2007.07.10 Daily Security Reading
by Rodney Campbell on Jul.10, 2007, under Security
Blacklists have their place for detecting and identifying malicious content and activity, with the whole signature-based malware detection industry effectively being built around the concept that blacklists are reliable mechanisms. The only problem is that they aren’t.
Eight in ten major Web sites highly vulnerable to attack
Eight out of ten Web sites contain common flaws that can allow attackers to steal customer data, create phishing exploits, or craft a variety of other attacks, a security company reported today.
Alternative Botnet C&Cs (pdf)
Free sample chapter (chapter 3) from Botnets: The Killer Web Application.
The IPO of the 0day (pdf)
Stock fluctuation from an unrecognized influence; interesting stats: average 0day lifetime: 348 days, shortest life: 99 days, longest life: 1080 (3 years).
Have Spammers Overcome the CAPTCHA?
A new threat, dubbed Trojan.Spammer.HotLan.A, is using automatically generated Yahoo and Hotmail accounts to send out spam email, which suggests that spammers have found a way to overcome Microsoft’s and Yahoo’s CAPTCHA systems.
-
Hi! Welcome to Rodney Campbell's Blog!
Thanks for dropping by! Feel free to join the discussion by leaving comments, and stay updated by subscribing to the RSS feed. See ya around!
Follow Me!
