Cost-cutting, greater efficiencies to be topics at SNW
Report: World Bank servers breached repeatedly
World Bank Hacked, Sensitive Data Exposed - 10/10/2008 5:10:00 PM
Hacked Web servers, a stolen administrative account, and lot of unanswered questions
Google allies with click-fraud-detection firm Click Forensics
Why some security pros hate SharePoint
Exploit code loose for six-month-old Windows bug
Over half of U.K. firms have lost data
U.S. proposes digital signing of DNS root zone file
Security experts for years have advocated the adoption of DNSSEC, but implementation has been patchy. The U.S. government has said it will use DNSSEC for its .gov domain. Country-code top-level domain operators in Sweden (.se), Brazil (.br), Puerto Rico (.pr) and Bulgaria (.bg) are also using DNSSEC. The operator of the .org TLD has also committed to the system, according to the Commerce Department.
Data Center Security Tools to Not Overlook
Endpoint technologies and virtualization software get a lot of ink these days, but here's a quick look at five other key security areas addressed by data-center tools.
Read more
Can you say "next year's budget?"
Fewer People Downloading Music Illegally
telegraph.co.uk — Fewer people are downloading music from the internet illegally because they are frightened about having their connections cut off, according to new research. More…
Oct 12, 9:05 amSix Essential Apple iPhone Security Tips
Security is a tech manager's top concern when it comes to mobile devices--here's how to use them to your advantage with minimal risk.
Oct 11, 2:18 pmVendors, Cops, Profs Team to Study Cybercrime
Tech vendors and the Secret Service are among those working with an evaluation of trends and best practices for security.
Oct 11, 6:00 amMicrosoft Readies Flood of Patches
The 11 patches include 4 critical fixes, plus updates to Windows, Office, and IE.
The National Debt Counter, erected in 1989 when the U.S. debt was 'merely' a tiny $2.7 trillion, has been moving so much that it recently ran out of digits to display the ballooning figure: $10,150,603,734,720, or roughly $10.2 trillion, as of Saturday afternoon. To accommodate the extra '1,' the clock was hacked: the '1' from "$10.2" has been moved left to the LCD square once occupied solely by the digital dollar sign. A non-digital, improvised dollar sign has been pasted next to the '1.' It will be replaced in 2009 with a new clock able to track debt up to a quadrillion dollars, which is a '1' followed by 15 zeros
Goodbye Storm?
Spam from the Storm botnet has dried up. Is this the end of Storm?
October 10, 2008
The former king of spam, and perhaps the most discussed and studied botnet ever, seems to have gone away. Spam originating from the Storm botnet suddenly dried up in mid-September. Since that time we have not detected a single Storm spam in our traps.
The folks at sudosecure.net have also noticed the Storm subsidence, observing that surviving storm bot peers still communicate with each other, but that certain Storm hosts simply answer with "Go away, we're not home".
At its peak in mid 2007, we estimated Storm was responsible for some 20% of all spam . Storm’s spam attacks were high profile and distinctive. Its peer-to-peer communication model was revolutionary and it was quick to use the fast flux – rapidly changing DNS - to hide its hosts. However, following all the attention, and the targeting of Storm by Microsoft with its Malicious Software Removal Tool in September 2007 where some 280,000 PCs were cleaned in one hit, Storm became a much less effective beast.
So is this the end of Storm? Certainly, as a spam generator it has been a minor player for the best part of a year now, with other botnets namely Srizbi, Rustock, Pushdo, and Mega-D taking over as the spam heavies. Perhaps Storm is now obsolete, having been supplanted by a better botnet. Or maybe Storm’s owners are sitting back, avoiding attention and redesigning aspects of their creation. Only time will tell.
The Rise Of Anti-Spam Lawsuit Entrepreneurs
Cracking CAPTCHA: Another Russian Business
Fake Microsoft email contains "backdoor" virus
Angela Moscaritolo October 10, 2008
A fake email making the rounds seemingly comes from Microsoft, but actually contains a trojan.
Latest Product Reviews
PGP Whole Disk Encryption 9.9
October 04, 2008 5 out of 5 stars
Inside Operation Highlander: the NSA's Wiretapping of Americans Abroad
A top secret NSA wiretapping facility in Georgia accused of spying on Americans illegally was hastily staffed with inexperienced reservists in the months following September 11, where they worked under conflicting orders and with little supervision, according to three former workers at the spy complex.
"Nobody knew exactly what the heck we were doing," said a former translator for the project, code named Highlander, who spoke on condition of anonymity. "We were figuring out the rules as we were going along."
Chinese hackers gain access to World Bank
At least there seems to be evidence that two of the six major attacks originated from IP addresses inside of China
How to Hack RFID-enabled Credit Cards for $8
Published 10/6/2008
http://www.nationalcybersecurity.com/
Mixing in information protection
The perimeter might not be dead, but it needs a lot of help. Here's how to secure critical and regulated data when network defenses aren't enough.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment