|
features post news
(SMS/Articles)
Recent News
Will Microsoft Corner the Desktop Security Market?
@ Jan 08 2009, 21:52 (UTC+0) | From: Kirt :
Microsoft plans to offer a free antivirus product, code-named "Morro", in the second half of this year, when the company removes Windows Live OneCare from the retail market.
Continued... |
|
Virus peddlers set up shop on Google code project
@ Jan 08 2009, 19:26 (UTC+0) | From: Kirt :
Internet scoundrels have begun abusing Google code hosting projects to distribute malware and promote smut.
Continued... |
|
Microsoft Releases Windows 7 Beta as a Free Download
@ Jan 08 2009, 09:05 (UTC+0) | From: gr00ve :
Microsoft's excitable CEO Steve Ballmer showed off Windows 7 - the slick, fast, user-friendly successor to the much-maligned Windows Vista - and said it will be available as a public beta on Friday.
Continued... |
|
AT&T moves closer to offering in-home cell base stations
@ Jan 08 2009, 05:34 (UTC+0) | From: Kirt :
AT&T is contacting some of its customers asking if they'd like to test an in-home extension to its cellular networks powered by a subscriber's own broadband—a femtocell.
Continued... |
|
Vista to Windows 7 upgrade date and details revealed
@ Jan 08 2009, 04:55 (UTC+0) | From: Kirt :
For everyone wanting a free upgrade to Windows 7, Microsoft finally has an answer.
Continued... |
|
Google Chocolate Factory now building routers?
@ Jan 08 2009, 04:47 (UTC+0) | From: Kirt :
As part of an ongoing effort to cover the Earth with its very own built-from-scratch internet, Google is now redesigning the router. Or so it seems.
Continued... |
|
Report: Phishing A Low-Paying, Low-Skills Job
@ Jan 08 2009, 00:14 (UTC+0) | From: gr00ve :
Economic analysis says phishing in the USA isn't as lucrative as once thought.
Continued... |
|
The Identity Theft Resource Center’s 2008 breach report
@ Jan 08 2009, 00:13 (UTC+0) | From: gr00ve :
Reports of data breaches increased dramatically in 2008. The Identity Theft Resource Center’s 2008 breach report reached 656 reported breaches at the end of 2008, reflecting an increase of 47% over last year’s total of 446.
Continued... |
|
Microsoft disables automatic IE 8 downloads
@ Jan 07 2009, 22:58 (UTC+0) | From: Kirt :
Microsoft will cushion you from the Internet Explorer 8 standards mess with software to prevent automatic download of its next browser to your machine.
Continued... |
|
Apple ties battery into MacBook Pro
@ Jan 07 2009, 21:34 (UTC+0) | From: Kirt :
New battery offers eight hours of operation, but is not removable from the case.
Continued... |
|
'Cybergeddon' fear stalks US: FBI
@ Jan 07 2009, 20:28 (UTC+0) | From: Kirt :
Cyber attacks pose the greatest threat to the United States after nuclear war and weapons of mass destruction - and they are increasingly hard to prevent, FBI experts said Tuesday.
Continued...
|
|
Researchers poke holes in Intel's anti-tampering tech
@ Jan 07 2009, 20:14 (UTC+0) | From: Kirt :
A practical attack on Intel's trusted execution technology (TXT) is due to be demonstrated at a hacking conference next month.
Continued... |
|
Spammers Help Push Google to Dubious Milestone
@ Jan 07 2009, 19:46 (UTC+0) | From: Kirt :
Google has moved up to Number Three on The Spamhaus Project's list of the world's worst spam problem networks.
Continued... |
|
Malware creeps into LinkedIn
@ Jan 07 2009, 19:43 (UTC+0) | From: Kirt :
A rash of fake profiles on business networking site LinkedIn could put users in danger of malware infection.
Continued... |
|
How To Beat Anti-Israel Hackers At Their Own Game
@ Jan 06 2009, 23:19 (UTC+0) | From: rssbot :
While the fighting goes on down south, Israel and the Arab world are engaged in another battle - a cyber one. And right now, we're not doing that well.
Continued... |
|
Videoconferencing services pick up where travel budgets leave off
@ Jan 06 2009, 23:18 (UTC+0) | From: rssbot :
The first round of layoffs has taken hold, your annual bonus seems like a cruel joke, and travel is off-limits. So how are you going to give your presentation next week in Omaha to show off your company's upcoming products to your biggest customer?
Continued... |
|
Chinese government to Web companies: No porn allowed
@ Jan 06 2009, 17:16 (UTC+0) | From: gr00ve :
In what amounts to a thinly veiled legal threat, the Chinese government has intensified its campaign against sexually explicit material online by instructing companies, including Google, to curb the availability of pornography.
Continued... |
|
Following The Twitter Hack Trail To DigitalGangster
@ Jan 06 2009, 17:12 (UTC+0) | From: gr00ve :
One thing that didn't make a lot of sense about the 33 celebrity Twitter accounts hacked this morning - the messages left on the various accounts weren't consistent and were clearly written by different people with different agendas.
Continued... |
|
FBI Launches Hiring Blitz to Fill Over 2,100 Vacancies
@ Jan 06 2009, 16:54 (UTC+0) | From: gr00ve :
FBI Launches Hiring Blitz to Fill Over 2,100 Vacancies
Continued... |
|
Encryption top IT security initiative in 2009
@ Jan 06 2009, 12:15 (UTC+0) | From: rssbot :
IT security budgets are increasing in 2009 to consume 12.6% of the entire IT operating budget, up from 11.7% in 2008, according to Forrester Research's survey of 942 IT and security managers in North America and Europe.
Continued... |
|
|
How does Ubuntu Linux differ from Debian?
@ Articles -> Link
Jan 08 2009, 00:11 (UTC+0) | by David M Williams
Bring up the topic of Ubuntu and you'll receive a mixed response from unexpected corners. No, it's not the Windows brigade, but the Debian crowd. So just how does Ubuntu differ from Debian to inflame such passion?
First things first: Ubuntu is a derivative work from Debian. It’s a Linux distro based on a pre-existing Linux distro. Let's be clear they're not like apples and oranges.
On the one hand, that sounds bizarre. On the other, it’s a perfect example of the GNU Public License at work: anyone is free to take open source software and rework it and redistribute it for the overall benefit of the community, if they believe they can make it better.
continued... |
|
An Israeli patriot program or a trojan
@ Articles -> Link
Jan 08 2009, 00:10 (UTC+0) | by Bojan Zdrnja
Recently we have been witnessing a rise of politically motivated hacking attacks by supporters both sides involved in military actions in Gaza. This was more or less expected, whenever two sides collide there will be people supporting them, even through various attacks on the Internet.
Over the weekend another site popped up, www.help-israel-win.com which is down at the moment. According to what was posted on the site, it was built by "a group of students who are tired of sitting around doing nothing".
The site asked visitors supporting Israel to download and install a file from the site (called PatriotInstaller.exe) that will help disrupt their enemy's efforts.
continued... |
|
Contingency Planning
@ Articles -> Link
Jan 08 2009, 00:07 (UTC+0) | I was a bit shocked to read about Adolf Merckle’s suicide yesterday. You just don’t see this sort of thing coming and I cannot even fathom the reasoning behind it. This has sent tremors through the market and certainly his holding company into dis-array for a while. It also reminded me of other similar events surrounding the last economic downturn, and that was kind of the ‘final straw’ that prompted this post. With many of the same signs and issues occurring as they did in the tech collapse of 2000-2002, few are eager to look at the downside, but it is time to spend a few minutes and verify contingency plans within your organization.
continued... |
|
JW on Test: the Zune Issue
@ Articles -> Link
Jan 07 2009, 04:20 (UTC+0) | As you can imagine there is a pretty lively debate going on over the Zune date math issue here in the hallways and on our internal mailing lists. There are plenty of places one can find analyses of the bug itself, like here, but I am more interested in the testing implications.
