MD5 considered harmful today

MD5 attacks and proof of concepts. Read more...

SF engineer to stand trial in hijacked network

A network administrator will stand trial for allegedly hijacking the network he designed and maintained for the city of San Francisco. Read more...

2009: Netbook or notebook?

CNET 's review of HP's Netbook and Apple's Notebook. Read more...

MIT students to help Boston secure subway fare system

Three MIT students who were sued by the Massachusetts Bay Transit Authority over their research into subway card vulnerabilities are now working with the transit authority to improve the fare collection system. Read more...

IMF Hacked

Another major international financial institution has had its computer system attacked by unknown cyber-hackers, FOX News has learned. Read more...

Hacking The Hill

How the Chinese -- or someone -- hacked into House of Representatives computers in 2006, and what it will take to keep out the next electronic invader. Read more...

by Shane Harris

Serious security flaw found in IE

"Users of Microsoft's Internet Explorer are being urged by experts to switch to a rival until a serious security flaw has been fixed." Read more...

Tools/Info:ICMP Types

ICMP TYPE NUMBERS

(last updated 2008-02-13)

Registries included below:
- ICMP Type Numbers
- Code Fields
- ICMP Extension Objects Classes


The Internet Control Message Protocol (ICMP) has many messages that
are identified by a "type" field.

Type Name     Reference
---- -------------------------  ---------
0 Echo Reply     [RFC792]
1 Unassigned        [JBP]
2 Unassigned        [JBP]
3 Destination Unreachable    [RFC792]
4 Source Quench      [RFC792]
5 Redirect     [RFC792]
6 Alternate Host Address       [JBP]
7 Unassigned        [JBP]
8 Echo      [RFC792]

More can be found in IANA

McAfee Virtual Criminology Report

"First, cybercrime isn’t yet enough of a priority for governments around the world to allow the fight against it to make real headway worldwide. Added to that, the physical threat of terrorism and economic collapse is diverting political attention elsewhere. In contrast, cybercriminals are sharpening their focus. Recession is fertile ground for criminal activity as fraudsters clamour to capitalize on rising use of the Internet and the climate of fear and anxiety. Are we in danger of irrevocably damaging consumer trust and, in effect, limiting the chances of economic recovery?

Second, cross border law enforcement remains a long-standing hurdle to fighting cybercrime.
Local issues mean laws are difficult to enforce transnationally. Cybercriminals will therefore always retain the edge unless serious resources are allocated to international efforts.

Third, law enforcement at every level remains ad hoc and ill-equipped to cope. While there has been progress, there is still a significant lack of training and understanding in digital forensics and evidence collection as well as in the law courts around the world. The cyberkingpins remain at large while the minor mules are caught and brought to justice. Some governments are guilty of protecting their in-country offenders. The findings suggest there is an ever greater need to harmonize priorities and coordinate police forces across physical boundaries.

The report concludes with a look at suggested steps at both the local and international level to make the fight against cybercrime more effective."

Read the full report at http://www.mcafee.com/us/local_content/reports/mcafee_vcr_08.pdf

Tools: Nmap Book is Out

"After promising you a book on Nmap for years, I'm delighted to finally announce the release of Nmap Network Scanning! It contains everything I've learned about network scanning from more than a decade of Nmap development, plus some bad jokes and (over Time Warner's written objections) pictures of Trinity hacking the Matrix :)." - Fyodor


Order at Amazon.com now!!!

DNS Pharming Attacks Using Rogue DHCP

"Following Dan Kaminsky’s research on DNS insecurities, we saw attackers racing with their DNS servers to hijack network connections. It was only a matter of time before the bad guys decided that racing against DNS was not enough." Read more...

Hackers Hijacked Large E-Bill Payment Site

"Hackers on Tuesday hijacked the Web site CheckFree.com, one of the largest online bill payment companies, redirecting an unknown number of visitors to a Web address that tried to install malicious software on visitors' computers, the company said today." Read more...

Vietnamese security firm: Your face is easy to fake

"I've been impressed by this new way to log in and have found it to be so much more convenient than the fingerprint reader of my Dell XPS 1330. The finger scanner is a pain when my finger is wet or dirty. Unfortunately, on Tuesday I discovered that this new and exciting technology may not be such an effective security measure". Read more...

Apple is recommending that Mac users install antivirus software

"But don't read this as an admission that the Mac operating system is suddenly insecure. It's more a recognition that Mac users are vulnerable to Web application exploits, which have replaced operating system vulnerabilities as the bigger threat to computer users." Read more ...