Forbes recently released an article entitled “The Cybercrime Boom: It’s A Good Time to Be a Hacker”, and unless you are completely oblivious to the direction technology has been heading for the past several years now, you should agree that it is indeed, a good time to be a hacker. It seems like just about [...]

Duqu is the latest worm making noise in security circles and main stream media.  What’s interesting is how much we still don’t know about it. Even Virus/malware researchers at both Symantec and MacAfee can’t seem to agree specifically on the goal or exact purpose of Duqu.  The alarming thing is not only its modular design [...]

DHCP snooping is a relatively new feature that exists in most switch feature sets. While it may have different names from one switch vendor to another, the concept remains the same. DHCP snooping allows network administrators to force the allocation of IP space on specific switch ports to only be provisioned through DHCP from an [...]

One of the latest interactive marketing trends has centered on the use of QR codes.   A QR code is a small, square, bar-code like image which, when scanned by a QR Code scanner, can perform instructions on a smart phone.  Most of these codes send the user’s smart phone web browser to the creator’s website, [...]

With security companies recording known and popular domains used for spreading malicious software, malicious users are constantly looking for new channels to launch their illegal campaigns. A growing trend in the wild is the distribution of malicious code through legitimate domains. A recent victim to this kind of activity would be none other than Amazon [...]

According to a recent study released by the Stanford University Law School’s Center for Internet and Society, many online advertising networks do not comply with their privacy policies. This study, which is similar to a study conducted earlier this year by Carnegie Mellon University, focused on the actions of 64 of the 75 members of [...]

The social media revolution has created a new market for URL shortening services, such as tinyurl.com and bit.ly.  These services take a URL such as http://www.thesecuritysamurai.com/2011/06/23/the-corporate-security-halftime-report-corporations-0-hackers-over-9000-by-rory-smith-soc-analyst/ and create a redirect site at tinyurl.com/<random string of characters> such as tinyurl.com/6b3bktp.  This is particularly useful when linking to articles or media with long URLs such as the [...]

Another vulnerability has popped up affecting Microsoft Excel, that allows an attacker to execute code as the local user logged in to the device in question.  Microsoft Excel is a widely used spreadsheet program.  It has been confirmed that the memory corruption would allow a user to execute code at locally logged on level privileges.  [...]

We are finally halfway through what seems to be one of the most active years in terms of cyber warfare. In the last six months we have seen a variety of industry giants fall prey to malicious attackers. Fox, Google, Lockheed Martin, HB Gary, Sony, PBS, Nintendo, CIA, RSA and the US Senate have been [...]

Code obfuscation is not really anything new. Malware authors are always on the lookout for new techniques to allow them to avoid detection by security products. Common exploit toolkits have even begun to use obfuscation to hide the methods they use to install malware on a victim’s Web site. Spammers also employ obfuscation and non-printing [...]