Language Selection

English French German Italian Portuguese Spanish

The State Of Internet Security

Filed under
Web

E-mails from Nigeria asking for your help in transferring money. Important information about compromised bank accounts.

While the scams that daily flood our e-mail in-boxes show no signs of abating, there is some good news for the users who have to sort through them all. So says VeriSign in its latest "State of Internet Security" address covering the first three months of 2005.

Pharming, also known as DNS spoofing because it fools the domain-name system, is an alternative technique that tries to direct users to a fake Web site even when the correct address is entered into a browser. "It's as if you looked up a number in the phone book," says Phillip Hallan-Baker, a Web security expert at Verisign, "but someone somehow changed the number, managed to swap the phone book on you."

VeriSign's report lists ways to lock down DNS infrastructure to shut down pharming. It encourages administrators to upgrade their DNS software and to install cryptography solutions. Hallan-Baker feels that pharming attacks that depend on cached information could be eliminated fairly easily. Pharming attacks infrastructure, so the company in charge of that segment could prevent further attacks by upgrading necessary components.

Full Story.

More in Tux Machines

Security Leftovers

  • Windows flaw lets attackers take over A-V software

    A 15-year-old flaw in every version of Windows right from XP to Windows 10 allows a malicious attacker to take control of a system through the anti-virus software running on the system.

  • Google Continues to Make Strides in Improving Android Security
  • Google cites progress in Android security, but patching issues linger
  • Dark Matter
    Today, March 23rd 2017, WikiLeaks releases Vault 7 "Dark Matter", which contains documentation for several CIA projects that infect Apple Mac Computer firmware (meaning the infection persists even if the operating system is re-installed) developed by the CIA's Embedded Development Branch (EDB). These documents explain the techniques used by CIA to gain 'persistence' on Apple Mac devices, including Macs and iPhones and demonstrate their use of EFI/UEFI and firmware malware. Among others, these documents reveal the "Sonic Screwdriver" project which, as explained by the CIA, is a "mechanism for executing code on peripheral devices while a Mac laptop or desktop is booting" allowing an attacker to boot its attack software for example from a USB stick "even when a firmware password is enabled". The CIA's "Sonic Screwdriver" infector is stored on the modified firmware of an Apple Thunderbolt-to-Ethernet adapter.

today's howtos

Kernel Space/Linux

Red Hat News