continued... |
|
The Pure Programming Language
@ Articles -> Link
Jan 05 2009, 02:15 (UTC+0) | Pure is a modern-style functional programming language based on term rewriting. It offers equational definitions with pattern matching, full symbolic rewriting capabilities, dynamic typing, eager and lazy evaluation, lexical closures, built-in list and matrix support and an easy-to-use C interface. The interpreter uses LLVM as a backend to JIT-compile Pure programs to fast native code.
continued... |
|
Maintenance
@ Site News
Jan 04 2009, 14:00 (UTC+0) | | The site is undergoing a minor upgrade. As a result some of the features and functionality of NO might be temporarily unavailable. Thank you for your patience and support. |
|
You can only sit down if you are a human being
@ Articles -> Link
Jan 04 2009, 10:01 (UTC+0) | One thing that's been annoying me for the last couple of days is CVE-2008-5499, AKA, 'super secret unknown vulnerability in Flash Player 9/10 for Linux'. Dave (of the Aitel persuasion) wanted to get this stuff into CEU before the year was over. So I finally sneaked in some time and decided the research involved makes for swell infotainment. Let's have a look.
continued... |
|
Scalable Datasets: Bloom Filters in Ruby
@ Articles -> Link
Jan 03 2009, 00:54 (UTC+0) | When you're working with large datasets it's always nice to have a few algorithmic tricks up your sleeve, and Bloom Filters are exactly that - often overlooked, but an extremely powerful tool when used in the right context. A Bloom Filter is a probabilistic data structure that is used to test whether an element is a member of a set, or more simply, it's an incredibly space efficient hash table that is often used as a first line of defense in high performance caches. Database queries too expensive? Then a Bloom Filter might help. As an example, Google's Bigtable uses a bloom filter as first lookup to avoid unnecessary disk accesses.
continued... |
|
Information regarding MD5 collisions problem
@ Articles -> Link
Jan 03 2009, 00:51 (UTC+0) | Today Microsoft released a security advisory (961509) regarding collisions in MD5 hashes on certificates. This specific problem affects the entire industry and is not a Microsoft specific vulnerability. Serious weaknesses in MD5 have been known for many years now; it is because of these weaknesses that MD5 is banned in new code under the Microsoft Security Development Lifecycle (SDL). Software developers are urged to migrate away from using MD4, MD5 and even SHA1 and use SHA-256 and later instead for hashing, signatures and message authentication codes..
continued... |
|
Creating a rogue CA certificate
@ Articles -> Link
Dec 31 2008, 00:04 (UTC+0) | We have identified a vulnerability in the Internet Public Key Infrastructure (PKI) used to issue digital certificates for secure websites. As a proof of concept we executed a practical attack scenario and successfully created a rogue Certification Authority (CA) certificate trusted by all common web browsers. This certificate allows us to impersonate any website on the Internet, including banking and e-commerce sites secured using the HTTPS protocol.
continued... |
|
Guide to Encrypted Dynamic Covert Channels
@ Articles -> Link
Dec 30 2008, 16:06 (UTC+0) | by Tyler Borland
Covert channels in TCP/IP communications are dying from the public and security field's eye. When I talk about covert channels, several security professionals/researchers ask me what it is or say something along the lines of, "Like Stegonagraphy?". Publicly available, mass used, and not fully understood by implementer(s) intrusion detection systems (and their rulesets) and stateful firewalls could be why little is known anymore about this subject. With great tools that setup an encrypted tunnel (cryptcat, VPN software, etc.) publicly available and rather simple to use, the publics eye will be on these for a while. Which means that I can have my fun with my new covert channel without much risk!
continued... |
|
Architecture of Privacy
@ Articles -> Link
Dec 29 2008, 15:43 (UTC+0) | IEEE Security & Privacy
January/February 2009
The Internet isn't really for us. We're here at the beginning, stumbling around, just figuring out what it's good for and how to use it. The Internet is for those born into it, those who have woven it into their lives from the beginning. The Internet is the greatest generation gap since rock and roll, and only our children can hope to understand it.
continued... |
|
Patterns and string processing in shell scripts
@ Articles -> Link
Dec 28 2008, 23:32 (UTC+0) | Shell programming is heavily dependent on string processing. The term string is used generically to refer to any sequence of characters; typical examples of strings might be a line of input or a single argument to a command. Users enter responses to prompts, file names are generated, and commands produce output. Recurring throughout this is the need to determine whether a given string conforms to a given pattern; this process is called pattern matching. The shell has a fair amount of built-in pattern matching functionality.
This article is excerpted from the newly published book Beginning Portable Shell Scripting.
continued... |
|
Splashtop: boot into Linux in just five seconds
@ Articles -> Link
Dec 28 2008, 23:30 (UTC+0) | I have a quad-core CPU, super-fast hard disks and heaps of RAM – Linux is already pretty darn nippy if you ask me!
Perhaps. But, let's face it: if it takes more than 30 seconds to get from pressing the power button to you reading your email, that's 30 seconds you could have spent chatting to the pretty lady in the cubicle next to you, reading the latest XKCD comic or – most importantly of all – basking in the glow of the most recent issue of Linux Format magazine.
continued... |
|
Episode 41 - Scam Hot Ladies at the Bar (Part 2)!
@ Articles -> Link
Dec 28 2008, 23:26 (UTC+0) | A while back, we taught you the importance of using easy, beatable puzzles to keep girls talking to you at the bar. Our Holiday gift to you is another set of "getting the girl" routines!
continued... |
|
Deliberately Insecure Web Applications For Learning Web App Security
@ Articles -> Link
Dec 28 2008, 23:24 (UTC+0) | What I needed were deliberately insecure web application designed for learning. With a little Googling I found quite a few. I plan to update this page as I have more time to test them, and I'd be glad to hear your comments and suggestions for additions to the list. While there may not be a deliberately insecure web application for your specific development environment, most common application vulnerabilities show a lot of platform overlap so they should still be useful in teaching you what to avoid when you code your applications.
continued... |
|
Security Trends of 2008 and Predictions for 2009
@ Articles -> Link
Dec 28 2008, 23:22 (UTC+0) | As a new year approaches we must prepare for new Internet security threats. Every year, new and innovative ways of attacking computer users emerge and continue to increase in volume and severity. To know where we are going it is helpful to look at where we have been. Finding trends in Internet security has become a valuable, if not necessary, action for companies developing software to protect computer users.
continued... |
|
Tech Description of Qemu and KVM VNC server remote DoS
@ Articles -> Link
Dec 28 2008, 23:13 (UTC+0) | Bugtraq ID: 32910
CVE Name: CVE-2008-2382
The VNC server of Qemu and KVM virtualization solutions are vulnerable to a remote DoS, when specially crafted packets are received by the host VNC server causing an infinite loop.
Successful exploitation causes the host server to enter an infinite loop and cease to function. The vulnerability can be triggered remotely by external hosts or virtualized guests. No special privileges are required to perform the Denial of Service.
POC available.
continued... |
|
10 programming languages worth checking out
@ Articles -> Link
Dec 28 2008, 06:04 (UTC+0) | If you program for fun or profit, chances are that you know C, C++, Java, PHP, Perl, Python or Ruby. These programming languages are all widely known, and, to a different degree, used in commercial applications. At least some of them can safely be considered mainstream, even if that word has become so overused and misused that has almost lost its original meaning, if it ever had one. If you are earning your living by coding, it’s often one of these languages that pays the bills. Nevertheless, true hackers frequently meander in other directions, exploring and discovering different paradigms and methodologies, sometimes to the most esoteric extremes.
continued... |
|
the older posts:
Top of page
|
featured article Maintenance
The site is undergoing a minor upgrade. As a result some of the features and functionality of NO might be temporarily unavailable. Thank you for your patience and support.
read here
Pod slurping:
an easy technique of stealing data
read here
poll
What age group visits NewOrder?
|
featured download
Event log monitoring and management
of Windows event logs, W3C,
Syslog and SNMP Traps. Download
a free 30-day trial!
linking & backends Information about how to link to NewOrder.
New Order news rss feed,
a sms rss feed or a complete list. |
