Macromedia Advisory on Breeze

MPSB 05-06 Breeze 5.0 Password Reset Encryption Summary: Macromedia Breeze 5.1 includes a security update which addresses an issue related to user password encryption in the database when resetting passwords in Macromedia Breeze 5.0. NOTE: This update only applies to licensed customers of Breeze running the software on their own servers. This problem does not occur on the Breeze hosted system. Solution: Macromedia Breeze customers should upgrade their licensed software to Macromedia Breeze 5.1, which includes the product fix to this issue. Severity Rating: Macromedia categorizes this issue as a moderate issue and recommends users patch their installations. More details … Continue reading Macromedia Advisory on Breeze

Symantec Awarded More Than $1 Million in Software Piracy Case

Symantec Corp. announced it has been awarded more than $1 million in restitution as a result of a criminal software piracy case in Houston, Texas. Li Chen pled guilty to one count of trademark infringement and agreed to the restitution as part of a plea bargain. The case, prosecuted by the Harris County District Attorney’s office, was the result of a year-long investigation by the Houston Police Department and the Federal Bureau of Investigation. The case was initiated based on information uncovered in an investigation conducted by Symantec and other software companies into Chen’s activities. After a search warrant was … Continue reading Symantec Awarded More Than $1 Million in Software Piracy Case

Lavasoft invite testers to test Lavasoft System Analyzer

“Lavasoft invites energetic and enthusiastic testers to be the first to try the alpha version of the Lavasoft System Analyzer. This is in line with the goals of Project ECO to steer computer users towards a safer computing environment.” http://www.lavasoftresearch.com/blog/?p=81 WARNING: That is ALPHA version. DO NOT try in system that you cannot afford to lose.

Help thwart online scams with Microsoft Phishing Filter

Microsoft Phishing Filter helps identify fraudulent Web sites before you visit them and offers dynamic screening to help protect against online data theft. Learn how it works and how to download and install it. 57 million people in the United States alone claim to have been exposed to at least one online phishing scam. These scams typically attempt to lure you into visiting phony Web sites where your personal information or credit card information can be collected for criminal use. Microsoft Phishing Filter helps provide dynamic protection against phishing scams as you visit Web sites in two ways. It scans … Continue reading Help thwart online scams with Microsoft Phishing Filter

Avoid wireless attacks through your Bluetooth cell phone

      Avoid wireless attacks through your Bluetooth cell phone Bluetooth wireless technology is included with many cell phones and PDAs. It was initially designed to let you swap documents between other Bluetooth devices without the use of annoying connecting cables, but has since expanded to provide services such as Web connectivity and online game playing. However, any time you transmit information online, you can be vulnerable to online attack; and as the popularity of Bluetooth increases, so does its interest to cybercriminals. Get tips to help improve the security of your Bluetooth-enabled cell phone or PDA: – The … Continue reading Avoid wireless attacks through your Bluetooth cell phone

Software set to remain insecure

According to Dr. Klaus Brunnstein, president of the International Federation for Information Processing, software will always be vulnerable as long as designs are complex, because no one can fully understand what happens deep in the system. The design of the Open Systems Interconnection architectural model, on which the current IT model is based, is also flawed, he said. Speaking at the SEARCC 05 conference, he also advocated involving consumers more in development and making Bill Gates pay for the damage the Windows OS has caused. TechWorld

Novell server under attack

Novell apparently allowed employees to use test servers outside the firewall for gaming, leaving them vulnerable to attack. One hacked server was used to scan potentially millions of computers. The scans used Port 22, the default port for Secure Shell (SSH) services, which allows programs to log into other computers or to execute remote commands and move files securely. Port 22 scans often indicate hackers are looking for vulnerable SSH to break into and control. The gaming site, neticus.com, was taken down after Novell was alerted about the breach. TechWorld

Hackers Step Up Attacks on IM Networks

Instant messaging attacks are on the rise. Akonix Systems Inc., a messaging security developer, said in their Q3 Threat Report that 25 viruses have been reported on IM networks so far in September, or about one a day. In the past, malware was repurposed from email viruses, but now IM-targeted viruses are just as likely. Hackers are using IM to take over PCs and carry out zombie-style attacks via the major consumer IM networks AOL, Yahoo, and MSN. Corporations using IM need to get off the consumer networks to avoid this threat. eWeek

Warning over unattended PC peril

Research and advisory firm Gartner says that unattended PCs are “low-hanging fruit” for insider attacks and suggests that companies use time-outs to automatically log users out of application sessions or lock PCs. Threats from unattended computers include unauthorized access to personnel data, changing business information (to hide fraud, for instance), and sending email in someone’s else’s name. Users are resistant to time-outs, but Gartner believes objections can be overcome by holding users accountable for any misuse of their PCs. The Register