Sunday, June 21, 2009

Cash machines running Windows steal your card details - 17 June 2009 - New Scientist

Cash machines hacked to spew out card details

After months poring over the Windows-based software in the bank's ATMs, Henwood and his team were astonished. They found a 50-kilobyte piece of malware disguised as a legitimate Windows program called lsass.exe. In a PC, this helps the Microsoft operating system cache session data - so users don't have to re-enter their passwords every time they get a new email, for example.

This is a clever choice of camouflage, says SpiderLabs' forensics manager Stephen Venter: to an IT staffer, lsass.exe doesn't look out of place in a Windows system, so routine checks wouldn't necessarily pick it up. Yet it has no useful function in an ATM.

How long will this madness go on, before Microsoft is called to account and sued for real losses caused by their badly broken operating system?

0 comments

Friday, June 19, 2009

Techworld.com - MySpace crunched as workforce slashed


See what happens when a squadron of suits at a newspaper institution decide they are going to run a software company - a web2 one at that.

Techworld.com - MySpace crunched as workforce slashed: "The restructuring continues at MySpace, whose staff will get cut by almost 30 percent, the News Corporation division has announced."

0 comments

Wednesday, June 10, 2009

The bugs never stop - Microsoft shatters record with bumper patch issue


Some things just never change. Year in, year out, security holes keep getting found in that heap of festering garbage called Microsoft Windows. It masquerades as an operating system, but is really a most brilliantly conceived piece of marketing weaponry to ensure one of the biggest wastes of energy and money in human history, outside of conducting an out and out war.

Techworld.com - Microsoft shatters record with bumper patch issue

MS09-018 got his attention because Microsoft pegged the Active Directory flaw as critical, and it could be exploited remotely by simply sending a server a malicious data packet. "Someone could use this to take over Active Directory, and if they do, they'd own all [an organisation's] passwords,"
Go linux !!

0 comments
Subscribe to: Posts (Atom)