Sunday, April 30, 2006

Need Extra Cash? Report Your Boss

Well, apparently it's big business to know who's pirating software. The Business Software Alliance, an organization whose member list is a virtual 'who's who' in the IT industry, is offering rewards of up to $200,000 to anyone turning in their employer (or former employer, as the case may very well be) for a successfully litigious (or settlement-worthy) use of unlicensed software.

Read the original article HERE.

Saturday, April 29, 2006

Password Practices Pitiful

Only 1 in 7 business users bother to create different passwords for each Web site that requires authentication. A Web poll conducted by Sophos showed that :
  • 14 percent of the 533 business users surveyed use a unique password for each site
  • 41 percent use the same password all the time
  • 45 percent use "a few" different passwords.


It is madness to use the same password for accessing a site which tells you the football results as the one which gives you access to your online bank account.


Creating Secure Passwords

One of the problem with passwords is that users forget them. In an effort to not forget them, they use simple things like their dog’s name, their son’s first name and birthdate, the name of the current month- anything that will give them a clue to remember what their password is.

For the curious hacker who has somehow gained access to your computer system this is the equivalent of locking your door and leaving the key under the doormat. Without even resorting to any specialized tools a hacker can discover your basic personal information- name, children’s names, birthdates, pets names, etc. and try all of those out as potential passwords.

Learn how to create and remember easy secure passwords HERE.

Friday, April 28, 2006

Outpost Pro 4.0

Agnitum will release Outpost Pro 4.0 to deliver superior proactive security with the new functionality:

* Anti-Leak Features

* Spyware Signature Analyzer
* Exclusive Application Verification
* 64-bit support
* Additional Improvement

More on their newsletter page HERE.

Thursday, April 27, 2006

Using No Anti-Virus

Can you get away with it?

With the obligatory yearly debate over the necessity of software firewalls or AV programmes, a variety of opinions are offerred. A cool head and open mind are required to view this debate objectively.

Visit the forum HERE.

Wednesday, April 26, 2006

Wild Wild Underground

Dancho Danchev also investigates the "buy your own hacker kit" market. A much more informative article, it challenges the US$15 price for a kit, declaring the cost to be US$300. Dancho also has a close look at the underground culture of the net.

Read the article HERE.

Do It Youself Hacker Kits

Not too long ago, you needed some technical expertise to become a Internet criminal. Today, for about US$15.00 you can buy your own do it yourself kit from Russia.

This kit downloads a Trojan, logs keystrokes, downloads additional cybernasties and opens backdoors to a compromised system.

The Trojan is even smart and can detect what browser is being used via the user agent and customize the exploit based on the browser settings.

Read the entire article HERE.

Monday, April 24, 2006

Capture 130,000 Keystrokes or $440,000,000


Key Katcher - This wonderful little gadget is for sale over at Thinkgeek. It is colored an innocuous IBM grey so no one will notice when you attach it to their keyboard. It fits between the back of the PC and the keyboard cable. It needs no power and it can record 130,000 keystrokes. It works like a software keystroke logger. Once it is installed it just captures anything that is typed: usernames, passwords, URLs, email, banking info, everything. This is exactly how the greatest attempted bank heist in history was pulled off.

Read the story HERE.

Sunday, April 23, 2006

Easter Eggs Bypass Security

One week ago I blogged the topic of "Free CDs highlight security weaknesses".

It seems that a chance to win free Easter Eggs is reason enough for most people to give away their identity. And why are these tests always carried out in London? Are they really the dumbest people on the planet ?

Read the original article HERE.

I try not to overdo it , but, this definately deserves the Vanish sig...

The seemingly boundless capability of people to invent new ways of being stupid will never, ever cease to astound me.

Saturday, April 22, 2006

An Open Letter to Security Vendors

Michael Miller [ PC Magazine ] challenges some of the major security product providers about the shortcomings of their products.

All of you have reason to worry about the prospect of Microsoft entering the security market this summer with a new service called OneCare. But you're focused on the wrong problem. Instead of focusing on Microsoft, you need to take a good hard look at the effectiveness of your own wares. I've talked with a lot of computer users lately, and the conclusion is inescapable: Your products just aren't good enough.

Some of your products don't do a complete job; others are packaged in ways that customers don't understand; parts of some software don't work properly, and other programs are so big that they cause the very problems customers want to avoid.

Read the full article HERE.

Microsoft Helps Write Anti-Spyware Law

The law will supposedly protect people from unwarranted hackers or virus attacks and can fine individuals up to $1M who are found guilty of breaking into a computer without the owners knowledge.

Microsoft wants the right to inspect your hard drive, delete your files and applications, and call the police if it finds anything “illegal”. However, once a computer user authorizes software updates and accepts a user’s agreement, the software will be allowed to do anything in order to detect or prevent illegal or fraudulent activity. But we all know this has nothing to do with the [US]patriot act and has everything to do with M$ wanting to get into your hard drive.

The law is amazing, not only because it is probably the first written overtly by a major company without bothering with the tedious problem of lobbying, but because it is written by Microsoft.

How could anything go wrong?

Read the full article HERE.

Friday, April 21, 2006

Opera 9 Beta released - includes BitTorrent

I've noticed that whenever I write about Firefox or IE on this blog, I always get a couple of comments from Opera fans (rightly) pointing out how innovative their favorite browser is.

I've been impressed by their durability in a very tough market.

Read more HERE.

Package Deals to Commit eBay Fraud

Gone are the days where committing fraud took knowledge, or technical expertise. Personal, financial and "how to scam" kits are all easily purchased in IRC (Internet Relay Chat) chatrooms.

The kits contain everything a scammer needs to set up auctions on eBay to sell items they don't own and don't intend to fulfill to "customers."

Read the article HERE.

Thursday, April 20, 2006

Windows Vista

Microsoft announced the broad outlines of its Windows Vista lineup a few months ago. In all, there are five mainstream editions: three for home users, two aimed at businesses.

This article focuses on end-user features, advanced networking and system administration features.

Read the article HERE.

Live.com to be homepage of Vista and IE7

Live.com is the new default home page for users of the Internet Explorer 7 and the Windows Vista operating system. Live.com will be the first feed syndication experience for hundreds of millions of users who would love to add more content to their page, connect with friends, and take control of the flow of information in ways geeks have for years.

Find out more HERE.

Wednesday, April 19, 2006

Windows Users: Drop Your Rights

"I have written before about the importance of setting up and using "limited user" (non-administrator) accounts for everyday Windows users" writes Brian Krebs of Security Fix.

He has advised the importance of running everyday software applications under user accounts that do not have the power to install programs or modify the underlying operating system in any way. The reason is simple: Spyware and other unwanted programs have a much harder time getting their hooks into your system if the current user lacks installation privileges.

Read the entire article HERE.

Rogue Spyware Programmes Are Your Worst Enemy

When choosing a spyware programme, be very careful what you download and instal. The Internet is now littered with Rogue Spyware Programmes that actually infect your machine with the very thing you are trying to avoid.

How do you choose ? I suggest a visit to The Spyware Warrior.

This highly regarded website is at the forefront of Spyware information, including

Rogue/Suspect Anti-Spyware Products & Web Sites

and most importantly

Comparison of the 12 most reputable anti-spyware apps on the Net.

Well worth a look.

Microsoft Security Bulletins Explained

Every month, Micosoft® issues security bulletins - and every month, Randy Franklin Smith gives you an in-depth, expert, independent analysis of the latest bulletins in understandable language.

"Within hours of Microsoft's release I will give you my independent take on each bulletin from Microsoft. Much more than a mere rehash of Microsoft's bulletins, I will endeavor to provide you with an independent analysis of each month's vulnerabilities that cuts to the chase with informed observations about the risk and possible mitigating controls, as well as practical guidance for determining if your systems are at risk and deploying work-arounds or updates."

Read the bulletins HERE.

Tuesday, April 18, 2006

Free CDs highlight security weaknesses

To office workers trudging to their cubicles, the promotion looked like a chance at sweet relief from the five-day-a-week grind. By simply running a free CD on their computers, they would have a chance to win a vacation.

Read the original article HERE.

The seemingly boundless capability of people to invent new ways of being stupid will never, ever cease to astound me.

Saturday, April 15, 2006

Review : Spyware Doctor 3.5 for Windows

PC Tools has updated its antispyware software with Spyware Doctor 3.5. The latest version combines strong protection against keyloggers, adware, and spyware with new tools to remove rootkits and other hard-to-rid malware.

Spyware Doctor 3.5 features an innovative Kernel Delete feature that gives the antispyware detection module new ways to remove rootkits and other complex malware that fights to stay hidden or resurrects itself on reboot.

Read the full review HERE.

Security Updates for Firefox and Opera Browsers

Mozilla has issued a new version of Firefox to fix multiple, serious flaws in the open-source browser, including at least five vulnerabilities that hackers could deploy on malicious Web sites to install malware if users visited the sites with vulnerable browsers.

More information can be found HERE.

Friday, April 14, 2006

Reducing confusion during malware outbreaks

In early February, anti-virus firms warned customers about a computer virus programmed to delete files on the third of each month, but almost every company called the program by a different name.A month later, the companies still use a hodge-podge of monikers for the program: Blackmal, Nyxem, MyWife, KamaSutra, Blackworm, Tearec and Worm_Grew all describe the same mass-mailing computer virus.

