security

Tue
27
Jul
Dennis Faas's picture

Mozilla, Google Pay Top Dollar for White Hat Hackers

Mozilla and Google have taken an interesting approach to ensuring that flaws, bugs and other problems associated with their Internet browsers are reported on in a timely manner. The two companies are paying outside researchers as added motivation, ... with the belief being that if a bonus is attached for their efforts, more individuals will be willing to offer up their time to discover new errors. Not All Researchers Financially Motivated Microsoft employees need not get too excited with the news, as company representatives announced that no such bonuses will be given to their researchers. ... (view more)

Fri
23
Jul
Dennis Faas's picture

Experts Fear Windows Shortcut Flaw to be Widespread

A serious security flaw affecting Windows shortcuts could pose a significant risk to critical global infrastructure, says a new report from security research firm Sophos. Power grids and manufacturing plants could soon be targeted by a flaw that ... researchers say has already been exploited by hackers. "Early versions of the malware have been programmed to seek out SCADA software (Supervisory Control And Data Acquisition) by Siemens Corporation, which is used in managing industrial infrastructures, such as power grids and manufacturing plants," said Sophos. Security Firms Fear Growing Threat ... (view more)

Thu
22
Jul
Dennis Faas's picture

Microsoft Issues Temporary Fix for Shortcut Flaw

Microsoft has issued an automated workaround for a Windows shortcut flaw that security researchers yesterday flagged with a yellow alert. The workaround is a temporary measure while the company works furiously to provide a more permanent patch. The ... Windows shortcut flaw affects files with the .LNK extension (otherwise known as "shortcut files"). The zero-day vulnerability could allow cyber criminals to seize control of victim PCs. A similar and more public version of the exploit affected Siemens industrial automated systems just last week. Temporary Fix Alters Icons, Leaving them ... (view more)

Thu
22
Jul
Dennis Faas's picture

Sandboxing

In computer security, "sandboxing" is a security term used to describe the separation of running programs on an operating system. A sandbox, as it is also referred to, is often used to execute untested computer programs to ensure that they do not ... overstep their boundaries and cause harm to the system. The sandbox typically provides a tightly-controlled set of resources for guest programs to run in, such as scratch space on disk and memory. Network access and the ability to inspect the host system or read from input devices are usually disallowed or heavily restricted. In this sense, sandboxes ... (view more)

Thu
15
Jul
Dennis Faas's picture

Millions of Routers Susceptible to Hackers: Report

A security researcher says hackers could take control of millions of routers. Craig Heffner, of security firm Seismic, says half of the models he tested were vulnerable to a recently discovered hack. Routers, which allow an Internet connection to be ... shared among multiple computers, are extremely common -- especially for those of us who use high-speed Internet. Even if you own only one computer and don't share your connection with others in your household or office, chances are you're using a router of some kind. In short, the router acts as a gateway to the Internet and directs traffic back ... (view more)

Wed
14
Jul
Dennis Faas's picture

Credit Card Hackers Target Hotels Most Often: Report

It's often argued that restaurants are the most likely place for people to suffer credit card fraud. But a new report claims hotels are actually the most at-risk locations. The restaurant theory is based on the fact that people are more likely to ... hand over cards and let them out of their sight as they are taken away for processing. But security firm Trustwave believes the real danger isn't dishonest staff or venues, but rather criminals attempting to intercept data transmissions. 38% Of Fraud Cases Involved Hotels Trustwave recently evaluated credit card hacking reports for 2009 and found ... (view more)

Tue
13
Jul
Dennis Faas's picture

Patch Tuesday to Address XP Help Bug, Plus Vital Win7 Fixes

Microsoft will next week unveil a series of security bulletins meant to address five security flaws. The fixes are part of the company's monthly Patch Tuesday release, and will most importantly fix a critical Windows XP Help Bug flaw in Windows' ... Help and Support Center. The series of fixes include four patches for the five vulnerabilities, three of which have been dubbed "critical" by Microsoft -- the company's highest level of alert. Each of these critical issues involve holes that, if exploited, could allow a hacker to launch a remote code execution attack upon an unsuspecting user's PC. ... (view more)

Fri
09
Jul
Dennis Faas's picture

Windows XP SP2 Support Ends July 13

Are you still using Windows XP with Service Pack 2? If so, you'll want to take note of Microsoft's warning that it will terminate support of Windows XP Service Pack 2 (SP2) on July 13th, 2010. According to a recent PC Advisor poll, 37 per cent of ... respondents are still using Windows XP. Of that number, 15 per cent of those users still have not yet upgraded to Windows XP Service Pack 3. (Source: pcadvisor.co.uk ) Windows XP users who have not yet upgraded to Service Pack 3 will need to do so before July 13th, 2010 in order to continue receiving Microsoft's latest security updates. Without the ... (view more)

Wed
07
Jul
Dennis Faas's picture

Microsoft Investigates 'Moderately Critical' Windows XP Bug

Microsoft is currently investigating the emergence of a new critical bug affecting users of Windows 2000 and Windows XP. The Redmond-based firm made the announcement via Twitter on Tuesday, and says the issue can be found in the dynamic link library ... (.DLL) file "mfc42.dll." Security firm Secunia posted a detailed report, which they say is based on a third party proof-of-concept exploit. It's suggested that the vulnerability can be exploited via PowerZip version 7.2 Build 4010, among other utilities that use the mfc42.dll file. (Source: pcmag.com ) Bug Affects Moderately Popular ... (view more)

Fri
02
Jul
Dennis Faas's picture

XP Help Flaw Attacks Explode, Still No Permanent Fix

Microsoft says more than 10,000 computers have been attacked through a bug in the Windows XP help system. Strangely, it has resisted criticizing the security researcher who publicized the security flaw. The bug involves the way XP directs web ... browsers towards help pages, having first checked the page against a "whitelist" to make sure it is legitimate. It's possible for hackers to exploit the flaw by fooling the computer during this checking process. The result is that the browser can be relocated to a page containing malicious software. Microsoft hasn't yet found a permanent solution to the ... (view more)

Pages

Subscribe to RSS - security