Crambone - Slashdot User

Arbitrary Code Execution on Examiner Systems-> 0

Submitted by Crambone on Wednesday April 28 2010, @10:48AM

Crambone writes "A flaw was disclosed at the THOTCON conference over the weekend which could have far reaching impacts into the integrity of past forensic investigations. An attacker could place a file on a system that when examined by an forensic investigator could execute arbitrary code on the workstation. This could result in a number of outcomes including the alerting of evidence, installation of a backdoor, and anything else that one could think of."
Link to Original Source

Cybercriminals Refine ATM Data-Sniffing Software 257

Posted by CmdrTaco on Thursday June 04 2009, @11:00AM
from the win-atm-lose dept.

BobB-nw writes "Cybercriminals are improving a malicious software program that can be installed on ATMs running Microsoft's Windows XP operating system that records sensitive card details, according to security vendor Trustwave. The malware has been found so far on ATMs in Eastern European countries, according to a Trustwave report. The malware records the magnetic stripe information on the back of a card as well as the PIN, which would potentially allow criminals to clone the card in order to withdraw cash. The collected card data, which is encrypted using the DES algorithm, can be printed out by the ATM's receipt printer, Trustwave wrote."

Choosing an SSL Provider? 183

Posted by kdawson on Friday April 25 2008, @11:08AM
from the who-you-gonna-trust dept.

An anonymous reader writes "I have recently been tasked with switching our SSL certificate provider and it's proving not to be easy. We use an internal authority for our own stuff and then we buy certificates to protect outward-facing sites (a lot of them). My question for this community is: How do you choose a certificate authority to use? There is price, service (why we're leaving our last vendor), warranty, and products offered as the only differentiators I can find. Is there any public resource that would show me actual customer reviews of CAs like Verisign, GeoTrust, Comodo, Trustwave, and DigiCert? Our last vendor did a really poor job with support and I would like to make a reasonably educated decision."