Blog

Rob VandenBrink has written a piece on the SANS web site Diary (“The Many Paths to Security Awareness”) with an interesting take on the very large topic of computer security awareness. “Security Awareness does not mean the same thing to everyone in a company,” sums up his point. “From a Security Awareness perspective the blanket term ‘end user’ grows to encompass many audiences – not only folks with basic desks and phones, but developers, senior managers, salespeople, engineers, health-care professionals, all kinds of people with different concerns, different goals, and a different set of reasons/excuses for exceptions to one thing or another,” he wrote. ...

The iPad already has an app for credit card transactions thanks to Twitter creator Jack Dorsey’s Square project. Originally planned for the iPhone, the app works with a peripheral credit card scanner that attaches to the headphone jack. Once the scanner is in place, you can use your iPad as a mobile cash register. Customers will be impressed by the multi-touch interface, and they will be able to sign for their purchases on the screen. The app then verifies the credit card transactions through Square’s servers for a flat fee plus a small percentage of the sale. ...

The FBI has said it will be checking to see if any federal wiretapping or computer-related laws were broken by a Pennsylvania school district in connection with an incident in which someone turned on the webcam in a school-issued computer and spied on a student in his own home. The incident occurred in Lower Merion School District, located in Montgomery County near Philadelphia. The county district attorney also is investigating. ...

A very dodgy looking PDF file appeared on Nintendo’s Japanese investor relations site with the title “Launch of New Portable Game Machine” (PDF available here). In the document, Nintendo quietly announced that it will be launching “Nintendo 3Ds” during the fiscal year ending in March 2011. The new handheld gaming console will support 3D effects without the need for special viewing glasses, and Nintendo will talk more about it at the E3 conference in June. ...

Virus Bulletin is reporting that a recent survey it conducted found that about one out of five people are still using the dangerously-out-of-date version six of Microsoft’s Internet Explorer. There are probably a number of reasons for this: — They are using IE6 at work with legacy systems that require IE6 (or IT never got around to updating the company’s browsers.) — They are using IE6 at home and don’t know that IE6 is frighteningly insecure. — They are using IE6 at home and don’t know that there is such a thing as an update to browser software. — They are using IE6 at home and don’t know there is such a thing as computer security. ...

A spokesperson for Adobe told us that on the morning of April 12 at 11:00 a.m. EDT, the company will hold a global online launch event for all of the components of its Creative Suite 5. Among the most anticipated new components — or as Adobe tends to present them in its periodic table, “elements” — is a vastly improved HD video rendering engine called Mercury. Unlike other manufacturers, Adobe tends to retain the cool names for its products and platforms even after public release. Mercury will utilize the graphics processing power of video cards to expedite the decoding and playback of HD-encoded formats, especially for the Premiere Pro editor. ...

There are a number of Toolbars out there in the wild with a nasty sting in the tail for anybody using them to login to Facebook. We’ve seen two of these so far; it’s possible there are more. Promoted as toolbars that allow you to cheat at popular Zynga games such as Mafia Wars, they appear to be normal at first glance with a collection of links to various websites and other features common to this type of program. ...

Although Apple rivals the Fortress of Solitude when it comes to unreleased products — remember all of the speculation around the iPad? — the Cupertino-based company does leave clues about what is to come. A look into the iPad OS’s file system suggests that we can expect not one, but two iPhones in the near future, along with the next-generation iPod touch and the next-generation iPad. In the configuration, you can see a list of devices based on the iPhone OS model. However, there have been some new additions to this list following the iPad’s launch: iPhone3,2; iPhone3,3; iPod4,1 and iProd2,1. For reference, the current model of the iPhone is 3,1, the current iPod Touch is 3,1 and the current iPad is iPad 1,1. You may recall that Apple used the iProd 0,1 tag as a placeholder for the iPad before it was released. Our guess is that iProd 2,1 refers to the second generation iPad. ...

Spammers have decided that in order for Apple to meet sky-high growth expectations from its shareholders, Apple needs to diversify into selling drugs online. The spam looks similar to the following message below: Spammers have setup various hacked sites to redirect traffic to online drug stores. However, the spammers are probably frowning/pouting now as Sophos has once again thwarted their plans.

Though it is true that malware is getting more and more sophisticated I am sometimes surprised by the lack of skills coming from wannabe botnet operators. Today, I stumbled upon a hacker’s forum which nicely demonstrates just how low is the technical knowledge level of the forum members. A search for “Zeus” produces several hundred results, many of them surprisingly basic, looking for help with installing a Zeus server or an advice about the best bulletproof hosting. ...