"Consumers and customers don't always know which threat to be worried about," said Dan Nadir, vice president of product strategy for network-protection firm ScanSafe. "We had a problem that a person would say, 'I know about MyWife, but what about this new threat, KamaSutra?'". "That confusion is a big issue."
While the virus-of-many-names episode highlighted the continuing issues for the average internet user, the incident became the first success - albeit a moderate one - for an effort to create a single identifier among responders for common threats. While consumers may have scratched their heads about which threat to be worried about, incident response teams and information-technology managers had a single name for the attack, CME-24.


The designation comes from the Common Malware Enumeration (CME) Project, an initiative spearheaded by federal contractor MITRE Corp. The project does not intend to solve the naming problem for consumers, but to provide a neutral common identifier that incident responders can use.It provides single, common identifiers to new virus threats to reduce public confusions during malware outbreaks. CME is not an attempt to replace the vendor names currently used for viruses and other forms of malware, but instead aims to facilitate the adoption of a shared, neutral indexing capability for malware.

Visit the website HERE.

Thursday, April 13, 2006

Recovery from Malware Becoming Impossible

In a rare discussion about the severity of the Windows malware scourge, a Microsoft security official said businesses should consider investing in an automated process to wipe hard drives and reinstall operating systems as a practical way to recover from malware infestation.

According to eWeek article, when you are dealing with rootkits and some advanced spyware programs, the only solution is to rebuild from scratch. In some cases, there really is no way to recover without nuking the entire system.

Read the full article HERE.



Wednesday, April 12, 2006

Microsoft Issues Security Fixes

Microsoft today has issued six free software updates to fix security flaws in its Windows operating system and other software products.

THREE of the updates will carry a critical rating, which Microsoft assigns toflaws that could be used by attackers or automated computer worms to take overvulnerable computers without any action on the part of the user.

Microsoft Security Bulletin Summary for April, 2006 - read the bulletin.

Download and install updates - http://update.microsoft.com/.


Accidental release of sensitive information

In the past several years, federal agencies and private-sector companies have released documents on the Internet that they thought did not contain sensitive content, but they actually did. That has led to embarrassment, scandals, firings and national security breaches when unintended readers discovered the hidden data.

Microsoft has created the Remove Hidden Data (RHD) plug-in for Office 2003.
Adobe Systems has a PDF Optimizer tool that can examine hidden data.
Sadly, analysts disagree whether the tools work.

Read the full article HERE.

Tuesday, April 11, 2006

Security Alert : When Bots Attack

In moments, hackers with bot code can break into vulnerable computers, turn them into zombies, steal information and spread the infection. While you scramble to secure your computer - and the vital data on it - botmasters sell access to your hacked machines for pennies apiece. Here's the inside story of how bots work - and what you can do to protect yourself.

Grab a coffee, make yourself comfortable, and read this intruiging story HERE.

Microsoft releases new URL Tracer tool

When a user visits a Web site, her browser may be instructed to visit other third-party domains without her knowledge. Some of these third-party domains raise security, privacy, and safety concerns. The Strider URL Tracer, available for download, is a tool that reveals these third-party domains, and it includes a Typo-Patrol feature that generates and scans sites that capitalize on inadvertent URL misspellings, a process known as typo-squatting. The tool also enables parents to block typo-squatting domains that serve adult ads on typos of children's Web sites.

Visit the Microsoft website
HERE for full details.

Sunday, April 09, 2006

Forensic Analysis of the Windows Registry

This paper discusses the basics of the Windows XP registry and its structure, data hiding techniques and analysis on potential Windows XP registry entries that are of forensic value.

Although this article may not appeal to everyone, if you ever wanted to learn more about the registry, then this is the place to start.

Read the 16 page article HERE.


Also available in PDF format HERE.

Friday, April 07, 2006

Free personal firewall

Comodo offers its full strength, free personal firewall with no update or renewals fees - ever.

Comodo has announced the availability of Comodo Personal Firewall V2.0, one of the most powerful personal firewalls ever created free for all home users. The software provides one of the highest levels of protection and control against known and emerging threats with its default, 'out-of-the-box' settings and is free of charge to the end user without any renewal, license or subscription fees.
Suitable for both home users and corporate networks alike, the firewall features both inbound and outbound packet filtering in combination with robust outbound application filtering at the network layer. The new-look interface facilitates quick and easy access to all major settings, including the powerful and highly configurable security rules interface.

