Bot spreads through antivirus, Windows flaws

University security experts warned administrators on Monday that a bot program has started to spread by exploiting five patched Microsoft vulnerabilities and a six-month-old flaw in Symantec's antivirus software.

Read the article HERE.

Top 10 Security Threats

According to McAfee Avert Labs data, with more than 217,000 various types of known threats and thousands more as yet unidentified, it is clear that malware is increasingly being released by professional and organized criminals.

Read the article HERE.

Apple Patches 31 Security Holes

Let's face it - this is not a secure OS. If it had a larger market share it would be a much more attractive target, but, for the moment, it is of no interst to hackers. All the chestbeating in the world can not hide the fact this this is a flawed OS, but at this stage, only a few of these flaws are being exposed.

Apple Computer today released software updates to fix at least 31 separate security flaws in computers powered by different versions of its Mac OS X operating systems.

Read the article HERE.

The Simple Disposable Email Address

How many times has this happened to you? You visit a web site but registration is required, with a valid email address needed for confirmation. Well here's a brain-dead simple solution to the problem: 10 Minute Mail, which provides, for free, exactly what is promised in the name: An email address that vanishes after 10 minutes. There's no registration, no verification.

Read the article HERE.

Surfing with Javascript Disabled

Most security experts agree that javascript should be disabled in your browser as well as any other client side scripting languages. These languages have many security flaws in them and you should not allow sites you do not trust to run code on your computer.

Read the article HERE.

A Hard Lesson in Privacy

Scott Granneman looks at a hard lesson in personal privacy and security through the lens of a very public and well-known female television show host in Europe.

Read the article HERE.

The Good - The Bad - The Ugly

If one is going to write an article claiming a "total failure" of information security, one should expect some strong feedback. I was not sure what to expect - total disregard, complete agreement, outrage, or indifference. Thankfully, the majority of responses have been very positive. Whether or not you believe there has been a "total failure", there seems to be almost unanimous agreement that things are pretty bad out there, and the security community faces some significant challenges.

Read the article HERE.

Security Pros Skeptical About E-Commerce

According to a study by nCircle, 59 percent of IT security professionals said they are much more wary of online shopping transactions than they were two years ago.

Read the article HERE.

Chip can stop PC viruses

Researchers in Japan have developed a microchip that blocks computer viruses before they enter PCs, an advance that could change how security software is used.

Read the article HERE.

Hackers not afraid of being caught

Years ago it was hackers who were doing it for the bragging rights, now it’s criminals. The motivation has changed, hacking is now profitable and there’s so much money to be made with very little risk to the actual hackers.

Read the article HERE.

Protection From ID Theft

About 19 people a minute become new victims of identity theft, according to the Identity Theft Resource Center. ID theft is the fastest-growing crime in the United States, according to authorities. About 10 million people a year find themselves in trouble involving their identity.

Read the article HERE.

Spam War

When pornographic spam threatened his company’s reputation, a CSO got a lesson in calling for outside help. In the past decade, the tactics and purposes of unsolicited commercial e-mail have evolved and proliferated. Today we know that spam often carries a malicious payload or bait for a phishing scam.

Read the article HERE.

Spammers Outsourcing Their Captcha Needs

This story was intended for the "Weekend Reading" column, but I had a software glitch. My thanks to "anonymous" for bringing it to my attention.

The captcha is the junk filter's last resort. Because it's easy and cheap to program machines to post any sort of junk on blogs, a captcha (which puts numbers or letters in an image, which a machine in theory can't read) shows whether you've got a real live person giving their thoughts, or just a dumb machine trying to up some spammer's search-engine ranking.

Read the article HERE.

New software

Web Replay 1.7 - Password manager

Save your passwords to online accounts, protect them from identity theft and key loggers and auto-fill them with only one click on Web Replay password Manager toolbar integrated in Internet Explorer. Web Replay Password Manger is the most advanced and reliable password manager for Internet Explorer.

Due to its smart web recording technology, Web Replay is the only password manager which succeed to automate the new, multiple pages login systems recently implemented by online banking sites as Bank of America, ING and more..

Full USB support and works with IE7 and Vista. FREE for 10 passwords [4Mb]

Visit the website HERE.

==================================================================
Undelete Plus

Undelete Plus is a quick and effective way to retrieve accidentally deleted files, files removed from the Recycle Bin, in a DOS window, from a network drive, from Windows Explorer with the SHIFT key held down.

Undelete Plus works under Win 95/98/Me/NT/2000/XP/2003 operating systems. The program supports all Windows file systems for hard and floppy drives including FAT12/16/32, NTFS/NTFS5 and image recovery from CompactFlash, SmartMedia, MultiMedia and Secure Digital cards.

Visit the website HERE.

Defeating Image-Based Virtual Keyboards

Image based keyboard (or virtual keyboards) were invented to make life harder for banking or phishing trojan horses (specifically key-stroke loggers or key loggers), some even suggested they be used specifically to avoid these trojan horses. The bad guys adapted to this technology and escalated. Now the trojan horses take screenshots of where the mouse pointer is to determine what number they clicked on. Thing is, it is often unnecessary as in most implementations of this technique that we looked into (meaning, not all) it was flawed.

Read the article HERE.

Metasploit 2.7 Released - Automated Hacking

The Metasploit Framework is an advanced open-source exploit development platform. The 2.7 release includes three user interfaces, 157 exploits and 76 payloads.The Framework will run on any modern operating system that has a working Perl interpreter. The Windows installer includes a slimmed-down version of the Cygwin environment.

Read the article HERE.

7 Steps to Securing USB Drives

Personal storage devices such as USB flash drives are more powerful than ever and have become ubiquitous in the enterprise environment. Originally designed for consumer use, these devices typically lack security, control and auxiliary management tools. Many employees don’t think twice about taking work home or out of the office on the personal thumb drive they purchased at a local center for office supplies. With millions of people carrying around personal storage devices, these gadgets are being used both innocently to increase productivity and for other less legitimate purposes such as smuggling information out of the enterprise.

Read the article HERE.

Patch those wireless drivers

Exploitable laptops, access points, wireless cards, and more are sitting ducks for hackers -- here's why you should worry. Wireless network card drivers have been under attack since the Black Hat USA 2006 conference, and nearly every super-popular driver now appears vulnerable. Security researchers David Maynor and Jon Ellch started things off by targeting an Apple MacBook’s wireless driver at the August show, and hackers' interest in the new attack vector was quickly piqued.

Intel Centrino wireless drivers were among the first to fall, tumbling in July of this year. On November 11, hacker Johnny Cache reported a stacked based buffer overflow in the widely used Broadcom wireless driver. Broadcom drivers are used in Cisco, Linksys, and Dell wireless NICs.

Read the article HERE.

