Saturday, February 16, 2008

The Last Post

Due to a change in circumstances, I will no longer be able to continue with this blog. The second anniversary was fast approaching, and I have enjoyed it, but alas, nothing lasts forever. All readers visit a number of sources for their news, so if the links below are not on your list, you may like to add a few.

Donna's SecurityFlash
Help Net Security - Off the Wire
heise Security

Krebs on Security
Threat Level -
MSMVPS.COM [Blogs by Current and Former Microsoft Most Valuable Professionals] Security News [4 feeds]

Goodbye, Farewell, Adios and Many Thanks

Monday, February 11, 2008

Conferences is done and dusted for another year, and being the caring and sharing open source types that they are, they've kindly recorded all the talks and tutorials which were given to share with the world wide web. You can browse the topics and download them here - OGG is the video, SPX is the audio. If you're in a Windows environment, you can use the open source app VLC to view the OGG files.

Read more HERE.

Official Defcon 15 recordings online
After 6 months, Defcon has put the official recordings on their website. There are 122 video and audio files in total.

Have fun!


ESET SysInspector
ESET SysInspector is an application that thoroughly inspects your computer and displays gathered data in comprehensive way.

Read the article HERE.

New versions of Aircrack-ng WLAN
The developers of Aircrack-ng have published two new versions of their WLAN security-testing suite. The latest stable version 0.9.2 of airmon-ng supports more drivers than its predecessor and fixes some bugs. Airodump-ng can now handle 5-GHz channels, and Aireplay-ng can now talk to the real-time clock under Linux. The unstable version 1.0 has also been updated to Beta2

Read the article HERE.

My Lockbox
My Lockbox is a free program that can quickly hide and password protect a folder and all files/folders within it from being shown in the Windows files system, and will do so under Windows safe mode as well.

Read the article HERE.


Apart from The Pirate Bay guys, most tracker administrators are acutely aware of the risks they expose themselves to, and do everything they can to hide in the shadows. We speak to a tracker owner to find out the kind of measures these guys take in order to protect their identities.

Read the article HERE.

Avoid Downloading Fake Torrents
BitTorrent tracker SeedPeer ensures quality torrents by verifying downloads before it seeds them in its verified torrents section. That means that if you've ever spent hours downloading a torrent to find that you'd been duped by a fake download, you should be able to download with confidence from SeedPeer's verified torrents.

Read the article HERE.

YouTorrent is “the world’s first real-time torrent comparison search engine” according to the site itself. The site is a meta search engine, which means that it doesn’t host any torrent files itself. It currently searches 12 sources; Mininova, The Pirate Bay, IsoHunt, MyBittorrent, NewTorrents, SuprNova, Monova, Vuze, BitTorrent, LegitTorrents, SeedPeer and BTjunkie.

Read the article HERE.

Top 10 BitTorrent Tools and Tricks
BitTorrent is the go-to resource for downloading everything from music and movies to software and operating systems, but as its popularity continues to grow, so do the number of tools available for making the most of it. Some are must-haves, while others are a waste of time. Climb aboard for a look at 10 of the best BitTorrent utilities, tools, and resources for finding and managing your BitTorrent downloads quickly and efficiently.

Read the article HERE.

TechNet Magazine - February 2008

Sharepoint : Office Communications Server : High Performance Computing : Microsoft Office

Read the magazine HERE.

Sunday, February 10, 2008

Hackers Exploiting Adobe Reader Flaw

Security Fix has learned that at least one of the security holes in the popular Adobe Reader application that was quietly patched by Adobe this week is actively being exploited to break into Microsoft Windows computers.

Read the article HERE.

Solving Online Identity Theft

Imagine you could prove you were 21 without revealing your date of birth -- or anything else about you, for that matter. Or qualify for a loan without disclosing your net worth. Or enjoy the benefits of e-commerce, e-health and e-government without a moment's fear that you are open to identity theft. Sound impossible? It is. But it won’t be if cryptographer and entrepreneur Stefan Brands has his way.

Read the article HERE.

Another google horror story

I'm a very experienced internet user, which is part of why I've asked not use my name. I'm the -last- person that should be a phishing victim, yet it happened to me. Since it happens to internet professionals far less than, say, the clueless relatives of internet professionals, of course we blame it on the user.

The design problem is you want the site's interface to be uniform every time you visit, this tells the user "this is the real gmail". But this is what the phishers are exploiting. If the site was somewhat different every time you visited, it would be jarring and perhaps cause more people to look at the URL to make sure they were in the right place. Bank of America uses a "personal icon" that you should see to ensure it's the right server. It's not the most elegant solution, but it is a step in the right direction.

