Beware of Keystroke Logging Virus Spam
Thursday July 31, 2003
As malicious developers get more clever different security disciplines converge and the lines are blurred. Is it email spam? Is it a virus? Is it a breach of your computer's ... Read More
Microsoft Creates Patch Management Document and Utilities
Thursday July 31, 2003
The world is waiting anxiously for a worm to hit the Internet that takes advantage of the flaw announced in
Not All Music Copying Is Illegal
Wednesday July 30, 2003
Mark Rasch wrote an excellent article on SecurityFocus which discusses what truly constitutes theft vs. copyright infringement. There are more gray areas there than the RIAA might have you believe ... Read More
FBI Tries To Take A Mile When It Comes To Our Rights
Tuesday July 29, 2003
The terrorist attacks on September 11, 2001 have been used as a rationalization for almost every bill introduced since then. Just mention "terrorists" or "national security" and your bill gets ... Read More
Are You Being Paid Enough?
Tuesday July 29, 2003
This may not be specifically related to security, but everyone likes to know if they're being paid more or less than their peers in the industry. If you have a ... Read More
Book Review: Steal This Computer Book 3
Saturday July 26, 2003
Stand-up comedian and information security columnist Wallace Wang has done it again. Steal This Computer Book has sold over 150,000 copies from the first two versions. This latest edition adds ... Read More
Book Review: The Happy Hacker - 4th Edition
Saturday July 26, 2003
The Happy Hacker - 4th Edition is a sub-par book for this genre. With so many high-quality, well-written books on the subject of hacker tricks and tools and what you ... Read More
Computer Security 101: Lesson 8 Quiz
Friday July 25, 2003
We're coming into the home stretch on the 10-part Computer Security 101 series. Lesson 9 was posted a few days ago and now here is the quiz for Lesson 8. ... Read More
Not To Be Outdone- Oracle Releases Barrage of Security Alerts
Friday July 25, 2003
Larry Ellison has never had much love for his friends from Redmond, WA. The Oracle CEO is in a constant Quixotic battle against Microsoft and Bill Gates. This "charge at ... Read More
Trojan Preys on Brand Recognition to Trick Users
Friday July 25, 2003
With more viruses, Trojans and identity thieves preying on brand recognition and brand loyalty to trick users into executing malicious code or giving up personal and confidential information, it pays ... Read More
Another Barrage of Microsoft Security Bulletins
Friday July 25, 2003
When the month of July began there were only 22 Microsoft Security Bulletins released in 2003. With one week to go that count has now reached 31. The most current ... Read More
Book Review: Hacker's Challenge 2
Thursday July 24, 2003
After you've read Hacking Exposed - 4th Edition and learned all you think you can about the tools and tricks used by hackers to break into your system and how ... Read More
Book Review: Inside Internet Security
Thursday July 24, 2003
Inside Internet Security: What Hackers Don't Want You to Know is a great introduction to many information security concepts from Jeff Crume. The book was published in 2000 and may ... Read More
P2P Networks Move To Hide Users With "Secure" Software
Thursday July 24, 2003
While the RIAA stubbornly continues trying to push legislation to allow them to sue and prosecute their customer base- not the most intelligent marketing campaign I've ever heard of- the ... Read More
Computer Security 101: Lesson 9
Wednesday July 23, 2003
This 9th installment of the Computer Security 101 series covers more proactive steps you can take to protect your system from hackers and viruses. Preventive measures like installing antivirus and ... Read More
Former CyberSecurity Czar Joins Sygate Board of Directors
Wednesday July 23, 2003
Sygate Technologies announced today that Howard Schmidt has been appointed to their Board of Directors. Mr. Schmidt resigned earlier this year from his position as CyberSecurity Czar for President Bush. ... Read More
Exercise Caution When Using Public Internet Terminals
Wednesday July 23, 2003
More and more public Internet terminals seem to keep popping up. There are web-surfing coffee shops and computers available for use at libraries. There are also public computers available for ... Read More
Honeypots and Honeytokens
Tuesday July 22, 2003
Lance Spitzner, one of the founders of The Honeynet Project and one of the key authors of Know Your Enemy, recently published a paper on SecurityFocus about the concept of ... Read More
Michael Jackson Speaks Out Against File Swapping Legislation
Tuesday July 22, 2003
Last week I posted a blurb about a new bill in Congress which proposes jail time for those found to be harboring illegal files on their computers (see What We ... Read More
Fun Things To Do With Your Honeypot
Tuesday July 22, 2003
Alberto Gonzalez and Jason Larsen just published a paper on linuxsecurity.com entitled Fun Things To Do With Your Honeypot. This paper takes a look not so much at the technical ... Read More
Discuss RIAA Legislation In This Hot Forum Topic
Tuesday July 22, 2003
netsecurity.guide said:
"I understand where you're coming from somewhat, but draconian laws generally fail to actually accomplish their intended goal. Like I said in the article- Prohibition did not stop the ... Read More
Don't Be A Victim of Cyberstalking
Tuesday July 22, 2003
Even stalkers can get hi-tech these days. Instead of having to hunt their prey the old-fashioned way they can dig up a substantial amount of information about a person from ... Read More
Attacks Begin To Exploit Cisco Vulnerability
Saturday July 19, 2003
A hacker published code in a public forum on Friday that can be used to exploit the latest DoS vulnerability in Cisco devices. That raised the threat from Defcon 4 ... Read More
What We Need Are MORE Laws!
