News and Analysis Results
DARPA inks $2m deal for vat-grown artificial blood tech
An American biotech company has been awarded a $2m deal to produce "blood pharming" technology for the US military. The proposed kit would allow US forces to grow large supplies of genuine human blood in tanks, for use in transfusions to help wounded troops. The "pharming" programme is being run, of course, by renowned Pentagon …
Web browsers face crisis of security confidence
User beware. Today's web browsers offer more security protections than ever, but according to security experts, they do little to protect people surfing the net from some the web's oldest and most crippling threats. Like nuclear stockpiles during the Cold War, new safety features amassed in Firefox, Internet Explorer and Opera …
Scientologist ASBOed for being over 36
A man dubbed "Leeds’s dumbest criminal" has been served with an ASBO forbidding him from posting videos of criminal activity on the internet. Andrew Kellett, 23, had been in the habit of showing off his exploits on YouTube, which made some of you wonder why he hadn't been convicted of the acts he seemed so proud of, and why he'd …
Spotted in the wild: Home router attack serves up counterfeit pages
A security researcher says he has observed criminals using a new form of attack that causes victims to visit spoofed banking pages by secretly making changes to their high-speed home routers. According to Symantec researcher Zulfikar Ramzan, the attack changes a router's settings controlling the domain name system server that …
DNS security improves as firms tool up to tackle spam
Domain name servers on the net are still often vulnerable to attacks despite some marked improvements, according to a new survey. Many organisations are making efforts to install the most recent versions of BIND and eliminate Microsoft DNS for external servers. But most still leave their systems open to denial of service and …
Stealth techniques push malware under the radar
Increased use of stealth techniques such as rootkits is leading to fewer reports of new viruses, according to a study by net security outfit VeriSign iDefense. Since 2003, VeriSign iDefense has been collecting and recording information on every uniquely identifiable malicious code, using public and private resources. Discovery …
SurfControl snaps up BlackSpider
UK-based net security firm SurfControl has bought email filtering firm BlackSpider for around £20m plus an agreement to take on £1.2m in short-term debts. SurfControl said the deal would allow it to add an on-demand email and web security service to its portfolio. BlackSpider said the agreement will help the sale of its …
Active cookies aim to thwart cyber-crooks
Boffins have come up with a new technique to protect users against more sophisticated forms of cybercrime. Indiana University School of Informatics and affiliated start-up RavenWhite have developed an "active cookie" as a countermeasure against online scams such as pharming and man-in-the-middle attacks. Phishing involves …
Rootkits, cybercrime and OneCare
The year 2005 in net security will likely be remembered as the year of the Sony rootkit DRM controversy. In other ways the last 12 months continued the trend of profit becoming a primary driver for the creation of computer viruses. The last 12 months also witnessed a number of high-profile cybercrime prosecutions, including the …
Cybercrims target Xmas shoppers
'Tis the Christmas season and while consumers are surfing the net looking for the perfect gift, fraudsters are lying in wait to trip them up. This year's holiday season is widely expected to generate more online sales than ever before, with consumers flocking to the internet looking for that elusive gift. Although using the …
Most DNS servers 'wide open' to attack
Four in five authoritative domain name system (DNS) servers across the world are vulnerable to types of hacking attacks that might be used by hackers to misdirect surfers to potentially fraudulent domains. A survey by net performance firm the Measurement Factory commissioned by net infrastructure outfit Infoblox of 1.3m internet …
Worm spoofs Google on infected PCs
Virus writers have developed a worm that spoofs the behaviour of internet search engine Google, varying the results displayed to suit the requirements of hackers. P2Load-A modifies the HOSTS file on infected PCs by replacing the original with a file downloaded from a remote website under the control of hackers. When users run a …
Internal security attacks affecting banks
Internal security breaches at the world's banks are growing faster than external attacks, as institutions invest in technology, instead of employee training. According to the 2005 Global Security Survey, published by Deloitte Touche Tohmatsu, 35 per cent of respondents said that they had encountered attacks from inside their …
MasterCard hack spawns phishing attack
Fraudsters have been quick to launch phishing attacks in a bid to cash in on the publicity surrounding a security breach involving MasterCard International that may affect up to 40 million credit card holders. The crude and misspelled phishing attack, spotted by Secure Computing, is unlikely to fool many but illustrates how …
Corporates focus on basics for IT security defences
IT departments in large organizations still see firewalls, intrusion detection and prevention, and anti-virus software as priority security defences despite recent hype about newer more exotic security technologies and threats, according to a survey by analysts Gartner. "Organisations are more concerned about viruses and worms …
Pharming casts shadow over rising ecommerce sales
Online sales jumped 31 per cent in the 12 months prior to March 2005, according to a study by net infrastructure firm VeriSign. Transactions settled by VeriSign Payment Services, which accounts for roughly 37 percent of North American ecommerce, reached $10.69bn between 1 January and 31 March 2005, a new record. The average …
Gartner lambasts security FUDmongers
Some organisations are holding back on the deployment of new technologies because of exaggerated IT security risks, according to Gartner. The analyst firm took aim at what it identified as the five most over-hyped threats at the end of a three-day IT security conference at its Stanford, Connecticut HQ, this week. According to …
Home PCs launch phishing attacks
Phishing attacks are growing more sophisticated as attackers devise ever more devious means to stay at least one step ahead of banks and others fighting the contain fraudulent scams, according to a study from The Honeynet Project. The report, Know your Enemy: Phishing, draws on data collected by the German Honeynet Project and …
Phishing gets personal
Fraudsters are using stolen information to lure victims into divulging additional sensitive information in a new form of phishing attack. These so-called personalised phishing attacks target individual named accountholders at specific banks, according to anti-fraud software firm Cyota. Crooks are using real information about …
Hushmail hit by DNS attack
Surfers trying to visit the web site of popular secure email service Hushmail were redirected to a false site early Sunday following a hacking attack. Hush Communications said hackers changed Hushmail's DNS records after "compromising the security" of its domain registrar (Network Solutions). These changes were undone after a …
Dirty, dirty PCs: The X-rated picture guide
Top 500 supers - rise of the Linux quad-cores
Early adopters bloodied by Ubuntu's Karmic Koala
Sign up, sign up for The Register IT security newsletter