Peaches

Firewall Flaws and How to Fix Them Ross O. Storey, CIO Asia "While the application and threat landscape has been evolving, firewalls have changed very little over the last 15 years, according to enterprise network firm Palo Alto Networks. The firm, soon to launch a new product in Singapore, has warned that supplementing firewalls with proxies, prevention systems, URL filtering and other costly and complex devices is "ineffective in today's application and threat landscape". In a recent a study of 900,000 users, Palo Alto found that 100 per cent of the organisations surveyed had firewalls and 8

Enterprises cut costs with open-source routers Early adopters gain flexibility and big savings By John Edwards June 8, 2009 12:01 AM ET Computerworld - Open-source is everywhere -- operating systems, application software, development tools. So why not routers, too? "It's a question that Sam Noble, senior network system administrator for New Mexico Supreme Court's Judicial Information Division, pondered while looking for a way to connect courthouses statewide to a new centralized case management system. Noble sought a DSL router that would be affordable and customizable, but found that the ISP

Last.fm phish strikes a bum note Crooks tune in to net unwary "Fraudsters have launched an attack which aims to trick Last.fm users into handing over their login credentials. The assault is the latest example of cybercrooks applying phishing techniques towards Web 2.0 sites, such as Twitter and Last.fm, as well as the traditional targets of online banking and ecommerce sites. Part of the reason for this could be that some surfers tend to use the same passwords for low sensitivity sites, such as Last.fm, as well as more sensitive locations, such as webmail and even online banking accounts." sto

Opera Mobile 9.7 Beta Now AvailableWorks on Windows Mobile handsets "Norwegian software company Opera announced today the availability of the new Opera Mobile 9.7 browser for Windows Mobile-based handsets. The new software solution comes with impressive browsing speed capabilities due to the addition of Opera’s recently launched technology, Opera Turbo. Moreover, the new browser also includes the company's newly upgraded browser engine, called Opera Presto 2.2, meant to deliver faster page loads and an increased performance. The new Opera Mobile 9.7 beta also comes with Opera Widgets, meant t

Jun7 Reconfigure Your Outlook with Malware by Ailene Dela Rosa (Technical Communications) A few days ago, we reported about a phishing email that is supposedly a Microsoft Outlook notification, telling users to reconfigure their program by clicking on the link provided. Instead of an update, however, the user is redirected to a phishing Web site, where s/he is asked for his/her account information, including incoming and outgoing mail server. Apparently, this attack was successful as Trend Micro has recently detected a new spam message that uses the same technique: TrendMicro for details &

Leaked Memo Quotes Windows 7 Upgrades at $50 Gregg Keizer, Computerworld "A leaked memo from Best Buy claims that the retail chain will pre-sell Windows 7 upgrades for as little as $49.99 starting June 26, a technology enthusiast site reported today. On Friday morning, Engadget posted an image of what it said was an internal Best Buy memo that outlined the company's plans for Windows 7, which Microsoft has announced will go on sale starting on Oct. 22. The memo, which dubbed Windows 7 as more than just a "Vista that works" operating system, said that Best Buy would kick off pre-sales of Windo

Microsoft Readies Flood of Patches Gregg Keizer, Computerworld "Microsoft today said it will deliver 10 security updates next week to patch serious bugs in Windows, Internet Explorer (IE), Word and Excel. If the company follows through on its plans -- sometimes Microsoft ditches an update at the last minute -- next week's Patch Tuesday will be the largest since October 2008. "We're back to a normal load," said Andrew Storms, director of security operations at nCircle Network Security. "Some may think of it as pretty big, but really, for anyone who's dealt with Patch Tuesday for the last five

drats! I was hoping for a gotcha!!

9 easy ways to improve your laptop's sound Just say no to lousy laptop audio. With a few inexpensive upgrades, your notebook can sound like a million bucks. Brian Nadel (Computerworld) "Whether your laptop is a state-of-the-art screamer that cost you thousands of dollars or a budget model that cost just a few hundred, chances are its speakers make it sound about as good as an AM radio in the shower. Notebooks have always come up short on sound because space and power limitations have meant everything is downsized, from audio chips and analog-to-digital converters to amplifiers and speakers.

ATM malware spreading around the world, researcher says By Jeremy Kirk DG News Service - "Cash machines around the world are hosting malware that can harvest a person's card details for use in fraud, a situation that could worsen as the malware becomes more sophisticated, according to a security researcher. Analysts at Trustwave's SpiderLabs research group were surprised earlier this year when it obtained the ATM malware sample from a financial institution in Eastern Europe, said Andrew Henwood, vice president of SpiderLabs's Europe, Middle East and Africa operation. Trustwave does forensic i

Go ahead & try it .. it's right on!! SYLVESTER CATCHES TWEETY Watch this until Sylvester catches Tweety. (Wait for it. It's worth it) AFTER Tweety is caught, scroll down. This was an idiot test. How long did you watch? 0-2 seconds - there's hope for you 2-5 seconds - having a bad day? 5-10 seconds - are you maybe just a slow reader? 10-20 seconds - remedial classes are nothing to be ashamed of

Hackers Arrested In China After Feud Causes Major Outage DDoS feud between underground gaming services allegedly caused temporary Internet outage across more than 20 provinces Jun 04, 2009 | 04:55 PM By Tim Wilson DarkReading Four individuals have been arrested in China after an alleged denial-of-service "war" between underground gaming services spun out of control, according to news reports. According to a report by Xinhua News Agency, China's Ministry of Public Security said Tuesday that the suspects were detained on May 29 following police investigations in the Jiangsu, Zhejiang, and Gu

Developers take Mac, Linux-friendly Chrome for a spin 'DON'T DOWNLOAD THEM' warns Google By Kelly Fiveash 5th June 2009 11:21 GMT "Google has released a rough-round-the-edges version of Chrome for the Mac OS X and Linux platforms, nine months after the browser made its debut. However, Mountain View has warned all but the most hardy of developers to steer clear of the test build versions. "In order to get more feedback from developers, we have early developer channel versions of Google Chrome for Mac OS X and Linux, but whatever you do, please DON'T DOWNLOAD THEM," urged Google product managers

MS warns of bumper patch batch Six critical updates locked and loaded By John Leyden • 5th June 2009 10:30 GMT Microsoft is having an especially bulky Patch Tuesday, with the release of ten updates - six of which will address critical flaws. The June edition of the software giant's Patch Tuesday update cycle will bring critical security fixes for flaws in IE, Windows (two) and Microsoft Office components (three). As usual there's not much by way of detail just yet, aside from the warning that all six flaws create a means to inject hostile code onto vulnerable systems. Four “important” update

Autorun Worm Invades ZIP 6:15 pm (UTC-7) | by Alice Decker (Advanced Threats Researcher) Stealth technique used by malware is considered a core characteristic which has been developed, improved, redesigned, and reused. Michael Tants, Threat Researcher at Regional TrendLabs in Europe, has notified us of a worm that has a unique way of hiding: on infection, WORM_AUTORUN.JFZ writes a copy of itself in every ZIP-compressed file it finds on a system. When WORM_AUTORUN.JFZ places a copy of itself in an archive, it uses double extension by adding .GIF and .SCR. The .GIF extension is used as its

Ruby On Rails password protection can be nullified due to flawed code The Ruby on Rails developers have, in their blog, noted a security problem which can allow the circumvention of password protection of pages or content. This is related to the return value from the digest authentication code, authenticate_or_request_with_http_digest. This code should return true if the user is found and false if not. However the documentation was unclear, and it was possible for a developer to return nil from the method. With a nil return, because the return value wasn't false, Rails would continue authenti

Google tracking cookie spans AdSense, DoubleClick Um, but it keeps the data separate? By Cade Metz in San Francisco 4th June 2009 20:28 GMT "Yes, Google is using the same tracking cookie across both its AdSense and DoubleClick online ad contraptions. This allows the Mountain View ad giant to collect your surfing habits as you move from AdSense partner sites to sites using DoubleClick's ad management platform - although the company indicates that at least in some cases, the data is not combined. "Although we use the same cookie, our data use rights vary per product according to our contracts wi

