Saturday, March 31, 2007

April 1 - don't be fooled

On April 1st, friends may play practical jokes on you, and although amusing and sometimes annoying, they’re usually harmless. Unfortunately, not all hoaxes are in good fun. Every day is April Fools’ Day to online scammers and phishing over IM is one of their favorite jokes to play.

Read the article HERE.

eEye issues unofficial patch

The Windows zero-day bug now being used by attackers is extremely dangerous, security researchers said today, and ranks with the Windows Metafile vulnerability of more than a year ago on the potential damage meter. eEye considered it so dangerous that early this morning it released a rare unofficial patch to temporarily plug the dike. This is only the second time that eEye has put out an unsanctioned fix for a Microsoft bug.

Read the article HERE.

Why Encryption Didn't Save TJX

"Despite our masking and encryption practices on our Framingham system in 2006, the technology utilized in the Computer Intrusion during 2006 could have enabled the Intruder to steal payment card data from our Framingham system during the payment card issuer's approval process, in which data (including the track 2 data) is transmitted to payment card issuer's without encryption. Further, we believe that the Intruder had access to the decryption tool for the encryption software utilized by TJX."

Read the article HERE.

I used to be a pirate, but .....

A Superior Court judge, in San Jose [California], ruled Thursday (March 29) that a startup's media server does not violate the security technology used to protect DVD disks because the standard licensing contract and specifications for the technology are so poorly worded.

The CCA believed its licence stated that a movie could only be stored on disk if the DVD remained in the player and that if this were not the case, there would be nothing to stop borrowed DVDs from being illegally copied. Unfortunately for them, the judge thought otherwise.

Read the article HERE.

Copying Vista is now a monster task

With Windows XP, antipiracy measures were a bit of an afterthought. But with Windows Vista, Microsoft had pirates in its sights from the get-go. Even the unique Vista retail packaging--a plastic box with one round corner--was designed, in part, to thwart counterfeiters. And the packaging is just the start; most of Microsoft's antipiracy work is built-into the software itself, meaning that just copying the code and getting a product key isn't enough.

Read the article HERE.

Security prog updates

Zone Alarm

One of the best free and most used Firewall Solutions ZoneAlarm has been updated to version 7.0 which includes critical security update so update your ZoneAlarm.

Read the article HERE.

==============================================
PGP upgrades

PGP Corporation has announced upgrades to its product portfolio. All PGP Encryption Platform–enabled applications now support 32-bit editions of Microsoft's new Windows Vista operating system, in addition to existing support for Mac OS X, providing broad coverage across the most popular computer operating systems. The release also includes improved support for Lotus Notes users, increased support for additional European keyboards, and new technology to secure content on mobile devices and removable media such as USB flash drives.

Read the press release HERE.

Friday, March 30, 2007

Microsoft Security Advisory (935423)

Vulnerability in Windows Animated Cursor Handling

Microsoft is investigating new public reports of targeted attacks exploiting a vulnerability in the way Microsoft Windows handles animated cursor (.ani) files. In order for this attack to be carried out, a user must either visit a Web site that contains a Web page that is used to exploit the vulnerability or view a specially crafted e-mail message or email attachment sent to them by an attacker.

Read the Microsoft Security Advisory (935423) HERE.

Overview Of USB Hardware Keyloggers

There are a lot of software keyloggers available, and I have even done some work on one. This article however is on hardware keyloggers, specifically those that work with USB keyboards. While the PS/2 keyboard may still be more popular, it seems to me that it's on its way out so I thought covering USB keyloggers would be more useful.

Read the article HERE.

==============================================
Keyloggers: How they work and how to detect them (Part 1)

Kaspersky have published a very informative article regading this subject.

Read the article HERE.

TJX Is Biggest Data Breach Ever

In filings with the U.S. Securities and Exchange Commission yesterday, the company said 45.6 million credit and debit card numbers were stolen from one of its systems over a period of more than 18 months by an unknown number of intruders. That number eclipses the 40 million records compromised in the mid-2005 breach at CardSystems Solutions and makes the TJX compromise the worst ever involving the loss of personal data.

Read the article HERE.

Cisco's Mobile Robots for Wireless Nets

Cisco has developed a set of small smart robots, which can act as wireless communications relays, that sense when a mobile user is moving out of service range, and can follow the user to maintain connectivity.

Read the article HERE.

Software releases

Opera 9.20 BETA

Donna's SecurityFlash repotrs on the new release.

Read the article HERE.

==============================================
Microsoft unveils Deepfish

Microsoft showed off a new web browsing technology at this week's O'Reilly Emerging Technology Conference. The technology is called Deepfish, and it attempts to make web browsing on a mobile device more closely resemble the web browsing experience on a computer.

Read the article HERE.

==============================================
WiPeer

WiPeer sets up wireless peer-to-peer networks between PCs, no router, access point or internet required. You can use these ad-hoc networks to share files, chat and even play games with other WiPeer users. Suppose, for instance, you're at a lunch meeting with some co-workers. There's no Wi-Fi network to be found, but you need to share some files. Instead of passing a USB flash drive around the table, you could connect two or more machines via WiPeer. Easy-peasy.
I was able to get the program up and running on two notebooks in about three minutes, and it took only one minute after that to figure out file sharing. This is an ingenious little application that solves the problem of trying to link up two or more PCs without the usual networking hassles.

WiPeer is free. It requires Windows XP and Microsoft .NET 2.0

Source :
Lifehacker

==============================================
Restart 1.56

Restart is a system utility for advanced users with more than one operating system installed on their machine. The program installs an icon in the notification area, and with a single click the computer will shutdown and restart with the selected operating system. The program also includes commands to shutdown the computer in different ways (including stand-by and hibernate), a schedule function, and advanced settings for uncommon configurations.

Please note: this program works in conjunction with the Microsoft boot manager, and it is not compatible with other third-party products.

Freeware. For Windows 95, 98, Me, NT, 2000, XP and 2003 Server.

Download HERE.

==============================================
Boot Camp 1.2 beta


Boot Camp, Apple's solution for installing and dual booting Windows on a Mac, has just pushed out a new release with a few significant changes - most notably, Boot Camp now supports Windows Vista.

Read the article HERE.

==============================================
TeamViewer

Joining the ranks of Crossloop, iRemotePC and LogMeIn, TeamViewer lets you connect to other PCs for remote access, tech support, file sharing and more. The tiny setup program give you the option of configuring your PC in host or client mode, or skipping installation altogether (in which case TeamViewer runs without installing anything).

Read the article HERE.

Hackers build private IM

Hackers have built their own encrypted instant-message (IM) program to shield themselves from law enforcement trying to spy on their communication channels. The application, called CarderIM, is a sophisticated tool hackers are using to sell information such as credit-card numbers or e-mail addresses, part of an underground economy dealing in financial data.

Read the article HERE.

Thursday, March 29, 2007

Dangerous document formats

If you’ve been reading our diaries for last couple of months, no doubt that you are aware of the huge number of exploits directed toward various Office applications, mainly Microsoft Word and PowerPoint. For quite some time a lot of administrators (us included) told people to convert documents to other (safer) formats, one of them being RTF (Rich Text Format).

While RTF is a more human readable format (it is a plain, ASCII file at the end), this does not prevent it from embedding objects that can be very dangerous, as we will see.

Read the article HERE.

Corporate Sloppiness Is Culprit for Data Loss

Expect to see the 2 billionth personal record compromised by year's end, according to recent research from the University of Washington. But don't blame it on rogue hackers; sorry to say, it's your own fault, Corporate America. The majority, 60 percent, of incidents of compromised records were attributed to organizational mismanagement. That includes missing or stolen hardware, administrative errors, insider abuse or theft or accidental posting of sensitive information online.

A problem I mentioneded
yesterday. Read the article HERE.

PayPal wants e-mail messages blocked

PayPal, the Internet-based money transfer system owned by eBay, is trying to persuade e-mail providers to block messages that lack digital signatures, which are aimed at cutting down on phishing scams.

Read the article HERE.

Planned Obsolescence

I think that "Planned Obsolescence" is sadly here to stay; but there's hope, only one: open source. Microsoft has lately perfected the planned obsolescence game with its decision to make flagship products like Internet Explorer 7 not available for previous OS versions like Windows 2000. Cutting updates and no longer releasing patches for insecure products is not enough.

Read the article HERE.

When is a gigabyte not a gigabyte?

A reader wants to know why his new computer — which is supposed to have 4GB of memory — keeps telling him it really has only 3GB. Dell's explanation may make sense, but it doesn't answer your memory question.

Read the article HERE.

Comodo acquires BOClean

Today Comodo Acquired BOClean. One of the oldest and most respected Anti Trojan companies around. BOClean has a very effective engine and more importantly top notch expertise and people in the field. We are happy to announce that Kevin will be joining forces with Comodo and work with us to create world's best Anti malware/virus/trojan/spyware/rootkit product around for FREE!

Read the [forum] post HERE.

Wednesday, March 28, 2007

Is Your Computer A Criminal?

Your home computer may be committing a crime at this very moment. It might be sending out spam. It might be buying stock as part of a pump-and-dump scheme. Or it might be helping attack the Internet itself, silently and invisibly, as you read this story. And the odds your computer is a criminal are quickly rising.

Read the article HERE.

Metasploit 3.0

After a year and a half of development, the latest version of the popular hacking tool Metasploit went live today. Among the hot new features: a friendly Web interface, WiFi exploits, and the ability to launch multiple exploits simultaneously on a network.

Read the article HERE.

Jikto

A new tool too dangerous to give away can turn any PC—Windows, Mac, Linux—or any device with a browser into a site attacker. The tool, called Jikto, is a Web application scanner that searches for cross-site scripting vulnerabilities. Billy Hoffman, a security researcher with SPI Dynamics, demonstrated what the tool could do at the ShmooCon hacker convention March 24. Namely, Jikto, which is written in JavaScript, can surreptitiously latch onto a browser that has JavaScript enabled.

Read the article HERE.

Vista unable to access MSDN

The biggest incompatibility issue between Vista and the normal world I found was hiding in a very unusual place - Microsoft's own developer network. If you use Internet Exploder 7 (either 32- or 64-bit version), MSDN will gladly inform you that you are using an incompatible operating system or that the web-site you are trying to visit is not secure.

Read the article HERE.

Who has stolen my personal details today?

For quality entertainment, you can't beat TV commercials for large investment institutions.
They all have the same message, which is:


'These are scary times for investors, so GIVE US YOUR MONEY!
You can trust us, because we have a large building.'


What that message should be -

Here at [insert organisation], you're not just a number -
you're two numbers, a dash, three more numbers, another dash, and another number.

Sadly, along with our money, we give them our personal details.
And the track records of many of these institutions is pathetic.
Included in this list of shame are also many Government departments.
They seem to have developed losing [our personal] information into an art form.

It's not getting any easier out there - stay diligent.

==============================================
Halifax theft exposes customer mortgage data

UK high street bank Halifax has admitted stolen documents from one of its employees contained data on 13,000 mortgage customers. The documents were in a briefcase stolen from the locked car of an employee last week and the bank yesterday started writing to affected customers, after first reporting the breach to the Financial Services Authority (FSA) and the police.

Read the article HERE.

==============================================
Another laptop goes AWOL

A laptop with details of 11,000 children aged between eight months and eight years has been stolen from a Nottingham hospital. The laptop was one of three taken from an office at King's Mill Hospital in Sutton-in-Ashfield last week. Nottinghamshire Primary Care Trust (PCT) has now informed the families affected and police have launched an investigation.

Read the article HERE.

==============================================
Passwords Exposed By Entertainment Web Site

The list of e-mail addresses and passwords for members' Gmail, Hotmail, Yahoo, and other accounts would turn up in the results of unrelated Google searches if those searches happened to contain at least two keywords that matched the names of Splash members.

Read the article HERE.

Tuesday, March 27, 2007

ID Theft Doubles in Two Months

Online identity theft grew at an unprecedented rate during the first two months of 2007, as its two chief components -- malware and phishing -- skyrocketed at rates of 50 to 200 percent. A study scheduled to be released today by Internet monitoring firm Cyveillance Inc., found more than 3 million pieces of personal information available on the Web, including approximately 320,000 debit and credit card numbers, 1.4 million Social Security numbers, and 1.3 million account login credentials.

Read the article HERE.

Mozilla: Responsible flaw disclosure

Mozilla's security chief has stepped into the debate about the disclosure of security bugs by saying that software developers are at the mercy of bug hunters. Mozilla security chief Window Snyder called on security researchers to follow responsible disclosure guidelines, giving vendors a reasonable amount of time to fix bugs before making them public. As things stand, bug hunters have the whip hand, she argued.

Read the article HERE.

Wireless LAN security myths

It's been two years since I wrote "The six dumbest ways to secure a wireless LAN," and it's probably been one of my more successful blog entries ever, with two flashes on Digg. Since that time, I've written a free electronic book on enterprise wireless LAN security for anyone to use and download from TechRepublic. Since it has been two years, I'm going to update the information with more defined categories and better explain why they're so bad from an ROI (return on investment) and security perspective.

Read the article HERE.

Duping buyers online

It's no wonder there's still an elusive chunk of Internet users -- 50 percent by some accounts -- who still just don't shop online for one reason or another, whether it's for security and privacy concerns or an affinity for touching, feeling, and trying on merchandise in the store.

Read the article HERE.

Monday, March 26, 2007

Microsoft owns up to Xbox Live

Months after Xbox Live users began complaining of hacked accounts, Microsoft yesterday admitted that the service's support staff is at fault, victims of "'pretexting" calls by identity thieves.

As recently as Friday, the company was saying only that it had "found no evidence" of a data breach, and that any thefts had occurred could be blamed on users giving out personal information.

That assertion changed yesterday. Read the article HERE.

Windows weakness can lead to network hijacks

A problem in the way Windows PCs obtain network settings could let attackers hijack traffic, security researchers said Saturday. The problem occurs because of a design bug in the system used by Windows PCs to obtain proxy settings.

Read the article HERE.

Inside the Windows Vista Kernel

Part 3 : This series has so far covered Windows Vista kernel enhancements related to processes, I/O, memory management, system startup, shutdown, and power management. In this third and final installment, I take a look at features and improvements in the areas of reliability, recovery, and security.

Read the article HERE.

OR, start at the beginning [
Part 1 ] [ Part 2 ]

Babylon nG cellphone encryption

If you're an MI5 agent in Europe or just don't want those pesky neighbors using homebrew digital packet sniffing equipment, you can really (really) secure those cellular voice communications between users of the Babylon nG encryption system.

Read the article HERE.

Anti-Spyware Coalition

After a long public comment period, the Anti-Spyware Coalition released final working reports of both the Best Practices and Conflict Resolution documents.

Both documents are now available HERE.

Sunday, March 25, 2007

My National Security Letter Gag Order

It is the policy of The Washington Post not to publish anonymous pieces. In this case, an exception has been made because the author -- who would have preferred to be named -- is legally prohibited from disclosing his or her identity in connection with receipt of a national security letter. The Post confirmed the legitimacy of this submission by verifying it with the author's attorney and by reviewing publicly available court documents.

Read the article HERE.

Hello, My Name Is USB Drive

I shudder at the thought of losing my USB drive. After some consideration, I came up with a few ideas. I figured that if I created a text file with instructions on how to return the drive on the drive root, the finder would probably be able to open it and read the instructions.

Read the article HERE.

Hacking contest takes aim at Apple

Security researchers that want to take a shot a hacking the Mac OS X will get their chance at an upcoming security conference and could take home a fully loaded MacBook Pro

Read the article HERE.

VMware Desktop Virtualization for Mac

VMware's desktop virtualization for the Mac, codename Fusion, allows you to run any PC application on your Intel-based Mac. Fusion's Cocoa-native user interface is designed from the ground up to make running Windows or other x86 operating systems side-by-side with Mac OS X simple and painless

Visit the website HERE.

Weekend Reading

How I Became A Music Pirate

Does DRM drive even honest well-meaning people to piracy? Yes, of course it does. Reader and music lover Jarrett tried to send the following "detailed, passionate complaint letter" to Rhino, but their only reply was:

Read the article HERE.

==================================================================
In Defense of Perimeters and Security through Obscurity

This week's editorial is sure to cause a firestorm with some in the security community. I'm sure my credibility will be attacked from all sides and I'll be shunned by at least half the “experts” forevermore - because I'm about to question two sacred cows:

Read the article HERE.


==================================================================
The Symantec Internet Security Threat Report Volume XI

Twice yearly, Symantec publishes a comprehensive report on the overall worldwide Internet threat landscape. With a dedicated team of researchers, authors, and the support of over 1,800 analysts worldwide, the Symantec Internet Security Threat Report has become one of the largest publicly available reports of its kind.

Take a look HERE.


==================================================================
Red Hat Plans Linux Desktop

Red Hat is planning a packaged Linux desktop solution that it hopes will push its Linux desktop offering to a far broader audience than exists for its current client solution.

The move is designed in part to compete with Novell's SUSE Linux Enterprise 10 platform, which includes SUSE Linux Enterprise Server and SUSE Linux Enterprise Desktop, which were released in July 2006.

Take a look HERE.

==================================================================
The State of System Forensics

Businesses must place a higher value on tracking malware. There are bugs, malware and evildoers out there trying to take over your systems and steal your vital corporate data. It's your job to keep these systems healthy and protected against these threats that are trying to bring them down.
Read the article HERE.


==================================================================
Adobe launches Apollo

The early part of this century has been dominated by software companies moving applications off the desktop and over to the Web. Now, Adobe is offering web developers a chance to move in the opposite direction. The company has released the first developer preview version of its Apollo toolset, which lets Web developers create desktop applications that can interact with any site on the Internet.

Read the article HERE.

Saturday, March 24, 2007

Vista’s Windows Mail vulnerable to attack

A just-disclosed bug in Windows Vista's built-in e-mail program can be used by hackers to run malicious code on a victimized PC, said a researcher today who two weeks ago touted an exploit-for-sale service.

Microsoft acknowledged the report, and said it is investigating the vulnerability.

A hacker known as "Kingcope" published proof-of-concept code to show that remote code execution is possible if a user is tricked into clicking a malicious link.

The error is that Windows Mail will execute any executable file if a folder exists with the same name.

Read the article HERE.

Microsoft denies any Xbox Live fault

Microsoft today blamed Xbox Live network account hacks on users' gullibility, but evidence shows that in some cases the gaming service's own support staff could be unwittingly helping hackers snare players' identities.

Read the article HERE.

LOVE-LETTER-FOR-YOU.TXT.VBS

When working with Windows files it's helpful to know just what type of file you're working with, right? Older versions of Windows used to hide the extensions by default. So, now we have Windows Vista. Turns out, they still have this feature on by default.

What were they thinking? Read the article HERE.

A Fresh Look at Password Thieves

Security Fix recently published information about thousands of U.S. residents whose passwords and other data had been stolen by nefarious hackers. Last week, I received more data about the number of victims caused by the hackers' Trojan horse computer program and more details about the complexity of the attack.

Read the article HERE.

Smart Phone Security

Many common assumptions about the security and privacy of smart phones or other handheld converged devices are off-base or just flat-out wrong. For any high-value target -- whether that's a political candidate or an organization with valuable financial or personal data -- a little more thought ought to go into the process of selecting and deploying any device handling important data. It makes sense then to challenge the more widespread assumptions and consider how to handle oft-ignored risks.

Read the article HERE.

Friday, March 23, 2007

Month of PHP Bugs: Mid-month analysis

We've hit the half-way point through the Month of PHP Bugs (MOPB), and as promised, I created an analysis of all the bugs released up to and including March 16th; that covers the first 24 bugs released for MOPB.

Read the article HERE.

Gozi Trojan

Russian malware authors are finding new ways to steal and profit from data which used to be considered safe from thieves because it was encrypted using SSL/TLS. Originally, this analysis intended to provide insight into the mechanisms used to steal that data, but it became an investigation into the growing trend of malware sold not as a product, but as a service. Eventually it lead to an alarming find and resulted in an active law enforcement investigation.

Read the article HERE.

The problems with Vista : Part 2

When someone upgrades a computer or its operating system, what they're really doing it for is not The Shiny, it's in the hope that it will work better. Sure, glitz is cool, there's no harm in looking good - even the Linux geeks know that. What you want, though, is for your computer to be more reliable, faster or to do stuff it couldn't do before.

Read the article HERE.

Attackers Target Gamers with Spyware

Online players of the video game Omerta have more than the rival gangsters in the computer game to worry about. Cyber-thieves have been spreading spyware disguised as software from Omerta.

Read the article HERE.

Thursday, March 22, 2007

Security Updates for Firefox and SeaMonkey

Mozilla has released new security and stability updates for both versions of its Firefox browser and for its Internet application suite, SeaMonkey. The new updates eradicate a minor FTP PASV port-scanning vulnerability.

Read the article HERE.

End of the road for Firefox 1.5

Mozilla announced yesterday that the organization will only continue to support version 1.5.0.x of the browser through late April. The information came via a security update for both Firefox 1.5 and 2.0, with an extra note saying that the older version will be "maintained with security and stability updates until April 24, 2007." After that date, Firefox 1.5 will no longer receive updates from Mozilla and all remaining users should upgrade to Firefox 2 if they want to keep receiving updates to the browser.

Read the article HERE.

Security flap as Scottish council loses USB key

The breach emerged after a USB key containing 59 documents, many from the council's Environmental Services Department, were recovered near a bike shelter close to the council building at Pullar House. The retired man who found the memory device handed it over to the local paper.

[It seems that business will now have another security problem to address. As well as laptops they can now add USB's to the list. And you have to love the Council's reaction to the incident - "The failure by the finder of the USB device to return it to the council constitutes theft"]

Read the article HERE.

The problems with Vista laid bare

The only problem with Microsoft is that they have no taste. They have absolutely no taste. Bill Gates might have claimed in interviews, a lot of the goodies in Vista have – I'll be diplomatic – drawn inspiration from rival products, primarily Apple's Mac OS X. The trouble is that Microsoft has prioritised the wrong bits, taken the wrong inspiration. And the sad irony is that if it had made different choices, we'd have got a simpler, faster, safer Vista a lot sooner.

Read the article HERE.

Xbox Live fraud on the rise

Several Xbox 360 users have complained that their Xbox Live user IDs, or 'gamer tags', have been taken over while they are playing, and that they were unable to log-in to their accounts at a later point.

Read the article HERE.

Unsuspecting surfers helping hackers

A security researcher has found a way hackers can make PCs of unsuspecting Web surfers do their dirty work, without having to actually commandeer the systems. That's possible with a new security tool called Jikto. The tool is written in JavaScript and can make PCs of unknowing Web surfers hunt for flaws in Web sites.

Read the article HERE.

Wednesday, March 21, 2007

TrueCrypt version 4.3 released

What is new in TrueCrypt 4.3 (released March 19, 2007)

Visit the website HERE.

Creating Obscure Passwords

As some Microsoft Operating System geeks know, you can type many more characters than are on a standard keyboard by using ALT+NUMPAD combination technique. For example, by holding down the ALT key, typing 234 on the number pad, then releasing ALT gives you the Ω character.

These odd characters have two major advantages over normal keystrokes:

1. They are unlikely to be in someone's dictionary or brute force list. Try brute forcing a password like "ace of ♠s" or "I am the α and the Ω".

2. Some hardware key loggers will not log these odd characters. Your mileage may vary on this as some key loggers can, so don't rely on it to keep you 100% safe.

Read the article HERE.

Grab Fingerprint, Then Attack

Hacker "Simple Nomad" showed just how easy it is to hack intrusion detection and intrusion prevention systems yesterday in a briefing at the InfoSec World conference.

First you determine if an IDS/IPS is sitting at the perimeter, and then "fingerprint" it to find out the brand of the device, says the hacker also known as Mark Loveless, security architect for Vernier Networks. By probing the devices, "You can extrapolate what brand of IPS is blocking them and use that to plan your attack."

Read the article HERE.

Researchers Track Down Fake Web Pages

Tens of thousands of junk Web pages, created only to lure search-engine users to advertisements, are proliferating like billboards strung along freeways. Now Microsoft researchers say they have traced the companies and techniques behind them.

Read the article HERE.

on Cellular Hackin

What's going on here? V.T. and N.M. have discovered that every cellular phone possesses a secret mode that turns it into a powelful cellular scanner.

The one thing V.T. and N.M. haven't decided is whether or not they should tell OKI about the bugs - and the possibilities they've found in the phone's software.

Read the article HERE.

Tuesday, March 20, 2007

Microsoft partner: Vista less secure than XP

Security company Kaspersky claimed that Vista's User Account Control (UAC), the system of user privileges that can be used to restrict users' administrative rights, will be so annoying that users will disable it.

Read the article HERE.

Vista's BitLocker vs. Mac's FileVault

Both BitLocker and FileVault are built into the operating system, and they take different approaches to solving the same problem. But if BitLocker and FileVault went head to head in an cage match, who would emerge victorious? Let's take a look.

Read the article HERE.

Stolen Identities Sold Cheap

Recovering from identity theft can take years and cost thousands of dollars. But how much is your identity worth to the thieves who sell it to other fraudsters? Turns out, less than the price of two tickets to the movies.

The going rate for the keys to assuming someone else's identity can be had for between [US]$14 and $18 per victim on underground cyber crime forums. Full identities typically include Social Security numbers, the victim's bank account information (including passwords), as well as personal information such as date of birth and the maiden name of the victim's mother.

Read the article HERE.

US Number One For Malicious Internet Activity

Romanian hackers, eat your hearts out: The United States has far and away the most malicious code, spam, phishing, attack and botnetwork activity on the planet, according to Symantec's most recent semi-annual Internet Security Threat Report.

Read the article HERE.

China displaces Britain as botnet epicentre

China has displaced Britain as the home of the greatest concentration of compromised (zombie) PCs. The world's most populous country accounted for 26 per cent of the world's bot-infected computers, a higher density than any other country. Beijing was the city with the most bot-infected computers in the world, accounting for just over five per cent of the worldwide total.

Read the article HERE.

Monday, March 19, 2007

Happy Birthday [to me]

This blog began twelve months ago - March 19, 2006.
It is 1 year old today.
Work and time permitting I hope to celebrate a few more birthdays.
I have enjoyed doing it - I hope [both of] you also have.

What is OpenID?

OpenID is an open, decentralized, free framework for user-centric digital identity. OpenID is a way to sign-in/log-on to any OpenID supported site - without prior registration - even if it is the first time you have visited that site.

That means you will no longer have to register at every site you visit. Because you are using your OpenID (universal passport) to log onto that web site, you are able to skip all the hassles of choosing uniqe names and dealing with diffrant password polices, also you also don't have to fill in a new application form very time.

Visit the wiki HERE.

==============================================
How to use OpenID (a screencast)

OpenID lets you log in to different sites without having to create a new username and password for each one. This screencast demonstrates OpenID in action.

Watch the video HERE.

==============================================
Certifi.ca - secure OpenID provider

Getting a certifi.ca account is a three-step process, and you've taken the first step by coming to this site! Now, you're two quick steps away from a cryptographically-secure, password-free Web identity.

Visit the website HERE.

==============================================
OpenID and all the hassle goes away

The idea on single sign-in was existed for a while with Yahoo, Google and Microsoft with Yahoo Single Sign-in, Google Accounts and Live Passport respectively.

Read the article HERE.

Software : Steganos LockNote

Steganos LockNote will change the way you work with confidential notes. Application and document in one: the mechanism to encrypt and decrypt a note is part of it. Secure, simple, independent. No installation required.

Visit the website HERE.

Sunday, March 18, 2007

Hackers promise month of MySpace bugs

They won't divulge their real names, they call their project a "whiny, attention-seeking ploy," and they appear to take their fashion cues from Beastie Boys music videos.

But two hackers going by the names of Mondo Armando and M ü staschio promise to begin disclosing security vulnerabilities in MySpace, News Corp.'s popular social networking site, every day next month.

Read the article HERE.

Firefox takes new tack on testing bug fixes

Mozilla Corp. is changing the way it publishes security fixes for its Firefox browser. Over the next day, the open-source company plans to begin delivering bug fixes to a select group of beta testers who will try out the upcoming Firefox 2.0.0.3 version before it is released to all Firefox users.

Read the article HERE.

Are androids dreaming of electric sheep?

OR - Can Operating Systems tell if they're running in a Virtual Machine?

There was some recent news on Windows Vista EULA restrictions relating to Virtual Machines. Vista Home Editions aren't allowed to be run inside a Virtual Machine, and Vista Ultimate in a VM will restrict access to applications which use DRM. We're still waiting for clarification from Microsoft, but it seems like the popular interpretations are basically right. This raises the question - is this a EULA restriction, or is it going to be enforced. Can it be enforced? Can an operating system tell if it's running in a Virtual Machine?

Read the article HERE.

Chinese hackers wake up to malware

Criminals switch from copycats into malware authors. Security researchers are noticing an increase in malware originating from China, which is adding to the challenge of investigating online threats.

Read the article HERE.

Student Hacker Rematch

Students again faced off against experienced hackers at the annual Mid-Atlantic Regional Collegiate Cyber Defense Competition. The students' goal: lock down unfamiliar systems and secure their networks. The hackers' goal: to own the students' networks and steal important data. Seth Fogie witnessed the 2007 real-world competition and reported on the event from the perspectives of both the students and the hackers.

Read the article HERE.

Bypassing Mcafee Entreprise Password Protection

Product Name and Version: McAfee VirusScan Entreprise 8.5.0.i maybe older version too.

Tested on OS: Windows XP, 2003

Read more HERE.

Proof - Of - Concept HERE.

Weekend Reading

Black Hat Woman - Joanna Rutkowska

She hacked the Windows Vista kernel, she administered a Blue Pill to an operating system, and she pioneered rootkit detection research, but Joanna Rutkowska doesn't know how to drive a car.

Read the article HERE.

==================================================================
First Monday

Volume 12, Number 3 — 5 March 2007 [but running a bit late this month]

What open access research can do for Wikipedia
Five heuristics for designing and evaluating Web-based communities
The interaction between technologies and society
Metadata for All
The potential disruptive impact of Internet 2 based technologies

Read the articles HERE.

==================================================================
Data Crash 2027

When you store all the ephemera and all the hard work you've done in your life on someone else's server -- Gmail, Flickr, etc. -- you risk a whole lot more than exposing your life to prying eyes.

Take a look HERE.

==================================================================
The 59 Top Influencers in IT Security

Our list of the most influential security experts of 2007 - from corporate tech officers and government security types, to white hat hackers and bloggers.

Read the article HERE.

==================================================================
News - or is it ?


Many of the websites I link to are excellent providers of news and information. BUT, as they derive their income from advertising, they are under extreme pressure to produce, ON A DAILY BASIS, relevant content.This obviously leads to the same stories appearing on a regular basis, albeit under slighly different headings.

And this has been a pretty slow news week, but if want more "news", try these...

Seven Steps to Safer WiFi - Dark Reading - March 14
Surf At Your Own Risk - Forbes - March 12
Smart USBs Gone Bad - Dark Reading - March 13

Saturday, March 17, 2007

Internet - back to the drawing board

The internet as it stands has numerous shortcomings, so researchers at Stanford University have gone back to the drawing board in an effort to design a better system of communications. In an overview of the project, the researchers explain: "We believe that the current internet has significant deficiencies that need to be solved before it can become a unified global communication infrastructure.

Read the article HERE.

Focus on Forensics

Researchers confirm that very little attention has been paid and resources spent on improving the ability to track the infection and activities of modern stealth malware that doesn't act in ways that a system would find unusual.

Read the article HERE.

Microsoft news

Microsoft allows bypass of Vista activation

Microsoft always says it opposes "software pirates" who sell thousands of unauthorized copies of Windows. But the Redmond company has made things a lot easier for pirates by adding a line to the Registry that can be changed from 0 to 1 to postpone the need to "activate" Vista indefinitely.

Read the article HERE.

==============================================
Can a Rootkit Be Certified for Vista?

Forget what Microsoft says about Vista being the most secure version of Windows yet. More to the point, what do the hackers think of it? In a nutshell, they think it's an improvement, but at the end of the day, it's just like everything else they dissect—that is, breakable.


Read the article HERE.

==============================================
OneCare should not have been rolled out

Microsoft has said that its OneCare security suite has "a problem" with the underlying antivirus code, and admitted that security is just "a little part of Microsoft".

Read the article HERE.

==============================================
Vendor Has 'Conflict of Interest'

It's a "huge conflict of interest" for one company to provide both an operating platform and a security platform, Symantec Corp. CEO John Thompson said during a keynote speech at the Cebit trade show in Hanover, Germany. Although Thompson didn't mention Microsoft Corp. by name, that company's introduction of consumer and enterprise security products to complement its operating systems could hurt Symantec, which currently tops the security software industry by market share.

Read the article HERE.

==============================================
Microsoft paying businesses to use Live Search


As it falls further behind Google, Microsoft tries to boost usage of Windows Live Search by offering financial incentives for big companies to use its search engine. According to John Battelle's Search blog, Microsoft is trying out a new incentive program to try and promote Windows Live Search. The program is targeted at enterprise customers who have large numbers of desktop PCs that their employees use for Internet access.

Read the article HERE.

==============================================
Bill Gates: 2007 Microsoft MVP Global Summit

Keynote Remarks by Bill Gates, Chairman, Microsoft Corporation 2007 Microsoft MVP Global Summit

Read the rest HERE.

==============================================
The weakest link


Windows provides the best platform for security solutions. So I said. Now, let's imagine the perfectly secure enterprise. Everyone is using smart cards to log on to the systems - user passwords aren't used at all. AD, Kerberos and SSL where applicable. What can go wrong?

Read the article HERE.

Friday, March 16, 2007

Microsoft Investigates IE 7 Vulnerability

Microsoft is investigating a new flaw uncovered in Internet Explorer 7 that opens users up to phishing attacks. The vulnerability was discovered by noted Israel-based security researcher Aviv Raff. Using a cross-site scripting attack, an attacker can exploit a design flaw in IE 7, he wrote on his Web site.

Read the article HERE.

Malicious Code Appears on Blogger.com

Blogger.com ( Google ) is one of the most visited blog sites and is becoming a popular site for hackers to post malicious scripts. These scripts have shown up on hundreds of Blogger.com sites. In some cases, a variant of the Stration mass mailer is responsible for directing traffic to the Blogger.com sites.

