« November 2009 | Main | January 2010 »

December 2009

12/18/2009

Twitter attacker had proper credentials

While Twitter has remained largely quiet on the hour-long hijacking of its domain name, additional information suggests that the attacker had compromised at least one user at the social networking company.

On Thursday, an unknown attacker hijacked Twitter's domain name and redirected visitors to an unrelated site hosting a page claiming Twitter had been hacked by the "Iranian Cyber Army." Evidence indicates, however, that the attackers were able to change the domain-name system (DNS) entries at Twitter's provider, Dyn Inc., said Rod Rasmussen, president and CEO of Internet Identity, an infrastructure security firm which monitors DNS changes.

SecurityFocus

Posted at 12:02 PM in Articles, Cybercrime, Hacking, Published on SecurityFocus, Security | | Comments (0) | TrackBack (0)

|

PhotoDNA scans images for child abuse

Internet service providers may have better success at scanning their networks to actively seek out illicit images of child abuse, thanks to technology donated by Microsoft and Dartmouth College.

On Wednesday, the software giant and the well-known college announced that they had developed a software program to match modified images to the original by using a form of robust hashing that can ignore certain types of changes, such as resizing, cropping and the inclusion of text. The team donated the program, dubbed PhotoDNA, to the National Center for Missing and Exploited Children.

SecurityFocus

Posted at 11:06 AM in Articles, Law and Policy, Published on SecurityFocus, Research, Software | | Comments (0) | TrackBack (0)

|

12/16/2009

Conficker data highlights infected networks

Conficker may be under control, but the malicious family of programs is resident on more than 6.5 million computers worldwide, with more than 5 percent of some network's Internet addresses showing signs of infection.

On Wednesday, the ShadowServer Foundation took the wraps off a revamped statistics page, showing how far the three main variants of Conficker have spread and the degree to which the world's networks are infected. More than 12,000 networks, as represented by their autonomous system numbers (ASNs), show signs of infection by Conficker. The ShadowServer Foundation limited their displayed data to the top 500 networks.

SecurityFocus

Posted at 12:04 PM in Antivirus, Articles, Cybercrime, Malicious Code, Published on SecurityFocus, Security | | Comments (0) | TrackBack (0)

|

12/15/2009

Bad Bargains

Parents desperate to find this year's most popular items, such as Cepia's high-tech Zhu-Zhu Pets or Mattel's Mindflex Game, should be careful that they don't let their guard down online.

With the holidays nearly here, last-minute shoppers may throw caution to the wind when searching for hard-to-find gifts. Many online scammers depend on just that.

"As the holidays get closer, and people have not found the right present, they will get more desperate," says Catalin Cosoi, a senior anti-spam researcher at security firm BitDefender. "They might go to a Web site that they would not have gone to in the past."

YourSecurityResource.com

Posted at 05:01 PM in Articles, Consumer Technology, Cybercrime, Published on Symantec's YSR, Security | | Comments (0) | TrackBack (0)

|

12/10/2009

Harnessing the Cloud for Hacking

"Security is moving into the cloud ... so the attacks will follow security into the cloud as well," says Marlinspike. "Password cracking is an obvious thing. Normally, it is cost-prohibitive to run CPU-intensive jobs. [With cloud computing] it costs a lot less money than doing it yourself."

At its core, cloud computing is about providing services or infrastructure through the Internet that can easily be ramped up to meet demand. Online giants, including Amazon, Google, and Microsoft, all have services that offer the ability to run an application in a large data center or to rent time on a cluster of virtual computers, allowing customers to tap into large amounts of computing power more efficiently.

Security experts say the performance and costs advantages of cloud computing are already luring cybercriminals.

Technology Review

Posted at 09:42 PM in Articles, Cloud Computing, Cybercrime, Hacking, Published on Technology Review, Security | | Comments (0) | TrackBack (0)

|

12/04/2009

How to Keep Your Data Center Happy for the Holidays

In the brick-and-mortar world, this holiday season is shaping up to be a wash: More people are shopping, but they are spending less.

The online picture is different, however. Greater numbers of people are going online to shop and spending more. Data collection from retail sites showed that sales were up nearly 14 percent on the Monday following Thanksgiving, known as Cyber Monday, compared to a year ago, according to Web information firm Coremetrics. The amount spent per sale rose 38 percent, the firm says.

The trend highlights the importance of keeping the data centers powering e-commerce sites and online traffic running smoothly, says Dan Blum, principal analyst for the Burton Group.

CIO.com

Posted at 11:37 AM in Articles, Cloud Computing, Data Centers, Published on CIO.com, Security | | Comments (0) | TrackBack (0)

|