Adware hits MySpace / Zero-day espionage / FBI warns of 'digital Enron'
Adware trojan infects a million MySpace visitorsA banner ad displayed on some MySpace.com profiles has been spreading adware by exploiting an older WMF-vulnerability in Internet Explorer. -
Computer WeeklyFake version of Google hides trojan horseVirus writers have put a remarkable effort into a spoofing of Googles toolbar to spread a trojan backdoor. -
ComputerworldAd dishes up malware to more than 1M PCsAn estimated more than one million MySpace users may have had their computers infected with adware spread via a banner ad. -
ComputerworldCisco patches security software glitchCisco has released a patch to fix three vulnerabilities in its security management software. -
eWEEKPowerPoint zero-day attack points to corporate espionageCorporate espionage seems to be the main motive behind the trojan used in the latest PowerPoint attack. -
eWEEKSpyware fades to a dull roar - but targeted attacks loomWhile spyware has become manageable, companies are still facing challenges defending against targeted attacks. -
eWEEKDOE: No privacy on agency computersThe U.S. Department of Energy has issued a new set of rules that in essence takes away all rights to privacy when using agency computers. -
Federal Computer WeekIT council praises DHSThe U.S. Department of Homeland Security recieves praise for its plans to protect critical U.S. information infrastructure. -
Federal Computer WeekScam exploits Treasury e-payment systemThe U.S. Internal Revenue Service has issued a warning against a phishing scam using the federal e-payment system as bait. -
Government Computer NewsUBS trial aftermath: Top 10 tips for a successful postmortemThe trial against the former UBS systems administrator demonstrates the benefits of a good postmortem after an attack. -
InformationWeekBrits nap cyber terroristBritish authorities have arrested a man wanted by the U.S. for aiding a terrorist website operation. -
Internetnews.comHacker watchers pass on security secretsFederal researchers will pass on their knowledge about how hackers attempt to break into computer control systems for nuclear reactors to the private plant operators. - AP/
MSNBCWorld's dumbest internet criminals, part IICriminals are bragging about their crimes online or otherwise lead authorities to them by their internet activities. -
NewsFactorMySpace banner ad infects million usersInternet providers may have to make security software compulsory for their customers to prevent attacks like the recent MySpace incident, analyst warns. -
NewsFactorMore websites not as innocent as they seemSecurity experts warns that there has been an uprising in the number of inoffensive websites that harbors exploits and malware. -
SC Magazine UK/USFBI warns 'your corporate data faces theft risk'Theft of trade secrets by cyber criminals is a growing threat, FBI warns. -
Silicon.comNeed to secure apps, data from insiders being overlookedThe threat to applications and data from people inside the organisation is being overlooked, experts warn. -
TechWeb
FBI needs 'digital Enron' to fight cyber-crimeIt will take a scandal like Enron to open legislators' eyes to the need for better investigation tools for cyber-crime, FBI complains. -
Vnunet.com
Microsoft fixes patch / Cisco in hackers' spotlight / Common virus names redux
Poisoned PowerPoint attacks usersMicrosoft warns users about possible malicious PowerPoint presentations that uses a vulnerability in the software to infect the computer. -
BBC NewsMicrosoft irons out security patchMicrosoft has issued two fixes to one of the company's recent security patches that caused problems for some users trying to install it. -
CNET News.comBlack Hat 2006 set to expose security flawsThis year's Black Hat conference will include demonstrations of exploits for a number of major products. -
Computer WeeklyOpenSSL runs into trouble in US againOpen-source OpenSSL has again been denied validation for U.S. government use, even though some agencies already use it. -
Computer WeeklySecurity validation of OpenSSL encryption tool uncertainOpenSSL is under fire from U.S. and Canadian government agencies that now has suspended the validation of the product. -
ComputerworldCustomization is weakest link in app securityThe customization of off the shelf software such as SAP and Oracle can create weak points in the security of the applications. -
ComputerworldCisco to be under scrutiny again at Black HatSecurity experts no longer focusing as much on Windows will again this year put Cisco's products under scrutiny, as it happened under much controversy last year. -
ComputerworldComputer crime and the bottom lineMost companies want to keep quiet about cybercrime against their assets, even though attacks can cause a major hit on the bottom line. -
Internetnews.comMicrosoft warns about a PowerPoint virusMicrosoft has issued an advisory warning users about a virus that exploits a vulnerability in PowerPoint to infect the user's computer. -
ReutersCisco fixes security management flawsCisco has issued a number of fixes for vulnerabilities found in the company's security management solution. -
SC Magazine UK/USU.K. moves to ban hackers from the netThe U.K. government is working on a law that would give police the tools to keep spammers and hackers from using the internet with little evidence. -
SC Magazine UK/USCrime of the future - biometric spoofing?Experts can now lift fingerprints from objects and use them to fool biometric security systems. They predict criminals will follow. -
Silicon.comCisco patches several CS-MARS vulnerabilitiesCisco has released patches for its CS-MARS solution that fixes a number of security vulnerabilities. - CRN/
TechWeb
Virus busters clash over open source securityAntivirus firms McAfee and Trend Micro have opposite views on open-source and what it does for security. -
The InquirerMost malware bypasses antivirus software80 percent of new malware are able to slip past desktop antivirus software, Australia's AusCERT reports. -
The InquirerTrojan poses as Google ToolbarVirus writers attempts to lure users into installing a new trojan by posing it as a new version of Google's toolbar. -
The RegisterSecurity sector rethinks common virus namesAntivirus firms are changing the way they assign common numbers to identify a new virus to reflect the drop in the number of major attacks this year. -
Vnunet.comScam emails promise cure for AIDSA new 419 email scam tries to fool users by offering information about a cure for AIDS. -
Vnunet.com
Oracle fixes 65 bugs / Spam threat worsens / UBS admin found guilty
Rootkits get better at hidingA new super stealthy rootkit may be a warning about a new generation of malware, security firm Symantec warns. -
CNET News.comOracle plugs 65 security holesThe latest round of updates from Oracle fixes 65 security holes in the company's software. -
CNET News.comBanks to 'red flag' ID theft risksU.S. legislators wish to require all banks to provide identity theft protection measures for their customers. - Reuters/
CNET News.comPerspective: Uncle Sam's half step to protect laptop dataCommentary about the need to make the recommendations for ldata security from the U.S. Office of Management and Budget requirements instead. -
CNET News.com
HP's Memory Spot presents security challengeHewlett-Packards tiny wireless memory chip can become a new security risk that companies will have to deal with. -
ComputerworldSeven ways to succeed in your first year as network security officerNikk Gilbert from Alstom Transport offers his advice on how to get success as a network security officer. -
ComputerworldOracle squashes 65 security bugs
Oracle has issued patches to its software that fixes a number of possible SQL injection vulnerabilites. Express edition not fixed thoug, expert criticizes. -
eWEEKBill would transform VA cybersecurityA committee in the U.S. House of Representatives has drafted a bill that is intended to speed up improvements of cybersecurity in the Veterans Affairs Department. -
Government Computer NewsThe state of spamEven though spam may seem less visible to the average user, spam has actually gotten worse and carries a more dangerous payload. -
InformationWeekHackers striking databases in record numbersSecurity vendor SecureWorks reports that hackers are testing its clients' databases in record numbers in attempt to break in. -
InfoWorldGoogle hacking malicious codeSearch engine Google is not happy about Metasploit creator HD Moore's release of a malware search tool that uses Google to dig up live malware samples. -
Internetnews.comVonage denies spyware chargesVoIP provider Vonage denies that it uses spyware to distribute its advertising, as one spyware expert claims. -
InternetWeek.comWorld's dumbest internet criminalsCriminals brag about their crimes on online social websites, giving law enforcement a goldmine of information. -
NewsFactorMySpace worm squishedA vulnerability in Adobe's Flash player made it possible for a worm to spread between profiles on MySpace.com. -
Red HerringNew adware tricks users with security promiseAntivirus firm Panda warns about a new adware program that pretends to be a security program. -
SC Magazine UK/US
VoIP new target for financial fraudstersEmail scammers have begun using VoIP phone numbers instead of links in their email bait to lure users into calling them and hand over their financial information. -
Sydney Morning HeraldJury returns guilty verdict over UBS sys adminThe jury has found a former systems administrator for UBS guilty on two of four charges on fraud and computer sabotage. - InformationWeek/
TechWebExperts tell Congress U.S. e-voting security is flawedThe federal qualification proces for e-voting machines used in the U.S. has security flaws, experts told members of Congress. - EE Times/
TechWebSecurity honeymoon over for VoIPCase from Miami shows that VoIP providers are facing the same security issues as any other IP-based network. -
TechWebOnline fraudsters love webmail - trueOnline fraudsters prefer to set up email accounts with webmail services like Yahoo for use in their frauds, study shows. -
The RegisterGartner slams government security guidelinesAnalyst firm Gartner dismisses the recent U.S. government demand for tightening security as a public relations response, rather than a response with an actual impact. -
Vnunet.comVulnerability auctions compromising securityThe uprising in trade with information about new vulnerabilities leads to less responsible disclosures, security firm warns. -
ZDNet UKHome Office 'wrong' over criminalization of IT prosA disputed U.K. law could affect IT pros working with security, law experts confirms. -
ZDNet UK
VoIP flaw fixed / MS warns Office users / Vista has Achilles' heel
Criminals exploit net phone callsCriminals have begun using VoIP phone services to make their scams seem more credible to their intended victims. -
BBC NewsSymantec sees an Achilles' heel in VistaNew code for networking technology to improve security and stability in Windows Vista could have the opposite effect, Symantec warns. -
CNET News.comMicrosoft to plug PowerPoint holeMicrosoft plans to release a fix to stop the recent zero-day exploit in PowerPoint along with its August set of patches. -
CNET News.comOracle owns up to patching problemsSecurity experts have criticized Oracle for not doing a good enough job on releasing working security updates for its software. -
Computer WeeklyResearcher posts Google-based malware search toolMetasploit creator HD Moore has released his own version of a tool that uses Google find live samples of malware on the web. -
