Saturday, February 16, 2008

The Last Post

Due to a change in circumstances, I will no longer be able to continue with this blog. The second anniversary was fast approaching, and I have enjoyed it, but alas, nothing lasts forever. All readers visit a number of sources for their news, so if the links below are not on your list, you may like to add a few.

Donna's SecurityFlash
Help Net Security - Off the Wire
heise Security

Krebs on Security
Threat Level -
MSMVPS.COM [Blogs by Current and Former Microsoft Most Valuable Professionals] Security News [4 feeds]

Goodbye, Farewell, Adios and Many Thanks

Monday, February 11, 2008

Conferences is done and dusted for another year, and being the caring and sharing open source types that they are, they've kindly recorded all the talks and tutorials which were given to share with the world wide web. You can browse the topics and download them here - OGG is the video, SPX is the audio. If you're in a Windows environment, you can use the open source app VLC to view the OGG files.

Read more HERE.

Official Defcon 15 recordings online
After 6 months, Defcon has put the official recordings on their website. There are 122 video and audio files in total.

Have fun!


ESET SysInspector
ESET SysInspector is an application that thoroughly inspects your computer and displays gathered data in comprehensive way.

Read the article HERE.

New versions of Aircrack-ng WLAN
The developers of Aircrack-ng have published two new versions of their WLAN security-testing suite. The latest stable version 0.9.2 of airmon-ng supports more drivers than its predecessor and fixes some bugs. Airodump-ng can now handle 5-GHz channels, and Aireplay-ng can now talk to the real-time clock under Linux. The unstable version 1.0 has also been updated to Beta2

Read the article HERE.

My Lockbox
My Lockbox is a free program that can quickly hide and password protect a folder and all files/folders within it from being shown in the Windows files system, and will do so under Windows safe mode as well.

Read the article HERE.


Apart from The Pirate Bay guys, most tracker administrators are acutely aware of the risks they expose themselves to, and do everything they can to hide in the shadows. We speak to a tracker owner to find out the kind of measures these guys take in order to protect their identities.

Read the article HERE.

Avoid Downloading Fake Torrents
BitTorrent tracker SeedPeer ensures quality torrents by verifying downloads before it seeds them in its verified torrents section. That means that if you've ever spent hours downloading a torrent to find that you'd been duped by a fake download, you should be able to download with confidence from SeedPeer's verified torrents.

Read the article HERE.

YouTorrent is “the world’s first real-time torrent comparison search engine” according to the site itself. The site is a meta search engine, which means that it doesn’t host any torrent files itself. It currently searches 12 sources; Mininova, The Pirate Bay, IsoHunt, MyBittorrent, NewTorrents, SuprNova, Monova, Vuze, BitTorrent, LegitTorrents, SeedPeer and BTjunkie.

Read the article HERE.

Top 10 BitTorrent Tools and Tricks
BitTorrent is the go-to resource for downloading everything from music and movies to software and operating systems, but as its popularity continues to grow, so do the number of tools available for making the most of it. Some are must-haves, while others are a waste of time. Climb aboard for a look at 10 of the best BitTorrent utilities, tools, and resources for finding and managing your BitTorrent downloads quickly and efficiently.

Read the article HERE.

TechNet Magazine - February 2008

Sharepoint : Office Communications Server : High Performance Computing : Microsoft Office

Read the magazine HERE.

Sunday, February 10, 2008

Hackers Exploiting Adobe Reader Flaw

Security Fix has learned that at least one of the security holes in the popular Adobe Reader application that was quietly patched by Adobe this week is actively being exploited to break into Microsoft Windows computers.

Read the article HERE.

Solving Online Identity Theft

Imagine you could prove you were 21 without revealing your date of birth -- or anything else about you, for that matter. Or qualify for a loan without disclosing your net worth. Or enjoy the benefits of e-commerce, e-health and e-government without a moment's fear that you are open to identity theft. Sound impossible? It is. But it won’t be if cryptographer and entrepreneur Stefan Brands has his way.

Read the article HERE.

Another google horror story

I'm a very experienced internet user, which is part of why I've asked not use my name. I'm the -last- person that should be a phishing victim, yet it happened to me. Since it happens to internet professionals far less than, say, the clueless relatives of internet professionals, of course we blame it on the user.

The design problem is you want the site's interface to be uniform every time you visit, this tells the user "this is the real gmail". But this is what the phishers are exploiting. If the site was somewhat different every time you visited, it would be jarring and perhaps cause more people to look at the URL to make sure they were in the right place. Bank of America uses a "personal icon" that you should see to ensure it's the right server. It's not the most elegant solution, but it is a step in the right direction.

Read the article HERE.

The Coolest Hacks of 2007 - Part II

Just when you thought it was safe to go back online, we offer a new round of offbeat attacks that might make you think twice. Bluetooth, taxicabs, printers, unlaunched browsers, toasters, and road signs: Each was hacked in the past year by inventive researchers whose curiosity got the best of them. The coolest hacks are like that.

Read the article HERE.

The Flow of MBR Rootkit Trojan Resumes

Back in final weeks of 2007 the GMER team discovered the emergence of a new rootkit that hooked into the Windows master boot record (MBR) in order to take control of a compromised computer.

Read the article HERE.

'L0pht ' Reunion on Tap

Former rock bands have done it, and now a 1990s hacker group is getting back together -- for at least one show, anyway. Several members of the famed hacker group The L0pht Heavy Industries will reunite in March on a security conference panel.

Read the article HERE.

Saturday, February 09, 2008

Crack for Windows Live captcha

Spammers are using a sophisticated piece of software that can create thousands of Windows Live email addresses by cracking the protections designed to prevent the large-scale creation of fraudulent accounts.

Read the article HERE

New Authentication Scheme Proposed

Researchers have built a prototype authentication technique that could ultimately reduce the risk of attackers hacking users' credentials via a keylogger or spyware.

Read the article HERE.

To sudo, or not to sudo

If you've dabbled even a little bit with security matters, you know that giving root rights or the root password to a common user is a bad idea. But what do you do if a user has a valid need to do something that absolutely requires root rights? The answer is simple: use sudo to grant the user the needed permissions without letting him have the root password, and limit access to a minimum.

Read the article HERE.

It's raining security updates

Mozilla pushed out a new update of Firefox on Thursday that fixes ten security vulnerabilities, three of which are deemed critical.

Read the article HERE.

Antivirus company's Web site hacked

The Web site for Indian antivirus vendor AvSoft Technologies has been hacked and is being used to install malicious software on visitors' computers.

Read the article HERE.

Changing the face of flaw disclosure

The old image of vulnerability researchers is the teenage outcast tinkering away in the basement, finding flaws in Windows machines, Oracle databases and Cisco routers and releasing proof-of-concept exploit code at will to the dismay of the affected vendor. But somewhere along the way, something changed.

Read the article HERE.

Friday, February 08, 2008

Third of security practices useless

In a presentation here yesterday, Tippett -- who is vice president of risk intelligence for Verizon Business, chief scientist at ICSA Labs, and the inventor of the program that became Norton AntiVirus -- said that about one third of today's security practices are based on outmoded or outdated concepts that don't apply to today's computing environments.

Read the article HERE.

JavaScript zaps iPhone and iPod

Security researchers have discovered you can crash an iPhone through the medium of a cleverly crafted webpage. The exploit, dubbed a "memory exhaustion remote denial of service vulnerability" by the SecurityFocus website, affects Apple's Mobile Safari web browser, a key component of both the iPhone and the iPod Touch.

Read the article HERE.

The Storm Worm's Family Tree

New research suggests that the infamous Storm worm has its roots in a computer worm that first surfaced as early as 2004, two-and-a-half years prior to Storm's widely-recognized birthday.

Read the article HERE.

Microsoft News

MS Patch Tuesday Barrage
After a relatively light Patch Tuesday load in January, Windows administrators are bracing for a barrage of security updates from Microsoft. According to the software maker's advance notice mechanism, there are 12 bulletins slated for release Feb. 12. Seven of the 12 will be rated "critical," Microsoft's highest severity rating.

Read the article HERE.

Final Version of Vista SP1 Test
Microsoft's newly released Service Pack 1 may solve some of the performance glitches that have annoyed Windows Vista users and discouraged others from adopting the OS, but it doesn't appear from our initial tests to be a panacea. In our first tests of the service pack, file copying, one of the main performance-related complaints from Vista users, was significantly faster. But other tests showed little improvement and in two tests, our experience was actually a little better without the service pack installed than with it.

Read the article HERE.

Microsoft responds to Save XP petition
In response to Infoworld's petition and other pro-XP outpourings of support, a Microsoft spokesperson in the US told Computerworld: "We're aware of it, but are listening first and foremost to feedback we hear from partners and customers about what makes sense based on their needs. That's what informed our decision to extend the availability of XP initially, and what will continue to guide us".

Read the article HERE.