Read the article HERE.

The Coolest Hacks of 2007 - Part II

Just when you thought it was safe to go back online, we offer a new round of offbeat attacks that might make you think twice. Bluetooth, taxicabs, printers, unlaunched browsers, toasters, and road signs: Each was hacked in the past year by inventive researchers whose curiosity got the best of them. The coolest hacks are like that.

Read the article HERE.

The Flow of MBR Rootkit Trojan Resumes

Back in final weeks of 2007 the GMER team discovered the emergence of a new rootkit that hooked into the Windows master boot record (MBR) in order to take control of a compromised computer.

Read the article HERE.

'L0pht ' Reunion on Tap

Former rock bands have done it, and now a 1990s hacker group is getting back together -- for at least one show, anyway. Several members of the famed hacker group The L0pht Heavy Industries will reunite in March on a security conference panel.

Read the article HERE.

Saturday, February 09, 2008

Crack for Windows Live captcha

Spammers are using a sophisticated piece of software that can create thousands of Windows Live email addresses by cracking the protections designed to prevent the large-scale creation of fraudulent accounts.

Read the article HERE

New Authentication Scheme Proposed

Researchers have built a prototype authentication technique that could ultimately reduce the risk of attackers hacking users' credentials via a keylogger or spyware.

Read the article HERE.

To sudo, or not to sudo

If you've dabbled even a little bit with security matters, you know that giving root rights or the root password to a common user is a bad idea. But what do you do if a user has a valid need to do something that absolutely requires root rights? The answer is simple: use sudo to grant the user the needed permissions without letting him have the root password, and limit access to a minimum.

Read the article HERE.

It's raining security updates

Mozilla pushed out a new update of Firefox on Thursday that fixes ten security vulnerabilities, three of which are deemed critical.

Read the article HERE.

Antivirus company's Web site hacked

The Web site for Indian antivirus vendor AvSoft Technologies has been hacked and is being used to install malicious software on visitors' computers.

Read the article HERE.

Changing the face of flaw disclosure

The old image of vulnerability researchers is the teenage outcast tinkering away in the basement, finding flaws in Windows machines, Oracle databases and Cisco routers and releasing proof-of-concept exploit code at will to the dismay of the affected vendor. But somewhere along the way, something changed.

Read the article HERE.

Friday, February 08, 2008

Third of security practices useless

In a presentation here yesterday, Tippett -- who is vice president of risk intelligence for Verizon Business, chief scientist at ICSA Labs, and the inventor of the program that became Norton AntiVirus -- said that about one third of today's security practices are based on outmoded or outdated concepts that don't apply to today's computing environments.

Read the article HERE.

JavaScript zaps iPhone and iPod

Security researchers have discovered you can crash an iPhone through the medium of a cleverly crafted webpage. The exploit, dubbed a "memory exhaustion remote denial of service vulnerability" by the SecurityFocus website, affects Apple's Mobile Safari web browser, a key component of both the iPhone and the iPod Touch.

Read the article HERE.

The Storm Worm's Family Tree

New research suggests that the infamous Storm worm has its roots in a computer worm that first surfaced as early as 2004, two-and-a-half years prior to Storm's widely-recognized birthday.

Read the article HERE.

Microsoft News

MS Patch Tuesday Barrage
After a relatively light Patch Tuesday load in January, Windows administrators are bracing for a barrage of security updates from Microsoft. According to the software maker's advance notice mechanism, there are 12 bulletins slated for release Feb. 12. Seven of the 12 will be rated "critical," Microsoft's highest severity rating.

Read the article HERE.

Final Version of Vista SP1 Test
Microsoft's newly released Service Pack 1 may solve some of the performance glitches that have annoyed Windows Vista users and discouraged others from adopting the OS, but it doesn't appear from our initial tests to be a panacea. In our first tests of the service pack, file copying, one of the main performance-related complaints from Vista users, was significantly faster. But other tests showed little improvement and in two tests, our experience was actually a little better without the service pack installed than with it.

Read the article HERE.

Microsoft responds to Save XP petition
In response to Infoworld's petition and other pro-XP outpourings of support, a Microsoft spokesperson in the US told Computerworld: "We're aware of it, but are listening first and foremost to feedback we hear from partners and customers about what makes sense based on their needs. That's what informed our decision to extend the availability of XP initially, and what will continue to guide us".

Read the article HERE.

Microsoft cuts Windows 7 features - already
Features are being shed left and right. The latest one is graphics a API, DirectX 11 in this case. From what we are told by reliable sources. MS was keen on having DX11 be part of Windows 7. DX10, which while technically pretty nifty, is saddled with Vista as an arm twist mechanism, so it is taking off like a water buffalo with bunions and a weight problem.

