Spyware, Viruses, & Security forum

General discussion

NEWS - June 22, 2005

by roddy32 / June 21, 2005 9:44 PM PDT
The red herring of data protection
June 21, 2005, 1:59 PM PT
By Eric Norlin, CNET News.com
Published on ZDNet News: June 21, 2005, 1:59 PM PT

The numbers have been staggering: 145,000; 13.9 million; 40 million.
I'm speaking, of course, about the recent rash of data loss--the innocuous term for millions of accounts containing personal data being exposed to the wrong eyes. Whether it's MasterCard, ChoicePoint, LexisNexis, Bank of America, Wachovia, Stanford University or the University of California at Berkeley, the rapid expansion of this problem is stunning.

The reasons for the data loss are all over the map, ranging from physical tapes lost in transit, to hackers, and even malicious insiders. And of course, there is always the ever-present bogey of bad network security practices.

We're told the solution is to embrace better network security, better encryption, better corporate safeguards and better "data protection." Of course, all of these proffered solutions are a bit specious, since they're always accompanied by the corporate lawyer caveat: "We cannot guarantee that this won't happen again."

more here
Discussion is locked
You are posting a reply to: NEWS - June 22, 2005
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: NEWS - June 22, 2005
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Gates, Vietnamese prime minister talk piracy
by roddy32 / June 21, 2005 9:47 PM PDT
In reply to: NEWS - June 22, 2005

Published on ZDNet News: June 21, 2005, 5:10 AM PT

Vietnamese Prime Minister Phan Van Khai pledged to combat software piracy during talks with Microsoft Chairman Bill Gates on Monday as he became the most senior official of the communist state to visit the United States since the Vietnam War ended 30 years ago.

Khai signed two agreements committing Vietnam to work with Microsoft in curbing theft of intellectual-property rights and removing licensing barriers for used computers donated to schools, said Microsoft spokeswoman Tami Begasse.

The Business Software Alliance, a Washington-based lobby group, estimates that 92 percent of the software used in Vietnam in 2004 was pirated, the highest rate in the world.

more here

Collapse -
Pop-up vulnerability found in major browsers
by roddy32 / June 22, 2005 1:15 AM PDT
In reply to: NEWS - June 22, 2005

Published: June 22, 2005, 8:03 AM PDT
By Graeme Wearden
Special to CNET News.com

Several popular Web browsers contain a vulnerability that could be used by cybercriminals to steal personal data, security company Secunia has warned.

The flaw would allow a phishing attack in which a malicious JavaScript pop-up window appeared in front of a trusted Web site, Secunia said in an alert published Tuesday. This could trick a surfer into revealing data such as a password.

"The problem is that JavaScript dialog boxes do not display or include their origin, which allows a new window to open--for example, a prompt dialog box--which appears to be from a trusted site," said Secunia's advisory.

According to Secunia, the latest versions of Internet Explorer, Internet Explorer for Mac, Safari, iCab, Mozilla, Mozilla Firefox and Camino are all vulnerable. Opera 7 and 8 are affected, but not 8.01, according to Opera.

more here

Collapse -
Microsoft Won't Patch IE Spoofing Bug
by Lit'l Sasquatch / June 22, 2005 12:52 PM PDT

Hours after word broke that most browsers were vulnerable to a spoofing flaw that phishers could use to pilfer confidential data, Microsoft has declined to issue a security update. In a security advisory posted on its TechNet site, Microsoft acknowledged that its Internet Explorer browser, including the version packaged with Windows XP SP2, could be used to trick people into entering information such as passwords in a bogus dialog box which appears atop a trusted site.

Microsoft published the advisory, it said, "to clarify the risks associated with browser windows without indications of their origins." But it won't release a security update to fix the flaw because it considers the issue a feature, not a bug.


Collapse -
Some IT Managers don't use security software
by Donna Buenaventura / June 22, 2005 3:03 AM PDT
In reply to: NEWS - June 22, 2005

In today's fast-paced, high-tech work environment, employees rely on computers to perform most job functions. A recently published research reveals the repercussions of computer viruses and other security problems and their correlation to downtime on the job in small and medium businesses.

The research, conducted by Maritz among IT managers, reveals that nearly all (90 percent) reported that computer performance levels were affected by up to 50 percent due to security issues.

The survey reveals some surprising results despite the common knowledge that security and spam issues are the obvious cause for reduction in employee productivity.

Key findings include: 75 percent of small and medium businesses were hit by at least one virus, with some affected over 100 times, 40 percent of respondents have been hit by hackers at least once, with some targeted more than 200 times, 29 percent don't use anti-spam software, 34 percent don't use spyware software, 4 percent don't use anti-virus software and 9 percent don't have Internet firewalls.


