Friday 25 April 2008
Thursday 24 April 2008
2008 Information Security Breaches Survey
This survey is published every other year, and the results were published at the Infosecurity exhibition in London this week.
The executive summary and the full report can be found here:
http://www.pwc.co.uk/eng/publications/berr_information_security_breaches_survey_2008.html
The executive summary and the full report can be found here:
http://www.pwc.co.uk/eng/publications/berr_information_security_breaches_survey_2008.html
Phising for big targets: whaling
This time Japan is not involved...
Over 2000 American execs fell victim to a targeted email asking them to appear before a jury regarding a subpoena:
http://www.theregister.co.uk/2008/04/16/whaling_expedition_continues/
Over 2000 American execs fell victim to a targeted email asking them to appear before a jury regarding a subpoena:
http://www.theregister.co.uk/2008/04/16/whaling_expedition_continues/
Tuesday 22 April 2008
Privilege escalation in Windows
MS released an advisory last week which makes for interesting reading:
http://www.microsoft.com/technet/security/advisory/951306.mspx
Vulnerable version start with XP all the way to Windows Server 2008.
http://www.microsoft.com/technet/security/advisory/951306.mspx
Vulnerable version start with XP all the way to Windows Server 2008.
Cool, Evil Tracking Site
Guys, it has been a while!
Anyways just trawling the Internet highways and byways and came across this little Gem,
http://www.team-cymru.org/
The use of the map from xkcd, gets my vote! Plus they have afew security hardening guidelines and other interesting docs.
Well worth a look.
dD
Anyways just trawling the Internet highways and byways and came across this little Gem,
http://www.team-cymru.org/
The use of the map from xkcd, gets my vote! Plus they have afew security hardening guidelines and other interesting docs.
Well worth a look.
dD
Tuesday 8 April 2008
Welcome Kraken
According to Dambala researchers speaking at the RSA 2008 conference, a new bigger-and-better-than-Storm called Kraken has over 400,000.- machines under its control.
Only 20% of AV products can detect it, and it appears to be very polymorphic and uses obfuscation. The delivery / infection mechanism is a "picture" file with a .exe extension which is not shown.
http://www.darkreading.com/document.asp?doc_id=150292&WT.svl=news1_1
With the constant increase in malware code out there, how long before current AV mechanisms break?
dD
Only 20% of AV products can detect it, and it appears to be very polymorphic and uses obfuscation. The delivery / infection mechanism is a "picture" file with a .exe extension which is not shown.
http://www.darkreading.com/document.asp?doc_id=150292&WT.svl=news1_1
With the constant increase in malware code out there, how long before current AV mechanisms break?
dD
Monday 7 April 2008
HSBC loses customers' data disc with details of 370,000 customers...
HSBC customers should be reassured that "there were no addresses or bank account details", just their names, dates of birth, and levels of insurance cover:
http://news.bbc.co.uk/1/hi/business/7334249.stm
http://news.bbc.co.uk/1/hi/business/7334249.stm
Thursday 3 April 2008
"Superhacker convicted of international cyber crime"
A bit of a cheesy article title from the New Zealand Herald:
http://www.nzherald.co.nz/category/story.cfm?c_id=30&objectid=10501518
"The crimes carry sentences of up to seven years but there are indications he may serve a community-based sentence."
Who says crime does not pay?!
dD
http://www.nzherald.co.nz/category/story.cfm?c_id=30&objectid=10501518
"The crimes carry sentences of up to seven years but there are indications he may serve a community-based sentence."
Who says crime does not pay?!
dD
Subscribe to:
Posts (Atom)