For technologists
How Google Buzz lowers the bar for privacy, security
February 16, 2010
More bad buzz about Google Buzz seems certain to play out in coming weeks. That’s because privacy and security can’t be separated. And despite two rounds of privacy-setting revisions, the search giant’s new social network, in its current configuration, markedly lowers privacy and security.
Coming on the heels of Facebook’s controversial privacy-setting revamp, the launch of Buzz has enervated privacy advocates and cybersecurity experts. They’ve long been …More
Servers used in Google attacks tied to Peng Yong, Dyn Inc.
February 1, 2010
Steve Ragan, security editor at The Tech Herald, has conducted an extensive examination of how Google and dozens of other tech, financial and media corporations got breached via the latest Windows Internet Explorer flaw. Ragan discusses his findings in a lengthy blog post that reads like Sherlock Holmes in the early stages of connecting the dots for a befuddled Mr. Watson, in this case …More
Yahoo, Go Daddy hosted websites targeted in two-stage phishing attack
December 8, 2009
If you control a blog or any small website, beware. Phishers are trying to lure owners of smaller websites who use hosting services from Yahoo, GoDaddy and MediaFire into divulging their administrator logons.
These criminals then will use your small corner of the Web to host faked online banking web pages used in subsequent broader phishing campaigns designed to hijack funds from online banking accounts, according to this …More
PayChoice latest to be hit by multi-stage cyber attack
October 1, 2009
PayChoice — and its business customers — have been hit by a multi-stage cyber attack that’s becoming all too familar.
Reporting by Security Fix blogger Brian Krebs points to an initial breach of PayChoice customer databases, followed by a spear phishing attack using stolen from the breach to target specific employees of companies that use PayChoice’s popular outsourced payroll services.
PayChoice CEO Robert Digby has just issued a statement saying …More
Waves of Twitter attacks erode trustworthiness of Tweets
September 26, 2009
How much should you trust Tweets?
Much less so, after a swarm of tainted micro-postings inundated Twitter this past week. Popular social networks have become a major focal point for cyber scammers.
“We’re definitely seeing old email scams migrating over to Twitter and generally being adapted to all of the popular social networks,” says Matt Marshall, VP of Security at Redspin, told LastWatchdog.
Facebook, MySpace, LinkedIn and other social nets have also been hit hard by corrupted …More
Can ‘digital ants’ cripple worms like Conficker and Koobface?
September 22, 2009
‘Tis the season when the major antivirus vendors try new approaches. Symantec recently announced its new reputation-based protection; and AVG next week will announce new bells and whistles in the roll out of AVG 9.0, free and paid versions.
Meanwhile, McAfee says it continually adds incremental improvements, even though it does a splashy marketing message changeover this time of year, which can be misleading, as The Tech Herald’s security …More
Antivirus suites fail more often than not
September 18, 2009
Reactive, signature-based antivirus suites provide only partial protection. Everyone knows that. But just how much protection? LastWatchdog recently heard a major AV vendor claim its flagship suite repels 90% of threats.
Now comes Cyveillance with this new report showing anti-virus programs fail more often than they succeed in protecting you from bad things on the Internet.
Cyveillance, which was recently bought out by British tech firm, QinetiQ, …More