Monday, July 31, 2006

Detecting and Exploiting Applications using JavaScript

Imagine visiting a blog on a social site like MySpace.com or checking your email on a portal like Yahoo’s Webmail. While you are reading the Web page JavaScript code is downloaded and executed by your Web browser. It scans your entire home network, detects and determines your Linksys router model number, and then sends commands to the router to turn on wireless networking and turn off all encryption. Now imagine that this happens to 1 million people across the United States in less than 24 hours.

Read the article HERE.

Sunday, July 30, 2006

Windows Unpatched SMB Vulnerability and Exploit

Technical Description :
A vulnerability which could be exploited by remote attackers to cause a denial of service.
Affected Products :
Microsoft Windows XP : SP1 - SP2 - Professional x64 Edition
Solution :
Restrict access to ports 135, 139, and 445.

Read the alert HERE.

Disable Dangerous Ports in a Few Clicks!

Windows Worms Doors Cleaner allows you to close these ports.

Visit the website HERE.

Weekend Reads

Hackers Fight Authority in NYC

On the 18th floor of the Hotel Pennsylvania, an anonymous crowd gathered. Their ages ranged from 13 to 80; they wore everything from T-shirts or formal suits to pastel sundresses or Goth black mesh. But you could tell they were together by their matching conference tags that displayed numbers instead of names.

The numbers gave participants, many of whom go by pseudonyms, a shield of anonymity. But they also reminded everyone that we live in a techno-bureaucracy where everyone is reduced to a statistic.

Visit the website HERE.
===================================================================
Making a federal case
How the FBI collars cybercriminals...
and what companies can do to avoid being victims

Identity theft, hacking for profit, espionage, iPod slurping -- the FBI is increasingly focused on helping organizations fight these and other cybercrimes. Computerworld's Robert L. Mitchell asked several agents what they're seeing in the field and what advice they can offer IT.

Visit the website HERE.

Saturday, July 29, 2006

The security risk in Web 2.0

Web 2.0 is causing a splash as it stretches the boundaries of what Web sites can do. But in the rush to add features, security has become an afterthought, experts say.

While surfers can find some PC protection in security software, the burden is on developers to make sure they don't leave any loopholes for attackers.

Read the article HERE.

Firefox fixes critical flaws

Mozilla has released an update to its popular Firefox Web browser that fixes a dozen vulnerabilities, seven of which it deems "critical". The most serious of the flaws could be exploited by cyberattackers to commandeer a vulnerable PC.

Security monitoring company Secunia rates the updates as "highly critical", one notch below its most serious ranking.

Updates explained in detail HERE.

Steganography

As we are on a roll, here are two more FREE options

Steganography with Spam - Spam Mimic

There are terrific tools (like PGP and GPG) for encrypting your mail. If somebody along the way looks at the mail they can't understand it. But they do know you are sending encrypted mail to your pal.

The answer: encode your message into something innocent looking. Your messages will be safe and nobody will know they're encrypted!

There is tons of spam flying around the Internet. Most people can't delete it fast enough. It's virtually invisible. This site gives you access to a program that will encrypt a short message into spam. Basically, the sentences it outputs vary depending on the message you are encoding. Real spam is so stupidly written it's sometimes hard to tell the machine written spam from the genuine article.

Visit the website HERE.

BlackBox v1.1

BlackBox is an application that makes use of steganography. You have the ability to hide messages within Bitmap (BMP) files with no changes to the image or even the any of its properties, such as its file size. The program can only hide text within a Bitmap image (.bmp). Future plans are to extend this to wav files and compressed image files - JPEGs and GIFs.

Note: This application requires .NET Framework to be installed
Visit the website HERE.

Friday, July 28, 2006

Alert("Your new friend is a worm");

Web Application Worms exploit persistent Cross Site Scripting (XSS) vulnerabilities in websites. It's a new category of malware and it's a growing concern for popular websites. Social Networking sites seem to be the most popular target as of now. MySpace has already been hit by two such worms - the Samy worm in October last year and last week's Flash worm.

Read the warning HERE.

Encryption : Steganos Security Suite

The problem with encrypted data is that it’s conspicuous. People might not be able to understand it, but they will know that there’s encrypted data there and that might prompt them to misread between the lines.

The solution is to put your data in a context where it looks perfectly natural. Using Steganos Security Suite, you can encrypt your data and then pick a host file, such as a digital photo, in which to hide it. Your encrypted data is then spread throughout the image by making tiny, imperceptible changes to the dots that make up the picture. This picture could be emailed, posted online or shared on a USB key. People would never suspect the photo contains hidden data, and even if they did, they would still need the password to recover it. The technique is called steganography, and can be used to hide any type of data inside sound or image files.

Today you can obtain commercial encryption software that uses the same standard techniques that the US government considers good enough for its ‘Top Secret’ information. The 256-bit AES algorithm which powers Steganos encryption software has never been cracked. It’s also easy to use. At its simplest, the Freecrypt service will encrypt text that you enter into a form on a webpage, according to the password you provide. To decrypt it, you return to the form and reverse the process.

Try it yourself, free of charge at Steganos.

Read the article HERE.

Steganos launches Steganos Secure VPN

Mobile and home workers can securely link up with their employers' network without the risk of ISPs or hackers eavesdropping on connections using Steganos Secure VPN.

Germany-based security software provider Steganos has launched its VPN (virtual private network) service, which allows home and mobile workers connect securely to their employers' networks. The service also provides users with anonymity when using the internet, whether it is research or shopping.

Read the article HERE.

Rumour and innuendo: time for a few facts...

