Archives
Clickjacking: Big Problem, Not Much Solution (Yet)
This week’s security threat: clickjacking.
Clickjacking is the latest in a series of security threats to web surfers. The United States Computer Emergency Readiness Team (US-CERT) issued a warning about clickjacking on September 26, and the news has spread quickly. This is a crime in which hackers hide behind harmless-looking websites so that people who visit them might be [...]
read more from " Clickjacking: Big Problem, Not Much Solution (Yet) "
Another spam attack, another lesson in not clicking every link in your email
Last Tuesday, a new spam attack was launched via email. This harmless-looking message claims to contain top 10 lists from CNN.com, but when a user clicks on the link in the email, a pop-up tells the user that they need to install the newest version of Flash to view the list. The pop-up doesn’t allow the option of canceling the [...]
read more from " Another spam attack, another lesson in not clicking every link in your email "
What Color is Your Hat?
This week in Las Vegas, Internet security professionals from across the country converged for Black Hat USA 2008. The many briefings and trainings that were offered covered a variety of safety issues, such as phishing, malware, data theft, threats to the 2008 Presidential Election, and the DNS flaw we wrote about last week (Dan Kaminsky was in attendance to detail [...]
The DNS Flaw that Nobody Saw (Until Now)
The news in online privacy this week has to do with a recently-publicized flaw in Domain Name System (DNS) caches.
DNS is what takes the website names we type into a browser and translates them into the IP (numerical) addresses that actually take us to the websites we want. Since a web address (say, privacycouncil.org) is easier to remember than [...]
