You are currently browsing the archives for posts tagged as Security.
KUALA LUMPUR – August 17, 2007 – Data collected by SonicWALL, Inc. (NASDAQ: SNWL) from its Smart Network database of over 1.3 million e-mail users shows ongoing growth in the volume of spam, virus and phishing attacks, increased use of PDF spam and the emergence of a new wave of Excel and Zip spam. The results were based on aggregated results from the SonicWALL Smart Network from April to July, 2007.
There are security updates available for the 2.2.x and 2.0.x branches of WordPress. This means that anyone who is using a self-hosted WP setup should really update your installations. Downloads are available here.
If you’re on an SSH-enabled host and quite comfortable with the command line, then you might want to check out how you can upgrade your WP installation using SSH.
I’m a recent convert to Ubuntu and I’m thoroughly enjoying the experience. Ubuntu is a stable, feature-rich and user-friendly Linux distribution; therefore it’s no mystery why it has become the fastest growing Linux distribution in recent history.
Although the default installation is decently secure, there are some tweaking that you could do to make it even more secure. You can find out how to do this and much more from ITSecurity’s Big Ol’ Ubuntu Security Resource.
Now, you can auction your 0-day exploits online!
WabiSabiLabi (or WSLabi for short) has the following introduction paragraph on its web site:
WabiSabiLabi is aiming to a single moving target: to bring the world closer to zero risk. If the world must become a safer place, the first part of the recipe is simple: to provide a better rewarding for the security researchers, organising an efficient and transparent marketplace, here to maximise the results of their efforts.
Well, the recipe may be simple; but I doubt that the chosen method of cooking can indeed make the world a safer place. At best, it might make the computing world a safer place for the rich.
The BBC has a published piece on WSLabi here.
So what do you think? Should exploits be auctioned off to the highest bidder?
The Internet is a wonderful thing in terms of providing tons of information right on to your desktop. However, quite a number of online resources require you to register in order to access the information there.
I noticed that more than 70% of the web sites I frequent daily require authentication via username and password combination. Juggling these data could be intimidating; and sometimes, people resort to unrecommended password selection methods. Some of the more popular ones include:
Ideally, a password should meet the following criteria to be considered ’safe’:
Personally, I don’t use the same passwords for every site I’m registered on. I do have a standard password that I use for sites that I’m not sure I’ll be needing for the long term, but as soon as it becomes essential, then I change that password accordingly.
The method I use to select a password is simple:
Let’s say my base password is uNh4pP[y], and i have a user account at example.com, then my password there would be uNh4pP[y]-exp (base password plus short name for the web site). Simple but effective.
Using this method, I avoid needing to remember multiple significantly different passwords. Additionally, I won’t need a third party tool to store my passwords. In addition to that, I can also make educated guesses for the passwords I’ve forgotten.
Worse comes to worse, most decent web sites have a Reset My Password feature 
How do you choose your passwords? Do you have your own password generating system?
If you like this post, please subscribe to HTNet’s RSS feed to be updated as soon as there’s a new post.
HTNet is © 2007 Azmeen Afandi and is proudly powered by WordPress. All posts are my thoughts and/or opinions on whatever issue that happens to be the topic. If you take them as facts, you're on your own. Don't come crying to me. Comments are owned by their respected posters, HTNet is not responsible for them in any way.
Ran 31 queries in 0.751 seconds.
