News & Commentary
Content posted in May 2010
|
FBI Busts $100 Million 'Scareware' Gang
The three men who were indicted are alleged to have been part of an illegal scheme that spanned 60 countries and sold victims $100 million worth of bogus software that purported to fix system problems that apparently didn't exist.
Facebook Privacy Protection: Symantec's Six Steps
Symantec has offered six steps to protecting your privacy on Facebook -- and the fact that the tips are so obvious, basic and self-evident doesn't make them any less worthwhile. In fact, their obviousness may make them among the most valuable tips to offer employees doing anything on the Internet.
Adobe Contemplates Monthly Patch Cycle
While Apple has turned up the heat on Adobe by refusing the Flash platform on the iPhone and iPad platform - Adobe's customers have been coming under increasing fire from attackers for using its Flash and Adobe Reader applications. Now the company is considering taking a move from Microsoft's playbook and switching to a monthly patch cycle.
Symantec Tips For Guarding Facebook Privacy
With Facebook's constant privacy policy changes, Symantec has offered users six tips to aide users in protecting their personal information on the social network.
Senate Staffer Named To White House Cybersecurity Role
Sameer Bhalotra, a former Senate intelligence committee cybersecurity staffer, will become a top advisor to cybersecurity coordinator Howard Schmidt, likely focusing on strategy.
Researchers Uncover Bot Sales Network
Internet portal offers bots designed for a variety of activities at a wide range of prices, PandaLabs says
Feds Bust 'Scareware' Ring
Three men allegedly used fake antivirus warnings and advertisements to sell $100 million worth of bogus software.
Tech Insight: The Enterprise Hacks Back!
Have you ever been tempted to strike back against a hacker? Read this before you make the wrong move
IBM Distributes Malware At Security Conference
Promotional USB thumb drives carried an unintended freebie: a keystroke-monitoring Windows worm.
Botnet Black Market Means Malice For Rent
For less than seventy bucks you can hire a botnet for a day, and for under ten you can grab one for an hour. Welcome to the world of commodity cybercrime.
NewsFeed: FBI Busts 'Scareware' Gang That Bilked Victims Of More Than $100 Million
Global cybercrime scheme yielded sales of more than 1 million phony software purchases from victims in 60 countries
The Roll Down Hill Effect Of Primary Storage Deduplication
The adoption rate of deduplication in primary storage has been relatively low so far in primary storage. There are concerns on user's minds about performance impact, data integrity and how much capacity savings they will see. Clearly each of these concerns need to be addressed. When it comes to capacity savings though, there is a key component of capacity savings that might get overlooked, the roll down hill effect of proper primary storage deduplication.
Pssst...Want To Rent A Botnet?
Sellers are freely hawking their wares via online forums and banner advertising, according to iDefense VeriSign’s security intelligence service
Cheap Botnets A Boon To Hackers
Easy access to cheap botnet rentals and sophisticated attack tools are lowering the barriers to entry for criminals who can’t code.
Cisco Warns Of Security Flaws In Building Management System
Multiple vulnerabilities could enable attackers to access power, HVAC, and physical security systems
Payment Systems Group Issues End-To-End Encryption Guidelines
POS vendor group rolls out requirements for encrypting card data, ahead of PCI group
Symantec Norton Everywhere Aims Beyond PCs
Software aims to secure smartphones, handheld, and consumer devices with Internet connectivity.
Cybercriminals Deploy Special Trojan To Verify Stolen Credentials
Researchers find database with 44 million stolen gaming credentials
Young Adults Least Trusting Of Social Networks
People ages 18 to 29 more often than their elders take steps like deleting comments and changing privacy settings to control their online reputations.
Amazon Ties Wal-Mart In Online Music Share
Apple iTunes remains the leading U.S. music retailer with 28% market share, but Amazon increased by 3% to tie Wal-Mart for second place at 12% of all music purchased.
Gartner Predicts 13% Growth In Business PC Sales
Overall worldwide PC sales will increases 22% in 2010 according to Gartner with the global business PC market predicted to grow 13.1% from 2009.
Anti-Clickjacking Defenses 'Busted' In Top Websites
New research easily bypasses popular frame-busting technique
Researchers Find New Ways To Eavesdrop Via Mobile Devices
'Bugbots' could enable listeners to tap other users' devices to overhear conversations, study says
Apple Facing Music Antitrust Inquiry
The Department of Justice is said to be looking into Apple's business tactics in the music industry.
Security's Top 4 Social Engineers Of All Time
My team here at Secure Network was recently discussing who we considered the best social engineers of all time. My colleagues and I each made a list and defended our candidates based on the creativity, innovation, and the public impact they had made. Here are our final top four social engineers from number four to number one, and why we chose them.
Facebook Promises Less Public Information, More Control
To quell the complaints of critics, Facebook has reworked its privacy controls to make them easier to understand.
Product Watch: Facebook Reveals New Privacy Setting Changes
But social network's privacy policies remain unchanged, security experts say
Not Too Late To Learn From Defcon CTF Qualifiers
This past weekend was the return of the wildly popular Defcon Capture the Flag qualifiers. "Quals," the commonly used nickname, is an entire weekend of non-stop online security challenges that test everything from simple trivia to advanced reverse engineering and exploit development.
Mercedes Revs iPad Tool For Dealers
The iPad's Safari browser, rather than a custom app, is being used to deliver loan and leasing software to salespeople.
