tag:blogger.com,1999:blog-72361792598406968572024-03-13T08:02:17.634-07:00Security News MediaUnknownnoreply@blogger.comBlogger50125tag:blogger.com,1999:blog-7236179259840696857.post-91119710314261402332010-01-20T05:14:00.000-08:002010-01-20T05:15:59.600-08:00Tcl Tutorial<p>This is a very short introduction to the Tcl script language. If you just can’t wait, I hope this will make you able to read and to understand simple Tcl code. </p> <p>In many points, Tcl is similar to C, especially for loop structures, function definitions and mathematical or conditional expressions. In other points, such as expression evaluation and list data structures, you will notice that Tcl has inherited from the benefits of the Scheme language. </p> <p>In Tcl, all data is represented as strings.<br /></p><p><a href="http://www.thetazzone.com/tcl-tutorial/">Tcl Tutorial</a> </p><p><br /></p>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-7236179259840696857.post-25502950920303877712008-01-23T10:51:00.000-08:002008-01-23T11:08:47.797-08:00FREE AdvertisingApparently TheTAZZone.com will soon be offering FREE Advertising for 3 months beginning March 1st on 4 different domains. According to inside sources this offer will be open to both personal and commercial websites.<br />They have a forum thread at TAZForum where you can sign up for the FREE Advertising, or you can just e-mail their administration.<br /><br /><a href="http://tazforum.thetazzone.com/viewtopic.php?p=98170#98170">TAZ Forum :: A Computer, Gaming, and Social Network Community of Friends :: TAZForum :: View topic - Free Advertising Sign-ups</a>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-7236179259840696857.post-50931320446959077432008-01-16T16:14:00.000-08:002008-01-16T16:15:20.323-08:00Sun Microsystems Announces Agreement to Acquire MySQLJanuary 16, 2008 Sun Microsystems, Inc. (NASDAQ: JAVA) today announced it has entered into a definitive agreement to acquire MySQL AB, an open source icon and developer of one of the world's fastest growing open source databases for approximately $1 billion in total consideration. The acquisition accelerates Sun's position in enterprise IT to now include the $15 billion database market. Today's announcement reaffirms Sun's position as the leading provider of platforms for the Web economy and its role as the largest commercial open source contributor.<br /><br />With millions of global deployments including Facebook, Google, Nokia, Baidu and China Mobile, MySQL will bring synergies to Sun that will change the landscape of the software industry by driving new adoption of MySQL's open source database in more traditional applications and enterprises. The integration with Sun will greatly extend the commercial appeal of MySQL's offerings and improve its value proposition with the addition of Sun's global services organization. MySQL will also gain new distribution through Sun's channels including its OEM relationships with Intel, IBM and Dell. <br /><br /><a href="http://www.sun.com/aboutsun/pr/2008-01/sunflash.20080116.1.xml">Sun Microsystems Announces Agreement to Acquire MySQL, Developer of the World's Most Popular Open Source Database</a>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-7236179259840696857.post-51403524111837845832008-01-12T05:30:00.000-08:002008-01-12T05:31:52.302-08:00Teenager hacks Polish tram systemA 14 year-old schoolboy hacked into a Polish tram system and used a remote control to change the direction of a number of vehicles.<br /><br />Transport employees in Lodz immediately suspected outside interference when a driver who was trying to turn right found his tram veering to the left.<br /><br />The tram's back wagon was derailed and hit a passing tram. Another derailment injured 12 passengers.<br /><br /><a href="http://www.pcw.co.uk/vnunet/news/2207084/teenage-boy-hacks-polish-tram"><br />Teenager hacks Polish tram system - Personal Computer World</a>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-7236179259840696857.post-90021707215974749642008-01-08T04:21:00.001-08:002008-01-08T04:21:49.920-08:00Hacking attack compromises thousands of sitesTens of thousands of Web sites have been compromised by an automated SQL injection attack, and although some have been cleaned, others continue to serve visitors a malicious script that tries to hijack their PCs using multiple exploits, security experts said this weekend.<br /><br />Hacked sites included both .edu and .gov domains, the SANS Institute's Internet Storm Center (ISC) reported in a warning posted last Friday. The ISC also reported that several pages of security vendor CA Inc.'s Web site had been infected.<br /><br />Grisoft's Thompson said that his research had identified a 15-month-old vulnerability as one of those exploited by the attack code. The exploit, he said, targeted the MDAC (Microsoft Data Access Components) bug patched in April 2006 with the MS06-014 security update. "They went to the trouble of preparing a good Web site exploit, and a good mass hack but then used a moldy old client exploit. It's almost a dichotomy," said Thompson. <br /><br /><br /><a href="http://www.itbusiness.ca/it/client/en/Home/News.asp?id=46585">IT Business</a>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-7236179259840696857.post-53076356834839615972008-01-04T15:04:00.000-08:002008-01-04T15:05:42.757-08:00Sears puts customers' buying histories on the WebSears Holdings Corp. has come under fire from privacy advocates for making the purchase history of its customers publicly available on its Managemyhome.com Web site.<br /><br />Manage My Home is a community portal where Sears shoppers can download product manuals, find product tips and get home renovation ideas.<br /><br />The Web site has a feature called "Find your products" that lets users look up past purchases. Ostensibly, this is designed to help customers keep track of items they've bought from the retailer, but the site also lets them look up the purchase histories of other people.<br /><br />"Sears offers no security whatsoever to prevent a Manage My Home user from retrieving another person's purchase history by entering that person's name, phone number and address," wrote Ben Edelman, an assistant professor at Harvard Business School, in a blog posting. <br /><br /><br /><br /><a href="http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=9055498&taxonomyId=17&intsrc=kc_top">Sears puts customers' buying histories on the Web</a>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-7236179259840696857.post-31720302195654716582007-12-29T09:19:00.001-08:002007-12-29T09:19:51.446-08:00End of Support for Netscape web browsersAOL's focus on transitioning to an ad-supported web business leaves little room for the size of investment needed to get the Netscape browser to a point many of its fans expect it to be. Given AOL's current business focus and the success the Mozilla Foundation has had in developing critically-acclaimed products, we feel it's the right time to end development of Netscape branded browsers, hand the reins fully to Mozilla and encourage Netscape users to adopt Firefox.<br /><br />Netscape Navigator until February 1, 2008. After February 1, there will be no more active product support for Navigator 9, or any previous Netscape Navigator browser <br /><br /><a href="http://blog.netscape.com/2007/12/28/end-of-support-for-netscape-web-browsers/">End of Support for Netscape web browsers - The Netscape Blog</a>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-7236179259840696857.post-86520783263739663112007-12-24T04:50:00.000-08:002007-12-24T04:51:16.247-08:00Introducing WeaveIntroducing Weave<br /><br />We’re now launching a new project within Mozilla Labs to formally explore this integration. This project will be known as Weave and it will focus on finding ways to enhance the Firefox user experience, increase user control over personal information, and provide new opportunities for developers to build innovative online experiences.<br /><br />Just like Mozilla enables massive innovation by making Firefox open on many levels, we will aim to do the same with Weave by developing an open extensible framework for services integration.<br /><br /><a href="http://labs.mozilla.com/2007/12/introducing-weave/"><br />Mozilla Labs » Blog Archive » Introducing Weave</a>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-7236179259840696857.post-68657592935252563182007-12-09T13:58:00.000-08:002007-12-09T13:59:16.137-08:00Hackers launch major attack on US military labsHackers have succeeded in breaking into the computer systems of two of the US' most important science labs, the Oak Ridge National Laboratory (ORNL) in Tennessee and Los Alamos National Laboratory in New Mexico.