Lisa Vaas

NEW YORK—Edward G. Amoroso, chief security officer for AT&T, says most of us have no business running a network. Businesses infrastructures have allowed complexity to spread like a cancer, he says, and most times we simply dont know whats going out or coming in. “We have a service where we send out advanced notice that […]

NEW YORK—Forget what Microsoft says about Vista being the most secure version of Windows yet. More to the point, what do the hackers think of it? In a nutshell, they think its an improvement, but at the end of the day, its just like everything else they dissect—that is, breakable. “Not all bugs are being […]

Microsoft on March 11 released a new anti-malware engine to address the problem of Windows Live OneCare swallowing entire mail stores. Users had complained that Live OneCare, in its zeal to quarantine infected Outlook .pst files or Outlook Express .dbx files, was also quarantining clean mail files. It was doing such a good job of […]

Scotland Yard has foiled a planned attack on the British Internet by al-Qaeda, according to The Sunday Times. According to reports, authorities carried out a series of raids that netted computer files revealing that terrorist suspects had targeted a high-security Internet hub in London. Scotland Yard also arrested suspects who had allegedly targeted the headquarters […]

The Romanian hacker who goes by the handle of “Vladuz” on March 13, 10:53 EDT, was back on a German eBay forum, posing as an eBay adminstrator in spite of eBay’s claims that he had only stumbled across an internal e-mail once and managed to get the attached employee log-ins and passwords. Posting as “vladuzpower,” […]

Government domains are the safest out there, McAfee reported on March 12—unless your definition of “government” includes countries that arent the United States or Finland. According to the latest McAfee SiteAdvisor report, .gov is the only frequently tested domain for which SiteAdvisor found no risky sites. That domain is only available to United States government […]

Go Daddy was hit by “significant and sustained” distributed denial of service attacks on Sunday morning—not glitches caused by the switch to daylight-saving time, as the Internet Storm Center had postulated over the weekend. Go Daddy Chief Information Security Officer Neil Warner issued a statement saying that the DDoS attacks caused intermittent service disruptions to […]

The daylight-saving time switchover was indeed another Y2K—in other words, not much happened. The Internet Storm Center reported on Saturday and Sunday a handful of minor issues. One was time zones not updating on Windows 2003, XP or 2000. It looks like that was a glitch with the Windows DST2007 hotfix 931836. Technet has a […]

Sunbelt Software reported on March 7 that the Windows Live search engine in Italy had been taken over by malware writers, with some 95 percent of search results on “hot” keywords leading to “extremely nasty malware and exploit sites [including] rustock.b or Gromozon.” The next day, Symantec reported that it had found encrypted Javascript redirecting […]

The Securities and Exchange Commission said that its actions to freeze proceeds from a suspected high-tech pump-and-dump stock scheme and its suspension of stock trading on 35 companies touted in spam are two unrelated incidents. Others beg to differ. Dimitri Alperovitch, principal research scientist at Secure Computing, described such spamming and pump-and-dump schemes as part […]