Prelude as a Hybrid IDS Framework
Category: Security Awareness
Paper Added: March 24, 2009
PSYB0T: A MIPS-device (mipsel) IRC Bot , (Tue, Mar 24th)
(Thanks to several readers for writing in to the ISC and noting how some eMedia outlets have now pic ...
China Becoming the World's Malware Factory (PC World) (Yahoo Security)Brief: Smart-grid firms need security education (SecurityFocus News)
The First Linux Botnet (E-Week Security) Eliminating the Mobile Security Blind Spot (TechNewsWorld.com) (Yahoo News)Hacking The Router Patching Conundrum
New research demonstrating how Cisco routers indeed can be hacked in multiple has put the pressure on for enterprises to set router-patching policies and procedures
ProxyStrike v2.1 Released - Active Web Application Proxy ToolBy Darknet on XSS
In April last year we wrote about ProxyStrike, recently the developer has released a couple of new versions - the latest being v2.1. ProxyStrike is an active Web Application Proxy, is a tool designed to find vulnerabilities while browsing an application. It was created because the problems we faced in the pentests of web applications that [...]
Microsoft 24 hours late with IE8 pwn protectionWhat a difference a DEP makes
Just one day after a little-known hacker dazzled his peers by exploiting the latest version of Internet Explorer 8 beta, Microsoft added an important protection to the browser that probably would have prevented the attack.…
Newfangled rootkits survive hard disk wipingBIOS attack targets PC nether region
Researchers have demonstrated how to create rootkits that survive hard-disk reformatting by injecting malware into the low-level system instructions of a target computer.…
Kiwi telecom inks contract with convicted hackerAkill's killing
New Zealand's No. 2 telecommunications company has hired a 16-year-old botnet herder less than 12 months after he pleaded guilty to six computer hacking and fraud charges following an international investigation.…
PGP email marketing gaffe creates message stormAren't you supposed to be experts at this stuff?
PGP irritated its security conscious customers on Tuesday by making the schoolboy error of sending out an email marketing message to a list of around 300 recipients without using the bcc field.…
Romanian hacking group downs toolsHackersBlog crew weary of the road
A controversial Romanian hacker group famous for exposing security shortcomings on corporate and anti-virus websites has disbanded.…
eCard scammer avoids jailPhishing scam targeted AOL subscribers
A US fraudster who used fake electronic greetings cards to spread malware has avoided a jail sentence for his crimes.…
London health authority put on notice over data breachICO fumes over dumped PCs with patient records
A north London health authority has been given until the end of the month to improve its information security policies following an embarrassing information security blunder last year.…
Following a bouncing WaledacBy Pedro Bueno on waledac
You know that your malware investigation day will be a pain when you reach the first iframe on the webpage… This one was pointing: iframe src=”http://[REMOVED].cn/in.cgi?[REMOVED] This iframe is a redirect to: http:// [REMOVED].hostindianet.com/index.php?[REMOVED] Now it gets interesting. This url contains a script that will send a PDF file, called readme.pdf. As an additional note, this pdf looks like part [...]
Brief: No more bugs for free, researchers sayNo more bugs for free, researchers say
Brief: Smart-grid firms need security educationSmart-grid firms need security education
More companies seek third-party Web app code review, survey findsBy Robert Westervelt
Companies are taking a closer look at software code to find critical vulnerabilities, according to a new survey conducted by the OWASP foundation.
HP patches critical OpenView flawsBy SearchSecurity.com Staff
The remote network software contains flaws that could be exploited to gain access to critical files.
ModSecurity Denial of ServiceModSecurity is "the most widely-deployed web application firewall in the world, with more than 15,000 users. It runs as a Apache web server module and is developed by Breach Security, it's avaliable with GNU GPL and many other comercial licenses". The multipart processor of modsecurity does not sanitize the user supplied input sufficiently. Therefore, an attacker can send a crafted post request of type multipart/form-data which will lead in a remote denial of service.
Autonomy KeyView Word Perfect File Parsing Buffer Overflow VulnerabilityAutonomy KeyView SDK is "a commercial SDK that provides many file format parsing libraries. It supports a large number of different document formats, one of which is the Word Perfect Document (WPD) format. It is used by several popular vendors for processing documents". Remote exploitation of a stack-based buffer overflow in Autonomy Inc's KeyView SDK allows attackers to execute arbitrary code with the privileges of the current user.
8 Great Free Security ToolsYour PC is under attack on all fronts.
Free Utilities to Speed Up and Tweak Your PC
You have a good system, but you can always improve a PC's performance.
Enterprises still neglecting WLAN securityMost European enterprises are neglecting their wireless LAN security, with an alarming number using only the most basic security protection for their wireless networks.
In poor economy, IT pros could turn to e-crimeEnterprises increasingly feel their employees will be more willing to steal data or sell insider knowledge due to the poor economy, according to an annual security survey conducted by KPMG.
German police: Two-factor authentication failingA two-factor authentication system widely used in Germany is failing to stop cybercriminals from draining bank accounts, a top German law enforcement official said Tuesday.
Pethia: InfoSec's Challenges, ChangesA lot has changed in the 20 years since Rich Pethia first took the reigns as director of Carnegie Mellon University's Computer Emergency Response Team (CERT). CERT, which was initially launched as the first Internet security response organization has evolved over the years to focus more on research and training role. Pethia, a CSO Compass Award winner, spoke with CSO about how much IT security and vulnerabilities have changed in two decades.
BIOS-level rootkit attack scary, but hard to pull off
By jhruska@arstechnica.com (Joel Hruska) on rootkit
A pair of Argentinean researchers has demonstrated a BIOS-level exploit that allowed the duo to potentially run a great deal of invisible code—which could remain installed even if the hard drive was wiped. Much has been made of this last bit, but malware attacks against the Basic Input Output System are anything but new.
The CIH (Chernobyl) virus that first appeared in 1998 was capable of bricking a system by rewriting critical boot information in the computer's BIOS with garbage output. Even if you dodged this bullet, CIH's primary payload rewrote the first 1MB of the hard drive. If Chernoybl successfully activated on D-day, the best outcome a user could hope for was an apparently wiped hard drive. At worst, system repair involved physically pulling the BIOS chip and installing another.
Put More IT Spending in Stimulus Plans, Obama Advisor Says
Governments will get better economic returns from investments in technology than other kinds of stimulus programs.
IPod Touch Generates More Traffic Than Most Phones
Data released by AdMob ranks devices based on how often they access the Internet
The Planet Bundles Hosted NAS, Cloud Storage
A partnership with Nirvanix is designed to combine high-speed access with worldwide availability
Macs: Not as Secure as We Thought?
When it comes to technology, security is a relative term.
Solid-State-Drives: The Fastest Storage Eve... Wait a Second
AnandTech digs deep into solid-state storage to discover a punishing result: once you fill your solid-state drive with data, performance suffers!
SB09-083: Vulnerability Summary for the Week of March 16, 2009
Vulnerability Summary for the Week of March 16, 2009
Posts
No comments:
Post a Comment