IT security, vunerabilities, bugs, fixes, flaws, RSA conference and Infosec.

« August 2006 | Main | October 2006 »

And again

It's just not Microsoft's month is it? The Redmond Giant  has been hit by another major security problem following the discovery of a vulnerability in its PowerPoint software.

The unpatched PowerPoint flaw is believed to allow hackers to run malicious code on both Windows and Apple Mac computers.

September 28, 2006 | Permalink | Comments (0) | TrackBack

And here's the fix...

Microsoft has had to rush out a one off patch for the VML bug that's currently wreaking havoc on the web.

Must have been a heck of a threat then.

September 27, 2006 | Permalink | Comments (0) | TrackBack

VML exploits flooding web

It looks like more and more exploits using the unpatched VML-vulnerability in Microsoft's Internet Explorer are popping up all over the web. A malware toolkit known as "WebAttacker" has also appeared, making it easier for script kiddies to implement the exploit.

September 25, 2006 | Permalink | Comments (0) | TrackBack

HP: a good example...

of how not to trace leaks. Wow, this has spying scandal has really blown up into something. But the worrying thing is, there seems to be a lot of stories like this bouncing around at the moment. Who's spying on who?

September 25, 2006 | Permalink | Comments (0) | TrackBack

Using Google to monitor your bots

Interesting use of Google Analytics here. A botnet operator is using Google Analytics to collect additional details about his network of zombie computers. Apparently he's embedded the code into the virus.

September 19, 2006 | Permalink | Comments (0) | TrackBack

Bad news for Barclays

Barclays Bank’s online services have been targeted by a phishing attack involving at least 61 variants of a spoof email, it has been claimed. Panda labs reckons that, of all phishing messages currently analysed, some 64 per cent target Barclays’ clients.

September 18, 2006 | Permalink | Comments (0) | TrackBack

Piecing it together

Surprise, surprise. The government has decided that ID cards will be developed where possible from existing Whitehall technology, procedures and information. This replaces the original plan for a traditional, monolithic, multibillion-pound programme.

It just remains to be seen if the pieces can be put together.

September 14, 2006 | Permalink | Comments (0) | TrackBack

Zotob authors get jail time

Word of warning to worm authors here. Authorities in Morocco have handed out jail sentences to the two authors of the Zotob worm. The court sentenced Farid Essebar, a 19 year-old science student, to two years in jail and 22 year-old Achraf Bahloul to one year for their part in creating and spreading the worm.

September 13, 2006 | Permalink | Comments (0) | TrackBack

Hackers hit government wiki

So this is what happens when the government tries to use new technology. The Department for Environment, Food and Rural Affairs was left with egg on its face when proposals published in an online wiki were 'edited' by a number of hackers.

The website was eventually taken down after 170 people made 'additions'.

September 7, 2006 | Permalink | Comments (0) | TrackBack

Phishing on the increase?

Apparently 89.5 per cent of all viruses scanned in August were classified as phishing malware. But SoftScan believes this is a result of improved or additional detection by antivirus scanners, rather than any real increase in the number of phishing emails distributed.

September 5, 2006 | Permalink | Comments (1) | TrackBack

Want to surf securely?

So this new web browser - Browzar -  is promising users a way to surf the internet while disclosing only a limited amount of personal information. The cool thing is you can run it without installation.

September 2, 2006 | Permalink | Comments (0) | TrackBack

Virus levels on the up

The bad news - virus levels have doubled over the past month. The good news - virus emails still only account for just over 1 per cent of all emails.

Shame about the spam though.

September 2, 2006 | Permalink | Comments (0) | TrackBack