Security Corner:


August 11, 2009  2:22 AM

Twitter Attack: Whodunit and How? Whonose?

Posted by: Ken Harthun
Attack Surface, DDoS, Denial of Service, Security, Twitter Attack

Speculation abounds over who was responsible for the DDoS attacks that affected Twitter--and to a lesser degree, Facebook and LiveJournal--this past Thursday. Various sources, including CNN and

August 8, 2009  1:37 PM

Twitter Hit with DDoS Attack

Posted by: Ken Harthun
Denial of Service, Humor, Security

On Thursday morning, I decided to check my Twitter account and was greeted by a “Network Timeout” error. I tried several more times and finally gave up, thinking I’d just try later. I thought nothing more about it until I heard the news item on a local radio station that Twitter had been...

August 8, 2009  1:15 PM

Tsk, Tsk! Weak Passwords Allow Congressional Web Site Defacements

Posted by: Ken Harthun
Cyber-vandal, Exploits, Hacking, Password, Security, Security management, SQL Injection, Vulnerabilities

This is simply idiocy—or gross negligence—of the highest degree. In the last week, more than a dozen US Representatives’ websites were defaced by hackers who posted digital graffiti on the home pages. The graffiti read, “H4ck3d by 3n_byt3 @ Indonesia H4ck3rs” (see screen shot). There was...

August 7, 2009  6:50 PM

Shrink Your Attack Surface

Posted by: Ken Harthun
Attack Surface, Microsoft Windows, Secure Computing, Security, Vulnerabilities

I’ve heard this phrase bandied about in Linux forums and in the occasional blog post, but it’s something I never considered relative to the security of Windows boxes.  There’s an awful lot of research on the subject and it boils down to this: The larger the attack surface, the more...

July 30, 2009  8:54 PM


Posted by: Ken Harthun
Cyber-criminal, Cyber-vandal, Cybercrime, Malware, Rogueware, Security

Rogueware? The names just keep coming. It’s another name for Scareware, that stuff designed to cause shock, anxiety, or the perception of a

July 30, 2009  3:45 PM

Video: I Go Chop Your Dollar

Posted by: Ken Harthun
Fun stuff, Humor, Nigerian 419 Fraud, Scam, Security

This video is a good example of how not all the effects of crime are bad. After all, if we didn’t have Nigerian 419 scammers, we wouldn’t have a song about the infamous Nigerian 419 scams that haunt email inboxes these days. Lyrics are a little hard to pick out, but the chorus repeats enough...

July 29, 2009  9:08 PM

I’ll Say it Again—Turn Off the Remote Web Management Interface!

Posted by: Ken Harthun
Embedded systems, Exploits, Firewalls, Hacking, insecure, Remote Code Execution, Security, Security management, Storage, Vulnerabilities

I don’t know how many times I’ve told people that the embedded management interface on most devices is a security breach waiting to happen. I just got wind of some news, but can’t seem to find anything more than this mention. As soon as I dig up some details, I’ll let you know. This...

July 27, 2009  8:50 PM

“Of Course, I Never Reply to Spam – Except Sometimes”

Posted by: Ken Harthun
Botnet, E-mail scam, Email security, Phishing, Secure Computing, Security, security awareness, spam

Sounds funny, doesn't it?  But that's part of the title of a consumer survey recently completed by the Messaging Anti-Abuse Working Group (MAAWG): "A...

Bookmark and Share     1 Comment     RSS Feed     Email a friend

July 18, 2009  3:20 PM

Fraud Alert: eBay, craigslist Broken?

Posted by: Ken Harthun
E-mail scam, eBay Fraud, Fraud, Scam, Security

Bruce Schneier’s June 19, 2009 post Fraud on eBay stands as a testament to the fact that all is not well with the online auction giant.

I expected selling my computer on eBay to be...

July 17, 2009  2:32 PM

Panda’s CloudAntivirus Update

Posted by: Ken Harthun
Anti-malware, Anti-virus, Fun stuff, Secure Computing, Security, Security management

When I turned on my laptop this morning, I was greeted with a red X on the Panda icon in my system tray. When I clicked on it, the program informed me that my beta version would expire in 10 days and I should download the latest release. I was ready for a sales pitch; I’m happy to say there...

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: