Friday, August 31, 2007

Yahoo Messenger patches security flaw - again

Got Yahoo Messenger? Hit refresh. In this latest case, a security flaw was discovered in the ActiveX control. Not a good thing. On the bright side, Yahoo says it knows of no exploits for this particular - YET.

Read the article HERE.

Introducing the Hardy Heron

I am delighted to have the pleasure of announcing the Hardy Heron (Ubuntu 8.04), the next version of Ubuntu that will succeed Gutsy Gibbon (Ubuntu 7.10, due for release in October 2007). Not only will the Ubuntu community continue to do what it does best, produce an easy-to-use, reliable, free software platform, but this release will proudly wear the badge of Long Term Support (LTS) and be supported with security updates for five years on the server and three years on the desktop. We look forward to releasing the Hardy Heron in April 2008.

Read the article HERE.

UBUNTU Security: Problem or Solution?

UBUNTU is a great processing environment. It has a unique security methodology, but it may or may not be correct for you. This white paper raises questions you might want to consider before you assume that UBUNTU is all the security solution you expect or need.

Read the article HERE.

Send files up to 2GB for free

There seems to be a race going on with web startups rushing to offer the ability to send enormous files across the globe. TransferBigFiles sends files — up to 2GB — to anyone at any time.

Read the article HERE.

Thursday, August 30, 2007

Big Brother On Patrol

Virtual cops to patrol cyberspace
Two "virtual" police officers will start surfing the Net from Saturday to help combat pornography and other illicit activities. They will first visit major news portals, including and and then monitor all websites and online forums based in Beijing by the end of the year. They will be on the watch for websites that incite secession, promote superstition, gambling and fraud, an officer surnamed Tian, from the Beijing municipal public security bureau, said.

Read the article HERE.

How the FBI Wiretap Net Operates
The surveillance system, called DCSNet, for Digital Collection System Network, connects FBI wiretapping rooms to switches controlled by traditional land-line operators, internet-telephony providers and cellular companies. It is far more intricately woven into the nation's telecom infrastructure than observers suspected.

Read the article HERE.

Linux Corporation scam targets the unwary

Be on guard against alleged representatives of Linux Corporation offering to buy your photos - it's a scam. That's the message that Indian models and photographers should take to heart, if the experiences of Rohan Patwari and Praveen Toshniwal are any indication. They tell a story that, indirectly, shows both how well-known Linux has become and how mysterious it is to people outside the free software community. Recently, Patwari and Toshniwal individually approached with almost identical stories. Both are young models with profiles on Although Explocity is a legitimate Indian city portal site, their profiles may have allowed those claiming to be from Linux Corporation to locate them.

Read the article HERE.

.gov domains compromised

It would great if the compromised Web servers I wrote about last week at Lawrence Livermore National Labs were an aberration, but sadly they are not. Conducting a simple Google search for adult-themed search terms found in ".gov" domains produces some very interesting results, including pages serving up adult videos along with a generous helping of spyware

Read the article HERE.

Microsoft service pack plans

After months of silence, Microsoft finally coughed up details Tuesday about its plans for the first update to Windows Vista, saying the service pack will arrive in the first quarter of next year. In the next few weeks, Microsoft will start private testing of a beta of Service Pack 1 for Vista as well as a third service pack for Windows XP.

Read the article HERE.

Google's Secret Society

Most Americans have never heard of Orkut, Google's social networking site. So how does it have more traffic than Facebook? Despite its low profile in the U.S., Orkut now draws 38.2 billion page views a month worldwide, 7.8 billion more than Facebook. In Brazil, where Facebook and MySpace are virtually unknown, Orkut has become a smash hit, with 15.6 billion page views monthly.

Read the article HERE.

Now I'm not sure where or why this story originated, but you can be sure it has been noted by "the dark side". Expect Orkut to again make the news soon, but this time for all the wrong reasons.

Microsoft kills AutoPatcher

AutoPatcher, which was in version 5.6, let users collect Windows hotfixes and security patches from Microsoft's update services, then package them so they could be applied to multiple machines, or reused multiple times on a single PC. It was especially popular among people who frequently reformatted drives or those who did informal tech support for friends and family, or in a small business.

Read the article HERE.

Wednesday, August 29, 2007

Data theft

The failures in the U.S.
Over the past few years, there has been a couple spectacular data theft incidents in the United States. In 2005, a credit card payment processor called CardSystems suffered a data breach in which over 43 million credit card numbers were exposed to attack and over 263,000 were stolen.

CardSystems did not even notice this was going on for about six months.

Read the article HERE.

Safety fears over new children's register
Senior social workers have given warning of the dangers posed by a new government register that will store the details of every child in England from next year.

They fear that the database, containing the address, medical and school details of all under-18s, could be used to harm the children whom it is intended to protect.

Read the article HERE.

Australian tax staff fired for security breach
Access to personal tax records outside the normal course of business is prohibited under current privacy laws. Staff caught accessing records illegally face heavy fines or jail terms.

However, the ATO claims stamping out unauthorised access is impossible.

Read the article HERE.

The state of data security in North America
RSA announced the results of a survey commissioned by RSA entitled "The State of Data Security in North America." Conducted by Forrester Consulting, the survey results reveal that many businesses are still in a 'reactive mode' when deploying data security measures and often struggle with the challenge of creating and implementing planned strategies for data loss prevention. The report - which surveyed almost 200 organizations - also highlights the rising costs and technology implementation hindrances standing in the way of compliance with internal and regulatory policy mandates.

Read the article HERE.

A Chronology of Data Breaches
The data breaches noted below have been reported because the personal information compromised includes data elements useful to identity thieves, such as Social Security numbers, account numbers, and driver's license numbers. Some breaches that do NOT expose such sensitive information have been included in order to underscore the variety and frequency of data breaches. However, we have not included the number of records involved in such breaches in the total because we want this compilation to reflect breaches that expose individuals to identity theft as well as breaches that qualify for disclosure under state laws. The breaches posted below include only those reported in the United States and does not include incidents in other countries.

View the list HERE.

Danger for users of MSN Messenger

After a 0-day bug in Yahoo Messenger two weeks ago, this time the target is Microsoft's MSN Messenger. According to security service provider Secunia a malformed video data stream can trigger a buffer overflow in Microsoft’s Messenger which leads to the execution of injected arbitrary code. To exploit this vulnerability, the potential victim must accept an invitation to participate in a webcam session.

Read the article HERE.

Hacking Intranets Through Web Interfaces

Over the last 18 months, the web application security community has concentrated our efforts on hacking Intranets through the use of web-browsers. Because corporate users sit behind firewalls they often have access to attack intranet applications on behalf of malicious users.

Read the article HERE.

Why Apple Can't Stop iPhone Hackers

Indeed, this time, hackers may have the law on their side. Remember, decades ago, automakers built their instrument panels so that only authorized radios of their own manufacture would fit in. Eventually, U.S. courts ended that practice.

Read the article HERE.

Getting to the bottom of the gPhone rumors
The grapevine is buzzing this week over the "gPhone," Google's long-rumored mobile device that has been in the works for some time now. And while some of the rumors may carry more merit than others, history has shown that when news picks up, something is on the way.

Read the article HERE.

Tuesday, August 28, 2007

Another Sony Rootkit? (And it's Not BioShock)

Imagine that you visit your local mall and browse around for stuff to buy. And you decide to buy a new CD from your favorite artist and you also buy a brand new cool USB stick thingy on an impulse. You go home and stick the CD into your laptop's CD drive. It prompts you to install some software. You do so and while you are listening to the music, you open the USB stick package and start experimenting with your new toy. It has a fingerprint reader so you install the software for that as well. Guess what… you might have just installed, not one, but two different rootkit-like software on your laptop.

Read the article HERE.

Clearing the air: Bioshock does not contain a rootkit
This weekend news spread quickly that the PC version of Bioshock comes loaded with a rootkit. The only problem is, it isn't loaded with a rootkit, it's just your standard "let's punish our customers" anti-piracy tool.

Read the article HERE.

At this point I am not going to be surprised if people distrust Sony, and start tearing apart everything they make to see if there is some form of DRM cloaking happening. Most people will not notice and most people will not care. But Sony’s credibility is very strained right now when it comes to what commercial products are safe to purchase for the average person.

Microsoft News

Microsoft Opens 'Hackers' Web Site
It's no secret that Microsoft employs individuals that attempt to bypass the security restrictions built into its software products in order to make them safer, but the company has rarely publicized this fact.

That's changing with a new Web log called hackers @ microsoft.

The Redmond company plans to utilize the blog to introduce its "white hat hackers" and show people what they do for Microsoft, although in keeping with tradition, those mentioned on the blog will likely go by their pseudonyms. "At his or her core, a true hacker is someone who is curious and wants to learn how systems work. This can and of course at Microsoft is done in an ethical, legal manner," techjunkie writes in the first posting on the site.

Source : BetaNews

And, of course, comes with the mandatory disclaimer -
This blog is *especially* provided "AS IS" with no warranties, and confers no rights. Opinions are not of Microsoft

WGA Outage Over, No Word On Cause
Microsoft said over the weekend that an issue with its Windows Genuine Advantage validation systems -- which were causing verified systems to fail and lose access to features -- had been fixed.

Read the article HERE.

Cyber Security Bulletins August 20, 2007

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cyber Security Division (NCSD) / United States Computer Emergency Readiness Team (US-CERT).

Read more HERE.

News, Hints, Tips, Tricks & Tweaks

Read this weeks articles at WXPNews HERE.

New Intel Processor Fights Rootkits

Intel today rolled out a new desktop processor for business machines with hardware-based security features that it says can help prevent stealth malware attacks and better secure virtual machines.

Read the article HERE.

New CPU - not worth the money ?
But multicore CPU architectures are creating a nightmare for programmers, particularly those who want to take full advantage of the new chips' power. The upshot? Much of your brand-new CPU's potential, like an uneducated brain, is going to waste.

Read the article HERE.

Monday, August 27, 2007

TechNet Magazine - September 2007

Windows Vista
Dealing with a new operating system should make your life easier, not harder. Fortunately, this is the case with Windows Vista, thanks to features that make key management tasks much more flexible and hands-free. Check out our step-by-step guide to using BDD 2007 for a simple Windows Vista deployment. And see how the new and improved backup features in Windows Vista will keep user data safe in most any situation.

Windows Server
Managing Active Directory can sometimes feel a bit tedious and time consuming. We've got you covered. Here's a guide to 11 tools that will make Active Directory management a lot easier. And we show you how Tombstone Reanimation can save you a lot of time and frustration the next time you need to restore deleted objects in Active Directory.

You may be hearing a lot of buzz about Unified Communications. What is it? Why should you care? What can it do for your organization? Get the answers to all your questions in this tour of the Microsoft Office Communications Server 2007 and find out how integrated messaging, voice, video, and conferencing features can improve productivity and collaboration in your company.

Read the magazine HERE.

Know Your Enemy : Malicious Web Servers

Today, many attackers are part of organized crime with the intent to defraud their victims. Their goal is to deploy malware on a victim’s machine and to start collecting sensitive data, such as online account credentials and credit card numbers. Since attackers have a tendency to take the path of least resistance and many traditional attack paths are barred by a basic set of security measures, such as firewalls or anti-virus engines, the “black hats” are turning to easier, unprotected attack paths to place their malware onto the end user’s machine. They are turning to client-side attacks.

Read the article HERE.

Forensics On a Cracked Linux Server

This blog is the step-by-step process that one administrator followed to figure out what was going on with a cracked Linux server. It's quite interesting to me, since I have had the exact same problem (a misbehaving ls -h command) on a development server quite a while back. As it turns out, my server was cracked, maybe with the same tool, and this analysis is much more thorough than the one I was able to do at the time. If you've ever wondered how to diagnose a Linux server that has been hijacked, this short article is a good starting point.

Source : Slashdot

Honeypots as sticky as ever

New developments make honeypots even more valuable. Companies should have a honeypot, not to learn hacker and malware tricks, but as an early warning system. All computer security defenses will ultimately fail. And if they fail and a bad thing gets by your defenses, what's the next best thing? Early warning.

Read the article HERE.

Data Breach Case Study

I read the Harvard Business Review frequently and find that the quality of writing and insight it provides is excellent. This month’s (September 2007) edition is no exception as it features a timely data breach case study written by Eric McNulty titled "Boss, I think Someone Stole Out Customer Data." The format of the HBR case studies are well framed because they ultimately ask you, the reader, to conclude what you would do in the situation and provide many -- often diametrically opposed -- opinions from industry experts.

Read the article HERE.

Installing Java for Security Updates

How much of a security risk is it to not update your Java Runtime Environment? Well, it’s definitely a good idea to always update. Usually, and update addresses a security issue. A Java Runtime Environment is an application you install to your computer that allows you to run programs that were coded in Java, or use java applets found on a webpage. As far as uninstalling older versions after an update, it’s entirely fine to do so. However, I would recommend keeping one previous update, in case of issues. Then you can uninstall that new version, and roll back to the older one until the bugs are fixed. There’s no need to keep seven or eight old versions of this lying around on your pc, though.

Read the article HERE.

Sunday, August 26, 2007

Windows Genuine Advantage Servers Out

We contacted our sources at Microsoft, who told us off the record that the company is aware of a major WGA server outage affecting users across the globe. The Windows Genuine Advantage support forum has exploded with complaints, as a result, and Phil Liu, WGA project manager, says that he won't sleep until the problem is fixed. Windows Vista and XP are affected, 32- and 64-bit versions.

Read the article HERE.

$84 Million Porn Filter Hacked in 30 Minutes

Tom Wood, an Australian Year 10 student, has cracked the federal government's $84-million internet porn filter in just 30 minutes. He can deactivate the filter in several clicks in such a way that the software's icon is not deleted which will make his parents believe the filter is still working.

Read the article HERE.

Siphoning MySpace tunes using Safari

When it comes to protecting digital content holders from the hordes of naughty file grabbers, you'll be hard pressed to find a more zealous partner than Apple. So we were surprised to learn that Apple's Safari browser makes it easy to download MP3 files hosted on MySpace that are supposed to be limited to streaming only.

