DNS (define), the critical technology that connects IP addresses to domains, is not secure by default. It’s an issue that the IT industry is trying to solve with DNSSEC – DNS Security extensions that provide digitally signed and encrypted domain authentication.
DNS Security Getting Easier?
March 19th, 2009 · Comments Off
Microsoft patch leaves users vulnerable, says nCircle researcher
March 19th, 2009 · Comments Off
One of the patches Microsoft Corp. issued last week is nothing of the sort, according to a researcher who today accused Microsoft of making functionality a higher priority than security.
Using a hacked Wordpress site to pwn the web server
March 11th, 2009 · Comments Off
I made references in my previous post about the Semisecure Login Wordpress plugin about how if an attacker gets a Wordpress username and password for your website, it can be used to wreak havoc on the web server that’s hosting it.
Users Complain of Mysterious PIFTS Warning
March 11th, 2009 · Comments Off
Computer support forums are lighting up with queries from users wondering what to do about an alert on whether to trust a file called "PIFTS.exe". Meanwhile, someone at Symantec’s support forum seems to be deleting posts from users inquiring about this alert almost as soon as they go up on the forum.
Five principles underpinning robust security strategies
March 11th, 2009 · Comments Off
Forrester Research provides five best practice tips for building IT security strategies. Security is not a standalone discipline any more, and security professionals today need to understand the broader business context if they want to succeed in their job.
Can peer to peer coexist with network security?
March 11th, 2009 · Comments Off
Security experts have long cautioned about the risk posed by the use of peer-to-peer file sharing by individuals working in corporations, warning that the practice creates holes that let malware in and sensitive data out.
Facebook automatic URLwrapping: A double edged sword?
March 11th, 2009 · Comments Off
The Koobface worm scouring Facebook since last July, and which made the headlines again this week, is certainly beginning to redesign the concept of “friend. ” The “acquaintance from high school you’ve never talked to since you added her/him” might now be the “acquaintance from high school you’ve never talked to since you added her/him [...]
Adobe PDF critical vulnerability can allow hackers to open a backdoor and run malicious code on your computer
March 11th, 2009 · Comments Off
Adobe has issued a security alert after a critical zero-day vulnerability was discovered in their popular PDF reading program which could allow hackers to take control of computers. In a security bulletin issued, Adobe warned that the security hole would not be patched until 11th March.
Security admin, botmaster sentenced to four years in prison
March 11th, 2009 · Comments Off
One-time security consultant and significant black hat John Schiefer has been sentenced to four years in federal prison after pleading guilty to multiple counts of fraud last April. Schiefer’s case began in 2007 when he was charged with having installed malware on computers without the consent of the owner.
After Patches, Adobe Flash Still Not Secure
March 3rd, 2009 · Comments Off
Adobe’s Flash application is great for creating and watching rich multimedia applications, but it’s one of the applications security researchers fear most because it is highly vulnerable to hackers. The application has come under more intensive scrutiny recently after Adobe issued a patch for yet another vulnerability discovered earlier this week.