Brett Glass

One of the most common causes of network security breaches is easily guessable or insecure passwords. Many users choose common names or words that are in any dictionary; others use the same passwords everywhere or write them down where they can be discovered. Wouldnt it be great if you never had to remember another password? […]

Using an instant messenger (IM) program seems like a harmless way to have a conversation. Unfortunately, IM can be exploited to damage, commandeer, or infect your machine. Attacks on IM programs (such as MSN Messenger, AIM, ICQ, and so on) fall into the same categories as other network attacks. Some attacks take advantage of bugs […]

With worms such as Blaster prowling the Net, every user ought to know the ways a computer may be exposing itself to attacks. One of the simplest but most vital tests you can do to determine potential vulnerabilities is to find out which ports your PC has open to the outside world. ZIFFPAGE TITLEWhats a […]

According to Wired News, teenage hackers claim to have used “social engineering” — i.e. fast talk and subterfuge — to compromise security at America Online. The Wired article says that the youths have discovered ruses that allow them to convince AOLs support staff to reset passwords on accounts. The crackers also claim to have gained […]

Windows guru Brian Livingston reports that inserting a Windows 2000 CD into an XP system allows one to bypass all password protection and manipulate any part of the machine at will. “Anyone with a Windows 2000 CD can boot up a Windows XP box and start the Windows 2000 Recovery Console,” says Livingston. The intruder […]

Older versions of the Internet JunkBuster Web proxy — which blocks Web banner ads — are reportedly being used to relay spam. Early versions of the product, though not the most recent, may be subject to attack if the administrator does not take precautions to block unauthorized access. In particular, version 2.0-1 of the product, […]

A recent incident at Boston College demonstrates why its a bad idea to use public Internet kiosks, or browsers at cybercafes, for anything but general Web browsing. According to this article, a student at the school was arrested for planting snoopware on computers in public areas. He then used passwords gathered from the machines to […]

According to an advisory and press release from security firm PivX Labs, online gaming systems created by Epic Games are vulnerable to “a laundry list” of dangerous exploits. According to the researchers, the vulnerabilities in Epics Unreal Gaming Engine include “local and remote DoS, DDoS, bounce attacks with spoofed UDP packets, fake players, execution of […]

This week, GreyMagic Software reported several serious security holes in the Opera 7.0 browser. Opera — unlike other companies with seemingly endless turnaround times on bug reports — fixed the vulnerabilities in only 5 days, releasing Opera 7.01. Another bug related to Opera has only been partially fixed, but Opera Software can hardly be blamed […]

In Part 1, we laid out some of the reasons why we suspected problems with Intuits implementation of digital rights management with its Turbo Tax problem, and explored some of the issues that surfaced during installation. Now lets look closely at what happens when you actually try to use the product. After installing TurboTax, we […]