Aurora Report: April 2009

Wednesday, April 29, 2009

Around The Horn vol.1,91

Finovate: Privacy is dead, long live the PIN

By Josh Lowensohn

What's something we often use for security in the real world but not online? PIN codes. We use them at stores, banks, and ATMs, so why not use them online? For one, a QWERTY keyboard lets you create a much stronger, and often easier-to-remember password than you could with ...

Originally posted at Webware

Microsoft tightens Windows 7 security for USB drives

By Elinor Mills, Ina Fried

In the wake of the Conficker worm spreading via removable storage devices among other methods, Microsoft said on Tuesday it is making a change to the way Windows 7 handles USB drives.

As a result of the change, most USB drives will not be able to automatically launch a program ...

Phishing with Swine Flu as bait

By Elinor Mills

Phishers and spammers have caught Swine Flu fever and are exploiting fears around the outbreak to try to sell pharmaceutical products or steal information, security experts said Tuesday.

The e-mail scams have a subject line related to the Swine Flu and typically contain either a link to a phishing Web ...

Another Adobe Reader security hole emerges

By Elinor Mills

Updated 4:35 p.m. PDT with Adobe saying Windows, Mac and Unix versions of Reader are affected and more details.

Security experts are recommending that people disable JavaScript in Adobe Reader following reports of a vulnerability in the popular portable document format reader on Tuesday.

The vulnerability appears to ...

Industrial Control Systems Safe? I Think Not

By Darknet on power station security

It seems like there is some serious hacking going on, attacks on power stations and industrial control systems. You’d think most of these systems would be offline, or at least behind a solid DMZ. But as we’ve seen before they often get exposed by people plugging into the LAN then accessing the net through dial-up or [...]

Adobe Reader, Acrobat Hit With Another Zero-Day

PDF reader is now a favorite target for attackers, prompting security experts to recommend open-source alternatives

SANS Tells Congress: Feds' Checkbook Is Cyberdefense 'Weapon'

Senate hearing debates whether the White House or the Department of Homeland Security shoudl head up U.S. cybersecurity operations

Security Suffers Cuts In Recession, But Fares Better Than The Rest Of IT

IT security spending sees cutbacks, but situation isn't as dire as in the rest of IT, studies say

Security Vendors Offer More Freebies, Deals To Existing Customers

Customers are asking their vendors for -- and getting -- free enhanced features and better deals from their security vendors

The Cloud Security Alliance looks to standardize security for cloud computing

A wide ranging group has set down principles for cloud security and is seeking help advancing them.

Guide to enterprise password management drafted

I hate passwords. I think passwords are a dreadful way of authenticating identity: they cost a lot, they change too often (and so users write them down), the rules for preventing dictionary and brute-force attacks are generally easy for users to circumvent, there are too many of them (and so users write them… oh never mind), and nothing can stop users from writing them down (and sticking them in their wallets, under their keyboards, behind their screens, in their desk drawers….). And yet we constantly hear non-technical managers resisting smart-token-based authentication or proximity cards because they are supposedly too expensive.

McAfee launches 'online 911' for cybercrime victims

McAfee has launched a new Web site designed to help cybercrime victims recover from hacker attacks.

BitLocker, TPM won't defend all PCs against VBootkit 2.0

Trusted Platform Modules and BitLocker Drive Encryption can protect Windows 7 computers against a bootkit attack unveiled last week but these technologies won't be available on a large portion of computers, leaving millions of users unprotected when Microsoft releases its next version of Windows.

Microsoft retires AutoRun (kinda, sorta)

Security as second fiddle

Microsoft's security team plans to retire a much-abused feature in its Windows operating system that uses flash drives and other removable media to spread malware.…

Adobe users imperiled by critical Reader flaw

Move over, Microsoft

Updated Once again, Adobe is scouring its Reader application for bugs following reports that it's susceptible to two vulnerabilities that could allow attackers to remotely execute malicious code on end-users' machines.…

Loudmouth workers leaking data through social networking sites

Twitter ye not

Almost two-thirds (63 per cent) of sys administrators fear that workers share too much personal information through social networking websites, according to a poll by IT security firm Sophos.…

Hire your very own Fred the Shred

Old school, industrial-grade data destruction

Infosec: DiskShred Ltd and Secure IT Disposals have both introduced services guaranteeing storage device destruction involving lorry-borne industrial grade shredders turning up at your site, chewing up disk and tape drives and grinding them to bits.…

Infosec opens in new venue

Dolly birds and cybercrime

Infosec: Infosec, the annual IT security trade show, kicked off in a new venue on Tuesday with 310 firms competing for attention and security spending.…

Two Adobe 0-day vulnerabilities, (Wed, Apr 29th)

There are two 0-day vulnerabilities on Adobe Acrobat announced today, all current versions are vulne ...(more)...

Internet Explorer 8, now being pushed, (Tue, Apr 28th)

If you were to go to your Windows Update. ...(more)...

Updated List of Domains - Swineflu related, (Tue, Apr 28th)

F-Secure has just published a list of SwineFlu related domains. We have not had a chance to ch ...(more)...

RSA Conference Social Security Awards, (Tue, Apr 28th)

It is confirmed and published that we here at the SANS Institute Internet Storm Center have won the ...(more)...

Senators hear call for federal cybersecurity restructuring

By Robert Westervelt

Congress is mulling over whether to give more authority on cybersecurity issues to the Department of Homeland Security or create a new office within the White House.

Cyberwarfare, targeted attacks pose increasing infosec threat

By Eric Parizo

A malware expert at the Computer Forensics show says despite notable gains for the industry, the danger posed by cyberwarfare and organized crime pose a host of major challenges.

ICE Act would create White House cybersecurity post

By SearchCompliance.com

The Information and Communications Enhancement (ICE) Act would create a White House "cyber office" that would coordinate between government agencies and the private sector.

Former Federal Reserve Bank employee arrested

By SearchFinancialSecurity.com Staff

An IT analyst and his brother allegedly used stolen data, including sensitive bank employee information, to obtain loans.

RSA researcher Ari Juels: RFID tags may be easily hacked

By Neil Roiter

SearchSecurity.com caught up with Dr. Ari Juels and asked the well-known cryptographer about RFID security, cloud storage innovations and his new novel.

Operational risks could mire virtualization deployment, panel says

By Robert Westervelt

Future virtualization platforms and features could cause confusion when managing who owns virtual machines within an organization and how network traffic can be monitored.

Compliance drives opportunities for security integrators

By Kelley Damore

At the 2009 RSA Conference, new regulations and initiatives such as NERC, HITRUST and CNCI could signal some opportunities in healthcare and energy verticals.

White House cybersecurity advisor calls for public-private cooperation

By Michael S. Mimoso, Editor, Information Security magazine

Melissa Hathaway delivered precious few details about her 60-day review of the country's cybersecurity policies and structures during her RSA Conference keynote.

Cloud computing security group releases report outlining trouble areas

By Robert Westervelt, News Editor

The non-profit Cloud Security Alliance says its comprehensive report serves as the starting point for a broader discussion on cloud computing security issues.

SIEM: Not for small business, nor the faint of heart

By Neil Roiter, Senior Technology Editor

Technologists say security information and event management success depends not on the product, but on the risk and information management program implemented with it. Also, small businesses lack the resources to get much value from SIEM systems.

How to Secure Microsoft SharePoint

Enterprises are increasingly turning to affordable collaboration tools such as Microsoft SharePoint to meet the needs of rapid and secure collaboration among their employees, partners and customers. Knowledge Center contributor Shane Buckley explains how IT administrators can secure Microsoft SharePoint in their organization to keep up with security and compliance demands.
- Microsoft SharePoint. These are two words that conjure up both relief and fear. First, the relief: with over 85 million licenses sold and $1 billion in sales, it's clear that organizations are rapidly embracing Microsoft SharePoint as an affordable technology that can solve the not-so-insignificant ...

How to Secure Your Network from Kaminsky's DNS Cache Poisoning Flaw

Savvy network security administrators recognize that multiple defenses offer the best protection against insidious security threats. Knowledge Center contributor Sandy Wilbourn explains what the Kaminsky DNS cache poisoning flaw is and how to secure your enterprise's network from the Kaminsky DNS cache poisoning flaw.
- The seriousness of the recent DNS cache poisoning vulnerability, discovered by security researcher Dan Kaminsky, raises the bar for network security administrators and should provoke development of a comprehensive plan to address this insidious threat. Every enterprise has a caching DNS server and...

How to Unify Identities to Reduce Identity and Access Management Challenges

Organizations struggle with complex, heterogeneous environments that require users to have multiple identities for accessing the applications they need. As these identities grow, they require an increased level of control and visibility, presenting IT with identity and access management challenges in efficiency, security and compliance. Knowledge Center contributor Jackson Shaw explains how a get to one strategy that automates identity administration, consolidates directories and utilizes the organization's existing infrastructure and directory can minimize these identity and access management challenges.
- Today's complex, heterogeneous enterprises contain multifaceted and diverse information systems. The proliferation of the personal computer and the networking of those computers have caused the number and types of systems that are accessed, as well as the number of employees who must be granted acce...

Microsoft Changes Windows 7 Feature to Fight Malware

Microsoft announces it is altering the AutoPlay feature in Windows 7 to prevent it from enabling the AutoRun task for USB devices. According to Microsoft, this was done as a security move because malware, including the notorious Conficker worm, is increasingly abusing the AutoRun feature to propagate.
- Microsoft is building a small but important change into Windows 7 to help slow the spread of malware. According to Microsoft, the company is changing the way the AutoPlay feature operates to prevent it from enabling the AutoRun task for USB devices. The move, Microsoft officials said, was do...

McAfee Move Targets SMB Security

Security vendor McAfee is making a push into the SMB security space with a line of McAfee UTM Firewalls and a new SAAS offering it says could cut costs for businesses. The McAfee Web Protection Service includes anti-malware capabilities and reputation-based filtering.
- McAfee has its eyes on the small and midsize business market with a push based on software as a service and unified threat management. The focus on SMBs follows a similar move by Symantec, which recently announced plans for an SMB-focused version of Symantec Endpoint Protection. In McAfee's case...

