Recent articles by Dan Kaplan

New phishing wave claims payroll fraud to dupe victims

New phishing wave claims payroll fraud to dupe victims

A Romanian-based criminal group is behind a new trojan-laced, socially engineered email run that tries to trick recipients into believing their employer committed payroll reporting fraud, security researchers said.
Dan Kaplan Jan 11 2008 12:57PM Security
Microsoft releases two patches for three flaws on Patch Tuesday

Microsoft releases two patches for three flaws on Patch Tuesday

Microsoft has pushed out two fixes to close three vulnerabilities, including two "critical" server-side flaws that do not require any user interaction to be exploited.
Dan Kaplan Jan 9 2008 12:44PM Security
Facebook widget leads to adware install

Facebook widget leads to adware install

Researchers at Fortinet have discovered what they believe to be the first malicious widget to appear on the popular social networking website Facebook.
Dan Kaplan Jan 7 2008 2:20PM Security
Google's Orkut clean after fast but harmless self-replicating worm is halted

Google's Orkut clean after fast but harmless self-replicating worm is halted

Google has halted the spread of a worm on its social networking website, Orkut, but not before the self-replicating script reportedly spread to more than 400,000 member profiles.
Dan Kaplan Dec 21 2007 12:05PM Security
Microsoft offers workaround for patch that crashes Internet Explorer

Microsoft offers workaround for patch that crashes Internet Explorer

Microsoft has issued a workaround to resolve a glitch in a recently released cumulative Internet Explorer 6 (IE6) patch that causes the popular browser to crash.
Dan Kaplan Dec 21 2007 9:31AM Security
TJX settles with banks over data breach

TJX settles with banks over data breach

TJX and three bankers groups have settled a lawsuit over costs related to the discount retailer's record data breach that may have exposed as many as 94 million accounts, the parties announced Tuesday.
Dan Kaplan Dec 20 2007 9:46AM Security
Apple releases hefty package of OS X fixes

Apple releases hefty package of OS X fixes

Apple has issued patches to correct at least 40 vulnerabilities in its Mac operating system that could permit an attacker to install malicious software on a victim's machine
Dan Kaplan Dec 19 2007 10:03AM Security
Iowa breach exposes data on 3 million British would-be drivers

Iowa breach exposes data on 3 million British would-be drivers

A hard drive containing the personal information of three million driver's license applicants in Britain has gone missing from a facility in Iowa, British officials said Monday.
Dan Kaplan Dec 19 2007 10:03AM Security
Apple fixes Java vulnerabilities

Apple fixes Java vulnerabilities

Apple has released a new version of Java to resolve 18 vulnerabilities.
Dan Kaplan Dec 18 2007 2:21PM Security
Deloitte partner, principal confidential information on stolen laptop

Deloitte partner, principal confidential information on stolen laptop

A laptop containing the personal information of an undisclosed number of Deloitte & Touche partners, principals and other employees was stolen while in possession of a contractor responsible for scanning the accounting firm's pension fund documents, SCMagazineUS.com has learned.
Dan Kaplan Dec 17 2007 9:30AM Security
Apple releases new QuickTime version to resolve RTSP flaw

Apple releases new QuickTime version to resolve RTSP flaw

Apple has released a new version of its popular QuickTime application to close three holes, one of which is a particularly dangerous flaw that was being actively exploited to install malicious code on victims' machines.
Dan Kaplan Dec 17 2007 9:30AM Security
Phishing emails disguised as U.S. Department of Treasury complaints

Phishing emails disguised as U.S. Department of Treasury complaints

A new round of targeted phishing is underway with attackers again trying to trick recipients into opening malware-laden attachments falsely claiming to originate from the federal government, researchers warned today.
Dan Kaplan Dec 14 2007 9:58AM Security
Researchers warn of Microsoft Access Database exploit

Researchers warn of Microsoft Access Database exploit

Targeted phishing emails are attempting to infect the machines of users' who are tricked into opening malicious Microsoft Access Database (MDB) files, US-CERT (United States Computer Emergency Readiness Team) said in a warning this week.
Dan Kaplan Dec 13 2007 9:51AM Security
HP laptops contain ActiveX bugs

HP laptops contain ActiveX bugs

A number of Hewlett-Packard notebook models are vulnerable to an ActiveX attack that could permit a hacker to execute malicious code.
Dan Kaplan Dec 13 2007 9:32AM Security
nCipher purchases most of insolvent NeoScale

nCipher purchases most of insolvent NeoScale

U.K.-based encryption and key management provider nCipher announced today it acquired most of the intellectual property and assets of NeoScale Systems, an appliance-based enterprise storage security firm that recently ceased operations.
Dan Kaplan Dec 12 2007 10:04AM Security
Roundup 2007: Gazing into the crystal ball

Roundup 2007: Gazing into the crystal ball

SC US handed out crystal balls to several analysts, consultants, professors and CSOs and asked them to answer questions about next year.
Dan Kaplan Dec 11 2007 3:04PM Security
Codec flaws threaten Windows Media Player, Winamp

Codec flaws threaten Windows Media Player, Winamp

Researchers today began noticing increased activity on ports directed to media players, a strong indication that attackers are actively screening machines for a new codec vulnerability reported over the weekend.
Dan Kaplan Dec 11 2007 9:48AM Security
Seven fixes for Microsoft's Patch Tuesday

Seven fixes for Microsoft's Patch Tuesday

Microsoft announced today it plans to release seven patches – three repairing "critical" vulnerabilities – as part of its monthly security update on Tuesday.
Dan Kaplan Dec 10 2007 12:31PM Security
Attackers hack into Oak Ridge National Laboratory

Attackers hack into Oak Ridge National Laboratory

A targeted assault of phishing emails opened the door for hackers to glean the sensitive information of up to 12,000 visitors to the Oak Ridge National Laboratory, officials said Thursday.
Dan Kaplan Dec 10 2007 9:57AM Security
Justin Timberlake, Hilary Duff, Tila Tequila MySpace profiles compromised to impress hacker group

Justin Timberlake, Hilary Duff, Tila Tequila MySpace profiles compromised to impress hacker group

A person wanting to impress a hacker group broke into the popular MySpace profiles of several celebrities, including Justin Timberlake and model and MTV personality Tila Tequila, researchers said today.
Dan Kaplan Dec 7 2007 9:58AM Security

Log In

  |  Forgot your password?