Donald Sears

A security expert at a managed services provider has kicked off a project to expose and blacklist the networks hosting VoIP attacks against his and other companies' VoIP PBX servers. Read the full article. [Dark Reading] Read more »

Members of LinkedIn who clicked on fake connection requests sent users to a Website that displayed "PLEASE WAITING...4 SECONDS" before redirecting them to Google. During those 4 seconds, the Website downloaded Zeus data-theft malware onto their PCs. Read the full article. [eWEEK]

UK police have arrested 19 cybercrime suspects who allegedly used the ZeuS crimeware toolkit to capture online banking credentials before looting victims' bank accounts. Read the full article. [The Register] Read more »

Researchers in the School of Electronics and Computer Science of the University of Southampton have come up with a means for identifying ears with a success rate of 99.6%. Read the full article. [MIT Technology Review] Read more »

Federal law enforcement and national security officials are preparing to seek sweeping new regulations for the Internet, arguing that their ability to wiretap criminal and terrorism suspects is “going dark” as people increasingly communicate online instead of by telephone. Read the full article. [The New York Times]

A security researcher has discovered a potentially crippling vulnerability in one of the most widely used botnet toolkits, a finding that makes it easy for blackhats and whitehats alike to take control of huge networks of infected PCs. Read the full article. [The Register]

The Senate Subcommittee on Consumer Protection, Product Safety, and Insurance heard testimony on from several witnesses yesterday regarding the proposed national data breach legislation, including Maneesha Mithal of the Federal Trade Commission (FTC) and Mark Bregman, CTO of Symantec. Read the full article. [Infosecurity] Read more »

A glut of stolen data — combined with innovation and cutthroat competition among vendors — is conspiring to keep prices for stolen account numbers exceptionally low. Read the full article. [KrebsonSecurity]

ESPN's Fantasy Football site is riddled with flaws that allow players to rig games, a security researcher says. Read the full article. [The Register] Read more »

An error in the free (de)compression library libbzip2 can be exploited using specially prepared files to provoke an integer overflow. Read the full article. [The H Security] Read more »