Rodney Campbell's Blog

2008.02.08 Daily Security Reading

by on Feb.08, 2008, under Security

MayDay! Sneakier, More Powerful Botnet on the Loose

A new peer-to-peer (P2P) botnet even more powerful and stealthy than the infamous Storm has begun infiltrating mostly U.S.-based large enterprises, educational institutions, and customers of major ISPs.

Truecrypt 5.0 released

The popular open source privacy tool, TrueCrypt, has just received a major update. The most exciting new feature provides the ability to encrypt an entire drive, prompting the user for a password during boot up; this makes TrueCrypt the perfect tool for non-technical laptop users (the kind who are likely to lose all of that sensitive customer data). The Linux version receives a GUI and independence from the kernel internals, and a Mac OS X version is at last available too.

Google Blamed For Indexing Student Test Scores & Social Security Numbers

Heads Up Internet Explorer Users

A plug-in for Microsoft’s Internet Explorer Web browser that helps users upload photos to popular sites such as Facebook and Myspace contains multiple security holes.

When Security Improvements Backfire

Recently, when conducting an (authorized) security review at a small web hosting provider, I ended up as “root” on all their Unix systems within a matter of hours, and did not even need any l33t buffer overflow or the like. Well-meaning system administrators had tried to improve security of their servers, and had unwittingly ended up making life much easier for the bad guys.


Comments are closed.

Looking for something?

Use the form below to search the site:

Still not finding what you're looking for? Drop a comment on a post or contact us so we can take care of it!

Copyright © 2015 Rodney Campbell

Images contained on this web site may not be used or reproduced in any way without prior permission.