New Zealanders will soon be able to report computer security breaches they have suffered such as hacks, viruses and trojans anonymously online.
Non-profit Internet safety group NetSafe wants to collect information on attacks starting later this year. It will use the information to gauge what kinds of attacks are occurring and how to prevent them in future.
MVP Sandi Hardmeier shared her thoughts about McAfee SiteAdvisor’s rating system that should be flagging unwanted domains as red. Read about it at http://msmvps.com/blogs/spywaresucks/archive/2007/04/29/882740.aspx
I added SiteHound by Firetrust here because I’d like to share too that SiteHound does flag what Trend Protect can flag and in Calendar of Updates of forum, I posted some screenshots and some other info why SiteAdvisor misses what Trend Protect and SiteHound don’t. Read it at http://www.dozleng.com/updates/topic14149
The Internet Explorer Administration Kit webpage of Microsoft has been defaced.
See http://www.alex-smith.me.uk/?p=76 via Sandi here at msmvps.com
Enigma Software Group, Inc. announced that they have selected a venue for the open technical discussion on SpyHunter. Enigma will have this discussion at the Spyware Warrior Website Forum. The direct link to this discussion thread will be at the address below:
To fend off zero-day vulnerabilities, companies should consider implementing a “default deny” capability at the perimeter of their networks, said Russ Cooper, senior information security analyst at Cybertrust. The idea behind that approach is to allow only specific traffic in and out of a network gateway while blocking everything else by default.
GFI Software, an international developer of network security, content security and messaging software, announced today the release of EndPointScan, an industry-first, free online service that allows you to check what devices are or have been connected to computers on your network and by whom. Using this diagnostic tool, you can identify those areas where the use of portable storage devices could pose a risk to the integrity of the company’s systems and data.
The uncontrolled use of portable mass storage devices – USB sticks, CDs, floppies, smartphones, MP3 players, handhelds, iPods, digital cameras – coupled with data theft techniques such as ‘pod slurping’, are a major threat to network security and could lead to security breaches, data theft, viruses and other malware being uploaded to a company’s network. Earlier this year, for example, a scientist who worked with DuPont was arrested after he had copied $400 million worth of commercially-sensitive information from the network. This is why it is vital for you to know what devices have been or are currently in use on your company’s network and to be in a position to take action where the risk of a breach is high.
Google has removed paid links that advertised seemingly legitimate Web sites but actually tried to install nefarious programs on PCs.
The links were displayed as “sponsored links” after visitors entered specific queries into Google’s search service. Clicking the links would ultimately go to a legitimate site, but by way of another site that attempted a “drive-by installation” of password-stealing software. Miscreants placed the links using Google’s AdWords service for advertisers.
“Google identified and canceled AdWords accounts displaying ads that re-directed users to malicious sites,” a company representative wrote on a corporate blog on Thursday.
Dino Dai Zovi, the New York-based security researcher who took home $10,000 in a highly-publicized MacBook Pro hijack on April 20, has been at the center of a week’s worth of controversy about the security of Apple Inc.’s operating system. In an e-mail interview with ComputerWorld, Dai Zovi talked about how finding vulnerabilities is like fishing, the chances that someone else will stumble on the still-unpatched bug, and what operating system — Windows Vista or Mac OS X — is the sturdiest when it comes to security.
There’s 9 question to Dino Dai Zovi at ComputerWorld
F-Secure created another blog. This time it’s from their Linux team.
Security software developer Exploit Prevention Labs (http://www.explabs.com) today released a video at http://explabs.blogspot.com/2007/04/video.html documenting how cyber criminals are using Google’s popular AdWords advertising system to infect unsuspecting users with malware. The video is also posted to YouTube at http://www.youtube.com/watch?v=iD0wdzQb8XY