Weekend Reading

Kernel Patch Protection

Leo Laporte and Steve Gibson discuss errata from previous episodes, correcting, among other things, Steve's first poor impression of Vista's performance. Then the results of an in-depth research into the inner workings of Vista's Kernel Patch Protection (aka PatchGuard) to uncover its limitations, benefits, and real purpose. [Episode #67 23 Nov 2006]

Visit the website HERE.

==================================================================
Whois Losing the Privacy Debate

If you own a domain, your privacy is probably being needlessly compromised as a result. But nobody who can do anything about it cares. The issues are important: It has always been policy that the registration information for Internet domains is public and publicly available through a database service called "Whois".

It's also always been policy that owners of domains have to keep accurate information in their publicly accessible Whois entries. So if you own a domain for your personal use you have to have your address, phone number and an accessible e-mail in the record.

Read the entire article HERE.

==================================================================
Books - online - free

7,500 Free Computer Books - 400 security related - covering a wide range to topics.

Take a look HERE.

==================================================================
The Host Security Metasystem

This Weblog and the blogoshpere in general have been abuzz with controversy over Microsoft PatchGuard and issues dealing with appropriate kernel security instrumentation. This blog entry is the first of a two-part series. It provides an excerpt of a draft posting that proposes an abstract host security metasystem and laws of host security that attempt to raise the level of discourse above specific features and implementations.

Read the entire article HERE and Part II HERE.

==================================================================
Memory for 64-bit Windows Vista

I've been running 64-bit Windows Vista on my Ferrari 4000 as my daily workstation since RC1, and I've now been running the RTM version for a couple of weeks. During that period, I've gone from running with a straight 1 GB of RAM (what it came with), to adding a 512 Mb ReadyBoost, to adding a 2GB ReadyBoost and now I've upgraded the RAM to a full 2GB (all it supports) with a 2GB Gizmo! Overdrive! USB memory stick to take advantage of Windows Vista ReadyBoost. I've come to some fairly firm convictions in that time about just how much memory, and what kind, Windows Vista needs. And the conclusions were fairly startling, frankly.

Read the entire article HERE.

Vista and virtualization

In general, nobody reads end-user license agreements (EULAs). They are long, boring, and full of legalese that few people care to take the time to understand. Occasionally, however, unusual wordings in EULAs are used to question a company's policies and intentions, especially when that company is Microsoft. The latest round of EULA analyzing revolves around Windows Vista Home and Home Premium editions, which contain a sentence forbidding users from running that software under virtual machines. The Ultimate, Business and Enterprise editions of Vista contain no such limitation.

Read the article HERE.

Data Compression Software for Windows

Smith Micro Software announced that it has launched its latest data compression software that will be able to reduce the size of JPEGs and allow users to be productive in a variety of management tasks.

The data compression software allows users to reduce the size of JPEG photos by up to 30 percent without a loss in image quality and will give users the ability to reduce folders and files by up to 98 percent of their original size. As part of its encryption abilities, StuffIt 9.5 has the ability to encrypt an entire archive requiring a password to open and navigate through its contents. This allows users to keep their data safe from transmission and media errors.

Read the article HERE.

iTunes hacker

In the late 1990s, Norwegian hacker Jon Lech Johansen became a cyberspace sensation when he broke into the encryption system designed to prevent copying of traditional DVDs and then posted it on the Web. This summer, Johansen surfaced in San Francisco, claiming to have broken into Apple Computer's encryption software for iTunes.

Read the article HERE.

Industry thrives despite rampant IP "piracy"?

Note: I'm going to keep putting the word "piracy" in those annoying scare-quotes because it's a terrible term for IP [Intellectual Property] infringement. If pirates hijack a shipload of cannonballs in the Mediterranean, then the owners of that shipment are now short a few tons of cannonballs. If I download a copy of a song from a P2P service, then the owner of that IP may be out some money (assuming I would otherwise have bought that track elsewhere), but they're still in possession of the IP for the song; I haven't taken anyone's property from them, and it's not even clear that I've cost them any money if I wouldn't otherwise have purchased the track. Infringement, though illegal and possibly costly to an IP owner, does not equal piracy or theft, and the misuse of the term in this paper is unfortunate.

Read the article HERE.

A very well-planned job

With the workers under guard, the rest of the robbers set to work on the microchips. In just an hour, they piled 585 cartons and 18 pallets of microchips and motherboards manufactured by a multi-national company in Bayan Lepas into the containers.

The loot estimated to be worth US$12.7mil (RM46.99mil) was said to be the country’s biggest ever heist. And arguably the most audacious, too.

Read the article HERE.

Anonymizing RFI Attacks Through Google

Google can be utilized to hack into websites - actively exploiting them (not information gathering by the use of “Google hacking”, although that is how most of the sites vulnerable to RFI attacks are found).

By placing a URL on any web page, Google will find it, visit it and then index it. With this mechanism, it is possible to anonymize attacks on third party web sites through Google by the use of its crawler.

Read the article HERE.

Wii Internet Connection Reverse Engineered

By packet sniffing his wifi connection, this hacker has already begun to dig into the internet interactions of the new Nintendo Wii. Basically, by using firefox and after setting the user agent correctly, anybody can easily browse many wiishop pages including the WiiShop main page and startup manual. More advanced connections including binary and virtual console downloads are currently in the works. Come join the project."

See how to HERE.

Source : Slashdot

RSA Attack Efficiency Improves

August 2006 saw the disclosure of a fairly interesting attack against the RSA encryption algorithm (most famously being used in SSL - protecting online transactions). While it didn't target the actual algorithm, which still has not been broken, it is a so-called side channel attack, targeting the peculiarities associated with implementing the algorithm on various computing hardware.

Read the article HERE.

Banks and Identity Theft

Banks are pouring money into building formidable defenses against computer hackers but are only just waking up to what may be a bigger threat — the physical theft of client information by criminals in the office.

Read the article HERE.

What is psiphon?

psiphon is a censorship circumvention solution that allows users to access blocked sites in countries where the Internet is censored. psiphon turns a regular home computer into a personal, encrypted server capable of retrieving and displaying web pages anywhere.

Visit the website HERE.

Pando 1.2 Beta

Email files as large as 1GB with Pando, a free P2P app that overcomes the 10MB file-size barrier inherent to most mail servers.

Read the article HERE.

Run IE7 and IE6 side by side

Do you want to run IE7 and IE6 side by side for testing purposes? Basically, you can't run IE6 and IE7 on the same partition (although there are people out there publicising various hacks and workarounds that I promise you don't really work). MS has heard your pain and is working on a VPC image that will be freely available for download to make it easier to test your sites and applications.

More info here:
http://blogs.msdn.com/petel/archive/2006/11/22/ie6-vpc-update.aspx

And here:
http://blogs.msdn.com/petel/archive/2006/11/20/ie6-and-ie7-side-by-side.aspx

Source : Spyware Sucks

Choices = Headaches

I'm sure there's a whole team of UI designers, programmers, and testers who worked very hard on the OFF button in Windows Vista, but seriously, is this the best you could come up with? The more choices you give people, the harder it is for them to choose, and the unhappier they'll feel.