Read the article HERE.

Update from iPhone Unlocking

A late post at iPhone Unlocking says...

It is now the time when we said we would be offering iphone unlocking software to our
customers. We have the software. It works. And we are ready to go.

Seems AT&T is a bit annoyed at the idea. A middle of the night phone call from a Silicon Valley law firm is slowing down the release of the software to you. Stay tuned.

Hope you weren’t planning on getting your hands on Uniquephone’s iPhone unlock software, because things certainly aren’t going as planned. Until this legal issue is cleared up, it seems like their method of freeing your iPhone will remain a well kept secret.

Chinese want to buy Seagate

A Chinese technology company has expressed interest in buying a maker of computer disk drives in the United States, raising concerns among American government officials about the risks to national security in transferring high technology to China.

Read the article HERE.

Ubuntu prepares 'Gutsy Gibbon'

Ubuntu developers have taken the wraps off the fifth update to the upcoming "Gutsy Gibbon" version, a major release that will include significant additions to the Linux distribution.

Read the article HERE.

Is stealing wireless wrong?

So here's the thing. Are they going to prosecute someone who stands outside a bakery warming their hands? It is a bit like reading your book from the light coming out from someone's window.

Read the article HERE.

A wardriving we will go!
One in three mobile workers worldwide routinely hijack wireless connections- at a time when police on both sides of the Atlantic are coming down hard on "broadbandits" they catch jumping onto Wi-Fi connections.

Read the article HERE.

Police: Wi-Fi arrest not part of a crackdown
The arrest of a man for piggybacking on someone else's Wi-Fi-enabled broadband connection is not part of a wider crackdown, police said on Thursday. A 39-year-old man was arrested on Tuesday morning by two police community support officers (PCSOs) from Hounslow, as he sat on a wall outside a house in Chiswick, west London. He admitted to police that he had used a third party's unsecured Wi-Fi access point to gain access to the internet.

Read the article HERE.

Weekend Reading

Don't Click On These B00bies

You have to love a clever criminal.
1) Create deceptive eBay listing.
2) Use a picture of b00bies as the item picture.
3) Embed a bit of malware.
4) Steal eBay credentials.
5) Profit?
Here's the scenario straight from eBay [note: the listing has now been removed]:

Take a look HERE.

Data less safe today than two years ago

Today's electronic world is a risky place for your personal data -- and it's not getting any safer. More than 158 million data records of U.S. residents have been exposed as a result of security breaches since January 2005, according to The Privacy Rights Clearing House, a nonprofit consumer rights organization.

As fast as banks, merchants and consumers add new layers of security to their storage systems and network, say security analysts, new technologies -- or simply careless users -- create new security holes that aggressive and sophisticated identity thieves eagerly exploit.

Read the article HERE.

Troubled times for home networks

There are the technologies that prove how useless they are when you actually try them. Take for instance, home networking. Increasing numbers of us have amassed large collections of digital images, music, movies and TV shows. The ability to do more with it, to share it around and show it off, has an obvious appeal. But the available technology is not living up to its potential.

Read the article HERE.

America's Hackable Backbone

The first time Scott Lunsford offered to hack into a nuclear power station, he was told it would be impossible. There was no way, the plant's owners claimed, that their critical components could be accessed from the Internet.

Take a look HERE.

Terror goes digital. With Canadian help

The GlobeAndMail reports a somewhat misguided story about internet domain registrars like Register and Tucows, allowing registrar's to pay an additional fee to keep their registration records anonymous. In this age of decreasing privacy and increasing fraud, it's just a good idea considering any 13 year old can WHOIS an open DNS record.

In the article, the argument is being made that this helps terrorists stay anonymous too. Now let's be a little rational here. The last time we checked you are "innocent until proven guilty", at least in most countries. People who use loopholes and weaknesses in law to stay hidden will always do so. People with criminal intent cannot be controlled by anything other than due diligence and hard work. It will always be this way. This is a fools argument, leveraging people's fear of the terrorist "boogeyman", to make an argument with no merit.

The GlobeAndMail reports... HERE.

Saturday, August 25, 2007

'Microsoft' to compensate 419 victims

We're obliged to the reader who alerted us to the agreeable news that Microsoft will compensate deserving 419 victims to the tune of £100,000 a head. The email bringing these glad tidings is worth reproducing in full, and your attention is drawn in particular to the links kindly provided by the Lads from Lagos to back their pitch.

Read the article HERE.

iPhone's Network Lock Hacked By Teen

A 17-year-old hacker has broken the lock that ties Apple's iPhone to AT&T's wireless network, freeing the most hyped cellphone ever for use on the networks of other carriers, including overseas ones.

Read the article HERE.

Yahoo! Messenger Network Overrun By Bots

A large number of Yahoo!'s instant messenger chat rooms are being overrun by automated programs designed to hawk commercial services, Web sites and other wares, preventing millions of actual human users from joining most of the chat rooms on the company's network.

Read the article HERE.

Digital Reality Misunderstanding

Interestingly, content owners and publishers face the same fundamental conundrum in implementing DRM as malware writers do in attempting to encrypt or otherwise obfuscate the code of their creations. The crux of it is this: If, in the end, you need to actually run code or play media content, there will necessarily be a time at which it runs in the original, unprotected form.

Read the article HERE.

Movie pirate forced to use Microsoft

Sk0t, an ex-administrator of the EliteTorrents BitTorrent tracker is to have his internet connection forcibly monitored by the US Government. If that wasn’t bad enough, the monitoring software is Windows based - which means he is being forced to ditch Linux - or face being barred from the internet.

Read the article HERE.

Incurable Viruses: How Real Is the Threat?

The only type of virus that is truly incurable is a physically destructive virus. If the virus is a Trojan, worm or other file infecter, it can be cleaned up. An incurable virus would be one that alters or damages the system in some way. The question is: If there is no damage to the hardware and you can reload the OS, is the virus truly incurable?

Read the article HERE.

Friday, August 24, 2007

What is a PKI?

If you've every wondered what a PKI is...

Read the article HERE.

AVK tops latest AV-Test charts

Top four beat 99% in large collection scan. Testers at have run 29 products over a massive collection of malware samples, with detection rates measured against 874,822 items including worms, trojans, bots and backdoors. The top two were multi-engine products, with GDATA's AntiVirusKit ranked number one with 99.88% detection, and the Webwasher gateway product a close second with 99.86%. Close behind came BitDefender, with 99.51%, and Avira's AntiVir, on 99.29%, showing that single-engine products can also keep up with the amount of malware being pumped out by cybercriminals around the globe.

Read the article HERE.

Error Message

Your Password Must Be at Least 18770 Characters
Cannot Repeat Any of Your Previous 30689 Passwords

Read the Microsoft KB article HERE.

iPhone tantalizes, frustrates forensics experts

Technophiles may love the iPhone, but you criminals? Watch out. The iPhone may reveal more about your misdeeds than you realize. Derrick Donnelly, chief technology officer of Blackbag Technologies, a company specializing in Apple forensic solutions, is tempted by the rich array of potential evidence an iPhone might contain. Will its data favor the defense or the prosecution? "There is more information in there than your average cell phone," explains Donnelly. "The ease of use lends itself to more use … and more use creates more artifacts."

Read the article HERE.

1TB CD disks are coming

Mempile's schematic two photon system is called TeraDisc and is designed to store 1TB on a single disk. Each disk is built from polymethyl methacrylate which is almost entirely transparent to the specific wavelength of the laser used by its recorder. Dr Beth Erez, Mempile’s Chief Marketing Officer thinks that its ePMMA, disks can create a media with about 200 virtual layers five microns apart which each hold 5GB of data. The current prototypes can store 600–800GB per disk which is a lot of data. However Mempile boffins think that they can get this to a 1TB per 1.2mm thick disk soon.

Read the article HERE.

Performance rules in the processor world

Hot Chips conference at Stanford University, chipmakers focus on quad-core and other high-end tech.
Peter Glaskowsky posts 9 items about this event.

Read the articles HERE....[may have to scroll down]

Thursday, August 23, 2007

These CAPTCHAs are just not working out

Filling out a web form without also having to pass a CAPTCHA test nowadays is pretty rare. CAPTCHAs weren’t really that annoying to me when they were more of a rare occurrence but I have been finding myself more and more bothered with them lately, especially because my success rate in entering the correct letters seems to be around 75%. There are some CAPTCHAs I have encountered lately that take me several tries to get right. And when I get annoyed at some security measure my first thought is to try to break it.

Read the article HERE.

Windows Home Server leaked

Details about the first OEM systems equipped with Windows Home Server are leaking out on to the 'Net, and it looks like HP is going to get the ball rolling with its MediaSmart Home Server.

Read the article HERE.

Windows Home Server, officially available August 27
If there’s one computing server product every enthusiast and home-user should be excited about, it should be Windows Home Server - codename “Q”.

Take a look HERE.

FREE CompuSec® PC Security Suite 5.0

I know that many of you like to try some of these new free systems, so...

It provides Pre-boot Access Control requires you to enter your userID and password before the system will boot up. Once authentication is completed, FREE CompuSec® will automatically log you into the windows environment and provide a screen saver lock too. Hard Disk Encryption using AES algorithm keeps data safe by ensuring fast encryption speeds with minimized effect on performance. A file encryption function allows users to secure exchange files via FTP, email attachments etc. Encryption of Diskettes, CD-ROM using CD-Crypt and removable media eg. Memory Sticks and USB thumb drive allows users to secure their data between their CompuSec® protected PCs. Encryption of Server Files & Subdirectories using SafeLan allows users to store and share encrypted files in a network.

This software is a full product without any limitations and it is not a demo or trial version.

Visit the website HERE.

Do we need advertisements everywhere?

Susan's [SBS "Diva"] short post on advertising is a must read.

I think a lot of us have trained ourselves to discard AdWords from our visual intake of a web page. They are an eyesore, and for most websites, a source of little or no revenue. Of course, Adwords are not the only culprits. How often do we have an item of interest disrupted with "Article continues below", then are forced to navigate past a huge advertisement. Stories that run for 4 or 5 pages on websites bloated with ads are also a source of annoyance. I realise that most of these websites could not survive without advertising. Is that a bag thing? No - it is not. I have also "ranted" [in the nicest possible way] more than once about the constant repition of articles [dangers of USB's, malware infected email spam, mobile security, diusc encryption and other network security issues] by these websites. They must be under constant pressure to produce content to satisfy their advertisers.

And now, lucky us, we will have a new player in the market. Feeling left out [of the huge revenue available], Microsoft has announced it is to become a player. Just what we needed. Now every other web page will carry TWO sets of text links.

Microsoft's Answer to Google AdWords

Displaying its typical flair for draining all the poetry out of the naming process, Microsoft Content Ads enters the beta process, with the promise of opening up formerly premium MSN ad inventory to low-cost clients.

Read the article HERE.

Of course, not everyone is happy with the way things are done. Remember when the the first link was meant to be the most relevant. No longer the case. That's prime real estate.

American Airlines sues Google over keywords
Yes, another week, another tech lawsuit – this time it’s American Airlines suing Google for its keyword ad placement. American Airlines alleges that Google sells sponsored links on top and to the right of search pages that, according to American Airlines, dilutes the company’s good name and confuses the public.

American Airlines filed the massive 55-page complaint in the Northern US District Court of Texas and demands a jury trial. If it wins, the airline wants an injunction, treble damages and money to conduct a “corrective advertising campaign”.

Read the article HERE.

And to end it all, what about those horrible double underlined links that produce their very own small webpage.If I never see another one again it will be to soon!!!

Google Launches First YouTube Ads
Video website YouTube is to feature advertising for the first time, after Google revealed it is offering companies the chance to run ads on some of the site's most popular content.

Read the article HERE.

Wednesday, August 22, 2007

SharK2: Trojan Creation Made Easy!

With the prevalence of DIY kits, every kid on the block has the ability to invade other people’s computers at whim. But what has changed over the course of time is the ease of use of these kits along with the advancement in stealth technologies. SharK is one such remote-access Trojan kit that allows the attacker to customize the Trojan with loads of features available within the toolkit.

Read the article HERE.

Storm of the Day (Welcome Member)

Looks like Storm moved to a new mutation. The e-mails are now inviting users to become members in various "clubs". Here is a sample I just got:

Read the article HERE.

Operating System Vulnerability Scorecard

When I started doing these scorecards, I did two variations - year-to-date and last-3-months - thinking that the latter would reflect short-term bursts of issues and that the former would give an overall view for the year that would incorporate the ups and downs. Instead, the two versions of the charts seem to look very similar except for the numbers and scale. This kind of hints that whatever vulnerability disclosure and fix rate a product has, it is staying pretty consistent over time, at least in 2007.

Read the article HERE.

Jeff Jones paints misleading picture
Jeff Jones is a Strategy Director in the Microsoft Security Technology Unit, part of the team trying to make Microsoft products more secure, poor guy. No surprise that he publishes a vulnerability report on his Microsoft TechNet hosted Security Blog which always seems to suggest that Microsoft Windows is far more secure than competing operating systems from Linux vendors.

Read the article HERE.

Watermarking a bigger devil than DRM

There’s some debate as to whether watermarking causes perceptible noise or not and I think that misses the whole point. If it’s not perceptible, then it can be stripped out and watermarking is pointless. If it is perceptible then I don’t want it. But the most compelling argument against this entire watermarking scheme is that all it takes is a single stolen credit card buying a bunch of songs and uploading it to break the entire scheme. The whole scheme is pointless.

Read the article HERE.

Tuesday, August 21, 2007

Security vulnerability in Mercury Mail

The bug affects the current version of the server, version 4.51. Older versions may also be vulnerable. The developer has not yet released a security update. Until a patch becomes available, Mercury mail server administrators should restrict access to trusted persons and computers.

Read the article HERE.

Secunia Advisory: SA26519
Release Date: 2007-08-20
Critical: Highly critical
Impact: System access
Where: From remote
Solution Status: Unpatched

First exploit for Patch Tuesday vulnerability

A security researcher has published the first exploit against one of the 14 vulnerabilities patched last week by Microsoft, security company Symantec has warned customers. In a posting to the Full Disclosures security mailing list, Alla Bezroutchko, a senior security engineer at Brussels-based Scanit NV/SA, spelled out JavaScript code that crashes Internet Explorer 6.0 on Windows 2000 and Windows XP Service Pack 2. Bezroutchko's proof of concept exploits the critical bug in XML Core Services that was patched by MS07-042.

Read the article HERE.

Cyber Security Bulletins August 20, 2007

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cyber Security Division (NCSD) / United States Computer Emergency Readiness Team (US-CERT).

Read more HERE.

The Risks of HTML-Formatted E-mails

You can love ‘em or hate ‘em, but you can’t stop people sending them. So what are the risks of HTML e-mail? With HTML-formatted e-mails anything goes, just like on the Web. Data can be invisible (using small or transparent text), obfuscated (using special tags), dynamic (formed inline during rendering), and scriptable (using client-side scripts such as JavaScript and VBScript).

Read the article HERE.

Beware of Five-Star Vaporware

U.K. computer programmer Andy Brice was proud of the awards and accolades his software had won from his peers online. That is, until he noticed that pretty much everyone else's software received the same "5-star" rating and high praise from various software directories and download sites.

Read the article HERE.

Keep The Bad Guys Out Of Your PC

Read this, and other articles at WXPNews HERE.

The Difficulty of Validating Systems and Users

One of the issues plaguing Identity management and online authentication systems is how to accurately validate the identity of the system or user connecting to a service. One possible means for identification that has attracted attention recently is finding and identifying a 'MachineID', some form of unique identifier that is specific to a particular physical system and which is difficult to reliably fake. This might take the form of tracking internal network IP addresses, end user system patch levels and browser configuration, and even tracking of end user system hardware configuration.

Read the article HERE.

Monday, August 20, 2007

Did Russian Hackers Crash Skype?

An anonymous reader sends us to the forum where a poster claims that the worldwide Skype crash was caused by Russian hackers.

Read the Slashdot post HERE.

A look inside a Russian hackers' dojo
Ilya Vasilyev might be the closest thing to a martial arts master the computer world has. For the last 10 years, the long-haired, soft-spoken Russian has been running a school, or perhaps more accurately a dojo, for hacking in Moscow. He trains his students in computer skills that run the gamut from assembly language and networking right on through to cracking programs and virus writing. They're trained in "hacker ethics" -- don't harm people, don't misuse the skills -- and can gain the equivalents of white and black belts, though in this case bracelets are substituted.

Read the [OLD] article HERE.

Open Source Security - Part 1

Securing Credibility: Some quarters in the software industry still carry a bias against the credibility of open source security applications. Open source network gateway developer Untangle did not expect to find its request for certified testing of the popular open source virus security product ClamAV shunned. When it was, Untangle decided to do its own test.

Open source applications have come into their own. For some time, open source programmers held much the same reputation as shareware authors. They were little more than experimenters and programming geeks who chose the alternate code-writing route because they could not or did not want to compete in the real software industry of commercial programming.

Read the article HERE.

Vista smart card infrastructure explained

Windows Vista Smart Card Infrastructure provides details about the Microsoft Windows smart card infrastructure and how smart card-related components work in Windows.

This document also contains information about troubleshooting and debugging tools, and tools that information technology (IT) developers and administrators can use to deploy smart card-based strong authentication in the enterprise.

Download the .doc from Microsoft HERE.

Foundations of Cryptography

The basic idea of cryptography is to take a plaintext message, combine it with a key, and get ciphertext output. Once ciphertext is generated, its secrecy is not that important as long as the key is secret. Only those with the key to decrypt the message are able to read it. The process of encrypting plaintext messages is encryption. Getting the plaintext back from the ciphertext is decryption. The process of trying to break a cryptosystem is cryptanalysis.

Read the article HERE.

Sunday, August 19, 2007

The Mobile Malware Kitchen Is Open for Business

It seems the days of mobile phone functions have expanded greatly over the years. Phone nowadays can be organizers, email clients, web browsers or music players. The popularity of such devices means that the phone is slowly replacing some of the functions of a computer. In fact, one particular feature that I would like to talk about is the ability to completely customize your phone to have a whole new operating system loaded. In fact, each Windows mobile phone comes with a license for the Windows mobile operating system.

Read the article HERE.

Firewall LeakTesting

[Episode #105] Leo and I discuss the history, purpose, and value of personal firewall leaktesting. We examine the myriad techniques clever developers have found for accessing the Internet and sending data out of PCs even when those PCs are being protected by outbound-blocking personal firewalls.

Read, or listen, to the article HERE.

Google Gadgets can be misused by phishers

Security researcher Robert Hansen, a frequent critic of Google, reported the issue to the company's security team, but he was not satisfied with their response. He says Google told him that what he sees as a flaw is simply part of the site's expected behavior.

Read the article HERE.

Beating the pirates

RIAA faces possible class action over suing the innocent
Single mom Tanya Andersen, a defendant in a previous lawsuit brought by the RIAA, was one of the first to have her case dismissed with prejudice (it cannot be refiled at a later date). Throughout the court battle, she maintained her total innocence, a claim given even more plausibility by the fact that she was charged with downloading numerous gangsta rap tracks.

Read the article HERE.

Aussies learn lesson : can't plug a digital leak
Hence, the "speedy removal" of the movie "within 72 hours of it being posted on the internet" was no removal at all, for the movie spread too fast. Once the cat's out of the bag, there's no putting it back in. Once copied, it cannot be "removed" from the Internet.

Read the article HERE.

Watermarking to replace DRM?
Watermarking has been in the news twice in the past week. First, Wired's Eliot Van Buskirk revealed that Universal will insert watermarks in the DRM-free files it's distributing through Rhapsody, and other online stores.

Then, Wednesday, Microsoft announced that it's licensing audio watermarking technology developed by its research division to a company called Activated Content. (Microsoft Research used to be devoted entirely to building technology that would later be incorporated into Microsoft products, but a couple of years ago it began to license technology through its IP Ventures program.)

So what's watermarking? Read the article HERE.

Company Fined For Passing News Clips Around Internally
An analyst firm has agreed to pay up a $300,000 settlement after an "insider" informed the SIIA that the firm passed around news clips to employees. This is very typical.

Read the article HERE.

Weekend Reading

Anonymous Wikipedia editors caught red handed

Wikipedia has always taken a dim view of people editing their own entries, but it's always been possible to remain anonymous while rewriting history. At least until now.

Take a look HERE.

The Right Way To Fix Inaccurate Wikipedia Articles

Suppose your company, boss or political candidate discovers that their Wikipedia article is wrong, or has subtle inaccuracies that nonetheless paint them in an unfavorable light? Most people unfamiliar with how Wikipedia works consider only two solutions: edit the article or sit on their hands. Unfortunately, neither approach typically results in the optimal outcome: a factually accurate profile containing trustworthy information.

Take a look HERE.

German "anti-hacker" law forces hacker sites to relocate

Germany isn't the place to go if you're a computer security researcher with a penchant for writing code. Already a number of security projects have relocated or shut down to avoid any possibility of prosecution under the broadly-worded statute.

Take a look HERE [Sunnet Beskerming] or HERE [Ars Technica].

Report: Web 'Mean Streets' Pervasive

If you still think avoiding risky sites keeps you safe on the Web, think again: Newly released research from the Honeynet Project & Research Alliance shows that even seemingly "safe" sites can infect you.

Take a look HERE.

Americans clueless about online threats

Nobody is a stranger to messages from wealthy folks in Nigeria offering millions of dollars, and we all know that if we need information on Viagra or penny stocks, all we have to do is check our inboxes. Of course, those e-mails are just trash, and we all delete them, right? Well, not according to a recent survey sponsored by Microsoft.

Read the article HERE.

Thoughts from Black Hat

Talk to anyone who attends Black Hat USA conferences and you'll hear about how boring the talks are, how nobody learned anything new, how the hacks were known last year — not to mention the ridiculous posers. Ask those same attendees if they plan to attend next year, and they say "yeah" as fast as a poker player pushing all in with pocket aces.

Take a look HERE.

What's in @ name

A Chinese couple tried to name their baby "@," claiming the character used in e-mail addresses echoed their love for the child, an official trying to whip the national language into line said.

Read the article HERE.

Saturday, August 18, 2007

Stolen USB drive - Idaho National Guard

An Idaho National Guard member managed to have a USB thumb drive containing thousands of soldiers’ records stolen out of her car. The tiny drive was not encrypted and had the Social Security numbers and other personal information of 3400 soldiers from the state’s National Guard force.

Other computer equipment was also taken from the car. Idaho National Guard officials say the victim had taken the information as part of her official duties and didn’t say what, if any, punishment would be administered.

All Idaho National Guard soldiers are currently being notified by phone and email about the data theft.

Source : TG Daily

Red Hat security holes identified

A flaw in the ISDN CAPI subsystem could potentially allow a remote user to cause a denial of service or privilege escalation and a glitch in the Bluetooth subsystem could result in a local user triggering an information leak.

Updated kernel packages that fix several security issues and bugs in the Red Hat Enterprise Linux 3 kernel are now available. These new kernel packages contain fixes for the security issues described below:

Read more HERE.

Would You Like A Job With That Virus?

Cyber crooks are targeting a wave of new attacks at people searching for jobs online, security experts warn. Oddly enough, the criminals behind this scam appear to be just as interested in hiring you as they are in hijacking your PC.

Read the article HERE.

Army reports brass, not bloggers, breach security

For years, the military has been warning that soldiers' blogs could pose a security threat by leaking sensitive wartime information. But a series of online audits, conducted by the Army, suggests that official Defense Department websites post material that's far more potentially harmful than blogs do.

The audits, performed by the Army Web Risk Assessment Cell between January 2006 and January 2007, found at least 1,813 violations of operational security policy on 878 official military websites. In contrast, the 10-man, Manassas, Virginia, unit discovered 28 breaches, at most, on 594 individual blogs during the same period.

Read the article HERE.

Google Gestapo

Google boots Infosecsellout
One of this year's strangest security stories has come to an appropriately bizarre conclusion. Google has given the boot to the anonymous blogger (or bloggers) known as Infosecsellout, claiming terms of service violation.

Read the article HERE.

Google gags Facebook code leaker
Google's legal Luftwaffe has swooped on Facebook's behalf to shoot down an anonymous blog which posted two sections of source code leaked by the social utility.

Facebook Secrets was at the centre of the embarrassing code exposure over the weekend after it republished code served up by the site to student Trae McNeely. His story is here. The second dollop of PHP script was dished up by the blog on Monday.

Read the article HERE.

When InfoSec Companies are Targeted

One of the perils of being an Information Security company is that they become targets of the individuals and groups that produce malware and engage in illegal online activity.

Read the article HERE.

Friday, August 17, 2007

Highly critical flaw found in Microsoft Excel

Microsoft's Excel application contains a vulnerability that could allow a remote attacker to gain access to a system. The flaw affects multiple versions of the spreadsheet software, including Excel 2000, 2002 and 2003, as well as versions of Microsoft Office containing those versions. It can also be manipulated in Excel Viewer 2003 and Office 2004 for Mac.

Read the article HERE.

Core Release Pass the Hash Toolkit

Hernan Ochoa from Core has released the Pass the Hash Toolkit which is very cool.. It basically means that you dont have to bother cracking a password on a taken machine anymore, you can simply use his iam.exe to associate the captured hash with your current session.

Read the article HERE.

New URI browser flaws worse than first thought

A little-known feature in the Windows operating system can lead to big problems for Web surfers. Security researchers Billy Rios and Nathan McFeters say they've discovered a new way that the URI (Uniform Resource Identifier) protocol handler technology, used by Windows to launch programs through the browser, can be misused to steal data from a victim's computer.

Read the article HERE.

McAfee Avert Labs Blog

It’s a Hoax…Or Is It? - Hoax virus warning messages
Beginning of the end of legitimate eCards?

Read the articles HERE.

Synergy syncs two computers simply

SYNERGY is a simple, elegant answer to a problem that for many techies is so obvious and familiar they've forgotten it's a problem: how do you cope with needing to use multiple different computers on a regular basis?

Read the article HERE.

What hard drive manufacturers aren’t telling you

In a nutshell, the study states that drive failure rates are between 2-13% per year. Keep in mind that these rates are for average use (studies include data centers and user systems). Hard drive manufacturers would have you believe the average rate of failure (MTBF) is over 1.5 million hours. This equates to roughly over 171 years of constant service before problems. A 5% failure rate translates to 100% failure in 20 years, a far cry from 171 years.

Read the article HERE.

Thursday, August 16, 2007


Opera 9.23 released for improved security
Security vendor Secunia today reported a highly critical Javascript flaw in Opera 9.22 and earlier. Fortunately, Opera already knew about the problem and today released a more secure version of Opera, version 9.23. How did they know about it? The Norwegian browser company said it used a tool that was released during this year's Black Hat USA by rival Mozilla, the makers of the Firefox browser.

According to Secunia, the Opera vulnerability is the result of an unspecified error when processing JavaScript code. The error can produce a virtual function call using an invalid pointer. This can be exploited tricking a user into visiting a malicious website executing arbitrary code.

At Black Hat, Mozilla's Window Snyder told me that both Apple and Microsoft were also given copies of the Mozilla Javascript fuzzer as early as May. No word yet whether Apple or Microsoft has used the tool on their own Internet browsers.

Source :

Interview with Opera Software's VP of Engineering
For us, security is largely about architecture, process, and user interface. Architecturally, we might be less prone to certain issues, due to the fact that we have a self-contained browser application with few necessary dependencies to the underlying platform. Process-wise, we might test more diversly than the competition, due to the fact that we release our products on the largest amount of different platforms.

Take a look HERE.

