|
Written by Irfan
|
PayPal is seriously considering blocking some browsers from accessing its site, according to a paper (PDF) available to shareholders.
Titled "A Practical Approach to Managing Phishing," the paper admits that there's no one silver bullet to prevent fraudsters from making money on the Internet. However, authors Michael Barrett, PayPal's chief information security officer, and Dan Levy, the company's senior director of risk management for Europe, say companies could and should start addressing five specific areas:
- Prevent fraudulent e-mail from getting into users' in-boxes
- Prevent phishing sites by shutting them down
- Authenticate users so that stolen credentials can't be used on PayPal
- Prosecute fraudsters to the full extent of the law
- Focus on brand and consumer recovery
Of these, the paper focuses mainly on e-mail prevention and phishing-site blocking. For e-mail prevention, the authors cite Yahoo Mail as an example and point to its use of domain keys to identify legitimate and illegitimate mail marked as coming from PayPal.
Most controversial is the idea of blocking "unsafe" browsers, or browsers that do not currently include antiphishing tools. PayPal says it would first notify users when they log in if they are using an unsafe browser. Later, PayPal would simply block the use of the browser entirely.
Read full article @ news.com |
You are searching
|
Written by Irfan
|
|
Microsoft has admitted it is investigating reports that a recent Windows Vista security update causes havoc with some USB devices, but the software giant is yet to provide a fix for the cock-up.
The Windows Vista SP1 pre-requisite KB938371 update was released last week, but some unfortunate Vista customers have claimed that their USB mice and keyboards among other devices refuse to work after the update is installed on their computers.
One reader told The Register that he gave up after several frustrating attempts to remove the erroneous update.
The company said in a statement today:
“We are aware of concerns that a recent Microsoft update may be causing problems with USB devices. We are investigating the matter, and at this time, do not have any information to share.”
Yesterday, meanwhile, Microsoft finally pumped out Vista service pack one (SP1) in the remaining 31 languages available as a manual download via its Windows Update site.
However, the automatic version of the download remains missing in action. Redmond had chalked mid-April as the date when SP1 would start downloading onto computers across the world.
Now Microsoft has been forced to admit that it has once again missed a crucial service pack deadline.
Read full article @ Channelregister.co.uk |
|
Written by Irfan
|
|
Web designers making very old mistakes are letting malicious hackers hijack visitors to their sites, say experts.
Many of the loopholes left in the code created for websites have been known about for almost a decade say the security researchers.
The poor practices are proving very attractive to hi-tech criminals looking for a ready source of victims.
According to Symantec the number of sites vulnerable in this way almost doubled during the last half of 2007.
Wholly vulnerable
Kevin Hogan, director of security operations at Symantec, said the bug-ridden web code was putting visitors to many entirely innocent sites at risk.
"It overturns the whole notion that if you stay away from gambling and porn sites you are okay," he said.
The attack that a malicious hacker can carry out via these web code vulnerabilities is known as cross-site scripting (abbreviated as XSS).
Typically these involve lax control of the data being swapped between a web server and the browser program someone is using to interact with it.
An XSS vulnerability could, for instance, allow attackers to steal the login credentials of a visitor to a site.
Read full story @ BBC.CO.UK |
|
Written by Irfan
|
|
A group of hackers has brought the BBC's iPlayer service to the PS3, creating an unofficial portal where console users can access television content. The website is based on the flash streaming service from the Nintendo Wii version of iPlayer, which the BBC launched just last week.
The new site tricks the BBC's servers into believing that the PS3 console is actually a Wii.
"It's mainly a demonstration of how easily the BBC could support the PS3 with their Wii version. This does nothing more than mask your PS3's user-agent string and makes half a dozen changes to make the JavaScript and CSS function correctly on the PS3. It only took a day to produce, so come on BBC - how about implementing this properly?" asks a message on the unofficial PS3 iPlayer portal
Last week the BBC announced that iPlayer would be officially available on the Nintendo Wii, but that no such plans were underway for either the Xbox 360 or Sony PS3 because Sony and Microsoft desired too much control over the service.
Read full article @ PcPro.co.uk |
|
|
|
|
<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>
|
|
Page 10 of 19 |
