Here is the article
http://news.cnet.com/8301-30684_3-10397006-265.html?tag=mncol;txt
Sunday, November 22, 2009
Saturday, November 14, 2009
MAC Is No Longer Virus Immune
OK, I know it had to happen sometime. Apparently MAC is now getting it share of viruses, worms and other assorted maladies. Bah Humbug!!! I am bummed.
Here is the article:http://www.technewsworld.com/story/Safe-Mac-Computing-on-an-Unsafe-Web-68653.html
All in all, I will still take my MAC..... once you've had a MAC you never go back
Sunday, November 8, 2009
Your IPhone May Be Wormy
Apparently the first worm to target IPhones has just wormed it way 'in' to Australia.
The worm, called 'ikee' replaces your wallpaper with a picture of Rick Astley ( I am too old to know these young stars). The phones must first be jailbroken... anyone care to explain that to me????... and looks for other jailbroken users using Unix SSH and haven't changed the default password yet. See, there is a positive to not owning the cool iPhone. I guess I'll stick with my cheap.. but worm free ... Cricket
Sunday, November 1, 2009
Domains are Changing Forever
On Nov 16, ICANN will allow domain names with non-Latin characters. Nations will be allowed to apply for extensions that end in their native characters. For example, China would be allowed to use the Chinese alphabet, etc. What is amazing, and then not really, is that 42% of the world's internet users are located in Asia. So why shouldn't they have a say in how it's done. ICANN is doing it to avoid fragmentation, but it seems to me this could pose some big problems. For instance, how will I be able to type in an URL without chinese characters on my keyboard. I guess they have that all figured out.
Here's the article:
http://www.technewsworld.com/story/ICANNs-Tower-of-Babel-Decision-May-Prevent-Net-Schism-68522.html
Friday, October 23, 2009
Phishing Prevention
Interesting article on preventing phishing with social engineering tests. Here it says that new phishing attacks are geared directly toward employees. Voice phishing is also on the rise, with a man in the middle attack. According to this article, setting up regular tests and awareness training for employees is a key element to curbing such attacks.
Does it sound 'phishy' to you? Or not?
http://searchsecurity.techtarget.com/tip/0,289483,sid14_gci1371307,00.html?track=NL-105&ad=732419&asrc=EM_USC_9666669&uid=9209486#
Monday, October 19, 2009
66% websites infected with cross site scripting/SQL injection attacks
Kinda bogles the mind, doesn't it? 66% of websites are infected. Most of the time, it is done for information.... a kind of ID theft. And is apparently easy to do. However, this would drop dramatically if coders would code with security in mind. Using open source apps that are more 'open' are really beginning to scare me. Guess I will have to learn to be a better coder !!!!
Here is the article:
Friday, October 9, 2009
Almost 100 Arrested Worldwide in Phishing Scheme
Today the FBI arrested about 33 people in California, North Carolina and Nevada for a
phishing sheme which cost victims about 1 million dollars. Egypt also arrested individuals involved in this "con". What I find interesting is that it just reinforcing the need for international laws regarding the web. Security is global, not just national.
http://www.technewsworld.com/story/68324.html?wlc=1255137673
Saturday, October 3, 2009
HR and IT
Here is a white paper about the benefits of forming a bond between HR and IT
http://viewer.bitpipe.com/viewer/viewDocument.do?accessId=10622579.
Discusses impact of employees on security. Right up this class's ally, so to speak.
Sunday, September 27, 2009
Google launches 'sidewiki'
On Wednesday, the big G lauched a new web annotation took for IE and Firefox ( and here I use Safari... I guess their love affair with APPLE is over) that allows people to make comments about a website. Here is the article:http://www.technewsworld.com/story/Google-Wends-Its-Way-Into-Web-Annotation-With-Sidewiki-68207.html. However, as the author notes, some people are finding a negative to this. For all of us who are bloggers, we can no longer moderate comments. Also, since comments, and their lively disscusion is what brings traffic to a website, this may have a limiting effect on popularity. Although I think Google is a very smart decision maker, I am not sure this will turn out to be such a smart decision in the long run. Will have to wait to see.
Monday, September 21, 2009
Microsoft suing Companies who hide malware in ads
In a Microsoft blog post, MS announced 5 lawsuits against companies practicing 'malvertising'. So what's that? It's when companies purposely add malicious code hidden in advertising. Nasty stuff. A few reccommendations they list to avoid malvertsing include having up to date anti virus, firewalls and anti-malware tools. And don't let a website 'scan' your computer for software programs you don't know.
So here is my question. How does one sue a company if it is in, say, Iran, or Russa, or China? Are their internet laws the same as ours? Do we even have laws against this type of happening? Are there common international laws? Perhaps there should be.
Here is the blog post by Microsoft:
http://microsoftontheissues.com/cs/blogs/mscorp/archive/2009/09/17/bad-ad-going-after-the-malvertising-threat.aspx
Monday, September 14, 2009
wordpress new security
Have just upgraded to Wordpress's new version which is supposed to fix the worm problem..... we'll see.
When I looked at users listed in the user list, compared to the users listed in the wp_users file, I had an extra admin person listed. So he is gone now, and so is the extra code written there as well. Yippee!!! I have been dewormed.... I hope.
Wednesday, September 9, 2009
No more MAC addresses for Comcast opt out??
Here's the article. http://arstechnica.com/tech-policy/news/2009/09/no-more-mac-address-comcast-streamlines-dns-helper-opt-out.ars
Seems like this is appropiate for what we are talking about... but what is this article talking about?Thought you all might enjoy it.
Monday, September 7, 2009
New Secure File Transfer system just launched
Thought this was timely, so I thought I would throw it out to everyone
Stonebranch just launched new software.
http://www.scmagazineuk.com/Stonebranch-introduces-secure-file-transfer-solution/article/148276/
The Worm that Got Me
For the last several months I have been dealing with a 'problem' within my wordpress blog. Dave,the good friend that he is, found some of the issues involved, and I have been limping along ever since.Interesting to note that my ISP couldn't even find a part of the problem at all. Now Wordpress is acknowledging that a worm has not been playing nice with Wordpress.
Matt Mullenweg( wordpress creator), says:
"Right now there is a worm making its way around old, unpatched versions of WordPress. This particular worm, like many before it, is clever: it registers a user, uses a security bug (fixed earlier in the year) to allow evaluated code to be executed through the permalink structure, makes itself an admin, then uses JavaScript to hide itself when you look at users page, attempts to clean up after itself, then goes quiet so you never notice while it inserts hidden spam and malware into your old posts."
Here is the full article:http://www.podcastingnews.com/2009/09/05/the-wordpress-fix-wordpress-doesnt-want-you-to-know-about/
I happen to agree with many who have commented that this 'fix' in not really a fix at all.
When Wordpress was started, it was just about the only good game in town. Now I see other programs giving it a run for it's money. Although I really like Wordpress, and think it has a lot to offer( great support, plugins, and just plain ole great people), Wordpress needs to up it's security and really make it harder for hackers to hack, or it may just lose it's "King of the Hill" status.
Saturday, August 29, 2009
Egads.... Was I just hacked???
OK, here's what happened. I left my computer for about 30 minutes, came back and my command line terminal was open. Was I just hacked? I am thinking this is a great class for me to be taking!
Is there anything I can check to see if, indeed, I was hacked?
Thursday, August 27, 2009
WPA encryption broken in ONE Minute
Yep, literally one minute to crack the second generation of Wi-Fi security systems. Here's the article: http://tech.yahoo.com/blogs/null/147906
Seems that if your wireless has AES... which I am learning about this week, then you are OK. WPA2, the third generation systems is still uncrackable... for now... as well. One person reccommends using MAC, so I am looking that up now.
But here's my question: How close to the wireless product does the attacker need to be? Should I look for suspicious cars driving the neighborhood, or see who is sitting next me at Micky D's? Today, with almost every coffee house, library, or building having Wi-Fi accessibility, this seems to provide a very high risk for getting attacked. I don't really carry sensitive data on my IPOD Touch, etc, but perhaps I should look to see if there are files that aren't mine on it.... or would I even be able to 'see' them?
This seems pretty scary to me.
Download Windows Server 2008 R2
Free trial can be downloaded: http://technet.microsoft.com/en-us/evalcenter/dd459137.aspx. All I want to know is, What's a Server?.... just kidding.
Here is a video about a new file classification infrastructure introduced with the Windows 2008 server
http://edge.technet.com/Media/The-New-File-Classification-Infrastructure-PM-Team-Talk/ ( sorry can't embed) .
This File Classification Infrastructure is intended to aid risk management of data, as well as manage data storage problems. This classification system can help identify sensitive data sitting on public servers. It also allows for custom IT scripts.
Thursday, August 20, 2009
Newbie's New Post
Hi All,
Just saw an interview of John Curran on Slashdot.org, regarding IPv6 and why it matters. For you viewing entertainment, here is the link: http://tech.slashdot.org/story/09/08/20/1423224/IPv6-Challenges-and-Opportunities?art_pos=6. New to all this, I became aware that we are about to run out of IPv4 addresses within the next 2-3 years and, consequently, will need to migrate to IPv6 shortly.(ps.. I had to read about what exactly an IPv4 address was on the wiki... boy am I learning a lot!!!). So the good news seems to be that most large equipment manufacturers, such as Cisco, have been preparing for this for some time. Routers and firewalls are already being made IPv6 compliant. However, enterprise data centers that want to support applications to the general public seem to be less 'ready' for this change.
Mr. Curran thinks this is a great opportunity for companies that can support both IPv4 and IPv6. I'm thinking that this is a great opportunity for those of us with 'insight', who can fill a niche helping companies get ready and plan for the change that is inevitable.Or is this not a big deal? I am too new to this to tell. What do you think?
Wednesday, August 19, 2009
Subscribe to:
Posts (Atom)