Ubuntu Servers Hijacked

Members of the Ubuntu colocation team suggest the attack could have begun with a Chinese IP address. The Ubuntu community had to yank five of the eight Ubuntu-hosted community servers offline after discovering that the servers had been hijacked and were attacking other machines.

Read the article HERE.

New zero-day bug : Yahoo Messenger

A bug in Yahoo Messenger that first surfaced on a Chinese security forum can be used to hack a Windows PC, McAfee researchers confirmed today. The vulnerability, apparently a heap-overflow bug, can be exploited by duping a user into accepting a malicious webcam invitation, said Wei Wang, a Beijing-based researcher at McAfee's Avert Labs.

Read the article HERE.

Malware hosted on AGAIN! is a dynamic dns provider and has hosted malware several times in the past including a element of the zero day word exploit. It was also used as the ftp download site for a SAV based worm 12-2005.

Read the article HERE.

The Wall Street Journal Gets It Wrong

The Wall Street Journal recently published an article looking at security on network systems and, more precisely, how to get around it so that the average employee can do the things they want that the network idoesn't allow. The publication did soften the blow to corporate IT by asking what risks employees were taking by doing this but somehow forgot to point out the biggest risk of all to the employee: termination.

Read the article HERE. has gone

Visit the website HERE.

Wednesday, August 15, 2007

Online crooks fine-tune selling of malware

"The best program in its class I have ever seen!" gushes one review. "One of the most powerful products on the market," reads another. These aren't just any reviews. They're comments from satisfied customers of black market malware and utilities, left on forums and sites where user ratings are just one way the shadowy online crooks who profit from spewed spam, virus-laden PCs, and identity theft use standard business practices to sell their illegal bounties.

Read the article HERE.

Microsoft Fixes 14 Software Security Flaws

Microsoft today released software updates to plug at least 14 security holes in computers powered by different versions of its Windows operating system and other software.

Read the article HERE.

Facebook users expose all to strangers

Sophos set up a profile page for Freddi Staur (an anagram of ID Fraudster), featuring a picture of a small green plastic frog and minimal personal information. It then sent out 200 friends requests which received 87 responses. Of these, 41 per cent of the total sample gave access to personal information. In the majority of these cases, details such as email addresses (72 per cent), date of birth (84 per cent), place of work or education (87 per cent), and current address (78 per cent) were made available to a potential fraudster.

Read the article HERE.

PandaLabs spots killer Shark malware

PandaLabs is warning web users of the Shark 2 malware, a highly flexible tool for creating Trojans on users' PCs. Luis Corrons, technical director at PandaLabs, said, "The Trojans created with Shark 2 are designed to steal all types of confidential information, from the type of processor used by the computer to program and bank passwords. "Cyber-crooks can even activate users' web cams and watch what they are doing."

Read the article HERE.

Buffer the Overflow Slayer

Microsoft's DirectX Media software development kit may be doing a lot more than helping designers give a realistic flesh tone to Lara Croft's breasts. It could also be introducing critical vulnerabilities into a countless number of applications that are spawned by the SDK.

Read the article HERE.

Help Design HP’s Next Laptop

I received an invitation, in part because of some reviews I’ve done as a blogger, to provide feedback and ideas to HP on what kind of laptop I’d design if I could do it myself. The sky is the limit and I think this is a great opp for MVP’s and others to speak up.

Read more HERE.

Tuesday, August 14, 2007

Cyber Security Bulletins August 13, 2007

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cyber Security Division (NCSD) / United States Computer Emergency Readiness Team (US-CERT).

Read more HERE.

Online File Storage

Read this, and other articles at WXPNews HERE.

Mumbai police tightens noose on cyber culprits

In a bid to save time in cyber crime investigations, the city police is creating a database of all the internet protocol (IP) addresses across the cosmopolitan which will help in detecting the details of an Internet user in a few minutes.

Read the article HERE.

Security Fix Pop Quiz

Yes, dear readers, it's time once again for a Security Fix Pop Quiz, intended to serve as a gentle reminder to install security updates for third-party programs. The table below lists the software title, the date each update was released, followed by a link to the latest, patched version of the software. Where possible, clicking on the hyperlinked software title will produces a page that should tell visitors what version they currently have installed.

Read the article HERE.

Blue Pill and virtualized malware

We have been studying the issue of malicious hypervisors for quite some time at McAfee Avert Labs and have come up with several techniques to detect whether the system runs on top of a hypervisor or whether there is a piece of code that is trying to initiate a hypervisor

Read the article HERE.

Monday, August 13, 2007

Facebook Source Code Leaked

We just received a tip that the source code for the Facebook main index page has been leaked and published on a blog called Facebook Secrets. There are only two possible ways that the source code got out - the first is that a Facebook developer has sent it out, or the more likely option that a security hole has been used on either one of the Facebook servers or in their source code repository to reveal the code.

Read the article HERE.

LEAKED: Vista SP1 analysed in-depth

It's no secret that there's a leaked beta of Vista SP1 floating around, but no-one yet has really taken the time to analyse it in detail to find out what it really does. I made it my mission this weekend to trawl through the registry and file changes in SP1 to find out as best I could exactly what SP1 does.

Read the article HERE.

Vista Prevents Users Playing High-Def Content

Content protection features in Windows Vista are preventing customers from playing high-quality video and audio and harming system performance, even as Microsoft neglects security programs that could protect users. Gutmann's paper called Vista's content protection rules "the longest suicide note in history."

Shamelessly pandering to the Big Media copyright holders, Vista automatically degrades so-called "premium" content such as high definition movies and audio tracks when they are output to less than bleeding-edge new devices that don't happen to support Intel's High-bandwidth Digital Content Protection (HDCP) DRM scheme

Read the article HERE.

Protecting Aussie Internet Users

Within the last 24 hours the Australian Commonwealth Government announced that they would be spending $189 million Australian dollars ($162 million USD) on a range of packages and programs designed to protect Australian Internet users against all that the Internet has to offer, under the name Netalert. With increasing increasing coverage by the Australian media, it is worthwhile to investigate what the features of the proposed scheme actually are, and whether they have any chances of working.

While the $189 million is not being immediately assigned to the effort, and reflects a number of endeavours under the guise of protecting Australians against Internet nasties, there are some critical problems with the approach that the Government is taking.

Read the article HERE.

Security Public Relations Excuse Bingo

Play the game HERE.

Vulnerability opens gate through firewalls

Network administrators beware: A quirk of the Web's addressing and name system can be turned with little difficulty into a way for attackers to tunnel behind firewalls, piggybacking on surfer's Web browsers. Speaking at this year's Chaos Communication Camp (and echoing talks given several times over the past few weeks), he focused on a vulnerability in Web browsers and common applications such as Flash, newly discovered, but drawing on a problem first outlined by Princeton researchers in 1996.

Read the article HERE.

Sunday, August 12, 2007

Hackers steal data on 60,000 Norwegians

Internet hackers have stolen confidential data on 60,000 Norwegians, including the head of the agency for safeguarding them, the agency itself revealed Friday.

Read the article HERE.

5,800 students at risk of ID theft

A Loyola University computer with the Social Security numbers of 5,800 students was discarded before its hard drive was erased, forcing the school this week to warn the students about potential identify theft.

Read the article HERE.

Phishing researcher 'targets' the unsuspecting

If he weren't so ethical, Markus Jakobsson could be a world-class online fraudster. In a way, he already is. Jakobsson, a cybersecurity researcher and professor at Indiana University in Bloomington, spends much of his time perpetrating online attacks of unsuspecting Web surfers - without actually harming them, of course - to see what types of ruses people will fall for and to predict potential new techniques phishers might pursue

Read the article HERE.

What is server-side polymorphism?

Server-side polymorphism is a type of polymorphism where the polymorphic engine (the transformation function responsible for producing the malware's many forms) doesn't reside within the malware itself...

Read the article HERE.

Porn links left on children’s book site

Hackers this week broke into the website of GP Taylor's best selling novel Tersias and left links to thousands of porn sites on the review page. The author was said to be heartbroken that, a site visited by thousands of his fans every day, should be used in such a way by Web criminals.

Read the article HERE.

Weekend Reading

DDR3 offers no improvement over DDR2

However, until Intel moves away from its 64-bit FSB bandwidth, the figures we'll continue to see will suck. Some still bizarrely talk about incredible bandwidth, but we're very sorry to report that bandwidth just isn't there. Seeing 8.7 GB/s of memory bandwidth with memory at 2GHz just does not make any sense. Single channel and Dual-Channel just do not make sense before Nehalem shows up.

Take a look HERE.

Hack Attack: Intermediate guide to BitTorrent

Last week's beginner's guide to BitTorrent got you all up to speed on what BitTorrent is and how you can use it to download and share large files. It was a pretty good start, but there are a couple settings that any avid BitTorrent-er should tweak to keep their files sharing smoothly over BitTorrent.

Take a look HERE.

Unix/Linux Command Cheat Sheet

Lifehacker has a great item for Linux users: Don't fear the terminal! Take the plunge and learn the basics of the terminal with the printable guide put together by FOSSwire. FOSSwire covers the very basic ins-and-outs of the terminal on a one page PDF. Included in the guide are commands for: working with files, obtaining system information, managing processes and file permissions, file compression, shortcuts, network management, and SSH. This guide is perfect for recent switchers ready to take the terminal head-on.

Take a look HERE.

Delete This!

A series of legal events means that companies that have no business reason to retain documents or records may be compelled to create and retain such records just so they can become available for discovery.

Read the article HERE.

The Return of the IPv4 Shortage

Many years ago I was told dismissively, by smart people, that "we'll never run out of IP addresses!" But now people who really should know not only see it happening, they see the pool of IPv4 addresses exhausting in "late 2009 / early 2010." Yikes! That's just around the corner!

Take a look HERE.

Exploit hunter ponders ethical hacking

Like spies in a John LeCarré novel, network security professionals inhabit an ethically shadowy world. Gunter Ollman, Director of Security Strategy for IBM Internet Security Systems recently posted a blog entry discussing some of the ethical dilemmas faced by security services vendors in dealings with software vulnerability brokers

Take a look HERE.

BitTorrent goes closed source

Developers are being told that they cannot have access to the code of the latest version of BitTorrent. The problem with using an Open Sauce licence was that people were taking the product, repackaging it, charging for it or loading it with spyware.

Take a look HERE.

Using Darknets to See the Light

Firewalls, intrusion detection and prevention systems, antivirus – they’re all old tricks of the trade that IT has traditionally deployed to maintain the security of large and complex networks.

Take a look HERE.

The data theft time bomb

While viruses and worms remain the most pesky security problems, data theft concerns simmer beneath the surface. Despite the billions of dollars spent on information security products, the aggressive patching and repairing of operating systems and applications, and the heightened awareness of the need for computer users to guard against identity theft, most organizations aren't feeling any more secure than they were a year ago.

Take a look HERE.

Do Botnets Dream of Digital Sheep?

Right now, botnets are one of the most concerning problems in information security and are considered to be source of all evil like spam, click frauds and denial of service attacks.

Take a look HERE.

Saturday, August 11, 2007

Critical vulnerability in Norton

Symantec has revealed the presence of critical vulnerabilities in Norton AntiVirus 2006, Norton Internet Security 2006, Norton Internet Security - Anti Spyware Edition 2005 and Norton System Works 2006, which can be exploited by an attacker to gain control of a Windows PC.

Read the article HERE.

Secunia Advisory: SA25215
Release Date: 2007-08-09
Critical: Highly critical
Impact: System access
Where: From remote
Solution Status: Vendor Patch

ATI driver flaw exposes Vista kernel

An unpatched flaw in drivers from ATI creates a means to smuggle malware past improved security defences in the latest version of Windows and into the Vista kernel. Microsoft is working with ATI on an update which security watchers warn might be far from straightforward to roll-out.

Read the article HERE.

Chaos Communication Camp 2007

Just 3 days after the closing ceremony of Defcon, security enthusiasts from all over the world continue their meetings at the Chaos Communication Camp 2007 at a retired military airport near Finowfurt, close to Berlin. Can you even imagine a camping site with fast ethernet and power in every tent and crowded with some of the world leading security experts?

Read the article HERE.

Goodbye PDF Spam…welcome FDF!

Yes, say goodbye to the PDF spam wave and welcome the FDF stock spam wave! McAfee Avert Labs Blog tells us that yes, you will be able to open it with the regular Acrobat reader! Maybe to bypass filters based on file extension, the spam now is using the file extension .FDF, which is the format used by the data exported from a pdf form fields. The new spam will usually follow the format: -UserEmail.FDF, like GlobalTrading-pbueno.fdf

Google faces more than just a new rival in Wikia

Google Inc. and other search engines face far more than just a new rival in Wikia Inc.; they face the prospect of hundreds, even thousands of new competitors.

The entire search-engine project that Wikia is working on will enter the open-source domain, drastically reducing the cost for just about anyone to make a search engine, said Gil Penchina, the company's CEO. Instead of paying millions of dollars to index the Web and create the software to build a search page, new search companies will find these items free online thanks to the open-source and free software communities.

Read the article HERE.

Windows Vista Security

FAQ: Why can’t I bypass the UAC prompt?
The designers of Windows Vista's User Account Control expressly decided not to incorporate functionality like setuid/suid or sudo found in Unix and Unix-like OSes such as Mac OS X. I think they made the right decision.

Read the article HERE.

Vista prevents users from playing high-def content
Content protection features in Windows Vista are preventing customers from playing high-quality video and audio and harming system performance, even as Microsoft neglects security programs that could protect users, computer researcher Peter Gutmann argued at the USENIX Security Symposium in Boston Wednesday.

Read the article HERE.

Internet Explorer 7 Desktop Security Guide
Internet Explorer 7 offers users more protection than previous versions of the browser through a combination of new features and more secure default settings. In keeping with the need to balance security and usability, the default values for these new features and settings have been configured to offer the best choice for a broad range of users. This white paper examines some of these new features and settings that you can modify to provide a more "locked down" security configuration. This

Download the whitepaper HERE.