Microsoft cuts Windows 7 features - already
Features are being shed left and right. The latest one is graphics a API, DirectX 11 in this case. From what we are told by reliable sources. MS was keen on having DX11 be part of Windows 7. DX10, which while technically pretty nifty, is saddled with Vista as an arm twist mechanism, so it is taking off like a water buffalo with bunions and a weight problem.

Read the article HERE.

Thursday, February 07, 2008

When security improvements backfire

Recently, when conducting an (authorized) security review at a small web hosting provider, I ended up as "root" on all their Unix systems within a matter of hours, and did not even need any l33t buffer overflow or the like. Well-meaning system administrators had tried to improve security of their servers, and had unwittingly ended up making life much easier for the bad guys.

Read the article HERE.

Adobe, Apple Issue Security Updates

Adobe has released an update to its free Adobe Reader application that corrects more than two dozen bugs, including several security holes. Separately, Apple this week pushed out a patch to plug a single security vulnerability in its iPhoto application.

Read the article HERE.

Hack Your Home Router Challenge

In the wake of two fairly bad stories about cross-site request forgeries (CSRF), there’s a new challenge on the wind: Hack your home router! The catalysts for this challenge were some recent real-world CSRF-based attacks -- a user's domain being compromised due to a hole in Gmail, and Mexican banking customers' credentials getting stolen after their routers were compromised.

Read the article HERE.

TrueCrypt 5.0 Released

Among the new features are the ability to encrypt a system partition or entire system drive (i.e. a drive where Windows is installed) with pre-boot authentication, pipelined operations increasing read/write speed by up to 100%, Mac OS X version, graphical interface for the Linux version, XTS mode, SHA-512, and more.

Read the article HERE.

Nmap looks better than ever

The 4.50 release includes Zenmap, a cross-platform GUI front end for Nmap which includes a command creation wizard, a scripting engine, and a host of other improvements. At age 10, Nmap may be the most popular network security tool in the world. Given its power, ease of use, and the excellence of its documentation, it's not hard to see why. Security professionals and casual desktop users alike can benefit and learn from this tool. If I had a "must have" list of all the apps I use, Nmap would rank near the top. If you're not familiar with it, grab it and give it a go.

Read the article HERE.

FAR Manager goes open source

I’ve been extremely happy over the last several days when I discovered that the FAR Manager, one of the tools that we use quite a lot in Avert Labs, has recently been released as open source under a BSD license. What is exactly FAR? Well, FAR is an advanced file manager that is heavily customizable and extensible.

Read the article HERE.

Predators prefer IM and chat rooms

Quick, picture an Internet sex predator. If you're like many members of the public, you probably pictured a middle-aged man clicking away on social networking sites like Facebook and MySpace as he lies to kids he meets about his age and intentions. Such a picture doesn't survive an encounter with data, though; social networking sites are actually safer than chat rooms and instant messaging, while most perpetrators are upfront about both their ages and desires.

Read the article HERE.

Security Metrics - How Often Should We Scan?

I get this question from Nessus users and Tenable customers very often. They want to know if they are scanning too often, not often enough and they also want to know what other organizations are doing as well. In this blog entry, we will discuss the many different reasons why people perform scans and what factors can contribute to their scanning schedule.

Read the article HERE.

Wednesday, February 06, 2008

Heads Up Internet Explorer Users

A plug-in for Microsoft's Internet Explorer Web browser that helps users upload photos to popular sites such as Facebook and Myspace contains multiple security holes. To make matters worse, hackers have now published instructions showing how to exploit those flaws to break into vulnerable systems and install software.

Read the article HERE.

Holes in numerous ActiveX controls

Users of Yahoo's Music Jukebox should consider uninstalling the software. Several security holes in two of its ActiveX controls allow attackers to manipulate a system and infect it with malware via a crafted web site visited using Internet Explorer.

Read the article HERE.

Overhaul of net addresses begins

The first big steps on the road to overhauling the net's core addressing system have been taken. On Monday the master address books for the net are being updated to include records prepared in a new format known as IP version 6.

Read the article HERE.

Microsoft replaces Vista kernel

One of the “big” features discussed in early speculation of Windows Vista SP1 was the kernel upgrade, which was supposed to bring the operating system into line with the Longhorn kernel used in Windows Server 2008. And yet with Vista SP1 going RTM, there hasn't been so much as a peep from Microsoft about the mooted kernel update.

Read the article HERE.

The future of network security

Enterprise connectivity is exploding, driven by globalization, convergence, virtualization and social computing. As corporate perimeters dissolve, the security focus switches towards application and data-level security solutions. The question to ask is what are the longer-term implications for network security? Will it become redundant or could it grow more powerful? Only one thing seems certain: It will be different from today.

Read the article HERE.