A researcher argues that the spreading capabilities of worms could better perform penetration testing inside networks, turning vulnerable systems into distributed scanners.
SecurityFocus
Entries from January 2006
Good worms back on the agenda
January 27th, 2006 · No Comments
Tags: Research · Security · SecurityFocus · Viruses and worms
Researchers: Rootkits headed for BIOS
January 26th, 2006 · No Comments
Insider attacks and industrial espionage could become more stealthy by hiding code in the core system functions stored on the motherboard, researchers say.
SecurityFocus
Tags: Cybercrime · Research · Security · SecurityFocus
Zero-day details underscore criticism of Oracle
January 25th, 2006 · No Comments
A security researcher releases detailed information about a critical vulnerability in Oracle’s application and Web servers, taking the company to task for not fixing the issues quickly.
SecurityFocus
Tags: Critical infrastructure · Research · Security · SecurityFocus
Bot herder pleads guilty to ‘zombie’ sales
January 23rd, 2006 · No Comments
A 20-year-old California man plead guilty to federal charges that he sold access to networks of compromised PCs and made money from illicitly installed adware.
SecurityFocus
Tags: Cybercrime · Security · SecurityFocus · Viruses and worms
Researcher: Sony BMG “rootkit” still widespread
January 16th, 2006 · No Comments
Even as media giant Sony BMG settles six cases in New York, a security researcher finds hundreds of thousands of networks appear to still contain PCs with the controversial copy protection installed.
SecurityFocus
Tags: Consumer Tech · Government · Research · Security · SecurityFocus
Zero-day WMF flaw underscores patch problems
January 9th, 2006 · No Comments
The Windows Meta File incident suggests that open-source efforts can result in quicker fixes but pose larger issues of trust, and highlights that companies can no longer depend on patches to protect their systems.
SecurityFocus
Tags: Consumer Tech · Critical infrastructure · Open Source · Research · Security · SecurityFocus
Interview: Patching a broken Windows
January 9th, 2006 · No Comments
I interview Datarescue’s senior software developer Ilfak Guilfanov, the creator of the unofficial patch for the flaw in the Windows Meta File format that saw tens of thousands of downloads prior to the official patch release by Microsoft. Guilfanov explains why he decided to issue a patch for the vulnerability, how he created the patch, [...]
Tags: Consumer Tech · Critical infrastructure · Interview · Security · SecurityFocus · Viruses and worms
Security flaws on the rise, questions remain
January 5th, 2006 · No Comments
After three years of modest or no gains, the number of publicly reported vulnerabilities jumped in 2005, boosted by easy-to-find bugs in Web applications. Yet, questions remain about the value of analyzing current databases, whose data rarely correlates easily.
SecurityFocus
Tags: Critical infrastructure · Government · Research · Security · SecurityFocus