SEARCH RESULTS
 
Showing 1-10 of 167 records
 
Expand article

ISPs' Error Page Ads Let Hackers Hijack Entire Web

2008-04-19 22:00:00 by Threat Level in Wired Security
 
ISPs, including Earthlink, that seek to make money from customers' mistyped URLs put the entire internet at risk from hackers that steal passwords, a security researcher reveals Saturday. While the immediate vulnerability is fixed, the practice of returning ads instead of error messages raises ongoing security, Net Neutrality and security concerns
 
Tags: security concerns, error messages raises, security, ads, net neutrality, isps, entire internet, hackers, earthlink
 
 
 
 
Expand article

Crossing Borders with Laptops and PDAs

2008-05-16 06:10:33 by schneier in Schneier on Security
 
...entire contents, or keep it for several days. Customs and Border Patrol has not published any rules regarding this practice, and I and others have written a letter to Congress urging it to investigate and regulate this practice But the US is not alone. British customs agents search laptops for pornography. And there are reports on the...
 
Tags: customs agent pokes, customs agent, british customs agents, customs agents, agent, customs, entire hard drive, hard drive, data
 
 
 
 
Expand article

1st Source Bank reissues all debit cards in response to breach

The Article has images
2008-06-05 09:09:56 by Evan Francen in The Breach Blog
...entire portfolio of debit cards after a hacker or hackers broke into a bank server containing debit card data. No fraud has been discovered as a result of the intrusion Reference URL Digital Transactions News WSBT TV News South Bend Tribune The Journal Gazette Report Credit WSBT TV News Response From the online sources cited above South...
 
Tags: 1st source, bank, 1st source bank, evan 1st source, server, bank server, bank officials, breach, bank employs
 
 
 
 
Expand article

Coding Spyware and Malware for Hire

The Article has images
2008-07-22 03:52:14 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...entire inet) in search of soap 220 Socks 4 / 5 Normal soks with competently implemented multithreading, is activated only if the user real Ip, otherwise not. And also optional, depending on the connection type and speed ineta 70 Indicates The primitive method, contamination fleshek avtoranom gives 2-3% increase in the first week and up to...
 
Tags: malware, malware author, malware authors, malware binaries, malware attacks, ftp, ftp user, collects, malware industry
 
 
 
 
Expand article

DRM Scorecard Makes Me Wonder: The Media Industry and the TSA, Sadistic or Incompetent?

2007-08-02 08:19:00 by Eric Marvets in The Security Samurai
 
...entire world They worried about piracy with VHS, and it turns out that may have in fact saved Disney and launched an entire consumer market for home video. They worried about it with DVDs, which have brought in billions of dollars to the media industry despite the fact that CSS was broken in 1999. Their fear and illogical behavior impedes and...
 
Tags: media industry, industry, media industry views, illogical behavior impedes, drm, behavior, drm scorecard, secret, secret internal referendum
 
 
 
 
Expand article

Reliability Vs. Security

2007-12-07 16:46:00 by sdl in The Security Development Lifecycle
 
...entire bug space. Their only concern is those components that consume untrusted input and only then the subset of issues that might be exploitable. The rest of the issues can be ignored. Reliability people, on the other hand, must deal with the entirety of the application because reliability bugs can be anywhere. Reliability folks deal with...
 
Tags: folks, reliability folks deal, reliability, reliability folks, security, bugs, reliability bugs, reliability analysis, software reliability
 
 
 
 
Expand article

Who should do your security audits? Or, how do you organize the security department?

2008-02-07 22:25:32 by Steve Riley in Steve Riley on Security
 
...entire security department It's useful if we take a moment and consider the definition of the auditing function. Here's mine Audits help us ensure that we are following our own policies. Audits measure the current state, compare the results against what the state should be, and show where we are out of compliance. Essentially, audits help us...
 
Tags: information, information assets, information security, alignment folk, security alignment folk, information security department, alignment, security department, security
 
 
 
 
Expand article

The First Step on the Road to More Secure Software is admitting you have a Problem

2008-02-21 14:26:00 by sdl in The Security Development Lifecycle
 
...entire senior management team for that matter) recognized Microsoft faced a problem that needed solving; the company needed to shore up the security of its products. So Bill sent his memo to get the ball rolling Now let's go back to Jeff's recent analysis. Cover up the Mac OS X and Linux stats for a moment so you can only see the Windows XP...
 
Tags: vulnerabilities, reduce security vulnerabilities, fewer security vulnerabilities, security vulnerabilities, source security bugs, bugs, major microsoft products, microsoft products, security
 
 
 
 
Expand article

Inside a Botnet's Phishing Activities

The Article has images
2008-02-25 09:34:49 by HASH0x8b44f48 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...entire ecosystem's name servers, namely 72.46.130.154 . This KISS strategy allows us to quickly expand the entire domain portfolio and the associated phishing campaigns already in the wild. Here are the domains serving the phishing pages that are actually hosted on the botnet's infected hosts asp29.com asp63.net aspx77.in aspx83.in...
 
Tags: net, botnet, bkdr agent, agent, microsoft, hosts phone, domains, hosts, ecosystem