Browse by Tags

• Acrobat
• Adobe
• App Store
• apple
• Apple/iPhone/Apps
• Apple/News
• Apple/Reviews
• Av-Comparatives
• banking fraud
• BIOS
• botnet
• Browsers
• Business
• Business IT/News
• Business IT/SMB Resources
• Canada
• CIRA
• Cisco
• Citibank
• Conficker
• Conficker.A
• Conficker.B
• Conficker.C
• CP80
• CSC
• Cutwail
• DDOS
• DDOS attack
• DHCP
• DNS
• DNS query
• DNSSEC
• Donbot
• DOS
• DoS Attack
• Dox Para
• Dynamic IP Restrictions Extension
• e-mail
• Ethiopia
• Ethiopia fraud
• exploit
• Felix Leder
• filtering
• Firefox
• Flash
• Flush.M
• Fortinet
• hardware
• Hardware/News
• IBM
• ICANN
• ICPA
• IE
• iErase
• IIS
• internet filtering
• Internet Information Services
• iPhone
• Kaminsky
• Kaspersky Labs
• malware
• malware hosting
• Mega-D
• MessageLabs
• microsoft
• Microsoft/News
• News
• Nigerian 419 scam
• OpenDNS
• Patch Tuesday
• PDF
• pwn2own
• Reader
• Review
• Reviews
• rootkit
• Rustock
• safari
• SANS Internet Storm Center
• Security/News
• server
• Software
• Software/News
• spam
• Szribi
• Tech Policy/News
• tech_policy
• Tillman Werner Conficker scanner MS08-67
• Time Warner Cable
• Trojan
• uac
• virus
• web
• Web/News
• Windows 7
• Xarvester
• X-Force

• New Bill Would Regulate Business Cybersecurity

  Business expected tougher environmental, financial, and labor regulations from the Obama Administration, but it looks like the feds may be getting ready to move into a new area: the information security practices of some private businesses. As first reported by The Washington Post, Senate Commerce Committee Chairman John D. Rockefeller IV (D-WV) and Senator Olympia J. Snowe (R-Me.) would set federal security requirements for private systems that control critical infrastructure, such as the electrical power grid, and would come with enforcement powers. The Obama Administration was consulted in the drafting of the legislation but has not yet taking a position on the planned bill. My colleague Keith Epstein reports that Rockefeller, a former Intelligence Committee chair, has been holding private meeting with Commerce members to convince them of the threat. The move is long overdue in the view of many security experts who are concerned about increasingly sophisticated attacks on U.S. networks. But finding a federal role in regulation of private security will require resolving a long-running dispute within the government between military and civilian agencies for control of federal cybersecurity. The result would likely be a victory for the civilian side. Any federal role in regulating private security is going to be very controversial, and military involvement would make it vastly more so. Posted Wednesday, April 01, 2009 9:58 AM from Tech Beat - BusinessWeek | 0 Comments Filed under: security

• New method for detecting Conficker discovered, debuted

  The clock is ticking down towards Conficker.C's reported April 1 launch date, but an 11th-hour discovery by Team White Hat may substantially improve an IT shop's chance of catching the bug early and stomping on it. The full technical details on the Conficker scanner are being witheld for roughly 24 hours (we'll link the paper when it arrives). If the scanner works as advertised, the security industry will be able to track the spread of Conficker much more effectively than before and neutralize it that much faster. Click here to read the rest of this article Posted Tuesday, March 31, 2009 8:10 AM from Ars Technica - Uptime | 0 Comments Filed under: Business, Business IT/News, Conficker, Dox Para, Felix Leder, Kaminsky, News, security, Security/News, Tillman Werner Conficker scanner MS08-67

• Report: IT not scrimping on security during recession

  IT news might be bad in almost every corner of the industry, but one industry segment seems better fit to ride out the recession than most. Sales of security appliances to various business sectors in Western Europe grew revenue a total of 14.4 percent in 2008 as compared to 2007, but that growth slacked off a bit in the fourth quarter; sales rose only 10.1 percent. Those are solid numbers in any economic climate, and particularly in this one. The increase in total revenue was not spread evenly across the top five vendors. Fortinet reported 29.5 percent revenue growth from 2007-2008, followed by Cisco (20.5 percent) and "other" (18.7 percent). Nokia and Secure Computing eked out smaller gains of 6.6 percent and 2.3 percent, respectively, while Juniper fell off a cliff. Company revenue dropped 17 percent year-on-year, which helps explain why everyone else grew at such a high rate. Click here to read the rest of this article Posted Friday, March 27, 2009 8:08 AM from Ars Technica - Uptime | 0 Comments Filed under: Business, Business IT/News, Cisco, Fortinet, IBM, News, security, Security/News, server

• Review: iErase ensures deleted iPhone data is gone for good

  iPhone forensics expert Jonathan Zdziarski, who recently released the AMBER Alert for iPhone app, has a new app designed to help keep deleted data from being recovered from your iPhone. Called iErase, the app "zeros" all the free space on your iPhone and makes sure trashed files stay, well, trashed. The iPhone, like most computing devices, doesn't actually remove files from you iPhone when you delete them. The bits are all there; the file system merely marks the space that the file was using as available. "The iPhone retains data better than most laptops because its solid state disk is designed to minimize writes," Zdziarski told Ars. "As a result, deleted photos, e-mail, keyboard caches, and other personal data are likely to stay on the device for a very long period of time. All of this information is available to someone who steals or 'borrows' our device." Click here to read the rest of this article Posted Friday, March 27, 2009 7:39 AM from Ars Technica - Reviews | 0 Comments Filed under: App Store, apple, Apple/iPhone/Apps, Apple/Reviews, iErase, iPhone, Review, Reviews, security

• Canadian .ca domain prepares united Conficker.C defense

  White hats nationwide have ramped up their efforts to create a defense against Conficker.C as the worm's April 1 activation date approaches. This is not an easy task—as we've previously described, Conficker.C sacrifices some of .B's infection vectors but replaces them with code designed to make the worm harder to track, block, or remove. If Conficker.A was an annoying relative with an old house key that somehow still worked, and Conficker.B a family member who thought you were so nice that he needed to meet everyone in your entire neighborhood, then Conficker.C is everyone's nightmare house guest. He sleeps on the couch, can't be bothered with minor details (like pants), sucks down cell phone minutes and bandwidth caps like bottles of Pabst Blue Ribbon, and has an absolutely uncanny ability to vanish every time you show up brandishing a fresh stack of bills and a "you have to go" attitude. Click here to read the rest of this article Posted Wednesday, March 25, 2009 2:16 PM from Ars Technica - Uptime | 0 Comments Filed under: Business, Business IT/News, Canada, CIRA, Conficker, Conficker.C, malware, News, security, Security/News, virus

• BIOS-level rootkit attack scary, but hard to pull off

  A pair of Argentinean researchers has demonstrated a BIOS-level exploit that allowed the duo to potentially run a great deal of invisible code—which could remain installed even if the hard drive was wiped. Much has been made of this last bit, but malware attacks against the Basic Input Output System are anything but new. The CIH (Chernobyl) virus that first appeared in 1998 was capable of bricking a system by rewriting critical boot information in the computer's BIOS with garbage output. Even if you dodged this bullet, CIH's primary payload rewrote the first 1MB of the hard drive. If Chernoybl successfully activated on D-day, the best outcome a user could hope for was an apparently wiped hard drive. At worst, system repair involved physically pulling the BIOS chip and installing another. Click here to read the rest of this article Posted Tuesday, March 24, 2009 8:10 PM from Ars Technica - Uptime | 0 Comments Filed under: BIOS, Business, Business IT/News, exploit, Flash, hardware, Hardware/News, News, rootkit, security, Security/News