Application Security Starts in the Development Lifecycle

Application security starts during the development process. Thwarting hackers means reducing the number of security vulnerabilities out there, something that starts with proper planning, those in the field said.
- IT is an interesting world, one where the Web is simultaneously a key driver for business and a popular gateway for attackers. With both these forces at work, it shouldnt be surprising enterprises are starting to take application security more seriously. Statistics from a recent survey by the Open...

Jeffrey Carr: Projecting Borders into Cyberspace

Projecting Borders into Cyberspace

Brief: JavaScript flaw reported in Adobe Reader

JavaScript flaw reported in Adobe Reader

McAfee Launches Cybercrime Self-help Site (PC World)

In technology

PC World - Antivirus software maker McAfee today launched a new Web site intended to provide advice and services to those who suspect they may be victims of cybercrime.

Conficker worm dabbling with mischief (AFP)

In technology

AFP - The Conficker worm's creators are evidently toying with ways to put the pervasive computer virus to work firing off spam or spreading rogue anti-virus applications called "scareware."

McAfee Launches 'online 911' for Cybercrime Victims (PC World)

In technology

PC World - McAfee has launched a new Web site designed to help cybercrime victims recover from hacker attacks.

How Anonymous Hackers Triumphed Over Time

By Ryan Singel

Anonymous, the troublemaking collective, rigs a Time magazine web poll to make it leader the most influential person in the world. Here's how they did it.

Senator Balks at White House Control of Cybersecurity

Susan Collins, (R-Maine), wants to make sure Congress has an oversight role.

Swine Flu Might Sicken the Net

Analysis: Is the Internet ready for a pandemic?

Experts Disagree on Cybersecurity Role for DHS

Some at the hearing question whether the new White House czar is needed

McAfee Launches Cybercrime Self-help Site

The antivirus company launched a new site today with decent, albeit basic, advice for possible victims of malware or ID theft.

'Hackers Wanted' Ad Fed Security Misconception

I should never be surprised at things related to government security efforts, but I did think the concept of hiring hackers was dead.

Cloud Computing Security: Who Knew?

Cloud computing is big even though there is less than perfect agreement on just what it is.

Tuesday, April 28, 2009

Around The Horn vol.1,90

SB09-117: Vulnerability Summary for the Week of April 20, 2009

Vulnerability Summary for the Week of April 20, 2009

Google Chrome Universal XSS Vulnerability

By Robert A. on XSS

"During unrelated research, I came across a number of security issues that reside in various parts of Google's web browser - Google Chrome. These issues pose a major threat to any user that browses a maliciously crafted page using Internet Explorer and has Google Chrome installed alongside. Using a vulnerability in...

Web 2.0 Application Proxy, Profiling and Fuzzing tool

By Robert A. on Tools

"This tool helps in assessing next generation application running on Web/enterprise 2.0 platform. It profiles HTTP requests and responses at runtime by configuring it as proxy. It identifies structures like JSON, XML, XML-RPC etc. along with key HTTP parameters like cookie, login forms, hidden values etc. Based on profile one can...

Metasploit Decloaking Engine Gets User's Real IP

By Robert A. on Security Tools

"This tool demonstrates a system for identifying the real IP address of a web user, regardless of proxy settings, using a combination of client-side technologies and custom services. No vulnerabilities are exploited by this tool. A properly configured Tor setup should not result in any identifying information being exposed." Essentially this...

McAfee launches free online cyber crime help center

By Elinor Mills

Is your computer acting funny? Are you worried that you may have visited a malicious Web site or opened an e-mail attachment with malware?

Instead of worrying about it you can now go to a new Web site McAfee is launching on Tuesday that is designed to help computer users ...

Puerto Rico sites redirected in DNS attack

By Elinor Mills

An attack on the main domain name system registrar in Puerto Rico led to the local Web sites of Google, Microsoft, Yahoo, Coca-Cola, and other big companies being redirected for a few hours on Sunday to sites that were defaced, according to security firm Imperva.

Those sites and others including ...

Google plugs PC power into cloud computing

By Stephen Shankland

Even at the cutting edge of cloud computing, Web-based applications can be frustrating to write and to use.

Spreadsheets can't sort data well, there are lags between mouse clicks and the program's response, graphics look Mickey Mouse rather than lavish. But Google, among the most aggressive cloud computing advocates, is trying to address some of those shortcomings.

The company has released experimental but still very much real software that brings in some of the power of the PC, where people often use Web applications. Google Native Client--first released in 2008 but updated with a new version Thursday--is a browser plug-in for securely running computationally intense software downloaded from a Web site. And on Tuesday, Google released O3D, a plug-in that lets Web-based applications tap into a computer's graphics chip, too.

The projects are rough around the edges, to say the least. Native Client--NaCl for short--is more security research project than usable programming foundation right now, and O3D exists in part to try to accelerate the arrival of some future, not necessarily compatible, standard for building 3D abilities into Web applications.

$Google Native Client is shown here running a fractal landscape explorer.$

Google Native Client is shown here running a fractal landscape explorer.

(Credit: Google)

But both fundamentally challenge the idea that Web apps necessarily are stripped-down, feeble counterparts to the software that runs natively on a personal computer, and they come from a company that has engineering skill, a yen for moving activity to the Internet, and search-ad profits that can fund projects that don't immediately or directly make money.

"There are things you can do in desktop apps that you can't do in Web apps. We're working very hard to close that gap, so anything you can do in a desktop application you can do safely and securely from a Web application," said Linus Upson, a Google engineering director.

...

Is Malware Heading for Extinction?

By Rik Ferguson on spam

Last week Steve Cutler, Intel’s Technical Marketing Manager, made Intel’s Top 10 technology predictions for the next decade. In a statement reminiscent of Bill Gates misguided prediction, at the World Economic Forum in 2004, of a solution to the Spam problem within two years, Cutler’s prediction number five was especially interesting, it stated: “5. Malware will no longer be a threat [...]

OAT (OCS Assessment Tool) - Office Communication Server Security Assessment Tool

By Darknet on voip-security

OAT is an Open Source Security tool designed to check the password strength of Microsoft Office Communication Server users. After a password is compromised, OAT demonstrates potential UC attacks that can be performed by legitimate users if proper security controls are not in place. Features Online Dictionary Attack Presence Stealing Contact...

Swine Flu Spam

By Chris Barton, Research Scientist and Artemis Geek on Spam and Phishing

The Swine Flu pill spam has started and it’s taking a few Hollywood stars names in vain. Nothing out of the ordinary with the sites on the far end yet though I do expect Oseltamivir [AKA Tamiflu] will get some extra exposure once the affiliate pill sites are updated. Subjects: First US swine flu victims! US swine flu [...]

Security training 101

Installing the latest security hardware and software means nothing if end users don't practice cyber safety. And the best way to get end users to 'think security' is to create an ongoing culture of security at your company.

NewYork State raises the bar for end user security training

New York State is extremely concerned about phishing in general, and more specifically spear phishing, highly targeted phishing attacks designed to penetrate organizations, government agencies, and groups etc.

eBay scammer gets four years in slammer

Busted

A man convicted of swindling more than $259,000 using fraudulent eBay listings and other venues was ordered to serve 52 months in federal prison and pay $252,000 in restitution.…

Pink-slipped BOFH admits to threatening ex-employer's network

Breaking up is hard to do

A system administrator has admitted he threatened to cause extensive damage to his former employer's computer system after he was laid off.…

Reding demands Cyber Cop for Europe

'Member States have been quite negligent'

Europe needs a security tsar to defend and protect its communications networks against attacks from organised crime, rogue states and breakdowns, Viviane Reding has claimed.…

ISPs eye role in Jacqui's mass surveillance system

As long as you're paying for it

The trade body for ISPs has today cautiously welcomed news that the government does not plan to build a massive, centralised database of communications data, but voiced fears about the cost to its members.…

Anonymity proves grey area for IDScan

Redacted 'fake' card details exposed on website

Security software provider IDScan has been left red-faced after a page of supposedly anonymous details of ID cheats on its website turned out not to have been anonymised after all.…

Firefox gets another update, (Mon, Apr 27th)

Didn't I just post about Firefox getting updated? Well, I'm not complaining, good for Mozilla. ...(more)...

Swine Flu (Mexican Flu) related domains, (Mon, Apr 27th)

This is a first cut of a list of Swine Flu related domains. In Europe, this flu is usual ...(more)...

ICE Act would create White House cybersecurity post

By SearchCompliance.com

The Information and Communications Enhancement (ICE) Act would create a White House "cyber office" that would coordinate between government agencies and the private sector.

Former Federal Reserve Bank employee arrested

By SearchFinancialSecurity.com Staff

An IT analyst and his brother allegedly used stolen data, including sensitive bank employee information, to obtain loans.

Adobe Investigating New Vulnerabilities in Reader

Adobe is investigating two new reported remote code execution vulnerabilities in Reader 8 and 9. The flaws have been demonstrated on Linux and are likely to affect other platforms.
- Adobe says they are investigating reports of a new vulnerability in their PDF Reader program. The Adobe report refers to a single vulnerability report on SecurityFocus, but in fact there are two similar reports there, both credited to quot;Arr1val. quot; Both include proof of concept Javascript ...

Qualys Extension to PCI Connect Set To Help SMBs Prove PCI Compliance

With Qualys' new extension to its PCI Connect compliance solution, smaller retailers may have a newfound ability to build complete documents proving their compliance with the most recent PCI specification--provided they enlist the right products and services to cull the data.
- This month at the RSA show in San Francisco, intrusion prevention vendor Qualys announced an extension to its PCI (Payment Card Industry) compliance solution called PCI Connect. The announcement of the extension--which should be available in the July timeframe--essentially boiled down to an inter-ve...

Google Joins Mozilla, Blames IE for Chrome Bug

OPINION: It's an old tradition to blame Microsoft for not doing the security work you should have done yourself.
- Google has fixed a bug in their Chrome browser which could allow cross-site scripting and other dangerous policy violations under interesting circumstances: when Chrome is called from Internet Explorer because a link is executed in IE with the quot;chromehtml quot; protocol handler. Update Chrome ...

Google Chrome, Internet Explorer Caught in Vulnerability Web

Google updates Google Chrome to fix a security vulnerability that would allow hackers to launch universal cross-site scripting attacks. The flaw affects users with the Chrome Web browser installed who visit a malicious Web page with Microsoft Internet Explorer.
- The Google Chrome Web browser and Microsoft Internet Explorer have found themselves at the center of a security issue that could lead to cross-site scripting attacks. Google Chrome has been updated to 1.0.154.59 to fix a security vulnerability in the handling of ChromeHTML URIs (Uniform Resource...

Windows 7's XP Mode and Security

OPINION: It's a brilliant business move to break the upgrading logjam, but is it a risky security move? We don't know enough to say for sure, but it will change things in the security software business.
- For business users who skipped Windows Vista, Windows 7's newly announced Windows XP Mode (XPM) must be intriguing. Yes, you will have to cough up some serious money for new hardware and software, but the really scary and disruptive stuff whether your old software will work is far less of an issu...

Conficker adds new weapon: spam (AP)

In technology

AP - The giant Conficker computer worm, once feared as an out-of-control Internet doomsday machine, seems to have settled — for now — on trying to make money in very predictable ways.

Opportunists exploit swine flu with spam e-mails (Reuters)

In technology

Reuters - Exploiting worries over the swine flu outbreak, spammers flooded the Internet on Monday with millions of e-mails peddling counterfeit drugs as remedies and seeking to steal credit card data, a security firm said.

Salma Hayek's Email Gets Hacked (PC Magazine)

In technology

PC Magazine - Salma Hayek is into designer clothes delivered to her apartment, "Japanese face massages," and iPhone apps from the iTunes store according to the screen shots posted by the hackers who busted into her mac.com account. Pick a stronger password next time, Salma.

As Conficker Turns, Botnets Burn

In Virus and Spyware

Conficker might be interesting to ponder, but the working class botnets are shouldering a heavy load in the background, new research contends.

Infrastructure Security Trapped at Dangerous Crossroads

In Vulnerability Research

Organizations doing business in the critical grid infrastructure space need to up the ante when it comes to IT security, leading experts in the field reported at the RSA Conference.

Hathaway at RSA: Obama Admin's Missed Opportunity

In Virus and Spyware

The Obama Administration missed a huge opportunity by limiting what Cyber Czar Melissa Hathaway could report at RSA.

Catching Up with RSA

In Vulnerability Research

Your faithful blogger hasn't been too faithful, but if you're still curious, stay tuned for some late-breaking RSA coverage.

Is Anybody Watching?

In Virus and Spyware

More organizations may consider restricting employees' Web access related to matters of security. There are proponents on both sides of the debate, but first you need to find out what's happening.

E-Mobsters Continue Brazen Extortion

In Virus and Spyware

A new study from Verizon Bsuiness just reaffirms what we know about organized cyber-crime and our lack of committment to stop it.

Phishing Officially Commoditized

In Virus and Spyware

It's become pretty clear that phishing is everywhere and it's likely only to get more ubiquitous and commoditized.

Job Cuts Leaving IT Systems Open to Attack

In Virus and Spyware

Even with looming job cuts and larger numbers of remote workers, many companies are unprepared to adjust their security defenses, according to a new survey.

Sophos: We're Winning via Simplicity, Integration

In Virus and Spyware

Most organizations are looking for endpoint security that offers integrated functionality with ease of management, according to the company's CEO.

Ghostnet Botnet Fed by Rudimentary Toolkit

In Virus and Spyware

Researchers maintain that one of the drivers behind the sizeable Ghostnet government cyberattack is an easy-to-use authoring toolkit.

Cisco Security Center: IntelliShield Cyber Risk Report

April 20-26, 2009

Report Highlight: Gathering Storm over Cloud Security

Are Network Designs Ready for a Pandemic?

Category: Network Devices

Paper Added: April 27, 2009

Swine Flu: What You Need to Know

By Brandon Keim

With all the news and hype about swine flu, here are the facts you need to know to make sense of it all.

BitLocker, TPM Won't Defend All PCs Against VBootkit 2.0

Lack of broad BitLocker support in Windows 7 means many users won't be protected.

McAfee Launches 'online 911' for Cybercrime Victims

The Web site is a first stop for people who want to take action after a cybercrime

Salma Hayek's MobileMe Account Hacked

So if you're a celebrity (or, well, anyone, really) and you want to make extra sure that people aren't able to easily access...

Spammers Peddle Snake Oil for Swine Flu

Piggybacking on growing health fears, spammers launch efforts to take advantage of global concern about swine flu.

Obama Taps IT Execs for Tech Board

Top executives from Microsoft and Google will be helping the president shape the government's science and technology policies.

Software System Sniffs out Insider Trading

The application will link stock data to news story headlines to detect suspicious stock trading

Europe Funds Secure Operating System Research

Money will ensure five more years of research into developing the Minux operating system

EC's Reding Urges Preventive Action Against Cyberattacks

One month without access to the Internet would cost the EU around €150 billion, commissioner says

How does a pandemic ever end?

By Chris Wilson on explainer

Three influenza pandemics struck the world in the 20th century, including the Spanish flu of 1918 that claimed anywhere from 50 million to 100 million lives. (There were no effective flu vaccines available at the time.) When a flu that contagious spreads across the world, how does it ever die out?

What's happens during a "public health emergency," and what's a "pandemic alert level"?

By Christopher Beam on explainer

As the number of reported domestic cases of swine flu climbed to 20 Sunday, the acting secretary of health and human services declared a "public health emergency." Meanwhile, an official at the World Health Organization said it would decide Tuesday whether to raise its pandemic alert level from 3 to 4. What's the significance of these official declarations?

Monday, April 27, 2009

Around The Horn vol.1,89

RSA 2009: A yawner at best

By Jon Oltsik

In my humble opinion, the RSA 2009 security conference, held this week in San Francisco, was extremely flat compared with past years. Yes, the economy had a lot to do with it. I believe last year's attendance was around 17,000 people, and I've heard that this year ...

Salma Hayek’s Email Account Hacked.

By Rik Ferguson on Salma Hayek

The actress Salma Hayek has reportedly had her MobileMe account broken into. Images that would appear to prove the exploit, along with details necessary to reset the account password have been published over on the well known web site 4chan.org. The anonymous poster also left the information: Her email address is [removed]@mac.com Go to me.com, forgot password, type [removed]@mac.com Her [...]

Splunk, GlassHouse Launch Joint Security Management Service

Splunk search engine teams with GlassHouse IT consultants to offer security management services

SANS: Newest WLAN Hacks Come From Afar

Expert warns that a deadly combination of long-distance remote and wireless hacking could be the next big threat

Security Expert Calls For New Model For 'Demonetizing' Cybercrime, Botnets

Proposal recommends attacking cybercriminals on technical, legal, and financial fronts

Researchers Find Massive Botnet On Nearly 2 Million Infected Consumer, Business, Government PCs

Over 70 government-owned domains infected

Savvis Launches Web App Firewall Service

Savvis introduces Web application firewall service

Symantec Rolls Out Small Business Offerings

Symantec launches new round of security products targeted at small business

DHS opens Global Entry program to Netherlands

DHS has signed an agreement with the Netherlands to jointly recognize each other's trusted traveler programs for air passengers.

Survey: IT high on wish list for new money

State and local public safety agencies want to use new federal money to help fund technology projects, according to a new survey.

Beware of Shady Installers

By Karthik Raman on Web and Internet Safety

Today I came across a program that claims to be an installer for the VLC media player. Innocent, right? Guess again. For starters, the installation file was different from that supplied by the legitimate VLC media player site. At Step 3 of the installation I saw this dialog box: The translation of the message from French is, [...]

Hacking Exposed at RSA

By David Marcus on iPhone

RSA is pretty much over now and it has been a blurry several days. Some real good sessions. Some real good panels. Lots of meeting and interviews and many old friends were seen (shout outs to Dave Perry, Larry Bridwell and Lysa Myers) but I digress….. For me the best session hands down was the Hacking [...]

How can you handle risks that come with social networking?

Social networking — whether it be Facebook, MySpace, LinkedIn, YouTube, Twitter or something else — is fast becoming a way of life for millions of people to share information about themselves for personal or business reasons. But it comes with huge risks that range from identity theft to malware infections to the potential for letting reckless remarks damage corporate and personal reputations.

How scared should you be about security statistics?

Did you know the number of crimeware-spreading Web sites infecting PCs with password-stealing crimeware reached an all-time high of 31,173 in December, according to the APWG (formerly Anti-Phishing Working Group) coalition?

Is mobile computing the Achilles' heel in your organization?

Mobile computing, from laptops to the myriad handheld devices such as smartphones, BlackBerries, iPhones, USB tokens and PDAs, can certainly be regarded as a weak spot in terms of security, says Jonathan Gossels, analyst at consultancy SystemExperts

Seven burning security questions

There's no shortage of burning questions about IT security these days, some sparked by nasty threats, others by economic concerns and some by growing use of social networking and cloud computing.

Can you no longer avoid closely monitoring employees?

The insider threat has always existed, but in an era of economic upheaval and uncertainty, the problem is only magnified. That point came across in a recent Ponemon Institute survey of 945 individuals who were laid off, fired or quit their jobs during the last year, with 59% admitting to stealing company data and 67% using their former company’s confidential information to leverage a new job

Should you choose a strategic security vendor or shoot for best-in-breed?

A huge debate these days is whether to select a strategic security vendor to provide the majority of security products and services the enterprise might require, or opt to evaluate point products, including those from start-ups, with an eye toward best of breed.

Can security processes finally be automated?

Automation of security is a concept with momentum this year as some of the larger federal agencies, including the Department of Defense, National Security Agency, Agriculture and Energy, are pushing for a new direction beyond the current FISMA audit mandate for compliance.

Are security issues delaying adoption of cloud computing?

Security concerns will continue to keep some companies out of the cloud, Mandel acknowledges

Can you say for sure who has access rights to your sensitive data?

In a Ponemon Institute survey of almost 700 experienced IT practitioners from U.S. business and governmental organizations, more than half of the respondents can't say with confidence that the process of assigning access rights is well-managed and tightly controlled within their organizations. That means there are a lot of application or data owners and caretakers that believe their business data can be accessed by people who probably shouldn't have access at all. Where do you fall in this spectrum, and what can you do about it?

The biggest losers in the Oracle, Sun deal

Last week was the annual RSA Conference, which was the reason for lots and lots of press releases being, well, released. Unfortunately (depending on your point of view), most of them got overlooked because two Silicon Valley "legends-in-their-own-time" shook hands on a blockbuster deal as Oracle agreed to purchase Sun.

Ex-federal IT worker charged in alleged ID theft scam

A former IT analyst at the Federal Reserve Bank of New York and his brother were arrested Friday on charges that they took out loans using stolen information, including sensitive information belonging to federal employees at the bank.

The legal risks of ethical hacking

Tracking down malicious computer activity can put researchers on shaky legal footing.

Conficker.E to self-destruct on May 5th?

The evolution of the multi-faceted Conficker worm is expected to take another turn this May 5th when the latest version, Conficker.E, will simply self-destruct

AT&T sends mixed message on behavioral advertising

AT&T's chief privacy officer told U.S. lawmakers Thursday that the company does not engage in behavioral advertising, but the company has apparently used the controversial technology to sell its products, according to a vendor of such services.

Security: The ugly business

Security problems usually don't have elegant solutions. A report from Commonwealth Bank concerning serious ATM vulnerabilities illustrates the issues perfectly.

Rigged Word docs exploit 2008 bug, say researchers

Attackers, probably based in China, are exploiting a December bug in Microsoft Word to hijack Windows PCs, Vietnamese security researchers warned Thursday.

Conficker hype a 'problem,' says FBI cyber-chief

Mainstream media hype leading up to the Conficker worm's April 1 software update may have distracted people from legitimate cyber threats, the U.S. Federal Bureau of Investigation's head of cyber security said Thursday.

Worm solves Gmail's CAPTCHA, creates fake accounts

A Vietnamese security company has detected what it believes is a new worm that thwarts Google's security protections in order to register new dummy Gmail accounts from which to send spam.

McAfee: It's not green to push 'delete spam'

When end users purge unwanted spam from their inboxes, the potential environmental impact of hitting that delete button is probably the last thing on their minds. But Santa Clara-based McAfee said the act of deleting spam and searching for legitimate e-mail contributes to green house gas (GHG) emissions equivalent to 3.1 million passenger cars using 2 billion gallons of gasoline annually.

My Dream Netbook: IT Pros Describe the Ideal Device

Netbook sales will likely grow by 50% in the next two years, according to research firm IDC, but the gadgets will need some more bells and whistles to gain popularity inside enterprises, say IT professionals.

After mass security lapse, RBS Worldpay gets IRS contract

No bad deed goes unrewarded

RBS Worldpay - the electronic payment processor that admitted it exposed sensitive financial records for millions of customers - has been awarded a contract by the Internal Revenue Service to process tax return payments next year.…

Security experts rate the world's most dangerous exploits

Pass the hash...

Criminal hackers continue to penetrate many more company networks than most administrators care to admit, according to two security experts who offered a list of the most effective exploits used to gain entry.…

Odd DNS Resolution for Google via OpenDNS, (Sun, Apr 26th)

We had a report from one of our readers (Deoscoidy) from Puerto Rico had issues reading Google earli ...(more)...

Pandemic Preparation - Swine Flu, (Sun, Apr 26th)

Lots of news about the Swine Flu outbreak in Mexico. Right now, cases are reported in the US, New Ze ...(more)...

To filter or not to filter?, (Sat, Apr 25th)

A reader wrote in today asking about egress filtering. It seemed like a perfect topic consider ...(more)...

Did you check your conference goodies?, (Fri, Apr 24th)

Normal 0 false false false MicrosoftInternetExplorer4 ...(more)...

SANS Internet Storm Center Winner of RSA Social Security Award for Best Technical Blog, (Fri, Apr 24th)

We've been informed that we have won the Best Technical Blog award (though we'd dispute that w ...(more)...

Conficker Virus Begins to Attack PCs: Experts

Conficker now appears to have been activated and is slowing making its ways through different PCs, according to security experts. Conficker, also known as Downadup or Kido, is quietly turning thousands of personal computers into servers of e-mail spam and installing spyware.
- BOSTON (Reuters) - A malicious software program known as Conficker that many feared would wreak havoc on April 1 is slowly being activated, weeks after being dismissed as a false alarm, security experts said. Conficker, also known as Downadup or Kido, is quietly turning thousands of personal ...

Security Vulnerabilities on Tap at RSA

There was plenty of talk about the latest threats at the RSA Conference in San Francisco this past week. Here are a few of the highlights discussed at the show.
- The RSA Conference is much more vendor-driven than shows like Black Hat or ShmooCon, but there is always room for talk about security vulnerabilities and threats in the wild. This year, discussion of the threat landscape touched on everything from browser hijacking to wireless security to attacks ...

Conficker Remains Mystery at RSA Security Conference

After all the hype and a concerted effort by the security research community, much still remains unknown about those behind the Conficker worm. At the RSA Conference in San Francisco, attendees express a mix of skepticism and anticipation about the worm still plaguing Windows PCs.
- The Cyber Secure Institute recently added one more number to think about when the security community hears the name Conficker 9.1 billion. That is how many dollars were lost in terms of wasted time, resources and energy as the cyber-community dealt with the worm, variants of which over the past...

