Security Watch


Researchers Challenge DOS Attack Data

Also: protecting against EFS-based attacks; banks misappropriating data from other sources.

Strange Research Rising Out of Ashes on Stolen Logins

Also: E-mail bomber sentenced to scene of the crime; how SMIshing works.

Vista and Blue Pill: Debunking the Myth

Blue Pill is easier to swallow now that the trick has been more closely scrutinized. Plus, a look at what's on your hard drives that you thought you erased.

Code May Sour BlackBerry Users

Also: software keeps cars garaged and why we shouldn't stop superbugs from breeding.

Do Vulnerability Auctions Compromise Security?

On the fence regarding whether vulnerability researchers should be compensated for their findings. Plus, "friendly hacking" between Netscape and Digg users; 74,000 .eu domain names frozen.

Click Fraud Rate Rises to 14.1%, Report Says

FBI consultant gets busted, Microsoft Private Folder pulled and U.S. OMD department issues security incident reporting rules.

Microsoft Makes Security Blunder with Vista Beta Patching

Think Microsoft issuing patches for Vista Beta software is good for security? Think again!

Digital Certificates Real Cure for Two-Factor Phishing Spoof

Plus, TWiki vulnerability, EU firewall project, free DNS lookup site fights phishing and the U.S. probes an international hack attack.

OpenOffice Vulnerabilities Discovered

Flaws in OpenOffice could allow for malicious code exploits. Plus, a U.S. business group publishes a report on national Internet disaster recovery and a blog on strong passwords.

Are .DOC, .XLS Attachments Really So Dangerous?

Symantec thinks so and recently banned these attachments internally as a result. Russ has another take.

U.S. Government Mandates Laptop Security

Plus new coalition forms I.D. protection center, medical records stolen, more.

Beware the Man in the Middle

Two-factor authentication solutions such as those that use one-time token values can still be subverted by clever phishing methods.

Fail-Safe Magnetic Storage Erasing

Georgia Tech researchers develop fail-safe magnetic data erasure techniques, Visa USA's ATM breaches, a community crime watch Web site and more.

Numerous Critical Flaws Fixed in Latest Firefox Update

Firefox security update fixes five critical vulnerabilities, a hacker is arrested for cracking VoIP networks, Circuit City's Web site is hacked, and more.

Whose Responsibility Is It, Anyway?

Keep records of your security recommendations to management or you might be left holding the short end of the stick.