A new phishing attack has been circulating lately, but instead of trying to dupe millions of computer users into giving up their financial information, this one is aimed at high level executives. The e-mail scam purports to notify the executive about court proceedings and tries to get them to click a link that installs keylogging software as well as software designed to let a hacker take control of the computer. Unfortunately, social engineering, the process of tricking a user into trusting requests from a hacker, is getting to be a major problem, and if the hackers are successful in their latest attack, they could be holding some valuable passwords.

Larger Prey Are Targets of Phishing (New York Times)

The government is responding by closing thousands of paths from their networks to the Internet as a result of an order by President Bush. At least one security researcher has begun to develop software that will allow him to infect hacking tools with his own malware as security in those tools is lacking.

“Most malware authors are not the most careful programmers,” Eriksson said. “They may be good, but they are not the most careful about security.”

However, security concerns are not all about hackers on the outside getting in. Some of the biggest security breaches are actually committed on the inside of a computer network by its own users and one of the major culprits is unsecured USB flash drives.

Defenseless on the Net (Business Week)

Security Guru Gives Hackers a Taste of Their Own Medicine (Wired)

Flash Drives Threaten Security (PC World)

Many if not most users are used to phishing scams by now. I probably get at least four or five a day, with most pretending to be a bank or other financial institution that needs to “verify your information.” Many speculate that the vast majority of phishing scams originate in China, but the unsettling part of this newest attack is the fact that financial institutions were heavily attacked, in particular one sector that a security researcher declined to identify for security reasons. How do you cope with the rising tide of hacking attempts?

Explore More

Batten down the Hatches—10-Minute Tactics

The simplest way to defend your computer quickly against hackers is to use a firewall. So let’s look at your two fastest options. Either can be done in 10 minutes.Turn

Read More

Press Conference briefing on the possibility of being shortest man in the world!!!

This is not hacking or security news, just about my some favorite news while I’m arriving at yangon, myanmar. I’ve been here around 3 months and waiting visa approval to

Read More

Critical Blind SQL injection in ChartNexus.com

PlanetCreator has reported another critical Blind SQL Injection (vulnerability) on http://www.starinvestorrelations.com/ which owned by FiNEX Solutions Pte. Ltd. (“FiNEX Solutions”) powered by http://www.chartnexus.com/ This vulnerability has been alerted to :-

Read More