Security Bytes

January 2008

  • Metasploit gets a facelift

    Leigha Cardwell - TechTarget 29 Jan 2008
  • HD Moore has just released an upgrade for his popular Metasploit attack application, complete with a new Windows interface that will allow more researchers to use it. Moore says in his Metasploit ...

  • ChoicePoint saga comes to a close

    Eric Parizo - Senior Analyst 28 Jan 2008
  • Remember ChoicePoint? Four years ago the data broker kicked off what became a years-long deluge of enterprise data breaches by allowing more than 160,000 customer records to be stolen. It seems ...

  • Look how far we’ve come

    David Schneier - R.I.S.C. Associates 25 Jan 2008
  • Once upon a time, it was fairly simple for security researchers to identify and eliminate phishing sites or sites hosting malware. Most of them were hosted on sketchy domains, often in countries ...

  • Apple plugs flaws in QuickTime, iPhone

    Leigha Cardwell - TechTarget 16 Jan 2008
  • Apple has released security updates for critical flaws in its popular QuickTime media player and the iPhone. Apple announced the release of QuickTime 7.4 to address flaws attackers could exploit to ...

  • TSA security lapses example of outsourcing failure

    Robert Westervelt - TechTarget 15 Jan 2008
  • A congressional report issued last week outlined the failure of the Transportation Security Administration to secure a special Web site designed to help travelers whose names appeared erroneously ...

  • New banking Trojan wants you for its army

    David Schneier - R.I.S.C. Associates 14 Jan 2008
  • A couple of weeks ago I wrote a story about some of the more sophisticated Trojans out there right now, including Storm and Nugache. I mentioned a few Trojans that specifically target online ...

  • Another day, another QuickTime zero-day

    Leigha Cardwell - TechTarget 11 Jan 2008
  • Here we go again ... Vulnerability researcher Luigi Auriemma has reported an Apple QuickTime flaw attackers could exploit to hijack targeted machines. The problem is a boundary error in how RTSP ...

  • Oracle plans 27 security updates Tuesday

    Leigha Cardwell - TechTarget 11 Jan 2008
  • Oracle released an advance bulletin for the Critical Patch Update (CPU) it has planned for Tuesday. If all goes to plan, DBAs are looking at 27 fixes across the database giant's product line. ...