Packet Call
Yes I know, "curiosity killed the cat", but I can't help myself when it comes to packets. My curiosity has been piqued after looking at some of the port trends last night on DShield. Take a look at these ports below and their interesting trends. None of them had any activity so to speak till these explosive amounts of traffic. Notice the number of targets all stay very low. Is it legitimate or evil in nature? I can think of scenarios for both, but I have no clue which is why I would like to get some packet captures to spend my weekend playing with. If anyone happens to be able to nab some or has seen a large amount of this, please let me know!
Most Consumers Overestimate PC Safety
It's self-serving, but a new study by McAfee Inc. and the National Cyber Security Alliance has found that 78 percent of consumer PCs in the U.S. are not protected (defined as having up-to-date AV, spyware and a properly configured firewall). What's interesting, though is how many people think they are protected: 93 percent according the survey, which is set to be released Monday.
Read the article HERE.
ISP Death By A Thousand Duck Bites
For many years much of Internet community has continued to point a finger at ISPs, claiming they’ve turned a blind eye towards the botnet problem. While sometimes their arguments seem well founded, often, those claiming ISPs are “feeding us dirty water” don’t fully understand the ISP’s predicament. I hope to shine a bit of light on some of the extraneous factors gating the service provider considerations space as it relates to network convergence, bots and the surrounding business aspects.
Read the article HERE.
Passive Network Analysis
In sports, it's pretty much accepted wisdom that home teams have the advantage; that's why teams with winning records on the road do so well in the playoffs. But for some reason we rarely think about "the home field advantage" when we look at defending our networks. After all, the best practice in architecting a secure network is a layered, defense-in-depth strategy. We use firewalls, DMZs, VPNs, and configure VLANs on our switches to control the flow of traffic into and through the perimeter, and use network and host-based IDS technology as sensors to alert us to intrusions.
Read the article HERE.
iPhone's Bluetooth bug
Almost lost in the hubbub over Thursday's iPhone firmware update and whether it would "brick" unlocked phones was the fact that Apple patched 10 vulnerabilities -- twice the number of fixes issued since the phone's June debut. Apple's iPhone firmware update provided many fixes, but the Bluetooth vulnerability still remains worrisome.
Read the article HERE.
Mathematics and Cryptography
The worlds of academic mathematical research and commercial and governmental application, with their occasionally distinct values and practices, meet and sometimes clash in the study and implementation of cryptosystems. The author describes his own experiences, and those of mathematical colleagues, in this intersection.
Read the 8 page article [PDF] HERE.
One OpenID to Rule Them All...or Not?
Decentralized online identification system OpenID can log you into thousands of social networking sites (and counting) using a single username and password. However, while OpenID is terrific in theory, it's real-world usage still has a way to go. Let's take a look at some of the pros and cons of OpenID.
Read the article HERE.
OpenID Precautions [Episode #111]
Having several times addressed the value and potential of the open source, open spec., and popular OpenID system, which is rapidly gaining traction as a convenient means for providing "single sign-on" identification on the Internet, this week Leo and I examine problems and concerns, both with OpenID and those inherent in any centralized identity management solution.
Read or listen to the article HERE.
Weekend Reading
The Case of the Recent Cross Carrier SPAM
Interesting time for mobile messaging and the threats they are going to face. What caught by eye was the title ‘Cell Phone Users Experience Text Spam’. We’ve discussed this before with the most interesting incident being when one operator took legal action.
Take a look HERE.
==================================================================
Patching. Is it always with the best intentions?
Over the years, malicious software has attempted every trick in the book when it comes to hooking into an operating system, not only to remain persistent at the time of execution but also beyond system reboots.
The forthcoming paper will describe how hooking into the operating system has changed over the years, including some examples of the most 'interesting' methods from MSDOS, early Windows versions and in to present day Windows Vista. Such, somewhat more historical, methods include manipulations of hard disk partitions, critical operating system files and trivial system registry modifications whilst injecting code into running processes, hooking critical startup processes, creating system services and patching memory of running processes are much more contemporary methods.
Take a look HERE.
==================================================================
Million yuan job awaits jailed worm author
Want a high paying job? Perhaps a little online vandalism will help your chances. A network company in eastern China has offered a job paying a million yuan (US$133,155) a year to Li Jun - the inventor of the most destructive computer virus in China - although he was sentenced to four years in prison yesterday.
Take a look HERE.
==================================================================
TrafficMaster sells clients' info to UK.gov
Noted UK news brand the Daily Mail served up a somewhat error-speckled tech scoop last night, with news that a government "'spy in the sky' system" is involved in a "secret 'Big Brother' operation... allowing officials to pinpoint the exact location of thousands of vehicles".
Take a look HERE.
==================================================================
Security Roundtable: Do we have privacy anymore?
It's funny taking part in a conversation like this; We all pretty much agree that the average internet user is more of a danger to themselves than most companies are. Sites like Facebook and MySpace encourage people to put their every little factoid out there where anyone can see it, and people are willing to give up the most sensitive information if it will get them a slightly better shopping experience or a free candy bar.
Take a look HERE.
==================================================================
Fraud police buckling under mountains of data
Fraud investigators are struggling to cope with vast quantities of data sent to them by financial institutions, meaning some crimes may go uninvestigated or even unnoticed. The issue is prompting banks and other financial institutions to ask law enforcement and regulators to share with them more of the data they have about suspicious transactions, in order to better combat fraud.
Take a look HERE.
==================================================================
If users are a security threat, how do you manage them?
Question 1: "Argggghhhh. [My biggest problem is] managing the users who keep losing their damned handsets packed full of sensitive email addresses, emails etc. We talk a lot about technology, but aren't the users often the weakest link? What tips do the experts have for dealing with this?"
Take a look HERE.
==================================================================
The Trojan Money Spinner
Mika is the author of one of our analysis tools called Mstrings. The tool is part of the automation that assists us in identifying malware as Banking Trojans. His presentation, The Trojan Money Spinner, provides details on the nature of Banking Trojans and their function.
Take a look HERE.
==================================================================
5 things I've learned about privacy
As founder of the Ponemon Institute, a privacy and business ethics think tank, Dr. Larry Ponemon worries society will give up on privacy ideals as protecting personal data becomes harder.
Take a look HERE.
==================================================================
Why Microsoft must abandon Vista to save itself
While Vista was originally touted by Microsoft as the operating system savior we've all been waiting for, it has turned out to be one of the biggest blunders in technology. With a host of issues that are inexcusable and features that are taken from the Mac OS X and Linux playbook, Microsoft has once again lost sight of what we really want.
Take a look HERE.
Antivirus product self-protection test
In the test described below, we analyzed the self-protection capabilities of antivirus solutions that run under Microsoft Windows XP with Service Pack 2. Self-protection from the following types of attacks was analyzed:
1. Modification of file and registry key access permissions.
2. Modification / removal of modules.
3. Deletion of antivirus databases.
4. Modification / deletion of important registry keys.
5. Process termination.
6. Modification of processes / code.
7 .Driver unloading.Read the article HERE.
Data stolen - 800,000 affected
A laptop containing unencrypted personal information for 800,000 people who applied for jobs with clothing retailer Gap Inc. has been stolen. Gap joins scores of other organizations that have lost sensitive information entrusted to them. The computer contained social security numbers and other sensitive information belonging to residents of the US and Puerto Rico who applied online or by phone for jobs from July 2006 to June 2007.
Read the article HERE.
IN SECURE Magazine Issue 13
Is That Big Brother in Your Pocket?
This morning, you left the house tagged with a tracking device that the government can use to find out where you have been and where you are going.
I'm talking, of course, about your cell phone. Read the article HERE.
Experts slam mobile spying software
Security experts have slammed applications used to spy on mobile phone users. The warning from researchers at F-Secure comes as a growing number of programs are being launched to track and record mobile phone conversations and text messages. Such software is chiefly marketed at those who suspect a partner of having an affair, or to monitor children's telephone activity.
Read the article HERE.
Video 2: Buffer overflow and libc attacks
In the second of five films featuring Uli Drepper, he talks a little more about buffer overflows and another security implementation currently being used. Learn a little about libc attacks stemming from buffer overflows and the canaries that serve to protect the stack in these emergencies.
Read the article HERE.
Microsoft News
Fun with Microsoft’s Genuine Office Validation
I ran into a very interesting scenario with Microsoft's Genuine Office Validation the other day. Basically, I have Office 2007 Professional Plus installed and activated on my notebook. And, I wanted to install the Save as PDF or XPS Add-in (Link). No problem, I located the Add-in download page on the Microsoft site, and started to step through the validation process and was then presented with the following message: "This computer has failed validation."
Read the article HERE.
Windows XP gets reprieve
Microsoft has extended the availability of its Windows XP operating system to computer makers by five months. System builders will now be able to continue making computers bundled with XP until 30 June 2008. The software was scheduled to be axed on 31 January 2008.
Read the article HERE.
Shoe, meet other foot: Microsoft
Microsoft general counsel Brad Smith, bearing no obvious bruises from his recent European beatdown by the Court of First Instance, showed up at the Senate yesterday to take a few good whacks at Google. Just weeks after the EU upheld Microsoft's monopoly penalties, there must have been a certain degree of schadenfreude in the prospect of getting a public platform to challenge Google on antitrust grounds.
Read the article HERE.
Vista drivers
Microsoft has established a hardware site dedicated to Vista drivers. Searching for Vista drivers for Microsoft mice, keyboards, headsets, media center devices or anything made by Microsoft Hardware, then click HERE.
Read the article HERE.
The Death Of Windows Media Center
A security expert who once worked for Microsoft wrote in his blog on Monday he may dump the company's Windows Media Center in favor of Ubuntu-affiliated LinuxMCE after struggling with the software giant's digital-rights management software.
Read the article HERE.
Apparently, today was a slow news day
Not Much Anonymity for Unprotected File-Sharers
The same technology that allows easy sharing of music, movies and other content across a network also allows government and media companies easy access to who is illegally downloading that content.
Read the article HERE.
Corporate stupidity aids hacker
Convicted hacker Robert Moore, who is set to go to federal prison this week, says breaking into 15 telecommunications companies and hundreds of businesses worldwide was incredibly easy because simple IT mistakes left gaping technical holes.
Moore said what made the hacking job so easy was that 70% of all the companies he scanned were insecure, and 45% to 50% of VoIP providers were insecure. The biggest insecurity? Default passwords.
Red Oracle: Default Password List
There are 424 vendors and 2135 passwords in the database.
See them HERE.
How to expose Gmail contacts
Google security lieutenants can't get a break. Over the past week, they've taken a public pounding, following reports of at least four previously undisclosed holes that included new cracks in Gmail and weaknesses that jeopardize the privacy of those who rely on the site to organize photos or administer their websites.
Read the article HERE.
Stealth Windows update prevents XP repair
A silent update that Microsoft deployed widely in July and August is preventing the "repair" feature of Windows XP from completing successfully. Ever since the Redmond company's recent download of new support files for Windows Update, users of XP's repair function have been unable to install the latest 80 patches from Microsoft.
Read the article HERE.
Apple patches 10 iPhone flaws
Apple today released 10 iPhone security updates, including 7 within the MobileSafari browser. The update is available only through iTunes and is not available from the Apple Downloads page. The version users should see within their iPhone after applying this update should be 1.1.1 (3A109a). Further, Apple refuses to discuss pending security vulnerabilities not patched here, stating "For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available."
Read the article HERE.
Microsoft Live Search overhauled
Microsoft has made drastic changes to its Live Search. Among the most notable updates include a fourfold increase in the number of sites indexed, improvements to understanding what users are trying to search for, and an "enhanced algorithm " that will allow the company to generate more relevant results.
Read the article HERE.
Building a cheap and powerful IDS
Commercial network-based IDS can often be quite expensive. On the other hand, there is the common perception that implementing an open-source IDS is complicated. Recently, I had the opportunity to install an open-source IDS and found the opposite to be true. You can easily build a powerful open source-based IDS in less than a day, as I did.
Read the article HERE.
AOL IM Security Hole Unplugged?
A day after users of AOL's instant messaging service were advised to upgrade to address a vulnerability uncovered by Core Security Technologies, well-known security researcher Aviv Raff reports that he has found a way to defeat the patch.
Read the article HERE.
New cracks in Google mail
Yesterday, we reported on an unholy trinity of Google vulnerabilities that put emails, private photos and website security at risk. Today came word of a new weakness that makes it easy for bad guys to silently put a backdoor in Gmail accounts.
Read the article HERE.
Black eye for eBay security
Hackers brazenly posted sensitive information including home addresses and phone numbers for 1,200 eBay users to an official online forum dedicated to fraud prevention on the auction site.
Read the article HERE.
Adobe web server wide open
A critical vulnerability in one of the CGI script components of Adobe web server allows access to arbitrary system files. File contents can be displayed merely by opening a specially crafted URL in a browser.
Read the article HERE.
Not so private key
Apparently Adobe does not check its parameters for ../
Read MORE HERE.
Picture theft through hole in Google’s Picasa
A combination of various attack methods may allow any web server to access pictures organised with Picasa. But this is not the only problem with Google applications.
Read the article HERE.
Metasploit Adds iPhone Hacking Tools
The iPhone is now officially fresh meat: Metasploit creator HD Moore has added iPhone-hacking features to the wildly popular freebie penetration testing tool. Metasploit 3.0 now has Apple iPhone shellcode, with "payloads" for writing exploits using the Metasploit framework.
Read the article HERE.
Torrent site Demonoid downed
Bittorrent tracker site, Demonoid appears to have been shut down. Both the tracker and the website have been unresponsive for nearly 24 hours. It shifted its servers from the Netherlands to Canada in June after its ISP was served with legal threats.
Read the article HERE.
Excel goes crazy at 65,535
Ask Toolbar Control Buffer Overflow
Joey Mengele has discovered a vulnerability in Ask Toolbar, which can be exploited by malicious people to compromise a user's system.
Secunia Advisory: SA26960 Release Date: 2007-09-25 Critical: Highly critical Impact: System access Where: From remote Solution Status: Unpatched
Read the advisory HERE.
Deceptive file names under Vista
Attackers can use Unicode character codes under Windows Vista to conceal filenames and filename extensions. A demonstration by Max Ried makes an executable screen-saver file (.scr) look like a harmless image (.jpg).
Read the article HERE.
Major Vulnerability in AIM - IE7
The chief technology officer of the company that makes Core Impact, a very well-known penetration testing product for enterprise networks, has gone public with the discovery of a new and significant vulnerability affecting AOL Instant Messenger, on systems where Internet Explorer 7 is also installed.
Read the article HERE.
OpenOffice TIFF flaw
Security experts have discovered TIFF-based buffer overflow vulnerabilities in OpenOffice, which could allow attackers to remotely execute code on Linux, Windows or Apple Mac-based computers.
Read the article HERE.
Security experts launch malware 'killer'
Security experts have launched a new research website featuring a detailed malware encyclopaedia, a world threat atlas and advice relating to the geographic distribution of threats. Threat Expert has been developed by the same team who created PC Tools' flagship Spyware Doctor.
Read the article HERE.
Firefox as the weapon of choice?
The security testers alike are always seeking new tools to make their testing more effective. Most application security testers are already using some Firefox plug-ins to assist in their testing. These plug-ins are usually very helpful in getting some quick and easy test tools directly from within the browser.
Read the article HERE.
Microsoft News
Windows Server 2008 Release Candidate Evaluation
RC0 is out !
You will see 5 flavors of W2k8 SKUs...namely
Read the article HERE.
Microsoft Reveals Dates, Prices For Mac Office 2008
Microsoft has said that it will ship a Macintosh version of its new Office productivity suite on Jan. 15. Officially called Microsoft Office 2008 for Mac, the software is a version of the Windows-based Office 2007 rewritten for use on Apple computers. The suite includes Word 2008, Excel 2008, PowerPoint 2008, and Entourage 2008, a contact and scheduling application.
Read the article HERE.
New Version Of Microsoft Office Due In 2009
The next version of the Microsoft Office productivity suite appears to be on track to be released in the fall of 2009, with test releases coming as soon as early next year.
Read the article HERE.
Google users at risk
If you use Google to send email, organize photos or help administer your website, doomwatchers have cataloged three new ways to steal your data and compromise the security of your users. All three of the techniques rely on cross site scripting.
Read the article HERE.
The Cutting, Biting Edge of Security News
The key security mailing lists can be almost unbearable to read, but that's where the action is. These lists are the highest-volume sources of security information. Some of them are also high-volume sources of complete garbage. Here are the major ones:
Read the article HERE.What is overlooked in this article is the issue of "infomercials".The author's website is a prime offender.Try and find an article without a product promo.
Uninformed - Vol.8
These are the articles in the latest edition of Uniformed.
Real-time Steganography with RTP
PatchGuard Reloaded: A Brief Analysis of PatchGuard Version 3
Getting out of Jail: Escaping Internet Explorer Protected Mode
OS X Kernel-mode Exploitation in a Weekend
A Catalog of Windows Local Kernel-mode Backdoors
Generalizing Data Flow Information Read them HERE.
News, Hints, Tips, Tricks & Tweaks
Read this weeks articles at WXPNews HERE.
Apple: firmware update for iPhones
Apple said today that a firmware update to the iPhone due to be released later this week "will likely result" in SIM-unlocked iPhones turning into very expensive bricks. Apple says that it "strongly discourages" users from installing these unlocking programs, and that doing so violates users' iPhone software license agreements as well as voids their warranties.
Read the article HERE.
Cyber Security Bulletins: Release Date - Sept 24
The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cyber Security Division (NCSD) / United States Computer Emergency Readiness Team (US-CERT).
Read more HERE.
Click-fraud, captchas & session-fixation puzzles
I love puzzles. Here are some security-related ones that I recently ran-into/solved while working on my “website”.
Read the article HERE.
Click-fraud, captchas & session-fixation puzzles
I love puzzles. Here are some security-related ones that I recently ran-into/solved while working on my “website”.
Read the article HERE.
Beta Software News
Experiencing Vista Service Pack 1 Beta
I'd like to take the opportunity to share my very own experiences with Windows Vista SP1 Beta running on several PCs of my own. I decided to test SP1 on a variety of hardware which allows me to test a variety of scenarios:
Read the article HERE.
ZoneAlarm ForceField arrives in beta
Check Point has released a beta [pix here] of yet another sandbox for your Internet browser. Called ZoneAlarm ForceField, the idea is simple: What happens in Firefox, stays in Firefox. Or Internet Explorer, for that matter. Any downloads or collateral material you collect during your browsing experience is destroyed once you close the browser. If beta testing goes well, Check Point plans to release ZoneAlarm ForceField in the first quarter of 2008 as a retail product.
Read the article HERE.
Google ready to launch next version of Gmail
The Google Monster is testing a fresh version of its webmail program, Gmail.
Read the article HERE.
Secunia Personal Software Inspector
The Secunia PSI detects installed software and categorises your software as either Insecure, End-of-Life, or Up-To-Date. Effectively enabling you to focus your attention on software installations where more secure versions are available from the vendors.
Take a look HERE.
Firefox 3.0 alpha 8
Mozilla updated the preview of Firefox 3.0 to alpha 8 late yesterday, unveiling for the first time to users several security features it's talked up for months. Among the security provisions debuting in the new alpha of "Gran Paradiso," the code name for Firefox 3.0, are built-in anti-malware warnings and protection against rogue extension updates, according to documentation Mozilla posted to its Web site.
Read the article HERE.
Virtualization and Security
I probably don't have to tell you that virtualization is one of the hottest technologies in the IT world right now. Between the demand for x86 server virtualization at the enterprise, mid, and small business levels as well as the demand for multi-OS and runtime desktop solutions in both the business and consumer markets, virtualization is all the rage.
Read the article HERE.
Microsoft hacker summit tackles security veil of virtualization
The Fall edition of Microsoft’s Blue Hat hacker summit will kick off with a heavy focus on piercing the security veil of virtualization and process isolation. At Blue Hat v6, scheduled for September 27-28 in Redmond, external security researchers and internal Microsoft software engineers are expected to extend the debate over the risks of virtualization.
Read the article HERE.
Microsoft no longer 'laughingstock' of security
As corporate vice president of Trustworthy Computing (TwC) at Microsoft Corp., Scott Charney is among those at the helm of the company's long-standing efforts to improve the security of its products. In an interview with Computerworld, Charney -- a former federal prosecutor of computer crimes and an assistant district attorney in the Bronx before that -- talked about TwC, the changing threat environment and what security fears keep him awake at night. Read the article HERE.
Roll back DirectX with handy shareware
DirectX has long been the bane of those Windows users who aren't so keen on gaming. If alien zapping or football plays really aren't your thing, then there's no honest-to-goodness reason that you'd want the crazed MS multimedia API sat on your system, consuming your resources.
At the other end of the scale, if you're the sort of hardcore gamer that likes to play with point releases and betas of the latest DirectX software, then you'll also have realised that rolling back between revisions is, shall we say, a testing affair.
So, enter the new version of the accurately named 'DirectX Happy Uninstall', which is available here. It does what it says on the tin - uninstalls DirectX from your system. The latest version was pushed out yesterday, taking the software to v3.96.
It'll cost you $12 shareware, old-school style, but if you're having issues with your rig and want to avoid a re-install, you might find it saves the day.
The downside? No support for Vista or DirectX 10. Anybody crazy enough to go in that direction is on their own, ya here?
Source : The Inquirer
Acronis True Image 11
Computer users can easily protect their entire computer, including valuable photos, music, videos and work documents, with Acronis True Image 11 Home — the latest version of Acronis' file and system disk imaging backup and restore software for home and home office users.
Read the press release HERE.
To early for a test review, but the forum is always a good place to stay up to date.
Anonymous domainnames
Over the years we've seen the whois system deteriorate for domainnames with -paid for- anonymous registrations, with systems that point you to website where you have to interact with the website instead of continuing on the command line, with results that come back as gifs instead of text etc. But today I was dealing with a .name registration that's likely up to no good, but on the odd chance there was a real company behind it I checked it out in whois:
Read the article HERE.
Look who's talking about whitelists now
Now before I go further I'll make an obligatory disclaimer (because people have gotten the wrong idea in the past) that I am not anti-whitelist, I use whitelisting techniques, i think they can be a worthy addition to a security strategy, but unlike the hypesters I don't sweep their limitations under the carpet...
Read the article HERE.
Going undercover in the world of phishing
Jason Harbert was a terrible spammer. The research scientist for Cloudmark recently spent weeks monitoring the phishing community's chat rooms and forums, learned the lingo, earned some trust, and even received kits from the fraudsters who set up scam pages that steal victims' personal data. Then he went and hurt the criminals' feelings after not coming through on the spam delivery.
Read the article HERE.
Guessing at Compromised host Numbers
The fine art of pulling numbers from your nether regions.
Read the article HERE.
Windows Personal Firewall Analysis
Updated September 20 : During our security analyses of personal firewalls and other security-related software that uses SSDT hooking, we found out that many vendors simply do not implement the hooks in a proper way. This allows local Denial of Service by unprivileged users or even privilege escalations exploits to be created. 100% of tested personal firewalls that implement SSDT hooks do or did suffer from this vulnerability! This article reviews the results of our testing and describes how a proper SSDT hook handler should be implemented. We also introduce BSODhook – a handy tool for every developer that deals with SSDT hooks and a possible cure for the plague in today's Windows drivers world.
Read the article HERE.
Windows on the cheap
You've proobably seen a lot of articles going on about how great Linux is. This isn't one of them. Typically, these pieces sing the praises of free software. They talk about the advantages of never paying licence fees, no restrictions on use, rapid security fixes, no danger of being tied into proprietary file formats or commercially-motivated upgrade cycles. However, you don't have to go Linux to get the benefits of free software.
Read the article HERE.
Oracle 11g Password algorithm revealed
The algorithm is very simple and easy to guess. Once you realise that the SHA1 hash stored in SYS.USER$.SPARE4 is too long. The algorithm is simple. This can be described as ...
Read the article HERE.
Weekend Reading
A new approach to securing USB flash drives
USB Flash drives are great. Securing them, however, is not so great. They are easily lost and the more you use one, the more likely it will contain files you consider sensitive. Corsair recently came out with a product that takes an entirely new approach to securing flash drives.
Take a look HERE.
==================================================================
The Open Source Challenge
How to replace Windows completely with Ubuntu
We all know how far open source software has progressed, but has it come so far to not only challenge Windows, but replace it? Can you really install Linux and open source software in place of Windows, and want for nothing?
Take a look HERE.
==================================================================
Best Free Software to Unlock Your Favorite Hardware
It sucks that your favorite gadgets have more functionality than their default software exposes, but it rules that several software applications are built to unlock that potential for free. Whether it's your iPod, Xbox, router or iPhone, we've covered some incredibly ambitious free software projects that unlock features and enable unauthorized but oh-so-useful applications to run on them. Get our top 5 favorite pieces of software to unlock your hardware.
Take a look HERE.
==================================================================
Six consumer technologies that are destroying traditional IT
Earlier this year, the researchers at the Gartner Group published a series of reports on the invasion of consumer technologies into the enterprise and the challenges that this phenomenon has created for IT departments. Gartner has wrapped all of that research into a special report called Consumerization: The IT Civil War. If this really is a war, I think it’s fair to say that IT is losing.
Take a look HERE.
==================================================================
Disable ldirectord checks
ldirectord is a daemon to monitor and administer real servers in a LVS cluster of load balanced virtual servers. ldirectord is typically used as a resource for heartbeat , but can also run standalone from the command line. ldirectord monitors the health of the real servers by periodically running a service check
Take a look HERE.
==================================================================
Is Pump-and-Dump more lucrative than Identity Theft?
An interesting aspect of the Ameritrade data breach last week was that according to their press release the only information stolen was "contact information" such as name, e-mail, phone number and address. Even though more sensitive data like SSNs and account numbers were in the compromised database, that information was "not taken". While this could be due to strong internal controls that prevented the theft, it is also possible that attackers simply weren't interested in that information.
Take a look HERE.
==================================================================
Internet pipes not ready to burst
Despite the fact that more people are dishing up video and other bandwidth-saturating content, Internet traffic growth rates are actually slowing down. That’s not to say the exabytes of data sitting in databases and other places around the globe couldn’t find its way onto the Internet at some point and create a problem.
Take a look HERE.
==================================================================Profile: HP's Blackbird 002The computer is not universally recognized as something that elicits emotion, like a sports car or a tailored suit or even a simple sculpture. Two weeks ago, Hewlett-Packard introduced the most unique PC it has ever built, and that perhaps any major manufacturer has built in decades. It's the product of a merger of vastly differing mindsets - the clinical, practical engineers of HP with the wild, daring, and often over-the-top designers of VoodooPC. The Blackbird 002 may be HP's first real museum piece.
