Black Hat tests Vista / Microsoft preps patch dozen / US ratifies cybercrime treaty
Virus program incurs church wrathSymantec is being criticized by the U.K. church for labelling the software Visual Liturgy as spyware. -
BBC NewsRelated of interest:Symantec atones for church spyware mistake -
CNET News.comSymantec in unholy row -
Vnunet.comSymantec fixes its church spyware mistake -
ZDNet UKMicrosoft gets good reception at Black HatAlthough Microsoft is not the typical guest at the Black Hat conference, the company's presentation of security features in Vista was well recieved. -
CNET News.comRelated of interest:Users still wary of Vista security -
ComputerworldMicrosoft hopes to swallow Blue Pill -
ComputerworldMicrosoft takes LSD to test Vista security -
eWEEKMicrosoft sways Black Hatters with Vista security pledge -
eWEEKVista vulnerable to stealthy malware -
InformationWeekMicrosoft to hackers: Try to break Vista - AP/
MSNBCSymantec: Vista security is flawed -
NewsFactorVista hacked at Black Hat - CNET/
The New York TimesBlog feeds may carry security riskUsing malicious JavaScript it is possible to attack RSS and Atom feed readers, security experts warned at Black Hat. -
CNET News.comRelated of interest:RSS for hackers? -
Internetnews.comDozen Windows, Office updates coming next weekMicrosoft will be releasing 12 security bulletins with security updates for both Office and Windows next Tuesday. -
CNET News.comRelated of interest:Microsoft heads for another big Patch Tuesday -
ComputerworldMicrosoft plans Patch Day Dozen -
eWEEKTwo IT execs at Ohio University fired after data breachTwo of the top IT officials at Ohio University has been fired after about two months suspension following a major data breach. -
ComputerworldSecurity vendor detects aggressive mobile worm variantAntivirus firm F-Secure reports about a new and more aggressive variant of mobile worm Commwarrior. -
ComputerworldSenate approves cybercrime treatyThe U.S. Senate has voted to ratify the Council of Europe's Convention on Cybercrime, to allow greater international cooperation. -
ComputerworldRelated of interest:U.S. ratifies cybercrime treaty -
Red HerringSenate ratification of cybercrime treaty praised -
SC Magazine UK/USSenate ratifies cybercrime treaty - AP/
Washington PostUnpatched flaw in Cisco firewall revealedAlbeit less controversial than last year's disclosure, this year's Black Hat brings another Cisco vulnerability to light. -
ComputerworldNew Google feature flags dangerous sitesGoogle users will now get a warning, if they click on a search result from Google that points to a dangerous website. -
ComputerworldIG flags TWIC for security holesThe U.S. Department for Homeland Security needs to fix a number of serious security vulnerabilities in the Transportation Workers Indentification Credentials program. -
Federal Computer WeekThe battle lines are drawn in the war on spywareGray area spyware vendors are getting less funding, but that leaves the field to the true bad guys, spyware-fighters warn. -
Government Computer NewsGovt. scrambles to keep up with cybersecurity challengesThe U.S. Defense Department are asking software coders to help develop forensic tools to aid in cybercrime investigations. -
Government Computer NewsResearcher discloses serious Xerox flawA security flaw in Xerox WorkCenter could provide access to information being printed on the company's multifunction printers. -
InfoWorldBrowser cache: Goodies for hackersInformation stored in the cache of web browsers can provide a hacker with useful information. -
Internetnews.comSpam's next target: IMInstant messaging users can be the next major targets of spam as email filtering technologies improve. -
InternetWeek.comSurvey: Hacks decline, worries don'tLosses due to hacking declined for the fourth consecutive year, but the dip may reflect changes in companies' willingness to report. -
InternetWeek.comWarning: Your Wi-Fi is vulnerable to attackRecent disclosures of Wi-Fi vulnerability shows that wireless security may be a bigger problem than just encryption. -
NewsFactorRelated of interest:Hacker exposes security flaw in wireless computers -
Sydney Morning HeraldIT pros still most worried about WindowsThe increase in threats towards the Mac-platform has not changed the opinion among Black Hat attendees that Windows is still most vulnerable. -
SC Magazine UK/USTo disclose or not to disclose?While the security community still do not agree on how to disclose vulnerabilities, most agree that it has become better over the last years. -
SC Magazine UK/USHow to clone the copy-friendly biometric passport
Copying the chip-information of the new biometric passports opens up new opportunities for forgers. -
The RegisterRelated of interest:Biometric passport cracked and cloned -
Silicon.comOnline security must be non-intrusiveConsumers don't want to be bothered by online security measures, unless they understand why they are there. -
Vnunet.com
FBI calls hackers for help / Mac target of Wi-Fi hack / NAC vulnerable
Intel sends out Centrino patchesIntel has released a security patch for its drivers for the Centrino Wi-Fi chipset for Windows to fix a number of serious vulnerabilities. -
CNET News.comBreaking into a laptop via Wi-FiResearchers at the Black Hat conference demonstrated how to break into a laptop via Wi-Fi using flaws in its drivers. -
CNET News.comFBI calls for hacker helpFBI asked hackers for help in the bureau's fight against cybercrime at the Black Hat conference. -
CNET News.comFBI seeks hacking partnersFBI wants hackers to give the bureau their input on the best ways to fight cybercrime. -
Computer WeeklySecurity conference targets the Mac in Wi-Fi demoResearchers used an Apple MacBook as their target to demonstrate how vulnerabilities in Wi-Fi device drivers can give access to a system. -
Computer WeeklyBlack Hat: Hit spyware by punishing purveyors, experts sayAntispyware experts say that fighting spyware is best done by punishing the purveyors harder. -
Computerworld
Black Hat: Blog readers vulnerable to embedded malwareAtom or RSS feeds can be used by malware writers to install trojans on unsuspecting feed users' PCs. -
ComputerworldBlack Hat: NAC solutions vulnerable to attackSystems for network access control contain vulnerabilities that make them vulnerable to attack, researchers warn. -
Computerworld'Brute force' attacks against SMBs on the riseSmall and medium sized businesses have over the last few months become increasingly under attack from targeted brute force attempts. -
Computerworld
Intel issues patches for wireless vulnerabilitiesIntel has issued a security patch to fix a serious security vulnerability in the Windows drivers for its Centrino Wi-Fi chipset. -
ComputerworldActiveX fuzzer runs IE through security millHD Moore has released a fuzzer that can help finding weaknesses in Internet Explorer's handling of ActiveX objects. -
eWEEKExperts point to weakness in NAC securityExperts at the Black Hat conference warn against weaknesses of network access control systems. -
eWEEK
The dilemma of reporting spyware attacksCompanies may be afraid to report spyware incidents to authorities, because they could face criminal charges themselves for not securing data. -
eWEEKHackers expose 'critical' Wi-Fi driver flawBoth Mac and Windows PCs can become target of attacks that uses flaws in the drivers for the Wi-Fi network devices. -
eWEEKIntel offers security fixes for CentrinoIntel has released updated drivers for its Centrino Wi-Fi chipsets to fix a number of critical security vulnerabilities. -
eWEEK
FBI: Hackers must help fight Web mobThe FBI pleaded the hacker community for assistance in its fight against cybercrime by sharing information. -
eWEEKHackers show MacBook vulnerabilityHackers at the Black Hat conference demonstrated flaws of Wi-Fi drivers by hacking into an Apple MacBook. -
Federal Computer WeekFeds wants help from private sector on IT securityFBI is getting into a deeper fight against cybercrime, but needs help from the private security experts. -
Government Computer NewsThe future of authenticationThe latest trends in authentication can be found in the health-care and financial services industries. -
Government Computer NewsFeds look to arrest ID theft with new industry allianceNew threats mean that the FBI has to rely more on private sector researcher on the forefront of the current trends. -
InformationWeekStandards issues open network security holesLack of standards in network access control systems has left them open to vulnerabilities, experts at Black Hat warns. -
InformationWeekOpen-source Metasploit improves evasionMetasploit-creator HD wants to scare creators of intrusion detection systems with the evasion features of the latest version of the software. -
Internetnews.comPhishers hit the phone bank with AsteriskUsing open-source Asterisk, phishers can create fake bank phone systems to fool users. -
Internetnews.comDodging NAC's silver bulletNetwork access control may not be the magic elixir for security as some vendors hope, due to inherent security problems. -
Internetnews.comVista security mostly invisible but thoroughMicrosoft wants to show that it is taking security serious in Windows Vista by its major presence at the Black Hat conference. -
Internetnews.comMac users facing new security threatsMac users will face new security threats as malware writers and hackers target applications rather than operating systems. -
NewsFactorAnother look at VoIP security risksExperts warn that VoIP applications are just as vulnerable to attacks as any other Internet application. -
NewsFactor
Webroot CTO: Spyware threats on the increaseSpyware is becoming a bigger problem with a large number of new threats and methods. -
SC Magazine UK/USMobile storage devices a threat to businessesStudy shows that many owners of Memory Sticks use them to transfer files between PCs and not just for MP3-players or cameras. -
SC Magazine UK/USMicrosoft and Apple 'must improve security patches'Security patches from vendors like Microsoft and Apple should also include security fixes for drivers, experts urges. -
Silicon.comLaptop thefts pose real gov't data riskBritish government agencies have had an alarming number of laptops stolen, putting data at risk. -
Silicon.comPrecision phishing on the riseVery small banks and credit unions are new favorites on the menues of phishers, the Anti-Phishing Working Group reports. -
Sydney Morning Herald
EBay scamming automation primed for fraudFraudsters use automatic bots to improve their reputations on eBay to gain users' trust. -
The RegisterSymantec highlights Windows Vista user vulnerabilitiesSymantec tries to shed more light on which parts of the Windows Vista security model it finds flawed. -
The RegisterTwo factor risks highlightedA recent attack on the online payment system E-gold highlights how two factor security can be beaten. -
Vnunet.comHackers clone e-passportsA German security expert has demonstrated how e-passports with RFID chips can be cloned. -
Wired News
Apple security update / Centrino Wi-Fi flaw / Black Hat 2006
Apple issues Mac security updateApple has released a security update for Mac OS X to fix a number of flaws in the support for Bluetooth, OpenSSH, and more. -
CIO MagazineApple fixes 26 Mac OS X flawsApple has issued a security update for Mac OS X that fixes up to 26 flaws, some of which are considered serious. -
CNET News.comHackers try to crack Windows PowershellMicrosoft's scripting language Powershell has become a new target for hackers. -
CNET News.comMcAfee patches holes in SecurityCenterAntivirus vendor McAfee has issued a security update to fix a critical vulnerability in its consumer products. -
Computer WeeklyMicrosoft Powershell targeted by wormAn Austrian hacker group has created a proof-of-concept worm that uses Microsoft's scripting language Powershell. -
Computer WeeklyRootkits emerge as maturing IT threatRootkits have gained popularity among virus writers as the stealth technology is well suited for targeted under-the-radar attacks. -
Government Computer NewsSecurity pros working hard to stay ahead of hackersResearchers gathered at the Black Hat conference hopes to identify emerging trends and stay ahead of malicious hackers. -
Government Computer NewsMcAfee patches critical bug in consumer softwareMcAfee issued a critical security update on Tuesday for its SecurityCenter software that is used in most of its consumer security products. -
InformationWeek
Story lines abound on eve of Black Hat 2006Following last year's drama at Black Hat 2005, this year's attendees look forward to a number of perhaps equally controversial presentations. -
InformationWeekFirefox is doing so well it's now a malware targetWith over 200 million downloads open-source browser Firefox has become a target for exploits and malware. -
Internetnews.comHackers and G-men to descend on Las VegasBoth IT vendors, government experts and teenage hackers meet in Las Vegas for the annual Black Hat and Defcon conferences. - AP/
MSNBCMicrosoft plays down bug panicSpeculation that Microsoft's security fix for a Windows flaw didn't work is due to confusion, since a released exploit actually takes advantage of an unpatched issue. -
Network World FusionThe future of enterprise securitySecuring peripheral devices is the next big security challenge for enterprises, while smaller business are falling behind. -
NewsFactorWireless worms threaten laptop usersVulnerabilities in Windows drivers for Intel's Centrino platform could leave laptops open for attacks through Wi-Fi connections. -
SC Magazine UK/USIntel warns of Centrino wireless driver flawsIntel has issued a warning about possible security flaws in drivers for its Centrino platform wireless products. -
SC Magazine UK/USKaZaa users warned of p2p wormA proof-of-concept worm uses Microsoft's Powershell scripting language and propagates through the shared folder in p2p application KaZaa. -
SC Magazine UK/USAlert over stolen tax file numbersA keylogging trojan has resulted in stolen tax file numbers from at least 170 Australians. -
Sydney Morning HeraldApple patches 26 security flaws17 of the flaws patched in Apple's security update could expose users to arbitrary code execution. -
Vnunet.comIntel admits to Centrino Wi-Fi security flawIntel admits that there is a number of security flaws in the Windows drivers for its Centrino Wi-Fi products. -
Vnunet.comSpam dominated mail during JulySecurity firm Softscan reports that almost 90 percent of the email scanned by the company in July was spam. -
Vnunet.comHuge botnet swamps U.K. firms with 8M phishing emailsA botnet comprised of estimated 20.000 computers has been used to send out over 8 million phishing mails in a 24 hour period. -
Vnunet.comHackers ramp up 'insidious' targeted attacksVirus writers are turning to spamming links to malicious websites instead of mass-mailing worms directly to users. -
Vnunet.comHijacking a MacBook in 60 seconds or lessAt the Black Hat conference two security experts demonstrated how a wireless laptop, in this case a MacBook, can easily be hacked by attacking the wireless device drivers. -
Washington Post
McAfee hit by flaw / Powershell targeted / Fewer worms but threats remain
Hackers outfox Mozilla's FirefoxAn exploit for open-source browser Firefox is being used by a trojan to monitor user input. -
CIO MagazineMcAfee patches holes in security softwareSecurity firm McAfee has issued a patch to fix a vulnerability in its SecurityCenter software. -
CNET News.comBlack Hat with a Vista twistThe annual security conference Black Hat is no longer just for hackers. Big vendors like Microsoft also show off their products. -
CNET News.comKaspersky sees reduced worm threat this monthDespite major outbreaks the last three years in August, Kaspersky Lab predicts that there will be no major outbreak this year. -
Computer WeeklyPhishers target Bank of ScotlandThe Bank of Scotland is the latest target for a new phishing scam. -
Computer WeeklyMcAfee to release patch for vulnerabilityAntivirus firm McAfee has issued a patch for a vulnerability that the company categorizes as of 'medium' severity. -
ComputerworldWarners Bros. drops Zango deal over ethics certificationMedia company Warner Bros has terminated its controversial deal with adware firm Zango over ethical dispute. -
Computerworld
DOD lab excavates bits, bytes to dig out informationThe Cyber Crime Center at the U.S. Department of Defense is playing an important role in forensic work in Iraq. -
Government Computer NewsEmail threats plunge in JulyLow amounts of email-borne malware in July does not mean that email has become safer, as more spammers instead link to malicious webpages. -
InformationWeekNew bot-powered eBay-scam uncoveredA new scam uses bot-software to create new eBay-accounts that help boosting the reputation of the accounts used by scammers. -
InformationWeekThe word on email authenticationThe technical part of the specification for the email authentication technology Domain Keys Identified Mail is now in place. -
Internetnews.comRounding the corners of network securityThe current trends and threats in IT security is being discussed at the Black Hat conference. -
Internetnews.com
A new open source approach to weaknessInspired by the science of biology, security firm Fortify has launched an open-source method for categorizing software vulnerabilities. -
Internetnews.comMcAfee security programs may expose dataA flaw in consumer versions of security software from McAfee could expose sensitive information on users' PCs. - AP/
MSNBCBlack Hat conference puts spotlight on NAC, Vista and rootkitsNetwork access control, Windows Vista and current threats from rootkits are in the spotlight of this year's Black Hat conference. -
Network World FusionVirus writers target Windows PowershellMicrosoft's forthcoming Powershell scripting language poses a new opportunity for virus writers, a proof of concept shows. -
NewsFactorNASA, military websites hacked in protest over Israeli bombingsAccording to Zone-H there has been a number of politically motivated hackings of U.S. government websites as result of the bombings in Lebanon. -
SC Magazine UK/US
McAfee could patch widespread flaw as early as tomorrowSecurity vendor McAfee could issue a patch for a serious vulnerability in its software as early as Wednesday. -
SC Magazine UK/USWill Mac security fears rise in line with growth?Apple's days of no serious threats to its platform could be numbered, if sales continue to rise, experts warn. -
Silicon.comMost home users secure Wi-Fi networksAccording to a poll by JupiterResearch six out of ten home users enable security on their wireless networks. -
TechWebViral email traffic falls but threat remainsMalware authors are turning away from mass-mailing viruses in favor of targeted trojans and links to malicious websites. -
Vnunet.comVirus writers target Windows PowershellNew proof-of-concept code shows that virus writers could take advantage of Microsoft's Powershell scripting language. -
Vnunet.com
US unprepared for cyberattack / JavaScript bypasses firewalls / Patch-exploit is new flaw
JavaScript opens doors to browser-based attacksA maliciuos JavaScript loaded from a website could be used to scan the user's network and open it up for attacks. -
CNET News.comStopping fraud by blackballing PCsBlocking PCs that have previously been used in fraud from accessing certain websites may help stop fraud with stolen credit cards. -
CNET News.comSenator blasts Homeland Security's Net effortsU.S. Republican senator Tom Coburn claims that the Department of Homeland Security has made no progress in protecting the country from cyberattacks. -
CNET News.comEfficient firms will enjoy drop in security spendOrganizations with mature IT security practices will be able to lower their spendings, while those lacking must increase their's, Gartner advises -
Computer Weekly
No data left behind: Dealing with disposalDealing with disposal of old disks for recycling, but still complying with security requirements is. -
ComputerworldBanks face web security deadlineThe deadline is coming closer for U.S. banks to adopt new required strong authentication measures. -
ComputerworldDid Microsoft patch miss the mark?Microsoft now says that an exploit released for a recently patched vulnerability is actually using a new flaw and not the one fixed by the patch. -
eWEEKVista, rootkits headline hacker confabWhile independent security researchers fear that the Black Hat Briefings are turning into a product demo, Microsoft plans to show off Vista in Las Veges. -
eWEEKGAO: DHS public/private cyber plan incompleteA new report finds that the U.S. Department of Homeland Security is still not ready for a major Internet disruption caused by a natural disaster or a cyberattack. -
Federal Computer WeekGSA warns public of email scamThe U.S. General Services Administration has issued a warning about a phishing scam using the department as bait. -
Government Computer NewsDDoS attacks may be behind MySpace, AOL problemsProblems with user logins at multiple webbased services may have been the effect of a distributed denial-of-service attack. -
InformationWeek
Zango blasted for targeting MySpace as adware channelA security expert claims that adware company Zango is targeting popular social networking site MySpace as a distribution channel. -
InformationWeekBlack Hat 2006: Feeling insecure in Sin CityVarious forms of webbased attacks are topping the buzz of the Black Hat security conference in Las Vegas this week. -
Internetnews.com5 ways to get Vista's security nowFive strategies for beefing up the security in Windows XP. -
InternetWeek.comTernary sorting aims to stop false positivesAdding a third category for sorting phishing emails and spam from the real emails can help improve spamfilters. -
Network World FusionThe challenge in selling securityChief Security Officers can have a hard time selling the concepts of IT security to the board. -
Network World FusionBrowser-based network attack discoveredJavaScript code may be used to bypass firewalls through the user's browser, security researchers have found. -
NewScientistSenate minority leader victimized by ID theftU.S. Senate minority leader Democrat Harry Reid has found himself victim of identity theft. -
SC Magazine UK/USVictoria's (malicious) Secret: A information-stealing trojanAntivirus firm Sophos warns about an email trojan that masks itself as a slideshow of a russian woman. -
SC Magazine UK/US
