Archive for October, 2007

You hear about scams that lurk online every day. When you see as many articles about successful phishing attempts as this year, you may think that whole online scam thing is exaggerated. Some people even think that phishing has nothing to do with their lifes as no one is interested in their personal information. More...

Security researchers report a dramatic decrease of phishing emails targeting PayPal and eBay customers. A research conducted by Sophos Labs says that in September 2006 almost 9 out of 10 phishing emails were trying to steal information from eBay and PayPal users, and now it’s 1 in 5, which is an impressive turnaround. Sophos informs that this is partly because of the efforts the firms have made in customer education on how to protect themselves, but mostly because phishers are simply turning to a bigger pool of potential victims, that is a wider range of online companies such as smaller CC unions, online retailers and firms of other geographic regions. More...

Computer scientists of SRI International based in Menlo Park, California, have developed a program that is meant to deal with botnets, especially those belonging to Storm, the nature of which is still not clear: some say it is a Worm, other say it's a Trojan. Whatever the case, Storm has produced the biggest botnet since earlier in the decade. A botnet is a network of computers, all of them infected by malware (in this case - Storm), to take part in illicit schemes without the user's knowledge or consent. More...

Australia’s finally realizing the threats of cyber attacks to the country’s government institutions and business sector, which were attacked dozens of times this year, and now it’s raising concerns about the safety of personal and financial data of users. A hacker’s website tells about numerous security breaches of government websites. Although it doesn’t say anything about hacking the websites of Liberal Party or Cross City Tunnel, that were attacked last week. More...

Recently Microsoft announced that it would release necessary patches for a vulnerability related to the URI (uniform resource identifier) protocol handling technology. The problem lies in the way applications, such as Adobe Acrobat, are executed by browsers. Even though Microsoft's original stance was that the creators of applications in question should be held accountable for the issues, a few days ago they agreed that they should act as well. More...

Jeffrey A. Kilbride and James R. Schaffer, who purchased e-mail addresses and then sent the owners of those addresses tons of unsolicited messages (600,000 in nine months of 2004) with links to pornographic websites, were prosecuted in Phoenix last week and were sentenced to more than five years in federal prison. More...

Military and governmental systems use the Citrix technology to put up GUIs. Seemingly not a problematic fact, apart from the recently acknowledged conviction that the Citrix Technology has, as the man behind nailing the problems, Petko D. Petkov, said, "holes you could drive a bus through. More...

A Mexico-based distance learning company, founded in 2006 is offering a master’s degree program in security science. EC-Council hopes to set a standard by which one could decide what you need to be considered a true ethical hacker. This problem occurs when people, applying for high-level IT security positions, have varying levels of skills. More...

Adobe’s software, that is used by millions of people to read documents has rarely had flaws that would have made it the target of hackers. That is until now. As the post on Adobe Systems Inc. More...

A project against phishing, Phishtank, has released a report with the annual statistics on this issue. Phishtank has a community of self-proclaimed phish-fighters, who report websites they suspect to be partaking in the activity. The websites are then checked by Phishtank's experts to verify whether it is actually the case. More...