Skip to main content

Home/ Trawling The Net/ Group items tagged security

Rss Feed Group items tagged

Filter: All | Bookmarks | Topics Simple Middle
Skeptical Debunker

Technology Review: Mapping the Malicious Web - 1 views

www.technologyreview.com/...24705

Fireshark security monitoring software web connections

shared by Skeptical Debunker on 11 Mar 10 - Cached
  • Now a researcher at Websense, a security firm based in San Diego, has developed a way to monitor such malicious activity automatically. Speaking at the RSA Security Conference in San Francisco last week, Stephan Chenette, a principal security researcher at Websense, detailed an experimental system that crawls the Web, identifying the source of content embedded in Web pages and determining whether any code on a site is acting maliciously. Chenette's software, called FireShark, creates a map of interconnected websites and highlights potentially malicious content. Every day, the software maps the connections between nearly a million websites and the servers that provide content to those sites. "When you graph multiple sites, you can see their communities of content," Chenette says. While some of the content hubs that connect different communities could be legitimate--such as the servers that provide ads to many different sites--other sources of content could indicate that an attacker is serving up malicious code, he says. According to a study published by Websense, online attackers' use of legitimate sites to spread malicious software has increased 225 percent over the past year.
  • Skeptical Debunker on 11 Mar 10
     
    Over the past couple of years, cybercriminals have increasingly focused on finding ways to inject malicious code into legitimate websites. Typically they've done this by embedding code in an editable part of a page and using this code to serve up harmful content from another part of the Web. But this activity can be difficult to spot because websites also increasingly pull in legitimate content, such as ads, videos, or snippets of code, from outside sites.
fishead ...*∞º˙

Report: Programmer Conned CIA, Pentagon Into Buying Bogus Anti-Terror Code | Threat Lev... - 0 views

www.wired.com/...montgomery-2

shared by fishead ...*∞º˙ on 31 Dec 09 - Cached
  • fishead ...*∞º˙ on 31 Dec 09
     
    "A programmer who claims he produced software that detected hidden terrorist messages in Al Jazeera broadcasts was apparently responsible for a false alert in 2003 that grounded international flights. The 2003 incident raised the government's security level, according to a remarkable story published by Playboy. The developer also allegedly faked software demonstrations and conned the Pentagon into investing in a program that fellow workers suspect never existed or couldn't do what the developer claimed. In December 2003, DHS secretary Tom Ridge announced a terror alert based on intelligence from "credible sources" about imminent attacks that "could either rival or exceed what we experienced on September 11." Dozens of French, British and Mexican commercial "flights of interest" were canceled, and news agencies were reporting that the threats extended to "power plants, dams and even oil facilities in Alaska." Playboy says the source of the intelligence was never revealed publicly. But the evidence points to Dennis Montgomery, who had convinced the government that Al Jazeera - the Qatari-owned TV network - was unwittingly transmitting attack orders to Al Qaeda sleeper cells concealed in video it broadcast."
fishead ...*∞º˙

The True Odds of Airborne Terror Chart - Odds of Airborne Attacks - Gizmodo - 0 views

gizmodo.com/...-odds-of-airborne-terror-chart

shared by fishead ...*∞º˙ on 10 Jan 10 - Cached
  • As you can see, the chances are very slim. As slim as the chances of the new security rules having any real effect in preventing any new attacks, sadly.
fishead ...*∞º˙

GRC | ShieldsUP! - Internet Vulnerability Profiling - 0 views

www.grc.com/ne.dll

shared by fishead ...*∞º˙ on 08 Apr 10 - Cached
  • Please take just a moment to read and consider these three points:Your use of the Internet security vulnerability profiling services on this site constitutes your FORMAL PERMISSION for us to conduct these tests and requests our transmission of Internet packets to your computer. ShieldsUP!! benignly probes the target computer at your location. Since these probings must travel from our server to your computer, you should be certain to have administrative right-of-way to conduct probative protocol tests through any and all equipment located between your computer and the Internet.NO INFORMATION gained from your use of these services will be retained, viewed or used by us or anyone else in any way for any purpose whatsoever.If you are using a personal firewall product which LOGS contacts by other systems, you should expect to see entries from this site's probing IP addresses: 4.79.142.192 -thru- 4.79.142.207. Since we own this IP range, these packets will be from us and will NOT BE ANY FORM OF MALICIOUS INTRUSION ATTEMPT OR ATTACK on your computer. You can use the report of their arrival as handy confirmation that your intrusion logging systems are operating correctly, but please do not be concerned with their appearance in your firewall logs. It's expected.
1 - 5 of 5
Showing 20 items per page