| Scary tech stories: How dangerous user behavior puts networks at riskAs CIO at Bunker Hill Community College, Bret Moeller embraces students experimenting with technology as part of their education, but he'd prefer if their independent studies didn't involve hacking into the college's network. Network World, 12/10/07. IT managers fight to keep up with ESX patches
An increasingly large number of patches are being issued for VMware's ESX Server, and system administrators could be struggling to keep up, so says a virtualization blog site Virtualization.info. TechWorld, 12/10/07. Attackers poised to exploit Olympics, presidential elections in 2008
It was the year of the data breach in 2007, with the TJX fiasco topping a long list of data heists. So what afflictions are in store for 2008? Network World, 12/11/07. Spam flood hit '07 high in November, says SymantecSpam surged to 72% of overall e-mail traffic monitored by Symantec in November, the highest percentage for any month this year, according to Symantec's monthly "State of Spam Report." Network World, 12/11/07. Symantec Security Response blog: December State of Spam Report Trusted users pose significant security threats, survey finds
It probably doesn't give security managers much comfort to hear that the majority of internal employees that pose a significant threat to network security are well-meaning, innocent offenders -- as opposed to those with malice on the mind. Network World, 12/10/07. Duke Law School applicants warned of possible ID theft
About 1,400 Duke Law School applicants and two current students are being warned about identity theft concerns after hackers broke into the law school's Web site, where their Social Security numbers were stored in a connected database. Computerworld, 12/10/07. The 2007 Security Hall of Shame
How bad was 2007 for breaches, vulnerabilities and similar mayhem? On the bright side, it was better than 2008 is forecast to be. With more of every sort of meltdown predicted -- more criminalization of the hacker community, more Web-application attacks, more phishing, more spamming, more zero-day attacks and more virtualization-related threats -- we're happy to tell you that you are likely to look back on 2007 as the peaceful old days. Computerworld, 12/11/07. Wabisabilabi selling remote exploit for SAP
A vulnerability that affects SAP's MaxDB hasn't garnered any bids yet on a controversial auction site for computer vulnerabilities. If exploited, the problem would let an attacker access the entire contents of the database, according to Wabisabilabi, which is offering proof-of-concept code and details on its vulnerability auction site. Bidding starts at $4,407. IDG News Service, 12/11/07. Cookie forgery tools pose danger, says researcher
A pair of open-source tools that sniff network traffic for cookies, then use the data to feed those purloined files back to Web sites, will let hackers easily impersonate users, a security expert said yesterday. Computerworld, 12/11/07. iPhone to be target of hackers in 2008
The iPhone has been the target of many users who wanted to customize the way it looks and hackers who wanted to use the device on other wireless networks since it was released in June. However, Arbor Networks predicts the seriousness of attacks on the iPhone will increase in 2008. MacWorld, 12/12/07. | 
No comments:
Post a Comment