A new phishing attack has been circulating lately, but instead of trying to dupe millions of computer users into giving up their financial information, this one is aimed at high level executives. The e-mail scam purports to notify the executive about court proceedings and tries to get them to click a link that installs keylogging software as well as software designed to let a hacker take control of the computer. Unfortunately, social engineering, the process of tricking a user into trusting requests from a hacker, is getting to be a major problem, and if the hackers are successful in their latest attack, they could be holding some valuable passwords.

Larger Prey Are Targets of Phishing (New York Times)

The government is responding by closing thousands of paths from their networks to the Internet as a result of an order by President Bush. At least one security researcher has begun to develop software that will allow him to infect hacking tools with his own malware as security in those tools is lacking.

“Most malware authors are not the most careful programmers,” Eriksson said. “They may be good, but they are not the most careful about security.”

However, security concerns are not all about hackers on the outside getting in. Some of the biggest security breaches are actually committed on the inside of a computer network by its own users and one of the major culprits is unsecured USB flash drives.

Defenseless on the Net (Business Week)

Security Guru Gives Hackers a Taste of Their Own Medicine (Wired)

Flash Drives Threaten Security (PC World)

Many if not most users are used to phishing scams by now. I probably get at least four or five a day, with most pretending to be a bank or other financial institution that needs to “verify your information.” Many speculate that the vast majority of phishing scams originate in China, but the unsettling part of this newest attack is the fact that financial institutions were heavily attacked, in particular one sector that a security researcher declined to identify for security reasons. How do you cope with the rising tide of hacking attempts?

Explore More

Critical SQL Injection and XSS Vulnerability in Myanmar Engineering Society

PlanetCreator has reported another critical SQL Injection (vulnerability) on Myanmar Engineering Society Website http://www.mes.org.mm SQL injection is a code injection technique that exploits a security vulnerability occurring in the database

Read More

BackTrack 5 Release

BackTrack is intended for all audiences from the most savvy security professionals to early newcomers to the information security field. BackTrack promotes a quick and easy way to find and

Read More

How to hack?

This is a tutorial I found on the net. This tutorial will explain to you how to hack someone’s internet account thru his router.This hack is based on a secuirty

Read More