AIM Security Advisory explains how hundreds of AIM users are losing their accounts to hijackers. Once the hijack has taken place the account password is changed and the user is unable to retrieve it via the password retrival system. AIMThief is the program for the Macintosh that enables this hack to be done exploiting some code in the AOL 2.7 protocal P3. Any user with a name under 10 charactors long is vulnerable.
The FBI has not yet issued any warrants for the arrest of individuals suspected of authoring the ORIGINAL Code Red Worm, a spokesperson for the agency's National Infrastructure Protection Center said today. They did not issue an official comment regarding suspects in one of the Code Red mutant cases.
The mass-mailing worm, dubbed Win32.Invalid.A@mm, pretends to come from Microsoft's technical support department, but actually carries a destructive payload that can make executable (.exe) applications unusable by encrypting them with a random encryption key, Central Command said.
THE FBI SAYS it has discovered an attempt to spread a new version of the Code Red virus and is in the process of telling the owners of about 6,000 computers that their systems have been infected. Warrants have been issued in the case, which the FBI thinks will prevent those responsible for the virus from triggering denial-of-service attacks from the machines, according to FBI Supervisory Special Agent Trent Teyema.
Because of an array of high-profile Internet security breaches, global virus attacks and increasing reports of ‘Insider’ illegalities on corporate and business networks, the days of ‘One-Stop-Shopping’ for Risk Management Services and Solutions are over.
Business leaders must consolidate their information risk management solutions underneath an umbrella of procedural and technical protections, information insurance and legal advice & representation in this particular area to assure their clients, customers and partners..
Cross site scripting, or CSS, a relatively new method of attack, has proven itself to be a formidable opponent in the battle to secure the Web. The attack involves a method whereby an unauthorized script is passed to a Web server for execution -- even if the server is secured against running such scripts.
Despite a succession of incidents involving viruses, worms, hackers and security "holes" in widely used software, real concern about computer security is still at a surprisingly low ebb, says Kentucky-based networking specialist Gary Porter. Porter, who holds Novell's Master CNE qualification, was a keynote speaker at Novell's "one Net summit" in Wellington last week. He was appointed to Novell's major accounts advisory board in 1996.
THE build-up to England's crucial World Cup qualifier against Germany in Munich on Saturday began in the strangest of circumstances with the theft of GBP 50,000 worth of computer equipment from the Football Association's heavily-guarded headquarters in Soho Square, central London. Police are investigating the burglary, which was discovered in the early hours of yesterday morning.
Sometimes, simple is better. After years of promoting high-tech anti-fraud measures like smart cards and neural networks, a decidedly low-tech feature is coming to credit cards that might go a long way toward protecting your private information.
Visa announced Monday it?s moving forward with plans to add old-fashioned password protection to credit card purchases made online. The question is: Are consumers worried enough about theft of their data that they?ll be willing to take the extra step?
CERT Have released a set of Snort rules to help differentiate between the different variants of CodeRed and get some more accurate stats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
