(ISC)2, or International Information Systems Security Certifications Consortium, Inc., is a training and security body that administers the ever-popular CISSP certificate, the Holy Grail of security specialists. Recently (ISC)2 ran a web survey which was found to have leaked an estimated 20,000 particpants addresses, phone numbers, and emails.

Greymagic software released its security advisory GM#007-OP yesterday announcing that Opera Browser users while using favicons (shortcut icons) in their browser bar and/or favorites may be injected with a hostile domain name leading Opera to think it is in fact trusted.

Anonymous writes "Montreal, June 3, 2004 - Press Release - Montreal-based Vircom, developer of Modus e-mail security solutions, said its SpamBuster Team observed less than 15% compliance with the recent FTC rule for labeling e-mail containing sexually oriented material. "

By Matt Hicks
June 1, 2004

When it comes to blocking intrusive Internet software, Yahoo Inc.'s new Anti-Spy gives adware the benefit of the doubt.

Featured Commentary:
To Tolerate or not to Tolerate?

by Bill Gray, CCSP Staff Writer
June 3rd 2004

What do I mean, tolerate, don’t we have to tolerate things in our lives? Well I say, maybe not!

You see, tolerations (those things that we tolerate) are great energy suckers, good time blockers, all round bad guys! I would go as far as saying that if we cleared up a few, we would feel far better than we do right now. I would compare these to the viruses and spyware that we get on our computers, only they aren’t in the computer, they are in us! You know how annoying pop ups are, well the same thing applies to tolerations, they pop up and slow down the action you are on as you have to deal with them. Once you have rid your computer of these pop ups then you are able to operate your computer at full speed. This applies to you as well.

Lions and Tigers and Bears, Oh My! - Part1

by Robin Laudanski, AKA IACOJ
June 2, 2004

Most of us probably remember those timeless words from the Wizard of Oz. Life ran at a slower pace then. Computers were the size of Semi-trailers and only the government or the most advanced corporations had them. There was little thought given to the need of security on the net, because there was no public Internet. In point of fact little consideration was given to security, until it became painfully apparent there was a problem. There is no doubt we aren't in Kansas anymore: Lions and Tigers and Bears have been replaced by Trojans and Viruses and Worms... Oh My!

I read a report today from The Inquirer that purports Linksys (now owned by Cisco) hasn't updated their firmware to popular products such as the BEFSR41 for a year now. The article was published today based on an exploit released by Jon Hart that claims via BOOTP can be used to crash or sniff Linksys devices remotely.

Anonymous writes " Internet Crimes Against Children Exploding

Crime against children on the internet is growing fast; and yet, the problem is going largely unnoticed and underreported. Current statistics show that one in five children who use the Internet receive unwanted sexual solicitations. That might not seem like much stated that way, but, its more than five million children. And while it is easy to dismiss this as a simple reality of the Internet it fails to knock home the more important reality that if a child is exposed to behavior they are not ready to handle it could have an overall negative impact on their entire life. This is the real issue.

Another sinister aspect of the Internet is the explosion of pornography being directed at children. When most adult’s think of pornography they think of nudie pictures they might have gotten their hands on as a teenager. Certainly innocent and hardly damaging. But often on the Internet we are talking kiddy porn. Frankly I have yet to meet a person who has seen a real example of kiddy porn. I am sad to admit, however, that I saw my first kiddy porn picture at a law enforcement conference I attended. The picture was so shocking (a three year old) that it would be impossible for me to describe my own reaction adequately. Let’s just say the hair on the back of my head stood up. How big is the problem? Big enough that the second largest operation of the FBI is its “Innocent Images” program; it’s second only to the terrorism operation. The program is a first step to reduce or eliminate the distribution of kiddy porn on the internet. "

"Abstract: In some WhenU software, including software still available on WhenU's ordinary public web site as recently as May 2004, a flaw in WhenU's self-updating feature allows an attacker to install software on users' computers, via methods such as spoofing a DNS response or hijacking a TCP download. Using these methods, attackers can obtain full control over PCs running the affected WhenU software -- allowing the installation of any software the attackers choose. "

TMOV writes "SEE THE STORY AT THE REG.UK.CO

http://www.theregister.co.uk/2004/05/28/itanic_virus/
TMOV"

Note: Yes it appears that the first IA64 specific worm has been created for proof-of-concept that successfully attacks Windows executables. Although they say it is a proof of concept, one never knows when the first one will be released into the wild.