Read the article HERE.

Mimicking Adware vendor for fun and profit

See, it's confusing enough when your PC gets nailed with an infection bundle. You have all those popups, toolbars splattered everywhere and about six billion randomly named executables dumped into your system32 folder.

What happens when someone decides to mimic a well known Adware vendor and confuse things even further ?

Read the article HERE.

Phishing toolbars: all hopeless

Antiphishing toolbars designed to protect users from web scams are failing to fulfil their promise, reports Techworld. A new study of anti-phishing toolbars has come to a stark conclusion about their effectiveness - none of them are any good.

A week ago, a report from SmartWare told the world that Mozilla's Firefox 2.0 had the best antiphishing capabilities, while a month ago a report from 3sharp claimed Microsoft's Internet Explorer 7.0 was tops.

But however independent their methodology, those reports were sponsored by the companies – Mozilla and Microsoft – that triumphed in each test, a fact that has undermined their reliability in many people's eyes.

Read the article HERE.

==============================================
McAfee faces phoney phishing claims

McAfee has been forced to backtrack on claims that one of its products was misrepresented in a test of anti-phishing toolbars.

Read the article HERE.

Severe Firefox vulnerability uncovered

A vulnerability in Firefox handling of saved passwords has been announced today. The vulnerability allows Firefox to autofill saved credentials no matter where they are being submitted.

Read the article HERE.

I like the last sentence in that article. "Opera 9.02 Wand, its password management tool, correctly differentiates them and doesn’t autofill the fake form". As I've often said before - but you that already - so instead, why not vote for your choice of "What browser do you trust the most?". At this point the score is :

Internet Explorer 6.x (7%)
Internet Explorer 7.x (10%)
Firefox 1.x (10%)
Firefox 2.x (46%)
Opera 9.x (19%) - a very respectable second

Exploit Released for Unpatched Mac Bug

The "Month of Kernel Bugs" strikes again. At the beginning of the month, a security researcher known only as LMH started the project to highlight unpatched flaws that are so severe that attackers could use them to completely subvert the security of vulnerable computers. On Monday, the project's curator released instructions for targeting a serious flaw in the way Mac OS X systems processes certain types of files.

Read the article HERE.

Secunia Advisory: SA23012
Release Date: 2006-11-21
Critical: Highly critical

PortableApps Suite 1.0

PortableApps.com has released a new PortableApps Suite. This package of portable software includes popular programs like Firefox, OpenOffice.org and Thunderbird along with an integrated menu and easy-to-use backup utility. The Suite can be installed on any portable device (USB flash drive, iPod, portable hard drive, etc) and used on any Windows (and many Linux) PC. The other big news is that Firefox Portable 2.0, OpenOffice.org 2.0.4 and many other portable apps have been released in conjunction with the new suite.

The PortableApps Suite is available in 2 sizes - The Standard Edition at 260MB and the Lite at 105Mb.

Visit the website HERE.

Recovering Your Lost Passwords

The first thing that you will have to do is download Cain & Abel. Once you have downloaded Cain & Abel, you need to install it. For those of you that are a bit more Mulder than Scully (I know that I am) when it comes to applications like this, I have included a complete list of all the changes that the application makes on your system, both file and registry changes.

Read the article HERE.

Hacking Email: 99 tips to make you more secure

Everyday, and some not everyday tips, on how you can keep your email safe and secure. The 99 tips in this article make up the best in email practices.

See the list HERE.

Kaspersky release security analysis

All the events of the third quarter of 2006 lead me to conclude that both the Internet and the field of information security are on the verge of something totally new. I would say that the second stage of both virus and antivirus evolution is now complete. What we are seeing at the moment is a mixture of the occasionally interesting and the intermittently highly technical (for instance, viruses using cryptographic techniques).

Read the article HERE.

Hackers Train Sights on Vista

Got a visual of hackers snickering at Microsoft's Windows Vista and security tools and effortlessly hacking away at them from their workstations? Or, maybe of exhausted, caffeine-guzzling hackers pounding their fists in frustration at the newly fortressed Vista that has them locked out?

Either way, you've got the picture all wrong.

Read the article HERE.

Office 2007's secret kill switch

Microsoft's battle with pirates, which started as early as 1975 with Bill Gates' infamous "Open Letter to Hobbyists," continues on in 2007, as the company has built a feature into Office 2007: Reduced Functionality Mode. While Microsoft has been fairly coy about whether or not this feature exists in the latest Office release, a new Knowledge Base article on their site confirms that it will apply to all Office 2007 products.

Read the article HERE.

Hackers Use VM Detection To Foil Researchers

Hackers are adding virtual machine detection to their worms and Trojans to stymie analysis by anti-virus labs, a security research said Sunday.

Read the article HERE.

Penetration and vulnerability testing

Below discussed are various Google’s special commands and I shall be explaining each command in brief and will show how it can be used for critical information digging. I will then take a look at vulnerability scanning using Google and how to prevent them.

Read the article HERE.

Windows Vista Security

Leo Laporte and Steve Gibson describe the new security features Microsoft has designed and built into their new version of Windows, Vista. We examine the impact of having such features built into the base product rather than offered by third parties as add-ons. And we carefully compare the security benefits of Vista on 64-bit versus 32-bit hardware platforms. [Episode #66 16 Nov 2006]

Read the article HERE.

The Story of PGP: Past, Present and Future

PGP Corporation salutes the 15th anniversary of PGP encryption technology. Developed and released in 1991 by Phil Zimmermann, Pretty Good Privacy 1.0 set the standard for safe, accessible technology to protect and share online information. Used by millions of users and tens of thousands of companies around the world, PGP technology continues to be recognised for its contributions to the software industry, Internet commerce, and the protection of privacy. Recently, PGP encryption technology was named one of the top 25 most influential products of the first 25 years of enterprise personal computing

Recently we met with Jon Callas, CTO and CSO of PGP Corporation. Pretty Good Privacy (PGP) is today's most used crypto software with a lot of history. Presented here is the entire story of PGP in his words that covers everything from the the early days to future plans.

The talk is 16:30 minutes long and is streamed in Flash format HERE.

Check your browser settings

Browser-settings.com helps you to check your browser settings. Instead of having to go through menu after menu to find the information you want, you can use browser-settings.com. You can find your IP address, if java and javascript are enabled, your screen resolution and screen color depth, your operating system, your browser and browser version, and a complete list of plugins for your browser. This service is free, fast, and simple. Simply point your browser to browser-settings.com to find out all you need about the computer you are using.

Visit the website HERE.

