AWeD, LLC - Artist Web Design&the JoyZine Store

AWeD

Search

Returning Members

Log In

New Registration
Use the Register button below
to become a member

Leading Antivirus Software
Exposes Users

Security campany says flaw lets hackers steal sensitive data

Associated Press
Published 11:55 a.m. PT May 26, 2006

Symantec Corp.’s leading antivirus software, which protects some of the world’s largest corporations and U.S. government agencies, suffers from a flaw that lets hackers seize control of computers to steal sensitive data, delete files or implant malicious programs, researchers said Thursday.

Symantec said it was investigating the issue but could not immediately corroborate the vulnerability. If confirmed, the threat to computer users would be severe because the security software is so widely used, and because no action is required by victims using the latest versions of Symantec Antivirus to suffer a crippling attack over the Internet.

Symantec has boasted its antivirus products are installed on more than 200 million computers. A spokesman, Mike Bradshaw, said the company was examining the reported flaw but described it as “so new that we don’t have any details.”

Researchers from eEye Digital Security Inc. of Aliso Viejo, Calif., discovered the vulnerability and provided evidence to Symantec engineers this week, said eEye’s chief hacking officer, Marc Maiffret. He demonstrated the attack for The Associated Press.

Password-stealing trojans

by Suzi Turner, ZDNet

HOSTS file hijacking combined with bank password stealing trojans is one of the more egregious spyware tricks currently being seen. Here's the scenario. A user is infected with a trojan and other malware that, among other things, changes the HOSTS file so that websites commonly used for online banking are redirected to the spyware pusher/thief's site which is made to look nearly identical to the real bank site.

HOSTS file hijacking can be prevented with a number of apps including several anti-spyware programs and utilities.

SunbeltBLOG has an excellent write up describing this trick as well as a video for demonstration. Host file hijacking is not new on the spyware scene and has been used by CoolWebSearch and similar groups to redirect users' browsers to alternative search sites or adware/spyware sites. In many cases the IP address or domain being used to collect users' IDs and passwords is located outside of the US, but in Sunbelt's write up, the IP address is in River City and belongs to an ISP with headquarters in Dallas, Texas, Layered Technology.

.....click to continue story

The Internet Is Broken

By David Talbot

"The Net's basic flaws cost firms billions, impede innovation, and threaten national security. It's time for a clean-slate approach, says MIT's David D. Clark."

"In his office within the gleaming-stainless-steel and orange-brick jumble of MIT's Stata Center, Internet elder statesman and onetime chief protocol architect, David D. Clark, prints out an old PowerPoint talk.

"Dated July 1992, it ranges over technical issues like domain naming and scalability.

"But in one slide, Clark points to the Internet's dark side: its lack of built-in security. In others, he observes that sometimes the worst disasters are caused not by sudden events but by slow, incremental processes -- and that humans are good at ignoring problems.

"'Things get worse slowly. People adjust,' Clark noted in his presentation. 'The problem is assigning the correct degree of fear to distant elephants.'

[Click here to view graphic representations of David D. Clark’s four goals for a new Internet architecture.]

.....click to continue story

Contact Us | Help | Shopping Cart | Your Account | Newsletter | Shipping Rates & Policies | Returns Policy
Investor Relations | Join Associates | Conditions of Use | Privacy Notice | © 2006, AWeD, LLC or its affiliates

Search for