softsecurity.com This day highlights

Man gets 30 months in prison for taping nude sportscaster

Tue, 16 Mar 2010 01:24:43 GMT

Erin Andrews bids adieu to peephole stalker A Chicago-area man was sentenced to two-and-a-half years in prison for secretly taking videos of America's sexiest sportscaster in the nude and then posting them online.?

Mac OS X SMS ransomware - hype or real threat?

Mon, 15 Mar 2010 23:05:26 GMT

In need of a fresh example that cybercriminals are actively looking for ways to monetize infected Mac OS X hosts? Early-stage discussions at several web forums, including a PoC, offer an insight into the potential to monetize OS X infected hosts using SMS-based ransomware.

Microsoft pushes temporary security fix to IE laggards

Mon, 15 Mar 2010 22:40:50 GMT

For those too stubborn to upgrade Microsoft has released automated workarounds designed to immunize users against a critical vulnerability in earlier versions of Internet Explorer, which criminals are already exploiting online.?

Splunk 4.0.10 released

Mon, 15 Mar 2010 21:00:57 GMT

Splunk released version 4.0.10 of the Splunk IT search and analysis engine. The following issues have been resolved in this release:As of Splunk version 4.0.10, summary index searches do not coun...

Vast online data leak in South Korea

Mon, 15 Mar 2010 20:25:02 GMT

South Korean retailer Shinsegae and 24 other companies have been breached and private data on 20 million customers has been stolen, forcing the Ministry of Public Administration and Security to announ...

European banks lack document security

Mon, 15 Mar 2010 20:00:26 GMT

Financial services companies across Europe are unintentionally putting their confidential information at risk, according to research from Ricoh. At the heart of the issue is the lack of a centralized ...

Crooks plant fake payment card terminals at multiple stores

Mon, 15 Mar 2010 19:52:55 GMT

'Visually identical' pads siphoned customer data Crooks planted bogus payment card processing terminals at multiple locations operated by the Hancock Fabrics chain store that allowed for the theft of sensitive financial data from customers, the company warned.?

Facebook users warned over stalk-my-profile scam

Mon, 15 Mar 2010 18:59:10 GMT

Crap snoop app escapes whack-a-mole policy A bogus application that lures Facebook users by falsely offering to show who has been viewing their profile has been exposed as a scam.?

Brandjacking: Online brand abuse soars

Mon, 15 Mar 2010 18:20:51 GMT

Online brand abuse rose across major industries in 2009 according to the MarkMonitor Brandjacking Index. The report reveals the total number of phishing attacks was at an all-time high, with attacks t...

The rise of amateur-run botnets

Mon, 15 Mar 2010 17:56:38 GMT

It used to be that cyber criminals were people with a highly technical skill set, but this is not the norm anymore. This fact became obvious some two weeks ago when news of the takedown of the Maripos...

Microsoft offers 'fix-it' workaround for IE zero-day

Mon, 15 Mar 2010 16:43:05 GMT

Microsoft has released a one-click "fix-it" workaround to help Web surfers block malware attacks against an unpatched Internet Explorer vulnerability.

News of Corey Haim's funeral lead to fake AV

Mon, 15 Mar 2010 15:20:34 GMT

Corey Haim's death is old news by now, but fans of the prematurely deceased teen idol are still on the lookout for information concerning his death. Those interested in the details regarding his f...

Cybercrime losses almost double

Mon, 15 Mar 2010 14:51:43 GMT

FBI figures show huge rise in online miscreantage US net crime loss complaints almost doubled in value from $265m in 2008 to reach $560m last year, according to official figures.?

Classmates.com settles suit over misleading e-mails

Mon, 15 Mar 2010 14:30:34 GMT

In 2008, the social networking site Classmates.com found itself on the receiving end of a class action lawsuit that focused on its membership recruitment tactics. The company has now settled the suit via the typical mechanism: trivial discounts to the affected parties, and some hefty legal fees. But, as part of the settlement, the company will have to abide by an agreement that's specific enough to dictate how it will set browser cookies on its members' computers. Classmates.com was sued because it allegedly sent out e-mails to anyone registered for its free service, suggesting that their fellow graduates were looking to contact them—they could find out who that person was if they'd simply upgrade to one of the subscription tiers. At least two individuals did so and quickly discovered that the mystery classmate didn't exist—nobody they knew had been looking. Read the comments on this post

IT contractors convicted of UK casino hack scam

Mon, 15 Mar 2010 12:22:42 GMT

Hustlers hamstrung by basic maths booboo A pair of UK hackers who used false betting slips in a bid to con casinos into paying out on bogus gambles were undone by greed and a schoolboy maths error, a court heard.?