<br /><br />In what a spokesperson for the Oak Ridge facility described as a "sophisticated cyber attack," it appears that intruders accessed a database of visitors to the Tennessee lab between 1990 and 2004, which included their social security numbers and dates of birth. Three thousand researchers reportedly visit the lab each year, a who's who of the science establishment in the US.<br /><br /><br /><a href="http://computerworld.co.nz/news.nsf/scrt/3A4907F2C89429F7CC2573AC00764FBC">Computerworld > Hackers launch major attack on US military labs</a>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-7236179259840696857.post-68457294547463663192007-12-07T13:42:00.000-08:002007-12-07T13:43:49.090-08:00Stolen laptop had IDs on 268,000 Minnesota blood donorsA laptop stolen during a recent blood drive contained sensitive information on 268,000 Minnesota-region blood donors, Memorial Blood Centers said Wednesday.<br /><br />The laptop was in a briefcase that was stolen just before 7 a.m. Nov. 28 as workers were setting up a blood drive, said Laura Kaplan, manager of marketing and communications with the blood center. "They were setting up for a blood drive and this was in a briefcase," she said. "The police have told us they believe it was a random crime."<br /><br />Memorial Blood Centers is a nonprofit blood bank based in St. Paul, Minn. It operates 10 blood collection centers in northern Minnesota and Wisconsin and collects about 125,000 units of blood each year.<br /><br /><br /><br /><a href="http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=9051779&taxonomyId=17&intsrc=kc_top">Stolen laptop had IDs on 268,000 Minnesota blood donors</a>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-7236179259840696857.post-74461492587870820392007-11-30T04:58:00.000-08:002007-11-30T04:59:38.159-08:00Fasthosts customers blindsided by emergency password resetFasthosts has announced that "a number" of its customers'* FTP spaces were raided as a result of the major hack that triggered a police investigation last month. It has applied a system-wide reset of thousands of passwords as a result.<br /><br />The Gloucester-based webhosting firm yesterday performed the emergency reset of control panel, PCP, FTP and SQL passwords that were not changed by customers when the intrusion was revealed. <br /><br /><a href="http://www.theregister.co.uk/2007/11/30/fasthost_hack_update/">Fasthosts customers blindsided by emergency password reset | The Register</a>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-7236179259840696857.post-52219707770408126682007-11-29T03:21:00.000-08:002007-11-29T03:22:50.661-08:00New Software Detects Web InterferenceIncreasingly worried over Internet providers' behavior, a nonprofit has released software that helps determine whether online glitches are innocent hiccups or evidence of deliberate traffic tampering.<br /><br />The San Francisco-based digital rights group Electronic Frontier Foundation hopes the program, released Wednesday, will help uncover "data discrimination" _ efforts by Internet providers to disrupt some uses of their services _ in addition to the cases reported separately by EFF, The Associated Press and other sources.<br /><br />"People have all sorts of problems, and they don't know whether to attribute that to some sort of misconfiguration, or deliberate behavior by the ISP," said Seth Schoen, a staff technologist with EFF.<br /><br />The new software compares lists of data packets sent and received by two different computers and looks for discrepancies between what one sent and the other actually received. Previously, the process had to be done manually.<br /><br />Schoen compared the software to a spelling checker.<br /><br /><br /><br /><a href="http://www.chron.com/disp/story.mpl/ap/fn/5336912.html">New Software Detects Web Interference | Chron.com - Houston Chronicle</a>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-7236179259840696857.post-8752809547459056702007-11-23T15:10:00.000-08:002007-11-23T15:12:04.129-08:00United Airlines exploits tragedy in Brazil<blockquote>I'm sure you've all heard the tragic story of Tony Harris by now...the son/son-in-law of a loving wife, a soon to be born child, a devoted step-father and his wife... Tony Harris goes to Brazil to play basketball and life takes a tragic turn... But...is United Air Lines hospitable? Sympathetic? NO! instead of giving the grieving step-father...</blockquote><br /><br /><br /><a href="http://digg.com/world_news/United_Airlines_exploits_tragedy_in_Brazil">Digg - United Airlines exploits tragedy in Brazil</a>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-7236179259840696857.post-45818174416784699312007-11-21T13:51:00.000-08:002007-11-21T13:52:19.953-08:0016 year-old 'hacker' designs Internet policyA TEENAGE hacker who managed to get around the Aussie government's $84 million internet filter scheme has been recruited by the opposition Labor party to design its cyber safety policy.<br /><br />Tom Wood has now become the subject of a slanging match between the Labor and Liberal parties.<br /><br />Liberal Communications Minister, Helen Coonan, denies that Wood "hacked" the software filters, saying he bypassed them by gaining access to the administrator account on his computer.<br /><br /><br /><a href="http://www.theinquirer.net/gb/inquirer/news/2007/11/21/old-hacker-designs-internet">16 year-old 'hacker' designs Internet policy - The INQUIRER</a>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-7236179259840696857.post-9099594464881040502007-11-15T02:57:00.000-08:002007-11-15T02:58:58.171-08:00Did NSA Put a Secret Backdoor in New Encryption Standard?Random numbers are critical for cryptography: for encryption keys, random authentication challenges, initialization vectors, nonces, key-agreement schemes, generating prime numbers and so on. Break the random-number generator, and most of the time you break the entire security system. Which is why you should worry about a new random-number standard that includes an algorithm that is slow, badly designed and just might contain a backdoor for the National Security Agency.<br /><br />But one of those generators -- the one based on elliptic curves -- is not like the others. Called Dual_EC_DRBG, not only is it a mouthful to say, it's also three orders of magnitude slower than its peers. It's in the standard only because it's been championed by the NSA, which first proposed it years ago in a related standardization project at the American National Standards Institute.<br /><br />If this story leaves you confused, join the club. I don't understand why the NSA was so insistent about including Dual_EC_DRBG in the standard. It makes no sense as a trap door: It's public, and rather obvious. It makes no sense from an engineering perspective: It's too slow for anyone to willingly use it. And it makes no sense from a backwards-compatibility perspective: Swapping one random-number generator for another is easy. <br /><br /><br />TAZ Forum :: A Computer, Gaming, and Social Network Community of Friends :: TAZForum :: View topic - <a href="http://tazforum.thetazzone.com/viewtopic.php?p=91618#91618">Did NSA Put a Secret Backdoor in New Encryption Standard?</a>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-7236179259840696857.post-38135339946528721132007-11-10T03:53:00.000-08:002007-11-10T03:55:49.221-08:00Computer scientist fights threat of ‘botnets’Most network-intrusion systems today are comparing traffic against a database, collected by hand, of previously recognized attack signatures. The innovation with Nemean is a method to automatically generate intrusion signatures, making the detection process faster and more precise.<br /><br /><p> In a test comparing Nemean against a current technology on the market, both had a high detection rate of malicious signatures — 99.9 percent for Nemean and 99.7 for the comparison technology. However, Nemean had zero false positives, compared to 88,000 generated by the other technology. </p> <p>“The technology we’re developing here really has the potential to transform the face of network security,” says Barford, whose research is supported by the National Science Foundation, the Army Research Office and the Department of Homeland Security. “Our objective is to build this company into a world leader in network securty solutions.”<br /></p><a href="http://www.news.wisc.edu/14380">Computer scientist fights threat of ‘botnets’ (Oct. 31, 2007)</a><p><br /></p><p><br /></p>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-7236179259840696857.post-15299318788177888982007-11-07T03:34:00.001-08:002007-11-07T03:34:47.179-08:00The Opposite of Backup<p>In the early 1980s, <strong>George C.</strong> was IT support on a team overseeing a large installation of workstations. At the time, this was a pretty novel concept. Several Unix site managers applied to help out but wanted "too much money," according to management. Instead, the IT manager rounded up a bunch of recent college graduates (who were much cheaper). Problem solved.