Liquidmatrix Security DigestLiquidmatrix Security DigestYour Source For Network and Information Security News 
Articles
Facebook Loophole Open To ID Theft
2008-05-01 18:41:00 I’ve never been one to entirely believe in the safety of social networking apps. Surfers beware. From the Telegraph UK: A loophole on social networking site Facebook could allow identity thieves to access the personal data of users, according to an investigation. By simply downloading an application, users enable its creator to view sensitive information, even if they ... More About: News , Open , Theft
Storm Botnet, Shrinking From Gale To Drizzle?
2008-05-01 18:26:00 The folks at MessageLabs are stating that the Storm botnet has dropped down to around 100K nodes from it’s prjected high of over two million. From IT News: MessageLabs’ Intelligence Report for April 2008 said that new malicious software removal tools aimed at removing Storm infections were responsible for the sudden reduction in Storm-infected computers. The security firm ... More About: Malware , Botnet , Storm botnet
Security Briefing: April 30th
2008-04-30 18:39:00 “It’s gonna be a bright, sunshiny day” And now, the news… Declassified NSA Document Reveals the Secret History of TEMPEST Evidence presented in New Jersey e-voting discrepancies Microsoft postpones automatic Service Pack updates The Battle for Your Browser SQL injection attack infects hundreds of thousands of websites EFF blasts Microsoft over DRM validation McAfee ‘Hacker Safe’ cert sheds more cred Off Topic: Southwest Airlines ... More About: News , Security , April
Exit Stage Left?
2008-04-30 18:29:00 Well, after six years working in the critical infrastructure vertical I have decided to move on. I tendered my resignation yesterday and will be moving on the new adventures in a few weeks. I’ll let slip my new day job at that time. It has been an interesting ride to say the least. There have ... More About: Left , Stage
Blogger Uses iPhone As Boarding Pass
2008-04-30 14:57:00 I wonder if Christopher Soghoian had tried this one? A blogger by the name of Gerald Buckley used his iPhone to provide his boarding pass at a American Airlines gate. From gwhiz: I was travelling yesterday to San Antonio. An all-day, down and back. Last week I went to Houston via Southwest Air and had Twittered I ... More About: Mobile , Blogger , Iphone , Airline Security , Pass
PCI Council Issues Clarification on Web App Security
2008-04-30 14:28:00 This one got past me last week. From Search Security : Responding to a wave of criticism and confusion surrounding the imminent deadline for a new section of the PCI Data Security Standard regarding Web application security, the PCI Security Standards Council has released documentation intended to clarify the requirements for securing Web applications. The clarification is meant ... More About: News , Issues
Live In Concert
2008-04-25 17:49:00 Well, we’re no Led Zeppelin, Tragically Hip or Peter Gabriel. That being said it should a great time tonight when the band that I play bass for, “The Shiitake Project” takes the stage at Clinton’s in Toronto. We are raising money for prostate cancer research. The show gets rolling around 9 pm and cover is $10 ... More About: Concert , Live
Security Briefing: April 25th
2008-04-25 14:49:00 Friday, finally. Only a few hours till the band takes the stage. And now, the news… Click here to subscribe! Researcher Finds New Way to Hack Oracle Database UK Info Chief Takes Aim at Security Breaches Feds to leave disclosure of data security breaches to businesses: legislative plan Security testing standards council launched Cracking the ‘Great Firewall’ of China’s Web censorship Thieves ... More About: News , April
FSA To Banks, Smarten Up
2008-04-25 14:35:00 Things don’t look so rosy in the FSA report with respects to how financial institutions handle data security. From eGov Monitor: The Financial Services Authority (FSA) has published today its report on Data Security in Financial Services. Whilst it might make for uncomfortable reading, this is a timely report from the FSA, and its relevance extends beyond ... More About: Banks
Spammer, Sharp Like Beach Ball
2008-04-25 03:15:00 Wow, how stupid do they think I am? It’s a rhetorical question wise guy. Here’s a phishing email that I received this evening. —————— ;– From: Chianelli, Russell R. Date: Thu, Apr 24, 2008 at 8:05 PM Subject: UNICEF ORGANISATION DONATION AWARDED PIN NUMBERS U-777-1815, D-01-47 CONTACT INFOS (**********@yahoo.com.hk) To: undisclosed-recipients UNICEF ORGANISATION DONATION. Unicef Organisation Concern. The Unicef Orgnasation, Would like ... More About: News , Spam , Beach , Phishing , Sharp