Read the article HERE.

Photocopiers: The newest ID theft threat

Photocopiers are the newest threat to identity theft, a copier maker said today, because newer models equipped with hard drives record what's been duplicated. At tax time, when Americans photocopy tax returns, confidential information may be easily available to criminals.

Read the article HERE.

Spambuster starts web site

A bloke who won £750 compensation from a UK firm that sent him an email has set up a website offering advice to people who want to take spammers to court.

Read the article HERE.

Thursday, March 15, 2007

ZoneAlarm Anti-Virus broken

A number of users are reporting that the new Kaspersky AV component in the latest ZoneAlarm Security Suite 7 is broken. And broken in such a way as to leave your system unprotected while appearing to be fully functional.

The problem manifests itself after a successful installation with the AV engine corrupting during a system signature update. Once corrupted it simply fails to offer any protection at all, although the user will be none the wiser of this unless they happen to put their protection to the test.

Something as simple as running an EICAR file past the scanner will do the trick.

Read the article HERE.

Bluetooth as Achilles' heel

Bluetooth marketing desensitises users to mobile viruses. More and more businesses are experimenting with Bluetooth advertisements. In doing so they are doing consumers a disservice - because it is almost impossible to tell where a Bluetooth message comes from, they are smoothing the way for the distribution of mobile viruses.

Read the article HERE.

Tracking the Password Thieves

The Washington Post ran a story I wrote about an epidemic of data theft being fueled by password-stealing viruses and phishing attacks. I based the story in part on a cache of stolen data I found online. The data was being compiled by a password-stealing virus that had infected many thousands of computers worldwide; the particular text file that I found included personal information on 3,221 victims scattered across all 50 U.S. states.

Read the article HERE.

How to find stolen laptops

Mark Rasch discusses the legal issues behind the discovery and recovery of stolen laptops that use LoJack-style homing devices to announce their location, and the location of the thieves, anywhere in the world. Bad things happen online. Trade secrets are lost or stolen. Personal information is compromised. Copyrights and trademarks are infringed. Bloggers post confidential, defamatory, or just annoying information. Websites host stolen credit cards, hacking tools and techniques, or other things that you might not want.

In the course of investigating these things, companies or law enforcement agencies frequently need to rely on information in the hands of third parties. An example of this is the various companies that offer data or computer locator services. A sort of "LoJack(tm) for stolen computers.

Read the article HERE.

Apple Releases Software Patches

Apple issued security updates to plug at least 46 separate security holes in its operating system and other software. The updates are available through Apple's site or via the built-in Software Update feature.

Read the article HERE.

Trend takes over HijackThis

Antivirus specialist Trend Micro on Wednesday said it has acquired HijackThis, a tool used to remove spyware from Windows PCs. HijackThis is a free tool developed by Dutch student Merijn Bellekom. The tool is mostly used by technical users to pinpoint spyware infections on Windows machines and help remove them. It has been downloaded more than 10 million times, according to Trend Micro.

Read the article HERE.

Wednesday, March 14, 2007

Microsoft - world's biggest zombie remailer

In China, it would take about one and one-half years wages (for the average Chinese) to buy a legitimate copy of Windows Vista. If you could find it here. Microsoft is the biggest cause of zombie remailers in the world, because they make noises, but do not do anything to address the real digital inequities in the world.

Read the article HERE.

Windows Home Server

Why would anyone need a server at home? Remember that only a few decades ago, the idea of home computers was dismissed by many as a flight of fancy. Now, according to recent statistics there are at least 40 million households all over the world that have high speed Internet access and at least two computers in their homes. Where there are two or more computers, sooner or later there's likely to be a home network. And once there's a network, a server can't be far behind.

Read the article HERE.

Windows Home Server Preview

802.11n Draft 2.0 gets thumbs up

Draft 2.0 of the 802.11n spec has been approved by the 802.11 Working Group, moving the increasingly popular wireless networking technology a step closer to its final form.

Early on in the 802.11n ratification process, we expressed some concerns about vendors selling 802.11n products, but while some early hardware may never see the full benefits of 802.11n's speed (around 200Mbps), it should work fine with Draft 2.0-compliant gear. 802.11n support has now become de rigueur for hardware makers, with the hardware market flooded by laptops and routers trumpeting their support for the faster wireless spec.

Read the article HERE.

Net copes with key character test

Tests have been carried out to see if spelling internet domains with non-English characters will disrupt the smooth running of the net. The tests are a step towards the formal use of non-English character sets such as Chinese and Arabic in domain names. Internationalised domain names will make the net easier to use for the majority of net users who do not have English as their first language.

Read the article HERE.

Intel to release flash hard drives

Intel announced today that the company is releasing its first entry into the flash-based hard drive market. The Z-U130 Value Solid-State Drive will be available in 1GB, 2GB, 4GB and 8GB models and boasts sustained write speeds of 28MB per second.

Read the article HERE.

==============================================
SanDisk Launches 32Gb Solid State Drive

The SanDisk 2.5-inch SSD brings the extreme durability, outstanding performance and low power consumption of solid-state flash memory to the entire notebook computer market.

Read the official press release HERE.

==============================================
Corsair Flash Voyager

My current choice of flash drive already has a 16Gb on the market.

Read more HERE.

Tuesday, March 13, 2007

Avert Labs Blog

Windows Vista Vulnerable to StickyKeys Backdoor

StickyKeys is an accessibility feature to aid handicapped users. It allows the user to press a modifier key, such as the Shift key, and have it remain active until another key is pressed. StickyKeys is activated by pressing the shift key or a modifier key five times in sequence and a beep is sounded. Sounds innocuous, right? Dead wrong!

==============================================
Operation Spamalot: The End of Stock Spam?

The [US] Securities and Exchange Commission announced in a press release on March 8 that it has suspended trading in securities of 35 pink sheet companies that have been the subject of recent stock spam campaigns.

Read the articles HERE.

McAfee maps malware risk domains

A global road map of the riskiest and safest places to surf online found Russian and Romanian sites among the top-level domains most commonly hosting malicious downloads, browser exploits, and scams. A survey of 265 top-level domains by McAfee, dubbed Mapping the Mal Web, revealed large differences in safety from one domain to another.

Read the article HERE.

Seagate ships world's most secure hard drive

Two years after first being announced by Seagate, the world’s most secure hard drive is finally to go on sale in a laptop from system vendor ASI. The groundbreaking 2.5 inch Momentus 5400 FDE.2 (full disk encryption) has had a long and winding gestation, but is now set to be put on sale at the end of March in a real laptop.

Read the article HERE.

Security Is in the Process

It's tempting for most people to be attracted to specific security gimmicks like UAC (User Access Control) when judging how secure a product like Windows Vista is, but that's not what Microsoft people talk about. When you talk to Microsoft technical people (or read their blogs), they talk incessantly about the SDL or Security Development Lifecycle. This is the new way of life at Microsoft that will lessen the number of vulnerabilities in their products. At least that's the plan.

Read the article HERE.

