Skip navigation
Help

Kim Dotcom

warning: Creating default object from empty value in /var/www/vhosts/sayforward.com/subdomains/recorder/httpdocs/modules/taxonomy/taxonomy.pages.inc on line 33.

Aurich Lawson

Some say we're living in a "post-PC" world, but malware on PCs is still a major problem for home computer users and businesses.

The examples are everywhere: In November, we reported that malware was used to steal information about one of Japan's newest rockets and upload it to computers controlled by hackers. Critical systems at two US power plants were recently found infected with malware spread by USB drives. Malware known as "Dexter" stole credit card data from point-of-sale terminals at businesses. And espionage-motivated computer threats are getting more sophisticated and versatile all the time.

In this second installment in the Ars Guide to Online Security, we'll cover the basics for those who may not be familiar with the different types of malware that can affect computers. Malware comes in a variety of types, including viruses, worms, and Trojans.

Read 35 remaining paragraphs | Comments

0
Your rating: None


Reflected XSS vulnerabilities in action

Aspect Security

When my neighbor called early Wednesday morning, she sounded close to tears. Her Yahoo Mail account had been hijacked and used to send spam to addresses in her contact list. Restrictions had then been placed on her account that prevented her from e-mailing her friends to let them know what happened.

In a blog post published hours before my neighbor's call, researchers from security firm Bitdefender said that the hacking campaign that targeted my neighbor's account had been active for about a month. Even more remarkable, the researchers said the underlying hack worked because Yahoo's developer blog runs on a version of the WordPress content management system that contained a vulnerability developers addressed more than eight months ago. My neighbor's only mistake, it seems, was clicking on a link while logged in to her Yahoo account.

As someone who received one of the spam e-mails from her compromised account, I know how easy it is to click such links. The subject line of my neighbor's e-mail mentioned me by name, even though my name isn't in my address. Over the past few months, she and I regularly sent messages to each other that contained nothing more than a Web address, so I thought nothing of opening the link contained in Wednesday's e-mail. The page that opened looked harmless enough. It appeared to be an advertorial post on MSNBC.com about working from home, which is something I do all the time. But behind the scenes, according to Bitdefender, something much more nefarious was at work.

Read 11 remaining paragraphs | Comments

0
Your rating: None

Aurich Lawson

My family has been on the Internet since 1998 or so, but I didn't really think much about Internet security at first. Oh sure, I made sure our eMachines desktop (and its 433Mhz Celeron CPU) was always running the latest Internet Explorer version and I tried not to use the same password for everything. But I didn't give much thought to where my Web traffic was going or what path it took from our computer to the Web server and back. I was dimly aware that e-mail, as one of my teachers put it, was in those days "about as private as sticking your head out the window and yelling." And I didn't do much with that knowledge.

That sort of attitude was dangerous then, and the increasing sophistication of readily available hacking tools makes it even more dangerous now.  Luckily, the state of Internet security has also gotten better—in this article, the first in a five-part series covering online security, we're going to talk a bit about keeping yourself (and your business) safe on the Web. Even if you know what lurks in the dark corners of the Internet, chances are you someone you know doesn't. So consider this guide and its follow-ups as a handy crash course for those unschooled in the nuances of online security. Security aficionados should check out later entries in the series for more advanced information

We'll begin today with some basic information about encryption on the Internet and how to use it to safeguard your personal information as you use the Web, before moving on to malware, mobile app security, and other topics in future entries. 

Read 21 remaining paragraphs | Comments

0
Your rating: None

Key parts of the infrastructure supporting an espionage campaign that targeted governments around the world reportedly have been shut down in the days since the five-year operation was exposed.

The so-called Red October campaign came to light on Monday in a report from researchers from antivirus provider Kaspersky Lab. It reported that the then-ongoing operation was targeting embassies as well as governmental and scientific research organizations in a wide variety of countries. The research uncovered more than 60 Internet domain names used to run the sprawling command and control network that funneled malware and received stolen data to and from infected machines. In the hours following the report, many of those domains and servers began shutting down, according to an article posted Friday by Kaspersky news service Threatpost.

"It's clear that the infrastructure is being shut down," Kaspersky Lab researcher Costin Raiu told the service. "Not only the registers killing the domains and the hosting providers killing the command-and-control servers but perhaps the attackers shutting down the whole operation."

Read 3 remaining paragraphs | Comments

0
Your rating: None

The Strange Tale of the $780,000 Vagina 

Ah, losing your virginity: the holy grail of teen attainment—an occasion preempted by boys buying condoms years before they’re ever conceivably going to use them and girls flaunting their stuff at school, viciously cock-teasing all the desperate boys in their year, before eventually gifting their hymen to the low-level drug dealer who lurks around the school gates.

The process usually involves a few hard lemonades, a five-minute fumble in the back of a three-door hatchback, and a girl’s virginity splurged all over the back seat with not a penny spent (bar the drinks and an ill-conceived head full of wet-look hair gel). Last week, however, a 20-year-old Brazilian girl named Catarina Migliorini auctioned off her virginity for a cool $780,000 presumably not realizing that the kind of man who would spend that amount on taking a stranger’s virginity is likely to be more Kim Dotcom than Ryan Gosling.

The Virgins Wanted website held two auctions—one for Catarina and one for a guy called Alex Stephanov, who sold for a depressing $3,000, just barely enough to cover the flight from his Australian home to Brazil, where his buyer awaits, ready for him to park his pink Cadillac in the side alley for the very first time. The two virgins are the subjects of a documentary shot by Australian filmmaker Justin Sisely, who’s currently facing potential sex trafficking charges from the Brazilian government for the “sale” of Catarina’s innocence.   

I called Justin to chat about the film and find out why he wanted to document two people looking to get their cherry popped for a price.

Continue

0
Your rating: None

kim dotcom

Wired has details of Mega, the new cloud storage project from embattled Megaupload founder Kim Dotcom. In many ways it sounds suspiciously similar to the previous file-sharing service that came under fire from US authorities, but a new encryption system gives users the ability to limit access to any file via generated keys. Mega won't keep the decryption keys on its servers, protecting them from possible hacks or government raids, and also meaning that the service won't be able to know the contents of users' uploads. As Dotcom explains it:

"If servers are lost, if the government comes into a data center and rapes it, if someone hacks the server or steals it, it would give him nothing. Whatever is uploaded to the site, it is going to...

Continue reading…

0
Your rating: None