Cisco Security Advisory: Cisco IOS Secure Shell Denial of Service Vulnerabilities 21-May-200816:00 GMT
It seems like hte Cisco alerts may stem from this alert:
Debian/Ubuntu OpenSSL Random Number Generator VulnerabilityMay 16, 2008
Facebook security snafu could compromise accounts
Speed is of essence for next-generation Symantec products
Symantec pins blame for XP SP3 registry corruption on Microsoft
Thieves troll for execs with new Tax Court phish scam
From http://www.ustaxcourt.gov/:
"NOTICE: The United States Tax Court has received many telephone calls regarding an e-mail which purports to originate from the Court being sent by a member of the Tax Court's practitioner bar. This message is an example of "Spear Phishing", which is an e-mail spoofing attempt that targets a specific organization. The Tax Court is not disseminating any e-mail notice to anyone who currently has a case before this Court. If you receive an e-mail with a subject line that includes the text, "Notice of Deficiency #" followed by a series of numbers or "US Tax Petition", along with a malformed docket number following the format #000-000, and a sender address of noreply@ustaxcourt.org, complaints@ustaxcourt.org, or notice@ustaxcourt.org, please ignore/delete the e-mail and do not click any link within the e-mail message."
ID fraud-prevention firm LifeLock hit with customer lawsuits
Not news per se, but good background info:
Data Breach Notification Laws, State By State
FBI Seeks Access to Mobile Phone locationsFBI Seeks Access to Mobile Phone locations, New York Times, July 17, 1998 (registration required).
Posted by EPIC on May 18, 2008.Permanent link to this item.
http://blog.siteadvisor.com/
May 20, 2008
Hey. How come Yahoo! search looks different today?
Posted by Shane Keats at 10:04 AM
For millions of Yahoo! users, their search experience is now a little different. Alongside their regular Yahoo! search results, they may encounter a new piece of information – the site’s risk rating!
We recently announced that McAfee and Yahoo! have partnered to launch Yahoo! SearchScan Beta Powered by McAfee, the Web’s first search engine to incorporate such site safety ratings.
Surveillance in China
Great article from Rolling Stone.
Posted on May 22, 2008 at 06:35 AM • 20 Comments •
View Blog Reactions
...
Now, as China prepares to showcase its economic advances during the upcoming Olympics in Beijing, Shenzhen is once again serving as a laboratory, a testing ground for the next phase of this vast social experiment. Over the past two years, some 200,000 surveillance cameras have been installed throughout the city. Many are in public spaces, disguised as lampposts. The closed-circuit TV cameras will soon be connected to a single, nationwide network, an all-seeing system that will be capable of tracking and identifying anyone who comes within its range — a project driven in part by U.S. technology and investment. Over the next three years, Chinese security executives predict they will install as many as 2 million CCTVs in Shenzhen, which would make it the most watched city in the world. (Security-crazy London boasts only half a million surveillance cameras.)
BlackBerry Giving Encryption Keys to Indian Government
RIM encrypts e-mail between BlackBerry devices and the server the server with 256-bit AES encryption. The Indian government doesn't like this at all; they want to snoop on the data. RIM's response was basically: That's not possible. The Indian government's counter was: Then we'll ban BlackBerries. After months of threats, it looks like RIM is giving in to Indian demands and handing over the encryption keys.
Posted on May 21, 2008 at 02:09 PM • 33 Comments •
View Blog Reactions
Trillian Multiple Vulnerabilities - Highly critical - From remoteIssued 1 day ago. Some vulnerabilities have been reported in Trillian, which can be exploited by malicious people to compromise a user's system.
International effort breaks up card-fraud ring News Brief, 2008-05-22U.S. law enforcement cooperates with authorities in Romania and other countries to charge 33 people with creating counterfeit debit and credit cards using information phished from victims.
Gov't shows slow progress on system securityNews Brief, 2008-05-21Federal agencies score a 'C' in complying with information-security rules, a slight increase, but nine of twenty-four agencies are failing.
With the US and other G8 countries trying to outlaw The Pirate Bay and its ilk, an anonymous reader suggests that a solution may have emerged out of Cornell University. A new open-source project called Cubit is an Azureus plugin that provides decentralized approximate keyword search of torrents in the network.
Big Brother is watching: companies snoop e-mail to combat leaks
A survey conducted by Forrester Research indicates that a large number of businesses fear e-mail leaks and responding by instituting systematic snooping.
May 22, 2008 - 09:55PM CT - by Ryan Paul
New Microsoft virus scanning patent likely to be challenged
Microsoft has been granted a patent it filed for back in 2004 that describes the function of a particular type of proactive antivirus scanner. The question of prior art, however, is definitely an issue here, as Norton and McAfee had similar products on the market in 2003.
May 22, 2008 - 01:31PM CT - by Joel Hruska
Microsoft ODF support pledge met with optimism, skepticism
Yesterday's announcement from Microsoft that it would implement native ODF support in Office 2007 early next year sparked mixed reactions from Microsoft-watchers. The European Commission said that it would investigate Microsoft's plans but remained optimistic, while the ODF Alliance was a bit more skeptical.
May 22, 2008 - 11:11AM CT - by Jacqui Cheng
Mac OS X users at risk
Ryan Naraine: Heads up to Mac OS X users: It appears Apple will be shipping high-priority security patches soon. In the meantime, watch out for strange links and e-mails with requests to add/open calendar (.ics) files.
Malware-infected USB drives distributed at security conference
According to a SearchSecurity report, the malicious file was of the “autorun” variety, programmed to be run automatically when removable drives are inserted into a computer. According to estimates, about one-tenth all malware is designed to use portable storage media, such as removable USB drives, as an attack and spread vector.
Google introducing Safe Browsing diagnostic to help owners of compromised sites
Abusing Our Sympathies: Sichuan Earthquake Trojan
Countering cyber terrorism in third-world countries
Chuck Miller May 22, 2008
A joint project with the International Multilateral Partnership Against Cyber-Terrorism is hoped to increase the cyberdefense capacity of developing countries.
Bank of New York Mellon loses data on 4.5 million
Dan Kaplan May 22, 2008
Three months after an unencrypted backup tape goes missing, 4.5 million The Bank of New York Mellon customers are notified their identities may be at risk.
Alarming Open-Source Security Holes
By Simson GarfinkelTuesday, May 20, 2008
How a programming error introduced profound security vulnerabilities in millions of computer systems.
Deadly Earthquake Doesn't Shake China's Internet Censors
Lawmakers See Cyber Threats to Electrical Grid PC World - Wed May 21, 4:50 PM ET
Lawmakers and an auditor's report raise concerns about cybersecurity among U.S. electric utilities.
Incident Detection, Response, and Forensics: The Basics
How to build an effective cyberincident detection and response mechanism in your organization.
» full story
'Hack-and-Pier' Phishing on the Rise - 5/21/2008 5:00:00 PM More and more phishers are hacking legitimate Websites, reports say
SQL Injection Attack Helps Hack OS - 5/20/2008 5:35:00 PM Multi-step hack using SQL injection provides interactive, GUI access to OS
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment