Microsoft is warning users of a flaw in Excel which is already being targeted by hackers. The company has received reports of attacks attempting to exploit the vulnerability via email. In order to launch the attack, users must manually launch the malicious file. A successful exploit could allow the attacker to access the machine with [...]
Microsoft warns of Excel flaw
January 21st, 2008 · Comments Off
Oracle Applications Not Secure
January 21st, 2008 · Comments Off
Four times a year Oracle issues its Critical Patch Update (CPU) to address security vulnerabilities in its technologies. According to database-security firm Sentrigo, Oracle’s efforts may well be underutilized by its users. Sentrigo found that only 10 percent of respondents in a study of Oracle User Group attendees reported they were up to date and [...]
New Hack Attacks Cannot Be Blacklisted
January 18th, 2008 · Comments Off
Referring to the malware known as “random js toolkit,” Andrew Storms, director of security operations for nCircle Network Security, said, “While a blacklist may help some users… it’s no substitute for a good set of layered defenses… Security managers need to take a more active role in using management tools.
Oracle to Ship Critical Security Patches Next Week
January 13th, 2008 · Comments Off
Oracle plans to fix dozens of flaws in its software products next Tuesday, including critical bugs in the company’s database, e-business suite and application server. In its first security update of 2008, Oracle will ship 27 security fixes, some of which will affect several products.
Competition May Be Driving Surge in Botnets, Spam
January 9th, 2008 · Comments Off
A price war may be at least partially responsible for the recent increase in spam and botnet activity on the Internet, a researcher suggested this week. The operators of Nugache, one of the Web’s most sophisticated emerging botnets, appear to be expanding their network and slashing prices to customers who want to use it to [...]
Microsoft closes a critical network flaw
January 9th, 2008 · Comments Off
Microsoft kicked off the new year by fixing three vulnerabilities on its first regularly scheduled patch day. The most serious flaw affects the way that Windows systems handle storing the data associated with Internet Group Management Protocol (IGMP) and Multicast Listener Discovery (MLD) network requests.
Anatomy of a hack attack
January 9th, 2008 · Comments Off
Blackjack, a hacker working from an internet cafe in London, is about to launch an attack on a major government agency. His aim is to cause maximum disruption and embarrassment. And, according to security experts, his job is going to be worryingly easy.
Viruses to infect Wi-Fi networks in 2008?
January 9th, 2008 · Comments Off
Researchers at Indiana University have warned of the increased opportunity for hackers resulting from the spread of Wi-Fi. The researchers were specifically talking about the new breed of city-wide Wi-Fi networks where thousands can be logged on simultaneously, but the principle can also be applied to smaller-scale public hotspots.
Hacking for a Good Cause
January 9th, 2008 · Comments Off
This is Part Three of a Series. Brad Willman was installing networking equipment out of an emergency van in British Columbia when a policeman showed up and asked for him. Willman knew the officer from a case he was involved with a couple of years earlier, so he didn’t worry–until he arrived at the police [...]
The easy way to avoid a Wi-Fi virus
January 9th, 2008 · Comments Off
It’s flu season—for you and your wireless router. A study by Indiana University proves that a virus can quickly spread among unsecured or WEP-encrypted routers in densely populated urban areas. But networks secured by the WPA protocol were impenetrable, and that gives you one more good reason to really secure your network.