Security

A New York senator has called for major US Internet sites to offer all of their web pages in secure mode. Charles Schumer says the move would help protect against theft of data through public WiFi networks. The request involves the hypertext ... transfer protocol, which is the technical system used for transferring data between a website and a user, and vice versa. The protocol is available in two forms: standard (in which page addresses begin with http://) and secure (in which page addresses begin with https://). Secure Browser Sessions Encrypted, Denoted by Padlock In a secure connection, which ... (view more)

A new feature in Internet Explorer is a major boost for Microsoft's web browser "Tracking Protection" system. The feature, which will debut in Internet Explorer 9 , is a response to calls by the Federal Trade Commission (FTC) for Internet to make it ... easier for users to opt out of being tracked online . The FTC doesn't want sites to ditch all tracking activities, but rather desires site visitors to have the power to prevent their details being passed on to third parties. This is most relevant with advertising; for example, if a company wants to display an advertisement based around the ... (view more)

A computer science graduate student and his friends claim to have found a way to use distributed denial of service (DDoS) attacks to take down large gateways of the Internet -- an act never before thought possible. The method, referred to as the ... "Coordinated Cross Plane Session Termination (CXPST) Attack," would require approximately 250,000 personal computers to target the Border Gateway Protocol (BGP) network routers in the attack. This style of coordinated denial of service attack is referred to as utilizing botnet , or a virtual "robot" network of computers under the control of ... (view more)

Microsoft says it's unlikely that hackers will successfully exploit a recently discovered security bug in Windows. The company says that if the bug is abused, it would likely result in a denial of service attack instead. As noted on Wednesday, the ... problem involves system files related to Windows network file and printer sharing. Hackers are often particularly interested in exploiting such system files as they are a potential entry point between a networked computer and the outside world (via the Internet). Denial of Service Risk to Windows In this case, the Windows exploit appears to have two ... (view more)

A week after pro-WikiLeaks hacker organization 'Anonymous' reportedly infiltrated one of the security firms investigating their activity, the group has now published more than 70,000 emails stolen during that initial attack. Some of the messages ... reveal staggering details that could hurt the targeted company's reputation. HBGary Federal is an American security company investigating Anonymous, which late last year admitted responsibility for a series of hacks against major financial institutions, including Visa and MasterCard . All of the targeted institutions had, at the time, recently ... (view more)

According to a recent report from security firm McAfee, Chinese cyber criminals have been leading coordinated and covert attacks on major Western energy companies since November 2009. McAfee, which has dubbed the cyber terrorism offensive 'Night ... Dragon', says oil and petrochemical firms have been affected. Perhaps the most surprising finding in the report is that many of these major companies, which have not been named, do not appear to have had particularly robust defense measures in place. "The attacks were not very sophisticated and did not use any zero-day exploits ," noted McAfee Labs ... (view more)

Elite hackers and ethical computer security enthusiasts are preparing themselves for the Pwn2Own competition, which challenges participants to break through security of popular software programs (such as web browsers). Once software is breached, it ... is referred to as an "exploit", in which hackers are then able to gain access to other areas of the computer's operating system without restrictions. It's these types of attacks which occur on web sites frequently, where visitors become instantly infected just by visiting a malicious website containing an unknown exploit (also referred to ... (view more)

Microsoft has finally put the brakes on a feature in Windows XP and Vista designed to automatically run applications (and virus infections) on a USB drive. The feature had been open to abuse by virus creators and was blamed for helping the wide ... spread of the Conficker virus, which wreaked havoc PCs back in January of 2009. Back then, it was estimated 9 million PCs were infected with Conficker, which was first discovered only 3 months prior . Automated Virus Infection as Easy as 1-2-3 The exploit involves two separate technologies: Windows AutoRun, which automatically runs a setup program as ... (view more)

A security company investigating cyber attacks by the pro-WikiLeaks group 'Anonymous' have been hacked. Anonymous, which has been accused of hacking websites owned by financial institutions that once supported but have since abandoned their ... associations with WikiLeaks, boasted of the attack on Twitter. HBGary Federal is a security research company that has been working with the Federal Bureau of Investigation (FBI) towards identifying and prosecuting the leaders of Anonymous, an underground organization of hackers which stand accused of attacking Visa, Mastercard International and PayPal. All ... (view more)

Two men accused of scamming PC users into buying bogus security software have agreed to pay the Federal Trade Commission (FTC) an estimated $8.2 million. The money will go towards refunding the victims. Fake security software and similar scams of ... this nature are known as " scareware " -- software which is purposely designed to scare users into making a purchase. The scareware duo were made up of a father and son team. Maurice and Marc D'Souza are reported to have been involved in a massive scam that involved selling more than 1 million copies of fake security software to Windows ... (view more)