Browse by Tags
All Tags »
Security (
RSS)
Actually this is not a vulnerability in the product itself, but if you use Asterisk or one of its derivatives such as TrixBox, you should review your SIP and IAX secrets to make sure they are not the same as your extension numbers. As reported by Kerry...
A possible glimpse of things to come from Amy Babinchak on her Small Business Tech Notes blog highlights a new type of attack using x.509 certificate s that is on the increase in the USA. Amy speculates that the bad guys are beginning to escalate the...
Virus warnings are almost always hoaxes. Even if they’re not, forwarding the warning to your friends and colleagues can do more harm than good. My simple advice is this: press delete . Virus warnings and hoaxes are one particular flavour of chain email...
This superficially amusing article about one customer’s experience with Lloyds Bank Plc actually raises a more interesting security issue. The BBC news article reports (emphasis mine): Lloyds TSB stressed there was no security lapse in this case...
Is your ISP patched against the DNS cache poisoning ( US CERT advisory ) exploit? There are confirmed attacks in the wild . My ISP is patched. I asked them, and actually got an intelligent response. They escalated my ticket and a day later came the response...
It seems there is an instant messenger virus at large at the moment. The virus sends messages similar to these (the URLs are deliberately obfuscated): "Hot or Not? hxxp://mymsngallery.my.funpic de/viewimage.php?youremail@someplace.com" or "this...
I saw this article in Microsoft's UK Security Newsletter (which you can subscribe to online). Ed Gibson, chief security advisor, relates the following story: The owner of a '.com' web domain name is telephonically contacted by someone claiming...
I received the following email today, which is clearly a rather crude hoax: From: <deleted> @hotmail.co.uk To: <24 MSN/Hotmail addresses removed to protect privacy> Subject: PLEASE READ Date: Thu, 10 Jan 2008 21:48:22 +0000 Hey it is tara...
Back in 2000 I was in Fry's Electronics in San Jose, California and I stumbled accross a little device called " U.are.U 2000 ". It was a fingerprint reader and some software that replaced the normal Windows login screen with one that allowed...
I was reading an article by David Overton , a Microsoft employee whose opinions I really respect. Of course, being a Microsoft employee he is always keen to play up the benefits of Microsoft's products, but I think he manages to do so in a fair and...
I found this article by the Electronic Frontier Foundation (EFF) which claims some laser printer manufacturers are using a form of steganography to essentially 'fingerprint' each page of output, so that it can be traced back to the original printer...
An interesting post on the IMPACT blog referred to an incident where two people were arrested and cautioned for wardriving (piggybacking on WiFi networks). This got me thinking about the whole area of protecting your wireless network. Whose responsibility...
After the theft from an employee's home of a laptop computer last year containing confidential customer data, the Nationwide Building Society has been fine £980,000 by the Financial Services Authority (FSA). "The failure to manage or monitor downloads...
The Get Safe Online blog has an article where a US teacher has been convicted of four counts of child endagerment, after her computer (which she claims was infected with spyware) showed popups advertising porn sites. As the blog says: It illustrates,...
Software-y-Ddraig Shareware Registration Services provides an off-the-shelf utility that enables .Net software developers to quickly and easily add shareware registration to their software. It is extremely simple to use (2 lines of code at its simplest...
More Posts
Next page »