ComputerworldCan mature organizations cut security spendings?Research firm Gartner estimates that organizations that have reached a high level of IT security practices will be able to cut on security spendings. -
ComputerworldNo loss of data from VA, USDA breachesNo sensitive data was accessed neither on the stolen VA laptop or from a breach into the USDA computer systems last month, authorities report. -
Government Computer News
Vonage ads delivered via dozen spyware makers: ReportAn anti-spyware researcher claim that VoIP provider Vonage is spreading its ads through a number of known spyware makers. -
InformationWeek
Bots, Google hacks: The 'Internet storms'Security provider Fortify Software warns that your choice of operating system is longer enough to keep you safe, as hackers target applications rather than platforms. -
Internetnews.comNo credit monitoring for vetsVeterans will not be given free credit monitoring since the stolen laptop from VA was recovered. - AP/
MSNBCAsterisk VoIP platform open to DDoS attacksThe open source Asterisk IP PBX platform is vulnerable to distributed denial of service attacks, security firm warns. -
Network World FusionOnline banks strengthen securityMultiple layers of fraud protection systems helps online banks making more secure online transactions than offline transactions. -
NewsFactorMicrosoft, on 'state of high alert', releases PowerPoint advisoryMicrosoft has been on a state of high alert since the discovery of a zero-day exploit for PowerPoint. -
SC Magazine UK/USMcAfee launches its own security publicationAntivirus firm McAfee has released its first issue of a new semi-annual publication about IT security. -
SC Magazine UK/USUK government looks to revised flawed anti-spam lawU.K. legislators are looking to revise the country's anti-spam law from 2003, since it fails to block spam to businesses. -
Silicon.comMicrosoft: Shun unexpected Office docsMicrosoft is warning users to not open unexpected Office documents recieved by email, even from trusted sources, in light of recent attacks. -
TechWebAsterisk VoIP flaw patchedOpen source VoIP project Asterisk has released a patch to fix a vulnerability in its software. -
ZDNet UK
Hackers learn from OS / No quick US encryption / Stealthy rootkit found
Virus writers use open-source methodsAntivirus firm McAfee warns that virus writers are increasingly using open-source methods to develop new malware. -
CNET News.comIMF warns of fake emails using its nameThe International Monetary Fund warns about a number of scams using its name in phishing and spoofed websites. - Reuters/
CNET News.comMicrosoft hastily shuts Windows private folderFollowing concerns from corporate users, Microsoft pulled a password protected folder-feature for Windows that the company had released for download. -
Computer Weekly
Virulent rootkit stealth technology in wildSecurity firm Symantec warns that it has discovered a stealthy rootkit in the wild that is able to slip past rootkit detector. -
Computer WeeklyUS government 'will struggle' with White House data encryption deadlineSecurity experts warns that the August deadline for encryption of all sensitive data within U.S. government agencies may be too tight. -
Computer WeeklySloppy email management put UK firms at riskHalf of UK companies rarely review their email policy to keep it up to date with current threats, survey shows. -
Computer WeeklyMcAfee: Hackers learning from open sourceVirus writers are collaborating using the same tools as open-source developers to stay more efficient, McAfee warns. -
ComputerworldNo quick fix for government securityThe White House's August deadline for encryption of sensitive data is not realistic, security experts warn. - Reuters/
eWEEKFlaw discovered in McAfee ePolicy OrchestratorMcAfee urges customers to update their ePolicy Orchestrator after a serious flaw has been discovered in the software. -
InformationWeekUsers pass on updating antivirus softwareA majority of users do not update their antivirus software, because they find the process too clumsy and intrusive, survey shows. -
Internetnews.com
FBI consultant spared prison time in hacking caseA computer consultant who pleaded guilty to hacking into FBI computer systems while working for the bureau will not have to go to jail, judge rules. -
MSNBCPolitical hacking hits MySpaceAccording to bloggers a number of hacked profiles on MySpace.com are being used to spread conspiracy theories about the Sept. 11 2001 terrorist attacks. -
SC Magazine UK/USCalendar girls under attackA website promoting a calender created to take away some of the geek-image of women working in IT has been under attack from hackers. -
Sydney Morning HeraldAre virus writers the new entrepreneurs?The new groups of virus writers are similar to start-ups like the dot-coms, security expert claims. -
Silicon.comTrojan downloader uses Zidane lureVirus writers are attempting to spread a trojan downloader from a website, luring users in by email playing on the interest in french soccer player Zinedine Zidane. -
The RegisterDaily flaws ratchet up debateA security expert's decision to release a new vulnerability in web-browsers throughout July is sparking debate from both black and white hat hackers. -
The RegisterFirms drowning in security alert overloadCompanies are drowning in alerts and logs from security software, which has led more companies to deploy security information management systems. -
Vnunet.com
2006 the 'year of cyber-crime'The number of targeted attacks is higher than ever this year, security firm warns. -
Vnunet.comSocial sites a hit with thievesThe personal information found on social networking sites like MySpace, Friendster, and Facebook can be used to target scams against their users. -
Washington Post
