Sunday, 10 January 2010
iRemove Amsterdam Now Open!
iRemove Amsterdam NOW OPEN!
Having problems with your computer?
Is your system running slow or doesn't start properly?
Worried about personal online security and want to protect yourself against the newest threats of 2010?
Is your computer filled with Viruses, Spamware and Adware & any other types Malware?
Then visit iRemove Amsterdam. Virus & Malware removal specialists, we can help.
Fast & freindly service, NO FIX NO FEE!
Our Services include:
* Virus & Malware Removal
* Computer Safe & Secure Setup
* Home Network Secure Setup (wired & Wireless)
* Remote Assistance & online help
* Fresh Operating System Installation (including "Windows 7")
* Data Backup & Recovery
* Online Store
* Advanced Tutorials in Online Protection & Security
* Local Password recovery (including MSN, AIM, Windows Login, WEP & WPA)
House calls available : 30.00EU per Hour
No travel cost inside Amsterdam
Contact us for a price list of operating systems. email :infected@iremove.nl
Securing & Protecting Local Amsterdam, Byte by Byte. Online, At Home or Pickup & Delivery.
Having problems with your computer?
Is your system running slow or doesn't start properly?
Worried about personal online security and want to protect yourself against the newest threats of 2010?
Is your computer filled with Viruses, Spamware and Adware & any other types Malware?
Then visit iRemove Amsterdam. Virus & Malware removal specialists, we can help.
Fast & freindly service, NO FIX NO FEE!
Our Services include:
* Virus & Malware Removal
* Computer Safe & Secure Setup
* Home Network Secure Setup (wired & Wireless)
* Remote Assistance & online help
* Fresh Operating System Installation (including "Windows 7")
* Data Backup & Recovery
* Online Store
* Advanced Tutorials in Online Protection & Security
* Local Password recovery (including MSN, AIM, Windows Login, WEP & WPA)
House calls available : 30.00EU per Hour
No travel cost inside Amsterdam
Contact us for a price list of operating systems. email :infected@iremove.nl
Securing & Protecting Local Amsterdam, Byte by Byte. Online, At Home or Pickup & Delivery.
Heartland to pay up to $60M to Visa over breach
By Grant Gross
IDG News Service
January 8, 2010
Heartland Payment Systems will pay up to $60 million to issuers of Visa credit and debit cards for losses they incurred from a 2008 data breach at the large payment processor.
The settlement between Heartland and Visa, announced today, will offer card issuers "an immediate recovery with respect to losses they may have incurred from the Heartland intrusion," Ellen Richey, Visa's chief enterprise risk officer, said in a statement.
Heartland disclosed the breach a year ago. The U.S. Department of Justice has charged Albert Gonzalez and several other accomplices with the data breach, and Heartland was one of several companies they broke into using SQL injection attacks. Gonzalez and his associates stole more than 130 million credit card numbers from Heartland, prosecutors alleged.
Gonzalez pleaded guilty in the Heartland case and in two other data breach cases. In the Heartland case, he pleaded guilty in December to two counts of conspiracy and will receive a prison term of at least 17 years.
IDG News Service
January 8, 2010
Heartland Payment Systems will pay up to $60 million to issuers of Visa credit and debit cards for losses they incurred from a 2008 data breach at the large payment processor.
The settlement between Heartland and Visa, announced today, will offer card issuers "an immediate recovery with respect to losses they may have incurred from the Heartland intrusion," Ellen Richey, Visa's chief enterprise risk officer, said in a statement.
Heartland disclosed the breach a year ago. The U.S. Department of Justice has charged Albert Gonzalez and several other accomplices with the data breach, and Heartland was one of several companies they broke into using SQL injection attacks. Gonzalez and his associates stole more than 130 million credit card numbers from Heartland, prosecutors alleged.
Gonzalez pleaded guilty in the Heartland case and in two other data breach cases. In the Heartland case, he pleaded guilty in December to two counts of conspiracy and will receive a prison term of at least 17 years.
Don't Wait To Lock Down DB2
By Ericka Chickowski
DarkReading
Special to Dark Reading
Jan 08, 2010
As pundits ponder how IBM will leverage its acquisition of database security vendor Guardium to add more security features and functionalities to its in-house DB2 databases, now is the time for organizations to re-examine their DB2 security strategies. But many haven't even tapped the security features they already have available in DB2.
Many organizations don't take advantage of the existing capabilities that DB2 provides for locking down access to information, IBM executives say. Among DB2's extant security controls, some of the most powerful features that organizations often leave untouched -- to their detriment
-- revolve around access control. These include two biggies: utilities label-based access control (LBAC) and trusted context.
LBAC, which is designed to offer fine-grained access control, lets DB2 administrators extend controls over data that reach far beyond the simple masking of rows or columns. Administrators can use LBAC to control table objects by attaching security labels to them. Users who try to access these objects must have the corresponding security label granted to them in order to view that data.
"I think that's one of the newer areas where, in my experience with clients, they haven't leveraged a lot of it yet," says Jim Lee, director of product management and strategy for IBM's Information Management division. "I think LBAC is not commonly used today."
DarkReading
Special to Dark Reading
Jan 08, 2010
As pundits ponder how IBM will leverage its acquisition of database security vendor Guardium to add more security features and functionalities to its in-house DB2 databases, now is the time for organizations to re-examine their DB2 security strategies. But many haven't even tapped the security features they already have available in DB2.
Many organizations don't take advantage of the existing capabilities that DB2 provides for locking down access to information, IBM executives say. Among DB2's extant security controls, some of the most powerful features that organizations often leave untouched -- to their detriment
-- revolve around access control. These include two biggies: utilities label-based access control (LBAC) and trusted context.
LBAC, which is designed to offer fine-grained access control, lets DB2 administrators extend controls over data that reach far beyond the simple masking of rows or columns. Administrators can use LBAC to control table objects by attaching security labels to them. Users who try to access these objects must have the corresponding security label granted to them in order to view that data.
"I think that's one of the newer areas where, in my experience with clients, they haven't leveraged a lot of it yet," says Jim Lee, director of product management and strategy for IBM's Information Management division. "I think LBAC is not commonly used today."
Mac OS X Vulnerability Posted
By Thomas Claburn
InformationWeek
January 8, 2010
Proof of concept exploit code was posted today by a security researcher at SecurityReason to demonstrate a vulnerability in versions 10.5 and
10.6 of Apple's Mac OS X operating system.
The vulnerability is a potential buffer overflow error arising from the use of the strtod function Mac OS X's underlying Unix code. It was first reported by researcher Maksymilian Arciemowicz last June.
SecurityReason's advisory describes a flaw in the libc/gdtoa code in OpenBSD, NetBSD, FreeBSD, and MacOS X, as well as Google Chrome, Mozilla Firefox and other Mozilla software, Opera, KDE, and K-Meleon.
SecurityReason's advisory rates the vulnerability's risk as "high" and claims that the flaw can be exploited by a remote attacker.
A spokesperson for SecurityReason wasn't immediately available to characterize the likelihood that this vulnerability could be exploited.
InformationWeek
January 8, 2010
Proof of concept exploit code was posted today by a security researcher at SecurityReason to demonstrate a vulnerability in versions 10.5 and
10.6 of Apple's Mac OS X operating system.
The vulnerability is a potential buffer overflow error arising from the use of the strtod function Mac OS X's underlying Unix code. It was first reported by researcher Maksymilian Arciemowicz last June.
SecurityReason's advisory describes a flaw in the libc/gdtoa code in OpenBSD, NetBSD, FreeBSD, and MacOS X, as well as Google Chrome, Mozilla Firefox and other Mozilla software, Opera, KDE, and K-Meleon.
SecurityReason's advisory rates the vulnerability's risk as "high" and claims that the flaw can be exploited by a remote attacker.
A spokesperson for SecurityReason wasn't immediately available to characterize the likelihood that this vulnerability could be exploited.
RSA crypto defiled again, with factoring of 768-bit keys
By Dan Goodin in San Francisco
The Register
7th January 2010
Yet another domino in the RSA encryption scheme has fallen with the announcement Thursday that cryptographers have broken 768-bit keys using the widely used public-key algorithm.
An international team of mathematicians, computer scientists and cryptographers broke the key though NFS, or number field sieve, which allowed them to deduce two prime numbers that when multiplied together generated a number with 768 bits. The discovery, which took about two-and-a-half years and hundreds of general-purpose computers, means 768-bit RSA keys can no longer be counted on to encrypt or authenticate sensitive communications.
More importantly, it means it's only a matter of another decade or so - sooner assuming there's some sort of breakthrough in NFS or some other form of mathematical factoring - until the next largest RSA key size, at
1024 bits, is similarly cracked. The accomplishment was reached on December 12.
"It's an important milestone," said Benjamin Jun, vice president of technology at security consultancy Cryptography Research. "There's indisputable evidence here that 768-bit key are not enough. It's a pretty interesting way to close out a decade."
The Register
7th January 2010
Yet another domino in the RSA encryption scheme has fallen with the announcement Thursday that cryptographers have broken 768-bit keys using the widely used public-key algorithm.
An international team of mathematicians, computer scientists and cryptographers broke the key though NFS, or number field sieve, which allowed them to deduce two prime numbers that when multiplied together generated a number with 768 bits. The discovery, which took about two-and-a-half years and hundreds of general-purpose computers, means 768-bit RSA keys can no longer be counted on to encrypt or authenticate sensitive communications.
More importantly, it means it's only a matter of another decade or so - sooner assuming there's some sort of breakthrough in NFS or some other form of mathematical factoring - until the next largest RSA key size, at
1024 bits, is similarly cracked. The accomplishment was reached on December 12.
"It's an important milestone," said Benjamin Jun, vice president of technology at security consultancy Cryptography Research. "There's indisputable evidence here that 768-bit key are not enough. It's a pretty interesting way to close out a decade."
Microsoft, Adobe prep critical security patches
By Elinor Mills
InSecurity Complex
CNET News
January 7, 2010
Microsoft will issue one bulletin on Patch Tuesday next week that is rated "critical" for Windows 2000.
The patch is designed to address a vulnerability that could allow an attacker to take control of a computer by remotely executing code on it, according to an advisory released Thursday. It is rated "low" severity for Windows 7, Vista, XP, Server 2003, and Server 2008 operating systems.
Meanwhile, Adobe Systems is scheduled to release a patch for a vulnerability in Adobe Reader and Acrobat on Tuesday that was discovered in mid-December and which is being exploited by attacks in the wild to deliver Trojan horse programs that install backdoor access on computers.
InSecurity Complex
CNET News
January 7, 2010
Microsoft will issue one bulletin on Patch Tuesday next week that is rated "critical" for Windows 2000.
The patch is designed to address a vulnerability that could allow an attacker to take control of a computer by remotely executing code on it, according to an advisory released Thursday. It is rated "low" severity for Windows 7, Vista, XP, Server 2003, and Server 2008 operating systems.
Meanwhile, Adobe Systems is scheduled to release a patch for a vulnerability in Adobe Reader and Acrobat on Tuesday that was discovered in mid-December and which is being exploited by attacks in the wild to deliver Trojan horse programs that install backdoor access on computers.
Go Card error investigated
Queensland's acting Premier Paul Lucas maintains Queensland's Go Card transport system is the envy of other states, but concedes the Government needs to do better.
An investigation is underway into how one person's Go Card credit was wrongly transferred to another person with the same name.
Two call centre employees have been stood down pending the outcome.
Mr Lucas says security protocols were not followed.
"People have raised a number of concerns about how the Go Card was rolled out in the last week or so and I've got to say we have to do better with that and Translink has got to make sure that it is doing everything in its power to make sure that people get appropriate and proper levels of service," he said.
"But having said that, we have a Go Card system that is the envy of other states."
An investigation is underway into how one person's Go Card credit was wrongly transferred to another person with the same name.
Two call centre employees have been stood down pending the outcome.
Mr Lucas says security protocols were not followed.
"People have raised a number of concerns about how the Go Card was rolled out in the last week or so and I've got to say we have to do better with that and Translink has got to make sure that it is doing everything in its power to make sure that people get appropriate and proper levels of service," he said.
"But having said that, we have a Go Card system that is the envy of other states."
Hackers deface 5th govt Web site, mock automated polls
By JERRIE ABELLA
GMANews.TV
01/11/2010
Another government Web site was found defaced Sunday night - the fifth attack since last month.
Hackers of the Technical Education and Skills Development Authority
(Tesda) Web site, however, took on a bolder approach by leaving a message that seemed to mock the upcoming automated elections.
“Ano ba gagamitin sa Election? Blade server? Juniper Firewall (what is going to be used in the elections? Blade server? Juniper firewall)?" the message read.
Before Tesda's, hackers had also victimized the Web sites of the Department of Health (DOH), Department of Social Welfare and Development (DSWD), National Disaster Coordinating Council (NDCC), and Department of Labor and Employment (DOLE).
MalacaƱang has expressed alarm over the series of hacking attacks on government Web sites, saying it raises new concerns about the security of the automated elections in May.
“Of course we are concerned. This is not just a problem in our country, this is not just something that has happened just recently, it's happening all over the country so this is certainly something that we are sensitive to as a matter of information policy within government,"
said deputy presidential spokesman Gary Olivar at a press conference last week.
Dirty finger
The hacked Tesda Web site also showed a black and white illustration of a man giving the “dirty finger" supposedly directed against several “abusive" military and police units.
A pair of bulging eyeballs also followed the pointer anywhere on the page, and background music was also set up on the site’s second web page to which it automatically transfers.
Aside from the derisive reference to the May elections, message of sympathy to a slain communist rebel and a potshot against an alleged abusive police officer also replaced the original contents of the site.
“Nakikiramay kami sa Iskolar ng Bayan, Freedom Fighter na si Kimay" (We sympathize with the death of scholar of the people, freedom fighter Kimay)" the hackers’ message read, referring to Kemberly Jul Luna, a young New People’s Army (NPA) cadre who was killed last December 15 in an encounter with the military in Bukidnon province.
The message also identified a certain PO1 Ramos as an “abusive" police officer.
The hackers also made the site automatically jump into a second page, which featured a background music; a job announcement supposedly from VenturesLink, one of the partners of Smartmatic-TIM in the automation of the elections, inviting technicians across the country to be part of its team; a quote from the Hacker Manifesto, a short essay written by well-known hacker Lloyd Blankenship after he was arrested in 1986.
GMANews.TV
01/11/2010
Another government Web site was found defaced Sunday night - the fifth attack since last month.
Hackers of the Technical Education and Skills Development Authority
(Tesda) Web site, however, took on a bolder approach by leaving a message that seemed to mock the upcoming automated elections.
“Ano ba gagamitin sa Election? Blade server? Juniper Firewall (what is going to be used in the elections? Blade server? Juniper firewall)?" the message read.
Before Tesda's, hackers had also victimized the Web sites of the Department of Health (DOH), Department of Social Welfare and Development (DSWD), National Disaster Coordinating Council (NDCC), and Department of Labor and Employment (DOLE).
MalacaƱang has expressed alarm over the series of hacking attacks on government Web sites, saying it raises new concerns about the security of the automated elections in May.
“Of course we are concerned. This is not just a problem in our country, this is not just something that has happened just recently, it's happening all over the country so this is certainly something that we are sensitive to as a matter of information policy within government,"
said deputy presidential spokesman Gary Olivar at a press conference last week.
Dirty finger
The hacked Tesda Web site also showed a black and white illustration of a man giving the “dirty finger" supposedly directed against several “abusive" military and police units.
A pair of bulging eyeballs also followed the pointer anywhere on the page, and background music was also set up on the site’s second web page to which it automatically transfers.
Aside from the derisive reference to the May elections, message of sympathy to a slain communist rebel and a potshot against an alleged abusive police officer also replaced the original contents of the site.
“Nakikiramay kami sa Iskolar ng Bayan, Freedom Fighter na si Kimay" (We sympathize with the death of scholar of the people, freedom fighter Kimay)" the hackers’ message read, referring to Kemberly Jul Luna, a young New People’s Army (NPA) cadre who was killed last December 15 in an encounter with the military in Bukidnon province.
The message also identified a certain PO1 Ramos as an “abusive" police officer.
The hackers also made the site automatically jump into a second page, which featured a background music; a job announcement supposedly from VenturesLink, one of the partners of Smartmatic-TIM in the automation of the elections, inviting technicians across the country to be part of its team; a quote from the Hacker Manifesto, a short essay written by well-known hacker Lloyd Blankenship after he was arrested in 1986.
Subscribe to:
Posts (Atom)