</p> <p>There were roughly 80 workstations that were being installed, each with two 70MB drives. One drive kept the operating system files (which the users couldn't modify), the other was the user drive for work files. Each system was backed up and updated nightly with a three step process:</p> <ol><li>Back up all files that have changed on each client's user drive. </li><li>Replace old files on each client's system drive. </li><li>Delete files that are no longer needed from each client's system drive. For this step it'd just remove any files from the system drive on the client's machine that didn't exist on the server so everyone had a consistent system drive. </li></ol> The tech writers on...<br /><br /><a href="http://worsethanfailure.com/Articles/The-Opposite-of-Backup.aspx">The Opposite of Backup - Worse Than Failure</a>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-7236179259840696857.post-47466397525909103032007-11-03T15:55:00.000-07:002007-11-03T15:57:01.617-07:00Cross-Selling Online Scams and Security IssuesRemember that the code the cross-sell company added doesn’t link in the normal sense but just continues with the session in an attempt to sell you some useless crap. By continuing the session, the application running (the cross-sell application, not the original on-line store) has access to the card data in the cookie. Most legitimate companies don’t think this through — the money is too good.<br /><br /><a href="http://yro.slashdot.org/article.pl?sid=07/11/03/1739227&from=rss">Slashdot | Cross-Selling Online Scams and Security Issues</a><br /><br /><a href="http://12angrymen.wordpress.com/2007/11/01/caveat-emptor-use-of-credit-cards-on-line/">Caveat Emptor - Use of Credit Cards On-Line « The 12 Angry Men Blog</a>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-7236179259840696857.post-35350812388203288132007-10-31T03:22:00.000-07:002007-10-31T03:23:26.279-07:00Blu-ray's BD+ Encryption CrackedUnsurprisingly, <a href="http://www.trustedreviews.com/storage/news/2007/02/20/SlySoft-Releases-HD-DVD-Duplication-Software/p1" target="_blank">it is SlySoft</a> who have had a hand in the cracking, so a new version of AnyDVD HD should be available before the new year. Said software will allow the backing up of Blu-ray movies to a hard drive or the direct copy of discs and other similarly nefarious activities.<br /> Of course the $30 software does require a rather more expensive Blu-ray drive to be of any use and if you copy a film you'll pay more for a blank disc than for a 'real' version anyway. On that basis, this will probably stand more as an example of "we told you so" than a real threat to Blu-ray anti-piracy fanatics.<br /><br /><a href="http://www.trustedreviews.com/tvs/news/2007/10/31/Blu-rays-BD-Encryption-Cracked/p1">TrustedReviews - Blu-ray's BD+ Encryption Cracked</a>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-7236179259840696857.post-53399504662053413722007-10-25T14:11:00.001-07:002007-10-25T14:11:44.337-07:00Storm worm strikes back at security prosThe Storm worm is fighting back against security researchers that seek to destroy it and has them running scared, Interop New York show attendees heard this week.<br /><br />The worm can figure out which users are trying to probe its command-and-control servers, and it retaliates by launching DDoS attacks against them, shutting down their internet access for days, says Josh Korman, host-protection architect for IBM ISS, who led a session on network threats.<br /><br />"As you try to investigate [Storm], it knows, and it punishes," he says. "It fights back."<br /><br /><a href="http://pcworld.co.nz/pcworld/pcw.nsf/feature/EDD23E3CBF80F497CC25737F006BB6AF">New Zealand PC World Magazine > Storm worm strikes back at security pros</a>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-7236179259840696857.post-71395723974771333002007-10-18T18:12:00.000-07:002007-10-18T18:13:14.037-07:00Trojan imitates Skype, steals login credentials<span class="postbody"> Security analysts are warning of another malicious software program masquerading as an installer file for Skype.<br /><br />The program sends the victim's Skype credentials, as well as any other logins or passwords stored in Internet Explorer, to another server, writes Villu Arak, a Skype spokesman based in Tallinn, Estonia, on a Skype blog.