Please create an account to participate in the Slashdot moderation system

 


Forgot your password?
Close
typodupeerror
×

Submission + - Many Websites "Leaking" Personal Info To Other Fir (computerworld.com)

Submitted by
JohnBert
JohnBert writes: "Many top websites share their visitors' names, usernames or other personal information with their partners without telling users and, in some cases, without knowing they're doing it, according to a new study from Stanford University.

Many websites "leak" usernames to third-party advertising networks by including usernames in URLs that the ad networks can see in referrer headers, said the study, released Tuesday by Stanford Law School's Center for Internet and Society. While there's a debate in legal circles whether usernames are personal information, there's a growing consensus among computer scientists that Web-based companies can use usernames to identify their owners, said Jonathan Mayer, a Stanford graduate student who led the study.

Other websites share first names, email addresses and other information with advertising or other partners, Mayer said at a privacy conference in Washington. Those identifiers "get associated not just with what you're doing right now, but get associated with what you've done in the past, and what Web browsing activity you may have in the future," he said."

Submission + - LulzSec Leader Holds Onto Sun Email (computerworld.com)

Submitted by
JohnBert
JohnBert writes: "The 4GB worth of email stolen by the LulzSec hacking group from The Sun tabloid site earlier this year are sitting on a server in China, according to "Sabu," the outfit's alleged leader. "We got them stashed on a Chinese storage server. Alongside the dumps of a whole bunch of hits we did," Sabu said during a question and answer session held on Reddit this weekend.

LulzSec kept corporate IT security departments on their toes for weeks back in May and June when the group randomly attacked many companies for fun. The hacking group said they disbanded on June 26, after 50 days of mayhem that left thousands of innocent users with their personal information and passwords exposed, only to re-emerge a month later.

On July 18, at a time when new revelations were being made in the News of the World phone hacking case, LulzSec attacked its sister publication, The Sun. The hackers managed to post a fake story on the newspaper's website and claimed to have copied its email database."

Submission + - Security Upgrades Needed With Growing Cyberwar Thr (computerworld.com)

Submitted by
JohnBert
JohnBert writes: "Countries need to take steps to upgrade critical infrastructure for protection from attacks by cybercombatants or rival countries conducting cyberwarfare, security experts said at a panel discussion this week.

Critical infrastructure such as industrial systems, transportation and power grids are easy targets for cyberattacks and people responsible for IT and national security are worried about the future, said Eugene Kaspersky, founder of Kaspersky Lab, during a panel discussion that was part of the company's Endpoint Security 8 launch event in New York. Cyberattacks could cause massive damage to the tune of billions of dollars, he said.

Some attacks in recent memory such as Stuxnet, which hit industrial systems, and the Blaster worm, which possibly hurt the electrical grid on the U.S. East Coast, were damaging and exposed the weaknesses of national infrastructures, Kaspersky said. Countries like North Korea, China, the U.S. and South Korea, and organizations like NATO are establishing cybermilitary units to protect infrastructure and respond to attacks."

Submission + - MySQL.com Hacked To Serve Malware (computerworld.com)

Submitted by
JohnBert
JohnBert writes: "Security vendor Armorize noticed the problem at around 5 a.m. Pacific Time Monday. Hackers had installed JavaScript code that threw a variety of known browser attacks at visitors to the site, so those with out-of-date browsers or unpatched versions of Adobe Flash, Reader or Java on their Windows PCs could have been quietly infected with malicious software.

Huang said that the attackers used the Black Hole exploit kit to attack visitors to the site, but his team had not yet figured out what the malicious software that it installed was designed to do. Typically, criminals install malware to steal victims' passwords, pop up advertisements for fake antivirus software, or to create botnet computers that can be rented out to others.

Highly trafficked open-source websites such as MySQL.com have been hit hard in recent months. In the past weeks the Linux Foundation was forced to take a number of websites offline, including Kernel.org and Linux.com after a compromise. And MySQL.com itself was hit earlier this year."

Submission + - New Mac Malware Poses As PDF Doc (computerworld.com)

Submitted by
JohnBert
JohnBert writes: "Security firms today warned Mac users of a new Trojan horse that masquerades as a PDF document. The malware, which was spotted by U.K.-based Sophos and Finnish antivirus vendor F-Secure, uses a technique long practiced by Windows attackers.

"This malware may be attempting to copy the technique implemented by Windows malware, which opens a PDF file containing a '.pdf.exe' extension and an accompanying PDF icon," said F-Secure today. That practice relies on what is called the "double extension" trick: adding the characters ".pdf" to the filename to disguise an executable file.

The Mac malware uses a two-step process, composed of a Trojan "dropper" utility that downloads a second element, a Trojan "backdoor" that then connects to a remote server controlled by the attacker, using that communications channel to send information gleaned from the infected Mac and receiving additional instructions from the hacker."

Submission + - Supporting Employee-Owned Smartphones (computerworld.com)

Submitted by
JohnBert
JohnBert writes: "Despite the increasing use of smartphones at work, more than one-third of companies still don't provide any support for personal phones or outright prohibit their use at the office. The reported data found that while 26% of the companies don't provide support for personal mobile phones and smartphones, another 10% prohibited use of personal devices, for a total of 36%.

Some companies have developed long sets of policies for when and how to support personal devices used by workers. The most progressive companies are investing in mobile device management software, available from many vendors, to track employee devices and the applications used on them. This software also has the ability to wipe sensitive data off a lost device.

Forrester said in a new research note that increasing numbers of employee-owned devices and questions of supporting them are "crippling" existing mobile strategies. The effect has led companies to rethink their strategies and to begin supporting both company-owned devices and those owned by employees."

Submission + - Microsoft Fixes SSL 'Kill Switch' Blooper (computerworld.com)

Submitted by
JohnBert
JohnBert writes: "Microsoft re-released an update today for Windows XP to correct a snafu that left users vulnerable to potential "man-in-the-middle" attacks for most of last week. This update addressed a gaffe introduced last week when Microsoft blocked six additional root certificates issued by DigiNotar that were cross-signed by a pair of other certificate authorities (CAs).

Servers run by Dutch CA DigiNotar were hacked starting in June, and attackers stole over 500 SSL (secure socket layer) certificates, including many used by the Dutch government.

SSL certificates are used by websites and browsers to identify a site as legitimate — that gmail.com or hotmail.com are actually what they claim — and illegally-obtained certificates can be abused to disguise unauthorized domains using "man-in-the-middle" attacks to snoop on digital communications and harvest account credentials."

Submission + - Microsoft Dragging Its Feet With Browser Fix (computerworld.com)

Submitted by
JohnBert
JohnBert writes: "StrikeForce Technologies, a small vendor of a keystroke encryption technology, is accusing Microsoft of not acting fast enough to fix a browser issue that it says is preventing StrikeForce's technology from working with Internet Explorer 9.

The problem was first reported to Microsoft, and acknowledged by the company, in April, said George Waller, executive vice president of StrikeForce. Since then, Microsoft has been saying it will fix the problem but has not gotten around to doing it yet, Waller said.

In an emailed statement, Microsoft told Computerworld that it is looking into the matter. "Our engineering team is actively investigating the claim that this third-party toolbar is no longer working in IE9; upon completion of that investigation, any necessary updates will be provided," the company said."

Submission + - Windows 8 Will Run From USB Thumb Drive (computerworld.com)

Submitted by
JohnBert
JohnBert writes: "Windows 8 will include a new feature that lets IT administrators provide workers with a portable Windows environment on a USB thumb drive. Called "Windows To Go," the feature seems aimed at enterprises that want to equip employees with "complete managed Windows images" that they can use to turn a PC into a doppelganger of a secured in-house machine.

It's not known whether individuals will be able to use Windows To Go for the same purpose, or if the feature is enterprise-only. It's also unclear whether Windows to Go comes with a price tag: One report, based on a briefing with reporters at BUILD on Monday, said that the feature will cost about $50 per seat.

Microsoft declined to provide more information about the feature, which was among those demonstrated to analysts earlier this week, according to Michael Silver of Gartner. Instead, a spokeswoman referred to the short summary of a session at the BUILD Windows conference, which kicked off Tuesday in Anaheim, Calif. with a two-and-a-half-hour demonstration of some of the operating system's key components and changes."

Submission + - SpyEye Hacking Kit Adds Android Infection (computerworld.com)

Submitted by
JohnBert
JohnBert writes: "The SpyEye hacking toolkit has added an Android component that collects the text messages some banks use as an extra security precaution, a researcher said today.

"The standard SpyEye now also entices a user to download an Android app, which is actually a component that's Android-specific malware," said Amit Klein, the chief technology officer of Boston-based Trusteer, a security firm that specializes in online anti-cybercrime defenses.

The Android app poses as a security program — ironically, one that's supposed to protect a user's text messages from being intercepted — required to use a bank's online services from a mobile device.

