<body><script type="text/javascript"> function setAttributeOnload(object, attribute, val) { if(window.addEventListener) { window.addEventListener('load', function(){ object[attribute] = val; }, false); } else { window.attachEvent('onload', function(){ object[attribute] = val; }); } } </script> <div id="navbar-iframe-container"></div> <script type="text/javascript" src="https://apis.google.com/js/plusone.js"></script> <script type="text/javascript"> gapi.load("gapi.iframes:gapi.iframes.style.bubble", function() { if (gapi.iframes && gapi.iframes.getContext) { gapi.iframes.getContext().openChild({ url: 'https://www.blogger.com/navbar.g?targetBlogID\x3d26473280\x26blogName\x3dHackers+News\x26publishMode\x3dPUBLISH_MODE_BLOGSPOT\x26navbarType\x3dBLACK\x26layoutType\x3dCLASSIC\x26searchRoot\x3dhttp://hackers-news.blogspot.com/search\x26blogLocale\x3den_US\x26v\x3d2\x26homepageUrl\x3dhttp://hackers-news.blogspot.com/\x26vt\x3d113306571398039483', where: document.getElementById("navbar-iframe-container"), id: "navbar-iframe" }); } }); </script>

Hackers News

Keeping Knowledge Free

New VoIP Phishing Scams

Wednesday, April 26, 2006
Cloudmark, an anti-spam company, put the word out about a new type of email phishing scam targeting banking customers. These fake emails don't provide a URL for you to click--you're much too smart for that. Rather, they provide a phone number, which calls into a voice mail system that asks for your account number. According to Cloudmark, what's new here is the criminal use of VoIP and PBX (private branch exchange) software to set up a voice-mail system that sounds like your bank. The process is cheap and easy, thanks to VoIP and open-source PBX software such as Asterisk. The same low-cost setup that's enabling small businesses to sound professional is enabling small-time scam artists to do the same. "The convergence of the Internet with the phone system allows someone with VoIP to do what the big boys used to do," says Adam J. O'Donnell, Ph.D., senior research scientist at Cloudmark. Cloudmark's enterprise spam filters found two such phishing scams, one targeting a small bank in a large U.S. city. Cloudmark says more than 1000 such messages were received over a three-day period. The scam artists set up a toll-free number and a number with area code.

read more

Linux, Mac viruses on the rise

The crusade to win a greater share of the operating system market away from Microsoft's Windows has long fired up the hearts of the Mac and Linux faithful. But popularity breeds contempt - from hackers. A new study of "malware" - viruses, worms, and other software nasties - released Friday by Moscow-based Kaspersky Lab shows a doubling in the number of viruses and worms targeting Linux from 2004 to 2005. The trend is worth watching, says Linux Pipeline, but must be put in context. There were only 863 cases of Linux attacks last year, while Symantec found 11,000 viruses and worms in Windows. And Apple's (Research) Mac? It got off easy in the Kaspersky report, but last week brought news of vulnerabilities in OS X, following on a February report of the first documented Mac OS X virus. Additionally, independent security researcher Tom Ferris posted to his blog a series of "serious" Mac security breaches that he recently discovered.

read more

Viruses and hackers cost UK business £10bn a year

Security breaches from computer viruses, hacker attacks and staff misuse of the internet are costing British business £10bn a year, according to a DTI backed report published yesterday. The biannual survey of 1,000 companies by PricewaterhouseCooper shows losses are 50% higher on the 2004 figure - this despite increased spending on security systems. Larger firms saw the number of security breaches fall, but the average cost of each incident rose to £65,000-£130,000 in disruption.

read more

Weak passwords leave firms open to hackers

Poor password policy management is leaving firms open to hacking attacks, a survey published today at Infosec Europe 2006 has warned. Nearly two thirds of the 500 IT administrators who responded to the poll considered the passwords of their users to be inadequate, either using common dictionary words, names or other weak passwords. Overall 86 per cent of users used one password for all their sites or a very limited pool of passwords. Over 40 per cent fall into the former category. "It is madness to use the same password for your banking site as for your football supporters' page," said Graham Cluley, senior technology correspondent at Sophos, which carried out the survey.

