Security News

Vuln: CUPS IPP Tag Handling Remote Buffer Overflow Vulnerability
CUPS IPP Tag Handling Remote Buffer Overflow Vulnerability

Infocus: Passive Network Analysis
Passive Network Analysis

Spyware Fighting Tools Needed (PC World)
PC World - Organizations and law enforcement agencies fighting spyware are making progress, but new tools in an antispyware bill stalled in the U.S. Congress could improve the efforts, a member of the U.S. Federal Trade Commission said Monday.

Brief: Microsoft, security firms warn over PDF attacks
Microsoft, security firms warn over PDF attacks

Bugtraq: Micro Login System v1.0 (userpwd.txt) Password Disclosure Vulnerability
Micro Login System v1.0 (userpwd.txt) Password Disclosure Vulnerability

Sophos reveals “dirty dozen” spam-relaying countries for Q3 2007
US captures high-profile spammers, but general computer security remains worryingly lax.

F-Secure sees smaller botnets on the rise
Cybercrooks are breaking down large botnets into smaller groups as they seek to increase their revenue, the security firm says.

Russian Crooks Spreading Gozi Trojan with PDFs (PC Magazine)
PC Magazine - Russian cyber-criminals are using malicious PDFs to broadcast a Gozi Trojan variant.

Trojan attacks get smarter, scarier
Network World Fusion - Jason and Keith discuss a Russian Trojan horse that went undetected for 50 days, a QuickTime flaw that exploits MySpace, a report that discusses where Internet attacks are coming from, and free speech wins over a law aimed at protecting children from

NAIS is a RUSE
Magic City Morning Star - Today’s children will equate the Trojan horse and the soldiers in its belly to today’s NAIS implementers. Anyone that seeks to wrest the bonds of family apart and dismantle this all-important bond of parents and children — whether done by an

Griz soccer faces pressure as postseason nears
CBS Sportsline - On paper, Montana’s matchup with league leader Sacramento State on Friday featured two of the Big Sky’s best young goalkeepers in Grace Harris and Mandy Trojan. On the field, they didn’t disappoint. Montana’s Harris came away with three saves en

Top-10 foes meet in Pac-10 clash
Seattle Post Intelligencer - When all is said and done this weekend, the Trojan defense will have run the spectrum in terms of offensive firepower over the last seven days. After having an easy time with Notre Dame’s pathetic unit, USC will now be faced with

Rare is the driver who isn’t mentored to success
Sports Illustrated - The story involves the famous Trojan horse, and not horsepower. Homer tells us that Odysseus, the King of Ithaca, asked his friend Mentor to look after his son Telemachus while he was off fighting the Trojan War. Odysseus was gone much longer than he

Taking responsibility
AME Info - Key logger - this hidden program logs all your key strokes, so everything you type in is recorded. This includes things like usernames and passwords on banking sites - anything you type gets transmitted back to the criminal that made it. Spammer virus

Top News
Pasadena Citizen - Webb said he signed a sworn affidavit on July 6 stating Magnolia Police Department Cpl. Mike Alexander asked hypothetical questions concerning the possible installation of key logger software and other specific questions related to MPD’s network. Key

MAAWG Attacks BotNets with Walled Garden Best Practices to Protect
Forbes - Among other threats, the malware might also include a “key logger” to record users’ keystrokes and capture passwords or sensitive financial information that is forwarded to identity thieves. Chasin said, “This is the first step and we’ll continue to

Anchiva Systems Unveils New Web Content Security Appliance to Help the
Yahoo Finance - Once a host on the network becomes infected, the hackers can then use the host to perform an array of malicious actions such as installing a key logger to steal sensitive information, planting a rootkit, backdoor or Trojan to gain access to the

MS07-060 - Critical: Vulnerability in Microsoft Word Could Allow Remote Code Execution (942695)
Bulletin Severity Rating:Critical - This security update resolves a privately reported vulnerability in Microsoft Word that could allow remote code execution if a user opens a specially crafted Word file with a malformed string. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

News: Nigeria enlists Microsoft to fight spam scammers
Nigeria enlists Microsoft to fight spam scammers

Aberdeen Group aims to dispel confusion about Network Access Control
Complete the Aberdeen Group survey and receive two complimentary reports worth $800.

Police arrest registered sex offender suspected of luring teen online
CNN - Frank said he is installing spy software on his computer to help him monitor what his daughter is doing. “We think our children are well behaved,” he said. “We have to watch them harder. We don’t know everything.” Speaking with Rodger Frank, Judd

Is your office spying on your online activities?
Rediff.com - There might be spy software installed on the network and screenshots from your computer could well be reaching your boss every 10 minutes. Varun Lamba*, working with an MNC in Bangalore says, “I hardly get any time to catch up with old pals as my

eBay ’sells software that spies on your PC’
Daily Telegraph - We have strict rules permitting only lawful and legitimate sales and a huge amount is done to ensure that these are upheld,” he said. He added that illegal spy software rarely appeared on the site. “Although we have 100million listings at any one time

The laws relating to monitoring your employees
Out-Law - The question of employee monitoring brings data protection and human rights issues into play. The use of CCTV, telephone, email and internet monitoring of employees will be covered by the Data Protection Act 1998 if they involve the processing of

Seagate Optimizes Drives for Digital Video Surveillance Systems
IT-Analysis.com - capture of his or her activity. We believe that this holistic investigation methodology will be another stimulus for the kind of specialized disk introduced by Seagate in this announcement. We will leave the sensitive issue of employee monitoring

Data protection update sessions
Out-Law - this major case has produced very different views on the significance of its impact on the meaning of ‘processing’, and Copland v UK , the ECJ has ruled that the UK was in breach of its privacy obligation in respect of employee monitoring. Using

Time to Update Your Employee Monitoring Policy?
Computerworld - While there are many onerous European labor regulations that are not observed by the U.S. divisions of multinationals, this is a serious enough issue begging the question, Do you really want to give your employees different levels of privacy based on

West takes fight against terrorism online
Boston Globe - Last month, thousands participated in a demonstration in Berlin to protest computer surveillance and data retention. Data storage is an issue because the government is seeking broad powers to trace contacts by fixed lines, cellphones, text messages