Moving on from the social networking issues we outlined in the past couple of weeks, after following the predictions, and their materialization (here, here, here in the announcement of Gmail offline, here, and here), we can already see the “Browser OS”, as we dubbed it in our annual threat and predictions report, begin to materialize [...]
Posts under ‘Aladdin’
Social networking threats – the “hacker” story
As the social networking threats angle is picking up a lot of traction lately <pat_on_own_back>, the folks at Netragard have posted a great write-up on using social networks as an attack tool – involving both social engineering as well as technical exploits. The post can be found here, and I just want to quote a couple of [...]
Blocking Facebook? Not popular, and not effective
OK, so we know that social networking sites have their issues and threats associated with them, we’ll be the first to admit it. But on the same note, we also know that just blocking/censoring them (pick the more politically correct term) is not working either. This is in light of the Maryland general assembly’s decision [...]
Fighting an infection vector with new standards – ClickJacking
If you haven’t heard yet, the newest version of Microsoft’s Internet Explorer 8 (RC1) have been endowed with support for “Anti-Clickjacking” (for more background on clickjacking, check out: http://ha.ckers.org/blog/20080915/clickjacking/). This new feature is basically an implementation for a new header (X-FRAME-OPTIONS) that is returned from a server which defines the scope of “netsing” that is [...]
BlueHat post on the state of web security
I’ve been asked to contribute once again to the Microsoft BlueHat blog, and have written a quick “state of the web security” post. Check it out, and as always, feel free to comment or discuss whether in agreement or not. The post is located here. Cheers.
More predictions see the light of day?
A recent report from McAffee reaffirms our 2009 predictions, and talks about how eCrime is starting to benefit from ex-employees, noting that this trend is not limited to the IT guys… As we recall – the possibility to participate in the emerging eCrime business is closer than ever, with a quick buck to be made, [...]
Gear up – predictions for 2009 has begun to materialize
How about answering email messages when you are not online? Easy, right? But, if you are using a webmail account that used to be a problem; so was reading unopened messages or older messages in your inbox. Well, not anymore, Gmail Goes Offline! The AIRC annual threat report with the 2009 predictions could not have [...]
What’s been on people’s minds lately?
As we have been predicting (and following during 2008), the criminal’s mind is very much attuned to public mind. The current issues that everyone (well, at least a lot of us) has been dealing with are the current economical situation, and what president Obama is going to do about it. Without fail, eCriminals have been [...]
Supreme court, freedom of speech and internet filtering
It was bound to happen. It didn’t work in Third World countries, attempts to do it in Western civilization failed one by one, and now it is proven again that you can’t really prohibit people by law from viewing certain content on the internet. What I’m talking about is this: The Supreme Court rejected child [...]
Conficker continues its rounds. Hits 9 million mark
It is funny how security works, isn’t it? When you think you got rid of the old-school (aka “stupid”) threats, reality hits you right back. Confiker/Downadup is a simple worm; it exploits a Microsoft Windows vulnerability, that can only be utilized over a local network as it uses the SMB protocol, and uses an initial [...]