Smart Redirection Attack Helps Phishers Dodge Site Shutdowns

RSA Security announced this week that it has discovered that online fraudsters have developed a new phishing technique in response to increasingly aggressive moves to identify and shut down phishing sites. This new type of attack, known as a Smart Redirection Attack, is designed to ensure that potential phishing victims always link to a live website.

Patchwork of Privacy Regulations

Absolute privacy has never truly existed. Before the industrial revolution, mankind largely inhabited small villages where everyone knew everything about everyone else. The desire to remain isolated, or to maintain privacy regarding details of health and welfare, would have been regarded suspiciously.

SSL VPNs and Using OpenVPN

For a very long time, people in information security have thought IPSec is THE VPN and SSL is for secure online banking. While SSL has traditionally been used for Web site security purposes, SSL’s applications reach wider than just web proxying and application security.

Microsoft Threat Analysis and Modeling

Microsoft Threat Analysis & Modeling tool allows non-security subject matter experts to enter already known information including business requirements and application architecture which is then used to produce a feature-rich threat model.

Build Physical Security into a Data Centre

At information-intensive companies, data centres don't just hold the crown jewels; they are the crown jewels. Protecting them is a job for whiz-bang technologists, of course. But just as important, it's a job for those with expertise in physical security and business continuity.

Secure mobility

Today’s working environment is changing rapidly. A large number of companies are finding that meeting the demands of customers requires the workforce to be available anytime, anywhere. This distributed workforce of road warriors, mobile workers, teleworkers and remote office workers needs to be able to access the same tools and interact with the same level of presence as their colleagues in the corporate office.

Track Down Rogue Wireless Access Points

Of all of the threats faced by your network security, few are as potentially dangerous as the rogue Access Point (AP). A rogue AP is a WiFi Access Point (define) that is set up by an attacker for the purpose of sniffing wireless network traffic in an effort to gain unauthorized access to your network environment.

Hackers Targeting Mambo Security Holes

Hackers are actively seeking out unpatched versions of the Mambo content management system, which recently repaired a serious security hole. The latest exploit attempts target a different vulnerability than the Mare.D worm, which grabbed headlines last month but apparently did limited damage to Mambo sites. Sites running on Mambo should upgrade to the latest version as soon as possible.

802.11n - what really happened?

Last year a group of companies attempted an end run around the IEEE committee developing the next-generation wireless LAN standard, 802.11n. Its goal was to obtain a time-to-market advantage over the one firm that has successfully commercialised the advanced technology central to 802.11n. The industry rebuffed this maneuvre.

Debit card thieves get around PIN obstacle

With consumers around the country reporting mysterious fraudulent account withdrawals, and multiple banks announcing problems with stolen account information, it appears thieves have unleashed a powerful new way to steal money from cash machines.

Next