Archive for the ‘security’ Category

Huge Windows Patch Next Tuesday

February 5, 2010

Microsoft has said it will deliver a record-equalling 13 security updates next Tuesday to patch more than two dozen vulnerabilities in Windows and Office. The company will ship a total of 13 updates next week; five of them pegged “critical,” the highest threat ranking in its four-step scoring system.

The 13 updates will, according to ComputerWorld, tie the record from October 2009, when Microsoft issued the same number of bulletins, but fixed a total of 34 vulnerabilities. According to Jerry Bryant, a senior manager with the Microsoft Security Response Center (MSRC), next week’s updates will patch 26 flaws.

(more…)

Advertisements

French Government Pushes for End to Passwords

February 3, 2010

It seems that the French government considers the whole “input your password” method of account security to be a little dated, instead advocating a system of ‘digital certificates’ for access to accounts.

Nothing like a nice, secure password 😉

Word of the change comes from TechRadar, which has it that the latest plan comes directly from France’s secretary of state, Nathalie Kosciosku-Morizet, whose brainchild the whole digital-certificate project is in the first place. It’s certainly an interesting prospect, and one that only gets more interesting the more you read about it, particularly its applications when it comes to official documentation. Indeed, it seems the certificate won’t be accessible to too many services.

(more…)

PlayStation 3 Hack Released

January 27, 2010

It seems that the recently revealed hack for Sony’s PlayStation 3 has now been released to the web at large through the medium of the hacker, George “Geohot” Hotz’, blog.

With many questioning the veracity of Hotz’ claim that he had managed to hack the PlayStation 3, or simply to what extent that hack might be useful, it seems that the most sensible move would be to simply release the hack into the wild and see just what the community at large can do with it. Still, it’s well worth keeping in mind that this is the same man who originally managed to hack the iPhone.

Perhaps the most detailed (without being so complex as to be practically incomprehensible) writeup on the first exploit to hit the PS3 has come from Eurogamer.net, which quickly points out that,

(more…)

Top 20 Easy-to-Guess Passwords

January 25, 2010

Security firm Imperva has been taking a look at just what kinds of passwords people use for web-based service RockYou, and found that there is a disturbing trend towards easily hacked options.

Surprising, 'QWERTY' is very low on the top twenty...

Indeed, according to Imperva’s data, taken from a hack towards the end of last year that saw somewhere in the region of 32 million passwords. Because of the fact that these passwords were all stored in plain text, it seems to have been fairly simple for the folks at Imperva to sit down and crunch the numbers to put together a list of the top twenty most-used (and consequently, least secure) passwords. Some are interesting and to be expected, but there are a few strange ones in there as well.

(more…)

Boards.ie Hacked, Change Your Passwords

January 21, 2010

For those who’ve been having issues figuring out what to do with themselves after yesterday’s sudden Twitter outage, today’s Boards.ie outage has probably caused a similar issue when it comes to combating workplace boredom.

Godspeed gentlemen 🙂

The word from the folks at Boards.ie is that its database was attacked by a source outside Ireland. Apparently, the attack saw those portions of the Boards’ database that contain members’ usernames, email addresses and “obfuscated passwords” accessed by the attackers. The folks from Boards had the following quick pieces of advice for anyone who has an account with them,

“If you use the same password on Boards as you do on other services, you should change it on those other services to be safe. Boards passwords are NOT stored in plain text, they are obscured with the standard vBulletin ‘Hash.’ While this provides strong protection, we have altered all passwords on Boards as a precaution and suggest you take this time to alter other similar passwords.”

(more…)

US Government not Interfering with Google/China

January 18, 2010

The US government is to stay well out of Google’s ongoing spat with China after the company reported a massive cyber attack on its Chinese operation last week.

The initial response from the White House came from spokesman Robert Gibbs, who said that, “The president and this administration have beliefs about the freedom of the internet… The right to a free internet is what many of you heard the president talk about in China.” Now though, it seems as though there’s been a bit of a backtrack, and the US government doesn’t want too much to do with the whole kafuffle.

(more…)

Microsoft Downplays Google’s China Stance

January 15, 2010

Microsoft and Hewlett Packard’s executives have both admitted that they won’t be backing Google’s stance in China, after it revealed this week that it had been the target of a major attack.

Despite Google having received word of support from both Yahoo and the White House when it announced that it would no longer be censoring content on its Chinese services, Microsoft and HP have both gone in the opposite direction. Indeed, according to the Financial Times, Microsoft CEO Steve Ballmer essentially admitted that China was a big enough market to be worth the headaches.

(more…)

Facebook Giving Away McAfee

January 14, 2010

In an unusual attempt to keep its users’ machines as safe as possible, Facebook has made the move of making McAfee available for free to any of its users who would like to run the software and see how things pan out.

Facebook’s move to give away the security software comes after some fairly serious questions were raised about the site’s security towards the end of last year. While this won’t be helping Facebook’s security itself, it does give users an option to protect themselves, for the next six months at least, and that’s where the benefit lies for the folks at McAfee.

(more…)

Google Stops Censoring in China

January 13, 2010

In a very surprising turnaround indeed, it seems that Google has apparently decided it’s time to stick it to the man and has announced that it will no longer be censoring content in China.

Indeed, according to Google’s own blog on the subject indicates that the company is very much aware of the fact that it could be forced out of the Chinese market by such a decision, but has proceeded regardless. Indeed, according to the blog post from Google’s senior vice president of corporate development and chief legal officer, Dave Drummond, it seems that the folks at Google are not only well aware of that potential outcome, but don’t seem too scared of it. Drummond also takes time to talk about what precipitated the move.

(more…)

Android App Steals Bank Details

January 11, 2010

It seems that a rogue android application, downloadable from the Android Market, has been doing the rounds, gaining access to people’s internet banking.

It may not have aged too well, but the Android is still pretty cute 🙂

According to the security warning from First Tech Credit Union, the app, developed by Droid09, ‘creates a shell of mobile banking apps that tries to gain access to a consumer’s financial information.’ It’s scary stuff, but it seems that users who have downloaded the app could well have had their details harvested, which is dodgy territory indeed.

(more…)