Friday, 25 April 2008

Windows XP Service pack is here at last...

Thursday, 24 April 2008

2008 Information Security Breaches Survey

This survey is published every other year, and the results were published at the Infosecurity exhibition in London this week.

The executive summary and the full report can be found here:

Phising for big targets: whaling

This time Japan is not involved...
Over 2000 American execs fell victim to a targeted email asking them to appear before a jury regarding a subpoena:

Tuesday, 22 April 2008

Privilege escalation in Windows

MS released an advisory last week which makes for interesting reading:

Vulnerable version start with XP all the way to Windows Server 2008.

Cool, Evil Tracking Site

Guys, it has been a while!

Anyways just trawling the Internet highways and byways and came across this little Gem,
The use of the map from xkcd, gets my vote! Plus they have afew security hardening guidelines and other interesting docs.

Well worth a look.


Tuesday, 8 April 2008

Welcome Kraken

According to Dambala researchers speaking at the RSA 2008 conference, a new bigger-and-better-than-Storm called Kraken has over 400,000.- machines under its control.

Only 20% of AV products can detect it, and it appears to be very polymorphic and uses obfuscation. The delivery / infection mechanism is a "picture" file with a .exe extension which is not shown.

With the constant increase in malware code out there, how long before current AV mechanisms break?


Monday, 7 April 2008

HSBC loses customers' data disc with details of 370,000 customers...

HSBC customers should be reassured that "there were no addresses or bank account details", just their names, dates of birth, and levels of insurance cover:

Thursday, 3 April 2008

"Superhacker convicted of international cyber crime"

A bit of a cheesy article title from the New Zealand Herald:

"The crimes carry sentences of up to seven years but there are indications he may serve a community-based sentence."

Who says crime does not pay?!