Liquidmatrix Security DigestLiquidmatrix Security DigestYour Source For Network and Information Security News 
Articles
Flaw Turns Gmail Into Spamming Machine
2008-05-12 04:19:00 Uh boy. The spammers are at it again. From CNET: A “serious security flaw” in Gmail turns Google’s e-mail service into a spamming machine, according to a recent security report. INSERT, the Information Security Research Team, has created a proof of concept that exploits the “trust hierarchy” that exists between mail service providers. By exploiting a flaw in ... More About: Spam , Spamming , Machine , Phishing
Proposed Bill Aims To Pressure DHS
2008-05-09 15:59:00 There was a bill tabled on Wednesday in US Congress that aims to hold DHS’s feet to the flames. From Securityfocus: Rep. Jim Langevin, D-RI, introduced a bill on Wednesday that aims to hold the U.S. Department of Homeland Security responsible for investigating every cyber attack and for shoring up its network security. The bill would better ... More About: News , Bill
Security Briefing: May 9th
2008-05-09 15:03:00 It’s here at last! Today is my last day in the salt mine. And now, the news… Wanted: Americans to join Al Qaeda Google security tool goes beyond the network Facebook partners with AGs for kids’ safety (every bit helps) Vista security credentials tarnished in malware survey Final EUSecWest 2008 Speakers Microsoft Cofee brews ‘back door’ fears Cell Phone Spying Is our minister of ... More About: News , Security
HSBC Issues Statement On MIA Server
2008-05-09 05:08:00 HSBC has been having a rough week with regards to data security stories in the media. Turns out that they lost a server at a location in Hong Kong two weeks ago. From The Asian Banker: The Hongkong and Shanghai Banking Corporation Limited confirms one of its computer servers went missing on 26 April 2008 at ... More About: Data Security , Issues , Server , Statement
Patch Tuesday Approaches
2008-05-09 03:52:00 It’s that time again. The only difference for me this time is that I’ll be relaxing on the deck. I’ll stop basking in it once I start the new gig. From PC World: Although Microsoft’s note does not describe the bugs in detail, it looks like the company is planning to fix a known bug in the ... More About: Patches , Patch , Tuesday
NeoCatena Firewall To Ensure RFID Network Security
2008-05-09 02:07:00 Hmm. OK. I’m not sure what to make of this one. RFID is not my specialty to say the least. Any one have thoughts on this one? From RFID Journal: NeoCatena, a Sunnyvale, Calif., startup company, has emerged to address an issue its founders believe is of growing importance to end users of RFID technology: system security. The ... More About: Security , Firewall , Wireless , Network Security , Network
Tomorrow, The Exit
2008-05-09 01:56:00 It’s been a long haul working in critical infrastructure. There were times were the boredom and politics were overwhelming but, I know that I was able to make a difference. Now, I’m moving on to new adventures. I think I’m going to keep the new job under wraps for now. Some of you know where ... More About: Tomorrow
What a Botnet Looks Like
2008-05-08 17:28:00 Over on CSO they have an interesting graphical representation of a botnet. David Vorel mapped interconnected bots to create the map. The map allows you to zoom in a la Google Maps. Check it out. Article Link More About: News , Botnet
US State Department Loses 1,000 Laptops
2008-05-08 17:19:00 Ouch! From vnunet: An audit at the US State Department has revealed the loss of over 1,000 laptops, some of which held security information. Around $30m worth of computing hardware is “unaccounted for”, the bulk of it laptops. These include over 400 from the Anti-Terrorism Assistance Program, some containing security material. Nita M. Lowey, a representative on the House ... More About: Laptops , Crime , Data Security , State Department
Security Briefing: May 8th
2008-05-08 14:34:00 Cleaning out the office. What a time sucker that can be. And now, the news… Is China attacking Belgian computers? Rare SCADA bug poses power plant risk News Corp manager knew of hacking claim Hacking American Idol Cross-Site-Scripting with Morse code How to Prevent ID Theft at Your First Job Response team boosts open-source security Adobe comes clean on PDF bugs Click here to subscribe ... More About: Security
Core Security Punts On Disclosure
2008-05-08 04:28:00 Core Security , makers of the product Core Impact. Nice folks. I like the product. Apparently they left the gate open and their brains ran away in the night. What am I talking about? Well, they posted a vulnerability in the software of SCADA vendor Wonderware. From their posting: A vulnerability was found in Wonderware SuiteLink Service (slssvc.exe) ... More About: Core , Disclosure
Finjan Finds ID Theft Treasure Chest
2008-05-07 17:46:00 Ok, I am sufficiently absent minded. I read this piece yesterday but, I forgot to share it. It turns out that the folks over at Finjan have discovered a server loaded with stolen personal information. Apparently it was housing 1.4GB worth of purloined info. They have dubbed it a “crimeserver”. How cute. From Reuters: A Web security firm said on Tuesday it had tipped off international banks and police after finding a huge trove of stolen business and personal data amassed on a server in the space of just three weeks. Finjan Inc said it had notified the U.S. Federal Bureau of Investigation, police in various countries and more than 40 financial institutions in the United States, Europe and India about the discovery of the so-called “crimeserver”. “This server was running for about three weeks and within this period it managed to collect 1.4 gigabytes of data. It is indeed the largest treasure we’ve found in this very short time,” Yuval Ben-It... More About: Chest , Theft , Treasure
New SQL Attack Making The Rounds
2008-05-07 17:14:00 A new SQL Injection attack is making the rounds. There is a great analysis of the attack over on Shadowserver Foundation. From Shadowserver: As predicted, the attacks against ASP and ASP.NET pages via SQL injection have continued. This time the domain name “winzipices.cn” is in the spotlight. It has managed to find itself in the source of over 4,000 pages according to Google. ISC has also has a short diary today mentioning this attack here. It turns out this is also something we have been taking a look at now for a few days. With that being said, we would like to share some information that can help protect end users and organizations. It would appear that our attackers in this instance are taking advantage of the same issues we have discussed in some of our recent postings. However, we do know that the malware and malicious file trail here are different than the last few attacks. For the full analysis read on. Article Link More About: Rounds , Attack
Security Briefing: May 7th
2008-05-07 15:53:00 Today is my exit interview. On sage advice from several I will play nice with others. And now, the news… Rogue MP3 Trojan streaks across P2P networks Microsoft warns of IE7 lock-in with XP SP3 Human error and complacency biggest IT security threats Vulnerabilities in bug tracking system Bugzilla fixed Analysis of Belgian evoting code back online Video: Tackling ... More About: News , Security
WabiSabiLabi To Help Build 0day Appliance
2008-05-07 15:38:00 From Network World: WabiSabiLabi, the company best known for building an online marketplace for security flaws, is getting into the hardware business. The company is working with an unknown Italian company called Oneshield Security to build a unified threat management (UTM) appliance that will integrate the research generated by WabiSabiLabi’s network of researchers. WabiSabiLabi did not say ... More About: News , Build , Appliance
Adult Sites Given No Love For Spam
2008-05-07 15:09:00 Adult website operators got spanked by a US judge yesterday for their use of unsolicited email spam top entice folks to view their content. From Network World: A U.S. judge has ordered the halt to an e-mail campaign by the operators of adult Web sites after complaints by the U.S. Federal Trade Commission and the Department of ... More About: News , Spam , Love , Sites , Adult
Peter Gabriel?s Website Back Online
2008-05-07 14:55:00 Blockheaded thieves made off with Peter Gabriel ’s website over the weekend in a low tech fashion. All is well now. No clue if this was Gabriel’s actual reaction at word of the theft. Had to listen had no choice I did not believe the information [I] just had to trust imagination My heart going boom boom boom From the ... More About: News , Website , Online , Back
German Police Take Down Hacker Ring
2008-05-06 18:19:00 OK, so it didn’t go down quite like that. German police announced today that they have busted a hacker ring from the Hamburg area. From The Local, Germany: Bavarian authorities have broken up a hacker ring based around a 33,000-member internet forum called ‘hacksector,’ police announced on Tuesday. Eleven suspects ranging in age from 15 to 22 years ... More About: Crime , Police , Hacker , Ring
Security Briefing: May 6th
2008-05-06 14:57:00 Nothing witty to say. And now, the news… McAfee, Yahoo Partner on Web Security Phishers target Google AdWords users Malaysian blogger charged with sedition Worst. Idea. Ever. Manhole security barriers flying off the shelves Data Mining Application: Paterva (Pty) Ltd Announces the Release of Maltego Version 2.0 Lucky for NSM ? Extracting files from TFTP packets in Wireshark Safest way to bank online? Your ... More About: News
Have You Seen This Douchebag?
2008-05-06 14:32:00 Interpol has sent out a request for help this morning and we’re only too happy to pass the word along. From INTERPOL: INTERPOL is asking for the public?s help in identifying a man pictured sexually abusing children in a series of images found on the Internet and retrieved from the computer of a convicted paedophile. The man, whose ... More About: Crime , Douchebag
Security First, Requirements Later
2008-05-06 04:15:00 I find it interesting to watch the mad rush to beef up security at the US border points without any real thought to requirements. Sure, keep out the baddies. But, how exactly? There is the constantly escalating method or there could some semblance of a plan? From IDG Norway: News continues to worsen for business travelers carrying ... More About: Security , Airline Security
OK, So, Now What Yahoo?
2008-05-06 03:10:00 OK, so the date has ended. Microsoft didn’t get to second base. Yahoo was jilted for being too high maintenance and their stock dropped 15% today. So, what now for Yahoo? From Internet News: “With Microsoft’s withdrawal, we’ll be better able to focus our energy on growing our industry leadership and maximizing value for stockholders,” Yang said. The ... More About: Search , Yahoo!
Chinese Hackers Attack Indian Sites
2008-05-05 15:37:00 The Chinese army’s hackers continue to grab headlines. From The Times of India: China?s cyber warfare army is marching on, and India is suffering silently. Over the past one and a half years, officials said, China has mounted almost daily attacks on Indian computer networks, both government and private, showing its intent and capability. ( ... More About: News , Sites , Hackers
Security Briefing: May 5th
2008-05-05 14:24:00 Monday of my last week at work. I can see that the realization is beginning to set in with my co-workers. Well, I hope that I can share all I can before I’m off to carousel. I’d also like to say thanks to the folks who discovered the “donate” button on the next column over to ... More About: News , Security
Personal Data Anyone?
2008-05-05 02:51:00 Morning mail call. I may already be a winner, check. $10,000 from Publishers Clearing House, indeed. Ah, tax forms…with the social security number on the label. WTF? From Tulsa World: Tax forms were sent out to thousands of people in Wisconsin with their Social Security numbers on the mailing labels. A vendor hired by the state of Georgia lost ... More About: Personal , Data Security , Data , Privacy
Students Accused Of Hacking To Alter Grades
2008-05-04 04:58:00 Wow, this story really gave me a flashback to the 80’s. I remember watching as Ferris Bueller hacked into the school computers to change his grades. That was one of the early influences that helped shape my career. Glad to see that the spirit lives on. I do think that the Fort Bend Independent School ... More About: News , Students , Hacker , Grades , Alter
Air Marshalls On ?No Fly? List
2008-05-02 16:01:00 Sweet (insert deity). Thx to Charlie who emailed us in the story. From The Washington Times: Some federal air marshals have been denied entry to flights they are assigned to protect when their names matched those on the terrorist no-fly list, and the agency says it’s now taking steps to make sure their agents are allowed to ... More About: List , Airline Security
Japanese Worker Disciplined For 780K+ P0rn Hits
2008-05-02 15:42:00 Sweet Jeebus in a birch bark canoe. This guy managed to keep his job after he was caught surfing p0rn from the office. If ever there was a case for content filtering in an office this guy is the poster boy. From BBC: A local council employee in Japan has been punished after it was discovered he ... More About: Japanese , Dumbass , Hits , Worker
Security Briefing: May 2nd
2008-05-02 14:45:00 Ugh. Due to a misconfiguration by yours truly the news posting for yesterday didn’t see the light of day. So, as a penance I’m going to provide an extra long briefing round up for today. Thanks to all of our readers! And now, the news… Sun Microsystems to cut 1,500 to 2,500 jobs Almost 200 HMRC staff ... More About: News , Security
HSBC Catches Attempted £70 Million Fraudsters
More articles from this author:2008-05-02 14:29:00 HSBC is back in the news again today. This time for a more positive reason than last we checked in on them. It appears that a rogue employee decided it was pay day. I guess he saw “Catch me if you can” one too many times. From the Reg: An HSBC worker has been charged after police ... More About: Million 1, 2, 3, 4, 5, 6, 7 |
|
 |
|
 |