Software Releases

RootkitRevealer v1.71

RootkitRevealer is an advanced rootkit detection utility. It runs on Windows NT 4 and higher and its output lists Registry and file system API discrepancies that may indicate the presence of a user-mode or kernel-mode rootkit. RootkitRevealer successfully detects all persistent rootkits published at www.rootkit.com, including AFX, Vanquish and HackerDefender (note: RootkitRevealer is not intended to detect rootkits like Fu that don't attempt to hide their files or registry keys). If you use it to identify the presence of a rootkit please let us know!

The reason that there is no longer a command-line version is that malware authors have started targetting RootkitRevealer's scan by using its executable name. We've therefore updated RootkitRevealer to execute its scan from a randomly named copy of itself that runs as a Windows service. This type of execution is not conducive to a command-line interface. Note that you can use command-line options to execute an automatic scan with results logged to a file, which is the equivalent of the command-line version's behavior.

Visit the website HERE.

==============================================
NOD32 v2.7

NOD32 for Microsoft Windows Version 2.7 has been released and is now available for download. NOD32 is a single, highly optimized engine that works as a unified Anti-Threat system to protect against a broad spectrum of malware. Viruses, worms, spyware, and other malicious attacks, which are constantly evolving. The trial version may be downloaded the Trial Software section of the web site.

Visit the website HERE.

Security raised over laptop theft

Nationwide building society says it is tightening security after the theft of an employee's laptop containing customer information. Security experts have raised fears that the company's 11m customers could have been put at risk of identity crime.

[ Comment : Although the computer was stolen in a domestic burglary three months ago, the news has only been made public today. Why is it necessary to put data relating to their entire customer base on an employee's laptop ? And why is this information on the laptop never encrypted ? There have been many high profile cases of stolen laptops this year but most busineses still have this "it won't happen to us" attitude.

For quality entertainment, you can't beat TV commercials for large investment institutions.
They all have the same message, which is:
"These are scary times for investors, so GIVE US YOUR MONEY!
You can trust us, because we have a large building". ]

Read the article HERE.

PCI cards the next haven for rootkits?

Security researcher John Heasman released a paper this week describing a way to hide malicious code on graphics and network cards in such a way as to avoid detection and survive a full re-installation of the operating system.

The paper (PDF), published on Wednesday, builds on the work presented by Heasman earlier this year, describing ways to use the Advanced Configuration and Power Interface (ACPI) functions available on almost all motherboards to store and run a rootkit that could survive a reboot. The current paper outlines ways to use the expansion memory available on Peripheral Component Interconnect (PCI) cards, such as graphics cards and network cards.

Read the article HERE.

Leopard vs Vista 4

Of course, it is technically possible to build a PC without having to buy a copy of Windows, but that doesn’t help users planning to actually run any mainstream applications, from PC games to Microsoft Office or Apple's iTunes.

The vast majority of PCs come with Windows pre-installed, and actually can't be sold without it. Leading PC hardware makers can't freely advertise PCs sold without Windows, or with an alternative OS such as Linux, without having to pay Microsoft significantly more for every other OEM license they ship.

Read the article HERE.

Weekend Reading

Malware goes to the movies

Online attackers have started to experiment with embedding malicious code or links to such code in different video formats. McAfee warned Windows users that the company had discovered a worm, dubbed W32/Realor, actively infecting Real Media files. The infected video files do not contain an exploit for the RealOne or Real players, but a hyperlink that points to a malicious Web site. When infected files are opened, the victim is referred to the Web site, which attempts to compromise their computer using a previously patched flaw in Internet Explorer.

Read the entire article HERE.

==================================================================
The A to Z of security

Be afraid. Threats to corporate security are everywhere. Just when you thought your network was safe from hackers, along came wi-fi - or your iPod-wielding workforce - and opened a whole new can of worms.

Security is by its nature ever-evolving. Just as one threat is apparently locked down, another springs up to take its place - or an old one rears its head in a new form. Grappling with this malicious hydra it's no wonder the security space spawns new terms and phrases at a rate of knots - and you're supposed to keep up with them all.

Read the entire [27 page] article HERE.

==================================================================
Spyware Threat Marches On

Despite having technology and procedures in place to prevent and remediate attacks from spyware, many companies still have difficulty stopping the threats, researchers report. According to a new study published by Ponemon Institute, based on interviews of over 500 North American IT security professionals, a resounding majority of workers admit that their companies are still plagued by problems related to spyware.

Read the entire article HERE.

==================================================================
How Much Do You Trust Computers

Last week, for the first time, I cast my vote in a national election with no piece of paper to back up my selections. We've had electronic ballots for a while, but the ones I used in the past printed out a paper ballot that was then dropped into a locked box just like the old punch card or even older "X marks the spot" types were. This time, the only record of my vote was in some computer's memory.

We also trust our money to computers - most banking transactions are done electronically now. If you use direct deposit and pay your bills online, you may never see a paper version of your money (cash or check). The day will probably come when money as we know it is a thing of the past, and electronic bits and bytes are all we earn for our hard work.

Read the entire article HERE.

See also - Electronic voting : the silent catastrophe

Linux links

Create an IPS using Snort and SnortSam

This article discusses how to use Snort and SnortSam to create a intrusion prevention system. Normally Snort is referenced as a IDS Intrusion Detection System, but you can use snort to actually stop attacks on the server. Snort is a very popular application which uses rules to monitor network traffic. If alerts are triggered they can be sent to syslog or to a database. Snort is a vital tool to have on your server. It's important to see what kinds of attacks are being launched so your can weigh your own vulnerability assessment.

Read the entire article HERE.

==================================================================
Open Source Vulnerability Database

OSVDB is an independent and open source database created by and for the security community. The goal of the project is to provide accurate, detailed, current, and unbiased technical information on security vulnerabilities. The project will promote greater, more open collaboration between companies and individuals, eliminate redundant works, and reduce expenses inherent with the development and maintenance of in-house vulnerability databases.

Visit the website HERE.

==================================================================
Build a Web spider on Linux

Web spiders are software agents that traverse the Internet gathering, filtering, and potentially aggregating information for a user. Using common scripting languages and their collection of Web modules, you can easily develop Web spiders. This article shows you how to build spiders and scrapers for Linux® to crawl a Web site and gather information.

Read the entire article HERE.

==================================================================
Triple-boot XP, Vista, and Ubuntu

Blogger Ilya Hevnikov has posted a really nice tutorial for triple-booting Windows XP, Windows Vista, and the Linux distro du jour, Ubuntu, on one hard drive.

This undertaking is not for the faint of heart, but it is a great way to try out a different OS or two without abandoning what you're comfortable with.

Read the entire article HERE.

What's happening in your system?

Sysinternals has made available a great new tool called Procmon that combines the features of two older Sysinternals utilities: Filemon and Regmon, and adds much more. You can use this tool to monitor very closely what's happening on a system, as it happens.