Many banks now send customers a one-time code, usually a series of numbers, to their mobile phone. To access the account, a user must enter not only the traditional username and password, but also the just-received passcode. It's that passcode that the bogus Android app intercepts and then re-transmits to a hacker-managed command-and-control (C&C) server, said Klein."

Submission + - Sec Vendors Push Intrusion-Detection, Pro Services (computerworld.com)

Submitted by
JohnBert
JohnBert writes: "Established vendors and startups last week announced products and services for network intrusion-detection and outsourced security management.

Hewlett-Packard, Axent Technologies and startup Sanctum debuted intrusion-detection software for corporate networks, while Raytheon Company announced BladeRunner, server-based software for monitoring internal corporate network traffic in order to prevent unauthorized transmission of sensitive material.

"It identifies traffic-flow patterns to identity anomalies," says Jeff Waxman, president of Raytheon's newly formed information assurance product area based in Linthicum, Md. "If the R&D department suddenly starts sending information out to the wide-area Internet, you'll know that.""

Submission + - Apple Strikes Stolen SSL Certificates From OS X (computerworld.com)

Submitted by
JohnBert
JohnBert writes: "Apple released an update to Mac OS X that blocks Safari users from reaching sites secured with certificates stolen from a Dutch company last summer.

The update follows others by Microsoft, Google, Mozilla and Opera Software, which have already blocked or permanently barred the use of all certificates issued by DigiNotar, a certificate authority, or CA, that acknowledged its servers were breached and unauthorized SSL (secure socket layer) certificates obtained by one or more attackers.

Apple's update came just days after a security researcher criticized the company for "dragging its feet." In March, Apple took a month to block nine certificates stolen from U.S.-based Comodo, three weeks longer than Microsoft."

Submission + - After Certificate Hack, Mozilla Seeks Reassurances (computerworld.com)

Submitted by
JohnBert
JohnBert writes: "Following the high-profile hack of DigiNotar, the makers of the Firefox browser are asking issuers of digital certificates to take a hard look at their internal security and to report back in a week.

In emails sent out to digital certificate authorities Thursday, Mozilla Certificate Authority (CA) Certificates Module owner Kathleen Wilson asked CAs such as Symantec and Go Daddy to audit their systems for any possible compromise, confirm that nobody can issue a digital certificate without two-factor authentication, and shore up practices with any third parties that might be able to issue digital certificates using the CA's root key.

Mozilla is giving CAs until Sept. 16 to respond to the email, but the browser maker is not saying what will happen if any of its 54 CAs ignore the request."

Submission + - Comodo Hacker Takes Credit For DigiNotar Hack (darkreading.com)

Submitted by
JohnBert
JohnBert writes: "The fallout from the recent breach of certificate authority (CA) DigiNotar continues at a rapid pace as more details about the scope of the attack come to light: More than 500 rogue digital certificates were created for such high-profile domains as cia.gov, microsoft.com, Microsoft's windowsupdate.com, and mozilla.org, as well as one posing as VeriSign Root CA. In addition, more than 300,000 IP addresses, mostly in Iran, have been compromised.

The plot further thickened today when the hacker who breached certificate authority Comodo earlier this year claimed he was also behind the DigiNotar attack, and has hacked four more CAs, including GlobalSign and StartCom: "I told all that I can do it again, I told all in interviews that I still have accesses in Comodo resellers, I told all I have access to most of CAs," wrote the hacker, who goes by the alias "ComodoHacker" and claims to be Iranian. He indicated that the attacks were in retaliation for the 16-year anniversary of a massacre of thousands of Muslims during the Bosnian War in the town of Srebrenica."

Submission + - New Tools Simplify Analysis of Android Malware (darkreading.com)

Submitted by
JohnBert
JohnBert writes: "The Honeynet Project has helped create two tools aimed at making Android malware analysis simpler and free and, ultimately, help better secure the wildly popular mobile platform.

The new open-source tools were developed under the Google Summer of Code project, a program where students from around the world spend their summer breaks writing code for open-source software. Two students under the mentorship of The Honeynet Project focused on Android malware: One wrote a static analysis tool called APKInspector, and the other, a dynamic analysis system called DroidBox — both of which are aimed at giving researchers a way to easily reverse-engineer Android malware and to observe and dissect malicious Android apps.

"These two tools nicely complement each other and should really be part of one's toolbox [who deals] with mobile malware," says Christian Seifert, chief communications officer for The Honeynet Project. "We believe that mobile malware will flourish, and while similar to malware on the PC, [it has] some unique characteristics that will reflect themselves in unique characteristics of the malware itself.""

Slashdot Top Deals

Remember, UNIX spelled backwards is XINU. -- Mt.

Close