Want Better Security? Reward Your Provider
Security services contracts that offer incentives to notify clients about breaches produce better results, study says
BoxTone Intros Mobile Management Tool
Mobile Service Management (MSM) software centrally controls enterprise mobile applications, devices, and platforms including iPhone, Android, Blackberry and Symbian.
McAfee To Buy Trust Digital
The deal arms McAfee with enterprise mobile management and security software including the capability to manage enterprise iPhones.
Space Shuttle Atlantis Booms Adieu
Spacecraft completes final mission as NASA's shuttle program draws to a close.
Tape and Disk Better Together
I have seen a few surveys recently that tape penetration in data centers remains very high, less than 15% of data centers have become tapeless, of course that means that 85% of environments still have tape. In my conversations with IT managers most are planning to keep it. Most see the role of disk in the backup process to augment or at best compliment tape. What's needed then is a way to make tape and disk better together.
Researchers: UK's Chip and PIN Payment System Flawed
Researchers published a paper detailing an attack of intermediate difficulty that they say makes it possible for criminals to use any "Chip and PIN" smart card that they take into their possession.
Terracotta Releases Ehcache 2.1
Ehcache 2.1 governs the distributed random access memories of a server cluster on behalf of Java applications.
Microsoft Researchers Propose Privacy Sensor 'Widget'
Tool could help prevent surreptitious snooping, data-gathering from webcams, microphones, GPSes
'Tabnapping' Attack Simplifies Phishing
With a bit of malicious JavaScript code, Web browser tabs can be altered when hidden from view.
Product Watch: New Patents Help Upstart Make A Ruckus In Wireless Security Management
New technologies promise to simplify the configuration and administration of Wi-Fi security
AT&T Launches Times Square WiFi Hotzone
The mobile hotspot is AT&T's latest idea to alleviate the pressure of a 5000% increase in its mobile data traffic, most of it caused by iPhone users.
Sourcefire Expands Real-Time Application Awareness
Capability provides users with increased network visibility
Twitter For iPhone Attracts Malware
Hackers are deploying Trojans within links in tweets. One aims to swipe users' banking information.
Default Database Passwords Still In Use
Researchers urge review of database accounts against list of more than 1,000 default user name and password combinations
VA Security Compromised By Medical Devices
Malware has infected more than 122 medical devices in the last 14 months, a Veterans Affairs official told Congress.
Military To Develop Stealth Internet Communications Technology
The Defense Advanced Research Projects Agency will fund research on securing Web-based communications from being corrupted or intercepted by enemies.
Symantec Broadens SMB Protection Services
Symantec's expansion of its SMB security and protection services in the latest edition of its Protection Suite, aims to offer a single-vendor solution for small and midsized business security, protection, endpoint, messaging, mobile, backup and recovery.
Twitter Bans Outside Advertising
Promoted Tweets are the only form of third-party advertising that can be injected into user timelines.
IE 6 Accounts For More Than One-Fourth Of All Enterprise Web Traffic
But use of the aged and vulnerable version of Internet Explorer gradually declining, report says
Patient Data Dump Nets Urgent Care Center $50,000 Fine
Here's another egregious example of a health care provider being nothing less than reckless with patient data.
Apple Safari 'Carpet Bomb' Flaw Remains Unfixed Two Years Later
Google Chrome also prone to similar attacks
|
White Papers
Video
1 Comments
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Could you pass the hash, I really have to use the bathroom!
Latest Comment: Could you pass the hash, I really have to use the bathroom!
Current Issue
Building and Managing an IT Security Operations ProgramAs cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
How Enterprises Are Developing Secure Applications
IT security and application development are disparate processes that are increasingly coming together. Here's a look at how that's happening.
Twitter Feed
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database CVE-2019-6513
PUBLISHED: 2019-05-21
PUBLISHED: 2019-05-21
PUBLISHED: 2019-05-21
PUBLISHED: 2019-05-21
PUBLISHED: 2019-05-21
From DHS/US-CERT's National Vulnerability Database CVE-2019-6513
PUBLISHED: 2019-05-21
An issue was discovered in WSO2 API Manager 2.6.0. It is possible for a logged-in user to upload, as API documentation, any type of file by changing the extension to an allowed one.
CVE-2019-12270PUBLISHED: 2019-05-21
OpenText Brava! Enterprise and Brava! Server 7.5 through 16.4 configure excessive permissions by default on Windows. During installation, a displaylistcache file share is created on the Windows server with full read and write permissions for the Everyone group at both the NTFS and Share levels. The ...
CVE-2019-12269PUBLISHED: 2019-05-21
Enigmail before 2.0.11 allows PGP signature spoofing: for an inline PGP message, an attacker can cause the product to display a "correctly signed" message indication, but display different unauthenticated text.
CVE-2019-12189PUBLISHED: 2019-05-21
An issue was discovered in Zoho ManageEngine ServiceDesk Plus 9.3. There is XSS via the SearchN.do search field.
CVE-2019-12190PUBLISHED: 2019-05-21
XSS was discovered in CentOS-WebPanel.com (aka CWP) CentOS Web Panel through 0.9.8.747 via the testacc/fileManager2.php fm_current_dir or filename parameter.
- Terms of Service
- Privacy Statement
- Legal Entities
- Copyright © 2019 UBM, All rights reserved
Tweet This