Security flaw exposes Google G1 phone to attacks
If you’re planning to bring a new smartphone to market anytime soon, you might want to check with the guys at Independent Security Evaluators first. For the second time in about 15 months, ISE...
View ArticleHow the Morris worm foretold the future of computer security
It’s been 20 years since the first major security-related disruption of the Internet, the Morris worm, hit the worldwide network. The natural reaction to anniversaries like this is to look back and...
View ArticleBehind the MD5 attack
When the researchers who produced the elegant MD5 attack I wrote about this morning realized the severity of what they had found, they took two highly unusual steps. First, they consulted with lawyers...
View ArticleFear and loathing in the Intertubes
One of the peculiar properties of the security research community is the reflexive reactions of some of its members to new work by other researchers. In most cases, researchers tend to compliment one...
View ArticleClik here to view.
Phishing attack uses pop-up message on bank sites
Researchers at security vendor Trusteer have discovered a new phishing method that forces pop-up login messages to appear on legitimate banking websites. The messages trick users into giving up...
View ArticleClik here to view.
Conficker, Downadup worm hype? Get the facts
Update 1/23: Microsoft has released a blog post explaining everything you need to know about Conficker/Downadup. The bottom line: Ensure that MS08-067 is installed on all machines in the environment,...
View ArticleMicrosoft Conficker/Downadup infections still not a major threat
I had an excellent briefing with the folks at TippingPoint about Conficker and they gave me access to their ThreatLinQ, a service that helps TippingPoint IPS customers proactively configure their...
View ArticleSymantec announces beefed up DeepSight service, new authentication capabilities
Move is part of an industry trend that turns threat intelligence data into actionable information. Symantec is bolstering its DeepSight service and integrating its VeriSign acquisition. The company...
View ArticleIsolated Facebook attacks illustrate need for social media security
Social networking security threats have taken a back seat to mobile security and targeted attacks directed at corporate networks in recent years. But there is news of two new Facebook attacks targeting...
View ArticleOperation High Roller: Server-side automation in online bank fraud
I’ve covered a lot on online bank fraud in the past – there seems to be no end to the increasingly sneaky techniques cybercriminals develop to siphon money out of victims’ bank accounts. This week,...
View ArticleMcAfee report summarizes second quarter
Out in the last few days is an interesting quarterly update report from McAfee. Topline findings from the second quarter of the year include the following: Banking Malware. Malicious parties employ...
View Article