Collapse -
MSN Hotmail Adds Safety E-Alerts for E-Mail Authentication
by Donna Buenaventura / June 22, 2005 3:25 AM PDT
In reply to: NEWS - June 22, 2005
Collapse -
Jail time a penalty in ID theft bill
by roddy32 / June 22, 2005 7:33 AM PDT
In reply to: NEWS - June 22, 2005

Published: June 22, 2005, 1:18 PM PDT
By Reuters

Business leaders who fail to tell consumers when they may be at risk of identity theft could face jail under a bipartisan bill expected to be introduced in the U.S. Senate on Wednesday.

Senate Judiciary Committee Chairman Arlen Specter and Sen. Patrick Leahy, the committee's top Democrat, would also restrict a freewheeling trade in Social Security numbers that are prized by identity thieves.

The bill, the first to draw Republican sponsorship, comes on the heels of the largest security breach announced to date after an outsider gained access to 40 million credit card accounts held by CardSystems Solutions, a payment processor.

more here

Collapse -
California ID breach bill gets thumbs-up
by roddy32 / June 22, 2005 7:35 AM PDT
In reply to: NEWS - June 22, 2005

Published: June 22, 2005, 1:14 PM PDT
By Reuters

Concerned with the growth of identity theft, California lawmakers gave initial approval on Tuesday to a bill that, with other state safeguards, would require companies to notify consumers of all security breaches involving their personal information.

The California Assembly's judiciary committee voted 6-3 for the bill, which would apply to paper and taped records. Breaches of computer records are already covered by a state law.

The state senate has already approved the bill, which now goes to the Assembly business and professions committee.

more here

Collapse -
SBC launches intrusion prevention service
by roddy32 / June 22, 2005 7:37 AM PDT
In reply to: NEWS - June 22, 2005

Published: June 22, 2005, 11:46 AM PDT
By Karen Said
Staff writer

SBC Communications has added an intrusion prevention tool to its lineup of security services for corporate networks. The PremierServ Managed Intrusion Prevention Service, introduced Tuesday, uses a behavior-based approach to detect known worms and viruses, the company said. It also promises to catch "zero day" intrusions, which take advantage of previously unknown vulnerabilities, on servers, desktops and other computers connected to the network.

more here

Collapse -
Security Software Leakier Than Windows
by Lit'l Sasquatch / June 22, 2005 8:53 AM PDT
In reply to: NEWS - June 22, 2005

Security software is becoming as riddled with holes as some of the products it is supposed to protect, according to new figures from the Yankee Group. The number of vulnerabilities found in security applications has risen sharply for the third year in a row and now outnumbers those identified in all Microsoft products, according to the research firm.

In 2004, researchers uncovered 60 vulnerabilities in security software, up from 31 in 2003, according to the study. In May of this year, researchers had already turned up 23 security bugs, compared with 22 bugs in Microsoft applications. The figures through May 2005 are up 50 percent over the same period last year, Yankee Group said. The figures were reported by Business Week.


Collapse -
Microsoft pushes spam-filtering technology
by roddy32 / June 22, 2005 11:32 AM PDT
In reply to: NEWS - June 22, 2005

Published: June 22, 2005, 6:25 PM PDT
By Joris Evers
Staff Writer, CNET News.com

If your e-mail does not have a Sender ID, Microsoft wants to junk your message.

Around November, Hotmail and MSN will flag as potential spam those messages that do not have the tag to verify the sender, Craig Spiezle, a director in the technology care and safety group at the software maker said Wednesday. The move is meant to spur adoption of Sender ID, he said.

Sender ID is a specification for verifying the authenticity of e-mail by ensuring the validity of the server from which the e-mail came. While the purpose of curbing junk mail may be laudable, the debate on how to stop the tide of junk mail is still ongoing. According to Microsoft, up to 90 percent of e-mail is spam.

more here

Collapse -
Mass hack targets critical Windows flaw
by Lit'l Sasquatch / June 22, 2005 12:54 PM PDT
In reply to: NEWS - June 22, 2005

A recent surge in port 445 scanning activity could herald impending hack attacks, and industry experts have warned firms to take "immediate steps" to ensure that the affected Windows ports are secure. Gartner pointed to recent reports that security vulnerability sensors have noted an increase in activity on TCP port 445, which is associated with Microsoft's Windows Server Message Block (SMB) protocol.

"This port could be used to exploit the Microsoft Incoming SMB Packet Validation Remote Buffer Overflow Vulnerability (MS05-027), a critical flaw for which Microsoft released a patch on 14 June, " warned John Pescatore, vice president and research fellow at Gartner Research.


Popular Forums
Computer Newbies 10,686 discussions
Computer Help 54,365 discussions
Laptops 21,181 discussions
Networking & Wireless 16,313 discussions
Phones 17,137 discussions
Security 31,287 discussions
TVs & Home Theaters 22,101 discussions
Windows 7 8,164 discussions
Windows 10 2,657 discussions


Turn up the volume with our Apple Byte sweeps!

Two lucky winners will take home the coveted smart speaker that lets Siri help you around your connected house. This sweepstake ends Feb. 25, 2018.