Read the article HERE.

Thursday, February 07, 2008

When security improvements backfire

Recently, when conducting an (authorized) security review at a small web hosting provider, I ended up as "root" on all their Unix systems within a matter of hours, and did not even need any l33t buffer overflow or the like. Well-meaning system administrators had tried to improve security of their servers, and had unwittingly ended up making life much easier for the bad guys.

Read the article HERE.

Adobe, Apple Issue Security Updates

Adobe has released an update to its free Adobe Reader application that corrects more than two dozen bugs, including several security holes. Separately, Apple this week pushed out a patch to plug a single security vulnerability in its iPhoto application.

Read the article HERE.

Hack Your Home Router Challenge

In the wake of two fairly bad stories about cross-site request forgeries (CSRF), there’s a new challenge on the wind: Hack your home router! The catalysts for this challenge were some recent real-world CSRF-based attacks -- a user's domain being compromised due to a hole in Gmail, and Mexican banking customers' credentials getting stolen after their routers were compromised.

Read the article HERE.

TrueCrypt 5.0 Released

Among the new features are the ability to encrypt a system partition or entire system drive (i.e. a drive where Windows is installed) with pre-boot authentication, pipelined operations increasing read/write speed by up to 100%, Mac OS X version, graphical interface for the Linux version, XTS mode, SHA-512, and more.

Read the article HERE.

Nmap looks better than ever

The 4.50 release includes Zenmap, a cross-platform GUI front end for Nmap which includes a command creation wizard, a scripting engine, and a host of other improvements. At age 10, Nmap may be the most popular network security tool in the world. Given its power, ease of use, and the excellence of its documentation, it's not hard to see why. Security professionals and casual desktop users alike can benefit and learn from this tool. If I had a "must have" list of all the apps I use, Nmap would rank near the top. If you're not familiar with it, grab it and give it a go.

Read the article HERE.

FAR Manager goes open source

I’ve been extremely happy over the last several days when I discovered that the FAR Manager, one of the tools that we use quite a lot in Avert Labs, has recently been released as open source under a BSD license. What is exactly FAR? Well, FAR is an advanced file manager that is heavily customizable and extensible.

Read the article HERE.

Predators prefer IM and chat rooms

Quick, picture an Internet sex predator. If you're like many members of the public, you probably pictured a middle-aged man clicking away on social networking sites like Facebook and MySpace as he lies to kids he meets about his age and intentions. Such a picture doesn't survive an encounter with data, though; social networking sites are actually safer than chat rooms and instant messaging, while most perpetrators are upfront about both their ages and desires.

Read the article HERE.

Security Metrics - How Often Should We Scan?

I get this question from Nessus users and Tenable customers very often. They want to know if they are scanning too often, not often enough and they also want to know what other organizations are doing as well. In this blog entry, we will discuss the many different reasons why people perform scans and what factors can contribute to their scanning schedule.

Read the article HERE.

Wednesday, February 06, 2008

Heads Up Internet Explorer Users

A plug-in for Microsoft's Internet Explorer Web browser that helps users upload photos to popular sites such as Facebook and Myspace contains multiple security holes. To make matters worse, hackers have now published instructions showing how to exploit those flaws to break into vulnerable systems and install software.

Read the article HERE.

Holes in numerous ActiveX controls

Users of Yahoo's Music Jukebox should consider uninstalling the software. Several security holes in two of its ActiveX controls allow attackers to manipulate a system and infect it with malware via a crafted web site visited using Internet Explorer.

Read the article HERE.

Overhaul of net addresses begins

The first big steps on the road to overhauling the net's core addressing system have been taken. On Monday the master address books for the net are being updated to include records prepared in a new format known as IP version 6.

Read the article HERE.

Microsoft replaces Vista kernel

One of the “big” features discussed in early speculation of Windows Vista SP1 was the kernel upgrade, which was supposed to bring the operating system into line with the Longhorn kernel used in Windows Server 2008. And yet with Vista SP1 going RTM, there hasn't been so much as a peep from Microsoft about the mooted kernel update.

Read the article HERE.

The future of network security

Enterprise connectivity is exploding, driven by globalization, convergence, virtualization and social computing. As corporate perimeters dissolve, the security focus switches towards application and data-level security solutions. The question to ask is what are the longer-term implications for network security? Will it become redundant or could it grow more powerful? Only one thing seems certain: It will be different from today.

Read the article HERE.

Tuesday, February 05, 2008

Antivirus testers now all on same page

Nearly two dozen companies announced on Monday the creation of an organization to set best practices and standards for the evaluation of antivirus software.

Read the article HERE.

Keep Your E-mail Private and Secure

Do you think of e-mail as a digital postcard or a signed and sealed letter?
Read the article HERE.

Big trouble with teen hackers

Teenagers, including children as young as eleven and twelve years old, are increasingly becoming involved in serious cyber-criminal activity that exposes themselves and the users they target to a full range of dangerous repercussions.

Read the article HERE.

Cyber Security Bulletins: Release Date - Feb 4

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cyber Security Division (NCSD) / United States Computer Emergency Readiness Team (US-CERT).

Read this weeks bulletin HERE.

iPhone security 101

After getting access to an iPhone Unix shell, you can observe that every process runs as root. This is why the jailbreak process succeed, as the exploitation of the libtiff vulnerability through MobileSafari provided unlimited privileges on the device. Any future security flaw in any iPhone application can lead to a similar complete system compromise.

Read the article HERE.

News, Hints, Tips, Tricks & Tweaks

Read this weeks articles at WXPNews HERE.

Ettercap automates the malicious middleman

Man in the middle (MITM) attacks can be devastatingly effective, providing hackers with all kinds of confidential information and, just as seriously, giving them the opportunity to feed false information to victims. These attacks involve a hacker diverting packets which are meant to flow between a victim's computer and another machine - usually an Internet gateway – so that they flow through the attacker's computer, where they can be inspected and changed before being passed on.

Read the article HERE.

Gestapo---> KGB---> FBI

Those of you that think you missed the glory years - by being born late, or in the wrong country - will now have the opportunity to experience living in a police state. "The FBI is gearing up to create a massive computer database of people's physical characteristics, all part of an effort the bureau says to better identify criminals and terrorists. The bureau is expected to announce in coming days the awarding of a $1 billion, 10-year contract to help create the database that will compile an array of biometric information -- from palm prints to eye scans".

Read the article HERE.

Monday, February 04, 2008

BullGuard releases a free spam filter

Danish security company BullGuard announced it will offer its spam filter product as a free download. The BullGuard Spamfilter (download) integrates with Microsoft Outlook, Outlook Express, Windows Mail, and Mozilla Thunderbird e-mail clients. It runs on Windows 2000, XP, and Vista.

Read more HERE.

Sneak Peak at 'Hardy Heron'

Hardy Heron, the next release from the Ubuntu Linux team, isn't due until April 2008, but already the early alpha releases are filled with significant changes and improvements. Alpha 4, the most recent release of Hardy Heron, features a new BitTorrent client, new CD/DVD burning tools and PulseAudio which will be the new audio handler.

Read the article HERE.

The Gizmo Report: Fire-Safe

Designed to protect CDs, DVDs, flash drives, iPods, etc. from fires lasting up to two hours at temperatures up to 1,850° F. And the really cool thing is that it'll also protect a 2.5" USB hard drive...while the drive is operating and connected to a computer outside the safe via a USB passthrough in the safe door. So for the first time, your backups can be continuously protected, even if you're not around.

Read the article HERE.

Pocket Supercomputer

Accenture's "Pocket Supercomputer" is in fact a phone behaving like a thin client. It can be used to send images and video of objects in real time to a server where they can be identified and linked to relevant information, which can then be sent back to the user.

Read the article HERE.

Sunday, February 03, 2008

Windows SteadyState

Episode #129 :Leo and I examine and discuss Microsoft's "Windows SteadyState," an extremely useful, free add-on for Windows XP that allows Windows systems to be "frozen" (in a steady state) to prevent users from making persistent changes to ANYTHING on the system.

Read the article HERE.

The Buzz Around Fuzzing

Security researchers long have sworn by it, and now many enterprises, developers, and service providers are turning to an increasingly popular method of identifying security vulnerabilities: fuzzing.

Read the article HERE.

Ubuntu 8.04 (Hardy Heron) alpha 4

Ubuntu 8.04 alpha 4 was officially released today and is now available for testing. This alpha offers an early look at some of the features that will be included in the final 8.04 release, which is scheduled for April. Codenamed Hardy Heron, Ubuntu 8.04 will be the second long-term support (LTS) release, which means that it will be supported on the desktop for three years and on the server for five years.

Read the article HERE.

Universities fend off phishing attacks

In an ongoing attack, students and faculty at nearly a dozen universities and colleges have been targeted by phishing e-mails since the middle of January. The e-mail messages masquerade as missives from each school's help desk, asking that the student confirm their username and password as well as requesting more personal information, including date of birth and country of origin.

Read the article HERE.

