Let's start today with a bit of 'bright-and-shiny':
Microsoft Demos Prototype Multi-Touch Mice
The other day, I went on a short tour of some of Microsoft’s Labs, where they do everything from rapid prototypes of new products to acoustic testing in anechoic chambers. Most of my time was spent in the Applied Sciences group’s labs, where they are working on some seriously interesting devices.
And they’re not just into mice; in fact, the lab’s specialty seemed to be anything to do with optics and/or input. This lab worked on Project Natal, and also on the pressure-sensitive keyboard I wrote about a while back.
They were kind enough to show me all these crazy multi-touch mice, and, when I was too inept to demo even one of them solo, offered to go through them with me on video.
----------
Malware and standards – is it possible?
I am excited to be involved in the joint industry effort of defining an XML format which will allow for the rapid exchange of information between security companies. This work was done by the “Malware Working Group” operating as part of the “Industry Connections Security Group” (ICSG) and under the umbrella of the IEEE. If you Google for “IEEE” and “ICSG” you should have the link at the top of the list – IEEE ICSG .
There were about 20 people from multiple security companies who contributed to the development of the proposal for the standard and I am very pleased with the results. It is a simple, flexible and powerful format that is already being used by 4 anti-malware companies to transmit meta-data about the prevalence of malware in the field. Wider adoption of this meta-data sharing will replace the trivial malware sample exchange of the past with a real-time exchange of threat intelligence data. Communicating the relationships between malware samples, domains, IPs will open endless possibilities for improving the security of all Internet users.
For example, it will allow us to describe the whole history of domains/IPs that were used by a specific malware writing group, which malware they hosted and even how the malware got installed onto users’ computers. And this can be expressed in an unambiguous way suitable for rapid automated analysis. In a word – it’s powerful!
----------
Testing email with encryption
It can be very useful to be able to talk directly with your SMTP or IMAP server for diagnostic purposes. Things get a bit more complicated when encryption rears its ugly head, but with the right tools, it doesn't have to be a black art more…
----------
Plug-in service to protect Mozilla browser
Mozilla's Plug-in Finder Server checks the versions of installed Firefox plug-ins to warn users of security holes more…
----------
Gmail Login Gets CSRF Protection
Google has silently implemented cross-site request forgery protection for Gmail authentication. The new feature comes in the form of a unique token stored in a browser cookie and checked when the login request is submitted.
----------
Hotmail hacked: Thousands of account details published online
Zack Whittaker: Microsoft admits that several thousand Windows Live Hotmail customers' credentials were exposed on a third-party site due to a phishing scheme.
----------
DRAM error rates: Nightmare on DIMM street
Robin Harris: A two-and-a-half year study of DRAM on 10s of thousands Google servers found DIMM error rates are hundreds to thousands of times higher than thought - a mean of 3,751 correctable errors per DIMM per year.
----------
Attorney Admits to Trading Settlement Money
By NICK MCCANN
(CN) - An Orange County lawyer has agreed to plead guilty to losing virtually all of a multimillion-dollar class-action settlement through high-risk day trading, the Justice Department announced.
----------
Visa creates guidance for merchants wanting to encrypt
Dan Kaplan October 05, 2009
Visa has taken a leading role in establishing best practices for end-to-end encryption implementation.
----------
Credit Card Skimming Survey: What’s Your Magstripe Worth?
Ever wonder how much the data on the back of your credit card is worth to a corrupt food service worker? The answer, it turns out, depends on which restaurants you frequent in Florida.
For some reason, the Sunshine State is a hotbed of federal prosecutions for “skimming”, in which a retail or service worker with a criminal bent swipes your credit card through a pocket-sized magstripe reader when you’re not looking — capturing your name, card number, expiration date and other information.
In the online black market, wholesalers peddle this data to credit card counterfeiters for as much as $50 for a corporate Visa or Mastercard. (Asian and European cards go for even more.) But how much does the poor food service worker get for putting his job on the line in the first place?
----------
Hackers plan to clobber the cloud, spy on Blackberries
A new era of computing is on the rise and viruses, spies and malware developers are tagging along...
----------
60% of Brits store personal data on their phone
Over 60 percent of Brits keep sensitive personal data on their smartphone, says The Carphone...
----------
Cyber Security Awareness Month - Day 5 port 31337
Backdoors and malware and trojans oh my!
----------
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment