Someone is using a Grand Theft Auto mod video as a way to trick viewers into infecting themselves. Although YouTube videos remain safe to view, that hasn't stopped criminals from finding new ways to entice YouTube viewers to get infected with the latest Trojan horse. The latest example is a Grand Theft Auto video for a mod called Hood Life. According to Chris Boyd, Director of Malware Research at FaceTime Security Labs, the graphics in the mod are lame. He says the images used in the video are circa 1986, crudely rendered, not up to the high standards of … Read more
Just before Interop in May, the OpenSEA Alliance, a new industry group focused on open software solutions for networking and security, was announced. The OpenSEA Alliance plans to develop a robust, multiplatform and widely available open 802.1X supplicant with the goal of emulating the successful Mozilla Firefox model.
Just what is an 802.1X supplicant? It's a piece of client code that authenticates an endpoint (i.e. PC or laptop) to a network and thus enhances security.
The OpenSEA Alliance is not alone in the PC space. Microsoft bundles an 802.1X supplicant in Windows XP and Vista. … Read more
It finally happened.
I fell for one of those silly phishing scams. The kind that I previously took sanctimonious pride in having avoided. The kind where you get a frantic e-mail or IM from a friend saying that a malicious link was clicked, a secret password typed in, and that they didn't know better.
I feel so ashamed, guilty, violated...stupid.
In case you haven't heard yet, an IM-based worm was spreading itself via Yahoo Messenger on Friday, propagating through people's contacts lists and directing hapless victims to a malicious Web site. The site looks like a … Read more
With the weather getting warmer, Power Downloader decided that it was time to get away from his computer and take a little vacation with his niece, Kitty Kilobyte. Of course, the thing he worries about the most when leaving the Power Lair unattended is some would-be criminal getting in and stealing his top-secret documents.
Power Downloader is especially concerned about certain items on his desktop, which need to remain top secret when he and Kitty Kilobyte go on vacation. His plans for thwarting villains, programs that map secret locations, layouts of evil lairs, or other top-secret stuff could mean disaster if they get into the wrong hands.… Read more
At some point within the last week, some MySpace user pages were seeded with malicious computer code. The malicious code seeks to exploit Microsoft Windows and Internet Explorer using recently patched security holes. The hope is that you haven't patched your computer yet. If you're a MySpace visitor and you visit one of the infected pages, you'll be redirected to a fake MySpace log-in page aiming to steal the visitor's MySpace user name and password. The attack employs phishing and drive-by download techniques.
SANS' Internet Storm Center offers a detailed breakdown of the attack.
How about a security patch to take that bitter edge off your Java brew?
Sun Microsystems issued a security update on Thursday that is designed to patch vulnerabilities in its Java Web Start application, which allows software for the Java platform to be launched using a Web browser.
The security flaws, described as "highly critical," were found in Java Web Start versions JDK and JRE 5.0 Update 11 and earlier, as well as Java Web Start in SDK and, on Windows, version JRE 1.4.2_13 and earlier, according to a security advisory by Secunia.
Sun issued … Read more
Forty years ago this week, life changed. There's been plenty of hoopla over the 40th anniversary of the "Summer of Love" and the Beatles appearing on American TV, but this event even affects life on Antarctica: the birth of the ATM. Yes, there's an ATM for researchers down at McMurdo Sound.
Before the first ATM was installed by Barclay's Bank near London in 1967, there was a lot of standing in line and writing of checks, though there were probably a lot fewer $20 bills in the United States back then.
Robots with names like Eyeball, Dragon Runner, ToughBot, Marv, Matilda and Talon fearlessly rolled and hovered over wreckage and rubble last week in Disaster City, a 52-acre training center for first responders and emergency workers.
Last week's robotics exercise, the fourth in two years sponsored by the Science and Technology Directorate at the Department of Homeland Security and the National Institute of Standards and Technology (NIST) at the Commerce Department, has a complex task: finding ways of evaluating performance of robots so that they can be fairly compared, according to The New York Times.
IBM has acknowledged that in early 2007 a third-party contractor misplaced a tape containing the personal information of current and former IBM employees. The tape was lost in transit to its Armonk, N.Y, headquarters some time in February. Recently, IBM was in the news as one of the companies helping to investigate the massive data breach at TJX.
Big Blue started informing affected employees last week, and as compensation the company is offering one year of free credit monitoring. The exact number of affected employees is not known but it's thought to include personnel who worked for the … Read more
Following last Friday's release of Safari 3.0.2 comes a brand-new Monday morning vulnerability. Researcher E. Azizov of ITdefence in Russia posted on the Bugtraq newsgroup a demonstration of a buffer overflow in the Windows XP version of Apple's browser. Specifically, the new vulnerability affects the title buffer in Safari bookmarks. If the title of a page you wish to bookmark in Safari 3.0.2 exceeds 1,024 bytes, as soon as you save the bookmark (Ctrl+D) your computer may become compromised.