Archive for August, 2006
2006.08.24 Daily Security Reading
by Rodney Campbell on Aug.24, 2006, under Security
Email: Compliance and Information Management
Email is fundamental to internal and external communication for many organisations, with 87% of UK businesses highly dependent on electronic information. The nature and sheer volume of information that is shared and stored on email today makes email management critical to IT and corporate governance.
SSH Tunnels: Bypass (Almost) Any Firewall
The goal of this article is to present a few effective methods to revamp the way you work in a restricted corporation-like network. In order to achieve it we’re going to use SSH tunneling to bypass the firewall rules applied by your system administrator. We’ll start with breaking through simple restrictions and gradually pass to more and more elaborate firewalls while we move on.
MS06-042 Internet Explorer Crash is Exploitable
On August 8th Microsoft released MS06-042 which was a cumulative update for Internet Explorer. Over the course of a few days after the release of this patch various Internet Explorer users and businesses started to experience Internet Explorer crashing problems when viewing certain websites.
Sophos offers free rootkit detection and removal tool
Sophos has announced the availability of a new free-of-charge, standalone tool offering comprehensive rootkit detection and removal capabilities. Sophos Anti-Rootkit complements Sophos Anti-Virus 6.0 and other vendors' anti-virus solutions by providing an additional layer of protection for the Windows NT/2000/XP/2003 operating systems.
IBM to acquire Internet Security Systems
IBM announced on Wednesday that the technology giant has agreed to buy Internet Security Systems, an all-cash deal that the company valued at $1.3 billion, or about $28 a share.
Kevin Mitnick Web sites hacked
Instead of the usual description of Kevin Mitnick, his consulting services and books, the famed hacker's Web site on Sunday displayed a vulgar message.
For all of us here coding in PHP I put together a couple of configuration tips to provide an extra layer of security. Now while all of your own applications are of course bug free and will never get exploited, you just may have to use some third party code once in a while.
2006.08.22 Daily Security Reading
by Rodney Campbell on Aug.22, 2006, under Security
Married couple charged with $1 million stock spam scam
SophosLabs has warned users to be wary of emails offering unsolicited financial advice as a married couple are charged by federal regulators with making $1 million through a stock market pump-and-dump scam.
Brit Convicted for Accessing Wireless Network
A recent court case, which saw a West London man fined £500 and sentenced to 12 months' conditional discharge for hijacking a wireless broadband connection, has repercussions for almost every user of wi-fi networks.
TrackMeNot: a "new" Firefox browser privacy extension
TrackMeNot is a browser extension that protects web-searchers against surveillance and data-profiling. It does so not by means of concealment or encryption (i.e. covering one's trail), but instead, paradoxically, by the opposite strategy: noise and obfuscation.
2006.08.21 Daily Security Reading
by Rodney Campbell on Aug.21, 2006, under Security
Protecting the BlackBerry device platform against malware
This document describes the third-party application control features of the BlackBerry Enterprise Solution and provides an overview of how you might use those features and place the BlackBerry Enterprise Solution within your network architecture to contain the threat of malware on your BlackBerry devices and your corporate network.
Yahoo tests antiphishing service
Yahoo is testing a security service designed to prevent Web surfers from landing on sites that look like they are from Yahoo but that are fake ones set up by fraudsters to carry out phishing scams.
Botnet Eavesdropping – Inside the Mocbot (MS06-040) Attack.
Internet Explorer 7 Beta 3 for Windows XP SP2 updated
Internet Explorer 7 (IE7) Beta 3 has been designed to make everyday tasks easier, provide dynamic security protection and improve the development platform and manageability. End user improvements include a streamlined interface, tabbed browsing, printing advances, improved search functionality, instant feeds (RSS), dynamic security protection, and more.
Game Save Achievement/Gamerscore Cheating – Myths and Facts
by Rodney Campbell on Aug.19, 2006, under Gaming
With the recent storm over game save achievement cheating on the net these days – flush with statements akin to "load the game and get all the achievements" or "all the top of the leaderboards are doing it". With this in mind I thought I'd do a bit of investigative research and find out just what the facts and myths were.
The following is an article I published on Xboxzone regarding this topic:
2006.08.18 Daily Security Reading
by Rodney Campbell on Aug.18, 2006, under Security
Five Firewalls For Your Desktop PC
It's amazing to think there was once a time when the idea of a firewall for one's desktop computer was thought of as overkill, if not downright ridiculous. Now it's practically mandatory — not just to protect your computer from outside threats, but to keep Trojans and e-mail viruses from hijacking your system from within.
EFF: How To Keep Your Search History Private
How can you help prevent damaging privacy invasions like AOL's data leak? Along with spreading the word about this debacle, you can take steps to protect yourself online. Beneath the fold, we've listed some tips and tools that will help keep your search history private.
12 Microsoft Security Bulletins for August 2006.
Bot spreads using latest Windows flaw