I see rumour and innuendo and downright falsehoods muddying the waters around Internet Explorer 7. Its as if some are trying to scare people away from the Web browser, which is sad. IE7 is going to make a *big* difference to the safety and security of internet users. How many recent exploits have affected IE7?

Read the article HERE.

Thursday, July 27, 2006

Browser vulnerabilities

Opera 9.0 - New HTTPS vulnerability

A critical vulnerability has been identified in Opera, which could be exploited by remote attackers to crash a vulnerable browser or potentially take complete control of an affected system.

Read about the warning HERE.

Trojan Spoofs Firefox Extension, Steals IDs

An identity-stealing keylogger that disguises itself as a Firefox extension and installs silently in the background was discovered Tuesday by security vendor McAfee. The "FormSpy" Trojan horse monitors mouse movements and key presses to steal online banking or credit card usernames and passwords, other login information, and URLs typed into Firefox

Mozilla is expected today to release a new version of Firefox today, 1.5.0.5, that includes about a dozen security updates as well as stability fixes.

Read about the warning HERE.

IE7 to be distributed via Automatic Updates!

To help our customers become more secure and up-to-date, we will distribute IE7 as a high-priority update via Automatic Updates (AU) shortly after the final version is released for Windows XP, planned for the fourth quarter of this year. If you decide to install IE7, it will preserve your current toolbars, home page, search settings, and favorites and installing will not change your choice of default browser. You will also be able to roll back to IE6 at any point by using Add/Remove Programs in the Control Panel. Finally, users who have AU turned off will not be notified.

Read more about the release HERE.

Wednesday, July 26, 2006

US still tops spam senders list

Sophos has published its latest report on the top twelve spam relaying countries over the second quarter of 2006. The US remains stuck at the top of the chart and is the source of 23.2 percent of the world's spam. Its closest rivals are China and South Korea, although both of these nations have managed to reduce their statistics.

Read the article HERE.

PHP encryption for the common man

How to secure the data in your PHP applications. In this increasingly virtual online world, you have to be careful to protect your data. Learn the basics of encoding and encrypting important bits of information, such as passwords, credit card numbers, and even entire messages. Get an overview of what it means to encrypt and decrypt information, as well as some practical examples involving passwords and other data, using PHP's built-in functionality.

Read the howto article HERE.

Tuesday, July 25, 2006

Undetectable rootkit in wild

Haxdoor is one of the most popular and dangerous Windows based rootkits. Troj/Haxdoor-CP is a Trojan for the Windows platform. Troj/Haxdoor-CP runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer.

Users should continue to be cautious with all suspicious email messages.
This virus was undetected by most of the commercial antivirus vendors yesterday.

View contents of the email, and Antivirus Results HERE.

LinkScanner - Competition for SiteAdvisor

McAfee's Site Advisor has competition, strong competition, from LinkScanner, a new (free) offering by security startup Exploit Prevention Labs. LinkScanner claims to be a real time exploit scanner, unlike McAfee's Site Advisor which it describes as "not immediate and not empirical".

Read the article [with screenshots] HERE.

Monday, July 24, 2006

ScatterChat - Anonymous Secure Chat

ScatterChat is a secure instant messaging client (based upon the Gaim software) that provides end-to-end encryption, integrated onion-routing with Tor, secure file transfers, and easy-to-read documentation.

Its
security features include resiliency against partial compromise through perfect forward secrecy, immunity from replay attacks, and limited resistance to traffic analysis... all reinforced through a pro-actively secure design.

ScatterChat allows you to set up a secure channel with another ScatterChat user so that encrypted messages can be exchanged. It also verifies that you are indeed talking to the person you think you are, and not an impostor. ScatterChat uses 2048-bit ElGamal and 1024-bit DSA for encryption setup and authentication.


The release announcement was made at HOPE, where CDs were distributed. This could prove to be the biggest security enforcement nightmare since PGP [pre Version7 ].

ScatterChat Users Guide [ HTML ] or [ PDF ]

Visit the ScatterChat website HERE.

Email Tools

Free disposable email address

Use your temporary email account at registrations. They will never know your private address.
No Registration needed!!!
Visit the website HERE.

YouSendIt.com

Need to send someone a large file?
Send as many 1 GB files as you like... for FREE.
Visit the website HERE.

Whois Hijacking My Domain?

Leave it to the domain-squatting industry to come up with a way to jump claims.

It all started with a message from a reader. She was planning to put a Web site up and needed to register a domain name. She chose to use her first and last names for the domain and checked it on at least one service for availability. She went back in a day or two to register it and, lo and behold, it had just been registered to an outfit named Chesterton Holdings.

I decided to run some tests, so I picked three names out of the air and checked them with the CNet Domain Search page including myfuzzycat.com and lickmynose.com. I let the matter go and about 30 hours later I checked with a separate whois service and determined that the domains belonged to Chesterton Holdings.

Read the article HERE.

Sunday, July 23, 2006

Weekend Reads

Why Popular Anti-Virus Apps 'Don't Work'

Following an article detailing the sad state of anti-virus software currently on the market, ZDNet Australia has detailed why AV apps don't work.

One of reasons given is because the malware authors are writing code that will get around the signatures of the application by testing their code on the most popular anti-virus software before release.

Read the article HERE.


Virus busters clash over open source security

Meanwhile, a war of words has broken out between virus-busters over the security merits of open source software. While McAfee reckons open source's very openness makes it easy to fiddle with, rival Trend Micro reckons it's the openness that makes dodgy code easy to spot.

Read the article HERE.

