Ironpaper Current: Web design, online marketing, internet news, security and business online

Posts Tagged ‘security’

« Older Entries

New Exploit For IE Security Hole Published Via Twitter

Thursday, March 11th, 2010

An Israeli security researcher recently published his new discovery, the exploit code for a security hole in Internet Explorer web browser, via his Twitter page. The researcher discovered the exploit after receiving clues from a McAfee blog post.

This new exploit affects IE 6 and IE 7  web browsers. The exploit has been targeted already in attacks and potentially could enable an attacker  in taking control of a users system.

Microsoft’s next scheduled patch is in four weeks.

Resources: Targeted Internet Explorer Zero-Day Attack Announced (CVE-2010-0806), McAfee

Tags: , ,
Posted in Industry News | No Comments »

Spam now accounts for 90% of email traffic due to February surge

Tuesday, March 2nd, 2010

February was a bad month for email. Due to a surge in the month of February, spam now accounts for 90% of email traffic according to Symantec. Two botnets, named Grum and Rustock, helped this spam surge by pushing up spam levels 5.5 percent. The Grum botnet came back from a period of plateau to increase activity by 51%. The rise of both botnet systems were linked to activity related to Canadian pharmaceutical spam.

Country specific:
Spam levels reached 93.4% of all e-email in Italy last month
Denmark was at 92.8%
Russia at 91.8%
US was 90.2%

Tags: , , , , , ,
Posted in Industry News | No Comments »

Pentagon Allows Social Media Within Non-Classified Network

Saturday, February 27th, 2010

Until recently, the Pentagon has stayed away from social media such as Facebook and Twitter. Pentagon will be moving forward with the use of social networking tools as a communication bridge between the public and the non-classified activities of the agency–as announced in a press release from Feb. 26th 2010 containing the headline “DOD Releases Policy for Responsible and Effective Use of Internet-Based Capabilities”. It will also allow the social networking tools to be used within it’s Non-Classified Internet Protocol Router Network (NIPRNET)–saying that it found a proper balance between the necessary security criteria and the use of social tools.

The Pentagon recognized that the decision between social networking and security is not a yes/no decision. Although the military has been using social networking for quite some time, it has never been a unified approach across all it’s branches.

Tags: , , ,
Posted in Industry News | No Comments »

Twitter Suffers From Another Phishing Attack Feb 2010

Wednesday, February 24th, 2010

Twitter users have experienced another phishing attack during the week of Feb. 22nd 2010 according to security firm Sophos. This attack featured a headline “This you????” following a false Twitter login page. Should a user login to the false Twitter page, then the attackers would have the login credentials to access that users account and expand their phishing attack base. The distribution radius was exceptionally wide due to third party services such as GroupTweet, which allows mass Tweets.

Tags: , ,
Posted in Industry News | No Comments »

Two Chinese Schools Linked To Attacks Against Google

Sunday, February 21st, 2010

The Chinese Government often employs the help of volunteers to carry out cyber attacks. These volunteers have been dubbed “patriotic hackers” and often have indirect ties to the government. In the case of the recent attacks against Google and numerous American businesses, two Chinese schools, elite Chinese university and a vocational school, may have been involved in the attacks stated investigators from Google and the National Security Agency. Prior to this discovery, the investigations have ended in a trace to servers in Taiwan.  The Lanxiang Vocational School was established with military help train computer scientists for military work. Some critics has asserted that the school is a front for government operations and possibly non-traditional cyber warfare. Meanwhile, Chinese news source, Xinhuanet contends that the NYT report was untrue and unfounded–stating that such claims are more akin to “ science fiction” than actuality.

Resources:

http://www.washingtonpost.com/wp-dyn/content/article/2010/02/19/AR2010021902643.html?hpid=moreheadlines

http://www.nytimes.com/2010/02/19/technology/19china.html

http://news.xinhuanet.com/english2010/china/2010-02/21/c_13182350.htm

Tags: ,
Posted in Industry News | No Comments »

49 House Websites Attacked Following State Of The Union

Thursday, January 28th, 2010

Following the State of the Union address, 49 websites of the House of Representatives were hacked. The websites were defaced with clear anti Obama messaging. The websites were all managed by a single company. The incident occurred when the company was working on a system update.

Tags: , ,
Posted in Industry News | No Comments »

Cyberattack Targets Chinese Human Rights Websites

Tuesday, January 26th, 2010

The websites of Chinese Human Rights Defenders (CHRD), Independent Chinese Pen (ICPC), New Century News, Canyu and Civil Rights and Livelihood Watch (CRLW) were attacked on January 23 and 24 by hackers of an unknown origin.

A distributed denial of service (DDOS) brought down the websites for approximately 16 hours. At the height of the incident, the frequency of the attack was at 2GB per second. It was the most intense attack that their Internet Service Provider has experienced in the history of their business.

Prior to this DDOS attack, malware was installed on the server of the websites for CHRD and New Century News. Some of the attacks have coordinated with “sensitive” dates for the country of China.

Tags: , , ,
Posted in Industry News | No Comments »

AT&T Statement Says Wrong Facebook User Access Problems Fixed

Monday, January 18th, 2010

AT&T released a statement that new security measures have been added to their network to prevent the types of problems that caused users to access the wrong Facebook account via their mobile phones unwittingly.

“In a limited number of instances, a server software connectivity error resulted in some AT&T wireless customers being logged in to the wrong Facebook account when they accessed Facebook through their mobile phones,” Michael Coe, an AT&T spokesman, said in a statement.

In addition, AT&T addressed another issue which allowed a user to disable subscriber identification information as an option for automatic log-on.

Tags: , , ,
Posted in Industry News | No Comments »

AT&T Glitch Gave Access To Wrong Facebook Account

Sunday, January 17th, 2010

A Facebook user logged into Facebook from their mobile phone and gained access to another Facebook user’s account. The user was an AT&T subscriber, and a glitch in the network was the cause of the identity violation–revealing a very disconcerting flaw in security for the mobile web.

Currently it is unknown just how common (or uncommon) this error is. The access data mix-up may be an extremely rare flaw based on an extreme set of conditions or it could simply be under-reported. Some security experts have also noted that this flaw is possible with email and also with PCs as well.

AT&T commented on this issue stating that the network problem behind it is being fixed. This is not to say that other similar glitches may not arise as internet connectivity demands grow.

Tags: , ,
Posted in Industry News | No Comments »

Increased Attacks Against Social Networks Are Expected In 2010

Wednesday, December 30th, 2009

According to a recent report by McAfee Labs, social networking websites will face even more attacks by cyber criminals in 2010. In addition, products by Adobe Systems, such as Acrobat Player and the Flash plugin will face increased security issues in the coming year. McAfee Labs explained that there will be a new breed of “smarter and more dangerous” Trojans as well as a more significant bot network that poses are growing concern for information and financial security.

Tags: , , ,
Posted in Industry News | No Comments »

« Older Entries