Posts Tagged 'risk'

Risky Surfing

On a regular surfing day we all come across a few questionable sites tempting us to click the link with enticing keywords. We’ve all learned our lesson in one way or another but statistically some domains are more riskier than others. A recent study rated sites based on their risk level and exposure to malware and guess who came out on top?

Vietnam domains (.VN) supposedly are the most prone to risk at 29% That number may not be surprising but the increase over last year’s number (0.9%) should be concerning. A significant increase over last year has to make security experts wonder, what the heck is going on with .VN domains? Russia (.RU) is down at number 5 with 10% of sites deemed to be risky.

So what was the most safe? Think of tentacle porn and go to your happy place. Japan (.JP) with 0.1% of sites deemed risky. Although content originating from Japan is already NSFW but you already knew that. Cyber criminals are opportunistic as ever and sites can go up and down in the blink of an eye. Happy surfing!

Japan investigates iPod nano fire risks

Japan on Tuesday warned users of Apple iPod nanos of a potential fire risk after two new instances in which the popular portable music players overheated.

The economy, trade and industry ministry has received two new reports of minor fires in August in Tokyo caused by overheating iPod nanos, said ministry official Hiroyuki Yoshitsune.

There were no injuries and the cause is still unclear, he said.

Japan had already launched an investigation in March after another Apple iPod nano sent out sparks.

According to the ministry, Apple Computer has been notified of a total of 14 similar cases in Japan. Out of those, two users suffered minor burning. (link)

RFID chips vulnerable to hack

The Dutch government has issued a warning about the security of access keys that are based on the widely used Mifare Classic RFID chip.

Government institutions plan to take “additional security measures to safeguard security, ” Guusje ter Horst, minister of interior affairs, wrote in a letter to parliament on Wednesday.

NXP developed the Mifare Classic RFID (radio frequency identification) chip, which is used in 2 million Dutch building access passes, said ter Horst. One billion passes with the technology have been distributed worldwide, making the security risk a global problem. A spokesperson for the ministry told Webwereld, an IDG affiliate, that it had not yet notified other countries.

The warning comes in a week when two research teams independently demonstrated hacks of the chip’s security algorithm. (link)

PayPal/eBay and your money

Next month eBay intends to implement a controversial new policy that will entail holding payments sent through PayPal for up to 21 days for certain “high-risk transactions.”

Furious at the prospect of waiting to receive funds, sellers have been publicly speculating about how much money PayPal (and its parent company, eBay) makes off the accruing interest on funds under PayPal’s control – and whether a desire to retain those funds for longer spurred eBay’s holding plan.

However, company executives and industry analysts say the money PayPal makes off such payments has a negligible impact on its bottom line.

Any funds PayPal holds for dispersal are automatically deposited in a corporate bank account, which earns interest, according to Paypal representative Amanda Pires. The money is kept there until it’s ready for distribution. PayPal, which processes payments for eBay auctions as well as e-commerce transactions from elsewhere on the Internet, counts interest payments on those funds as one of its revenue streams. (link)

Electronic Arts introduces upcoming Hasbro games

Electronic Arts Inc on Monday announced upcoming games based on popular Hasbro Inc properties such as “Monopoly” and “Littlest Pet Shop,” an important part of its push to make video games for a broader audience.

As part of a licensing deal struck in August, EA will bring classic family games to a range of game systems and devices, said Chip Lange, vice president of the company’s Hasbro game studio.

“This is the first wave of a very long deal,” Lange said. “All these games are being designed with the thought of bringing people together, whether physically or through technology.”

The first wave of games will hit mobile phones this spring and will include versions of “Monopoly,” “Trivial Pursuit,” “Risk” and “Yahtzee.” (link)

Hackers exploit unpatched Quicktime vulnerability

Attackers are trying to exploit an unpatched vulnerability in Apple’s QuickTime software that could let them run code on a victim’s computer, Symantec warned in a DeepSight Threat Management System alert issued Sunday.

First observed on Saturday, the attacks appear to be aimed at Windows users, but Mac OS users could also be at risk since the QuickTime vulnerability in question affects both operating systems, the alert said. That vulnerability, called the Apple QuickTime RTSP Response Header Stack-Based Buffer Overflow Vulnerability, was first disclosed on Nov. 23 and remains unpatched by Apple.

Researchers have shown that the QuickTime vulnerability affects a range of operating systems, including Windows XP, Windows Vista, MacOS X 10.4, and the recently released MacOS X 10.5, also called Leopard. The vulnerability can be exploited through Internet Explorer, Firefox, Opera, and Safari.

There are two types of attacks underway, Symantec said. In the first, victims’ computers are being redirected from an adult Web site, Ourvoyeur.net, to another Web site that infects the computer with an application called loader.exe, which can be saved to the computer as metasploit.exe, asasa.exe, or syst.exe. Once installed on a computer this application downloads another binary file, which Symantec identified as Hacktool.Rootkit, a set of tools that can be used to break into a system. (story)


Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 29 other followers

Technorati – Blog Search

Add to Technorati Favorites

submit express