=========================================================
How to solve the problem of spam

About two weeks ago I started getting a lot of bounced e-mails. Most of them were notifications that my e-mail could not be delivered because the recipient didn't exist. Others were from spam filters to tell me I'd sent messages they were unwilling to accept.

It seems I've been pushing dodgy stocks, offering prescription drugs and even sending viruses to unwitting users. Except I haven't.

Read the full article HERE.
=========================================================
Money Wired

What happens when a gambling town falls hard for the computer network? Hacker crooks. Megajackpot slots. Cutting-edge surveillance software. And that's just the start.

Kathleen Budz had been at the slots in the New York-New York casino for only a couple of hours when the big money came along. The gambling device in question is a fairly typical modern Vegas slot. Three spinning reels occupy the center of the machine. Players can wager as little as a quarter, and small jackpots -- a dollar or 10 -- come along frequently enough to keep the action going. But the huge bonus prize is the real draw -- announced by an electronic display that resembles the ticking wheel on the TV game show, placed just above eye level.

Then it happened: The symbols on the three reels matched, and the digital Wheel of Fortune began to spin, indicating a win. On the top of the machine, the jackpot was posted: $4 million

Read more HERE.

=========================================================
The 10 Biggest Myths of IT Security

Like most wars, the war between attackers and IT security managers is full of misinformation. Attackers fill open message boards with boasts about their latest exploits, yet the smart ones keep the most effective hacks to themselves.

Read the full article HERE.

Saturday, July 22, 2006

Windows Live Messenger - talk to Yahoo! contacts

Yahoo! & Microsoft have joined forces. Now you can use Windows Live Messenger to talk to your friends who use Yahoo! You’ll be able to see when Yahoo! users are online and communicate with them from Windows Live Messenger. Visit the Microsoft website HERE.

The beta program is filled to the brim at the moment. Join the waiting list and we'll notify you the moment things open back up. Visit the Yahoo! website HERE.

But those of you that read my "What Is Gaim?" blog are already doing this.

Google Talk :
Now that Google has opened up their Google Talk servers for federation with other Jabber servers, you can use Google Talk to connect to your friends on AIM, MSN, Yahoo or ICQ.
Here's how, with step-by-step instructions [and screenshots].

Friday, July 21, 2006

US Feds sharpen secret tools for data mining

U.S. intelligence agencies have invested millions of dollars since 9/11 on computer programs that search through financial, communications, travel and other personal records of people in the USA and around the world for connections to terrorism, according to public records and security experts.

The software is designed to find links between terrorism suspects and previously unknown people; track the international flow of money, operatives and materials; and search for clues in the worldwide communications over phone lines, wireless connections and Internet links.

Read the article HERE.

80% of new malware defeats antivirus

The time is long past that I have depended on any antivirus or antispyware product to clean a system properly, or detect all malware files.

At best, antivirus and antimalware products will get rid of the high profile, obvious, easy to remove stuff.

They may get rid of the files and services with big "shoot me" targets on their backsides, but the real important stuff is too often missed.

Read the article HERE.

The Google Proxy

Surf the web from http://www.google.com/xhtml to get a proxied & simplified version of any page you want to visit. May bypass corporate firewalls, may not. May provide some level of anonymity, may not. Breaks up long pages into smaller ones, and you can turn off images.

Read the full article HERE.

Thursday, July 20, 2006

Visit MySpace To Download Spyware

An online banner advertisement that ran on MySpace.com and other sites over the past week used a Windows security flaw to infect more than a million users with spyware when people merely browsed the sites with unpatched versions of Windows, according to data collected by iDefense.

Microsoft released a patch in January to fix this serious security flaw in the way Windows renders WMF (Windows Metafile) images, but online criminal groups have been using the flaw to install adware, keystroke loggers and all manner of invasive software for the past seven months.

Read the article HERE.

Consumers Balk at Updating Malware Protection

While nearly 90 percent of computer users have software on their machines to protect them from malware like viruses, Trojans, worms and spyware, almost two-thirds of those users are reluctant to upgrade the software after it's installed. That was the finding in a survey released Monday.

Read the article HERE.

Wednesday, July 19, 2006

Data miners dig a little deeper

When customers sign up for a free Hotmail e-mail account from Microsoft, they're required to submit their name, age, gender and ZIP code.

But that's not all the software giant knows about them.

Microsoft takes notice of what time of day they access their inboxes. And it goes to the trouble of finding out how much money folks in their neighborhood earn.

Why? It knows a florist will pay a premium to have a coupon for roses reach males 30-40, earning good wages, who check their e-mail during lunch hour on Valentine's Day.

Microsoft is one of many companies collecting and aggregating data in new ways so sophisticated that many customers may not even realize they're being watched.

Read the article HERE.

SMS/MMS: The New Spam and Phishing Frontier

I've always wondered why SMS/MMS isn't used more often for spam or other malicious activities. I think the tide may be turning, albeit on a very small scale. SMS is starting to be used more frequently in malicious activities.

I came across a great Web site [
http://www.grumbletext.co.uk/ ] that monitors the mobile problems.

So, while it is definitely not anywhere near the same scale as e-mail borne phishing and spam, it seems that SMS/MMS will soon be one of the frontiers where the fight will be moving.

Read the article HERE.

Tuesday, July 18, 2006

Hackers Turn To Open Source

Hackers have borrowed the same open-source development techniques used to build Firefox, Apache, and Linux as they collaborate on malware projects.

There is financial incentive for [hackers] to share code. He wants to drop as many bots as possible, so he wants the most effective bot possible. They don't care if they're all using the same bot, since they all have different bot networks they're selling.

