There’s a new vulnerability in the popular BIND name server software that is causing various versions of the application to crash unexpectedly after logging a certain kind of error. The Internet Software Consortium, which maintains BIND, is investigating the issue and trying to determine the severity of the problem.
Browsing Category: SMB Security
The hacktivist group Anonymous, it seems, is bent on rehabilitating its image. In recent months, the anarchic hacking collective has moved from retaliatory attacks on enemies (like Aaron Barr) and outing “snitches,” to squelching out child pornography networks (Operation DarkNet, launched in October) and supporting the Occupy Wall Street protests.
Anonymous’s efforts to don the white hat AND the Guy Fawkes mask may take more than just picking different targets for its “Ops,” says Joshua Corman, the Director of Security Intelligence at Akamai Technologies. In a recent, exclusive interview with Threatpost, Corman told Threatpost editor Paul Roberts that the group’s cyber vigilantism itself is the problem and “rife with unintended consequences.”
Here’s a transcript of their talk, which took place October 26th.
Information security failings are making it impossible for the U.S. Internal Revenue Service (IRS) to get its financial house in order and could be putting taxpayers’ sensitive information at risk, according to a financial audit of the agency by the Government Accountability Office (GAO).
F-Secure researchers claim that malware spreading via malicious PDF files is signed with a valid certificate stolen from the Government of Malaysia, in just the latest evidence that scammers are using gaps in the security of digital certificates to help spread malicious code.
After months as a consumer-only beta, Google finally opened up its Google+ social network to companies this week, launching Google Brand pages. While response to the new brand pages was tepid (Robert Scoble penned a rather scathing review), it didn’t take long for folks poking around the new feature to identify a serious shortcoming: Google brand pages allow pretty much anyone to stake out a page for any brand, regardless of their affiliation with it.
[img_assist|nid=10213|title=Joe Gottlieb|desc=CEO, Sensage|link=none|align=right|width=115|height=115]The “up side” of social networks like Facebook, Twitter and G+ are well known. But the down side of these networks for both users and for organizations that employ them are only now becoming clear. Worms, malware and spam are just the beginning of the security problems engendered by the social net. In this exclusive interview, conducted via e-mail, Threatpost editor Paul Roberts asked Joe Gottlieb, the CEO of security event management firm Sensage, about the many, subtle ways that social networks are eroding organizations’ online defenses.
An indictment filed in U.S. District Court for the Southern District of New York charges seven individuals with a a global scheme to commit Internet advertising fraud. The scheme infected more than four million machines in over 100 countries with malware. It is believed to have netted the scammers more than $14 million in commissions from online advertisers.
Online criminals registered far fewer Web domains for use in phishing attacks in the first half of 2011, in what may signal a decrease in phishing scams, according to a global phishing survey released this month by the Anti-Phishing Working Group (APWG).
The investor services company told Threatpost that an investigation has determined that data stolen by a rogue employee didn’t contain shareholder data. However, the company still hasn’t retrieved two USB drives containing company email and documents that outline some of Computershare’s closely held business plans.
The Pentagon’s Defense Advanced Research Projects Agency (DARPA), which is credited with helping to create the modern Internet, used a conference to call on hackers and other visionaries to help save it.