Illegal EBay Software Seller Charged 08/28/2009

A U.S. judge has ordered a Delaware man who sold copies of software packages on an Internet auction site to pay US$210,563 in damages and court costs, the Business Software Alliance (BSA) announced Monday.

Radisson Secuirty Breach 08/27/2009

Radisson Hotels & Resorts said Wednesday its computer systems were accessed without authorization, affecting an unknown number of people between last November and May. Radisson said in a statement it has informed customers of the situation and that guest information may have been accessed, including credit card numbers. Social Security numbers were not included.

Subsidized Housing for Sex Offenders 08/27/2009

Investigators projected that the Housing and Urban Development Department subsidizes roughly 2,100 to 3,000 households that include a serious sex offender. The HUD inspector generals office conducted the review. Congress banned subsidized housing for the most serious sex offenders after a 1997 case when a convicted sex offender was charged with assaulting and molesting a 9-year-old neighbor girl who lived in the same public housing building. The legislation said that housing authorities must not admit any household that includes a person subject to the lifetime registration requirement, typically reserved for the most serious offenders.

CIA Hired Blackwater 08/26/2009

The Central Intelligence Agency hired the private security firm Blackwater USA in 2004 to work on a covert program aimed at targeting and potentially killing top al Qaeda leaders, according to a source familiar with the program. The existence of the program, which began in 2001, came to light earlier this year when CIA Director Leon Panetta canceled the effort, but it is only now that Blackwaters involvement has become known. That development was first reported Thursday in The New York Times. The program was part of a broader effort inside the CIA to develop the capacity to conduct training, surveillance and possible covert operations overseas, according to the source. The program was outsourced to contractors to put some distance between the effort and the U.S. government.

Trawling for Extremists 08/26/2009

Azlin Mohamed Yasin spends several hours a day trawling the Internet, but she is not your typical young surfer, descending into a world of bomb-making, militancy and extremism. From her computer, she enters a world where young Muslims openly volunteer to fight against US-led coalition troops in Afghanistan or learn how to make explosives out of everyday materials.

Missing Children 08/25/2009

New cellphone software would allow families in New York to instantly send police vital information when a child is missing, tenants groups said. Thirty thousand families in the city are to be picked by lottery this fall to receive the software, funded with $1.5 million from tenants' groups representing poor families, the New York Daily News reported Saturday. It is about time that in the 21st century that everybody that has a (cell phone) can transmit their childrens information to the police department, tenant spokesman Reginald Bowman said. Just like we text, just like we tweet. When children disappear, the so-called AMBER Ready

Social Victims 08/24/2009

Twitter fell down hard Thursday morning under the force of a malicious flood of fake packets, stranding millions of users looking for their daily fix of 140 character bon mots. Facebook users faced smaller difficulites, such as slow loading pages, also due to an apparent attack. But security experts say the attacks on Twitter and Facebook are nothing new under the sun and that Distributed Denial of Service Attacks — which render a web server useless to real users by overwhelming the server with fake requests, are commonplace on the net. DDoS attacks are usually carried out using a zombie army of infected Windows computers known as a botnet, where the controller tells the infected computers what site to bombard with requests.

Biometric Security 08/23/2009

The Department of Homeland Security is expanding a pilot project that uses fingerprint scanners and kiosks to speed travelers headed overseas through airport security. On August 24th, the Global Entry Trusted Traveler program will be available at 13 additional airports in the United States and Puerto Rico, bringing the total number of airports equipped with the technology to 20. The program is also available at airports in the Netherlands through a partnership.

Climate Change is a Security Issue 08/21/2009

Climate change threatens to undermine global stability and security because of its human consequences, including widespread hunger, water shortages, forced migration, conflict over scarce resources and disease. Those facing the most extreme risk are the poorest with the fewest resources and the least capacity to cope, despite contributing the least to the crisis. Climate change legislation must urgently and aggressively reduce our emissions. But because of the damage already caused, some consequences are now unavoidable.

CyberSecurity Wiki 08/20/2009

The Department of Homeland Security and other federal agencies will use the platform to share operational information on cybersecurity threats and best practices.

Secret Company Data 08/19/2009

Telecommunications providers will not have to give the government sensitive revenue and Internet speed data for a program to map broadband use in U.S. homes and bring high-speed Internet service to more people. The U.S. Commerce Department said on Friday that companies such as Verizon Communications Inc, Comcast Corp and AT&T Inc do not have to share how much money they make from each Internet subscriber. Nor must they say how fast their Internet connections typically run. Instead, they will provide data by the block, usually about a dozen homes depending on the size of the block. They also will share the speed of Internet service that they advertise.

Iowa Lottery Checks 08/19/2009

Iowa Lottery officials says they have completed another round of unannounced security checks at retail locations across the state. Lottery officials said Thursday that investigators visited 217 random locations and presented large prize tickets to store personnel to test security procedures. Officials said all the tickets, totaling $1.5 million in prizes, were handled properly by store employees. Iowa Lottery spokeswoman Mary Neubauer said the security checks were initiated in February after the agency received customer complaints.