Saturday July 19, 2003
Forget trying to actually find and punish existing lawbreakers. Forget trying to enforce the laws that already exist. When it comes to many aspects of illegal activity it seems that ... Read More
Book Review: White-Hat Security Arsenal
Friday July 18, 2003
White-Hat Security Arsenal was published in 2001, but the core foundations of good information security don't change. Aviel Rubin brings years of expertise to share with the readers and help ... Read More
Book Review: Hacking Linux Exposed - 2nd Edition
Friday July 18, 2003
Hacking Linux Exposed - 2nd Edition is a welcome and valuable update to an indispensable Linux security resource. I am a huge fan of the Hacking Exposed series and can't ... Read More
Book Review: Personal Firewalls
Friday July 18, 2003
Personal Firewalls for Administrators and Remote Users by Lisa Yeo is a good book on the subject of personal firewalls. The book does a good job of covering the pros ... Read More
Microsoft Releases Three New Security Bulletins
Thursday July 17, 2003
There is some old superstition that when celebrities die they come in groups of 3. Of course, the interpretation of how long the timeframe is in which the "3" should ... Read More
All Cisco Routers Vulnerable to DoS
Thursday July 17, 2003
All Cisco devices running the Cisco IOS and used for processing IPv4 packets are vulnerable to a denial-of-service (DoS) condition. Here is an excerpt from the Cisco Advisory: "Cisco routers ... Read More
Book Review: PKI Security Solutions
Wednesday July 16, 2003
PKI Security Solutions, by Kapil Raina, offers a timely and insightful look at this security technology. It covers the broad concepts as well as providing PKI solutions to specific HIPAA, ... Read More
Linux Firewall-related /proc Entries
Monday July 14, 2003
For those not familiar with the *Nix (Unix / Linux) file and directory structure or command syntax this paper may be too technical. Many users of Linux use IPChains or ... Read More
Antivirus Software for Mac OS X
Monday July 14, 2003
There are not many viruses in the world that actually infect a Macintosh system. Some feel its the result of it being a superior operating system. Others feel it has ... Read More
Beware "Brand Spoofing" Spam
Saturday July 12, 2003
Every once in awhile I get an actual email message from an actual person who I actually know and who has an actual reason to communicate with me. Sometimes they ... Read More
Don't Let Your Windows Get "Shattered"
Saturday July 12, 2003
Security researchers discovered a class of security flaws that use the Windows messaging system to request privileged applications to run malicious code. The original discoverer of this type of attack ... Read More
Upgrading to ZoneAlarm Pro 4.0 May Disable Some Firewall Rules
Saturday July 12, 2003
I have always been a fan of the ZoneAlarm personal firewall software products. I recommend them in my Top Picks and gave ZoneAlarm Pro 3.7 a 'Best of the Net' ... Read More
Book Review: Incident Response
Saturday July 12, 2003
Douglas Schweitzer has written a superb book that anyone responsible for handling computer incident response should be required to read. This book provides all of the information needed to properly ... Read More
Pending Legislation to Mandate Computer Security
Friday July 11, 2003
Representative Adam Putnam (R-Florida), chairman of the House Government Reform Subcommittee on Technology, plans to introduce legislation to mandate minimum baselines security standards for the private sector. Mr. Putnam feels ... Read More
Express Yourself
Friday July 11, 2003
Beginning on Thursday, July 10 About.com added a new feature to the articles on the various Guide sites. Readers can now rate the articles from 1 through 5 to vote ... Read More
Cisco Security Alert: DoS Flaw In Switches
Friday July 11, 2003
Cisco Catalyst 4000, 5000 and 6000 series switches may be vulnerable to a denial-of-service (DoS) attack. The Cisco Advisory states "After receiving eight TCP connection attempts using a non-standard TCP ... Read More
SecurityFocus Articles: U.S. Information Security Law Series
Thursday July 10, 2003
Well-known information security site SecurityFocus has done a series of articles on U.S. Information Security Law. The series is very informative and enlightening. Recently, they released the fourth and final ... Read More
Teenage 'Hacktivist' Arrested In France
Thursday July 10, 2003
