Jack Rogers

A U.S. District Court of Delaware jury has found that Secure Computing, and its subsidiaries CyberGuard and Webwasher, infringed three patents that Finjan Software created over the past decade. Security experts have expressed skepticism that recent recommendations from ICANN for combatting fast-flux hosting will do much to stop the practice, which is utilised by criminal bot herders to mask their activities. A new wave of "3D screensaver" spam is directing recipients to a malware site from a notorious malware gang that had ceased activity in January after their site was attack by a rival group of cybercriminals, researchers at Sunbelt reported. A Federal judge's decision last week to reverse his own ruling and lift what he had declared was a "permanent" injunction shutting the Wikileaks.org site for posting bank documents has been hailed by civil liberties lawyers as an important benchmark in applying First Amendment protections to such sites. A phishing email is in circulation attempting to lure recipients to fake news video purporting to come from a major Hispanic TV network and showing former Cuban President Fidel Castro lying in a coffin with Venezuelan leader Hugo Chavez in tears at his side, Websense has warned. A new tool that uses the Google search engine to scan websites for vulnerabilities -- released last week by the flamboyant Texas-based hacking consortium known as Cult of the Dead Cow (cDc) -- is not likely to enable a wave of new attacks from hackers, experts say. Websense has warned that spam emails have emerged which attempt to dupe recipients into downloading videos of Wednesday's total lunar eclipse in the US but instead deliver an information-stealing trojan to the user's PC. A federal judge in San Francisco has ordered the disabling of a website that discloses confidential information, a precedent-setting ruling that may raise a legal challenge to the growing online black market in purloined data while testing First Amendment rights. The website of Harvard University's Graduate School of Arts and Sciences (GSAS) apparently was hacked on Monday, with some of its database files made available on a peer-to-peer file sharing network by someone who said they wanted to "demonstrate" the lack of security on the university's server. Spammers capitalising on nationwide interest in the Democratic presidential nomination battle are sending out messages offering a link to a "Hillary Clinton video interview" that instead launches a trojan downloader on the victim's PC. Two leading market research firms have lowered their projections for the growth of spending on information technology, including IT security, in 2008 due to the weakening economy. A researcher has released exploit codes for newly discovered Linux kernel 2.6 flaws which could permit attackers to gain root-system privileges they can use to steal data or mount denials of service on Linux-based systems. After a brief hiatus, new variants have appeared in the wild of Trojan.Mebroot, a rogue rootkit discovered in December attacking the Windows Master Boot Record (MBR), Symantec has warned. The latest fake Microsoft Update page laced with malware comes with a sinister twist: a portion of its URL contains the URL for the software giant's actual update site, with a period substituted for a forward slash. Critical ActiveX control flaws have been detected in the Yahoo! Music Jukebox, which like vulnerabilities reported last week in MySpace and Facebook image uploaders, may permit attackers to take control of users' PCs. Symantec has warned that a critical flaw in the ActiveX control of image uploaders that have been widely distributed to users of popular social networking sites Facebook and MySpace can be exploited by hackers to install malicious code on user's computers. The notorious Storm worm botnet, which has mounted phishing attacks on major banks and spawned several waves of holiday-themed messages in recent weeks, is generating spam that directs recipients to bogus medical sites, Websense has warned. At least two brands of digital picture frames, a popular gift during the recent holiday season, have been contaminated by malware and one of the models - Insignia's 10.4-inch frame - has been recalled by the manufacturer and pulled from the shelves of Best Buy. Security researchers have warned that malware-laced fake Super Bowl websites have begun appearing, the first wave of what is expected to be a major campaign of game-related cyberattacks. Societe Generale might have been able to prevent a year-long binge of fraudulent transactions by one of its mid-level traders simply by instituting stricter password controls and applying available software that tracks transactions to individual workstations, according to analysts.