Security
Port
A Security Port Blog
Security Start Up Fails to Buy |
06/26/2008 | |
Ex-White House security adviser Richard A.
Clarke, who became a high-profile critic of the Bush
administration, has resigned as chairman of a
Massachusetts blank check company that netted $55
million in an initial public offering, but failed to
make good on its plans to buy security
firms.
Clarke and other key officials at Good
Harbor Partners Acquisitions Corp. resigned on June 16,
according to a filing with the Securities and Exchange
Commission. Earlier this year, the company returned
nearly all of the money it raised in a 2006 IPO after
failing to buy any companies. |
There is Money to be Made In Cellular
Security |
06/25/2008 | |
The race is on to get businesses and
consumers to pay for security for their cellphone the
way they do for their PCs.
Tech security
companies see a lucrative emerging market for cellphone
security products. Researcher IDC predicts businesses
and consumers will spend $958 million by 2011, up from
$214 million in 2006 spent mostly by corporations.
Symantec, Kaspersky Lab, Trend Micro and others have
stepped up consumer marketing of anti-virus
subscriptions for mobile devices. Typical annual cost:
about $30. |
Coffee is a Security Risk! |
06/24/2008 | |
An Australian man has discovered security
vulnerabilities in his Internet-connected coffee maker
that could allow a remote attacker to not only take over
his Windows XP-based PC but also make his coffee too
weak.
Craig Wright, a risk advisory services
manager at professional services firm BDO, found several
security holes, including a buffer overflow in the
Internet Connection software that links his Jura F90
coffee maker to his PC.
complete article
|
Theft Tied to Basic Security
Flaws |
06/20/2008 | |
Many data thieves may not be so
sophisticated after all, according to a study to be
released today.
At a time when the theft of
personal information is a growing problem for companies
and consumers, the study by a consulting unit of Verizon
Communications Inc. analyzed more than 500 data breaches
since 2004 and found 87 percent could have been
prevented with commonplace security practices.
|
|
Attackers could gain control of water
treatment plants, natural gas pipelines and other
critical utilities because of a vulnerability in the
software that runs some of those facilities, security
researchers reported Wednesday.
Experts with
Boston-based Core Security Technologies, who discovered
the deficiency and described it exclusively to The
Associated Press before they issued a security advisory,
said theres no evidence anyone else found or exploited
the flaw. |
Telecoms Patrolling the
Internet |
06/18/2008 | |
Forget that warm and fuzzy slogan about
reaching out and touching someone. The biggest U.S.
telephone company is increasingly pitching its ability
to keep the bad guys away.
Every day, all over
the Internet, computers are bombarded with spam and
malware, forcing corporate information technology staffs
into constant battle, and often overwhelming home users.
But help is emerging from an unlikely source.
Telecommunication carriers, who for years have passively
transported voice and data communications, are offering
to patrol their giant networks - for a price.
|
Prepaid Debit Card for Social
Security |
06/17/2008 | |
More than 4-million Social Security and
Supplemental Security Income recipients who do not have
bank accounts now have the option of getting a prepaid
MasterCard debit card with their benefits instead of a
paper check. A pilot project in Illinois last year has
been expanded to 10 Southern states, including Florida.
Here's a look at it. |
E-Tail Security |
06/14/2008 | |
Software security breaches add up in
recent headlines alone: $13 million in losses; 45.6
million credit cards stolen; recovery costs at $256
million dollars and mounting; and companies driven into
bankruptcy or out of business. Financially motivated
targeted attacks are becoming more prevalent, and new
vulnerabilities continue to be reported, according to
industry research firm Gartner. |
Censorship: A Threat to the Stability
and Security of the DNS? |
06/13/2008 | |
Censorship practices by governments and
other private actors are becoming more increasingly more
sophisticated, and their effects are increasingly being
felt globally.
A case in point, the YouTube
incident in Pakistan was a recent example affecting both
users and the DNS at a national and global level. Likely
other incidents will occur in the near future. As such,
I believe censorship should be considered as a threat to
the stability and security of the DNS.
In the
context of Internet governance discussions, I believe
the issue should be raised both at ICANN and the
Internet Governance forum. Do others agree?
|
Internet Banking Increases |
06/12/2008 | |
The ease of accessing banking services
after hours has seen a big jump in New Zealanders
embracing online banking.
A Nielsen survey shows
a 62 per cent jump in internet banking over the past
three years. Telephone banking has also risen, up 13 per
cent, while branch visits are down 23 per cent.
|
Printer Security Issues |
06/11/2008 | |
Printers and copiers could be the weak
link in many corporate cyber defenses, the European
Unions information security agency warned Tuesday.
The EU said companies are often unaware of
the dangers posed by printers that are connected to the
Internet, which can serve as conduits to penetrate
networks or a window to stored documents.
|
Australian Govt Launches E-Security
Week |
06/10/2008 | |
The Federal Government kicked-off National
E-security week today with the launch of a new security
alert service for internet users and small businesses.
The National
E-security Awareness Week is a Government initiative
aimed at boosting awareness of e-security
risks.
The alert service, announced today, is a
free subscription-based service that provides
vulnerability and threat information while advising
users how to manage outbreaks.
|
Protecting Fertilizer |
06/02/2008 | |
Canadian farm-input retailers are looking
for government financial help in upgrading security at
their facilities to prevent fertilizer from falling into
the hands of terrorists and makers of illegal
drugs.
The Canadian Association of Agri-Retailers
said Friday that its members and Canadian farmers
will soon find themselves at an even greater
competitive disadvantage compared to their American
counterparts, as the new U.S. federal farm bill
includes tax credits and grants to enhance security of
crop nutrients, herbicides and pesticides.
The
association notes that fertilizers have been used for
sinister purposes by criminal and terrorist
elements, notably in the Oklahoma City bombing in
1995 which killed 168 people and injured more than 800.
Anhydrous ammonia is also used in making
methamphetamine. |
Body
Imaging for Security |
06/01/2008 | |
Airport security has been taken to a whole
new level at Denver International Airport with a new
passenger imaging technology that gives security
officials a snapshot of what's underneath passengers
clothes, the Transportation Security Administration
(TSA) announced.
TSA started testing the new
system -- that scans the body for weapons and explosives
-- at DIA security checkpoints Friday.
DIA is
the sixth airport in the nation to implement the
technology which will be used randomly on passengers
traveling through security. |
TJX
Security Talk Got Employee Fired |
06/01/2008 | |
A low-level TJX employee has lost his job
for speaking in public about information security
problems he uncovered while working for the
company.
The employee, Nick Benson, is a
University of Kansas student who worked at T.J. Maxx
Pine Ridge Plaza store in Lawrence, Kansas. In an e-mail
interview, he said he was fired Wednesday for violating
corporate policy by disclosing proprietary information.
|
Muslim Gangs Taking Power in UK
Prisons |
05/30/2008 | |
Muslim gangs are threatening to take
control of one of Britain's top security prisons where
inmates include Al-Qaeda terrorists, a report reveals.
Staff at Whitemoor jail, Cambs, believe a serious
incident is imminent as several wings become
dominated by Muslim prisoners. There is an on-going
theme of fear and instability among employees, says the
Prison Services Directorate of High Security report.
"There is much talk around the establishment about
the Muslims,it says.
Some staff believe the
situation has resulted in Muslim prisoners becoming more
of a gang than a religious group. The sheer numbers,
coupled with a lack of awareness among staff, appear to
be engendering fear and handing control to the
prisoners, the report says. The situation has become
so bad that white prisoners are warned about the Muslim
gangs by staff on arrival. |
China Prepares Security for the
Olympics |
05/29/2008 | |
An anti-terrorist special team consisting
of engineers and experts will shoulder the security work
for the 2008 Beijing Olympics, according to the General
Staff Headquarters of the Peoples Liberation Army (PLA).
The team from the PLAs engineering troop will be
responsible for security checks, emergency rescues and
anti-terrorist technology applications during the August
Olympiad.
In addition, 10 engineering experts in
anti-terrorist technology have been selected to provide
technical support and information for the security
troops during the Games.
Olympic
security has been the focus of the Chinese armys daily
drills. Among them are activities preventing guns and
explosives from nearing important targets, searching for
and defusing explosives, rescuing victims stranded in
damaged buildings and leading emergency evacuations,
among others. |
Facebook Agreement with Mass Attorney
General |
05/29/2008 | |
While schools in Lynn and across the
country are fighting a war against Internet predators
and bullying, Massachusetts Attorney General Martha
Coakley announced a breakthrough safety and security
agreement with one of the Internets most successful Web
sites this month.
Coakley, along with her 49
counterparts from across the country, reached an
agreement with Facebook.com this month to better protect
children from predators and inappropriate content on the
Web site. As part of the agreement, Facebook.com will
also participate in the Internet Safety Technical Task
Force that was established under a similar agreement
reached between Myspace.com and the attorneys general in
January.
|
NSA
Knocked Off the Internet |
05/28/2008 | |
The US National Security Agency (NSA) has
been knocked off the Internet, thanks to a faulty
server. However, website measurement company Netcraft
said that the problem had now been fixed.
The
website was temporarily unreachable because of a problem
with the NSAs DNS servers, said Danny McPherson, chief
research officer with Arbor Networks. DNS servers are
used to translate things like the web addresses typed
into machine-readable Internet Protocol addresses that
computers use to find each other on the Internet. The
agency's two authoritative DNS servers were unreachable
last Thursday morning, McPherson said.
|
|
After attempting to work with Apple for
several months on what it claims are serious security
flaws in iCal, security firm Core Security Technologies
(CST) published the flaws late on Wednesday. The company
published notice of the bugs, and a log of contacts
between Apple that debate the severity of the flaws and
threaten publication unless Apple commits to a date for
fixing the flaws |
Software Alert System |
05/26/2008 | |
Use PageGate integrated with existing
applications to notify IT staff on wireless devices
about outages or system problems. Alerts can be sent to
PageGate from network monitoring, HVAC or other systems.
There is a free trial version of PageGate available and
a step by step tutorial detailing how the software can
be integrated to add another layer of notification.
|
Avoid Duplicate Content Penalties in
the Search Engines |
05/25/2008 | |
While it may still be debatable whether
all the major search engines currently employ a
duplicate content penalty, all have made it abundantly
clear that they do not have any desire to provide search
results that rehash the same content over and over.
Actively avoid any potential penalties by taking a
proactive approach to building unique content.
Avoid Duplicate Content Penalties in
Search |
eBay
Seller Convicted Pirate |
05/24/2008 | |
A 23-year-old Oregon man has pleaded
guilty to charges that he used identity theft to set up
bogus accounts on eBay, where he sold counterfeit
software with a retail value of more than US$1 million,
the U.S. Department of Justice said.
Jeremiah
Joseph Mondello of Eugene, Oregon, pleaded guilty
Wednesday to one count each of criminal copyright
infringement, aggravated identity theft and mail fraud
before Judge Ann Aiken in U.S. District Court for the
District of Oregon. He faces up to 27 years in prison
and a fine of $500,000, the DOJ said.
|
Software Security Hole in Power
Plants |
05/23/2008 | |
Boston-based security firm Core Security
has discovered a serious hole in the Suitelink software
that is used to automate operations at power stations,
oil refineries and production lines, according to a
report in New Scientist.
Attackers exploiting
the vulnerability could crash the software by
transmitting an outsize packet data to a certain port on
the computer running Suitelink, the article says.
Fortunately, Wonderware, the company that makes
Suitelink, has issued a software patch for the
vulnerability. Now it is up to the plants to update
their software. |
Cyber Security Flawed |
05/22/2008 | |
Major elements of the Bush
administration's proposed $17 billion cyber
security initiative have little to do with
protecting government networks, and a lot to do with
spying, according to a budget report released by the
Senate Armed Services Committee this week.
The
so-called National Cyber Security Initiative is also
wrapped in unnecessary secrecy, and would spend billions
on unproven, embryonic technology, and possibly illegal
or ill-advised projects, according to the analysis --
which is part of a broad look at the proposed 2009
defense budget. |
Drink Up for Security |
05/21/2008 | |
Workers in some subway stations in Olympic
host city Beijing have started asking passengers
carrying bottled drinks to take a swig to prove they are
not carrying banned liquids like petrol, local media
reported on Friday.
China last year said
terrorist attacks posed the biggest threat to the Games
and has intensified security measures at airports, train
and subway stations after the government said a flight
crew foiled an attempt to blow up a plane over the
countrys restive northwest region of Xinjiang in
March.
Subway workers were asking passengers to
take a drink if security equipment was unable to
detect the content of the fluids in their bottles,
the Beijing News said. |
Prolific Hackers Arrested |
05/20/2008 | |
Spanish police have arrested five hackers
they describe as being among the most active on the
internet.
The hackers, who include two
16-year-olds, are accused of disrupting government
websites in the United States, Asia and Latin America.
Police say they co-ordinated attacks over the
internet and hacked into 21,000 web pages over
two years. |
Cyberbully Indicted |
05/19/2008 | |
This cyberbullying case could have
significant implications:
A Missouri woman
who allegedly used a fake MySpace profile to bully a
girl who later committed suicide has been indicted by a
federal Grand Jury.
Lori Drew, 49,
allegedly posed as a boy on the website to befriend
Megan Meier, 13, who hanged herself after he broke off
the virtual
relationship.
|
Extremists Get Technical |
05/18/2008 | |
Al Qaeda and other radical groups have
dramatically increased their use of the Internet in
recent years to lure and train recruits worldwide, a
U.S. Senate report warned on Thursday.
The report
by the Senate Homeland Security Committee found that
these groups run production houses and distribution
centers that digitally send anti-American messages to
thousands of Web sites around the globe.
|
FaceBook Puts Controls In
Place |
05/17/2008 | |
Top US state attorneys announced Thursday
that Facebook has agreed to get tougher on keeping its
young website users safe from bullies, porn, pedophiles
and other online hazards.
Facebook has agreed to
a child protection pact similar to the one sealed with
leading social-networking website MySpace in January,
according to Connecticut attorney general Richard
Blumenthal. |
TorrentSpy Fights Back |
05/16/2008 | |
A TorrentSpy lawyer vowed Thursday to
appeal a 110-million-dollar legal judgment against the
website for directing people to unauthorized online
copies of films and television shows.
Valence Media shut down its TorrentSpy
website in March and filed for bankruptcy last week in
the face of a lawsuit brought against it by the Motion
Picture Association of America. |
DARPA National Challenge |
05/15/2008 | |
Police officers practice their firearm
skills on a shooting range, so why should government
computer security experts not have the same kind of
training ground?
The Defense Advanced Research
Projects Agency, or Darpa, on Monday issued a call for
research proposals to develop the National Cyber Range,
or NCR, a virtual network environment for cyberwar
simulation. |
Pirate Takes on Microsoft |
05/14/2008 | |
software dealer who Microsoft charged with
engaging in the sale of pirated software is vowing to
fight back. Next week he plans to file a complaint with
the European Commission alleging abuse of power and
anti-trust violations.
Microsoft this past
Monday filed a legal complaint against Samir Abdalla, an
entrepreneur from The Netherlands, claiming that he
illegally sold software in the U.S. that was intended
for educational markets outside the United States. He is
alleged to have made US$3.6 million from the business.
The suit was filed in Los Angeles, together with seven
complaints against other software dealers from Canada,
Egypt and the U.S.
The software maker is asking
for damages as well as an injunction that prevents
Abdalla from importing software that is intended for
students. |
Internet Assault |
05/13/2008 | |
Internet security experts say the Web has
become so overrun with identity thieves that users have
no way of knowing which sites are safe.
The San
Francisco Chronicle said last Wednesday that even the
largest and most-familiar destinations are vulnerable to
thieves who swipe identification numbers, business
e-mails and medical records.
|
FBI
Loses To Internet Archive |
05/12/2008 | |
The Internet Archive revealed Wednesday
that the FBI dropped an effort to secretly obtain
information about the online activities of one of the
digital librarys users. The Archive revealed that it
had been served a National Security Letter by the FBI
last year about one of its patrons. The San
Francisco-based nonprofit organization prevailed after
enlisting the help of the Electronic Frontier Foundation
and the American Civil Liberties Union.
|
China To Spy on Guests |
05/07/2008 | |
U.S. senator accused the Chinese
government on Thursday of ordering U.S.-owned hotels in
China to install Internet filters that can spy on
international visitors coming to see the summer Olympic
games.
Sen. Sam Brownback, a Kansas
Republican, made the charge at a Capitol Hill news
conference where he and other lawmakers denounced Chinas
record of human rights abuses and urged President Bush
not to attend the Olympics opening ceremonies in
Beijing. |
Criminals Try to Copyright
Malware |
05/06/2008 | |
Even criminal hackers want to protect
their intellectual property, and they have come up with
a method akin to copyrighting — with an appropriate
dash of Internet thuggery thrown in.
Professional virus writers are now selling a
suite of software on the Internet with an unusual
attachment: a detailed licensing agreement that promises
penalties for redistributing the malicious code without
permission. |
30
Months for Piracy |
05/05/2008 | |
A Woodbury, Connecticut, man has been
sentenced to 30 months in prison for operating Web sites
where users could download unauthorized copies of
movies, music and software titles, the U.S. Department
of Justice announced.
David M. Fish, 26, was
sentenced Monday on criminal copyright infringement and
circumvention charges in U.S. District Court for the
Northern District of California in San Jose, the DOJ
announced late Tuesday. |
Internet Crime Matures |
05/04/2008 | |
Pack up the image of the lone hacker.
Internet crime is highly organized -- outsourcing
complex work and using sophisticated pricing, like bulk
discounts for stolen credit cards.
What should be
particularly worrisome to legitimate businesses is a
shift in tactics. Rather than targeting computer
networks, which have strengthened defenses considerably,
Internet criminals now try to get to individual
computers and customers of Internet services and sites
with Web-based attacks. One reason: Few Web sites
address their vulnerabilities, and the few that do,
react slowly. |
Microsoft Denies That They Are
Security Concern |
05/03/2008 | |
Microsoft Corp. denied the recent
incident, in which more than half a million websites
were hacked, was caused by vulnerabilities in its Web
and SQL Server software, according to U.S. media reports
Monday.
Earlier last week, more than 500,000
websites, including several hosted by the United Nations
and the UK government, were hacked and modified in order
to download malware to visitors computers, according to
Finnish anti-virus maker F-Secure, which caused numerous
governmental and commercial Web pages were shut down.
Security researchers said those websites were hacked by
SQL injection attacks.
|
HP
Updates Open Security Concerns |
05/02/2008 | |
A dangerous flaw in Hewlett-Packard
Software Update, a tool that automatically updates HP
software and drivers, could be exploited by an attacker
to read sensitive information or gain access to a
system.
The tools contain several ActiveX flaws
that could be exploited by tricking Internet Explorer
users into visiting a malicious website.
|
China Taking Piracy Seriously |
05/01/2008 | |
Chinese police have seized $750 million
worth of pirated computer software and broken up a
piracy ring in southern China, state media said as
Beijing vows to crack down on a problem which has soured
trade ties. |
Current Blog
2008 Security Blog Archive
May-June Archive
April Archive
March Archive
February Archive
January Archive
2007 Security Blog Archive December
Archive November
Archive October
Archive September
Archive August
Archive July
Archive June
Archive May
Archive April
Archive March
Archive February
Archive January
Archive
2006 Security Blog Archive December
Archive November
Archive October
Archive September
Archive August
Archive July Archive
June
Archive May Archive
April
Archive March
Archive February
Archive January
Archive
| |
 |

Security Alerts
Locate security alerts, and security feeds via a security rss feed
directory.
|