(2 votes, average: 10 out of 10)
Loading ...Exposing users’ data: The tough love approach to security
So our colleagues at Compter Sweden are calling a “freelance security consultant” somehow finds user names and passwords for 100 government e-mail accounts from around the world. If you find this stuff online you can compromise those accounts.
Read the rest of this entry »
Add to: del.icio.us | Digg IT | Furl | Google | magnolia | StumbleIT | Wink | Yahoo! Technorati
(3 votes, average: 10 out of 10) Loading ...When servers go down, everyone becomes a pirate
The problem when you appoint yourself chief of police over software theft is that people will hold you much more accountable for the mistakes you make. That’s what Microsoft has discovered after a server problem with its Windows Genuine Advantage service caused some innocent users to be targeted as pirates. If the criticism is bad now, it’s only going to get worse.
Read the rest of this entry »
Add to: del.icio.us | Digg IT | Furl | Google | magnolia | StumbleIT | Wink | Yahoo! Technorati
(2 votes, average: 10 out of 10) Loading ...One Monster of a breach
The theft of personal information among Monster.com customers may be a textbook case in the making. This wasn’t a sophisticated database hack but the use (probably) of social engineering to get legitimate passwords and then use duplicitous phishing schemes to trap those users. Most intriguing to me is not necessarily the extent of the problem or the methods involved but the choice of target in the attack.
Add to: del.icio.us | Digg IT | Furl | Google | magnolia | StumbleIT | Wink | Yahoo! Technorati
(1 votes, average: 10 out of 10) Loading ...ITW security roundup for August 20
In case you missed it, some news and opintions you could use.
Add to: del.icio.us | Digg IT | Furl | Google | magnolia | StumbleIT | Wink | Yahoo! Technorati
(2 votes, average: 10 out of 10) Loading ...Even security experts can’t decide patch priorities
We call it Patch Tuesday, but by the time IT managers figure out how to ensure their Microsoft-based systems don’t crash it’s probably a lot closer to Saturday.
Read the rest of this entry »
Add to: del.icio.us | Digg IT | Furl | Google | magnolia | StumbleIT | Wink | Yahoo! Technorati
(1 votes, average: 10 out of 10) Loading ...Novell gets in on endpoint market, buys Senforce
It’ll be interesting to see in a year from now how many standalone endpoint security firms are left. Novell’s acquisition of Senforce on Monday shouldn’t come as a surprise, nor should the acquistion of any other company that helps customers protect networks from data that gets exposed on handheld devices.
Novell isn’t really known as a security firm, but it is a systems management firm, and endpoint security and systems management are really starting to go hand in hand. If the introduction of iPhones or other devices in the enterprise becomes really problematic IT managers may want to rely more on Symantec and its Hamlet project, but if you’re already a Novell shop it’s pretty handy to have some security tools rolled in.
Add to: del.icio.us | Digg IT | Furl | Google | magnolia | StumbleIT | Wink | Yahoo! Technorati
(4 votes, average: 5.5 out of 10) Loading ...Spam sucks – and suckers keep getting scammed
By Joaquim P. Menezes -
I’ve been following Symantec’s monthly ‘State of Spam’ reports since they were first published, in January. They don’t make for a very scintillating read, but in their own pedestrian way chronicle key developments in the spam landscape.
Over the months if there’s one thing these reports have made abundantly clear it’s that spammers are on the ball – they’re getting increasingly sophisticated, better organized, and more innovative.
Add to: del.icio.us | Digg IT | Furl | Google | magnolia | StumbleIT | Wink | Yahoo! Technorati
(2 votes, average: 5.5 out of 10) Loading ...Honey I shrunk the threats!
By Joaquim P. Menezes -
It’s called “HoneyJax” and no, it isn’t another donut brand.
It’s a set of apps meant to minimize and foil Web 2.0 threats - so says the release on my desk.
The modus operadi: emulate user behavior within social networking apps to uncover threats before they spread.
In other words, attract hackers and malicious code before neutralizing them - or “bait (hence the honey) and then exterminate.”
Add to: del.icio.us | Digg IT | Furl | Google | magnolia | StumbleIT | Wink | Yahoo! Technorati
(1 votes, average: 10 out of 10) Loading ...A 10-day patch: I triple-dare you
Although officials were quick to dismiss the idea, I loved the image of Mozilla executives discussing their strategy to patch Firefox flaws during a late-night pajama party. Until I actually pictured Mozilla executives in pajamas.
Add to: del.icio.us | Digg IT | Furl | Google | magnolia | StumbleIT | Wink | Yahoo! Technorati
(2 votes, average: 5.5 out of 10) Loading ...Why hack a Mac?
By Joaquim P. Menezes -
Remember Charlie Miller?
He’s the security analyst from Independent Security Evaluators who shot into prominence last week for exposing a serious vulnerability in the Apple iPhone. Yesterday – at the Black Hat Conference in Las Vegas – Miller explained his iPhone exploit in some detail.
While the exploit was the main focus of his presentation, Miller began with an interesting – some would say controversial – exposition of the changing Mac security environment.