Read the article HERE.
Malware spectre haunts Adobe Reader
Adobe Reader may be subject to a security hole that creates a means for hackers to take over vulnerable Windows boxes simply by opening a maliciously constructed PDF document.
Read the article HERE.
Comodo 'hunts' buffer overflow bugs
Security firm Comodo has released a free diagnostic tool designed to identify buffer overflows in desktop security products. Our try-out, however, suggests that Comodo's BO Tester is principally designed to help poach users than provide a detailed breakdown of bugs.
Read the article HERE.
Warnings over Bluetooth security
With Bluetooth wireless features fast becoming commonplace on mobile devices, users need to be aware of the security vulnerabilities linked to the technology.
Read the article HERE.
Eavesdropping on Bluetooth Headsets
Josh Wright from the SANS Institute shows how sniffing and hijacking bluetooth headsets is a reality.
View the video HERE.
Spammers feeling lucky with Google
For quite some time spammers have been trying to hide links advertised in their e-mails. The main reason for this is probably increasing effectiveness of various realtime blocklists, such as SURBL. For those that aren’t familiar with SURBL, it’s an RBL that lists list URIs found in spam e-mails. In other words, instead of listing spam zombies or relays, RBLs like SURBLs list sites that are referenced in advertised spams.
Read the article HERE.
Bubbles...For Kids!
The discovery of the Bubbles worm has led to the discovery of more and more variants across the internet. While all have essentially the same methods of infection, not all simply block security programs. FSL has come across a variant of the Bubbles worm that is designed to steal any and all sensitive information from the victim's computer through the most devious method of all...keylogging!
Read the article HERE.
Hackers reveal day-to-day dangers
The BBC's Jonathan Kent attends the Hack In The Box conference in Malaysia to hear about the dangers ethical hackers are starting to uncover.
These days meetings of computer hackers are no longer gatherings of pale young men sitting in rooms knee deep in pizza boxes. Instead they're a magnet for security experts from banks and corporations eager to hear the latest in computer security research.
Read the article HERE.
Flaw in Windows Media Player
Hackers can wield malicious Windows Media Player files to exploit any unpatched Internet Explorer (IE) vulnerability on a PC -- even if the user relies on Firefox, Opera or some other Web browser.
Read the article HERE.
Lesson From Tor Hack
Anonymity and Privacy Aren't the Same
As the name implies, Alcoholics Anonymous meetings are anonymous. You don't have to sign anything, show ID or even reveal your real name. But the meetings are not private. Anyone is free to attend. And anyone is free to recognize you: by your face, by your voice, by the stories you tell. Anonymity is not the same as privacy.
That's obvious and uninteresting, but many of us seem to forget it when we're on a computer. We think "it's secure," and forget that secure can mean many different things.
Read the article HERE.
Fake Name Generator
The Fake Name Generator will create a fake online identity for you. Providing a new name, address, email, phone number, birthday, mother's maiden name, credit card, and SSN, and also giving you a choice of sex and nationality. The FNG may be useful in many situations, some of which are listeded in the FAQ.
Visit the website HERE.
Welcome to hoaxMail
We provide a free and simple service that provides you with the tools to anonymously send spoof email and SMS messages. If you've ever wanted to trick your friends or family by sending them an email or an SMS from someone else, then you've come to the right place. Our free service allows you to send emails from any email address to anyone and SMS messages to anyone from any name/number - no matter what country you live in!
Visit the website HERE.
Belgium is no longer for sale - official
Electronic car boot sale, Ebay, has withdrawn an auction for the country of Belgium, Europe, after bidding reached ten million Euros. The ad, placed by an ex-journalist [a PR man, you mean? - Ed], was in protest at the fact that the country still had no government, some 100 days after a general election, reports Ananova.
Bidding started at one Euro and reached 10 million Euros after 26 bids before Ebay removed it from the site. An Ebay spokesman commented: "We can't allow bidding on something virtual or unrealistic. People must be able to buy and sell on Ebay in a neutral way."
Well, Belgium is just about as neutral and anodyne as anyone could wish for, being famous for, err, the saxophone and being very flat.
Source : The Inquirer
Zero-day flaws surface in AOL and Yahoo IM
Zero-day vulnerabilities in two popular instant messaging products could put millions of computer users at risk of malicious hacker attacks. Exploit code has been released for the more serious of the two flaws — a gaping hole in Yahoo Messenger — that could expose users to code execution attacks.
Read the article HERE.
Windows and IE vulnerability alarm
Security researchers are warning of a newly discovered vulnerability in Windows operating systems that makes applications susceptible to remote attack if they rely on widely used application programming interfaces. It is one of at least three PC-based security flaws to be published in four days.
Read the article HERE.
Hacker publishes Apple Wi-Fi attack
Researcher David Maynor has published details of the controversial Apple Wi-Fi hack he disclosed at last year's Black Hat conference. More than a year after claiming to have found a way to take over a Macintosh computer using a flaw in the system's wireless card, David Maynor has published details of his exploit.
Read the article HERE.
JavaScript/HTML droppers
It need not always be a plain and simple Word attachment. September 2007. Five months later, a new HTML file appears attached to a seemingly benign looking e-mail.
And the fact that AntiVir was one of only two progz to pick up this intruder in no way influenced my decision to include this item - and if you believe that, have I got a deal for you.
Read the article HERE.
User tracking with SSL certificates in Firefox
Security specialist Alexander Klink has described a way to identify PCs remotely by means of a kind of super cookie. At the moment, it seems that PCs can only be detected by this means if Firefox is configured as the default browser. The "cookie" is based on TLS Client certificates generated by means of "Signed Public Key and Challenge" (SPKAC), which are saved locally when a specially prepared website is visited.
Read the article HERE.
Firefox Patches QuickTime Flaw
Mozilla has ditched the ability to run arbitrary script from the Firefox command line, a quick fix for a year-old QuickTime bug that could be used to take over user systems.
Read the article HERE.
Internet security moving toward "white list"
Internet security is headed toward a major reversal in philosophy, where a "white list" which allows only benevolent programs to run on a computer will replace the current "black list" system, which logs and blocks an ever-growing list of malevolent applications.
Read the article HERE.
Misleading Data Undermines Counterfeiting Claims
For months, Canadian coppers have been claiming that software piracy costs the country $30 billion. The figure has been used by countless lobby groups to get the Canadian authorities to bring in some tougher anti-piracy laws. US Ambassador to Canada David Wilkins even quoted the figure in a March 2007 speech critical of Canadian law.
However bogger Michael Geist thought there was something fishy about the figure and asked for the sources behind the Royal Mounted Police's $30 billion claim.
