Hacker Tip #467:
Try googling for this phrase including the double-quotes:
"c:\Program Files\Belarc\Advisor"
People upload the inventory of their machines, including license codes. Ugh.
----------
Like this is news...
Attack Of The Tweets: Major Twitter Flaw Exposed
Aug 27,2009
U.K. researcher says vulnerability in Twitter API lets an attacker take over a victim's account -- with a tweet
----------
New IEEE Printer Security Standard Calls For Encryption, Authentication, Electronic "Shredding"
Aug 26,2009
Printers finally getting security attention, but locking them down depends on actual implementation, configuration, experts say
Networked printers are the oft-forgotten weak links in an organization, but a new IEEE security standard for the devices could help change that.
The so-called 2600 Profile, which includes specifications for building secure printers and a checklist for evaluating printer security using ISO's Common Criteria framework for evaluating security requirements, calls for vendors to build printers that include password protection, hard drive encryption, electronic "shredding," security logs, and separate connections for fax and network communications.
While security researchers during the past few years have poked major holes in networked printers, these devices have been a low priority for most organizations already inundated with locking down imminent threats to their servers, client machines, and Web applications. Many never even bothered to update their printer software.
----------
WPA with TKIP done
In a paper titled "A Practical Message Falsi cation Attack on WPA" researchers in Japan describe how to perform the Beck-Tews style attack against any WPA-TKIP implementation, in under a minute. The paper and upcoming presentation have already been covered in the mainstream media. Thanks to all who wrote in.
If your hardware supports it, time to consider moving to WPA with AES or WPA2.
----------
SQL Injection Attacks Across Globe Appear Linked
Three significant waves of SQL injection attacks appear to be under the control of the same source, according to one security researcher.
----------
U.K. launches privacy initiative
Recently I've been talking about identity-related initiatives from both the U.S. and Canadian...
----------
Security test prompts federal fraud alert
A sanctioned security test of a bank's computer systems had some unexpected consequences this week
----------
China game boss sniped rivals, took down Internet
An attack by a Chinese online game provider meant to cripple the servers of its rivals ballooned to...
----------
Swiss coder publicises government spy Trojan
A software engineer who created Trojans for the Swiss authorities to intercept Voice-over-IP (VoIP)...
----------
New Chinese Ministry of National Defense website suffers hacker attacks
According to the chief editor of the newly launched Chinese Ministry of National Defense website, since its opening on 20 Aug 09, the site has been under assault from a variety of different types of hacker attacks. The report notes that the attacks have not affected website operation.
----------
Verizon Wireless Phantom $1.99 Data Usage Fee
The Cleveland Plain Dealer has been doing an excellent job this week highlighting a $1.99 "data usage fee" Verizon's been imposing on wireless customers who, well, aren't using any data. An August 14 column first brought the issue some attention, when Teresa Dixon Murray noted that Verizon has been charging customers $1.99 for doing absolutely nothing.
----------
Spy Son Rats Out Mole Father
The son of a disgraced CIA agent convicted of funneling classified information to the Russians has pleaded guilty to charges of helping his imprisoned father collect overdue bills for his dad’s nefarious activities.
----------
Skype snooping trojan detected
Angela Moscaritolo August 28, 2009
Source code for a trojan, called Peskyspy, has the ability to record audio from Skype calls, convert the audio to an MP3 file, encrypt it and send it back to the attacker, according to Symantec researchers.
----------
Credit union agency warns of fake CD-ROMs
Dan Kaplan August 27, 2009
Forget the inbox: Cybercrooks also are turning to traditional mail to spread malware.
----------
Facebook to modify privacy practices after investigation
Dan Kaplan August 28, 2009
Facebook plans to refine its privacy safeguards in response to concerns by Canada's privacy commissioner.
----------
ACLU Demands Info on DHS Laptop Searches
By BARBARA LEONARD
MANHATTAN (CN) - The ACLU demands information on the Department of Homeland Security's policy on searching laptop computers at international borders. The DHS' Customs and Border Protection office announced in July that it can search electronic devices and any printed material carried by travelers regardless of whether they are suspected of anything - a statement one senator called "truly alarming."
----------
The Security Risks of Accepting Free Laptops
Weird:
The U.S. Federal Bureau of Investigation is trying to figure out who is sending laptop computers to state governors across the U.S., including West Virginia Governor Joe Mahchin and Wyoming Governor Dave Freudenthal. Some state officials are worried that they may contain malicious software.
----------
Swedish Regulators Ban Word "Bank" In Domain Names For Non-Banks
----------
Fla. man in credit card data theft accepts plea AP – 25 mins ago
MIAMI - A computer hacker accused of masterminding one of the largest cases of identity theft in U.S. history agreed Friday to plead guilty and serve up to 25 years in federal prison for his crimes.
----------
Snow Leopard Malware Protection a Growing Pain for Mac OS X
PC World – Thu Aug 27, 8:00 pm ET
Mac users have long relished the fact that malware is nearly a foreign concept to them. Yet, in a tacit acknowledgment of the growing threat of malware on the Mac platform, Apple has added some rudimentary malware protection into Snow Leopard.
----------
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment