Security
Port
A Security Port Blog
Hacking Grades of a Politician |
12/29/2006 | |
The press attaché of a Montana
Congressman has been left red faced after "hackers" he
was trying to hire to change his lowly college grades
published his email exchanges
instead.
Todd Shriber, 28, a press
officer for US Republican Rep. Denny Rehberg, was
looking to persuade hackers to break into the systems of
Texas Christian University and change his grades. The
motive for his illegal actions was apparently to bolster
his academic credentials ahead of a possible run for
office.
Complete Article
|
Security in 2007 |
12/28/2006 | |
More Security Predictions for
2007
Who will find the first major
security flaw in Windows Vista? Will it be released as
zero-day? Is there an end in sight to the botnet menace?
Is spam close to being canned? Just who are these
criminals phishing for your credit card data?
|
Identity Theft Rampant on
MySpace |
12/27/2006 | |
MySpace devotee Kary Rogers was
expecting to see a gut-busting video when a friend from
the popular online hangout messaged him a link.
First, though, he was directed
to a page where he was supposed to re-enter his
password. Rogers realized that someone was trying to
steal his information, and he didn't take the bait. At
best, he would be spammed with junk e-mails; worse, the
Web thief might steal his real-life
identity.
complete article
|
2006
Year of Security |
12/26/2006 | |
Though Internet-crippling virus attacks
now seem to be a thing of the past, PC users didn't feel
a lot more secure in 2006. That's because online attacks
have become more sneaky and professional, as a new breed
of financially motivated cyber criminals has emerged as
enemy number one. Microsoft patched more bugs than ever
and whole new classes of flaws were discovered in
kernel-level drivers, office suites and on widely used
Web sites. Vendors' chatter about security is at an
all-time high, but the bad guys are still finding lots
of places to attack.
And, oh yes, spam is
back.
Following are five of the top computer security stories
in 2006. |
Find
Security Feeds |
12/20/2006 | |
You can easily locate RSS feeds related
security at these 2 RSS sites:
Security Feeds - Complete directory of
RSS feeds related to security.
Government Feeds - Directory of all
feeds generated by the government.
|
Background Checks |
12/20/2006 | |
If you have ever been employed, chances
are good that you’ve had a background check run on
you. Employers looking for reliable, trustworthy
individuals will often use these reports to confirm that
information given on a resume is true and ensure that
they are hiring persons of high standards. But what is
included in a background check? Do you have control over
who can access your report? How can you find out what is
on your record?
Background Checks
|
Google Fixes Adwords Security
Flaw |
12/20/2006 | |
According to the description of the
flaw posted by security researcher Debasis Mohanty, the
HTTP Response Splitting flaw becomes possible when the
user input is injected into the value section of the
HTTP header without properly escaping/removing CRLF
(carriage return line feed) characters, which can lead
to two HTTP responses instead of one response.
Complete
Article
|
Apple Acknowledging Security
Issues |
12/19/2006 | |
Following a number of attacks against OS X
in 2006, Mac users are finally getting the message that
they are not immune, according to an IT security manager
responsible for over 5,000 Apple systems.
|
Yahoo Messenger Security Hole |
12/19/2006 | |
A vulnerability discovered in the Yahoo
"serious" Messenger and classified as for the proper
Yahoo can allow cracker to assume the control of the PC
that twirls the operational system Windows.
|
Consumer Reports Scam Report |
12/18/2006 | |
As 2006 draws to a close, a review of
ConsumerAffairs.com's Scam Alerts archive shows that
scammers have had a busy and -- we suspect -- lucrative
year.
Targeting the most
vulnerable citizens and using increasingly sophisticated
tools, most have been able to easily elude law
enforcement as they pick their victims' pockets,
sometimes even making off with their life savings.
Scam Report |
|
Computer hackers will open a new front in
the multi-billion pound "cyberwar" in 2007, targeting
mobile phones, instant messaging and community Web sites
such as MySpace, security experts predict.
|
Homeland Security Passenger Screening
Questionable |
12/11/2006 | |
A newly revealed system that has been
assigning terrorism scores to Americans traveling into
or out of the country for the past five years is not
merely invasive, privacy advocates charge, it's an
illegal violation of limits Congress has placed on the
Department of Homeland Security for the last three
years.
Complete Article
|
Six
Security Fixes Due From Microsoft |
12/10/2006 | |
Microsoft's monthly patch day will be next
Tuesday, December 12, and this month's batch appears
smaller than the last few. The company will issue five
security bulletins for Microsoft Windows, and one for
Visual Studio.
With the Windows updates, at
least one will be Critical, and some of them will
require a restart. The Visual Studio fix is also
considered to be Critical, the highest level of concern.
|
List
of Top 10 Security Concerns |
12/07/2006 | |
McAfee Labs unveils predictions for top ten security
threats in 2007:
1. Password Stealing 2.
Spam Volume 3. MPEG Files with Malicious Code 4.
Mobile Phone Attacks 5. Malicious Adware 6.
Identity theft and data loss 7. Use of Bots to
Increase 8. Parasite Malware 9. Rootkit
Issues 10. Vulerability
Growth
|
Tension Between Software Developers
and Bug Hunters |
12/06/2006 | |
The long-standing tension between
software vendors and independent vulnerability
researchers who find security holes in vendors' products
shows little signs of abating -- despite recent talk
about responsible vulnerability disclosure practices.
Last week Oracle Corp. criticized independent
vulnerability researchers after it came under fire for
its security practices. In a company blog, Eric Maurice,
manager for security in Oracle's global technology
business unit, said the company would not let external
perceptions drive its security policies.
In the blog, Maurice reiterated
Oracle's commitment to strong security practices and
said that it would continue to prioritize
vulnerabilities based on their criticality and not on
who discovered them. Maurice also blasted security
researchers who disclose zero-day bugs before fixes for
them are available.
Security Issues Raise Ire
|
Security Feeds |
12/05/2006 | |
If you are looking for RSS feeds for
Security Issues or Alerts, take a look at the Security Feed Directory. It is
composed of all feed related to security and alerts.
If you currently have a security website that
has RSS feeds, you can submit security feeds free of charge.
They will be categorized and made searchable.
|
Security Vendors Scrambling for Vista
Products |
12/05/2006 | |
With the enterprise version already
shipping and the consumer version due in January,
security software vendors are facing a race against time
to get their own Windows Vista-enabled solutions out the
door.
Despite the long-running beta program for
Vista itself, disputes over how much technical
information Microsoft should share with security
developers mean that relatively few have been able to
ship their products simultaneously with the OS itself.
|
Cell
Phones and Roaving Bugs |
12/04/2006 | |
Cell phones are capable of providing more
information about us and our whereabouts than we usually
realize. We familiar with the ability of cell phones to
be used to track users' locations, but now the FBI
has begun using them for eavesdropping—even when they
are turned off.
How is that possible? Read More |
US
Financial Interested Threatened by Al
Quaeda |
12/02/2006 | |
The US government has warned of an Al
Qaeda call to attack US online stock market and banking
services. The threat, seen on an Al Qaeda website,
applied to the whole of December.
|
Current Blog
2006 Security Blog Archive
December Archive
November Archive
October Archive
September
Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive
| |
 |

Security Alerts
Locate security alerts, and security feeds via a security rss feed
directory.
|