ...
Posted in Internet, Security, Software | No Comments
Wednesday, May 28th, 2008
I used to joke about the client that once told me their management mandated “double encryption” on all financial information after a breach. In their case, they were encrypting their database and backup tapes. Not that there isn’t a valid reason to encrypt databases and backup tapes, but the way ...
Posted in Security | No Comments
Wednesday, May 28th, 2008
Complexity is the enemy of security. Simple systems are inherently more secure than complex solutions. We see this idea validated again and again in security.
Unfortunately, our IT systems are getting more and more complex as we depend on technology to fuel business growth and innovation. But do we really need ...
Posted in General BS, Hardware, Internet, Linux, Networking, Privacy, Security, Software, Windows | No Comments
Saturday, May 24th, 2008
We’re proud to announce: Ad-Aware 2008 Free, Plus, and Pro versions are now available.
While we continue to offer a full-powered anti-spyware solution that is free of charge for personal home use, with this new release, there’s more reason than ever to boost your defenses with our Plus or Pro products. ...
Posted in General BS, Internet, Privacy, Security | No Comments
Tuesday, May 20th, 2008
Developers of the Firefox browser are designing new technologies aimed at protecting users from some of the nastiest and most prevalent forms of website attacks.
One protection is designed to minimize end users' risk to cross-site scripting (XSS) attacks and cross-site request forgeries (CSRFs), both of which subvert basic internet security ...
Posted in Coding, Internet, Privacy, Security | No Comments
Monday, May 19th, 2008
We have been noticing quite a few binaries lately that target Brazilian banks. While most tend to have the same behavior, we found a particular piece that actually encrypted most of its strings to slow down analysis. In this blog we analyze the decryption routine and write a decryption algorithm, ...
Posted in Internet, Security | No Comments
