Rodney Campbell's Blog

Archive for April, 2007

2007.04.26 Daily Security Reading

by on Apr.26, 2007, under Security

103 Free Security Apps for Mac, Windows and Linux

To keep your computer safe (and save some cash while doing it) we’ve assembled a list of 103 free security apps for Mac, Windows and Linux. By the end of the article you should have enough resources to secure even the most naïve system, for free!

SMTP Authentication Update

It’s about 2 and a half years since the standards bodies threw up their hands and left SMTP authentication to the industry. Implementation progress has been slow but positive. And there have been some surprises.

Optical link hacking unsheathed

Techniques for extracting data flowing over fibre optic links are evolving to make the technique easier to apply (pdf).

0wning Vista from the boot

Rootkit that is able to load from Windows Vista boot-sectors.

Web threats to surpass e-mail pests

By next year, Internet users can expect more cyberattacks to originate from the Web than via e-mail, security firm Trend Micro predicts.

Russinovich Says, Expect Vista Malware

Despite all the anti-malware roadblocks built into Windows Vista, a senior Microsoft official is lowering the security expectations.

Comments Off on 2007.04.26 Daily Security Reading more...

2007.04.20 Daily Security Reading

by on Apr.20, 2007, under Security

State Department got mail _ and hackers

A break-in targeting State Department computers worldwide last summer occurred after a department employee in Asia opened a mysterious e-mail that quietly allowed hackers inside the U.S. government’s network.

Staff use of social media is an unseen threat, says security firm

Over one third of businesses do not monitor their employees’ internet use, according to a survey carried out by an information security firm.

Attackers improve on JavaScript trickery

As JavaScript becomes an increasingly key component of online attacks, attackers are investing more energy in obfuscation and other techniques to make defenders’ attempts at reverse engineering more difficult, a security researcher told attendees at the annual CanSecWest conference on Wednesday.

How Security Companies Sucker Us With Lemons

With so many mediocre security products on the market, and the difficulty of coming up with a strong quality signal, vendors don’t have strong incentives to invest in developing good products. And the vendors that do tend to die a quiet and lonely death.

Comments Off on 2007.04.20 Daily Security Reading more...

2007.04.18 Daily Security Reading

by on Apr.18, 2007, under Security

New AACS cracks cannot be revoked, says hacker

Folks at the Doom9 forums sent word that they have found yet another way around the copy protection for high definition discs… They cannot revoke this hack.

E-mail warning for employers

A new ruling which said a college had breached a woman’s privacy by secretly monitoring her e-mails, means employers cannot spy on staff.

Vista For Forensic Investigators

SecurityFocus has a two-part article offering a high-level look at changes in Windows Vista that a computer forensic investigator needs to know about. Part 1 covers the different versions of Vista available and Vista’s built-in encryption, backup, and system protection features. Part 2 continues with a look at typical user activities such as Web browser and email usage.

Comments Off on 2007.04.18 Daily Security Reading more...

2007.04.16 Daily Security Reading

by on Apr.16, 2007, under Security

No end in sight to hacking of ‘WoW’ accounts

For months, hackers–most likely in China and Russia, according to security watchers–have been surreptitiously installing keylogging software on WoW players’ Windows computers, hijacking their accounts and selling off their often valuable in-game assets.

Announcing: Bruce Schneier’s Second Annual Movie-Plot Threat Contest

The first Movie-Plot Threat Contest asked you to invent a horrific and completely ridiculous, but plausible, terrorist plot. All the entrants were worth reading, but Tom Grant won with his idea to crash an explosive-filled plane into the Grand Coulee Dam.

Keep your kids safe online

The Web can help kids learn, communicate, and socialize, but it also exposes them to risks.

Developers warned to secure AJAX design

Most frameworks for deploying interactive functionality use JavaScript in a way that could lead to their applications leaking user data.

Can stuck torrents beat pirates?

Online filesharing of movies and music has the Hollywood hotshots hopping mad, but they are fighting back with the help of anti-piracy firms.

Microsoft to wait and see on Vista activation hacks

There are two methods that seem to work, and the software giant is monitoring both to see if they pose any substantial threat to the company’s business model.

Botnets by Email

Mark Russinovich examines some interesting email.

1 Comment more...

2007.04.10 Daily Security Reading

by on Apr.10, 2007, under Security

Image Spam: Getting the Picture?

Spam. We’ve all seen enough of it. But just as familiarity has bred contempt (and stopped most email users responding to it), spammers have come up with a new technique to snare the unwary and get around corporate security measures.

ShmooCon 2007 Videos

Four steps to battling botnets

How do you know if your computer, or any of the computers in the network you manage, has become infected with zombie code? After all, the programs that turn a computer into an undead slave for spammers and phishers don’t install a desktop icon or an entry on the Windows Start menu. A survey of experts reveals some agreement on basic steps you can take to reduce the risk of having your machines join the army of the evil botnet undead.

New class of attack targets embedded devices

Researcher finds vulnerability in embedded chips that can compromise routers or mobile phones… Often, it’s simply too expensive for hardware makers to shut down JTAG access

JavaScript Hijacking (pdf)

An increasing number of rich Web applications, often called Ajax applications, make use of
JavaScript as a data transport mechanism. This paper describes a vulnerability we term JavaScript Hijacking, which allows an unauthorized party to read confidential data contained in JavaScript messages.

Top 12 OS X Tiger Security Issues

It’s been called one of the safest operating systems of all time, but Mac’s OS X Tiger may not be as safe as it seems. This list provides its top security issues and how to plug them.

Comments Off on 2007.04.10 Daily Security Reading more...

Looking for something?

Use the form below to search the site:

Still not finding what you're looking for? Drop a comment on a post or contact us so we can take care of it!

Copyright © 2015 Rodney Campbell

Images contained on this web site may not be used or reproduced in any way without prior permission.