Shmoocon 2008 Presentations Online
2008-04-24 14:53:00 Thanks to a reader email (thx KS) it turns out that the presentations from Shmoocon 2008 are now posted online. The videos are not up yet but, I’ll update this as soon as they’re available. Shmoocon 2008 presentations. Shmoocon 2008 videos (pending). More About: News , Online , Presentations
Security Briefing: April 24th
2008-04-24 14:44:00 The week just keeps getting better. More sleep and easing up on my beloved coffee is working out nicely. And welcome to our new subscribers that joined us yesterday! And now, the news… Click here to subscribe! Hackers jack thousands of sites, including UN domains YES WE CAN - get XSSed Transcript: FBI director on surveillance of ‘illegal’ Internet activity China ... More About: News , Security , April
Hacker Testifies News Corp Unit Paid Him
2008-04-24 14:29:00 Conspiracy plot line or just some hacker that got pinched? From Reuters (via Yahoo): A computer hacker testified on Wednesday that a News Corp (NWSa.N) unit hired him to develop pirating software, but denied using it to penetrate the security system of a rival satellite television service. Christopher Tarnovsky — who said his first payment was $20,000 in ... More About: Paid , Hacker , News Corp , Unit
Microsoft Mislabels Skype As Adware
2008-04-24 14:15:00 Um, whoops? From Computer World: Skype users who have been getting strange error messages from Microsoft ’s security products over the past week can breathe easy now. It was all a mistake. Microsoft said Wednesday that a buggy antivirus definition update, released Friday, had mislabeled Skype as pop-up adware program called Win32/Vundo.gen!D. The issue was fixed Monday in a ... More About: News , Adware , Quality Control
Border Agents Green Lighted To Search Laptops
2008-04-23 20:32:00 From Threat Level/Wired: Federal agents at the border do not need any reason to search through travelers’ laptops, cell phones or digital cameras for evidence of crimes, a federal appeals court ruled Monday, extending the government’s power to look through belongings like suitcases at the border to electronics. The unanimous three-judge decision reverses a lower court finding ... More About: Laptops , Agents , Search , Green , Privacy
It?s a hump day miracle?
2008-04-23 19:05:00 Click to enbiggen… Harvey Wallbanger (a frequent commenter) asks: “How different is the reality of work for a CISO compared to the average 9-5er?” Well… Let’s start with how busy it is… Basically, I don’t have much of a life beyond work. There’s a certain “Superman” tendency amongst those who do this which leaves them unable to ... More About: Miracle , Hump
We don?t need another hero?
2008-04-22 16:19:00 Except that according to the folks at the Sydney Morning Herald, we’re all headed for a new kind of horror - cybergeddon, the digital mushroom cloud. Is it just me, or do these nice people all seem to have a complete freakin’ fetish for the prefix Cyber? In trying to make a point, these people all come ... More About: Hero
Security Briefing: April 22nd
2008-04-22 15:09:00 OK, this week is shaping up nicely so far. Hope springs. Fingers are crossed and stapled. Ah, so that’s what that pain is. And now, the news… Microsoft PatchGuard: Locking down the kernel, or locking out security? Soft tokens tighten online banking security Critical infrastructure open to IT security threats Adobe Products BMP Handling Buffer Overflow Vulnerability PCs and Parenting: Tips for ... More About: News , Security , April
Thought Process Behind Online Password Services
2008-04-22 14:58:00 In the world of bad ideas we have seen a remarkable array. There was hair in a can, the car-b-q and the pocket fisherman to name a few. Sure they have camp value but, you wouldn’t rely on any of them as a matter of practice. So, why then do people hand over their passwords ... More About: Education , Services , Privacy , Online , Thought
Big Brother Russian Style
2008-04-21 17:39:00 Big ???? is watching you. In a further attempt by the Russian government to turn the screws on the populace they are now mandating that all wireless APs, wireless devices, and the like, are registered with the government. From Computer World AU: Business travellers to Russia might want to keep their laptops and iPhones well-concealed - ... More About: Wireless , Big Brother , Style , Freedoms
Do your REAL job?
2008-04-21 16:33:00 I can’t believe it’s freakin’ Monday again. Seriously. When will this treadmill end? If you joined us last week, you’ll know that we’re here to discuss all of those things you could be doing, but aren’t. This week, short and sweet. Update your Intranet site. Click for more… I’m sure that all of you are running a lush ... More About: Real
Security Briefing: April 21st
2008-04-21 15:41:00 OK, it’s Monday and I’m ready for a “do over”. Last week was rather trying to say the least. I plan to turn things on their head this week and have a better start. Although the dead refrigerator and subsequent food poisoning adventure was not fun. So, the week (for me) starts now. …OK, still good. And ... More About: News , Security , April
Criminals To Target Mobiles
2008-04-21 15:10:00 BBC News has an interesting piece dealing with criminals targeting mobile device users. From BBC: “There’s a real transition from online in to the mobile space,” said Simeon Coney, head of business development at Adaptive Mobile , which helps operators keep an eye on the malicious traffic flowing across their networks. In the PC world malicious programs started ... More About: Mobiles , Malware , Target , Criminals
Microsoft OK With Website Bug Hunters
2008-04-21 14:55:00 Do I hear a flood gate opening? This is a remarkable departure for the folks in Redmond. From the Register: In a first for a major company, Microsoft has publicly pledged not to sue or press charges against ethical hackers who responsibly find security flaws in its online services. The promise, extended Saturday at the ToorCon ... More About: News , Website , Hunters
Schneier Prediction: RSA Conference Will Shrink
2008-04-21 14:24:00 I’m sure that the RSA folks were nonplussed to hear Bruce’s take on the possible contraction of the RSA security conference. I think he’s right. From Wired: Talk to the exhibitors, though, and the most common complaint is that the attendees aren’t buying. It’s not the quality of the wares. The show floor is filled with new security ... More About: News , Conference
Security Briefing: April 18th (Late Edition)
2008-04-18 18:42:00 This is one of those days where I’ve been running around like a chicken with my head cut off. A fitting end to an insane/odd/warped week. Thanks to all of our new subscribers. Glad you could join us! Have a great weekend all! And now, the news… NBC Wants iTunes To Spy On All The Media You ... More About: News , Security , April , Late , Edition
Don?t quit your day job?
2008-04-18 14:47:00 You’ve lost that lovin’ feeling, Whoa, that lovin’ feeling, You’ve lost that lovin’ feeling, Now it’s gone…gone…gone…wooooooh . Now there’s no welcome look in your eyes when I reach for you. And now you’re starting to criticize little things I do. It makes me just feel like crying, (baby). ‘Cause baby, something in you is dying. When the week is almost done, and you ... More About: Quit
Ethical Questions?
2008-04-18 14:27:00 Lately, one of the big topics in my life has been that of ethics. There’s the ethics in research/reporting conversation in the SCADA Security world… There’s the ethics of paid vs. unpaid ‘research’ in Joanna’s world… There’s an interesting question posed on Slashdot — What Should We Do About Security Ethics? — I shall weigh in and flaunt ... More About: News , Questions
Healthcare IT Failing On Security
2008-04-18 12:36:00 From vnunet: The IT security threat posed by healthcare workers is rising as they become increasingly mobile and use laptops containing sensitive patient information. Unlike some other parts of the world, UK law does not protect data kept on healthcare computer systems beyond ‘duty of care’ and a professional requirement for patient confidentiality. The warning from Absolute Software, ... More About: Security , Healthcare
Consumer Devices Give Storage Admins Security Headaches
More articles from this author:2008-04-18 12:27:00 From Internet News: Apple’s 160GB iPod Classic, introduced last September, is a music and movie lover’s dream machine. But for IT departments, it’s a security nightmare. That’s because any employee can plug this pocket-sized USB storage device into their computer and use it to steal vast amounts of corporate information, including mailing lists, databases, financial records and ... More About: Security , Storage , Devices , Consumer 1, 2, 3, 4, 5, 6, 7 |
|
 |
|
 |