18 Apple Bugs 08/18/2009

Apple fixed 18 security flaws in the latest update to its Mac OS X operating system. Several of the bugs are tied to the handling of images.

Webmaster Elements 08/17/2009

Great collection of resources and tools for Wemasters.

Tracking Online Censorship 08/17/2009

When Shanghai blogger Isaac Mao tried to watch a YouTube clip of Chinese police beating Tibetans, all he got was an error message. Mao thought the error — just after the one-year anniversary of a crackdown on Tibetan protesters in China — was too suspicious to be coincidental, so he reported it on a new Harvard-based Web site that tracks online censorship. Meanwhile, more than 100 other people in China did the same thing. The spike in reports on Herdict.org in March pointed to government interference rather than a run-of-the-mill technical glitch, even before Google Inc. confirmed China was blocking its YouTube video-sharing site.

Swine Flu 08/16/2009

As the first day of classes approaches for some districts, school and health officials in several states are preparing for the possibility of wider outbreaks of the H1N1 virus. Swine flu, which disproportionately targets teenagers and young adults, is expected to begin spreading more rapidly when students return to the close quarters of classrooms and dormitories, county and state health officials say. They expect greater-than-usual numbers of students to seek inoculations because of widespread publicity about H1N1. complete article

Game Ban in China 08/16/2009

China has banned online games featuring sinister mafiosi and knife-wielding street gangs, accusing the software of promoting anti-social behaviour and harming youth, state media said Tuesday.

Web Host Security 08/14/2009

Current technology news is rife with stories of compromised Internet security. Consider these recent examples: Twitter Gets Hacked...Bad - Back in April a hacker broke into the popular micro blogging service Twitter. At the time Twitter's co-founder Biz Stone wrote about the incident on Twitter's official blog. The truly distressing part of the hack was that it was executed with such stealth that Twitter did not even realize until weeks later the full extent of the hack. Sensitive company information including financial projections, employee credit card information, confidential contracts, and internal executive strategic meeting reports were all taken from the company. The writers over at TechCrunch have discussed the Twitter hack at length with someone who claims to be the actual hacker and created a great debrief of the incident entitled, The Anatomy Of The Twitter Attack. It's a bit long, but well worth reading. FOX News Gets Hacked - Dave Briggs, a FOX and Friends Weekend co-host, had his Hotmail email account hijacked when hackers were able to guess either his password or his qualifying question. According to published reports, the attackers first locked Mr. Briggs out of his own account. They then spammed all of his email contacts with a phony email that appeared to be written by Mr. Briggs himself. The fraudulent email claimed that he was trapped in Malaysia and further asked that someone help him by wiring money via Western Union.

Smart Phones Dumb People 08/13/2009

The smarter your phone, the dumber criminals need to be to exploit it. That is the message from the annual BlackHat security conference.

Hacker Security Flaw 08/12/2009

A powerful new type of internet attack works like a telephone tap, but it operates between computers and websites they trust. Hackers at the Black Hat and DefCon security conferences have revealed a serious flaw in the way web browsers weed out untrustworthy sites and block anybody from seeing them. If a criminal infiltrates a network, he can set up a secret eavesdropping post and capture credit card numbers, passwords and other sensitive data flowing between computers on that network and sites their browsers have deemed safe. complete article

Homeland Security Issue 08/11/2009

The Department of Homeland Security is investigating whether one of its employees used a government e-mail account to post racially insensitive comments on a newspaper Web site in western New York.

Antivirus Software Problems 08/10/2009

Antivirus software cuts two ways. It is great at blocking known viruses, but it can sometimes misfire, mistakenly flagging clean files as malicious. That sends a computer into a tailspin trying to clean up stuff that is supposed to be on there.

Mobile Internet Usage Up 08/09/2009

More than half 56% of Americans have accessed the Internet using wireless mobile devices such as smartphones and laptops, according to a new report from the Pew Internet & American Life Project. The most popular way people go online via wireless is with a laptop as 39 percent of Internet users have done this. One-third of Americans 32% have used a cell phone or a smartphone to access the Internet for emailing, instant messaging, or searching for information. The amount of mobile Internet usage is up by one-third since December 2007, when 24 percent of Americans had gone online via a mobile device. On an average day 19 percent of Americans use the Internet on a mobile device, up significantly from 11 percent in December 2007. That's a growth of 73 percent in the 16 month time period between reports.

Free Antivirus Leads to False Sense of Security 08/08/2009

Reports show that Free Antivirus Leads to False Sense of Security in users.

Internet Wars 08/07/2009

The U.S.-based agency that regulates Internet addresses, facing criticism that it is too America-centric, remains the best guardian of a single, unified, global Internet, according its new chief executive.

EVerify 08/07/2009

Congress pressed officials with the Homeland Security Department and Social Security Administration on Thursday for assurances that an individuals personal information would remain secure during expansion of the system used to verify work eligibility.

Adobe Flash Security 08/06/2009

Adobe on Wednesday issued a security advisory about a critical zero-day vulnerability that affects its Flash Player, Reader, and Acrobat software across all major operating systems.

Businesses Going Green 08/05/2009

A business that makes the decision to be environmentally-conscious will often promote goodwill among potential customers, while making the world a better place for future generations. Many businesses hesitate to adopt green practices because they fear it will hurt their bottom line and negatively impact profits. But many eco-conscious businesses discover that they can actually save money and bring in new customers who specifically patronize companies that actively make an effort to be environmentally friendly. Many customers may even be willing to pay a bit more for a product or service from a company that is green. Many businesses already do things that are eco-friendly, not necessarily because they are sensitive to green living, but simply to save money. That does not, however, diminish the value of their green efforts. The trick for businesses is to be eco-friendly without compromising profitability. Business Going Green

Preventing Software Piracy 08/04/2009

Software piracy is an ever-present problem for software developers, and unfortunately there is no way to entirely prevent it. Software developers can employ tactics such as hardware dongles, registration codes, passwords, online activation, separate downloads for licensed versions, etc, but the fact remains that none of the protection schemes are absolutely foolproof or failsafe. All software protection measures can ultimately be circumvented if someone is persistent and determined enough. Preventing Software Piracy

Security Pressure 08/03/2009

Following yesterdays news that a Chinese engineer committed suicide after misplacing a 4G iPhone prototype, a security officer involved in the death has been suspended from his job, and his case has been turned over to Chinese authorities.

Security as a Strategy 08/02/2009

McAfee outlined details of its Security-as-a-Service strategy, designed to provide consumers, SMBs and large enterprises with security products delivered as a service in the cloud.

Food Security 08/01/2009

Days after the government said it was planning to introduce genetically modified food crops in the country in three years, US secretary of state Hillary Clinton gave a clear indication of the US administrations approval of deploying cutting-edge technology to raise crop yields. During her first visit to India as secretary of state, which included a strategic stop at the countrys premier agriculture institute, Indian Agricultural Research Institute, Clinton was vocal about the need to address the root of the problem of world hunger: crop productivity. And helping increase crop yield would be cutting-edge technology, she claimed.

Real ID is a Real Pain 07/31/2009

With no debate, the Senate in 2005 approved the Real ID Act:h.r.00418: -- which had been inserted into must-pass legislation authorizing funds for the Iraq war. That may have been the only way to get the deeply controversial law through the upper house, because of all the heightened security measures passed following 9-11, none will have as dramatic and intrusive an effect on the lives of everyday Americans as Real ID. The law mandates a tamper-proof card that would become the only acceptable form of identification for federal purposes, such as boarding a commercial airliner or entering a federal building. It was clumsily drafted in a way that imposes multibillion-dollar expenses on state governments, enhances opportunities for identity theft, turns state motor vehicle departments into arms of U.S. Immigration and Customs Enforcement and will almost certainly lead to harassment of immigrants, legal or otherwise.

Twitter Security Lessons 07/30/2009

Twitter's latest security hole has less to do with its users than it does with its staff, but lessons can be learned on both sides. In the case of Jason Goldman, who is currently Twitters director of product management, the simplicity of Yahoo's password recovery system was enough to let a hacker get in and gain information from a number of other sites, including access to other Twitter staff's personal accounts. The aftermath of the hack, which took place in May, is just now coming to fruition. Documents that a hacker by the alias of Hacker Croll recovered from Goldmans account and others including Twitter co-founder Evan Williams could be a treasure trove of inside information about the company and its plans.

Terror Alert System Reviewed 07/29/2009

The multicolored terror alert system that was created after the Sept. 11, 2001, attacks could be getting an overhaul — or could be eliminated entirely. Homeland Security Secretary Janet Napolitano is expected to appoint a panel Tuesday to reevaluate the system, a senior administration official said. The five-tiered system that goes from green, which signals a low danger of attack, to red, which signals a severe threat of attack, has proven to be confusing at times, and critics say the different colors are too vague to deliver enough information to be useful.

Border Security 07/29/2009

A report by the Brookings Institution scheduled to be unveiled Tuesday in Detroit found that federal officials now treat security at Canadian and Mexican crossings into the U.S. the same, despite the differences between its southern and northern neighbors. The Washington-D.C.-based research group began work on the study last year with the Detroit Regional Chamber of Commerce as the Detroit and Windsor, Ontario, is the busiest Canadian-U.S. corridor. It sees about 400,000 people each day and about 16 million cars, trucks and buses going back and forth each year.

Current Blog

2009 Securty Blog Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2008 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
July-August Archive
May-June Archive
April Archive
March Archive
February Archive
January Archive

2007 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2006 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive