A new phishing attack has been circulating lately, but instead of trying to dupe millions of computer users into giving up their financial information, this one is aimed at high level executives. The e-mail scam purports to notify the executive about court proceedings and tries to get them to click a link that installs keylogging software as well as software designed to let a hacker take control of the computer. Unfortunately, social engineering, the process of tricking a user into trusting requests from a hacker, is getting to be a major problem, and if the hackers are successful in their latest attack, they could be holding some valuable passwords.

Larger Prey Are Targets of Phishing (New York Times)

The government is responding by closing thousands of paths from their networks to the Internet as a result of an order by President Bush. At least one security researcher has begun to develop software that will allow him to infect hacking tools with his own malware as security in those tools is lacking.

“Most malware authors are not the most careful programmers,” Eriksson said. “They may be good, but they are not the most careful about security.”

However, security concerns are not all about hackers on the outside getting in. Some of the biggest security breaches are actually committed on the inside of a computer network by its own users and one of the major culprits is unsecured USB flash drives.

Defenseless on the Net (Business Week)

Security Guru Gives Hackers a Taste of Their Own Medicine (Wired)

Flash Drives Threaten Security (PC World)

Many if not most users are used to phishing scams by now. I probably get at least four or five a day, with most pretending to be a bank or other financial institution that needs to “verify your information.” Many speculate that the vast majority of phishing scams originate in China, but the unsettling part of this newest attack is the fact that financial institutions were heavily attacked, in particular one sector that a security researcher declined to identify for security reasons. How do you cope with the rising tide of hacking attempts?

Explore More

What are cryptographic attacks?

Cryptographic attacks are methods of evading the security of a cryptographic system by finding weaknesses in such areas as the code, cipher, cryptographic protocol or key management scheme in the

Google Talk Cheats

With Google Talk being all the craze right now, some people hating it, and others loving it, I figured that I would post a list of tips and tricks for

Critical SQL Injection in Red Link

PlanetCreator has reported another critical SQL Injection (vulnerability) on Red Link http://www.redlink.net.mm/ SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of