+ The Register - Security: Enterprise Security +

Biting the hand that feeds IT
Copyright: Copyright 2008, Situation ...

Last Update: Fri Jun 6 13:02:25 2008

+ Microsoft Patch Tuesday promises seven fixes + So let's get critical, critical Microsoft's monthly security update next Tuesday will see seven fixes including a critical update ...

+ Breach disclosure laws have 'no effect' on identity theft + Red tape failing to stanch losses Widespread information security breach laws in the US have failed to do much to reduce identity [...] in Europe to enact laws that would oblige organisations to notify customers in cases where their personal details become exposed.…

+ Hackers hijack hacking tools website + Ironic exploit Crackers briefly hijacked hacking tools website Metasploit on Monday.… ...

+ Cybercrooks plant phishing scam on crime reduction website + Home Office pwned Phishing fraudsters hacked a Home Office crime reduction website to host an Italian phishing website on ...

+ Chinese crackers blamed for US power blackouts + Lights go out, firewalls come tumbling down Chinese hackers have been blamed for two sets of cyber attacks that left US homes ...

+ Optical boffins cut the cost of quantum cryptography + Time shift dances the light fantastic Boffins at the National Institute of Standards and Technology are trialling advanced ...

+ Attack code in the wild targets new (sort of) Adobe Flash vuln + At least 20,000 pawns recruited Updated Security researchers from Symantec have clarified an earlier report of attack code in [...] They now say current versions of Adobe's stand-alone Flash application are vulnerable, but that updated browser plug-ins are not.…

+ Phlashing attack thrashes embedded systems + Router bricking risk A security attack that damages embedded systems beyond repair was demonstrated for the first time in London ...

+ Open source code crawling with fewer bugs + Audit gives thumbs up The quality of open source code has improved over the last two years, according to an audit sponsored by ...

+ Teapot backdoor probed by German telescope boffins + Spoons, spectacles, even eyeballs - all security risks Just when you (may have) thought it was safe to log back onto your ...

+ Firefox developers tinker with new security protections (finally) + Protecting users from net's weaker security links Developers of the Firefox browser are designing new technologies aimed at ...

+ Spanish police cuff web defacement crew + Five teens are net's 'most prolific hackers' Spanish police have arrested five hackers said to be among the most prolific on the ...

+ SANS sounds alarm on Debian OpenSSL flaw + Lockpicking script prompts alarm The SANS Institute yesterday took the highly unusual step of issuing a yellow alert over a ...

+ Outback hack suspect denied bail + Strewth he's deleted the system A former contractor allegedly knocked out government systems and deleted thousands of records in ...

+ Rootkits on routers threat to be demoed + Networks own3d Updated Security researchers have devised a rootkit capable of covertly monitoring and controlling Cisco ...

+ Apple okay with Safari 'carpet bombing' vuln for now + 'Eh. Don't expect much from us' Next time you get nagged to install Apple's Safari browser keep this in mind: The company's ...

+ Botnet sics zombie soldiers on gimpy websites + More SQL injection insanity The miscreants who have poisoned more than half a million web pages aren't the only attackers ...

+ Bulletproof quantum crypto dinged by implementation weakness + Trust but verify Security researchers have identified possible weaknesses in quantum cryptography implementations. A team from ...

+ Microsoft updates squash four critical bugs + Patch Tuesday calls for Windows and Office disinfectant Microsoft on Tuesday issued updates to plug a half-dozen security holes, ...

+ Debian fixes serious crypto bug + Locksmith overtime for sys admins Debian has warned of a vulnerability in its cryptographic functions that could leave systems ...

+ Vista security credentials tarnished in malware survey + Better off with a Win 2000 box Windows Vista is better at protecting against malware than XP but more easily infected than ...

+ India and Belgium decry Chinese cyber attacks + Join the ranks Belgium and India have joined the growing ranks of countries voicing concerns about cyber attacks originating from [...] inside their borders are routinely targeted by hackers trying to ferret information that could benefit the Chinese government.…

+ Renault F1 comp site spills entrants' details + You will never break the chain A Grand Prix competition from Renault hit the barriers on Thursday after it emerged that the ...

+ HSBC in further data loss + Stolen Hong Kong server contained data on 159K Security-incident prone bank HSBC has admitted losing a server containing ...

+ Rare SCADA bug poses power plant risk + Wonderware scare Security watchers warn of a rare vulnerability involving software used to control industrial systems. A denial [...] Invensys poses a severe risk to the factories and utilities running its Wonderware subsidiary's InTouch SuiteLink application.…

+ MS UK kills mystery 'Live to Code' site + Misconfigured marketing offshoot pulled Microsoft has pulled an apparently rogue internal marketing project that sat quietly, but ...

+ Google launches security group for open source + oCERT to make the world safe for GPL Google is spearheading a volunteer workforce it hopes will become the centralized authority ...

+ HSBC foils '£70m fraud' + Police called in over 'improper' transfer An HSBC worker has been charged after police were called in to investigate an alleged ...

+ Holes in London Mayor websites leave them open to 'e-gaffes' + New levels of XSS for Boris'n'Ken Ethical hackers have discovered potentially serious vulnerabilities on the websites of the two ...

+ Plasma TV components applied to password cracking + Bluetooth crypto blown in eight seconds Forget networked PCs or even PlayStation 3s, components commonly found in plasma TVs are ...

+ Anti-Israel hackers deface central bank site + Security doesn't roll on Shabbat The Bank of Israel website has been restored after it was knocked off the internet last weekend ...

+ HSBC plugs hole that exposed site directory + John Lewis Partnership site rather too open for comfort HSBC has finally fixed a bug that allowed web surfers to browse the ...

+ Infosecurity is very much like... + New cliches for old Infosec After three days, 320 exhibitors, dozens of presentations, and even more extensive marketing guff [...] year. Thankfully, next year's trade show will be held in Earls Court, not in the wastes of Olympia, and so much easier to get to.…

+ Department of Homeland Security website hacked! + Infected by massive attack sweeping the net The sophisticated mass infection that's injecting attack code into hundreds of ...

+ MS patch system poses 'significant risk', say researchers + The fix could automate production of the attack A group of four computer scientists urged Microsoft to redesign the way it [...] minutes by automating the analysis of a patch designed to fix the flaws, the researchers stated in a paper released last week.…

+ Web infection attacks more than 100,000 pages + UK Civil Service, UN and EPA among the plagued Hackers have injected malicious code into hundreds of thousands of reputable web [...] on the machines of those who visit them. The UK's Civil Service and the United Nations were among those who had been hacked.…

+ Modern 'primitive' could ease the pain of encrypting massive amounts of data + Multiple criteria for identity-based encryption Researchers have devised an encryption scheme that could simplify the protection [...] to lock files using keys that are based on specific attributes, such as an employee's position or geographic location.…

+ Prime yourself for security on the web + Food for thought on how to approach web security Web security is an interesting topic. It's the kind of thing we think we know ...

+ Microsoft: Finding flaws on our website is OK + 'Hate the vuln, love the finder' ToorCon In a first for a major company, Microsoft has publicly pledged not to sue or press ...

+ SQL string in URL exposes sex offender data + And much more, in Oklahoma coding fiasco Better known for its presentation of stunning examples of how not to develop code, The [...] case of information loss when it published an article on a critical flaw in the Oklahoma Department of Corrections website.…

+ Firefox and Safari updates tackle alternative browser bugs + Mozilla garbage function gets trashed There's patching work ahead for users of alternative browsers. Mozilla updated its Firefox ...

+ Security gumshoes locate source of mystery web compromise + How dunnit plot gets scripted Updated The source of the mystery infection of more than 10,000 websites back in January has been ...

+ Oracle patches 'sitting duck' database vulns + Apply or be own3d Oracle posted 41 patches on Tuesday as part of its regular quarterly patching cycle, with core database ...

+ Dutch transit card crippled by multihacks + Reverse-engineered The introduction of the Dutch public RFID transit pass will be delayed because it can be easily hacked.… ...

+ Google's cookie crumbles under scripting attack + Taking the biscuit Security researchers have unpicked a flaw in Google spreadsheets that allows cookie stealing. The cross-site [...] to use stolen cookies to access any Google service a user has registered, including accessing a victim's Google mail account.…

+ Regulatory compliance 'irrelevant' to security + PCI DSS credit card 12 commandments standard flawed Companies who get hung up on regulatory compliance are developing a false ...

+ Pro-smoking website redirected to 'baccy free zone + DNS attack provokes cacophony of hacking coughs Hackers attacked the websites of two organisations campaigning against the ...

+ Microsoft deploys protocol defense for IE + 'We can't do it on our own!' RSA Internet Explorer is the next battleground for Microsoft in its goal of securing the Windows ...

+ Lieberman's campaign to blame for website crash + 404 Error: Hackers not Found Technical mistakes by Senator Joe Lieberman's re-election campaign team - not an attack by opponents ...

+ UK.biz flunks app security tests + Risky business Weak encryption or cross-site scripting (XSS) vulnerabilities remain a big problem for UK firms. Tests on web ...