Security Bytes:

May, 2008


May 30, 2008  3:11 PM

Another security breach at UCSF

Marcia Savage Marcia Savage Profile: Marcia Savage

The security woes continue for the University of California San Francisco. On Wednesday, UCSF said it issued alerts to 3,569 patients that a computer holding their personal information was breached. There was no evidence that the patient information was accessed, the university said. The breach...

May 30, 2008  1:37 PM

Sourcefire says no, no, no to Barracuda’s takeover bid

David Schneier David Schneier Profile: David Schneier

Apparently, there is never a dull moment at the Sourcefire universal headquarters. The IDS company, which has gone through a failed acquisition by Check Point and an IPO in the last 24 months, is now fending off takeover bids. Sourcefire officials said on Friday that the company had turned down an...


May 28, 2008  2:06 PM

Identity fraud trends: good and bad

Marcia Savage Marcia Savage Profile: Marcia Savage

A recent report released by Javelin Strategy and Research offered both good and bad news on the identity fraud front. The firm forecasts that identity fraud will continue to decline, with the total annual amount dropping from $45 billion in 2007 to $34 billion in 2013, and the number of victims...


May 23, 2008  1:41 PM

Spear phishing attack spoofs U.S. Tax Court

Marcia Savage Marcia Savage Profile: Marcia Savage

Bogus emails pretending to be from the United States Tax Court and targeting specific organizations were making the rounds this week, security researchers said. The messages look like notices of deficiency from the tax court with legitimate-looking domains in the "from" address, according to...


May 22, 2008  12:27 PM

International phishing ring busted

Marcia Savage Marcia Savage Profile: Marcia Savage

Federal efforts to crack down on international crime paid off with indictments charging 38 people in the U.S. and Romania in two phishing schemes. A federal grand jury in Los Angeles indicted 33 people in connection with an international racketeering scheme that defrauded thousands of victims....


May 19, 2008  5:44 PM

Orphaned accounts overlooked

Marcia Savage Marcia Savage Profile: Marcia Savage

User accounts that stay active after an employee leaves an organization are a big problem in the enterprise, according to a survey released today by security software company Symark. Forty-two percent of the 850 executives surveyed said they did not know how many orphaned accounts exist in their...


May 19, 2008  2:29 PM

VeriSign offering free re-issues of SSL certificates

David Schneier David Schneier Profile: David Schneier

In response to the mess created by the OpenSSL vulnerability in Debian-based Linux distributions, the folks at VeriSign are offering to re-issue SSL certificates to any of its customers who believe their certificates may have been...


May 15, 2008  3:18 PM

SSH keys and SSL certificates at risk from new Debian OpenSSL flaw

David Schneier David Schneier Profile: David Schneier

If you're an SSH and Linux user, this is not a good week for you. Not only did Debian announce that a flaw in its OpenSSL implementation allows attackers to easily guess cryptographic keys, but now


May 14, 2008  2:27 PM

Google Docs used in latest spam run

Robert Westervelt Robert Westervelt Profile: Robert Westervelt

Google Doc Spam 0 Comments     RSS Feed     Email a friend


May 13, 2008  8:53 AM

Srizbi botnet is the biggest, but does size matter?

Robert Westervelt Robert Westervelt Profile: Robert Westervelt

Security vendor Marshal says the Srizbi botnet has grown to be the worlds largest spam botnet, outpacing the Storm Trojan in sending unwanted email and compromising computers. Srizbi now accounts for half of all spam. In comparison, Storm accounted for 20% of all spam at its peak. In


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: