Join Our Mailing List

Stay up-to-date on Connected Communities' latest news!

Saturday, September 25, 2010

Storm Worm Erupts Into Worst Virus Attack In 2 Years

Date:  25 Setptember 2010


"We are basically in the midst of an incredibly large attack," said Adam Swidler, a senior manager with security company Postini. "It's the most sustained attack that we've seen. There's been nine to 10 days straight days of attack at this level."
Swidler said in an interview with InformationWeek that the attack started a little more than a week ago, and Postini since then has recorded 200 million spam e-mails luring users to malicious Web sites. Before this attack, an average day sees about 1 million virus-laden e-mails, according to Postini. Last Thursday, however, the company tracked 42 million Storm-related messages in that day alone. As of Tuesday afternoon, Postini researchers were predicting they would see that day between 4 million and 6 million virus e-mails -- 99% of them associated with the Storm worm.
While the number of spam e-mails has dropped significantly, it's still far above normal levels, so Swidler isn't ready to say the attack is over.
For full article please click here

Facebook faces technical error, access blocked to 500million users

Dated: 25 September 2010
By Asim Shahzad
Facebook faced a technical error yesterday blocking off access to over 500 million users. User unrest was created due to the glitch in the most happening social networking site Facebook.

A separate Facebook feature integrated into other websites, allowing visitors to "like" particular articles or videos was recently introduced. Facebook did not reveal the cause of disruption but fixed it eventually. Facebook is the most surfed site. Social networking has been given a whole new meaning by Facebook. Maximum traffic rests on Facebook daily as reported.

The issue was finally resolved and the large user base of over 500 million users was back to smooth browsing and connecting.

Google wins YouTube case over copyright issues

Date: 25 September 2010
By:    Asim Shahzad

Youtube, the videos portal owned by Google won the case filed by by Telecinco television contending that the publication of its content on the web violated intellectual property protections. The court accepted Youtube’s verdict that since it is not a content provider, it has no control over the illegality of videos/content posted on the site.

The court accepted the claims made by Youtube calling itself a mere intermediary service of content accommodation. Moreover, Youtube stated that its only responsibility is precisely to collaborate with copyright owners. Telecinco filed the suit two years ago against YouTube for distributing the network's content. A note has been issued by Youtube which says that the site offers a free technological tool called Content ID to copyright holders. This tool allows them to protect their content automatically and avoid having it uploaded to the portal if that is against their wishes as reported.

More than 1,000 media entities in the world use this tool effectively

Friday, September 24, 2010

Hackers exploit latest Microsoft zero-day bug

                                                  Date: September 23, 2010
By:    Gregg Keizer

Microsoft has warned users that hackers are exploiting the unpatched bug in ASP.Net to hijack encrypted Web sessions.
In a Monday update to a previously-published security advisory, Microsoft said that it was seeing "limited, active attacks at this time."
Symantec, which has a massive global network of sensors and honey trap-like systems to detect and capture exploits, said it had not seen any attacks, however.
The vulnerability exists in all versions of ASP.Net, the company's Web application framework used to craft millions of sites and applications, and lets attackers access Web applications with full administrator rights; decrypt session cookies or other encrypted data on a remote server; and access and snatch files from a site or Web application that relies on ASP.Net.
Microsoft acknowledged the flaw last Friday, the same day that a pair of researchers demonstrated how the "oracle padding" bug can be exploited by force-feeding cipher text to an ASP.Net application and noting the returned error messages it returns.
The company again promised to patch the vulnerability, but like last week, did not set a delivery date for the fix.

For full article please click here

Oracle database design slowed Chase online banking fix

                                                       Date: September 24, 2010
By: Jaikumar Vijayan

The outage last week JPMorgan Chase's online banking site is an example of how pushing to maintain absolute data integrity could end up creating big problems for companies, a veteran database analyst cautioned yesterday.
The financial services firm suffered through intermittent problems on the site for three days earlier this month. At one point, Chase customers could not carry out any online banking transactions for a period of more than 24 hours.
The bank initially blamed the disruption on a 'technical issue,' but later said the problems were tied to a third-party database product used to authenticate customer log-ins.
Curt Monash, an analyst at Monash Research, said a source with knowledge of the incident told him that the outage was traced to an Oracle database used by Chase to store user profiles and authentication data. Monash said the source, who he wouldn't identify, said that four files in the Oracle database were corrupted and that the error had been replicated in the mirror copy of the database that Chase maintained for backup and recovery purposes.
For further details please click here

RIM's BlackPad as Enterprise Tablet? Analysts Think So

Date: September 23, 2010
By Jared Newman
Source: PCWorld

As BlackBerry maker Research in Motion allegedly prepares to announce a tablet next week, analysts have offered some wisdom: Don't bother targeting consumers. Speaking to eWeek, industry analyst Jack Gold and Gartner Research analyst Carolina Milanesi both said RIM should avoid the consumer tablet market and go after enterprise users instead. They both said RIM's tablet, also reportedly known as the BlackPad, needs to focus on security and productivity, rather than consumption and entertainment. In theory, the enterprise strategy makes sense. RIM has a lot of clout in the enterprise market, and businesses are now looking to supplement their smartphones with tablets. A device that plays nicely with existing BlackBerry phones -- perhaps with features like Messenger, and tethering through the smartphone -- could prove attractive for businesses. An emphasis on security would be the kicker.
For full article please click here

8 Essential Privacy Extensions for Firefox

Date: Sep 23, 2010 By: Logan Kugler
Source:  Computerworld

They say privacy doesn't exist on the Web -- but that doesn't mean you can't try to safeguard your personal information. Our computers are loaded with details about our personal and business lives, and it's definitely not acceptable to reveal them haphazardly. With hackers becoming ever more sophisticated, you have to take precautions.
One threat to privacy on the Web is the use of cookies and other technologies to track your browsing, clicking, searching, social networking and buying habits as you move from site to site. These tracking technologies build up an online profile of you that can be used not only to send you ads designed to appeal to you (useful to some, intrusive to others) but could also be used for identity theft if the information fell into the wrong hands.
Another threat is the vast number of files that accumulate on your hard drive -- your browsing history, log-in cookies, cached pages and more -- that could be accessed either by someone who gets physical control over your machine or remotely by hackers who have installed malware on your system. This information can include banking details, credit card numbers, Web site passwords and records of your visits to potentially embarrassing sites.
The current versions of all popular Web browsers offer some sort of "private browsing" feature -- you activate it and surf as you normally would, but your cookies, passwords, Web history and browser cache are erased when you close the browser at the end of your session. Private browsing offers some degree of protection if you're willing to forgo the convenience of having your Web history and saved passwords at your fingertips. But researchers from Stanford University and Carnegie Mellon University have found that no browser actually removes every trace of private browsing sessions.
In this regard, Firefox's vast library of browser add-ons is both a blessing and a curse. On one hand, the researchers found that some add-ons, such as those that enhance searching, may store information that's supposed to be purged after a private browsing session.
On the other hand, a number of Firefox extensions (some of which are available for other browsers) can protect your privacy to a degree that's far above and beyond what private browsing can do. For comprehensive control over your privacy, install and use at least some of these eight Firefox extensions.

For full article please click here