The Security Eunoia

BlueProximity is an open source  tool which uses bluetooth technology to detect your (mobile phone’s) presence near your computer. It can automatically lock your computer once you move away and unlock it when you come within a predetermined distance from the computer.
It achieves this by connecting to your mobile phone via bluetooth using the Received [...]

TrendMicro reports having found what could be a rootkit in an enterprise infosecurity software. The rootkit-churning vendor is the same one that published Sony MicroVault USM-F fingerprint reader discovered last year. What other products has this vendor shipped?

Many are the articles suggesting ways by which departments can make the most of shrinking budgets in these hard times. If you are a small company, allocating funds for all the security resources you need can prove very challenging. You need to be smart about security spending. Therefore security tools that just do the work for as little as possible is a ‘must consider’.

I asked for a test account on Spotify in my earlier post because a friend had an account and was totally enjoying all the music he didnt want to buy but wanted to use legally. I have just received mine and i’m loving it already :)

Hey guys at Spotify thanks!

Aiming to take the fight to the bot herders, a company - SRI International - has released a tool called BotHunter. It is free. The software works by monitoring the communication between compromised hosts on a corporate network and bot-herding computers also known as command & control centres.

BotHunter uses what sounds more like heuristic methods and processes (where detection is based on patterns) or than signatures (where detection is based on known attacks). This is how it works:

It’s been reported that WordPress, a popular blogging application is vulnerable to cross-site scripting (XSS). The vulnerability, discovered in the RSS feed generator and complete with a PoC, affects all versions prior to and including version 2.6.3. A week after the vendor (WordPress) was notified, it released a new version (2.6.5).

Can’t kill Ubuntu enthusiasm:

On 1 November, the Zimbabwean Team held its first ever release party. People came from as far as 300km to attend the event. The IT manager of parliament, who is also a member of the LoCo, was present as well. Neil Coetzer says:
“The month of November left us with a great [...]

In its publication titled Technology-Induced Challenges in Privacy and Data Protection in Europe, ENISA (European Network And Information Security Agency) made 13 recommendations aimed at taking personal data protection more seriously than it has been in the past. I’m particularly interested in recommendations 5 and 9.

Secunia, a vulnerability management firm, has given home users an opportunity to improve their security with its release of Personal Software Inspector (PSI) version 1.0. Released for Windows, PSI aims to raise the security bar by checking and updating all the software installed on the home PC with the latest security patches. Download your copy [...]

Symantec has published a survey - Underground Economy - detailing the activities of cyber criminals who through astute business models have managed to rake in hundreds of millions of dollars in a year. The cost to victims of these activities easily runs into billions of dollars. What do they sell?