Meet cGrid, the real-time P2P punisher

There's a tool in the war on piracy that's picking up steam, and its proponents are thrilled with what it can do. Dubbed "cGrid," the application is powerful and daunting to those caught in its snares, for it can boot users off the network in real-time if it suspects that they are engaging in P2P file sharing, or even if they are using so-called darknets. As you might expect, the entertainment industry loves it.

Read the article HERE.

New Tool: Virtual Tip of the Iceberg

Starting to get worried about the exposure of those thousands of virtual servers in your data center? The bad news is no one knows for sure what security threats lurk in the virtual world. The good news is, security tools are finally starting to emerge.

Read the article HERE.

Monday, March 12, 2007

Hacker Broadcasts eBay Customer Accounts

eBay has confirmed that, early on the morning of March 8 EST, an alleged Romanian hacker calling himself "Born_To_Scam_American_Guys" posted records for 15 eBay users on an eBay forum for between 40-60 minutes before the company removed them.

Read the article HERE.

Staying safe without anti-virus

Visiting the wrong website can have serious implications For a long time anti-virus software has been in the front line when it comes to stopping malicious programs infecting PCs.

But as the creators of viruses and other malicious programs adapt their methods to exploit the weaknesses of anti-virus software, some are looking to other methods to help them stay safe.

Read the article HERE.

5 Biggest Misperceptions

There are many misperceptions about what a security audit is and should be for.

Here are the five biggest. Read the article HERE.

30 Second Backdoor

A threat that we see very frequently in the lab is the back door named Backdoor.GrayBird or Backdoor.HuiPigeon. Today, I will shed some light on this back door both to show how easy it has become to create a powerful back door with a rich feature set, and also to show why we see so much of this particular back door.

Read the article HERE.

Better than the Average Security Device

Yoggie's Gatekeeper Pro is an engineering marvel—the tiny device provides in-depth network-based threat protection for individual hosts on the go. Yoggie has packed some serious technology into Gatekeeper Pro, which is barely larger than a business card. The 500MHz security processor was designed specifically for security functions, and the dual-memory design makes it difficult for intruders to permanently alter the embedded hardened Linux operating system: One memory unit contains a read-only copy of the device OS, which is automatically written to the second memory unit at device boot time.

Read the article HERE.

Balance sought for SSL WAN optimization

With more and more WAN optimization vendors extending their capabilities to include encrypted traffic, corporate IT executives have a decision to make: Should they trust the security these devices provide?

Rather than passing through SSL sessions between clients and servers located in remote data centers, some WAN optimization gear can terminate the SSL sessions, shrink the traffic and re-encrypt it for the next leg of the trip. These chains of encrypted sessions introduce potential vulnerabilities that different vendors address in different ways.

Read the article HERE.

Sunday, March 11, 2007

Patent: Google Phone

Our patent gurus have discovered an interesting patent filing from Google that could reveal the applications they are planning for the Google phone. Alternatively this technology could even debut in the iPhone when it is released in June.

Read the article HERE.

Security Pros Lax At Protecting Computers

A survey of security and IT managers at the recent RSA conference shows that one-third don't secure their home files or communications.

Read the article HERE.

Don't Let OneCare Eat Your Email

In brief, if you get a virus in an email message received by Outlook, OneCare's next virus sweep may quarantine or delete your entire email store. If you receive a virus via Outlook Express OneCare may quarantine or delete the entire folder containing the virus...

OneCare is aimed at the home and non-technical user - maybe not for you, but for your Granny. So, how well do you think Granny could follow the instructions above to keep OneCare from cannibalizing her email?

Read the article HERE.

A New Spin on Honeynets

Darknets, honeynets: When do you use one or the other? A darknet, allocated but unused IP address space that ISPs and large enterprises have in reserve, is increasingly becoming a useful tool for catching attacks early.

Read the article HERE.

Secondary Copyright Infringement


It's becoming increasingly popular to extend legal responsibility for illegal behavior way beyond the person who actually commits the crime. Bartenders are sued or even charged criminally if a person who buys alcohol from them drives drunk. Gun owners are blamed if criminals steal their weapons and commit murder or robbery. Parents are fined if their teenage children skip school, even if the parent has delivered the child to the schoolhouse door. Vehicle owners get tickets if their cars run red lights - even if they weren't driving.

The concept of holding others responsible has been extended into the copyright arena, too. The recording industry has been sending letters to colleges, threatening to hold them responsible if students download music illegally from their university accounts. ISPs have been served with subpoenas requiring and threatened with legal action if they don't cooperate with RIAA in suing their customers who are accused of illegal downloading.

Read the article HERE.
And the pirate cartoons are HERE.

Weekend Reading

Cyberwar: A threat to business

It's no secret that large U.S. businesses are in the crosshairs of foreign government entities and terrorists. According to Maj. Gen. William Lord, "China has downloaded 10 to 20 terabytes of data from the NIPRNet," the Department of Defense network used for transmitting sensitive information. It is only a matter of time before military and terrorist organizations target commercial organizations. In fact, the Department of Homeland Security recently warned of potential Internet attacks on the U.S. stock market and banking Web sites. Large businesses offer an attractive target and the potential impact is very high. ]

Take a look HERE.

==================================================================
Know your Enemy : Web Application Threats

This technical paper provides behind the scenes detail on various HTTP-based attacks against web applications, including specific examples of remote file inclusion and exploitation of the PHPShell application.

Take a look HERE.

==================================================================
Kaspersky Security Bulletin 2006: Malware Evolution

This report covers the most significant malware related events of the past year and provides an overview of the evolution of the illegal market for malware, as well as examining the current situation. It includes statistical data. The report is primarily aimed at IT security professionals but may also be helpful to users who have an interest in malicious programs.

Read the article HERE.

==================================================================
The 50 Most Important People on the Web


So who's making the biggest impact online? We considered hundreds of the Web's most noteworthy power brokers, bloggers, brainiacs, and entrepreneurs to figure out whose contributions are shaping the way we use the Web. We whittled the list down to the top 50--well, actually the top 62--people, but as you'll see, there are some you just can't separate.

[ I think I came in at 2,537,691 - maybe next year ]
Read the article HERE.

==================================================================
Using doPDF


doPDF5.0 installs itself as a virtual printer driver so after a successful installation will appear in your Printers and Faxes list. To create PDF files, you just have to print your documents to the doPDF pdf converter. Open a document (with Microsoft Word, WordPad, NotePad or any other software), choose Print and select doPDF. It will ask you where to save the PDF file and when finished, the PDF file will be automatically opened in your default PDF viewer, which should be Foxit Reader 2.0 for Windows.

Visi the website HERE.

==================================================================

IPv6

When the ARPANET was designed in the late 1960s, it was outfitted with a Network Control Protocol (NCP) that made it possible for the very different types of hosts connected to the network to talk with each other. However, it soon became clear that NCP was limiting in some ways, so work started on something better.

Read the article HERE.

==================================================================

Saturday, March 10, 2007

DNS Attack - Botnet Sales Pitch

The attackers behind the distributed denial-of-service attack last month on the Internet's DNS root servers may have been doing a little botnet sales pitch, according to a newly-released postmortem report on the attack.

Read the article HERE.

Online Anti-Virus Scans

Periodic online virus scanning is a good idea for Windows users, even for people already using up-to-date anti-virus tools. There are a couple of reasons I suggest this: First, anti-virus software is frequently slow to spot new threats.

Read the article HERE.

Spying Raises Academic Questions

Next week in London the (open) inventor of public key cryptography, Dr Whitfield Diffie, a “distinguished engineer” with Sun Microsystems, California, will be lecturing to the British Society for the History of Mathematics at University College, London. He will compare his own open invention of “public key cryptography” in 1976 with a recent claim that British government cryptographers discovered the same idea six years earlier.

Diffie and colleague Martin Hellman first published the idea in a landmark paper, “New directions in cryptography” in November 1976. Over the next two years, a second group of mathematicians – Rivest, Shamir and Adelman (RSA) - published the first practical technique for implementing public key cryptography.

Read the article HERE.

Vista Forensics - Part One

While the fundamental principles of computer forensics remain largely unchallenged, the landscape upon which investigators operate is constantly changing. A combination of new technologies and changing habits of use means that forensic examiners must always strive to keep up to date with the latest developments. One of the most anticipated new product releases this year is the Microsoft operating system Windows Vista. Vista was under development for a long time with Microsoft promising a raft of new features together with major improvements to security.

Read the article HERE.

An Introduction to TOR

This video is a brief introduction to the use of the Tor anonymizing network in Windows.

Watch the video HERE.

Friday, March 09, 2007

OpenPGP presentation bug

A flaw in the way encryption programs present data to users makes it possible for a block of unsigned and unencrypted data to appear no different to users from encrypted data in a message.

Read the article HERE.

eBay goes hacker hunting

More than two months after breaching eBay's employee servers, a hacker who calls himself Vladuz remains at large, despite the best efforts of the online auctioneer's security team and officials with law enforcement agencies in the US and eastern Europe.

Read the article HERE.

No Patch Tuesday This Month

Windows PC users and corporate system administrators worldwide will earn a reprieve from Redmond next week. Microsoft said today it has no plans to release new software security updates this month.

Read the article HERE.

All Microsoft updates phone home

Possibly as a reaction to heise Security's report that Windows Genuine Advantage Notification sends back data to Redmond even when users choose to terminate its installation, a Microsoft developer using the pseudonym alexkoc has now posted an entry in the WGA blog. There he reveals that every update that flows through Windows Update at the very least informs Microsoft about whether the installation was successful or not.

Read the article HERE.

File Distribution Safety

In the tradition of lightweight, open standards like OpenID, a standard for public key access could make file distribution safer and serve as a springboard for new PKI initiatives.

Read the article HERE.

Thursday, March 08, 2007

Text Message Snagging

Lost in the intriguing story of a Wal-Mart employee who allegedly spied on a New York Times reporter was this tidbit: The "technician" managed to pluck text messages out of the air and read them, according to the company. And these messages weren’t just communications between Wal-Mart employees and a professional journalist covering the firm; innocent bystanders and their messages also were swept up in the spying, it said.

Read the article HERE.

Breakout Testing Tool

Renowned researcher HD Moore and startup BreakingPoint Systems's "baby" has finally arrived -- the company is launching its new all-in-one network and security testing appliance that Moore helped build.

Read the article HERE.

Mozilla patches faulty patch

The Mozilla Foundation has patched a faulty patch that was itself subject to a security vulnerability. A security update for Firefox and the SeaMonkey application suite issued in mid-December left users open to a JavaScript-related privilege escalation flaw that meant hackers could commandeer vulnerable machines

Workaround - Upgrade. Disabling JavaScript does not protect against this flaw.

Read the article HERE.

Windows Mail and Firewall Rules

If you are like me who want to control who’s communicating with your application, example Windows Mail (the successor of Outlook Express), you will use a firewall rules to limit the inbound and outbound connections made by Windows Mail.

Below are firewall rules I’ve set-up for Windows Mail to use using Norton Internet Security 2007. If you have other firewall software, you can do this too as long as the firewall is not application-based but a rule-based firewall:

Read the article HERE.

Leak Hunters

Would you know if one of your employees was giving away insider information in a Web chat room? Would you know if a phisher was using your company's email template to fake messages to customers? Or if a competitor or reseller was misusing your company's brand to further their business?

Read the article HERE.

Wednesday, March 07, 2007

eBay users targeted by advanced Trojan

eBay users are being targeted by an advanced Trojan that attempts to redirect traffic so it can silently bid on a car from the auction site's car site, Symantec is warning. It is the latest security headache for eBay, which has faced an onslaught of complaints from some users who say fraud on the site has increased to unacceptable levels over the past few months.

Read the article HERE.

How dangerous is Skype?

There's been a lot information - and misinformation - available about whether Skype is dangerous to corporate networks and individual users. How dangerous is it? In this article, I'll separate the truth from the myths when it comes to Skype vulnerabilities.

Read the article HERE.

Hacking with smart phones

You're at a conference outside the office when your smart phone receives a sensitive e-mail projecting your company's fiscal health for the next six months, with details of a top-secret project that will rock Wall Street. You know enough to not read the message, so you save it. But later, back at the office, your boss is outraged; a competitor has just announced the very same project and is now reaping the stock price rewards that come with being the first to announce it. You remember that a representative of this competitor was seated just across the conference table from you. No one in the room had a laptop, only their smart phones.

Read the article HERE.

Apple Patches QuickTime Flaw

Apple has addressed a heap corruption vulnerability in its popular QuickTime media player. The flaw can be exploited remotely, and allows an attacker to execute arbitrary commands as the current user. Security researchers at VeriSign's iDefense Labs confirmed the vulnerability exists in version 7.1.3 of QuickTime on Windows, and previous versions are suspected to be vulnerable as well.

Read the article HERE.

WGA notification just doesn't stop

As announced, Microsoft has updated its Windows Genuine Advantage Notification. Microsoft uses the tool to "convince" users to buy original software if the WGA check finds that a stolen Windows activation key is being used. But the tool also calls Redmond if the user cancels installation.

Read the article HERE.

Stormy weather for malware defenses

When the Storm Worm swept through the Internet in mid-January, the program's writers took a brute force approach to evading antivirus defenses: They created a massive number of slightly different copies of the program and released them all at the same time.

Read the article HERE.

Tuesday, March 06, 2007

Laptop Hardware Keylogger

BitForensics has announced the release of the world's first laptop hardware keylogger. The first units will be available to the public on March 18th, 2007. The "KeyCarbon Raptor" card records all typing on a laptop keyboard, plugs into the Mini-PCI slot of a laptop computer, and stores captured keystrokes on the onboard 256MB MicroSD card.

The "
KeyCarbon Raptor" card is 100% passive, is undetectable by any software running on the host PC, and requires no drivers. As the card is completely invisible to the Operating System (OS) it does not slow the computer down or drain system resources.

Read the article HERE.