Security Corner:

August, 2009


August 14, 2009  3:02 AM

Twitter Used As Botnet Command & Control Channel



Posted by: Ken Harthun
Botnet, Exploits, Security, Twitter

A botnet that uses Twitter for command and control? You bet. Jose Nazario over at Arbor Networks apparently found one: “Basically what it does is use the status messages to send out new links to contact, then these contain new commands or executables to download and run.” The bots connect to...

August 12, 2009  12:39 AM

Patch Tuesday – 19 Windows Security Flaws Fixed



Posted by: Ken Harthun
Critical update, Exploits, Patch management, Patch Tuesday, Security, Security management, Vulnerabilities

It’s that day of the month again and this time Microsoft has patched 19 security holes, 15 of which have a “critical” rating. The good news is that none of the vulnerabilities affect Windows 7. As usual, a bunch of the flaws stem from ActiveX controls, probably the worst thing...


August 11, 2009  2:22 AM

Twitter Attack: Whodunit and How? Whonose?



Posted by: Ken Harthun
Attack Surface, DDoS, Denial of Service, Security, Twitter Attack

Speculation abounds over who was responsible for the DDoS attacks that affected Twitter--and to a lesser degree, Facebook and LiveJournal--this past Thursday. Various sources, including CNN and


August 8, 2009  1:37 PM

Twitter Hit with DDoS Attack



Posted by: Ken Harthun
Denial of Service, Humor, Security

On Thursday morning, I decided to check my Twitter account and was greeted by a “Network Timeout” error. I tried several more times and finally gave up, thinking I’d just try later. I thought nothing more about it until I heard the news item on a local radio station that Twitter had been...


August 8, 2009  1:15 PM

Tsk, Tsk! Weak Passwords Allow Congressional Web Site Defacements



Posted by: Ken Harthun
Cyber-vandal, Exploits, Hacking, Password, Security, Security management, SQL Injection, Vulnerabilities

This is simply idiocy—or gross negligence—of the highest degree. In the last week, more than a dozen US Representatives’ websites were defaced by hackers who posted digital graffiti on the home pages. The graffiti read, “H4ck3d by 3n_byt3 @ Indonesia H4ck3rs” (see screen shot). There was...


August 7, 2009  6:50 PM

Shrink Your Attack Surface



Posted by: Ken Harthun
Attack Surface, Microsoft Windows, Secure Computing, Security, Vulnerabilities

I’ve heard this phrase bandied about in Linux forums and in the occasional blog post, but it’s something I never considered relative to the security of Windows boxes.  There’s an awful lot of research on the subject and it boils down to this: The larger the attack surface, the more...


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: