Date: 01/25/08     Keywords: no keywords

More details are coming to light already on this week's revelation by France's second largest bank, Societe Generale, of massive trading losses thanks to the activity of an errant insider. The Wall Street Journal this morning (temporary link)reports that Jerome Kerviel spent hours in...

Source: http://blogs.zdnet.com/threatchaos/?p=514

Date: 01/25/08     Keywords: no keywords

Wanted since 2002, the man is believed to have sold corporate secrets to about 250 buyers through the Internet, say authorities. Greek police said on Friday they have arrested a man suspected of selling corporate secrets from France's Dassault Group, including data on weapons systems. "This 58-year-old...

Source: http://news.zdnet.com/2100-1009_22-6227707.html

Date: 01/25/08     Keywords: no keywords

A report arguing that the first year of Vista has been more secure--or at least has had fewer vulnerabilities--than XP and other operating systems has raised a ruckus. The issue raises a question about whether there are any metrics that could accurately capture whether an operating system is more secure....

Source: http://blogs.zdnet.com/security/?p=832

Date: 01/24/08     Keywords: security

Security company says it has seen an attack using a cross-site scripting flaw in 2Wire DNS routers. Security company Symantec has warned of an attack involving the subversion of routers. The security company said this was the first time it had seen such an attack "in the...

Source: http://news.zdnet.com/2100-1009_22-6227502.html

Date: 01/23/08     Keywords: security

Mozilla's security chief Window Snyder has confirmed a proof of concept information leak flaw in Firefox--even fully patched versions. Snyder confirmed the issue in a blog post. The proof of concept vulnerability was highlighted by researcher Gerry Eisenhaur on Jan. 19. In a nutshell, Firefox leaks information...

Source: http://blogs.zdnet.com/security/?p=823

Date: 01/22/08     Keywords: software, security

Fresh off a series of security problems with software included on HP laptops, the company is under the gun again, say security researchers. One common thread: HP vulnerabilities due to ActiveX issues. The latest HP vulnerability--discovered by security researcher Elazar Broad--involves the HP Virtual Rooms Install. Virtual...

Source: http://blogs.zdnet.com/security/?p=822

Date: 01/22/08     Keywords: software, security

Phone Scoop reported on the RIM announcement that BlackBerry owners will be receiving updates for their devices that adds enhanced functionality and security. These new software updates will be phased in over the first half of 2008 and if you buy a new device in mid to late 2008 it...

Source: http://blogs.zdnet.com/mobile-gadgeteer/?p=805

Date: 01/22/08     Keywords: security

Security agency breaks its normal silence, warning about successful attacks against critical national infrastructures outside the U.S. A cyberattack has caused a power blackout in multiple cities outside the United States, the CIA has warned. The SANS Institute, a computer-security training body, reported the CIA's disclosure...

Source: http://news.zdnet.com/2100-1009_22-6227090.html

Date: 01/21/08     Keywords: google

At hearing, company's global privacy counsel assails officials, saying they're taking a privacy case and trying to "shoehorn it into a competition law review." Google attacked European parliamentarians and privacy advocates on Monday for trying to have competition authorities consider the handling of personal information in its $3.1...

Source: http://news.zdnet.com/2100-9588_22-6227031.html

Date: 01/21/08     Keywords: no keywords

It reads like science fiction, but it asks a key cyberpunk' question. (Sorry, the movie's still not out.) The answer will determine the future course for both open source and the Internet. Can smart mobs of "good guys" beat smart mobs of "bad guys?" As...

Source: http://blogs.zdnet.com/open-source/?p=1910

Date: 01/21/08     Keywords: technology, security

I was actually in Ann Arbor last week when news broke that Arbor Networks had acquired Ellacoya a so called "deep packet inspection" technology vendor. I was perplexed. That's not security. First let me clear up some terminology. "Deep Packet Inspection" was...

Source: http://blogs.zdnet.com/threatchaos/?p=508

Date: 01/21/08     Keywords: security

Cyber warfare isn't just concerned with military and intel computers. Hackers have also attacked foreign facilities of US power utilities, according to a CIA analyst. The Washington Post reports that Tom Donahue, the CIA's top cybersecurity analyst, told an audience of utility security pros: "We do not know who...

Source: http://government.zdnet.com/?p=3611

Date: 01/20/08     Keywords: no keywords

Reddit is the hacking playground for today. While Reddit is just barely a "social network" with minor interactions between its members it is a powerful site for spreading the latest cool thing and in recent months has been pretty much taken over by Ron Paul enthusiasts and Fox...

Source: http://blogs.zdnet.com/threatchaos/?p=507

Date: 01/20/08     Keywords: no keywords

Earlier today, Sunday, the site of the let's sue infringing college kids-happy Recording Institute of America (RIAA) was hacked clean. The site is back up now ,but for the few hours it was down, all the pages looked like the grab TorrentFreak took,...

Source: http://blogs.zdnet.com/ip-telephony/?p=3091

Date: 01/18/08     Keywords: security

From Vinius, Lithuania, Internet security expert Miroslav Lučinskij blogs about what sounds like a security bug in a Skype partner feature related to the danger of executing "malicious script content" through the "mood feature" option available as part of a video selection option tied to that...

Source: http://blogs.zdnet.com/ip-telephony/?p=3075

Date: 01/18/08     Keywords: html, security, web

Updated below: Aviv Raff, a security researcher, has found a flaw in Skype that could allow an attacker to control your PC. On his blog, Raff explains the following: Skype uses Internet Explorer web control within the application to render internal and external HTML pages. Examples...

Source: http://blogs.zdnet.com/security/?p=819

Date: 01/17/08     Keywords: security, microsoft

If you're like most folks you are taking your time installing Microsoft's latest round of security patches. However, you may want to get your rear end in gear. Specifically apply MS08-001, which was released on Jan. 8. That patch fixed a Transmission Control Protocol/Internet Protocol (TCP/IP) processing...

Source: http://blogs.zdnet.com/security/?p=817

Date: 01/17/08     Keywords: security, yahoo

Yahoo is supporting OpenID 2.0 and could triple the number of accounts in the single sign-on framework. I posted the details on Between the Lines and Techmeme has more, but after some initial enthusiasm I started thinking out loud about security. Yahoo noted that...

Source: http://blogs.zdnet.com/security/?p=816

Date: 01/16/08     Keywords: security, virus, antivirus

In annual report on security flaws, vulnerability-testing company strongly criticizes CA's ARCserve Backup product, as well as Symantec Mail Security. Some CA products containing antivirus components have "inherent code problems," according to vulnerability-testing company Secunia, which published its annual report on security vulnerabilities on Monday. One CA...

Source: http://news.zdnet.com/2100-1009_22-6226441.html

Date: 01/16/08     Keywords: database

The agency's proposed "server in the sky" database would share biometric data on the world's most-wanted criminals. Police in the U.K. are in talks with the FBI about establishing an international biometric database for tracking down the world's most wanted criminals and terrorists. The so-called "server in...

Source: http://news.zdnet.com/2100-1009_22-6226396.html