U.S. tests its hacker defenses

In February 2006 the biggest-ever "Cyber Storm" war game was held to test the nation's hacker defenses. According to hundreds of pages of heavily censored files obtained by the Associated Press, the $3 million, invitation-only war game simulated what the U.S. describes as plausible attacks over five days against the technology industry, transportation lines and energy utilities by anti-globalization hackers. The government is organizing a multimillion-dollar "Cyber Storm 2," to take place in early March.

Read the article HERE.

A great place to work

Zell's idea is that we've been wasting our time. If cyberloafers get their work done, a little loafing is irrelevant. And if they don't, they should be penalized for not getting their work done, not for what they do online. That's a problem for their managers to address, not something for IT to worry about.

Read the article HERE.

From Myth to Reality: IT Risk Management

Symantec launched Volume II of the IT Risk Management Report, entitled “IT Risk Management – From Myth to Reality.” It analyzes the results of interviews with more than 400 IT executives and professionals from around the world during 2007. As the title implies, the report takes a look at the truth behind four common myths around IT Risk Management.

Read the article HERE.

Saturday, February 02, 2008

Simple hack defeats last barrier

In the morass of Web 2.0 insecurity, Gmail and other Google-hosted services stood out as a beacon of hope. That's because they were believed to be the only free destination that offered protection against a decade-old vulnerability that enabled hackers to steal sensitive authentication details as they pass over Wi-Fi hotspots and other types of public networks. Now, we know better.

Read the article HERE.

Mozilla upgrades status of vulnerability risk

The Mozilla Foundation has reclassified a recently published hole in Firefox, as a high risk vulnerability. The flaw gives attackers access to local data on a computer running the browser using add-ons.

Read the article HERE.

SkypeFinds another security snafu

SkypeFind lets users recommend businesses, or post reviews, to others running the voice-over-IP client. Problems have arisen because Skype has neglected to sanitise a field designed to pass across reviewers' names (even though it does clean up data provided in the business item entry and text submitted in a review).

Read the article HERE.

Shark3 Malware is in the Wild

And so, the Shark3 malware is continuing its development. What's new? Anti-debugger capabilities in particural against - VmWare, Norman Sandbox, Sandboxie, VirtualPC, Symantec Sandbox, Virtual Box etc.

Read the article HERE.


Assume for a moment that Microsoft-Yahoo goes through without a hitch. What does the world look like afterwards? Here’s the book on what might come next.

Read the article HERE.

Friday, February 01, 2008

RealPlayer Labeled 'Badware'

An industry-academia group designed to raise public awareness about software that violates fair information and privacy practices has labeled recent versions of RealPlayer video streaming software as "badware," charging that the software surreptitiously installs pop-up ad serving software as well as the Rhapsody media player engine.

Read the article HERE.

Even SSL Gmail can get sidejacked

When Robert Graham demonstrated how Web 2.0 wasn’t safe at last year’s Blackhat, it was thought that at least the SSL mode (HTTPS) of Google Gmail would be spared from sidejacking. That presumption now appears to be false according to this updated blog posting from Graham. Even with SSL enabled, Gmail sessions can still be hijacked by Graham’s Hamster and Ferret (or less easily with Wireshark and Mozilla’s cookie editor).

Read the article HERE.

The Microkernel Debate - Part II

Over the years there have been endless postings on forums such as Slashdot about how microkernels are slow, how microkernels are hard to program, how they aren't in use commercially, and a lot of other nonsense. Virtually all of these postings have come from people who don't have a clue what a microkernel is or what one can do. I think it would raise the level of discussion if people making such postings would first try a microkernel-based operating system and then make postings like "I tried an OS based on a microkernel and I observed X, Y, and Z first hand." Has a lot more credibility.

Read the article HERE.

Beating Anonymity Technology

Technologies that promise users anonymity on the Web might not be all they're cracked up to be, according to a dissertation published recently by a doctoral candidate at the University of Cambridge's Computer Laboratory.

Read the article HERE.

Interview with a Wii hacker

Last night, Atomic talked to Wii hacker Bushing about every conceivable aspect of Wii hacking. To make things even more incredible, the first “Hello World” program to ever to run on a Wii was executed during our discussion.

Read the article HERE.

Pirate Bay Future Uncertain

The world of illegal downloading suffered a severe blow Thursday when Swedish authorities charged four people for operating the world's most popular BitTorrent site -- The Pirate Bay-- which allows users to retrieve free movies, music and video games, much of which is copyrighted.

Read the article HERE.

US mobile numbers for sale

An online directory that claims to provide 90 million mobile telephone numbers is raising concerns among cell phone users and privacy advocates about unwanted callers who rack up the minutes on their calling plans and the difficulty of opting out of the list.

Read the article HERE.