Global Research on Data Leaks in 2009

Mon, 15 Mar 2010 12:00:00 GMT

InfoWatch presents the latest analytical study of reported incidents in the field of confidential data leaks. The study is targeted at security experts. This report is based upon the leak database maintained by InfoWatch analytical center since 2004.

Rogue software details: Smart Security

Mon, 15 Mar 2010 09:04:42 GMT

Smart Security is a rogue security application. In order to remove it, find out what files and registry entries to look for below. Known system changes: Files c:ProgramFilesSmartSecurity.ex...

Does Web 2.0 need Web security 2.0?

Mon, 15 Mar 2010 07:06:54 GMT

Web 2.0 is thriving, and so too are applications that take advantage of this technology. Interactive sites like LinkedIn, Twitter and even company websites are becoming ever more popular, and yet, man...

Collection of security checks for Linux

Mon, 15 Mar 2010 06:27:21 GMT

Buck Security is a collection of security checks for Linux. It was designed for Debian and Ubuntu servers, but can be useful for any Linux system. The aim of Buck Security is, to allow you to get a...

Introducing the Cyber Defence conference

Mon, 15 Mar 2010 06:03:12 GMT

Cyber warfare has become a major concern for international governments, military and civil agencies over the past few years. A recent wave of cyber attacks against NATO member Estonia in 2007, and the...

Week in review: Compromised hardware, AV failures and published IE 0-day exploit

Mon, 15 Mar 2010 06:01:09 GMT

Here's an overview of some of last week's most interesting news, articles and interviews: Zuckerberg hacked into journalists' email? The Facebook co-founder has been accused three years ago of s...

Google '99.9%' certain to pull China search plug

Sun, 14 Mar 2010 23:05:04 GMT

At some unspecified point in the future Google is now "99.9 per cent" certain it will shut down its Chinese search engine, according to a report citing "a person familiar with the company's thinking."?Case Study: WhatsUp keeps Legoland turnstyles ringing

The cadence of Microsoft security patches

Sun, 14 Mar 2010 18:00:07 GMT

While the exact details of Microsoft's security patches are generally treated as news, the expected workload each month really shouldn't be a guessing game because Microsoft's patch releases are predictably cyclical.

Programmer gets 4 years in TJX hack case

Sat, 13 Mar 2010 01:21:57 GMT

Dirty laundry delivered via FedEx A former Barclays Bank programmer received 46 months in prison for helping TJX hacker Albert Gonzalez launder as much as $800,000, according to news reports.?

Netflix cancels recommendation contest over privacy

Sat, 13 Mar 2010 00:20:06 GMT

Not as anonymous as you think Netflix has canceled a contest designed to improve its movie recommendation system out of concern it might compromise the privacy of its customers.?

Tech Insight: The Keys To Cohesive Encryption In The Enterprise

Fri, 12 Mar 2010 22:44:00 GMT

Lack of standards for multivendor encryption make key management a major challenge today

Trojan armed with hardware-based anti-piracy control

Fri, 12 Mar 2010 22:27:45 GMT

Zeus borrows page from Microsoft The latest version of the Zeus do-it-yourself crimeware kit goes to great lengths to thwart would-be pirates by introducing a hardware-based product activation scheme similar to what's found in Microsoft Windows.?What is your recession sales strategy?

Can Apple Safari avoid another Pwn2Own embarrassment?

Fri, 12 Mar 2010 20:12:27 GMT

Apple has released a critical Safari security update but, based on what I'm hearing, this patching frenzy may not be enough to avoid another embarrassment at this year's CanSecWest Pwn2Own hacker challenge.

The threat landscape is changing, AV fails to adjust

Fri, 12 Mar 2010 18:27:58 GMT

A recent testing conducted by NSS Labs presented us with some deplorable results: of the seven antivirus products tested two weeks after the IE bug used for breaching Google was revealed, only McAfee ...

Safari update cages numerous security bugs

Fri, 12 Mar 2010 18:11:32 GMT

Code inject and info flaws fixed Apple published an update of its Safari browser on Thursday that plugs 16 security vulnerabilities.?