IT administrators are racing to update systems ahead of the March 11 start to daylight-saving time (DST). Nobody's concerned about the firewall or antivirus software flaking out, but anxiety abounds over other potential security consequences.
Cisco's acquisition of XML vendor Reactivity today could set the stage for a new approach in handling the Web services security problem, experts say. Cisco announced its intent to acquire privately held Reactivity, a maker of specialized XML processing hardware, for $135 million this morning. On the surface, the deal looks like a simple play for the networking giant to incorporate Web services capabilities into its hardware lines, but security experts inside and outside Cisco say there may be more to it than that.
The IP extension IPSec is generally considered the most secure VPN technology. But it also has its weak points that special tools can find and exploit. Prudent administrators therefore test their own network
They have demonstrated that users could open up their router's traffic as a result of visiting a web page loaded with malicious javascript. The researchers said, "Settings on the router can be changed, including the DNS servers used by members of small, quickly erected internal networks. The attacks do not exploit any vulnerabilities in the user's browser. Instead, all they require is that the browser run JavaScript and Java Applets." While the threat to home routers is real, said the researchers, no actual attacks have so far taken place. Users would also first have to be persuaded to visit a malicious website for any attack to take place.
Home computer users who leave default passwords on network hardware unchanged could be at risk from attack say security experts. Researchers created an attack that surreptitiously redirects a user to nefarious sites once they have visited a booby-trapped webpage.
The intrusion prevention capabilities of Cisco Systems' routers could be prone to attack, after the networking giant revealed two vulnerabilities in its key operating system. The vulnerabilities affect those versions of Cisco's Internetwork Operating System (IOS) that start with "12.3" and "12.4". Almost all Cisco routers run a version of IOS. The flaws allow a hacker to circumvent the IPS protection built into the affected routers and also cause routers to crash.
Online payment firm PayPal announced that the company will offer a hardware key fob to users as an additional way of securing their accounts. The PayPal Security Key generates a new six-digit number every 30 seconds and displays the number when a button is pressed. Users that pay $5, a fee that is waived for business customers, will receive a key that they can then register to their account.
As end users at different companies conduct more business with one another via the Web, corporate information security strategies are being turned inside out literally. Corporate security managers have spent many years and tens of billions of dollars erecting sophisticated defenses designed to keep intruders out of their networks. But they
A PC connected to the Internet will be attacked by hackers every 39 seconds on average, new research has revealed. A study by the A. James Clark School of Engineering at University of Maryland found that hack attacks now occur at a "near-constant rate".
A denial-of-service attack apparently overwhelmed two of the thirteen root domain name servers early Tuesday morning, according to data collected by Internet infrastructure service RIPE NCC. The attack caused the G and L servers to fail to respond to at least 90 percent of queries, according to the RIPE data. Two other root servers also appeared to have suffered from dropped traffic, and the Associated Press reported that a third server had been overwhelmed by the attack.
The RSA president sees the security industry finally moving from defending the perimeter of a network to actually locking down the data within, he said in an interview. It is a message he has been repeating for years at the RSA Conference, but this year, he expects to see evidence of a response.
Breach Security announced the general availability of the ModSecurity version 2.0 open source web application firewall on a security appliance delivering the lowest cost commercial web application firewall available. Easy to deploy and manage, the ModSecurity Pro M1000 appliance includes the ModSecurity open source web application firewall, the most popular web application firewall with more than 10,000 organizations deployments worldwide. The M1000 is available now with a risk-free 30-day trial.
Michal Zalewski, an independent security researcher, announced the availability of Stompy, a free tool to perform a black-box assessment of Internet sessions IDs. While some session ID cookies generation algorithms are believed to be cryptographically secure, this is not the case for certain less-common enterprise web platforms.
Antivirus technology is a crock. It fails to prevent computers from getting infected with viruses, and this failure contributes to many other security woes that plague the world's computers. Because viruses spread, hackers find it easier to compromise computers, identity theft is better enabled, and computer fraud is easier to perpetrate. Virus-infected computers become a resource for hackers to exploit. Some hackers assemble and control networks of thousands of such computers and use them to distribute huge volumes of spam, mount sophisticated phishing attacks, and launch targeted "denial of service" attacks on companies. The level of virus infection is high. It's not an epidemic; it's a pandemic. How bad is it? That depends on how you look at it.
List of frequently seen TCP and UDP ports and what they mean. The goal of this port table is to point to further resources for more information.
The Blaster worm hit McCormick and Co. hard and fast. It entered the famous spice company through a service provider connection and ripped across plants and offices in a matter of hours. What was most vexing, however, was that the virus kept coming back on disinfected network segments. Upon further investigation, it turned out that Blaster, as well as some instances of the Sasser worm, were trying to repropagate from infected network printers.
Over the last ten years, our world has become interconnected in ways not previously imaginable. Today, for instance, people in Spain, the US, and Brazil can find out simultaneously that soccer-star David Beckham has switched teams. Small companies can now affordably be spread across the globe, and big companies can now have inter-office collaboration on a daily basis. But all of that interconnectedness relies in large part on our ability to protect the networks that create those connections. Unfortunately, and despite the best efforts of network security managers, the last five years have seen hackers and criminals become increasingly effective at compromising these networks, as they have quickly developed new and ever more malicious threats to network security.
The original idea was discussed by Stefano Di Paola in his paper Subverting Ajax. I have simply created a working proof of concept of ajax based sniffer. I have taken the same files as I demonstrated in ajax worm PoC.
One of the most important tools in a security professional's arsenal is the mighty 'sniffer'. Its power is never underestimated, never undervalued. A sniffer is many things to many people. In the right hands it is invaluable, allowing for the analysis of complex traffic passing over the network, in the wrong hands it can be a destructive force, allowing for the capture of confidential or sensitive data as it flows on the wire.
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
