Z3R0

With tax season here, IRS warns of cybersquatters

If youÂ�re paying taxes to the U.S. Internal Revenue Service there is only one URL you need to know: IRS.gov. ThatÂ�s what the U.S. tax collecting department said this week in a note on its Web site, warning taxpayers of tax season scams and reminding them that Web sites like IRS.com are not affiliated with the U.S. government. "Taxpayers may be confused by the proliferation of Internet sites that contain some form of the Internal Revenue Service name or IRS acronym with a .com, .net, .org or other designation in the address," the IRS said in its note.

Full Story Here

Battlestar Galactica Site Hacked

HAC KED = THE END

Full Story Here

Vuln: WebCalendar Certain Variable Overwrite Vulnerability

WebCalendar Certain Variable Overwrite Vulnerability

Full Story Here

Ethical hacking in the North East

A new course is being launched in the North East to help organisations and individuals defend their computer systems against malicious attacks and computer terrorism. Northumbria Universityâ��s BSc (Hons) Ethical Hacking course is scheduled to take its first intake in September 2007 and builds on the Universityâ��s expertise in the specialised field of computer forensics. Ethical hackers are computer and network security professionals who have the skills to locate and strengthen security weaknesses in computer systems. They work within the law to â��hackâ�� or â��penetrateâ�� into systems in order to determine security weaknesses and flaws, of given system configurations, providing fixers or countermeasures to remove weaknesses. The course emphasises the need to work within the law and Northumbria University has teamed up with a number of specialist information security companies to develop a course which fully meets the future needs of the industry.

Full Story Here

Commission proposes a European policy strategy for smart radio tags

Commission proposes a European policy strategy for smart radio tags. Exactly one year after launching an extensive Europe-wide public consultation on radio frequency identification (RFID) tags, the Commission has unveiled today its proposals for an RFID strategy for Europe. The Commission, in particular, proposes to address the privacy concerns of citizens to boost consumer confidence and EuropeÂ�s position in a market experiencing 60% growth globally.

Full Story Here

Search engine for antiterrorism finds place in business

Artificial-intelligence-based search technology originally developed to help U.S. military and government agencies gather intelligence information from the so-called deep Web is now is finding a place in businesses looking for tool that can scour the Internet beyond the Web-crawling capabilities of Google or Yahoo. An emerging group of companies, such as Fetch Technologies, are focusing on building technologies that can harvest deep Web information ensconced in databases and behind forms that obscure it from traditional general search engines.

Full Story Here

New IE 7 bug could help phishers

A vulnerability in MicrosoftÂ�s Internet Explorer browser could help fraudsters make phishing Web sites appear legitimate, a security researcher reported Wednesday. The flaw lies in the way IE7 processes a locally stored HTML error message page that is typically shown when the user cancels the loading of a Web page, said Aviv Raff, a security researcher based in Israel. The error message tells the user that "navigation to the Web page was canceled," and offers the user the opportunity to "refresh the page." If the refresh link is clicked, IE can be tricked into displaying the wrong Web address for a page. Raff has published proof of concept code that shows how IE can be made to display a Web page on his Web site as if it is from the cnn.com domain.

Full Story Here

TJX: Now FTC wants answers

A U.S. Federal Trade Commission (FTC) official on Wednesday confirmed it has launched an investigation into TJX Companies, parent to discount retailer T.J. Maxx and other chains, which earlier this year announced it had suffered a massive data breach. The FTC official would offer no more information about the investigation, adding that the agencyâ��s investigations are â��non-public.â�� However, she said that TJX has publicly announced the investigation, so the agency could confirm it.

Full Story Here

Working with Recovery Storage Groups in Exchange 2007

The Recover Storage Group (RSG) feature, which was originally introduced back in Exchange 2003, gives you as the Exchange administrator, the option of mounting a second copy of a mailbox database (typically a mailbox database restored from backup) so that you can extract data from one or more mailboxes in the respective database without affecting the production databases if you need to do so during working hours. Depending on how much you have used the new Exchange 2007 Management Console (EMC), thereâ��s a chance you may have noticed you can no longer create an RSG from within the EMC. With Exchange 2007 this is instead done using the Exchange Troubleshooting Assistant (ExTRA) which is launched via the Database Recovery Management tool, which is found under the Exchange Toolbox work center, or by using the Exchange Management Shell (EMS). When mounting a copy of a Mailbox database to an RSG you can extract the data from a mailbox and then merge the data with another mailbox located in a mailbox database in a production Storage Group, but you can also extract the data and then copy it to a specific folder in another mailbox.

Full Story Here

Phishing risk seen in new IE 7 flaw

Attackers could exploit a new flaw in Internet Explorer 7 (IE 7) to launch phishing expeditions, Israeli vulnerability researcher Aviv Raff warned in a posting on his blog Wednesday. Microsoft said it is investigating his findings. Raff said IE 7 running on Windows XP and Vista is susceptible to cross-site scripting attacks. That combined with a design flaw in the browser could allow digital miscreants to launch phishing schemes against users, he added.

Full Story Here