read more

Microsoft rolls out browser fixes

Microsoft Corp. is releasing a new test version of Internet Explorer, the market-leading Web browser that is facing competition from smaller players. The new beta, available Tuesday for free download to English-languages customers, includes fixes for problems that were causing Internet Explorer 7 to stop working, said Dean Hachamovitch, general manager in charge of Internet Explorer development. With the previous test version, Hachamovitch said the most common problems reported involved banking and news sites, in part because of security changes. Improving security can be tricky since any changes can cause legitimate Web sites to stop working, frustrating users.

read more

Five new vulnerabilities in Mac OS X

Tuesday, April 25, 2006
A researcher has discovered a new round of holes in Mac OS X, further proof that hackers are starting to look beyond the Windows landscape for exploit opportunities. The flaws, discovered by Tom Ferris of the Security-Protocols blog, can lead to DoS attacks, said monitoring service Secunia, which rated the vulnerabilities highly critical on Friday. Some of the errors can be exploited when the Safari browser processes malformed HTML tags or GIF images on a malicious website or when Safari decompresses malformed ZIP archives in the Finder. Ferris, who included proof-of-concept exploit code in his posting, said he notified Apple about the flaws early this year and has been told they "will be fixed in the next security release." As users await patches, Secunia recommends they avoid untrusted websites and do not open ZIP archives or images originating from unknown sources.

read more

Windows to Linux, and vice versa

These days, the "revolution" is all about Linux. The word alone has become a catchcry for everything anti-establishment, anti-Bill, and anti-licensing fees. If you listen to the hype, it's being used everywhere, in businesses of all sizes, to do everything but make the coffee. Just because everybody's using Linux, however, doesn't mean everybody's happy for that fact to be known, as I found recently while looking for potential candidates for this special report about companies that had made the switch from Windows and Linux, and vice versa. Based on the ongoing enthusiasm about Linux, I presumed it would be simple to find companies just busting to tell how they'd ditched their Microsoft server software and moved onto Linux servers. Everybody's doing it, after all, aren't they? Unfortunately, only Wotif.com -- a last-minute accommodation Web site due to be listed this year -- was willing to tell its story.

read more

Linux Performance Tuning

Why tune my system? This is probably the first thing you want to know. When a distribution is packaged and delivered to clients, it is designed to be fully compatible with most of the computers available in the market. This is a very heterogeneous set of hardware (hard disks, video cards, network cards, etc.). So distribution vendors like Red Hat, SuSe, Mandriva and the rest of them choose some conservative configuration options to assure a successful installation. For instance, probably you have a very advanced hard disk with some special features that are not being used due to standard configuration settings. To summarize: your linux distribution goes well… but it can goes even better! For instance, probably you have a very advanced hard disk with some special features that are not being used due to standard configuration settings.

read more

'World of Warcraft' battles server problems

With 6 million subscribers, each of whom pays $15 a month, Blizzard Entertainment's online game "World of Warcraft" has become a billion-dollar enterprise. Now comes the hard part: Making sure WoW is always up and running. Some players are angered by ongoing server problems that have led the game to crash without warning while they were playing. Complaints have also surfaced about long lag times and frustrating waits to even play. Despite Blizzard's contention that it's been keeping WoW customers informed of system problems at all times, some players contend that the company has been slow to react to complaints and reluctant to offer support when problems arise. According to players, the problems have been especially acute since Blizzard implemented its last major patch to WoW, in late March. At that time, the company acknowledged it had some temporary server problems but said they'd resolve themselves within hours. But some players say that ever since then, they're routinely encountered "urgent maintenance" that can result in being booted from the game at any time.

read more

Firefox to overtake Internet Explorer by Dec-2007

So it seems that not only has the percentage of Firefox users been increasing for the last 2.5 year but the rate of increase in the percentage of users has also been increasing.

read more

iPod Sync Comes to Linux

Linspire Inc's Developer Duane Maxwell recently released libipod for Linux which allows you to develop programs to load ipods up with music files in the same manner as iTunes. This has worked pretty well with Ltunes which also has been released on sourceforge and will hopefully make it's way into other fine music management software for Linux.

read more