Mindblown: a blog about philosophy.

FTC reduces punishment for crooks ‘unable to pay’. Two spyware operations have settled lawsuits brought against them by the Federal Trade Commission (FTC) at a huge discount. The defendants claimed they were unable to afford the original fines levied against them by the judgement, and had the punishments reduced – from $1.75 million to $10,000…

Exploit published for gaping DMG hole. A serious vulnerability found in the DMG handling on fully up-to-date installations of Apple ‘s OSX is threatening to upset the platform’s reputation for security. The bug, for which an example exploit is available from the Month of Kernel Bugs site where it was first unveiled, uses a flaw…

Latest study rates all filters poorly, slates SiteAdvisor. In two recent studies of anti-phishing technologies, one (sponsored by Microsoft ) rated Internet Explorer highest, while the second (carried out on behalf of Mozilla ) put the latest version of FireFox at the top of the list. Now a third, entirely independent study has said that…

Online shoppers and email users face heightened festive risks. With the annual Christmas spending frenzy fast approaching, phishing is as usual on the rise, targeting inexperienced online shoppers stocking up on gifts and festive goodies. Spam rates, already high after a steady climb since the summer and wave after wave of W32/Stration worms, are expected…

Dodgy tactics continue despite ruling. Several researchers have complained that adware-fuelled media company Zango continues to use deceptive practices, despite the recent case brought against it by the FTC, in which it was fined $3 million and ordered to cease such activities. During the case, Zango insisted that it had already cleaned up its act,…

Big Blue adds anti-virus and anti-spyware to desktop security product. IBM announced yesterday that its Internet Security Systems (ISS) subsidiary will be including anti-virus and anti-spyware functionality provided by SOFTWIN ‘s BitDefender in forthcoming versions of its Proventia Desktop Endpoint Security suite. ISS , acquired in the summer by IBM , has a range of…

New law ups penalties for hacking, but could threaten security research. The UK ‘Police and Justice Bill 2006’, introduced into UK law this month, has drawn some approval for its efforts to refine the definitions of computer abuse to ensure Denial of Service attacks are covered, and for upping the potential penalty for hacking attacks…

Backdoor dropper sneaked onto bank card operator’s servers. News sources in China are reporting that the website of China UnionPay , a China-wide cross-bank credit card service used by over 170 million people, has been victim of a hacking attack which placed a backdoor trojan on its website. The trojan, referred to by Rising Antivirus…

Attack developed within two days of disclosure. The Workstation Service flaw announced and patched on Tuesday, one of the most critical vulnerabilities covered by Microsoft ‘s monthly updates, has been targeted by an exploit within two days. The security hole, covered by Microsoft Security Bulletin MS06-070 , particularly affects Windows 2000 users, who could be…

McAfee warns of dangerous movies and music. Researchers at McAfee ‘s Avert Labs have warned of a new worm, dubbed ‘W32/Realor’, which doctors the contents of Real Media files (.rmvb) to redirect users to potentially dangerous URLs. The worm does not ‘infect’ the media files in the standard sense, but instead manipulates the functionality of…