Read the article HERE.

Thieves Find Easy Pickings on Social Sites

Rob Newland is a pro at dodging spam e-mails and suspicious pop-up windows as he surfs the Web.

But he lets his guard down when he is checking friends' profiles and clicking through blog posts on the social networking Web site MySpace.

Read the article HERE. [at washingtonpost.com]

Test your Pop-up blocker

I often link to Brian Krebs on Computer Security [Security Fix], also at washingtonpost.com, especially on "Patch Tuesday", when Brian gives an excellent report on what you are downloading - and why.

But the pop up can be annoying.

Does your pop-up blocking software work? Not all pop-up windows are created equally; some are intrusive and annoying and some are actually necessary. Not all pop-up blocking software is created equally.

Test your software at
Kephyr.com or Webroot

Monday, July 17, 2006

AirSnare 1.5

Monitor your wireless network for unauthorized intrusions. AirSnare is an intrusion detection system to help you monitor your wireless network. AirSnare will alert you to unfriendly MAC addresses on your network as well as to DHCP requests. If AirSnare detects an unfriendly MAC address, you have the option of tracking its access to IP addresses and ports or of launching Ethereal.

Visit the website
HERE.

Support User Group Web site

User reviews from Cnet

How to Secure Wireless Routers and Computers

With wireless fast becoming the easiest and most economical way to set up a home network, we get lots of questions about how to make sure it's secure. Here are some tips for securing your wireless router/access point and computers with wireless adapters:

1 : Change the defaults. Wireless routers and access points come with a preset administrator password and SSID (network name). These are usually the same for all routers/WAPs of that model, so it's common knowledge to tech savvy folks. A hacker can use that info to change your WAP settings or connect to your network.

Use a non-default Workgroup name for your local network. Windows will default to "MSHOME." You don't want to accidentally share files with the others in the coffee shop.

2 : Turn off SSID broadcasting. This makes your network visible to anyone in the area who has a wireless-equipped computer. Turning it off doesn't hide it from WLAN "sniffers" but it does keep casual browsers from knowing it's there.

3 : Turn on MAC address filtering. This allows only computers whose MAC addresses have been entered by the WAP administrator to connect to the network. It's not foolproof since some hackers can spoof MAC addresses, but it provides a layer of security.

4 : Assign static IP addresses to your wireless clients and turn off DHCP, so that unauthorized persons who try to connect won't automatically get an IP address.

What are the valid IP ranges you can use?
These IP addresses are "Reserved for Private Networks".

10.0.0.0 - 10.255.255.255
17.16.0.0 - 17.31.255.255
192.168.0.0 - 192.168.255.255

5 : Use encryption. And use WPA (Wi-Fi Protected Access) encryption instead of WEP (Wired Equivalent Privacy).

For instructions on how to configure WPA in XP click
HERE

6 : Turn the WAP off when you aren't using it. This will prevent "war drivers" from connecting to your network and using your Internet connection or accessing the computers on your network.

7 : Limit signal strength. The typical range of an 802.11b/g wireless access point is about 300 feet. If you use a high gain antenna, that can be extended considerably. Only use such an antenna if you must, and if possible use a directional antenna that will only transmit in one direction. Test the signal strength to see how far it extends outside your house and grounds and adjust the positioning of your WAP and antenna to limit it.

8 : If you're really worried about security, use 802.11a equipment instead of the more popular 802.11b and g. It transmits on a different frequency and can't be accessed with the built-in wireless adapters included in most new laptop computers. It also has a shorter distance range.

Sunday, July 16, 2006

Microsoft Withdraws Private Folder

Following a barrage of criticism from security experts and IT administrators, Microsoft has withdrawn its new Private Folder application. The program was introduced last week as a free download. Private Folder was designed to hide data from the hard drive in addition to protecting it with a password. However, the application quickly drew concern from administrators who feared users would lose their password and not be able to unlock their files. In addition, parents voiced worry that kids could use Private Folder to hide content they download.

Has Microsoft lost all touch with reality ? They never listen to their customers, and the one time they do its over something completely stupid. There are many apps that will hide files and that also require a password.If you're an admin and have so little control over what is installed on your systems, get a new job. Those who complained are just lazy or incompetent. If you're a parent, be one for a change.

"Private Folder 1.0 was designed as a benefit for customers running genuine Windows," Microsoft said in a statement to CNET News.com on Friday. "However, we received feedback about concerns around manageability, data recovery and encryption, and based on that feedback, we are removing the application today. This change will take effect shortly."

After downloading, I tried import/export encrypted data, and it worked flawlessly.
But of course I have to remember ONE password !!!

You can still download it at this link. [For the time being]

And as for Microsoft, May I suggest a new company slogan :

We want security! We want security! We want security! We want security!
...Oh wait,
No We Don't! No We Don't! No We Don't! No We Don't!

5 Tools To Bulletproof Firefox

Spyware, adware, drive-by downloads, phish blitzes, malware of all stripes, they all have one thing in common: they reach your computer through the wide open door that is your browser.

If the most important step you can take to secure your system is to use a secure browser, then the second step is to lock down the browser beyond what it offers out of the box, and/or learn how to use the security tools it does provide.

Read the article HERE.

Weekend Reads

Sharpmail

Ever wanted to send a anonymous email to your friend that appears as if it came from the future? or maybe you just wanted to let a work colleague think he might be getting a promotion. Then you have come to the right place. Send a anonymous email and you specify the "From :" field. What address they think the anonymous email is from is up to you!

Test Sharpmail HERE.
=========================================================
Meebo - take your IM with you

Travelling, on holidays or just away from your computer ?That doesn't mean you can't access your IM.Still in "alpha", but worth a try.

Test Meebo HERE.
=========================================================
Cracking The Data Encryption Code

Two things jump to mind when it comes to encryption: It's a must-have for secure military installations, and it's a huge headache to implement among everyone else.

Encryption's reputation as a difficult, often unmanageable technology that can thwart productivity and frequently deliver negative ROI has hindered adoption in all but the most secretive government facilities. Most agency CIOs and the solution providers that serve them know just enough about encryption to steer clear of it if they can.

But the tide may be turning in encryption's favor as more agencies are required to safeguard their data and make improvements to decades-old technology for less daunting encryption rollouts.

Read the article HERE.

Saturday, July 15, 2006

SafeGuard PrivateDisk 2.01

The SafeGuard PrivateDisk Portable application allows users to extract files from a memory stick to another portable device or PC, and to read it even if the system does not have encryption software installed.

This flexibility will greatly benefit the mobile workforce, enabling those who carry memory sticks with encrypted data to meet company security standards as well as read their data anywhere.

SafeGuard PrivateDisk Portable allows access to memory sticks without SafeGuard PrivateDisk being installed. By selecting the checkbox of the new Disk Wizard users can add the application PrivateDisk Portable to the destination directory of the newly created PrivateDisk volume in case it is located on removable media.


Read the article HERE.

World's smallest, most secure USB flash disk

Netac Technology, the company that invented the world's first flash drive in 1999, has introduced the world's smallest USB flash disk with built-in security.

Weighing just 13g and measuring 5.5 x 13.5 x 53mm, the OnlyDisk U220, with the body thickness almost the same as the USB connector itself, and is extremely robust with a metal case and metal chain. Built-in security allows files to be stored securely, and unlike other drives, cannot be hacked to access data.

* Supports non-administrator operation on Windows XP *

Read the article HERE.

Friday, July 14, 2006

Who uses which browser ?

OneStat.com today reported that Mozilla Firefox's browsers have a total global usage share of 12.93 percent. The total usage share of Mozilla Firefox increased 1.14 percent since May 2006. The total global usage share of Internet Explorer is 83.05 percent which is 2.12 percent less than at the of May. Germany leads the world in Firefox usage [ Microsoft IE 55.99% - Mozilla Firefox 39.02% ].

View the results HERE.

FolderShare - what a great tool

If you haven't tried FolderShare yet, it's part of the Windows Live Service, take a look and see what it can do for you. Keep important files at your fingertips - anywhere. All file changes are automatically synchronized between linked computers, so you are always accessing the latest documents, photos, and files.

Read the article HERE.

Phishers rip into two-factor authentication

Phishers are seeking to circumvent two-factor authentication schemes using man-in-the-middle attacks. Last October, US federal regulators urged banks to adopt two-factor authentication as a means to combat the growing problem of online account fraud.

Two-factor authentication involves the use of a password-generating device along with conventional passwords. That means a thief must know more than just a password to gain access to a user's account. Although the technology helps guard against fraud, a recent attack against Citibank shows the technique is far from foolproof.

Read the article HERE.

Thursday, July 13, 2006

Google searches pinpoint malicious code

A security firm warned on Monday that Google's ability to search on the signature of executable files allows anyone to find malicious code as well as create links using Google that lead potential victims to sites hosting the code.

Using a string prepended to all valid Windows' portable executable (PE) files and other attributes from known malicious code, the researchers found thousands of programs hosted on underground sites and in newsgroup archives.

Read the news item HERE.

Virtual PC Is Now Free

Microsoft is now offering both of its virtualization tools for no charge. In April, they gave Virtual Server away for free (Virtual Server offers Linux support).

You can now download Virtual PC 2004 Service Pack 1 absolutely free. Microsoft is also offering the free download of Virtual PC 2007, with support for Windows Vista in 2007.

Read the Virtual PC 2004 Product Overview HERE.


Visit the home page HERE.

You may also be interested in some Virtual PC performance tips :
Part 1: Part 2: Part 3:

Adobe Issues Security Update

A vulnerability has been identified in Adobe Acrobat PDF reader, which could be exploited by attackers to take complete control of an affected system. This flaw is due to a buffer overflow error when distilling files to PDF, which could be exploited by attackers to crash a vulnerable application or execute arbitrary commands by tricking a user into opening a specially crafted document. For version 6.0-6.0.4, Acrobat users should utilize the product's automatic update facility to install version 6.0.5.

Alternatively download and install the update from Adobe.


Read about the Security Bulletin HERE.

Wednesday, July 12, 2006

IE 7 Beta 3 Reviewed - and compared

Nervous about installing Beta software. From Microsoft.
To see what the browser future holds view these reports.

NeoSmart Technologies has a review [with screenshots]

TG Daily has a comparison with Firefox

CNET editors' take

But I have not seen anything, in either IE or Firefox, that would convince me stop using Opera. Just like people, software providers are followers or leaders. Some are cautious about real innovation, always reluctant to try out new things, while others are constantly seeking ways to improve their products and to innovate in their technology areas.

An excellent example of the latter is the Opera Web browser. Opera was the first to offer many of the browser features that we commonly use today, such as tabbed browsing and cookie management.
This trend carried on in last year's Opera 8, which eWEEK Labs lauded for providing innovative features such as phishing prevention tools and site security checks. These features are now being added to competing Web browsers.

Read the review HERE.


View a Walk-Through Slideshow : Opera 9

Microsoft Patches 18 Security Flaws

Microsoft Corp. today released seven security updates to address 18 separate flaws in its Windows operating systems and Office software, including 13 problems that earned a "critical" severity rating.

Microsoft labels a security hole as "critical" if it can be used to hijack vulnerable machines without any action on the part of the user. All but two of the flaws addressed in today's patches can be exploited on some version of either Microsoft Office or Windows to let attackers seize total control over a vulnerable system.

Brian Krebs from Computer Security reviews the updates HERE.


Microsoft will also host a webcast, which is devoted to attendees asking questions about the bulletins and getting answers from security experts.

Register for the Webcast [Wednesday, July 12 at 11:00 AM Pacific Time] HERE.

Tuesday, July 11, 2006

Microsoft Private Folder 1.0 - NO thanks

Microsoft have released Private Folder 1.0, which lets you password protect a folder called ‘My Private Folder’. Microsoft Private Folder 1.0 allows you to protect your private data when other people share your PC or account. With this tool, you will get one password protected folder called ‘My Private Folder’ in your account to save your personal files.

The installer places “My Private Folder” right on the desktop. So basically you’re telling everyone you have something you’d like to keep private, causing others to wonder what you have to hide.

People who want to download the software are first required to run their computers through the Windows Genuine Advantage program. AND you must also have Service Pack 2 installed.

Download from Microsoft HERE.


BUT, as you are no doubt aware of Microsoft's history of security problems - in ALL of their software products - I strongly urge you to use other products to keep your information secure. TrueCrypt 4.2a (released July 3, 2006) is Free open-source disk encryption software for Windows XP/2000/2003 and Linux.

Visit the TrueCrypt website HERE.
Software review [Dec 05] from gHacks tech news HERE.
Updated review after version 4.2 released in April 2006

Phishing Alert : Google Mail

Websense Security Labs has received reports that a variant of Google phishing attacks are increasing in sophistication. Users are shown a spoofed copy of the Gmail login page with a message claiming, "You WON $500.00!"

Read the alert HERE.

Monday, July 10, 2006

Zango = MySpace = Adware

Wouldn't it be nice if someone found a network of websites apparently designed to do nothing else but spread Adware around Myspace? Not only that, but get the innocent end-users themselves to do the job of pushing that Adware for the guy making all the money, without informing them of the Adware's presence in the first place?

Read the article HERE.

Sunday, July 09, 2006

Weekend Reads

'Blue Pill' Prototype Creates 100% Undetectable Malware

A security researcher with expertise in rootkits has built a working prototype of new technology that is capable of creating malware that remains "100 percent undetectable", even on Windows Vista x64 systems.

Read the article HERE.

The Blue Pill Hype - Creators Response

All the hype started from this article in eWeek by Ryan Naraine... The article is mostly accurate, despite one detail - the tile, which is a little misleading... It suggests that I already implemented "a prototype of Blue Pill which creates 100% undetectable malware", which is not true. Should this be true, I would not call my implementation "a prototype", which suggests some early stage of product.

Read the response from the Blue pill creator HERE.


=========================================================

Personal information is no longer personal

The only question is: who gets to see it?

“People used to dumpster dive in the back of travel agencies to get credit card receipts”, says John Curran, managing director at computer forensics firm Stroz Friedberg and a former legal counsel for the U.S. Federal Bureau of Investigation. “Now if you steal a hard drive or hack into a system you have at your fingertips thousands of identities.”

Read the article HERE.

=========================================================

Software : Console : Tabbed command prompt for Windows

I spend about half my time in Windows with at least one command prompt window open, and usually more than one. Console is an open source project that gives you a nice, configurable, tabbed interface to keep all your consoles in. It customization options are plentiful, letting you choose fonts, colors, transparency, background images, shortcut keys, even cursors.

Read more about the software HERE.


=========================================================

New PoC virus can infect both Windows and Linux

Kaspersky Lab today reported a new proof of concept (PoC) cross-platform virus that creates malicious code to infect both Linux and Microsoft Windows operating systems.
The virus doesn’t have any practical application - it’s classic Proof of Concept code, written to show that it is possible to create a cross platform virus. However, experience shows that once proof of concept code is released, virus writers are usually quick to take the code, and adapt it for their own use.


Read the article HERE.


Saturday, July 08, 2006

Flock Beta 1 - the First Web 2.0 browser

In our quest to find a safe web browser, we have been restricted to only a few choices. Firefox is the "flavour of the month", and now has over 10% of the market. Opera 9, which is now available as a free download, and a long time favourite of mine, is also a worthy contender. It may now be time to experience the future of the web.

FLOCK. The first beta release of the Flock browser, aka Flock 0.7, is now available for download. Flock promotes itself as a social browser, meaning that the application works well with popular web services like Flickr, Technorati and del.icio.us. The Flock browser is based on the Mozilla core, as is Firefox, therefore it will be available to users of all platforms that currently use Firefox and will render pages almost identically.

A functional browser which includes many features like tabbed browsing, it includes two additional features that make it stand out - social bookmarking and a wysiwyg blog writing tool.

Introducing Flock Beta 1

Take a tour to learn what's different about Flock

Keep up to date at the Flock BLOG

Macromedia Flash Security Updates

Adobe recommends that all Flash Player users upgrade to the most recent version of the player through the Player Download Center to take advantage of security updates. The new version, v9.0.16.0, released June 28, fixes 2 security flaws.

1] A remote user can cause denial of service conditions.
2] A remote user can create a specially crafted compressed '.swf' file that, when loaded by the target user, will cause the target user's Flash player (or browser) to crash.