Google eyeballs planted on 92% of top websites 'The most dominant player in the tracking market' By Cade Metz in San Francisco "A new privacy study says that Google-controlled web bugs are tracking users on 92 of the net's top 100 sites and about 88 per cent of almost 400,000 other domains. Using a Firefox browser plug-in called Ghostery, three graduate students in the School of Information at the University of California, Berkeley recently examined the use of cookies, beacons, and other trackers on 393,829 distinct domains across the web, and Google trackers appeared on 348,059 of them. Goog

Jun4-2009 Search Results for Air France Flight 447 Lead to Rogue Antivirus 4:37 am (UTC-7) | by JM Hipolito (Technical Communications) Issues surrounding the crash of Air France Flight 447 have not been fully resolved up to now but, it didn’t need be for cybercriminals; they’re already taking advantage of this tragedy too. Through SEO poisoning, searches for reports related to the plane crash yield links that when opened trigger multiple redirections to various sites, which ultimately lead to download of rogue antivirus software. The URLs are detected as follows: hxxp:// cnnnews2009.{BLO

4 June 2009, 19:08 Microsoft Outlook users targeted in phishing attack Trend Micro is warning of a new phishing attack that specifically targets Microsoft Outlook users. Rather than simply use email to try and trick victims out of details of online accounts, or general personal details, these attacks attempt to obtain details of the email account itself. The phishing email appears to be from Microsoft and prompts the recipient to re-configure their Outlook e-mail client by clicking on a link which leads to a phishing website. Once there, the site asks users to submit their account name, passw

4 June 2009, 13:18 Google statistics reveal top 10 malware sites Google has published statistics on the top 10 malware source sites from its scans over the last two months. These are sites which host malware that is delivered to users by infecting legitimate sites to re-direct their browser to one of the malware source sites. Attackers then use various exploits in Internet Explorer, Firefox and QuickTime to infect the victims system with malware. Heise security for details & screenshot - http://www.h-online.com/security/Google-st...s--/news/113453 >>>>>>>>>>&

Trojan Attack On Multiple ATMs Steals Data, PINs Researchers find malware code that lets an attacker take full control of the cash machines Jun 04, 2009 | 01:36 PM By Kelly Jackson Higgins DarkReading A rash of hacked ATMs during the past few months were hit with the same piece of malware that lets the attacker take over the ATM to steal data, PINs, and cash from the infected machines, researchers have found. SpiderLabs, the forensics and research arm of TrustWave Systems, has dissected a Trojan family that infected 20 ATM machines, most in Eastern Europe. But the researchers say the malwa

Trend Micro Updates Free HouseCall Scanning Service HouseCall 7.0 includes a new user interface and streamlined processes resulting in shorter scan times Jun 04, 2009 | 02:19 PM Cupertino, Calif. " June 3, 2009 " HouseCall 7.0 is a major redesign of Trend Micro's highly popular free online virus and malware scanning service. Since its introduction in 1997, HouseCall has been scanning computers, and scrubbing out viruses and malware it discovers. HouseCall 7.0 has a new user interface, and streamlined processes resulting in shorter scan times. The flagship free tool now uses elements of the T

FTC Shuts Down ISP Notorious For Hosting Spammers, Botnets, Phishing, Porn FTC alleges that the defendant advertised its services in the darkest corners of the Internet, including a forum established to facilitate communication between criminals Jun 04, 2009 | 04:58 PM A rogue Internet Service Provider that recruits, knowingly hosts, and actively participates in the distribution of spam, child pornography, and other harmful electronic content has been shut down by a district court judge at the request of the Federal Trade Commission. The ISP's upstream providers and data centers have disconn

June 4, 2009 12:33 PM PDT Microsoft to plug holes in Windows, IE, Word, Office, and Excel by Elinor Mills Updated 3:30 p.m. PDT with Adobe update due on Tuesday. Microsoft will release 10 security updates on Patch Tuesday next week, including critical patches for holes in Windows, Internet Explorer, Word, Office, and Excel. In addition, Adobe said it will provide security updates for Adobe Reader and Acrobat versions 7.x, 8.x, and 9.x for Windows and Macintosh on Tuesday in its first quarterly security update for its popular software for creating and reading PDF files. The critical update w