H Security: Exploit's new technology trick dodges memory protection

H Security: Exploit code with DNS tunnel

Reuters: Grand jury indicts ex-Madoff programmers A U.S. grand jury formalized criminal charges on Wednesday against two former computer programmers at swindler Bernard Madoff's firm

  It  is the first time that the number of foreign intelligence gathering officers employed by MI6, also known as the Secret Intelligence Service, has been published. The figure was disclosed yesterday in the annual report of the parliamentary Intelligence and Security Committee. The ISC had previously disclosed the number of domestic security service officers who work for MI5, known as “spooks” - now around 3,500 - but had never done so for spies. MI6 has launched a new recruitment ...

  In a bid to cut down on fraud and inappropriate content, the organization responsible for administering Russia's .ru top-level domain names is tightening its procedures. Starting April 1, anyone who registers a .ru domain will need to provide a copy of their passport or, for businesses, legal registration papers. Right now, domains can be set up with no verification -- a practice that has allowed scammers to quickly set up .ru domains under bogus names. The changes will help ...

  Mozilla yesterday confirmed a critical vulnerability in the newest version of Firefox, and said it would plug the hole by the end of the month. Although the patch won't be added to Firefox before next week's Pwn2Own browser hacking challenge, researchers won't be allowed to use the flaw, according to the contest's organizer. "The vulnerability was determined to be critical and could result in remote code execution by an attacker," Mozilla acknowledged in a post to its security blog ...

The cybercriminals you know, are better than the cybercriminals you don't know. They can be typosquatting, or changing their hosting providers, but they can't escape. The money mule recruiters profiled in "Keeping Money Mule Recruiters on a Short Leash" and in "Keeping Money Mule Recruiters on a Short Leash - Part Two" are now switching hosting to AS34305, EUROACCESS Global Autonomous

Last week a user reported trouble reading a message on his blackberry. He would get an error "This SMIME message was formatted using an encoding that is not supported on handheld." He could still read the message correctly in Outlook 2007 and in Outlook Web Access. It turned out the commonality to the problem was him. On this Blackberry, he couldn't read S/MIME signed messages where people were replying to him. Others couldn't read his S/MIME signed messages on their ...

Toronto Star: High-tech copy machines a gold mine for data thieves Turns out the newfangled, multi-purpose copy machines in your office keep a wealth of copied data on a hard drive that anyone can hack

Washington Post: Dismantling of Saudi-CIA Web site illustrates need for clearer cyberwar policies Elite U.S. military computer specialists, over the objections of the CIA, mounted a cyberattack that dismantled the online forum... The Saudi-CIA Web site was set up several years ago as a honey pot