Tag: internet
-
Aussie web host/registrar hacked
Security and data integrity/safety are 2 of my pet loves; and pet hates when people don’t take notice of them. Notwithstanding the fact that you host your precious data with someone who you think is responsible, you need to take responsibility yourself. If something happens to your data and you’re left out in the cold,…
-
Sony OE suffers another hack
Wow! It seems that Sony just can’t get a break. Sony Online Entertainment has announced that hackers may have obtained personal customer information from SOE systems which includes name, address (city, state, zip, country), email address, gender, birthdate, phone number, login name and hashed password. They also indicated that a number of credit cards from…
-
Sony’s PSN hacked
As you may have gauged from other posts, Sony has never endured themselves to me. Their recent activity in suing George Hotz for hacking the Playstation 3 ( after they removed the OtherOS function ) means I’m even less enamoured with them. But the final nail may have just been struck: the Playstation Network has…
-
RSA hacked
RSA has long been an industry stalwart when it comes to security tokens and 2-factor authentication ( SecurID ). One would normally trust them implicitly … but that trust is no longer a given since their lack of disclosure surrounding a recent attack on their systems and possible data theft. SecureID is one of the…
-
Mubarak and Nokia ( and Sony )
I know you’re going to say ‘what’? An Egyptian autocrat, a Swedish phone maker and Japanese electronics giant in one article? But there is a very big similarity between these 3 subjects that’s brought 2 of them to their knees, and polarised popular view against the third: CHANGE Yip, both Mubarak and Nokia have been…
-
Google to remove h.264 support from Chrome
… and the world cried! Well maybe just the h.264 camp … So I thought I’d weigh in on this delicate situation too and give my 2 cents. Some facts: h.264 is a standard, not an open standard due it being patent encumbered h.264 requires royalties to be paid under certain circumstances unlike VP8 which…
-
Security Policies in the organisation
Most organisations of a reasonable size, will today have at least some policies which integrate with HR to govern Internet and computer use within the company. However, the ability of these limited documents ( and sometimes procedures ) to protect the company is often minimal. With the extent to which malicious vectors are able to…
-
Security strikes back – NOT!
Microsoft released their largest ever update set this Tuesday past ( a total of 17 updates to fix 40 holes ), which included fixes for all 4 Windows holes related to the Stuxnet worm. This update set includes MS10-090 which fixes 6 CSS issues in IE which have been actively exploited over the last few…
-
Security vendors and their ‘secure’ products
One typically expects security devices and products to be, well how to put it – secure? Yes, secure. But it appears that security vendors struggle with bugs and the like, almost as much as normal software. There have been a number of high profile AV definition update failures in the last year, Cisco had some…
-
Windows LNK vulnerability attracts more attacks
The unpatched LNK vulnerability in all versions of Windows ( from XP onwards ) is attracting a lot more attention from malicious code authors. A further 2 exploits have been detected in the wild. The 1st .lnk trojan Stuxnet, was very specific about it’s payload, attacking Siemens SCADA software specifically. But the effectiveness of .lnk…
-
Security vendors – stop your advertising antics!
I always find it quite amusing ( and ironic ) when security vendors eat their own dog food – and get bitten. Here are a few gems: Earlier this year, Mcafee released a definition file which a Windows XP SP3 system file ( svchost.exe ) it thought was a threat resulting in thousands of machines…
-
Microsoft and anti-virus software
I’m subscribed to a Microsoft UK email newsletter that I get once a month. The latest one started as follows: As someone who is fully aware of the potential dangers that the internet poses to those who use it for banking, shopping and social networking, you must get a lot of people asking for your…
-
Security, the employee and business
Anyone who runs a business ( from small SMEs to large corporates ) these days, with computing facilities for their employees, faces a tough battle with network and computer security. The list of external malicious vectors are endless, including phishing attacks, spyware, viruses, DoS attacks and many others. The Mariposa virus, shut down in March…
-
SCO – are you dead yet?
The ether has been strangely quiet about SCO’s recent defeat at the hands of a jury, on the issue of suing IBM for copyright infringement. After 2 judges and 1 jury decision, it was found comprehensively, that Novell never sold the copyrights to UNIX as part of its sale of UnixWare to SCO in 2003.…
-
AT&T’s Ipad data leak
Further on from my previous articles on online data storage and services ( On-line storage – safe or not?, Windows and online banking, Local insurance company loses client data, Data loss for Sidekick users Part 2 and Apple and data leakage? ) AT&T have had a massive data leak of email addresses and ICC-IDs (unique…