Lisa Vaas

Way to go, vendors of low-end routers and intrusion detection and prevention systems—youre a stumbling block on Bechtels path to the next-generation Internet. “Were doing [both IPv4 and the next-generation IPv6 networks], and we anticipate doing both for a number of years,” said Fred Wettling, a Bechtel Fellow who manages technology standards and is sponsoring […]

Microsoft will patch seven security flaws, including the critical DNS server flaw, outlined in its 935964 advisory, on Patch Tuesday—May 8. The DNS patch is one of seven security bulletins to be released. The batch covers Windows, Office, Exchange, BizTalk and CAPICOM—the last of which is a security technology that allows Visual Basic, Visual Basic […]

JPMorgan Chase on May 4 confirmed that the papers pulled from its trash cans by Service Employees International Union representatives are legitimate bank documents. The documents taken from the trash by the SEIU included loan applications and other documents containing confidential information such as names, Social Security numbers, bank transaction histories and phone numbers. John […]

After receiving copies of documents pulled from the trash earlier this week, JPMorganChase will be contacting customers whose identities may have been compromised. The documents included what looks like loan applications and other paper printouts. They were taken from the trash by the SEIU (Service Employees International Union), according to Tom Kelly, a media representative […]

April saw the emergence of company character assassination spam, image spam variations and the dominance of Mal/Iframe—malware that crawls legitimate sites for holes into which it can inject malicious code—according to monthly wrap-up reports from Symantec and Sophos. Doug Bowers, senior director of anti-abuse engineering at Symantec, said that newly detected spam that libels a […]

In a worldwide kickoff event that involved 50,000 people, Microsoft on May 2 launched the client piece of its aggressive client-server-edge enterprise security software push, which the company branded as its Forefront line at the Boston TechEd show in June 2006. In a keynote address to business customers and partners in Los Angeles, Microsoft Senior […]

Apple has stitched up the hole in QuickTime that allowed hackers at the CanSecWest security show to take over a MacBook Pro in a Pwn-2-Own contest on April 20. The zero-day vulnerability was discovered by Dino Dai Zovi, a principal at security firm Matasano Security, who then passed it on to his accomplice on-site at […]

E-Gold, what F-Secure calls a “very prominent” digital currency for criminals, has been indicted for money laundering, conspiracy and operating an unlicensed money transmitting business. According to an indictment, handed down by a Washington federal grand jury and unsealed on April 27, E-Gold is a preferred method of payment by investment scammers, credit card and […]

Google has shuttered AdWord accounts that have been serving up malware while masquerading as known and trusted sites, such as Better Business Bureau and cars.com. One of the malicious sponsored AdWord sites, BBB.org, was showing up as the top sponsored result as of April 23 when Exploit Prevention Labs Googled the word “BetterBusinessBureau.” (For a […]

A New York teenager with a grudge has admitted to hacking AOL, getting into its internal networks and databases, planting a Trojan, and spear phishing 60 accounts out of AOL employees and subcontractors—all because “they took away my accounts and wouldn’t give them back.” The Manhattan District Attorney’s office has filed charges against 17-year-old Mike […]