Read more HERE.

Trend Micro Mobile Security 3.0

The expanding growth of converged mobile devices, increase availability of Wi-Fi networks and the faster download speeds are likely to increase the number of threats to these sorts of devices. Trend Micro Mobile Security 3.0 (TMMS) is a security solution for handled devices. It is encompasses three components: an antivirus, a firewall and a content-filter.

Read the article HERE.

Inside the Mind of a Kernel Hacker

Last Sunday I blogged an item - SecuriTeam Interview: LMH - that eWeek must have liked, because they've now done their own interview.

Read theirs HERE.

Profit Driven Cyber Crime Won't Stop

Enterprise security systems will continue to be challenged by increasingly sophisticated threats launched by criminals seeking to steal sensitive information and material assets, according to top researchers at Symantec.

Read the article HERE.

==============================================
Crims will use PS3 to crack crypto

Prentice said PlayStation 3 will pack an impressive 207 teraflops of power under its slim hood when released locally next year. By comparison, his research indicates that the .entry level. machine from supercomputer Cray offers 230 teraflops. "There will be millions of PlayStation 3's sold, and they will all be online," he said, predicting that the sheer computing power available between the machines will be among the largest and most powerful computers ever assembled.

That power, he believes, will attract criminals. Read the article HERE.

Microsoft to indemnify Red Hat users?

Microsoft to indemnify Red Hat users?

Following the controversial patent indemnification agreement between Microsoft and Novell last week, Microsoft representatives expressed interest in creating similar deals with other major Linux distributors. The patent agreement, which has become a source of much controversy within the open source community, is an unusual cross-licensing arrangement. Novell pays Microsoft a royalty fee, and in return the Redmond software giant agrees not to sue any of Novell's customers.

Read the article HERE.

==============================================
Ballmer: Linux users owe Microsoft

In comments confirming the open-source community's suspicions, Microsoft CEO Steve Ballmer Thursday declared his belief that the Linux operating system infringes on Microsoft's intellectual property. In a question-and-answer session after his keynote speech at the Professional Association for SQL Server (PASS) conference in Seattle, Ballmer said Microsoft was motivated to sign a deal with SUSE Linux distributor Novell earlier this month because Linux "uses our intellectual property" and Microsoft wanted to "get the appropriate economic return for our shareholders from our innovation."

Read the article HERE.

Six HIPS Programs Reviewed and Rated

What the heck is a HIPS? The acronym HIPS stands for Host based Intrusion Prevention System. The full name is just about as unhelpful as the acronym. Products like WinPatrol and Prevx home are classic HIPS products. They are non-signature based security products that monitor specific program behaviors and alerted the user if there is a problem. For example when a new program starts the user is warned and asked whether the program should be allowed to run. Most users can get their head around that idea.

Read the article HERE.

Who's selling your email address

It's CSI, email-style. Try this neat hack from the Hedir forums:

1 ] Instead of just entering username@gmail.com as your email, enter it as username+samplesitecom@gmail.com instead

2 ] When Gmail sees a "+" in an email address, it uses all the characters to the left of the plus sign to know who to send it to. In this example it would still send it to username@gmail.com.

3 ] If you search Gmail for username+samplesitecom, you will see all massages that were sent to that email address.

4 ] To see who is responsible for sending a specific message click the Show Details link and you will see the complete address.

You can also avoid registrations all together with BugMeNot.
Or try 2Prong: World's simplest disposable e-mail

Source : Lifehacker

==============================================
Stay secure with Gmail

Most people that use Gmail sign in by going to gmail.com.

When you sign in there your authentication is perfectly secure because you’re using Google’s SSL certificate. However, once signed in, you’re on your own! There is nothing stopping random people from sniffing your traffic and getting your banking information and social security number.

Try signing in use the following link: https://mail.google.com.
This will keep your information encrypted after you authenticate.

Experts raise Windows security alarm

Computer code that exploits a "critical" Windows 2000 vulnerability has been released on the Internet, increasing the likelihood of attacks, experts warned Thursday.

The code takes advantage of a security hole in a key operating system component that routes file system and print requests called the "Workstation Service." On Windows 2000 systems, the flaw could be exploited via the Net by an anonymous attacker without any user interaction, raising the possibility of the arrival of a Zotob-like worm.

Read the article HERE.

Spam Surge Linked to Russian Bot Herders

The recent surge in e-mail spam hawking penny stocks and penis enlargement pills is the handiwork of Russian hackers running a botnet powered by tens of thousands of hijacked computers.

Internet security researchers and law enforcement authorities have traced the operation to a well-organized hacking gang controlling a 70,000-strong peer-to-peer botnet seeded with the SpamThru Trojan.

Read the article HERE.

AOL releases AIM 6.0

Taking a cue from web browsers like Firefox and Opera, AIM 6 adds the ability to keep all chat messages in the same window, letting the user switch between them with tabs. The program automatically logs conversations (finally), and allows users to share pictures with a new drag-and-drop interface. The number of possible "buddies" (AIM-speak for contacts) has been increased from 500 to 1,000, so all those super-popular people with more than 500 friends can finally keep track of them all at the same time.

Read the article HERE.

Microsoft Defends Windows Mobile Email Security

Responding to analyst reports that elements of its Windows smart phone software may leave users open to data exposure, Microsoft officials contend that the company's wireless e-mail application is secure enough for enterprise adoption today.

Read the article HERE.

Do You Have Protection ?

I'm not sure if it's an "Official" ad, but,

well worth having a look at... HERE.

Zero-Day Flaws Dominate Vulnerability Rankings

The SANS Institute released its annual rankings of the Top 20 Internet-based attack vectors on Nov. 15, pointing to the continued rise of targeted threats aimed at newly discovered zero-day flaws and vulnerabilities in Microsoft products. Other shifts in the threat landscape charted by SANS include the more frequent creation of attacks on Internet-based phone systems and the increased popularity of threats that attempt to take advantage of vulnerabilities in Web-based applications.

Read the article HERE.

==============================================
Free security scan for the new SANS Top 20

Qualys' free SANS Top 20 Scan detects the 20 most dangerous vulnerabilities impacting networks worldwide. The top 20 list is published twice a year by the SANS Institute, a trusted source for information security training, certification and research. If any of the top 20 vulnerabilities are found, Qualys provides a detailed report with information for each vulnerability and links to verified fixes.

Free scan available HERE.
Requires a form to be completed, with your IP and email address.

Transec - Secure Authentication

Micromata has placed Transec, a secure authentication JSP tag library, under the GPL. While developing the Polyas (German) online voting system, Micromata invented a component for secure PIN/password input via untrusted, insecure browsers.

Read the article HERE.

Kevin Mitnick's Security Advice

Ex-hacker Kevin Mitnick came by his security expertise the hard way. In the 1990s, his electronic penetration of some of the biggest companies in the world made him a notorious tech boogieman, and ultimately landed him five years in prison.

Now free and clear, Mitnick has reinvented himself as a computer security consultant and writer. He travels the world teaching organizations how to secure their information in a world of corporate spies and younger versions of himself. He took a break from his jet-setting to share some practical security tips. Clip them and stick them on your parents' refrigerator or your IT administrator's white board.

Read the article HERE.

Adobe Security Bulletin - Vulnerable Flash Player

Adobe has provided a Flash Player 9 update to resolve vulnerabilities in Flash Player. These vulnerabilities would allow remote attackers to modify HTTP headers of client requests and conduct HTTP Request Splitting attacks.

Adobe recommends all users of Adobe Flash Player 9.0.20.0 and earlier versions upgrade to the newest version 9.0.28.0, by downloading it from the Player Download Center, or by using the auto-update mechanism within the product when prompted.

Release date: November 14, 2006
Vulnerability identifier: APSB06-18
CVE number: CVE-2006-5330
Platform: All Platforms

Read the Security bulletin HERE.

MS Patch Day: IE Zero-Day Flaws Fixed

Microsoft on Nov. 14 released a critical cumulative update for its flagship Internet Explorer browser to fix a flaw that was being used in targeted zero-day attacks since early October. The software vendor also pushed out a fix for a high-severity code execution issue affecting XML Core Services, a feature that lets users create applications that interoperate with the XML 1.0 standard.

Read the eWeek article HERE or Brian Krebs review at Security Fix

AVG Anti-Virus Vulnerabilities

Sergio Alvarez has reported some vulnerabilities in AVG Anti-Virus, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.

Secunia Advisory: Highly critical

Vista computers have own domain names

A new feature coming with Windows Vista will allow users to create a unique name to access their computer remotely, without having to register and pay for a standard domain name. Will the feature be a boon or a security risk?

Read the article HERE.

Firefox 2.0 Trumps IE7 In Phish-Fighting

The newly released Mozilla Firefox 2.0 and Microsoft Internet Explorer 7 Web browsers both include new technology to help flag and block phishing sites -- those authentic-looking Web sites set up by scammers to trick users into entering personal financial information. So how do the browsers stack up against one another in a no-holds-barred, anti-phishing slugfest?

Read the article HERE.

Microsoft Files Lawsuit over Spyware

Microsoft announced Nov. 14 that it has filed a lawsuit against an organization believed to be responsible for attacking users with spyware programs hidden in celebrity-themed screen savers, including some bearing pictures of pop singer Jessica Simpson.

Read the article HERE.

Invaders at the Gate, and Slipping Past It

A previously little-seen type of spam, containing images that foil many filters, now makes up roughly a third of all spam handled by the e-mail monitoring company Postini, which processes some 1.3 billion messages a day.

So-called image spam consists of a digital image, or a constellation of images, generally depicting a page of text with a spamlike message — exhorting recipients to buy a stock, for example. Since the message is conveyed in an image, it eludes spam filters that are designed to scan only a message’s text.

Some filters try to compensate by scanning e-mailed pictures for images of text. But the process is slow, and spammers make this difficult by lacing the messages with eccentricities like colored letters or unseen images that swirl in the background.

A side effect has been to drive up sharply the size, in bytes, of the spam that e-mail providers must handle. The volume of spam filtered by Postini has more than doubled since October 2005, rising 128 percent. But the size of that spam has risen 227 percent.

Source : New York Times

Group Tags More 'Hacker Safe' Sites

The hackers at sla.ckers.org are at it again, and this time they have found cross-site scripting (XSS) vulnerabilities on a dozen or so Websites emblazoned with ScanAlert's "Hacker Safe" seal.

In the past few days, the hacker group has posted several additional Hacker Safe sites as containing XSS bugs, and says there will be plenty more. But ScanAlert, which provides the security scanning services for these sites and provides the Hacker Safe seal, says users won't become victims of XSS attacks if they go directly to those sites.

Read the article HERE.

Password-cracking contest results

On July 17, 2006, I challenged password-cracking readers to a contest. I was looking to support my conclusion that longer, less complex passwords provided more protection compared with everyday eight- to 10-character shorter, but more complex passwords.

Read the article HERE.

49 Million Notified Of Data Breaches

An estimated 49 million U.S. adults have been told over the last three years that their personal information has been lost, stolen, or improperly disclosed, a research firm said Friday.

Read the article HERE.

The Firebird Project

The Firebird Project today officially releases the much-anticipated version 2.0 of its open source Firebird relational database software during the opening session of the fourth international Firebird Conference in Prague, Czech Republic.

Firebird 2.0 is the happy culmination of more than two years' efforts from a broad-ranging, truly international community of dedicated developers and supporters. It brings with it a large collection of long-awaited enhancements that significantly improve performance, security and support for international languages and realise some desirable new SQL language features.

Read the article HERE.

AJAX Security

We recently analyzed 200,000 tokens, or words, in the bayesian spam filter on our mail server. We analyzed many factors within this data. The most compelling was the spam to ham (legitimate email) ratios. We compiled a list of over 50 words with the highest spam to ham ratio.

Words like click and here don't show up as high, since they are used often in legitimate email. It also delinerates that words like madam which is rarely found in legitimate email, while readily found in spam email, had very high ratios. Using this method we created a superior list of words found in spam email. The words are ordered from highest to lowest

View the list HERE.

Firewall Tests

Why is self-protection so important? Some malicious applications, before they perform any action on the user's PC, first shut down any security applications that may be running, and then proceed with their goals.
These tests were all specifically designed to test how different security software programs react when an attempt is made to shut them down in order to allow malware to run unfettered.

Nice result for Comodo Free Firewall.

The full test results can be found HERE.

Spamhaus Statistics : The Top 10

Up to 80% of spam targetted at Internet users in North America and Europe is generated by a hard-core group of known professional spammers whose names, aliases and operations are documented in Spamhaus' Register Of Known Spam Operations (ROKSO) database.

This TOP 10 chart of ROKSO-listed spammers is based on those Spamhaus views as the highest threat, the worst of the career spammers causing the most damage on the Internet currently. Spamhaus flags these as a priority for Law Enforcement Agencies.

The world's worst spammers and spam gangs this week are:

View the list HERE.

Vista and Office 2007 cracked

The crack for Windows Vista (which is called "Vista BillGates") is not a true crack, as it replaces components from the final version of the operating system with those from earlier betas.

Microsoft's aim is to make piracy annoying enough that casual users will stop bothering with it, despite the fact that dedicated pirates will still manage to break it again and again. Still, it's clear that the battle between pirates and those who would wish to stop them is far from over.

Read the story HERE.

Read interesting newsgroup post HERE.

Exploit Targets Wireless Flaw

A security researcher has released a set of instructions for exploiting a security flaw in the wireless Internet devices built into millions of new laptops from HP, Dell, Gateway and other computer makers. An attacker could use the flaw to take complete control over any vulnerable machine located within a few hundred feet, so be forewarned that reading the rest of this post could make you awfully leery of that guy sitting in the corner booth at Starbucks gleefully clacking away on his laptop.

Read the article HERE.

Why one virus engine is not enough

It is a well known fact that viruses, trojan horses, worms, spam, and other forms of malware present a real threat to all modern-day organizations and affect productivity and business operations negatively. According to the 2006 FBI Crime and Security Survey, 97% of organizations have anti-virus software installed, yet 65% have been affected by a virus attack at least once during the previous 12 months.

Read the article HERE.

The Gromozon War

Basically what has happened is some bad guys created and released malware called Gromozon. Then, a security company called Prevx was among the first in the world to release a tool that successfully cleaned the Gromozon infection off computers.

Now, in a very unusual twist, those behind Gromozon have changed their malware again, but this time if anybody tries to get rid of Gromozon using various antimalware tools, the following window appears:

Read the article HERE.

Update : PC al Sicuro

During these hours, it looks like that almost all domains used to spread Gromozon - except two - are down.

Microsft hates Gmail

Microsoft says Gmail is a virus

It seems that Microsoft has started flagged Gmail as a virus in their virus scanning software Windows Live OneCare. Many people are reporting that every time they open Gmail, a warning is displayed telling the user they are infected with "BAT/BWG.A".

Read the article HERE.

==============================================
Download AVG from Microsoft

Grisoft today announced that Microsoft is making AVG Anti-Virus 7.5 and AVG Anti-Virus Free Edition available via Windows Security Center as a Windows Vista security solution. The solutions are available in the latest release of the Windows Vista beta program and will be available in the commercial release.

Read the press release HERE.

New websites

Google tests new ground with SearchMash

Those curious about what enhancements Google may implement in its search engine should check out a new site called SearchMash. Operated by Google, SearchMash is a testing ground for user interface changes that may or may not graduate to the Google.com search engine.

Read the article HERE.

==============================================
Welcome to Aggreg8!

Aggreg8 is a social networking and collaboration space for the IT community. Inside you can keep track of your trusted network, find others through your network with similar interests or situations. Then you can collaborate with anyone in the community inside our working groups. We even allow you to create your own working groups, choosing if you want to collaborate with the whole community or collaborate in private working groups. All the expected tools are there for collaboration, allowing you to create postings, post files, share events. And you can tag, rate reply to any posting. Of course Aggreg8 can come to you as all the working groups come with an RSS feed. So come on in and build your influence in IT! To the MVP's we offer a warm welcome for helping us to build the best community possible.

Visit the website HERE.

==============================================
What is my IP ?

There are hundreds, maybe thousands of "my ip" sites. But what about the fun and pleasure when entering? Now you found the one and only sexy my ip-site! Every day a new nice girl welcomes you!

Check your IP HERE.

Windows Vista: Jim Allchin Defense

Posted by Jim Allchin
In response to : Vista needs no anti-virus

Wow, you describe a specific situation and suddenly people extrapolate something completely different! During a recent discussion with journalists about the release to manufacturing for Windows Vista, I made a comment about how attacks on the Internet are getting more and more sophisticated, and some of the security features in Windows Vista really help our customers. This somehow morphed into people thinking I said customers shouldn’t use antivirus software with Windows Vista.

Read the response HERE.

Microsoft Exploit

A new Exploit has been discovered .
You can get emails like : your-name@microsoft.com , your-name@live.com

Note : I dont know when Microsoft will fix this issue, and I don't guarantee that those emails will not be deleted. [But I tried it just now and it still works - probably because it's the weekend in the US]

Read how to HERE.

SecuriTeam Interview: LMH

November has been informally designated the “Month of Kernel Bugs” in security circles. The Month of Kernel Bugs began on November 1, with the publication of a vulnerability in Apple’s AirPort drivers. SecuriTeam blogs did an interview with LMH, who hosts the Month of Kernel Bugs project (aka MoKB); the text of our interview is below.

Read the article HERE.

Weekend Reading

Laptop Losses Loom

The risk is growing, so it's best to plan for the worst. It's a familiar and sad story: A business traveler, on her way to an important meeting, entered a busy airport. Her laptop was taken, along with sensitive company information and all the data needed for that vital meeting.

But I'm not talking about a traveler whose laptop was stolen while she was stuck in a busy security line or getting a cup of coffee. I'm talking about a business traveler whose laptop was taken from her legally and who didn't get it back for almost a year. Indeed, it wasn't a thief who took this woman's laptop but a U.S. customs official.

Read the article HERE.

==================================================================
Disk encryption products for your laptop

You may not always be able to protect your laptop from a thief, but you can keep the data it contains safe. Two new products -- PGP Corp.'s PGP Whole Disk Encryption 9.5 and SecurStar GmbH's DriveCrypt Plus Pack 3.5 -- promise to protect your data, so that even if your computer falls into the wrong hands, its contents will remain unreadable. Both applications are easy to use and offer an impressive suite of tools, but most users will appreciate the more practical features and lower price tag of PGP's product.

Read the article HERE.

==================================================================
Prevent the Automatic IE 7 Update

Internet Explorer 7 offers a whole series of improvements over its predecessors – especially with regard to security. However, such changes always give rise to compatibility issues. What happens when, for example, essential intranet applications fail to cope with new quirks?

Read the entire article HERE.

==================================================================
Will you upgrade to Vista?

I like Vista over XP. Not because Vista is the newest but because it has the features that XP does not have. If you will visit Microsoft website on Vista, you will learn more about the new features and Windows enhancements. I suggest you to read each page and browse on the provided links. When you are done reading and if you are convinced that you will get Vista, I recommend any of the following:

Read the article HERE.

==================================================================
Mastering The Worlds Of Information Technology

There are three categories of IT, each of which provides different organizational capabilities—and demands very different kinds of management interventions.

Read the article HERE.

==================================================================
Virtual PC is free

I’ve had a number of inquiries recently about virtual machine software. It seems that a lot of folks either want to run Vista in a VM instead of installing it outright on their computers, or they have upgraded to Vista and want to run XP in a VM so they'll have access to some old applications that don't work with Vista. You'll be happy to know that Microsoft's Virtual PC (VPC) VM application is now a free download. You can install VPC 2004 on XP and run Vista in the VM, or you can install VPC 2007 (beta) on Vista and then install XP in the VM.

Find out more HERE.
There are also various free options at Vmware.

Source : Sunbelt weekly TechTips

==================================================================
Safety and Security Online magazine

Computer security can seem very complex. At Microsoft, we are committed to making it easier for anyone to understand. Here you can download new safety and security publications that are dedicated to helping you protect your computer, yourself, and your family.