<br /><br />Skype, the VoIP (voice over internet protocol) program owned by eBay, is frequently targeted by malware writers because it is widely used. Other attacks have focused on sending links to malware via Skype's chat function as well as worms.<br /><br /><a href="http://computerworld.co.nz/news.nsf/scrt/8BACC8844B734F9DCC2573780007D204" target="_blank">http://computerworld.co.nz/news.nsf/scrt/8BACC8844B734F9DCC2573780007D204</a><br />Computerworld > Trojan imitates Skype, steals login credentials</span>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-7236179259840696857.post-63223212053165354392007-10-14T06:22:00.000-07:002007-10-14T06:23:07.692-07:00Secret Windows command line tools can boost security<span class="a3"> There's a much under-hyped and overlooked set of Windows security tools that you should be taking advantage of as a Windows administrator. You've already paid for them but may not realize that you have them. I'm talking about a handful of </span><span class="a3"> nifty command-line tools that are extremely powerful in practically any information security context. If your experience goes back to the good old DOS days, you'll feel right at home. And if the command line is a little outside your comfort zone, relax -- what you need to know is really straightforward.<br /><br /></span><a href="http://searchwindowssecurity.techtarget.com/tip/0,289483,sid45_gci1259825,00.html">Secret Windows command line tools can boost security</a>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-7236179259840696857.post-39726125652706650212007-10-12T07:18:00.000-07:002007-10-12T07:19:55.872-07:00Mother of 14-Year-Old Suspected of Plotting School Attack Charged<p><strong>The mother of a 14-year-old home-schooled student who had a cache of guns, knives and explosive devices in his bedroom was charged Friday with six counts for buying him three weapons.</strong></p> <p>Michele Cossey bought her son a .22-caliber handgun, a .22-caliber rifle and a 9 mm semiautomatic rifle, authorities said.</p> <p>The teenager felt bullied and tried to recruit another boy for the possible attack at Plymouth Whitemarsh High School, authorities said.</p> <p>Police on Wednesday found the rifle, about 30 air-powered guns, swords, knives, a bomb-making book, videos of the 1999 Columbine attack in Colorado and violence-filled notebooks, Montgomery County District Attorney Bruce L. Castor Jr. said.<br /></p><a href="http://www.foxnews.com/story/0,2933,301379,00.html">here</a><br /><p><a href="http://www.foxnews.com/story/0,2933,301379,00.html"><br /></a></p>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-7236179259840696857.post-48220570039724417122007-10-11T03:22:00.000-07:002007-10-11T03:23:34.388-07:00Hackers Could Shut Down Car Engines!<span class="postbody">I had mentioned this a while ago in a conversation with a friend that these computerized cars would eventually be the subject of some potentially serious problems <img src="http://tazforum.thetazzone.com/images/smiles/icon_wink.gif" alt="Wink" border="0" /><br /><br /><span style="font-weight: bold;">Hackers Could Shut Down Car Engines!</span><br /><br />Some people just have no idea what they are doing. Here we go again – this is another case of overzealous security that can seriously end up in hurting the ones who should be protected!<br />General Motors is going to come up with a system to make car thefts history… <br /><br /><a href="http://itexperts.thetazzone.com/viewtopic.php?p=1045#1045" target="_blank">http://itexperts.thetazzone.com/viewtopic.php?p=1045#1045</a><br />TAZForum 2 :: Security Zone :: View topic - Hackers Could Shut Down Car Engines!</span>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-7236179259840696857.post-11475536550784034792007-10-08T12:40:00.000-07:002007-10-08T12:41:28.567-07:00YouTube hijacked for Storm worm spamSpammers are exploiting YouTube's "Invite your Friends" facility to send spam containing a Storm Trojan from the video sharing site. Bradley Anstis, director of product management at security firm Marshal, said that YouTube users can invite their friends to view videos that they are looking at or have posted. Using the facility gives them the opportunity to e-mail any address from their account -- a feature the spammers are now exploiting.<br /><br /><a href="http://www.msfn.org/comments.php?shownews=21159">MSFN - YouTube hijacked for Storm worm spam</a>Unknownnoreply@blogger.com0