A 17-year old Paris native, whose name is being withheld due to being a minor, was arrested June 23 for defacing web sites. Known in the hacker underground as DKD, ... Read More
Apache Releases New Version To Fix Security Flaws
Thursday July 10, 2003
The popular Apache web server (estimated to control about 67% of the web server market according to Netcraft Statistics) was subject to four fairly serious DoS (Denial-of-Service) conditions. The Apache ... Read More
'Hacking The X-Box' Finds New Publisher
Thursday July 10, 2003
Andrew Huang wrote a book showing how to hack the Microsoft X-Box gaming console. Originally Wiley Technology Publishing agreed to publish the book, but upon seeing the manuscript they backed ... Read More
New Microsoft Patch for Vulnerability Affecting ALL Windows Platforms
Wednesday July 9, 2003
Microsoft released Security Bulletin MS03-023 today detailing a flaw with how the HTML converter for Microsoft Windows handles a conversion request during a cut-and-paste operation. Exploiting the flaw, an attacker ... Read More
New Zealand Anti-Hacking Law Irks Security Researchers
Wednesday July 9, 2003
It seems sort of deja vu. The legislators pass an anti-hacking law short on technological savvy and with wording so broad it seems to imply that legitimate network security measures ... Read More
Computer Security 101: Lesson 7 Quiz
Wednesday July 9, 2003
The 7th lesson in the Computer Security 101 series was about firewalls, intrusion detection systems and honeypots. To find out how much you learned or how much you know about ... Read More
If You Can't Beat 'Em, Join 'Em
Tuesday July 8, 2003
The President of P2P (peer-to-peer) network Grokster, Wayne Rosso, has decided to launch his own lobbying organization to represent the interests of P2P networking on Capitol Hill. In the face ... Read More
Free Security Tools and Software
Tuesday July 8, 2003
Many people don't run updated antivirus software or use personal firewall software because they don't even know what it is or what its supposed to do. However, there are a ... Read More
Grad Student's Dissertation Could Be Threat to National Security
Tuesday July 8, 2003
A George Mason University student named Sean Gorman has put together a wealth of information that could prove devastating if it were to fall into the wrong hands. The government ... Read More
Start-up Unveils New Encryption Method
Tuesday July 8, 2003
Voltage Security has developed a new means of encrypting email communications that does not rely on the PKI (public-key infrastructure) commonly used in other encryption schemes. End-users, especially non-technical users, ... Read More
Book Review: Practical Cryptography
Monday July 7, 2003
I recently finished reviewing the book Practical Cryptography by Niels Ferguson and Bruce Schneier. This book was a follow-up to their best-selling Applied Cryptography, but may be aimed at a ... Read More
Computer Security 101 - Lesson 8
Sunday July 6, 2003
The first 7 lessons of the Computer Security 101 series exposed you to various technology, terminology and acronyms associated with computers and the Internet as well as the major pitfalls ... Read More
July 6 Hacker Contest: Some Say "Don't Believe The Hype"
Friday July 4, 2003
Headlines everywhere- from niche tech web sites and news sources to mainstream news and government sources- are warning of a massive web site defacement attack on Sunday, July 6. Details ... Read More
What Is In a Name?
Thursday July 3, 2003
A hacker by any other name will still cause havoc. Hacker purists insist that hacking is a form of benevolent curiosity and that the term should not be associated with ... Read More
Waiter Charged With Cloning Restaurant Customer Credit Cards
Wednesday July 2, 2003
Many consumers are leary of e-commerce and online purchasing. They are afraid of who might intercept or hack their credit card numbers and other private information once they enter it ... Read More
Computer Security 101 - Lesson 5 & 6 Quizzes
Wednesday July 2, 2003
Computer Security 101 is a 10-part series of lessons designed for novice or beginning computer and Internet users. Each lesson introduces technology and terminology that are common to computer and ... Read More
To Disclose Or Not To Disclose
Tuesday July 1, 2003
Companies traditionally like to keep security breaches quiet because they don't want the negative publicity to affect their customer trust or their stock value. The Bush Administration and the Department ... Read More