Use the "Player Download Center" link at Adobe for your download.

Check to see which version of Flash Player you have installed by clicking HERE.


Before clicking the "Install Now" button at the download page, don't forget to clear the ticked box for the Yahoo Toolbar installation !!! (Not required for operation of Flash Player)

Friday, July 07, 2006

Pretec BulletProof USB Flash Drive

Company Pretec made Flash Drive i-Disk BulletProof wich can protect yor data like no other flash drive. With double metal layer BulletProof protect him-self from water, fire and knocking. This is the durablest USB Flash Drive in the whole world. The i-Disk BulletProof containers i-Disk Tiny, USB flash disk from 32MB to 2GB space and write speed from 20 to 40 MB/sec.

Read the article HERE.

Double Password security manager announced

Double Password, a new security manager, creates your security token on your flash drive (or other USB gadget, such as an MP3 player, PDA or even a USB-pluggable mobile handset.) This device becomes the key to your OS. Double Password makes sure that no one can interfere with the work of your computer or get access to your data. Not resting on laurels, Double Password goes further: it encrypts your password, which can accompany your security token. The result of this is that no external spy program can intercept your password.

Read the article HERE.

Consultant Breached FBI's Computers

A government consultant, using computer programs easily found on the Internet, managed to crack the FBI's classified computer system and gain the passwords of 38,000 employees, including that of FBI Director Robert S. Mueller III.

Read the article HERE.

Thursday, July 06, 2006

Researcher to publish a browser bug a day

The creator of a widely used hacking tool has promised to publish details on one browser vulnerability per day for the month of July.

HD Moore, the hacker behind the Metasploit toolkit, began publishing software that demonstrates bugs in a variety of Web browsers on July 1.

Read the article HERE.

Sophos says it's time to switch computing platforms

Sophos just released their latest Security Threat Management Report, and the news is not good for all. Viruses are waning, but malicious malware designed to steal you blind (say financially-oriented trojans) is up dramatically.

Then, in the wake of this news, Sophos (who I feel generally maintains an unbiased reporting approach in order to preserve their credibility), adds the following footnotes to their distribution charts:

All of the above malware works on Windows; none is capable of infecting Mac OS X.

Read the rest of the article HERE.

20 Years Of PC Viruses

In the first half of the 1980s, computer viruses - programs that reproduce themselves by "infecting" other programs - existed mostly in labs. A few had managed to find their way into the wild on the Apple II platform, but for the most part they were tightly controlled by computer researchers.

And then came Brain.

So grab a cup of joe, sit back, and take our tour of the last 20 years of PC viruses.

Hold on tight - it's a bumpy ride.

Wednesday, July 05, 2006

PrivacyKeyboard 7.3 is Released

PrivacyKeyboard™ software for Microsoft® Windows® 2000/XP is the first product of its kind which protects computers against both spy software and hardware.

Developers of PrivacyKeyboard™ have managed to get rid of a signature base - the least reliable part of any other anti-spyware or anti-virus. PrivacyKeyboard™ instantly deactivates ALL running spy programs and modules on your PC, including the most dangerous, "custom-made" software keyloggers - the favorite cybercriminals' tool.

When you are entering very important information like your e-banking password, PrivacyKeyboard™ will help you circumvent hardware keyloggers, which are extremely difficult to detect.

The program is distributed as "shareware". Visit the website HERE.

Tuesday, July 04, 2006

Cracking WEP with Ubuntu

Yesterday it was "WEP cracking - the FBI way". Today we have "Crack WEP - the Ubuntu way". This post should enable anyone to get Linux up and running and crack a WEP key. It took me about 2 days and myriad tutorials to finally get this to work, and now that I have I feel that I should share it with everyone. I am by no means a Linux expert, but this works regardless.

All you need is a old laptop with a wireless card and a copy of Ubuntu Linux, currently one of the most popular and easily installed distributions of linux.

Read the instructions HERE.

Monday, July 03, 2006

GreenBorder Pro 2.9

GreenBorder Pro uses virtualisation-like technologies to separate IE from the rest of the system, so that if malicious software does execute, it doesn't actually touch the computer.

GreenBorder Pro won't scour your computer and remove evil programs—that's not its job. But when it's actively patrolling Microsoft Internet Explorer's borders, any malware that tries to install itself or glom onto your personal information will fail. Period. The software insulates IE from the rest of your system by using virtual-machine techniques.

Changes made by malicious code during an IE session are automatically erased when the user logs off or clicks the "Clean and Reset GreenBorder" button. During an internet session with GreenBorder engaged, a small green frame encloses IE.

Read the article HERE.


Just a note... Virtualization products are like latex gloves, not shots. You use them to handle potentially infectious content. Because they're a proactive tool and are not signature based, they don't detect or repair existing infections. So don't use gloves (Virtualization) instead of shots (AntiVirus, AntiSpyware). Use them together.

And you'll need to take an extra step or two when installing legitimate software from the Internet — GreenBorder will automatically assume it's malicious.

Review at PC Magazine or Watch slideshow

Reviews and Dowload Link

Users reviews at Wilders Security Forums

Two intersting stories

My Anti-Virus Revolving Door

I consider it part of my job to run as many different anti-virus products as I can on my network. It's for the same reasons that I make a point of using both Internet Explorer and Firefox, but swapping around anti-virus software is much harder.

Read the article HERE.

Hackers keep hacking because they can

I think security is only going to get worse and every proposed product is doomed to failure. I predict that within a few days the Internet will collapse and online communication as we know it will cease to exist and the Internet will have to be rebuilt from the ashes over the next six months.
The solution to our security problems isn’t a particular product or vendor, but persuasive authentication, which will probably only happen after multiple catastrophic e-commerce events and forced government regulation. We know what the fix is, but we are reactive sheep, waiting to be forced to the real solution.


Read the article HERE.

WEP cracking - the FBI way

WEP cracking usually takes hours. Lots of hours, depending on the amount of traffic on the access point. A few months ago, two FBI agents demonstrated how they were able to crack a WEP enabled access point within a couple of minutes. 3 minutes to be exact. This is unbelievable when compared to, say 3 days of work. Here is how they did it, and how you can do it. You may need to know your way with each and every of these tools to get this done.

Read how it was done HERE.


Do you really need WEP or WPA?

The wonderful thing that most SOHO wireless device manufacturers are promoting is encryption. WEP, being the most commonly used encryption method available, appears to be used in about 48% of most wireless installations, based on past experiences while wardriving–while 2% being WPA, and the rest being completely in the open. Thanks to WEP and WPA, you need to figure out what the key is in order to get on the network.

Read the article HERE.

Sunday, July 02, 2006

Security Updates

iTunes 6.0.4

The AAC file parsing code in iTunes versions prior to 6.0.5 contains an integer overflow vulnerability. Parsing a maliciously-crafted AAC file could cause iTunes to terminate or potentially execute arbitrary code. iTunes 6.0.5 addresses this issue by improving the validation checks used when loading AAC files.

iTunes 6.0.5 is freely available from APPLE.

OpenOffice Security Bulletin

OpenOffice.org 2.0.3 fixes three security vulnerabilites that have been found through internal security audits. Although there are currently no known exploits, we urge all users of 2.0.x prior to 2.0.2 to upgrade to the new version or install their vendor's patches accordingly. Patches for users of OpenOffice.org 1.1.5 will be available shortly.

Read the official bulletin HERE.

Test your browser for new vulnerability

Plebo Aesdi Nael has discovered two vulnerabilities in Internet Explorer, which can be exploited by malicious people to disclose potentially sensitive information and potentially compromise a user's system.

Read the advisory HERE.
Or just test your browser for new vulnerability HERE.

Microsoft denies "kill switch" story

Microsoft's response :

With all of the recent interest in WGA over the past month, I wanted to take a moment to clarify a few of the misperceptions out there and hopefully bring some clarity about what the program is intended to do.

First, I’d like to revisit the announcement that was made earlier this week about the updates to the WGA Notifications program. Starting on Tuesday a new version of WGA Notifications was released. There were two significant changes made based on customer feedback.

1) A daily configuration check, or “phone home” feature as it was reported in some places, existed in the pilot phase in order to determine if the notifications should run or not and how often. This configuration check was removed. 2) We also replaced the End User License Agreement (EULA) with a standard General Availability EULA that more clearly explains the purpose of the software and provides details about WGA Notifications. In addition, for customers who choose not to install the updated package, and wish to remove an installed pre-release version a Knowledge Base article has been made available.

Second, there is a rumor floating around that Microsoft is planning to use WGA to implement a “kill switch” for PCs that fail validation. Microsoft anti-piracy technologies cannot and will not turn off your computer. In our ongoing fight against piracy, we are constantly finding and closing loopholes pirates use to circumvent established policies. The game is changing for counterfeiters. In Windows Vista we are making it notably harder and less appealing to use counterfeit software, and we will work to make that a consistent experience with older versions of Windows as well. In alignment with our anti-piracy policies we have been continually improving the experience for our genuine customers, while restricting more and more access to ongoing Windows capabilities for those who choose not to pay for their software. Our genuine customers deserve the best experience, and so over time we have made the following services and benefits available only to them: Windows Update service, Download Center, Internet Explorer 7, Windows Defender, and Windows Media Player 11, as well as access to a full range of updates including non-security related benefits. We expect this list to expand considerably as we continue to add value for our genuine customers and deny value to pirates. Microsoft is fully committed to helping any genuine customers who have been victims of counterfeit software, and offer free replacement copies of Windows to those who’ve been duped by high quality counterfeiters.


Sourced from Microsoft's official blog - HERE.

View Zombie Stats In Real Time

CipherTrust's proprietary reputation engine, TrustedSource analyzes data from a variety of sources, including more than 100 billion consumer/ISP messages per month and another 10 billion enterprise messages per month collected from CipherTrust’s global network of more than 4,500 sensors located in enterprises and government institutions. TrustedSource watches for deviations from expected behavior for any given sender and identifies new zombies, or infected IPs, each day.

View ZombieWatch for real-time zombie activity tracking HERE.

Internet Explorer 7 Beta 3 Reviewed

Internet Explorer 7.0 Beta 3 is a solid, feature-packed browser that all IE users should flock to immediately. While it's not enough to make me switch from Firefox yet--I still love certain Firefox features such as inline search - it's no longer an object of ridicule either.

IE 7.0 Beta 3 includes huge functional and security advantages of IE 6 and is an absolute no brainer for anyone choosing to stick with IE.

Read the review from Paul Thurrott's SuperSite for Windows .

Read the review from ZDNet.


Saturday, July 01, 2006

Windows Vista Beta: A tour in screenshots

For those of you that have chosen not to downloaded Vista Beta, here is a screenshot tour.
If anything can be said about Windows Vista, it's that it's real pretty. Come admire, mock and critique the Vistage in all its high-resolution glory.


Take the visual tour HERE or view as slideshow HERE.

Customize your BSOD

Ever wanted to change the messages displayed by BSoD's to something more interesting.

Read the "howto" article HERE.