Cybersecurity

Share Office Docs Safely

Cybersecurity

People v. Process

Philip Reitinger, deputy undersecretary of the National Protection and Programs Directorate at the Homeland Security Department, claims <a href= http://www.govexec.com/story_page.cfm?articleid=46357&dcn=todaysnews>people are more important</a> than process when it comes to protecting America's cyber infrastructure. Is he right?

Cybersecurity

Critical Adobe Patches

Adobe published a pretty big <a href="http://www.macnn.com/articles/10/10/06/mac.updates.for.9x.and.82x.available.now/">patch</a> on Wednesday for its reader and <a href="http://www.adobe.com/support/downloads/detail.jsp?ftpID=3806">acrobat programs</a>.

Cybersecurity

Army Tops Air Force, Navy

In the midst of a computer's worst nightmare -- malicious files, malware and corrupted Web servers -- the unlikeliest of responders burrows in and wages a winning defense. It's the U.S. Army, a military branch that's not exactly synonymous with cybersecurity.

Cybersecurity

LinkedIn and ZeuS

ZeuS, a password stealing Trojan, is not a new threat but it is the cause of some discomfort for users of the social media site LinkedIn. ZeuS is a family of malware that you can buy, and various organizations run these botnets for profit. Attackers typically will try to trick you into installing the ZeuS malware with a fake link.

Cybersecurity

BitTorrent Protection

<a href="http://www.bittorrent.com/">BitTorrent</a> users, a free, open source peer-to-peer file-sharing application, might be wondering how to protect themselves. It's quite difficult to know when a download is masquerading as something it isn't. And while some might associate the tool with those who download illegal music, movie and software files, it's also used in legal ways. For example, users quite frequently download Linux distributions, some of which exist in DVD, a form that can only be obtained via BitTorrent.

Cybersecurity

Out-of-Band Patch

Microsoft just published an out-of-band patch for its <a href="http://en.wikipedia.org/wiki/Active_Server_Pages">ASP</a> .NET vulnerability. The vulnerability allows for remote cracking of some encryption keys via an oracle vulnerability. Any system telling an attacker some fact about a piece of encrypted data is dubbed an "oracle."

Cybersecurity

ESPN Fantasy Football Flaw

ESPN fantasy football players beware: The system is rife with security flaws. According to security experts, the vulnerabilities exist in the URL the site uses as a final confirmation when making roster decisions. The site is not authenticating the requests correctly, so by essentially editing the URL, a player can make changes to another player's team.

Cybersecurity

Any Word on Zeus?

Earlier this year, the <a href="http://krebsonsecurity.com/2010/02/zeus-attack-spoofs-nsa-targets-gov-and-mil/">Zeus</a> banking Trojan infected hundreds of computers within the federal government leaving experts no choice but to prepare for a mass attack. The then e-mail campaign was designed to steal passwords, but at the time was only sent to government and military e-mail addresses.

Cybersecurity

Strange Facebook Status Updates

Another day, another potential <a href="http://www.facebook.com/">Facebook</a> vulnerability.