DNS Cache Poisoning Issue Update

Wednesday, July 30th, 2008

Ok, we have a confirmed instance where the DNS cache poisoning vulnerability was used to compromise a DNS server belonging to AT&T. This PCWorld article covers the incident. The original article makes it sound as though the Metasploit site was 'owned' by this incident when really the issue was ...

The Real Dirt on Whitelisting

Wednesday, July 30th, 2008

It’s déjà vu all over again. Whitelisting technology has enjoyed a resurgence of interest lately, with antivirus companies such as Symantec, McAfee, and Microsoft planning to add it to their blacklisting-based malware detection tools and some enterprises even dropping AV altogether in favor of whitelisting alone. All thanks to the ...

Gmail Shows “Never Send It To Spam” Filter

Wednesday, July 30th, 2008

Google’s webmailer Gmail has an apparently* new filter function named “Never send it to Spam”. Ticking this should ensure that a certain email – with criteria you define, like by entering your friend’s name in the “From” field – will not be accidentally sorted into the spam folder. It’s a ...

Exploit Reveals the Darker Side of Automatic Updates

Tuesday, July 29th, 2008

A recent study of Web browser installations showed that far too few are up to date with the latest security patches. And browsers aren't alone; as my dear old mum can attest, it can be hard to keep up with OS and application patches when all you want to do ...

Hacking Without Exploits

Tuesday, July 29th, 2008

Cybercriminals increasingly are employing no-tech or low-tech techniques for making big money online -- no exploits or sophisticated hacker tools required.The techniques themselves aren’t new -- some have been around for nearly a decade. But the Web model has made these schemes that capitalize on so-called business logic flaws more ...