The letter came back from red-faced coppers confessing that they made up the figure based what they had read on the Internet. The RCMP did not conduct any independent research on the scope or impact of counterfeiting in Canada, but rather merely searched a couple news stories. The sources for the outrageous claim came from an unsubstantiated telly news piece, which in turn got the figure from the International Anti-Counterfeiting Coalition, which happens to be the movie, recording and software industry in drag, and which simply made it up
It seems that the RCMP just saw the figure which was plucked out of the bottom of the IACC and printed it as its own. Soon they'll try solving their cases by looking to see who did it on Wikipedia.
Source : The Inquirer
iPhone unlocks may result in expensive bricks
Apple's Steve Jobs said yesterday that the company would actively work against those who perform a SIM unlock on their iPhones. This isn't surprising news, but we believe that the consequences for unlockers could be pretty high.
Read the article HERE.
Software
GNOME 2.20 officially released
GNOME 2.20 has officially been released. The latest version of the increasingly popular open-source desktop environment includes useful new features and user interface improvements.
Read the article HERE.
I.B.M. to Offer Office Software Free
I.B.M. plans to challenge Microsoft’s dominance of personal computer software, by offering free programs for word processing, spreadsheets and presentations.
Read the article HERE.
OpenOffice.org 2.3
Available for download now, OpenOffice.org 2.3 incorporates an extensive array of new features and enhancements to all its core components, and protects users from newly discovered security vulnerabilities. It is a major release and all users should download it.
Read more HERE.
Hackers exploit widget security holes
New attacks that exploit widgets and gadgets are imminent, according to the latest Web Security Trends Report from Finjan. The potential scale of the problem is highlighted by the fact that there are already around 3,720 widgets already available on Google, 3,197 on Apple and 3,959 on Facebook.
Read the article HERE.
How to Find Phishing Sites
So you want to search for active phishing websites via Google?
You could start off with a simple search parameter like – inurl:paypal
You'd get way too many results, and vast majority of them would be legitimate sites.
Read the article HERE.
The Threat of Reputation-Based Attacks
CastleCops.com is accustomed to being attacked by online crooks: The volunteer-led cybercrime-fighting group has endured nearly a month long siege by thousands of criminally-controlled PCs aimed at crippling its Web site. So when the latest attack failed to prevent legitimate users from visiting the site, the bad guys unveiled an unlikely secret weapon: bogus donations.
Read the article HERE.
Emails reveal secret government project
The cold war being waged between MediaDefender and P2P copyright infringers is rife with mutual deception, but one fact shines through all of the layers of obfuscation: MediaDefender consistently underestimates the ingenuity, resourcefulness, and dedication of its adversaries. In this case, it could cost the company everything.
Read the article HERE.
Hackers Smack Anti-Piracy Firm Again and Again
Hackers are taking credit for at least three breaches at anti-piracy firm MediaDefender. The newly revealed attacks threaten to turn what started as an embarrassing e-mail leak into a full-blown security meltdown for the company.
Read the article HERE.
Max Vision misses the killswitch
Having already done time in prison, Max Butler - aka Max Vision - went to great extremes to cloak his new and allegedly-illegal activities from prying eyes. But court documents filed in a case charging him with five new counts of fraud suggest that despite the care he took, much of his undoing came at his own hands - and the hands of associates he trusted the most. The hacker, who in 2001 pleaded guilty to unleashing a worm that accessed computers at a US Air Force base, employed a "killswitch" on his PC that allowed him to destroy incriminating data at a moment's notice, according to an affidavit.
Read the article HERE.
Microsoft Releases Office 2003 SP3
Security takes center stage including allowing users to control which macros run in legacy Excel files, potentially blocking malicious code. Read the article HERE.Office 2003 Service Pack 3 (SP3) Homepage: HERE
Microsoft Reveals Vista SP1 - Will Install XP
In response to customer demands Microsoft announced that instead of patching bugs and improving features of Vista in the next service pack release, they would just install XP.
Read the article HERE.
Build malware protection into operating systems
Malware protection needs to be built into operating systems rather than bolted on as an afterthought if the industry stands any chance of dealing with the evolving threat of targeted attacks, according to a senior security researcher. Joanna Rutkowska, chief exec of Invisible Things Lab, who is best known for her research on rootkits and Vista security, told delegates to the Gartner security conference in London on Monday that user stupidity was only part of the security problem.
Read the article HERE.
'Whole Journey' email encryption
It is very rare for an organisation to mandate less security in its IT systems. In fact, the relentless march of new threats places pressure on us all to increase our levels of security, to ensure we can match new and emerging attacks. Email is one of the most potent business tools that we have, but also one of the most vulnerable systems for attack.
Read the article HERE.
Four Percent of E-Crime From Fortune 100
Roughly four percent of all spam, malicious software attacks, phishing Web sites and other cyber crime activities detected in the first half of 2007 emanated from the networks controlled by the world's 100 highest-grossing companies, according to a new report from anti-virus company Symantec.
Read the article HERE.
Symantec implicated in phishing scam
Harbinger of doom, Symantec, has been implicated in a cynical phishing scam resulting in innocent journalists writing thousands of words of puff for its products. The latest victims are BBC writers who have been duped into providing unpaid advertising for the company.
Read the article HERE.
Cyber Security Bulletins: Release Date - Sept 17
The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cyber Security Division (NCSD) / United States Computer Emergency Readiness Team (US-CERT).
Read more HERE.
News, Hints, Tips, Tricks & Tweaks
Read this weeks articles at WXPNews HERE.
Yahoo Acquires Zimbra For $350 million
Yahoo will announce the acquisition of open source online/offline office suite Zimbra this evening, we just heard through a very solid source. The price: $350 million, in cash, confirmed. This was a very, very smart acquisition. In one quick move Yahoo is now in the race with Google for the next generation online/offline office suite.
Read the article HERE.
Anti-Phishing Phil
The Design and Evaluation of a Game That Teaches People Not to Fall for Phish
In this paper we describe the design and evaluation of Anti-Phishing Phil, an online game that teaches users good habits to help them avoid phishing attacks.
Phishing is part of a larger class of attacks known as semantic attacks. Rather than taking advantage of system vulnerabilities, semantic attacks take advantage of the way humans interact with computers or interpret messages, exploiting differences between the system model and the user model.
http://cups.cs.cmu.edu/soups/2007/proceedings/p88_sheng.pdf
News from Microsoft
Gatineau - Microsoft's Free Web Analytics Tool
First Look at Microsoft’s Free Web Analytics Tool ‘Gatineau’ (With Slides). Gatineau aims to take on Google Analytics and basic web analytics software vendors. You can solicit an invitation for the limited beta here. The first invitations for the beta are expected to be sent out next week.
Read the article HERE.
Microsoft Launches Own 'Babel Fish'
While Altavista has largely disappeared from the minds of most Internet users since the emergence of Google, the Web property does still have a very popular service: its Babel Fish translator. Now, Microsoft is testing its own translation offering under the Windows Live umbrella.
Like Babel Fish, Windows Live Translator is based on technology from Systran. Users can input a block of text to translate, or select a Web site to translate. There is an option for "computer related content" which keeps the service from translating technology-related words. Little else is known about Live Translator, but Microsoft frequently tests new offerings under Windows Live, some of which survive while others don't.
Source : BetaNews
Google Hints
Top 10 little-known Gmail features
Gmail has a bunch of lesser-known feature that can end up being very useful once you get to know them. I've put together a list of my top 10 favorite features that you may or may not be familiar with.
See the list HERE.
Creating Google Custom Search Engines
A custom search engine (CSE) tells Google which sites to search and which to avoid when dealing with a search query. This makes it much easier to get specific, guided answers to questions about a specific subject area. If you create a CSE you can use your expertise in a subject to control where Google looks for information about that topic.
Read the article HERE.
Anonymous browsing with JAP
When it comes to anonymous Web access, Tor is not the only fish in the sea. If you are looking for a lightweight utility that allows you to navigate the Web anonymously, JAP is more user-friendly. Similar to Tor, JAP sends a user's Web page request through multiple intermediary servers called mixes.
Read the article HERE.
What makes a good surge protector - Part 1
Everyone knows to use a surge protector for their computer.
But which one?
How do you choose?
Welcome to surge protector school.
Read the article HERE.
Smoothwall Express 3.0
Smoothwall Express is an internet firewall, which allows you to protect your network, as well as providing NAT functionality. It is ease to use and configurable via a web-based GUI. This open source firewall distribution requires absolutely no knowledge of Linux to install or use. This workshop shows the installation and basic configuration of the current release Smoothwall Express 3.0.
Read the article HERE.
The Biggest Ever BitTorrent Leak
MediaDefender Internal Emails Go PublicSlashdot reports that MediaDefender works with the RIAA and MPAA against piracy, setting up fake torrents and trackers and disrupting p2p traffic. Previously, the TorrentFreak site accused them of setting up a fake internet video download site designed to catch and bust users. MediaDefender denied the entrapment charges. Now 700MB of MediaDefender's internal emails from the last 6 months have been leaked onto BitTorrent trackers. The emails detail their entire plan, including how they intended to distance themselves from the fake company they set up and future strategies. Other pieces of company information were included in the emails such as logins and passwords, wage negotiations, and numerous other aspect of their internal business."
Read the article HERE.
'Hacker-proof' system? You be the judge
Aerospace giant European Aeronautic Defence and Space has introduced a "hacker-proof" encryption technology that it claims will revolutionize Internet security and bring "cryptography into the 21st century."
Read the article HERE.
Yahoo's social network is here!
Yahoo's rumored social network, dubbed "Mash," has arrived. The company started inviting people outside the company to test it on Friday, the company says in a blog.
Read the article HERE.
Of course, this is just what we need - another social network.
Hackers Heaven.
Owning a Wireless Camera
Another item at Slashdot today says that InformIT has posted a two part article by Seth Fogie that describes how a wireless IP camera can be owned and abused. The first part describes how the cameras feed can be sniffed, replaced, or even DoSed off the air by a PDA. The second part then takes a look at the web application interface of the camera (an Axis207W) and exposes numerous vulnerabilities that lead to exposed passwords, a software based DoS, global XSS — and the kicker — a CRSF attack that through which an attacker can remotely penetrate the network it is installed on.
Weekend Reading
ISPs turn blind eye to million-machine malware monster
Several weeks ago, security researcher Lawrence Baldwin dispatched an urgent email to abuse handlers at OptimumOnline, the broadband provider owned by Cablevision, warning that one of its customers stood to lose more than $60,000 to cyber crooks.
Read the article HERE.
==================================================================
Why We Haven't Stopped Spam
Several years ago when Bill Gates declared that the spam problem would be solved within two years, he appeared to be thinking of SMTP authentication as the heart of that solution. I wouldn't have said what he said, but I was pretty optimistic too. Not anymore. The overwhelming power of inertia seems too much for any solution to take on. People just won't stand for the inconveniences that fixing spam would bring.
Read the article HERE.
==================================================================
Searching for evil: Recommended video
Professor Ross Anderson gives an excellent video on malware, phishing and spam, called “Searching for Evil”. Highly recommended viewing.
Watch the video HERE.
==================================================================
Seven Wonders of the IT World
The fastest supercomputer. The most intriguing data center. The constantly changing core at the heart of Linux. Take a tour of the most impressive and most unusual marvels of the IT world.
Read the article HERE.
==================================================================
Eudora E-Mail Just Won't Die
Some programs just won't die. Qualcomm's Eudora e-mail is making a comeback as an open- source offering. Eudora 8.0 is a mail and news application from Qualcomm based on the open source Thunderbird client from the Mozilla Foundation. A beta of Eudora 8.0 went live Aug. 31. Users can download it and use it for free, while programmers can view the source code, make changes to it, and share it with others in the community.
Read the article HERE.
==================================================================
Python for system administrators
As a system administrator, you run across numerous challenges and problems. Managing users, disk space, processes, devices, and backups can cause many system administrators to lose their hair, good humor, or sanity. Shell scripts can help, but they often have frustrating limitations. This is where a full-featured scripting language, such as Python, can turn a tedious task into an easy and, dare I say it, fun one.
The examples in this article demonstrate different Python features that you can put to practical use. If you work through them, you'll be well on your way to understanding the power of Python.
Read the article HERE.
==================================================================
How Zombie Computers Work
A zombie computer is very much like the agent in "The Manchurian Candidate." A hacker secretly infiltrates an unsuspecting victim's computer and uses it to conduct illegal activities. The user generally remains unaware that his computer has been taken over -- he can still use it, though it might slow down considerably. As his computer begins to either send out massive amounts of spam or attack Web pages, he becomes the focal point for any investigations involving his computer's suspicious activities.
Read the article HERE.
==================================================================
Welcome to Wireless
Municipal wireless and Wi-Fi implementations are popping up all over, but successes have been few and far between. In some ways, the mind-set around municipal wireless technology is much like that around net neutrality: Most people think it's a good thing, but almost no one can agree on what it actually means. That's not stopping muni wireless from wending its way into cities across the United States, each of which is tweaking the technology to suit the needs of its many constituencies, as well as its budgetary concerns. Read the article HERE.
Attacking multicore CPU's
The world of multi-core cpus we have just entered is facing a serious threat. A security researcher at Cambridge disclosed a new class of vulnerabilities that takes advantage of concurrency to bypass security protections such as antivirus software
Read the article HERE.
TD Ameritrade Finds Breach
Online trading company TD Ameritrade alerted more than six million customers Friday that a security breach occurred with its client information database. The database contained such sensitive information as clients' names, social security numbers, date of birth, address, phone number and trading activity.
Read more HERE.
The item above does seem to have an error though - it lists Past Breaches as None, BUT, PrivacyRights lists a previous breach [Dec. 1, 2006] - "According to a letter sent to employees, a laptop was removed (presumably stolen) from the office Oct. 18, 2006, that contained unencrypted information including names, addresses, birthdates, and SSNs".
Cisco confirms DoS vulnerability in IOS
A buffer overflow occurs in the handling of the "show ip bgp regexp" command. The router reboots and has to reconstruct its BGP routing table. Although the problem was made known four weeks ago, no update has yet been released.
Read the article HERE.
Into the world of YouTube
Here's a dream-come-true for Web addicts: college credit for watching YouTube.
Read this original article HERE.
Exploit code appears for Microsoft Agent bug
Less than 24 hours after Microsoft released September's security patches, a proof-of-concept JavaScript exploit code that attacks Microsoft Agent was posted online. It took less than 24 hours for attackers to crank out proof-of-concept code targeting the one critical vulnerability disclosed - and patched - Tuesday morning by Microsoft, security researchers warned.
Read the article HERE.
Microsoft updates Windows without users' consent
Microsoft has begun patching files on Windows XP and Vista without users' knowledge, even when the users have turned off auto-updates. Many companies require testing of patches before they are widely installed, and businesses in this situation are objecting to the stealth patching.
Read the article HERE.
How Windows Update Keeps Itself Up-to-Date
Nate Clinton, Program Manager Windows Update, responds in a blog.
Read the article HERE.
McAfee Avert Labs Blog
Three items of interest today...German laptop computers come with virus
A trojan with a theme song
The end of Downloader-AAP?
Read the articles HERE.
Security White Papers
The Microsoft US National Security Team is composed of strategic security advisors who work with Microsoft customers, partners, MS internal constituencies and the information security industry to promote the adoption of security processes and technologies. The NST also focuses on driving vertical security solutions for a wide range of industries. To this end, the NST has produced a number of white papers that address the specific security needs of particular industries, such as the professional services and financial services industries.
Read more HERE.
Avira Premium Security Suite for 90 days
Regular reader will know that my preferred FREE anti virus product is Avira AntiVir. As with many others in this field, they are now moving into the "Security Suite" field. So if you would like to take this [fully functional] product for a 90 day test run, use the link below.
Avira Premium Security Suite includes the following features:
Award winning AntiVir virus scanner
Email protection (POP3)
Personal Firewall
AntiSpyware
AntiPhishing
Extremely high performance
Rootkit protection
AntiSpam and AntiPhishing
Try for FREE HERE.
Organised crime holding off on mobile viruses
While computer viruses are almost exclusively the work of organised criminals, mobile viruses are largely the work of amateurs, according to an industry expert. Kimmo Alkio, chief executive at F-Secure, told vnunet.com that mobile viruses encountered by his company rarely bore the hallmarks of organised criminal gangs. This stands in stark contrast to the well documented use of worms and Trojans in PCs to build botnets and steal information by identity theft.
Read the article HERE.
Understanding IM as Evidence
Instant messaging is an increasingly popular medium that's sometimes an important link in the prosecution's case. As with every new communication tool, it brings new challenges for criminal procedure. This multilayered technology provides the convenience of e-mail coupled with the immediacy of a phone call. At the same time, its informality allows anonymity and raises concerns about privacy, authentication, best evidence and identification.
Read the article HERE.
QuickTime flaw threatens PC's and Macs
A researcher has demonstrated how a security bug in Apple's QuickTime media player that was disclosed a year ago can cause Firefox to install backdoors and other malware on a fully patched computer. He said both Windows and Mac systems are vulnerable.
Read the article HERE.
New Security Awareness Site
Novel new security education site uses cartoons to help users understand phishing, pharming, and malware. The first clues that this is no typical security education experience are the tap-dancing Elvis impersonators illustrated in one cartoon box, and then the tap-dancing USABank Web Impersonators that follow.
Read the article HERE.
OLD STORY : AOL discontinues Active Virus Shield
Brian Krebs on Computer Security is a regular stop on my news travels, and I often post links to his stories. His items are all well written and usually very informative. So, imagine my surprise at today's story "AOL's Free Anti-Virus Switcheroo". The story has also been picked up by many other "news" providers.
This is an item I covered Friday, August 03, 2007. I know it's been a very slow week for news, BUT... a six week old story... disappointing.
How I broke into a hospital computer
Recently I was able to break into a hospital computer system. I couldn't change settings, alter clinical records, hack into the Pentagon or launch nuclear missiles, but I could and did send and receive e-mail from an unauthorized terminal, surf the Web, and view official hospital documents unchallenged. My story offers some simple, low-tech, common-sense precautions you can take to prevent a similar occurrence at your site.
Read the article HERE.
When ethics and IT collide
IT workers have access to confidential data, and they can see what other employees are doing on their computers or the networks. This can put a good worker in a bad predicament. Bryan, the IT director for the U.S. division of German company, discovered an employee using a company computer to view pornography of Asian women and of children. He reported it but the company ignored it.
Read the article HERE.
Attack of the clones?
The world of misleading applications (aka "rogue antispyware") never ceases to amaze with clever social engineering and tricks to con and persuade users into parting with their hard-earned cash. We have recently noticed a sharp increase in the number of these applications. One example we came across recently that is really contributing to the trend is called AVSystemCare.
This misleading application is unique in two ways:
Read the article HERE.
2007 InfoWorld Bossie Awards
Selected by InfoWorld Test Center editors and reviewers, these first annual Bossies celebrate the best open source software available for the enterprise. From CRM and ERP to OSes and middleware to networking, storage, and security software, our 36 winners prove that if your business is willing and your IT staff is ready, there's an open source solution that's able.
Read the article HERE.
Microsoft Security Updates
Microsoft released a mercifully light batch of software updates today as part of its regularly scheduled "Patch Tuesday" release cycle. Most Windows users will likely have to install just a single security update this time around.
Read more at Security Fix or SANS Internet Storm Center.
Trojans besiege online gamers
Online games have become a major target for fraud in recent years. A study from Kaspersky Labs, published today, dissects the techniques and targets used by hackers to make "easy money" by selling stolen login credentials of users or in-game items on the black market.
Read the article HERE.
Who blocks the (ad) blockers?
If Danny wishes to block Firefox users who have turned Javascript off, he could use implementation differences in Cascading Style Sheets (CSS). Furthermore, due to a trick discovered by uber Web-application security hacker RSnake, it is possible for Web site designers to figure out exactly which Firefox extensions you are running. This was first reported to the Firefox development team in 2005, but has yet to be fixed.
Read the article HERE.
'Virtual' Vulnerabilities About to Become Reality
Hypervisors gone bad. Malware spreading from one virtual machine to another. Virtualization-based rootkits evading detection. Such threats look scary on a PowerPoint slide, but are they worth losing sleep over tonight?
Read the article HERE.
