Browse > Home /

RSA puts pressure on Sinowal Trojan

A number of financial institutions have been hit by Sinowal Trojan, which has now caused the RSA FraudAction Research Laboratory to intervene and put pressure on the people behind it. The laboratory has said that this Trojan which has a number of other names, Torpig and Mebroot has stolen the login credentials of around 500,000 accounts. Read more

Sarah Palin Learns About Password Security the Hard Way

ROME, Italy, Sept. 17 /PRNewswire/ — News reports that vice presidential candidate Sarah Palin’s personal email was hacked and posted on the Internet brings national attention to the growing problem of online security. The group who invaded Palin’s Yahoo account likely gained access through an attack on Yahoo’s password recovery system Read more

Web security DNS patch not so secure: Is DNSSEC the answer?

This year most of the world found out about a major flaw in the Domain Name System (DNS), and while there has been a web security DNS patch released, it may not be that secure.

It looks like this patch for the web security hole has leaks of its own, and a Russian physicist, Evgeniy Polyakov, proved this.

While the network administrators around the world are racing to fix this problem with a patch on their systems, it looks like its still vulnerable and will still be exploited by criminals.

Evgeniy Polyakov has already fooled the DNS in under 10 hours, even after its been patched. This would allow him to redirect Internet traffic to another domain, you may think your on the real banking website, when you may not be.

The current problem is in the fact that DNS was invented in 1983 for services that were not meant to be secure enough for electronic banking.

Many web security expects see something called DNSSEC as the answer, you can read more about this here. View other computer news here.

Are you worried about how secure you are online?

Black Hat security conference highlights DNS Flaw

It seems as though 85 percent of Fortune 500 companies have had to patch their networks, this fix was a direct result of a security flaw. The flaw allowed cyber criminals to redirect visitors to counterfeit or malicious Web sites. This patch still leaves Internet users vulnerable to a large number of infrastructure providers who have yet to fix this security risk.

This data has been highlighted at the Black Hat security conference in Las Vegas, it was Dan Kaminsky, the Seattle based IOActive researcher who first discovered the risk. Kaminsky said that bad guys would be able to corrupt records that they could find in the domain name system (DNS). They will then be able to fill them in with inaccurate information.

It was on July 8 that a number of companies that included Microsoft, Cisco, Sun Microsystems along with a dozen others had to ship software updates to fix this fault in the DNS design.

DNS is the communication standard, it acts as what could only be described as a phonebook for the Internet.

Kaminsky said that while some 120 million which is about 42 percent of broadband users are now protected by this patch, just half of the DNS servers are now protected by this patch. In his time on the floor at the Black Hat conference Kaminsky described the many ways that a bad guy was able to steal your personal and financial data from the Internet.

For a full report on this visit: The Washington Post

Subsidiary of U.S. military security contractors buy 314 B1 Super Tucano Fighter Plane

Blackwater Worldwide who are a subsidiary of U.S. military security contractors have just purchased the 314 B1 Super Tucano Fighter Plane from the Brazilian aviation company Embraer. The 314 B1 Super Tucano propeller-driven fighter plane was bought for $4.5 million and delivered to EP Aviation at the end of February.

EP Aviation has apparently got 33 planes and helicopters registered with the FAA, obviously officials with Brazil’s government and Embraer declined to comment on the Estado report and apparently according to the source below phones calls were not returned. Apparently after reading on the internet the company called Blackwater Worldwide are infamous for its allegations of its killings in Iraq. Let us tell you more about the 314 B1 Super Tucano Fighter Plane.

The 314 B1 Super Tucano is black and grey and is propeller driven which if you look closely looks pretty similar to that of the World-War 2 fighter plane, the Embraer EMB 314 Super Tucano which is also named ALX or A-29 is a turboprop aircraft designed for light attack, counter insurgency (COIN) and pilot training missions. It incorporates highly modern avionics and weapons systems which we have listed below. At the moment it is being used by the air forces of Brazil, Colombia and the Dominican Republic and now Blackwater Worldwide has it.

The armament is as follows, 2x 12.7 mm FN Herstal M3P machine guns, 1x 20 mm cannon pod below the fuselage, 4x 70 mm rocket launcher pods, Conventional and intelligent bombs, 2x AIM-9 Sidewinder or MAA-1 Piranha or Python 3/4 air-to-air missiles and External stores on 5 hardpoints. The maximum speed is 593 km/h (320 knots, 368 mph).

Source – USA Today

Comcast Email Hacked: Webmail security issues, comcast.net site is back up

It seems the importance of using a very strong password for emails is a must because the hacking of Comcast email service shows security issues. Many users do not understand obviously how important it can be, even though internet service providers (ISPs) like Comcast using some of the most advanced email security solutions, wonders never cease to amaze because hackers can and will get through.

I have visited www.comcast.net this morning and it seems the site is down with a message on the homepage saying This Site Is Under Construction and Coming Soon but thankfully it is back up and running again, oops so no chance for you to go to Comcast net sign in to login. We all when going to a service like Comcast and other email providers that they use cutting edge email security appliances, but the whole truth of the matter is that much of the Web’s infrastructure is hacked together legacy equipment. In simple terms it is fair to say users should protect themselves from having their online identity compromised, the bottom line is that users should change their passwords frequently and then maybe this hacking problem may ease a little.

Let me say now that anyone using this service that has had the same password for some time now should really consider changing it, the current problems with Comcast web email security solutions proves that it’s vital for us to protect ourselves with effective online caution. Word of warning for those wanting to change passwords, DO NOT use birthdates, pet names or even family names, USE mixed up letters and numbers even down to using uppercase and lowercase characters. I would recommend you changing passwords once a month to be on the safe side,

You should be changing passwords weekly, but even security freaks don’t do it that often. Once or twice each month is really not sufficient, but it’s a lot better than nothing. It’s a simple email security solution that will help you avoid the problems that Comcast email users are having right now.

www.comcast.net is all up and running again.

Sony announce PlayStation Network has major security vulnerability for PS3

Details are still thin on the ground but all we know is that Sony have announced that there is a major security vulnerability with the PlayStation Network. Most of the security issues are with the Japanese PlayStation Network.

This problem could allow attackers to access your account and get hold of your personal information. However these attackers can not get hold of your credit card information, they can also change your password. So will you stop using your Sony PS3 until they sort this issue out?

Source - Engadget

Personal Pocket Safe: Encrypted USB smart flash drive

CHDT Corp have produced the Personal Pocket Safe, this is a USB smart flash drive. This USB flash drive is all about security, which is why this is the first encrypted, epoxy coated, pin-protected smart drive. The company states that this flash drive has military-grade encryption, which makes the device so safe.

The USB smart flash drive also features a password vault as well as a track-covering feature. What this means is that nobody will be able to locate its presence once it has been removed from its system. The drive is gold and shiny to look at and has a rubber PIN-pad; this allows you to enter your 4 to 10 digit code so that you can access your files.

Source – Gizmodo via Slippery Brick

BBC iPlayer: Apple iPhone beta Firefox plug-in security loophole fixed

As one loophole closes, another normally opens but for now the BBC iPlayer Firefox plug-in loophole has been fixed and now you cannot download and save programming DRM-free. It was reported that hackers found the loophole with the Apple iPhone beta version and let iPhone iPlayer users download videos with no copyright protection. Did you notice this loophole?

Source

Heathrow Security Breach: police carry out controlled explosion on northern runway

A man managed to breach Heathrow Airport security and run into the path of an aircraft, the man had a rucksack on his person. The man who jumped the fence to get onto the northern runway was tackled by armed officers.

A controlled explosion was carried out on the rucksack, however no bomb was found. The northern runway is being partially used, while the Southern runway is in full use. A spokesperson for British Airways has said that

A man with a rucksack has run into the path of an aircraft at Heathrow Airport - sparking a major security alert. He jumped the perimeter fence shortly after 2pm and was tackled by armed officers on the northern runway. “Flights will obviously be disrupted due to the closure of the runway.

Police will now want to question the man, and the first question will be what he was doing there. However the question I would like to know is “how did he breach security.” This is now the second time in only a few weeks that people have managed to breach Heathrow Airport security.

Source - Sky News

ThruVision T5000 camera sees under clothes: airport security just got better

It seems as if airport security is about to get a whole lot better thanks to the Britain. ThruVision a British company has developed a camera that can actually see through clothes from up to 80-feet away. The camera can detect if people are hiding devices in their pockets or under their clothes.

The ThruVision T5000, will no doubt anger many people who think that it breaks privacy laws. However people who have to go through security checkpoints should have nothing to hide, if this improves security at airports then I am all for it.

The ThruVision T5000 camera uses a technology called Terahertz, or T-rays as it is better known. Do not worry though; it will not be able to see your private parts.

Source - Reuters

Mac OS X flaw: Apple confirms Keychain password security glitch

Apple has finally admitted that there is in fact a flaw with their Mac OS X, this security glitch exposes Keychain password when you want to active the user account. According to Declan McCullagh from CNET, the security glitch is part of a Read more

The Colour Cube: Fun & Security in One

This colour cube is a great idea it will allow its owner to create their own combination for security, rather than using a text version. It will however, take more time and effort to get to your Read more

Security breached at Heathrow Airport: Greenpeace campaigners climb on Boeing 777

After all the terrorist attacks in the world you would think that Heathrow, the world’s busiest airport would have tight security. Well think again as security has been breached at Read more

Door Key Replaced by Remote Mobile Service

It looks as if there may be a concept phone which would mean you won’t have to carry your house keys about any longer, it is from DoCoMo called Osaifu-Keitai andit will work with a special door lock which will replace your normal lock and key. Read more