In each issue we gather the most important security information, tailored to the interests and concerns of parents, teens, kids, and seniors. Come here to find step-by-step guidance to help you with the threats you might hear about in the news.

Take a look HERE.

==================================================================
A five year deal with Microsoft to dump Novell/SUSE

Novell is jeopardizing the future of Linux for its own short-term rewards. If you want to see Linux flourish, let alone survive after Novell's five year deal with Microsoft expires, I suggest we make an alternative five year deal with Microsoft. In this case, our part of the deal is to spend the next five minutes, months, or years migrating away from every shred of Novell/SUSE software in our home, office, or enterprise. The controversial agreement between Microsoft and Novell stinks to high heaven. Look, for example, at the contradictory statements.

Read the entire article HERE.

Deviously fake 404

Fake 404s for malware are not that uncommon. As I have mentioned before, they will not fool you or me, but a novice user would be quite alarmed at seeing something like this - and would probably click the link to instal the malware. I have blogged this story for two reasons. Firstly, for our amusement. Secondly, and most importantly, in the hope that you may pass it on to some of your less "street savvy" computer using friends, to illustrate the devious ways in which malware is delivered.

Take a look HERE and [ More ridiculous scare tactics ] HERE .

Password-cracking contest results

Are long, noncomplex passwords harder to crack than short, complex passwords? These results lean toward yes.

No one has cracked the two larger challenges as of press time, although I know there are several hundred computer teams -- one with over 1,000 computers --working on the challenges.

Read the article HERE.

Yahoo to embed instant messaging into e-mail

E-mail was arguably the first killer application of the Internet, but recently it has become somewhat less useful as the war between spammers and antispammers has left some Internet users feeling like innocent victims in a battle between good and evil. The younger generation tends to eschew e-mail in favor of instant messaging. Now, Yahoo has decided to bring the two technologies together for a new version of Yahoo Mail.

Read the article HERE.

A look at the enemy

Painted in the broadest of strokes, cybercrime essentially is the leveraging of information systems and technology to commit larceny, extortion, identity theft, fraud, and, in some cases, corporate espionage. Who are the miscreants who commit these crimes, and what are their motivations?

Read the article HERE.

Vista - Are you ready

A Hard Look at Windows Vista

It's taken five years, enough lines of code to span the globe several times, countless thousands of hours of developer time, and so many builds, betas, and release candidates that you'd need a cluster-based supercomputer to keep track of them all -- but Windows Vista is finally here.

Read the [18 page] article HERE.

==============================================
Windows Vista A to Z

Reviews, analyses, how-tos, hot issues and predictions about Microsoft's new OS. The official release to manufacturing is the first step toward the widespread availability of the operating system. PC makers are getting copies of the Vista RTM immediately, and it will be available to corporate volume license customers sometime before November 30.

Read the article HERE.

==============================================
A matter of age - Vista and old hardware

Want to find out how well older hardware handles Vista ? No computers were harmed in our testing process, but a couple were almost thrown out the window.

Read the article HERE.

==============================================
Vista needs no anti-virus

During a telephone conference with reporters yesterday, outgoing Microsoft co-president Jim Allchin, while touting the new security features of Windows Vista, told a reporter that the system's new lockdown features are so capable and thorough that he was comfortable with his own seven-year-old son using Vista without antivirus software installed.

Read the article HERE.

Microsoft's Firefox revealed

AND sometimes I feel the need to blog an off topic item just because I think it's interesting, funny , or both. This is just very funny.

A cheeky web designer has unleashed a site showing what life might be like if Microsoft took over Firefox.

The mystery developer bought the web address msfirefox.com and seems to have let his or her imagination run riot with a pseudo-Vole web page

Read the article HERE.

Microsoft to Deliver Six Security Bulletins

Microsoft confirmed on Nov. 9 that it will ship at least six security bulletins as part of its monthly effort to patch vulnerabilities discovered in its products.

Read the article HERE.

Windows Vista Security Guide

Welcome to the Windows Vista Security Guide. This guide provides instructions and recommendations to help strengthen the security of desktop and laptop computers running Windows Vista™ in a domain with the Active Directory® directory service.

In addition to the solutions that the Windows Vista Security Guide prescribes, the guide includes tools, step-by-step procedures, recommendations, and processes that significantly streamline the deployment process. Not only does the guide provide you with effective security setting guidance, it also provides a reproducible method that you can use to apply the guidance to both test and production environments.

Read the guide HERE.

New spyware killer

As security systems have become more robust and smarter at detecting and removing these malicious little bastards, so the bastards have dug deeper and found their way into systems files and other places that your security is not allowed to go.

Enter PC Tools' new spyware killer, AOSS (alternate operating system scanner). As the name suggests this program boots into a different OS, namely a modified version of Linux, to allow the scanner run independently of Windows. This serves the purpose of being able to access areas that the Vole normally doesn't allow us to tread.

Read the article HERE.

Blue Screen of Death (BSOD)

One of the most feared colors in the NT world is blue. The infamous Blue Screen of Death (BSOD) will pop up on an NT system whenever something has gone terribly wrong. Bluescreen is a screen saver that not only authentically mimics a BSOD, but will simulate startup screens seen during a system boot.

Install it on your "friends" computer.
I'm sure they'll see the humour in it - eventually.

Learn more from Microsoft Technet HERE.

Mozilla Patches 'Critical' Bugs

The open-source foundation released a batch of highly critical updates for the Firefox, Thunderbird and SeaMonkey brands and warned that unpatched users face the risk of PC takeover attacks.

Read the article HERE.

==============================================
Mozilla Thunderbird Multiple Vulnerabilities

Secunia Advisory : SA22770
Release Date : November 8, 2006

Description : Some vulnerabilities have been reported in Mozilla Thunderbird, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, and potentially compromise a vulnerable system.

For more information: Visit the Secunia website HERE.

Simple Malware Attacks Are Still Dangerous

While cyber-criminals are becoming more organized in order to monetize their malware and online fraud efforts, researchers contend that technologically simple attacks remain just as effective for stealing information as newer, more sophisticated programs.

Read the article HERE.

The Truth About User Privileges

Has the time finally come for the least-privilege user -- you know, setting your Windows client machines to run without system administrator rights? Leaving admin power on a user's desktop can invite trouble, especially with today's more targeted attacks. That trouble can come in the form of malware that gets on the machine, as well as trouble with users loading apps they shouldn't, security experts say.

Read the article HERE.

'Supercerts' Aim to Highlight Legit Web Sites

Over the past couple of years, dozens of companies have rolled out technologies designed to help computer users and companies better spot "phishing" scams - Web sites that try to trick people into giving away financial and personal data. But what about helping users tell for certain that when their browser tells them that they are at, say, BankofAmerica.com, that they're really at the bank's official Web site and not at some scam site?

Read the article HERE.