The cryptographic underpinnings of the Internet, as presently constituted, are messy, chaotic and rather randomly constructed. And that infrastructure is not only ripe for a variety of attacks, but is not easily fixable, a group of experts said Friday.
Browsing Category: Web Security
[img_assist|nid=7078|title=|desc=|link=none|align=right|width=88|height=88]This week seemed to be all about the numbers as a handful of reports were released, disclosing new stats on phishing, information theft and spam. Evercookies, the inside story of SQL Slammer, and of course, the usual array of patches, rounded out the week. Read on for the full week in review.
[img_assist|nid=7182|title=|desc=|link=none|align=right|width=92|height=92]A security researcher has released an exploit for an unpatched security vulnerability in Adobe’s Shockwave Player, warning that the flaw could be targeted to launch drive-by malware download attacks.
The number of phishing attacks declined in the first half of 2010, but a report from the Anti Phishing Working Group warns that might not be such a good thing.
[img_assist|nid=7163|title=|desc=|link=none|align=right|width=90|height=90]Apple has shipped security fixes for a number of bugs in its Java implementation, and the company also said that it has deprecated its Java implementation in OS X and may remove it from future release of the operating system.
[img_assist|nid=7161|title=|desc=|link=none|align=left|width=85|height=85]Social network Facebook said on Wednesday that it is bringing new suits against individuals accused of using the 500 million person social network to send spam messages and promote non existent products.
The FBI is warning businesses about the rash of scams that attack crews are using to target their bank accounts and drain them. The scams themselves are nothing new, but the FBI says that they’re becoming more prevalent and sophisticated as the attackers adjust their tactics.
[img_assist|nid=7146|title=|desc=|link=none|align=left|width=90|height=90]Online scam artists are using black hat search engine optimization (SEO) techniques to push more than just malicious software. In fact, SEO is increasingly being used to drive traffic to a range of phony Web based search engines that are feeding cost-per-click advertising scams, according to a blog post from Web security firm zScaler.
Mozilla has released Firefox 3.6.11 with patches for a dozen security holes, some serious enough to launch attacks if a user simply surfs to a booby-trapped website.
[img_assist|nid=7122|title=|desc=|link=none|align=right|width=100|height=100]The persistent method that security researcher Samy Kamkar introduced last week for storing tracking data on a user’s machine, known as the “Evercookie,” is even more worrisome when used on mobile devices, according to another researcher’s analysis.