The latest release [V2.0] builds on the overwhelmingly positive reception of Comodo's Personal Firewall V1.0 with new features and functionality including:

  • Advanced network, application and application component monitoring

  • Completely redesigned interface including 'Smart' pop-up alerts

  • More powerful and intuitive security rules interface

  • Full Application Behavior analysis

  • Improved application activity control

  • Windows security center integration

  • New application recognition database


A full list of new features can be found (www.VEngine.com), PC vulnerability scanning (www.HackerGuardian.com), free email certificates for secure email encryption, secure BackUp for backing up files on your PC and iVault for password management and launching secured Internet sessions. Most consumers now have to spend upwards of $200 to achieve a comparable level of Internet security and safety. All these products are offered free for the lifetime of the PC - without any annual subscription fees or licenses because Comodo, as one of the world's leading Certification Authority is setting the standard for Identity and Trust Assurance online, ensuring that consumers and businesses establish trust online with true e-identity and e-business authenticity.

Comodo Personal Firewall is available for download now.

For more information go to:
www.comodo.com

Wednesday, April 05, 2006

Windows Intruder Detection Checklist

Following on from my previous post, how do you really know that your computer is free of anything that may have compromised it.

This document outlines suggested steps for determining whether your Windows system has been compromised. System administrators [and individuals] can use this information to look for several types of break-ins. I also encourage you to review all sections of this document and modify your systems to address potential weaknesses.

The term "Windows system" is used throughout this document to refer to systems running Windows 2000, Windows XP, and Windows Server 2003. Where there is a distinction between the various operating system versions (e.g., a capability available to only one OS version)the document will note this as such.

In this document, they make a distinction between the terms "auditing" and "monitoring". They use auditing to indicate the logging or collection of information and use monitoring to indicate the routine review of information obtained by auditing to determine occurrences of specific events.

A degree of expertise may be required to conduct these tests.

Test details are available HERE.

How Do I Know If My PC Is A Zombie?

With the myriad of jargon that technology often spawns, especially concerning security, consumers could be forgiven for hearing terms like phishing, pharming, worms, zombies and Trojans, knowing what they represent isn’t good, but not really understanding what they mean.

In today’s world, where transactions and banking are more and more commonly conducted online, the sort of data that could be obtained is very sensitive.

Read the full article HERE.

Monday, April 03, 2006

Can Bad Guys Google Your Passwords?

A very interesting article discussing the use of various operators for advanced searches on Google revealed just how effective they can be in malicious hands.

SecurityFocus.com writer Scott Granneman called Google "the most dangerous Web site on the Internet for many, many thousands of individuals and organizations."

Read the original article HERE.

Sunday, April 02, 2006

Phishers set hidden traps on eBay

Click on an eBay auction listing, and you could get an unwanted result: a fake eBay login page, created by scammers looking to pilfer your username and password.

Read the full article HERE.

Another [ better ] USB secure drive

Authenex, provider of authentication e-security applications, announced the release of the v4 A-Key token, a driverless USB storage device can be taken anywhere and used on any PC without installation. The device is designed to "self-erase" if an unauthorized person tries to access it.

Like self-destructing without destructing, the token self-erases if someone tries to log on fails a predefined number of times. This ensures that, in case of loss or theft, vital information cannot fall into the wrong hands.

The A-Key token also supports multiple authentication protocols (One- Time Password, PKI, or Challenge-Response authentication). The v4 A-Key token enables up to two levels of password management: the user level or both the administrator and user levels. This enables a greater degree of control over how the token can be used and by whom.

The token contains up to one gigabyte of encrypted storage for user data, such as certificates, documents, single-sign on credentials, etc. All data is encrypted on-the-fly by AES encryption at the hardware level.

Visit the Authenex website HERE.



Anti-Phishing Tips You Should Not Follow

Today every other online banking website features the "anti-phishing tips" page intended to teach an ordinary computer user how to fight those annoying emails collecting your personal data. While this educational initiative is praiseworthy, many of the tips, and some of them originate from security experts, are in fact questionable, incorrect, or misleading.

This article debunks the most common myths.

Saturday, April 01, 2006

Wireless Cracking Tools

By familiarizing yourself with following software, you will not only have a better understanding of the vulnerabilities inherent in 802.11 [wireless] networks, but you will also get a glimpse at how a hacker might exploit them. These tools may also be used when auditing your own network.

Read the full article HERE.

RAIDE Rootkit Elimination Tool Hits Beta

Spurred on by the ongoing cat-and-mouse game between malicious hackers and existing anti-rootkit scanners, a pair of security researchers have teamed up on a new tool that promises a solution to the threat from stealthy malware.

Rootkits are used to modify the flow of the kernel to hide the presence of an attack or compromise on a machine. It gives a hacker remote user access to a compromised system while avoiding detection from anti-virus scanners.

RAIDE offers several unique features that cannot be found in other anti-rootkit tools. Existing anti-rootkit scanners like BlackLight and RootkitRevealer look for registry and file system API discrepancies that may indicate the presence of a user-mode or kernel-mode rootkit, but weaknesses in that approach have been proven.

Read the full article HERE.