Security

Did Nokia pay for vulnerability information?

ITworld staff — Thu, 21 Aug 2008 12:28:33 -0400

Nokia confirmed Thursday its widely used Series 40 operating system has security vulnerabilities that could allow stealth installation and activation of applications.

China Netcom falls prey to DNS cache poisoning

ITworld staff — Thu, 21 Aug 2008 10:22:04 -0400

One of China's largest ISPs (Internet service providers) has fallen victim to a dangerous vulnerability in the Internet's addressing system, according to security vendor Websense.

Android puts out call to mobile security gurus

ITworld staff — Wed, 20 Aug 2008 17:10:00 -0400

Developers of Android, the Linux mobile platform spearheaded by Google, are asking security experts for input.

Why no news is bad news – at least when it comes to malware

Markus Jakobsson — Tue, 19 Aug 2008 20:55:24 -0400

Once upon a time, malware authors wrote code to infect thousands of machines for entertainment and intellectual stimulation. Today, it's all about the money, and the greatest threat may lie in the silence, making a far more dangerous landscape.

Judge dissolves gag order against MIT students

ITworld staff — Tue, 19 Aug 2008 15:06:26 -0400

A U.S. District Court judge on Tuesday dissolved a gag order against a trio of MIT students who said they found flaws in the Massachusetts transit authority's ticketing system.

Application Whitelisting Solution for Point-of-Sale

kbradshaw — Mon, 18 Aug 2008 17:28:47 -0400

Secure your POS systems while maintaining compliance!

Scammers replace credit card readers in Irish stores

ITworld staff — Mon, 18 Aug 2008 16:32:44 -0400

Fraudsters in northeast Ireland posing as authorized bank service personnel replaced credit card readers in retailers' stores with their own, capturing data that can be used to empty bank accounts and make purchases.

Accessing Remote Data Part 3

James Gaskin — Mon, 18 Aug 2008 12:53:11 -0400

Last time (Accessing Remote Data Part 2) we talked about setting up secure remote communications from one stationary location like a home office to another stationary location like the main office. This time, let's talk about providing remote data access to those users wandering around from place to place. After all, since your laptop is portable, you may want to start moving around with it under your arm yet still do business.

UK justice agency loses 45,000 personal records

ITworld staff — Mon, 18 Aug 2008 11:03:45 -0400

The U.K. Ministry of Justice has lost the personal details of 45,000 people, in a string of incidents over the past year.

Even More Thoughts on Forensics

Edward Haletky — Mon, 18 Aug 2008 07:44:05 -0400

Acquiring virtual machines can be difficult if the VM resides upon a virtual machine file system (VMFS). Mainly because nothing but ESX understands a VMFS. Given this how do you acquire the appropriate files for forensic analysis in a forensically sound way?