- Threat – An action or event that might prejudice security. A threat is a potential violation of security.
- Vulnerability – Existence of a weakness, design, or implementation error that can lead to an unexpected, undesirable event compromising the security of the system.
- Target of Evaluation – An IT system, product, or component that is identified/subjected as requiring security evaluation.
- Attack – An assault on system security that derives from an intelligent threat. An attack is any action that violates security.
- Exploit – A defined way to breach the security of an IT system through vulnerability.
Wednesday, May 31, 2006
Thursday, May 25, 2006
- Business email will grow by 25–30%through 2009
- Over 60%of email is spam
- 80%of viruses enter through the email gateway
- 75%of a company’s Intellectual Property is now contained in email
- 79%of companies accept email as written confirmation of approvals, orders and other transactions
- Email is now the de facto document of record for corporate communications
Saturday, May 13, 2006
|Sorbs DUHL||http://www.sorbs.net||Dynamic IPs|
Friday, May 12, 2006
US hacker gets five years in the slammer
A US man has been sentenced to nearly five years in prison after he was found guilty of illegally controlling around 400,000 third party PCs for the purposes of launching malware attacks.
Jeanson James Ancheta, 21, from California, rented out space on this zombie network of compromised machines for the sending of spam and malware, and also for launching denial of service attacks.Among the machines infected by Ancheta were computers at the US military test base at China Lake in the Mojave Desert. Ancheta was ordered to pay the US Navy $15,000 in damages as well as surrendering $60,000 in proceeds from his crimes.
Ancheta advertised his zombie network - or botnet - on his own website called botz4sale.
Thursday, May 04, 2006
1) . Users may be either tricked into clicking on a specially crafted link (called a Non-Persistent
2). User unknowingly visiting a web page embedded with malicious code (also called as a
Persistent Attack). It’s also important to note that a user’s web browser or computer does
not have to be susceptible to any well-known vulnerability.
This means that no amount of patching will help users, and we become solely dependent on a website’s security procedures for online safety.