Security for the masses

Skip to: Content | Sidebar | Footer

Month: November, 2009

Facebook email scam with PDF twist

26 November, 2009 (18:26) | Diagnosis, Prognosis, Treatment. | By: Blogkeep

Another facebook email scam in my mail box today, this time with a twist. As usual it was a html email. Header: From – Thu Nov 26 10:23:04 2009 X-Account-Key: account3 X-UIDL: UID112-1238682728 X-Mozilla-Status: 0001 X-Mozilla-Status2: 00000000 X-Mozilla-Keys: Return-path: Envelope-to: Delivery-date: Thu, 26 Nov 2009 07:39:15 +0000 Received: from ([]:4351) by REMOVED (return-path […]

Malicious iPhone worm

23 November, 2009 (12:09) | A cat called password. | By: Blogkeep

Jail broken iPhones that use the default ssh password are vulnerable to a new worm. The worm has the potential to access your private information, steal your SMS history and contact servers for the download of additional malware. The worm propagates by scanning various IP ranges including those of telco’s that provide the iPhone. Only […]

Risk assesment on cloud computing

20 November, 2009 (18:17) | A cat called password. | By: Blogkeep

I personally wouldn’t trust my data to the cloud, except maybe my grocery list. And although cloud computing does offer benefits to business in the form of reduced costs, scalability and the promise of 24×7 availability, can you really trust your data or indeed your whole business infrastructure to the cloud? What I have mentioned […]

NSA helped Microsoft with Windows 7 security

19 November, 2009 (16:05) | A cat called password. | By: Blogkeep

The NSA has been working with Microsoft to improve the security of Windows 7. There has been partnership between the NSA and Microsoft before. In 2007 NSA worked with Microsoft during the development of Windows Vista. They have cooperated as far back as at least 2005, when the NSA and other government agencies worked with […]

T-Mobile staff sold personal data

17 November, 2009 (19:05) | A cat called password. | By: Blogkeep

One of my concerns with respect to the storage of personal data on computer systems is the integrity of the custodians of that data. Although computer systems may never be made 100% secure, one can illicit some level of trust in the underlying hardware and software with regard to hackers and compromise from external sources. […]

Verisign to implement DNSSEC in 2011

17 November, 2009 (08:39) | A cat called password. | By: Blogkeep

Inherent insecurities with the Domain Name System which allow false values that can misdirect users to malicious sites are to be fixed by the early part of 2011. Verisign a respected provider of SSL certificates and Domain Name services plan to introduce DNSSEC, a protocol that will guarantee the origin and integrity of DNS data. […]

Fake Facebook email with link to “Update tool.exe” download

16 November, 2009 (22:38) | Diagnosis, Prognosis, Treatment. | By: Blogkeep

A short while ago I received an email requestng that I update my Facebook account, which was strange since I don’t have one. I followed the link in the email and downloaded a file called “Update Tool.exe”. I submitted the file to an online virus scanning service which at the time did not identify the […]