Tab Dump CS

New Phishing Attack Targets Online Banking Sessions With Phony Popups – DarkReading

Amit Klein, CTO of Trusteer, says although he and his research team have not spotted full-blown attacks like this in the wild as yet, they have witnessed precursors to it. The attack goes like this: The phisher injects legitimate Websites with malicious JavaScript so that when an online banking customer visits one of those sites while banking online, he gets targeted. The malware exploits weaknesses in the browser that lets the attacker “see” the banking site URL where the victim is logged in, and then the phisher automatically generates a popup posing as that bank. If the user falls for the popup lure and enters his banking credentials, the phisher then gets those credentials.

“This is the next generation of sophisticated phishing attack,” Klein says. “It combines an online vector — the attacker waits for user to come to a genuine site that’s hacked — and browser shortcomings to detect which site the user is logged into in a different window or tab. This provides a very powerful avenue to conduct a sophisticated attack.”

Networked fridges ‘negotiate’ electricity use – Hardware – iTnews Australia

A thermal model for each unit is then built up using machine learning technology that collates a series of on/off signals and outputs a temperature profile for the fridge, according to West.

The model is said to characterise the fridge’s power requirements to allow predictions to be made on when the fridge will require another ‘on’ cycle.

“A lot of people don’t realise that fridges cycle on and off regularly, which means you’ve got a bit of discretion about when they use power,” said West.

The controller developed by the CSIRO enables communication between other fridges on the network and also the power source.

It has the potential to smooth out fluctuations in electricity demand by enabling fridges to manage available power, according to West.

“The fridges work together to decide when to cool down, and thus consume power, based on how much surplus power will be available,” said West.

“They are able to anticipate power shortages and change their running schedules accordingly to use as little power as possible during these times.”

The networked fridges are also able to take ‘surplus’ energy produced by renewable sources such as solar panels and store it in thermal mass inside the unit, said West.

Inbox Zero: Processing to zero | 43 Folders


* Smart Folder Rules:
o Date received is greater than 60 days
o Message is flagged
o Message is in Mailbox “To Respond”
* Usual load: 10-20 emails
* Time to completion: Usually? 1 second.
* That’s right. I delete them. Does this make me a bad person? Only for a second. Then I’m right back in the “Recent” folders saving the ones I can — hoping they never make it into the Euthanasia ward. The point is: this is where I draw the line in the sand — it’s the absolute last chance for a response. They either get it now or never. That’s how you stay sane. Just move on.

Homemade Scrabble Keyboard: Double Nerd Score

This wood and brushed aluminum keyboard features real Scrabble tiles with the points score slightly modded to show each key’s secondary function. It’s classy, it’s nerdy, and it’s worth a ton of points.

InformIT: Software [In]security: Top 11 Reasons Why Top 10 (or Top 25) Lists Don’t Work > The 2009 Software Security Bug Parade

# Too much focus on bugs. Software security practitioners have known for years that software defects lead to serious security problems. What we all seem to forget sometimes is that defects come in two basic flavors (divided roughly 50/50 in terms of prevalence): bugs in the code and flaws in the design. Top ten lists tend to focus on bugs, to the detriment of any attention for design-level problems.
# Vulnerability lists help auditors more than developers. Teaching someone how to do the right thing is much more cost effective and efficient than attempting to teach someone how not to do an infinite set of wrong things. Software people react more positively to being shown how to do things right than they do to a bug parade. On the other hand, big lists of bugs certainly make auditing code easier. But how efficient is that?

Kentucky reverses 141-site net casino land grab • The Register

The lower-court ruling rested on Franklin County Circuit Judge Thomas Wingate’s highly specious finding that internet casino domain names constitute “gambling devices” that are subject to the state’s anti-gambling statutes. Tuesday’s decision disabused Wingate of that notion in no uncertain terms.

“Suffice it to say that given the exhaustive argument both in brief and oral form as to the nature of an internet domain name, it stretches credulity to conclude that a series of numbers, or internet address, can be said to constitute a machine or any mechanical or other device … designed and manufactured primarily for use in connection with gambling,” they stated. “We are thus convinced that the trial court clearly erred in concluding that the domain names can be construed to be gambling devices subject to forfeiture under” Kentucky law.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: