Security Watch


Spammers Target MP3 Downloaders

Plus: settling with crooks; malware as a service; more.

You vs. the One-Armed Bot Army

Plus: Arp spoofing strikes CISRT; how copper thieves can pose threats to your systems.

What You Don’t Know Can Hurt You

Vulnerabilities in products from Cisco, Sun Java and Nagios can help hackers into systems via less obvious methods if IT doesn't think creatively.

OpenSSL Still Wide Open to BOF

Plus: Check Point BOF; zombies and botnets; and rootkits

Are Viruses Dead?

Despite rise in malware, poll says fewer users prone to being infected. Also: hacking 911, phishing for fun and old hard drives and data.

CA's Backup Software's BOF Gets Fix

Plus: Hackers working together to steal your identity; AIM hack just needs you to be logged in to work.

Virtual Vulnerabilities

Flaws in VMware's products have been patched. Also, Apple WiFi hack gets published; inside reputation-based attacks.

VB 6 Can Come Visually Flawed

VBP files might not be as they seem. Plus: MySpace ad fix; Max Vision gets locked up.

Bank Heist via Malware

Hackers breach bank's site with barrage of exploits. Plus: unhealthy security policies and data-filled hard drives on eBay.

The World Needs More Fuzzers

Javascript fuzzer used to discover Opera browser flaw; domain parking; another Nigerian 419 scam; more.

SpyProxy Offers Browser Protection, For Now

Another tool to fight the criminals lurking on the Internet. Plus: DNS 'pinning'; Atsiv driver rejection; more.

You Can Take It With You

Computer Fraud and Abuse Act can't be used against employees who access data and take that information to competitors. Plus: Beware of debit-only ATMs.

Free Tool Hunts Bots

Research project creates tool to seek and kill bots; homeland power threat guidelines; server attack vector in Confixx.

What You Don't Know Hasn't Hurt You -- Yet

Also: Trusting TRUSTe; FTC's down on P2P; a policy for encrypting thumb drives

CA Alert Service Vulnerable to Buffer Overflow

Plus Citrix flaw, Boing document theft and what Prevx tracked on recent Trojan attacks.