Researcher will enable hackers to take over millions of home routers
Cisco and company, you've got approximately seven days before a security researcher rains down exploits on your web-based home router parade. Seismic's Craig Heffner claims he's got a tool that can hack "millions" of gateways using a new spin on the age-old DNS rebinding vulnerability, and plans to release it into the wild at the Black Hat 2010 conference next week. He's already tested his hack on thirty different models, of which more than half were vulnerable, including two versions of the ubiquitous Linksys WRT54G (pictured above) and devices running certain DD-WRT and OpenWRT Linux-based firmware. To combat the hack, the usual precautions apply -- for the love of Mitnick, change your default password! -- but Heffner believes the only real fix will come by prodding manufacturers into action. See a list of easily compromised routers at the more coverage link.
via: Forbes, Ars Technica
source: Black Hat 2010
IT job satisfaction plummets to all-time low
"Experts say unhappy critical IT workers will likely seek more 'purposeful' jobs elsewhere..."
Well it sure doesn't take a genius to figure this one out. Here is the big part of the article --
"A mid-2009 job satisfaction survey by the Corporate Executive Board, a Washington-based advisory firm that counts many Fortune 500 firms among its clients, found that the number of dissatisfied workers continues to increase. The firm surveys 150,000 workers each quarter, asking a battery of behavioral questions about their jobs. About 10,000 of the those surveyed work in IT jobs, board officials said.
The CEB's latest survey found that the willingness of IT employees to "exert high levels of discretionary effort" -- put in extra hours to solve a problem, make suggestions for improving processes, and generally seek to play a key role in an organization -- has plummeted to its lowest levels since the survey was launched 10 years ago.
In 2007, about 12% of the IT employees fit in category of "highly engaged" workers, but that has since fallen to 4%.
"These are literally the most critical employees," said Jaime Capella, a managing director in CEB's information technology practice. Moreover, such critical workers are 2.5 times more likely than the average employee to be looking for new opportunities.
"They are likely to be the first ones to leave your company as soon as they can," Capella said."
COFFEE!
Microsoft Cofee leaks onto the web
No use crying over it
By Alexandra Pullin
MICROSOFT'S DIGITAL FORENSICS software has been spotted on a file-sharing site, available for all to download.
Computer Online Forensic Evidence Extractor (COFEE) is a forensics tool that fits on a USB drive for the police to use in PC forensics.
The software is free to police forces around the world and helps access details about crimes such as identity theft, online fraud, child pornography and illegal filesharing before criminals can wipe the information.