Three ways Internet crime has changed Rather than taking down high-profile networks, today's cybercriminals are quietly taking over vulnerable Web sites as part of an elaborate process in the underground economy. Read more...
ActiveX bugs pose threat to Vista, Microsoft reports
Although computers running Windows Vista are significantly less likely to be infected with attack code than machines running Windows XP, the newer operating system continues to be threatened by Microsoft Corp.'s own ActiveX browser plug-in technology, according to a report issued Monday by the company.
In the most recent installment of its twice-yearly security intelligence report, Microsoft said that PCs running Windows XP Service Pack 2 (SP2) were more than three times as likely to be infected with malware as computers running Windows Vista SP1. Machines powered by the newest XP security update, SP3, meanwhile, were more than twice as likely to be infected.
...
Microsoft's numbers echo data collected by Symantec Corp. for the latter half of 2007, when ActiveX bugs accounted for 79% of all those discovered in browser plug-ins during that period.
Windows 7 leaks to Web, pirates downloading
Revision of IT security rules could cost feds $600M over four years
A proposed bill aimed at strengthening the provisions of the Federal Information Security Management Act would require the U.S. government to spend an additional $610 million on FISMA implementation costs over the next four years if it is passed, according to an estimate by the Congressional Budget Office.
The CBO said in a cost estimate released on Tuesday (download PDF) that the bill could also affect spending on security by agencies, such as the U.S. Postal Service, that don't receive annual funding for compliance with the act. But any increase in costs at those agencies is likely to be relatively small and could be offset by increasing the fees they charge for their services, the CBO added.
Out of this world election: NASA astronauts vote from space
Antivirus 'Scareware' is LucrativeOct 31,2008
Rogue antivirus software circulating on the Web potentially making top distributors millions of dollars a year
Recycled Tapes Yield Data On Former OwnersOct 30,2008
Study of 100 "recertified" tapes turns up sensitive data from major bank, hospital
New Phishing Attacks Target Legitimate Web Domain Owners Oct 30,2008
Phishing campaign could be fallout from pressure to shutter notorious registrar associated with spammers, cybercrime
Google moving toward SSO with OpenID
MTV Pulls a Profit from Piracy
If you can't beat 'em, make money off 'em seems to be the new philosophy as MTV drops ads into copyrighted content.
Trojan Steals 500K Bank, Credit Card Log-ons
Russian gang kept 'extraordinary' malware on the prowl for nearly three years.
Virtual Heist Nets 500,000+ Bank, Credit Accounts
http://voices.washingtonpost.com/securityfix/2008/10/virtual_bank_heist_nets_500000.html
A single cyber crime group has stolen more than a half million bank, credit and debit card accounts over the past two-and-a-half years using one of the most advanced strains of computer spyware in existence, according to research to be published today. The discovery is among the largest stolen data caches ever recovered.
Researchers at RSA's FraudAction Research Lab unearthed the massive trove of purloined data while tracking the activities of a family of spyware known as the "Sinowal" Trojan, designed to steal data from Microsoft Windows PCs.
DC Police Begin Random Searches of Metro Passengers' Bags
The District of Columbia has begun "random" searching of Metro rail passengers's bags. There is no information on which of the 86 rail stations or 12,000 bus stops would be subject to searches. Passengers will be confront by police before entering train stations or boarding a bus. It is estimated that 1.2 million passengers use the rail and bus system each week day. A protest by citizens in opposition of the searches is being planned for October 29, 2008 from 3-7 pm. Those interested should go to their most convenient Metro station.
Metro to Randomly Search Riders' Bags, Washington Post, October 28, 2008
MS08-067 Worm in the wild?
We have received a report of a wild MS08-067 worm.
Reference: http://www.f-secure.com/weblog/archives/00001526.html
Reported file size 16,384 bytes:
http://www.threatexpert.com/report.aspx?uid=919a973d-9fe1-4196-b202-731ebaaffa5d
Kaspersky Lab detect the new wave asExploit.Win32.MS08-067.gand
Microsoft asExploit:Win32/MS08067.gen!A
Sophos uses name Mal/Generic-A.
THIS IS WHY SSL PROXYING IS NECESSARY:
Web security firm warns of obfuscated codeNews Brief, 2008-10-29
In its monthly whitepaper on Internet threats, Finjan describes a recent compromise at a corporation that succeeded because static software defenses failed to catch an encrypted attack.
Secure hash competition kicks off Robert Lemos, 2008-11-03
Dozens of amateur and professional cryptographers have joined the United States' first open competition for creating an uncrackable algorithm for generating hashes -- the digital fingerprints widely used in a variety of security functions.
In UK, 12M Taxpayers Lost With USB Stick
"Ministers have been forced to order an emergency shutdown of a key Government computer system to protect millions of people's private details. The action was taken after a memory stick was found in a pub car park containing confidential passcodes to the online Government Gateway system, which covers everything from tax returns to parking tickets. An urgent investigation is now under way into how the stick, belonging to the company which runs the flagship system, came to be lost."
"Three strikes" P2P rule inches closer to law in France
France's "three strikes" legislation, which would cut off Internet access for repeat copyright infringers, has received the overwhelming support of the French Senate. The National Assembly still has to vote on the measure, but passage looks increasingly likely.
November 02, 2008 - 10:00PM CT - by Jacqui Cheng
Firefox Add-On Simulates Great Firewall Of ChinaGovernment oppression from the comfort of your own home...09:41AM Sunday Nov 02 2008 by Karl Bode
User wifi4milez submits this Information Week report highlighting a new Firefox add-on that simulates the "Great Firewall of China." Users of the China Channel Firefox Add-on can experience what it's like to have your Internet access restricted by a highly oppressive government entity, if simply being spied on by your own government isn't enjoyable enough.
The plugin allows you to "take an unforgettable virtual trip to China and experience the technical expertise of the Chinese Ministry of Information Industry," says the plugin authors (who also offer this video). Torture and extensive imprisonment not included.
Penn hacker sentenced, avoids child porn charges AP - Wed Oct 22, 4:17 AM ET
PHILADELPHIA - A federal judge questioned why a white Ivy League student found during a computer hacking probe with thousands of images of child pornography was not charged with that crime, sparing him a decade-long prison sentence that a black convicted child pornographer faced at the same hearing.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment