Russian spy exposes awesome password by writing it down - doh!
Wednesday, June 30, 2010
Saturday, June 26, 2010
"Recently we got the best-ever cease and desist letter. We're no stranger to the genre, so what could possibly make this one stand out from the rest?
First, it's 12 pages long and very well-researched (except on one point); it even includes screengrabs of the offending item from our site. And we know they're not messing around because they invested in the best and brightest legal minds.
But what makes this cease and desist so very, very special is that it's for a fake product we launched for April Fool's day."
Wednesday, June 23, 2010
"HTTPS Everywhere is a Firefox extension produced as a collaboration between The Tor Project and the Electronic Frontier Foundation. It encrypts your communications with a number of major websites.
Many sites on the web offer some limited support for encryption over HTTPS, but make it difficult to use. For instance, they may default to unencrypted HTTP, or fill encrypted pages with links that go back to the unencrypted site.
The HTTPS Everywhere extension fixes these problems by rewriting all requests to these sites to HTTPS."
Check it out...
Monday, June 14, 2010
Friday, June 11, 2010
"Most Internet users know to watch for the telltale signs of a traditional phishing attack: An e-mail that asks you to click on a link and enter your e-mail or banking credentials at the resulting Web site. But a new phishing concept that exploits user inattention and trust in browser tabs is likely to fool even the most security-conscious Web surfers."
Thursday, June 10, 2010
Wednesday, June 9, 2010
ZeuS is a well-known banking Trojan horse program, also known as crimeware. This trojan steals data from infected computers via web browsers and protected storage. Once infected, the computer sends the stolen data to a bot command and control (C&C) server, where the data is stored.
ZeuS is sold in the criminal underground as a kit for around $3000-4000, and is likely the one malware most utilized by criminals specializing in financial fraud. ZeuS has evolved over time and includes a full arsenal of information stealing capabilities:
• Steals data submitted in HTTP forms
• Steals account credentials stored in the Windows Protected Storage
• Steals client-side X.509 public key infrastructure (PKI) certificates
• Steals FTP and POP account credentials
• Steals/deletes HTTP and Flash cookies
• Modifies the HTML pages of target websites for information stealing purposes
• Redirects victims from target web pages to attacker controlled ones
• Takes screenshots and scrapes HTML from target sites
• Searches for and uploads files from the infected computer
• Modifies the local hosts file (%systemroot%\system32\drivers\etc\hosts)
• Downloads and executes arbitrary programs
• Deletes crucial registry keys, rendering the computer unable to boot into Windows
Thursday, June 3, 2010
"Are you sick of always digging in your pocket for that darned hotel room key? And God forbid you lost the thing and have to convince the desk clerk you're you and deserve a replacement, maybe even for a fee! Thanks to a new application that works on nearly every smartphone on the market, you can open your hotel door with your phone and avoid pesky keys or wasteful plastic access cards."