• AV-Comparatives February 2009 report: four winners

  AV-Comparatives is known for the thorough tests it does on security software. Following its November 2008 retrospective report, the company has released its February 2009 on-demand comparative roundup. Seventeen products were updated on February 9 and tested against 1.3 million malware samples received between May 2008 and early February 2009, which can be broken down into the following categories: 71.5 percent of trojans, 19.9 percent of backdoors/bots, 4.2 percent of worms, 1.9 percent of Windows-specific viruses, 1.6 percent of other malware, and 0.9 percent of scripts/macro viruses. The security company looked at how many malware samples each software missed (graph above) as well as false positives (shown below). Click here to read the rest of this article Posted Monday, March 23, 2009 12:38 PM from Ars Technica - Uptime | 0 Comments Filed under: Av-Comparatives, Business, Business IT/News, microsoft, Microsoft/News, News, security, Security/News

• Chrome only browser left standing after day one of Pwn2Own

  Browser vendors often make strong claims about their responsiveness to vulnerability reports and their ability to preemptively prevent exploits. Security is becoming one of the most significant fronts in the new round of browser wars, but it's also arguably one of the hardest aspects of software to measure or quantify. A recent contest at CanSecWest, an event that brings together some of the most skilled experts in the security community, has demonstrated that the three most popular browser are susceptible to security bugs despite the vigilance and engineering prowess of their creators. Firefox, Safari, and Internet Explorer were all exploited during the Pwn2Own competition that took place at the conference. Google's Chrome browser, however, was the only one left standing—a victory that security researchers attribute to its innovative sandbox feature. Click here to read the rest of this article Posted Friday, March 20, 2009 10:27 AM from Ars Technica - Uptime | 0 Comments Filed under: Browsers, Business, Business IT/News, Firefox, IE, News, pwn2own, safari, security, Security/News, Software, Software/News

• Save the children? ICANN opens debate on CyberSafety charter

  ICANN has been soliciting a lot of comments on its governance and future of late, including one petition to form a CyberSafety Constituency (CSC) within the Non-Commercial Stakeholders Group. (NCSG). The petition (PDF) as filed with ICANN is fairly innocuous and harmless-sounding, but the woman doing the filing—Professor Cheryl B. Preston, of Brigham Young University—has ties to other nonprofit organizations that should have been disclosed at some point within the application procedure. Click here to read the rest of this article Posted Thursday, March 19, 2009 10:30 PM from Ars Technica - Uptime | 0 Comments Filed under: Business, Business IT/News, CP80, CSC, filtering, ICANN, ICPA, internet filtering, News, security, Security/News, Tech Policy/News, tech_policy

• New version of DNS server Trojan Flush.M spotted in the pipe

  The SANS Internet Storm Center has reported spotting a new version of the Flush.M Trojan nosing around online. The original malware program was isolated and, erm, canned back in December; March's updated model sports a fresh coat of paint and a few new tricks. Both forms of Flush.M are DNS hijackers capable of redirecting entire networks towards malicious DNS servers. The original version of Flush would redirect to DNS servers located at 85.255.112.36 or 85.255.112.41; the update targets 64.86.133.51 and 63.243.173.162. Click here to read the rest of this article Posted Wednesday, March 18, 2009 6:15 AM from Ars Technica - Uptime | 0 Comments Filed under: Business, Business IT/News, DHCP, DNS, DNSSEC, Flush.M, News, SANS Internet Storm Center, security, Security/News, Trojan

• Microsoft Patch Tuesday for March 2009: three bulletins

  According to the Microsoft Security Response Center, Microsoft will issue three Security Bulletins on Tuesday, and it will host a webcast to address customer questions on these bulletins the following day (March 11 at 11:00 AM PST, if you're interested). One of the vulnerabilities is rated "Critical" and the other two are marked "Important." The first one earned its rating through a remote code execution impact, meaning a hacker could potentially gain control of an infected machine. All three patches will require a restart. The list of affected operating configurations includes Windows 2000, Windows XP (x86 and x64), Windows Server 2003 (x86 and x64), Windows Vista (x86 and x64), and Windows Server 2008 (x86 and x64). Microsoft does not plan to release patches for Internet Explorer nor for Office this month, and the latter is a bit odd considering the security bulletin the company issued regarding Excel last week. Click here to read the rest of this article Posted Thursday, March 05, 2009 4:44 PM from Ars Technica - Uptime | 0 Comments Filed under: Business, Business IT/News, microsoft, Microsoft/News, News, Patch Tuesday, security, Security/News

• Opinion: Windows 7's UAC is a broken mess; mend it or end it

  I wrote a few weeks ago about changes Microsoft has made to Windows 7's User Account Control (UAC) that make the component less secure than it was in Vista. Though the company has responded by saying it will change some of the problem behaviors, yet more problems have emerged that indicate that a real fix will be harder than first expected. But more than that, the flaws call into question the entire purpose of the Windows UAC feature, at least in its commonplace "Admin Approval" mode. The decisions Microsoft has made not only make Windows 7's Admin Approval mode less secure than Vista's, they also undermine the entire purpose of the UAC system. Redmond maintains that UAC's foremost objective is to ensure programmers update their programs to behave properly when users have limited access rights. But the way that the Windows 7 UAC "improvements" have been made completely exempts Microsoft's developers from having to do that work themselves. With Windows 7, it's one rule for Redmond, another one for everyone else. The combination of significant security flaws and the inconsistent, "Do as I say, not as I do" attitude towards UAC should give Microsoft pause for thought. There's no point in retaining Admin Approval mode as it currently stands, and it should be scrapped completely. Click here to read the rest of this article Posted Wednesday, March 04, 2009 11:31 PM from Ars Technica - Uptime | 0 Comments Filed under: Business, Business IT/News, Business IT/SMB Resources, microsoft, Microsoft/News, News, security, Security/News, Software, Software/News, uac, Windows 7

• Spam slightly lower in February, but botnets still lurking

  Spam is an annoying but constant reality for e-mail users, and February did little to change that fact. According to the latest malware report from MessageLabs Intelligence, the beginning of the month saw a spike in spam—it reached as much as 79.5 percent of e-mail traffic—before settling down to an average of 73.3 percent for the month as a whole. The spike was due to a heavy dose of Valentine's Day-related spam messages, most of which linked to sites selling male "enhancement" products. One particular botnet, Cutwail, was responsible for 6.5 percent of all spam, the majority of which promised to "make this Valentine’s Day the most memorable ever." Click here to read the rest of this article Posted Monday, March 02, 2009 12:00 PM from Ars Technica - Uptime | 0 Comments Filed under: botnet, Business, Business IT/News, e-mail, MessageLabs, News, security, Security/News, spam

• Time Warner Cable blames DDoS attack for spotty service

  If you're a Time Warner Cable subscriber who has been having trouble with your Internet service lately, the company wants you to know why. In a letter to Ars, Jeff Simmermon, the director for Digital Communications at TWC, told us "We've been having serious service problems in SoCal related to hacker activity." The company has posted an official statement on the issue with a few more details, but the culprits' identities are as yet unknown (or being kept out of the public while the situation is under investigation.) Click here to read the rest of this article Posted Thursday, February 26, 2009 12:30 PM from Ars Technica - Uptime | 0 Comments Filed under: botnet, Business, Business IT/News, DDOS, DDOS attack, DNS query, DOS, DoS Attack, malware, News, security, Security/News, spam, Time Warner Cable

• Spammers using Yahoo to bait phishing hooks

  If there's an economic, social, or political event happening in the world, you can bet spammers will leap upon it as an attack vector. It therefore comes as no surprise that January's grim harvest of corporate Q4 results led to a surge in recession-themed e-mails in February. The overall volume of spam sent in February actually decreased slightly (1.3 percent) compared to January, but topics such as "Affordable brand name watches," "Get 15 percent off these," and "Cheaper than you can imagine" dominated subject fields. Click here to read the rest of this article Posted Wednesday, February 25, 2009 1:25 PM from Ars Technica - Uptime | 0 Comments Filed under: Business, Business IT/News, Cutwail, Donbot, Mega-D, MessageLabs, News, Rustock, security, Security/News, spam, Szribi, Xarvester