Security

Researchers: 637 million browser users at risk

A group of researches on Tuesday said 637 million Web users are surfing with outdated Internet browsers and therefore at greater risk of Web-based attacks.

Using data collected from Google Web searches and security firm Secunia, the researchers, Stefan Frei (of ETH, Zurich), Thomas D?bendorfer (Google), Gunter Ollmann (IBM ISS), and Martin May (ETH, Zurich), analyzed the browsers used in a new report (PDF). They did so in an effort to understand why so many recent attacks by criminal hackers have been aimed at the browser, and why those attacks have been so successful.

Overall the authors found that … Read more

McAfee reports on spam in the real world

Taking a cue from Morgan Spurlock who lived on fast food for 30 days in the Super Size Me documentary, McAfee gathered volunteers from around the world who would, for one hour a day, surf the Internet, signing up for various newsletters, filling in various forms. As they did so, the participants were asked to blog about their experiences.

On Tuesday, McAfee released the results of the experiment it called S.P.A.M., or Spammed Persistently All Month.

Over the course of the month, McAfee's test subjects accumulated 104,000 spam messages, or roughly 70 per day per … Read more

Security Bites 106: McAfee plays with spam

McAfee released on Tuesday the results of a monthlong spam experiment. The security company provided 50 people worldwide with a clean laptop armed only with antivirus protection (no anti-spam protection) and a brand new domain for e-mail. McAfee then asked them to surf the Net and blog about their experiences.

Within the first 24 hours, the individuals received their first spam e-mail in the S.P.A.M. (Spammed Persistently All Month) Experiment.

Over the course of 30 days, McAfee's test subjects accumulated 104,000 spam e-mails, or roughly 70 spam messages per day per recipient. Put another way, … Read more

SecureWorks unmasks the Coreflood Trojan

On Monday, SecureWorks released its analysis of the Coreflood Trojan, providing an inside look at a stealthy online predator.

According to a blog by Joe Stewart, director of malware research for SecureWorks, Coreflood started out as an IRC (Internet relay chat) botnet back in 2002. Coreflood--or AFcore, as the author refers to it within the code--is apparently viewed by its author as corporate software that can be tweaked as business needs change. For example, over the last six years, Coreflood has evolved from initiating distributed denial-of-service attacks to collecting IDs and passwords for bank fraud.

With the help of Spamhaus, … Read more

Apple patches 25 flaws with latest update

On Monday, Apple released Mac OS X 10.5.4. In addition to enhancements to existing features, Apple bundled in 13 specific security updates, including one for Safari 3.1.2. The security update APPLE-SA-2008-004 and Mac OS X 10.5.4 can be downloaded and installed from Apple Downloads.

Alias Manager This patch only affects users of Mac OS X v10.4.11 and Mac OS X Server v10.4.11. The update addresses an alias manager vulnerability described in CVE-2008-2308. According to Apple, a "memory corruption issue exists in the handling of AFP volume mount information in … Read more

Turkish criminal hackers hijack ICANN sites

On Thursday, the domains used by ICANN, the Internet Corporation for Assigned Names and Numbers, and IANA, the Internet Assigned Numbers Authority, were hijacked. A Turkish hacking group known as NetDevilz claimed =responsibility. There is no word on how the hijack was accomplished.

The group successfully redirected ICANN site visitors to a page with the following message:

"You think that you control the domains but you don't! Everybody knows wrong. We control the domains including ICANN! Don't you believe us? haha :) (Lovable Turkish hackers group)"

According to SANS, changes to the ICANN site were corrected within … Read more

Security Bites 105: Does antivirus protection matter?

This week CNET's Robert Vamosi talks with Eva Chen, co-founder and CEO of Trend Micro.

For more than 20 years Chen has been active in the antimalware community and has kept her company competitive worldwide against competition such as Symantec and McAfee

Chen visited CNET to talk about Trend Micro's ambitious goal of putting anti-malware protection in the cloud. She argues that signature-based protection is still faster than running a full heuristic sandbox to detect new malicious software.

Chen thinks that by having your desktop ping a signature database in the cloud you'll get a faster, lighter, … Read more

Black Hat launches Webinar series

Jeff Moss, founder and director of Black Hat, on Thursday moderated the first-ever Black Hat Webinar, previewing five presentations to be given at the security conference in Las Vegas in August.

Moss said he was pleased that more than 1,000 people attended and admitted they were "expecting maybe a few hundred." Black Hat has already implemented RSS feeds, Twitter, and even a LinkedIn group.

"The Webinars will be much more than that," Moss said. In the future, he hinted, Black Hat will publish an editorial calendar, with a new Webinar at least once a month. … Read more

London transit cards cracked and cloned

Last week a Dutch researcher rode free on the London transit system, having hacked the public transit system's card system; he used a clone of a paying passenger's transit cards. His point? The transit smartcards, which are used my millions worldwide, are vulnerable to attack.

Dr. Bart Jacobs of Radboud University in Holland used an ordinary laptop to show how to clone the Mifare Classic smartcard used in London's Oyster transit card. The Mifare Classic smartcard is used for worker access cards as well.

Once he obtained the key used by the London transit system, Dr. Jacobs … Read more