The FTC’s probe found that D&B “engaged in a number of practices that, taken together, failed to provide reasonable and appropriate security for personal information on its computer networks.”
How did the FTC come up with 20 years?? I mean really will we even have credit cards then?
Check out the article – [StoreFrontBackTalk]
Dr. Jason Hong is the CTO and co-founder of Wombat Security Technologies, a provider of cyber-security training and filtering solutions. In this interview he discusses phishing.
Let’s say your identity gets stolen, what happens next? How exactly does a phisher benefit from gaining access to your sensitive information? What can he do?
Check out the interview – [The Help Net Security]
Apple has released version 4.0 of its iOS mobile operating system, formerly know as the iPhone OS, closing a total of 65 vulnerabilities, some of which could be used by an attacker to take remote control of the device.
Check out the article – [The H Security]
A security researcher has warned of a vulnerability in older versions of the Windows operating system that allows attackers to take full control of a PC. The flaw resides in the Windows Help and Support Center, a feature that provides users with online technical support. Malicious hackers can exploit the weakness of Windows by embedding commands in web addresses that activate the feature’s remote assistance tool, which allows administrators to execute commands over the internet. The exploit works in XP and Server 2003 versions of Windows and possibly others.
Check out the article – [The Register]
Criminals have launched an major e-mail campaign to deploy the infamous ZeuS Trojan, blasting out spam messages variously disguised as fraud alerts from the Internal Revenue Service, Twitter account hijack warnings, and salacious Youtube.com videos.
Check out the article – [Krebs on Security]
There has been a steady flow of academic studies into the insecurity of the username/password authentication system (a number of which we’ve covered at Ars) that suggest it’s doomed to failure: humans have a limited memory capacity for unique strings of random characters, which is precisely what most experts recommend as a secure password.
Check out the article – [Ars Technica]
Check out the study [weis2010.econinfosec.org]
Sucuri.net has released a report about a large number of sites that have been hacked and contain a malware script. A quick Google today indicates that there are currently 111,000 sites still infected. It appears that this is only impacting websites hosted on Windows servers. The situation is being investigated.
More information can be found here.
http://blog.sucuri.net/2010/06/mass-infection-of-iisasp-sites-robint-us.html
http://nsmjunkie.blogspot.com/2010/06/anatomy-of-latest-mass-iisasp-infection.html