Tuesday, July 29th, 2008
Cybercriminals increasingly are employing no-tech or low-tech techniques for making big money online -- no exploits or sophisticated hacker tools required.The techniques themselves aren’t new -- some have been around for nearly a decade. But the Web model has made these schemes that capitalize on so-called business logic flaws more ...
Posted in Internet, Privacy, Security | No Comments
Tuesday, July 29th, 2008
AVG Technologies' virus scanner contains a DoS vulnerability that allows attackers to crash the scanner. The crash is caused by division by zero when processing UPX-packed files. The vendor has released update 8.0.156, which fixes the problem.Also in this version, the Search-Shield components do not scan web sites for malicious ...
Posted in Internet, Security, Software | No Comments
Tuesday, July 29th, 2008
Online bankers, beware. More than 75 percent of bank Web sites surveyed by a research team had at least one design flaw that could make customers vulnerable to cyber thieves.University of Michigan computer scientist Atul Prakash and his graduate students Laura Falk and Kevin Borders examined the Web sites of ...
Posted in Internet, Privacy, Security | No Comments
Friday, July 25th, 2008
The Web became a substantially more dangerous place this week, thanks largely to the publication of instructions that show cyber criminals how to exploit a pervasive, critical flaw in the Internet infrastructure.While Internet service providers and corporations can mitigate the danger by updating the software that powers vulnerable components of ...
Posted in Internet, Privacy, Security | No Comments
Wednesday, July 23rd, 2008
One day after a security company accidentally posted details of a serious flaw in the Internet's Domain Name System (DNS), hackers are saying that software that exploits this flaw is sure to pop up soon.Several hackers are almost certainly already developing attack code for the bug, and it will most ...
Posted in Internet, Linux, Security, Software, Windows | No Comments
Tuesday, July 22nd, 2008
The bug has to do with the way DNS clients and servers obtain information from other DNS servers on the Internet. When the DNS software does not know the numerical IP (Internet Protocol) address of a computer, it asks another DNS server for this information. With cache poisoning, the attacker ...
Posted in Internet, Security | No Comments
Thursday, July 17th, 2008
A glitch in a test version of Facebook's Web site inadvertently exposed the birthdays of Facebook's 80 million members this week.
The bug was discovered over the weekend by Graham Cluley, a senior technology consultant at Sophos. While checking out Facebook's new design, Cluley noticed that the birth dates of some ...
Posted in Internet, Privacy | No Comments
Wednesday, July 16th, 2008
Crafted Portable Document Format files can allow an attacker to gain control of a BlackBerry server. According to a security advisory from BlackBerry vendor RIM, the bug is in the PDF Distiller component of the Attachment Service, which runs on the server and prepares PDF email attachments for display on ...
Posted in Internet, Networking, Privacy, Security, Software | No Comments
Tuesday, July 15th, 2008
Ever wondered what name is behind some obscure gmail address? Maybe your preferred gmail address was taken and you’re wondering who took it?
Here’s a cute vulnerability in the gmail system that comes from the strong tie-ins between gmail, the google calendar and all the other services.
Source:
http://blogs.securiteam.com/index.php/archives/1113
Posted in Internet, Privacy, Security, Software | No Comments
Friday, July 11th, 2008
Antivirus software vendor Sophos has reported the discovery of a DoS vulnerability in some of its products. According to the security advisory, specially crafted attachments to emails can bring down Sophos E-mail Appliance, Pure Message for UNIX and Sophos Anti-Virus Interface (SAVI). For the attack to succeed, the MIME attachment ...
Posted in Internet, Security, Software | No Comments