Congress Comes to 'Help' Run the Internet

OPINION: To the proposed Cybersecurity Act of 2009, add work in the House on a privacy act that could end up banning security functions by ISPs. Government regulation at its best is coming to the Internet.
- The early life of the Internet has, perhaps, suffered from an excess of libertarian impulse, even from those who don't think of themselves as libertarians. Fear that the government would impede freedom of individuals on the Internet has led to opposition to just about any opening for law enforce...

Security Vendors Keep Head in the Cloud at RSA Conference

At the RSA Conference in San Francisco, much of the focus was on cloud computing and what vendors are doing to push security into the cloud. From IBM to Cisco to McAfee, vendors were talking up their approaches during the show, which ends today.
- Every RSA Conference has a popular buzzword or phrase. This year it was quot;the cloud. quot; In one way or another, vendors were pushing their answer to handling security in the cloud. Cisco unveiled a number of tools and services in the cloud April 21, even though a day later Cisco CEO John...

Brief: Conficker holds lessons for security firms

Conficker holds lessons for security firms

Congress Considers Limits on Deep-Packet Inspections (NewsFactor)

In business

NewsFactor - At a hearing of the House Energy and Commerce Internet subcommittee Thursday, Congress began the tricky business of trying to understand Internet privacy issues and launched another round of debates about legislation regulating the collection and handling of personal data online.

Conficker virus begins to attack PCs: experts (Reuters)

In technology

Reuters - A malicious software program known as Conficker that many feared would wreak havoc on April 1 is slowly being activated, weeks after being dismissed as a false alarm, security experts said.

Conficker Virus Starts to Attack PCs, Experts Say (PC Magazine)

In technology

PC Magazine - A malicious software program known as Conficker that many feared would wreak havoc on April 1 is slowly being activated, weeks after being dismissed as a false alarm, security experts said.

Pentagon To Centralize Cyber Warfare Command (April 22 & 23, 2009)

US Defense Secretary Robert Gates said he is looking at establishing a "sub-unified command at STRATCOM for cyber (warfare).......

Hathaway Paints Overview of Cyber Security Review (April 23, 2009)

Speaking at the RSA conference, Melissa Hathaway, the US National Security Coucil official, offered a preview of her recently completed 60-day review of the US government's cyber security preparedness.......

EU Telecommunications Bill Held Up by Three-Strikes Implementation Concerns (April 20 & 22, 2009)

The European Parliament's industry committee approved an amendment to a major European Union telecommunications bill that would require approval from "a competent legal authority" before cutting off Internet service.......

Teen Draws Prison Sentence for Botnet and Swatting Activity (April 20 & 21, 2009)

A Massachusetts teenager has been sentenced to 11 months in jail for using a botnet to conduct distributed denial-of-service (DDoS) attacks and for "swatting," or making phony emergency calls that lead to SWAT teams being sent out needlessly.......

IRS Awards Payment Processing Contract to RBS WorldPay (April 23, 2009)

RBS WorldPay, the payment processor that recently acknowledged a security breach that compromised an estimated 1.......

NSA Director Says Agency Does Not Want to Control Cyber Security (April 22, 2009)

National Security Agency Director Lt.......

Defense Science Board Report: DOD Needs Integrated Cyberspace Plan (April 23, 2009)

A Defense Science Board report said that DOD cannot adequately defend its networks from cyber attacks because it lacks centrally managed networks and systems that can respond to the attacks.......

House Committee Seeks Information on P2P Data Theft, Briefing on Fighter Jet Data Theft (April 22 & 23, 2009)

The US House Committee on Oversight and Government Reform has sent letters to Attorney General Eric Holder and Federal Trade Commission (FTC) chairman Jon Leibowitz asking what the Justice Department and the FTC have done to prevent illegal use of peer-to-peer (P2P) filesharing applications.......

Mozilla Releases Firefox Update (April 23, 2009)

Mozilla has released Firefox 3.......

Turnabout is Fair Play (April 22, 2009)

A tool that is used to sniff out Conficker worm infections has been updated to use the same peer-to-peer (P2P) protocol that the malware itself uses to receive communication from those who control it.......

Massive Botnet Claims PCs at 77 Government Domains Worldwide (April 21 & 22, 2009)

Finjan security says it has discovered a botnet that comprises nearly 2 million PCs.......

FBI Arrests Oklahoma Teabagger for Twitter Threats

By Kevin Poulsen

And then they came for me, and there was no one left to tweet it.

A Single Infected PC Spawns Spam by the Millions

Just one bot-infected PC can send 600,000 spam messages daily, when powered by top spam-generators Rustock and Xarvester.

Conficker Variant Expected to Self-Destruct Soon

The Conficker E variant of the worm will detonate on May 5, security researchers say.

News of Mac Botnets Doesn't Mean an Increased Threat (Yet)

The real story behind the Mac malware threat is less sensational than some would make it.

Friday, April 24, 2009

Around The Horn vol.1,88

OAuth Session Fixation Security Flaw Discovered

By Robert A. on Vulns

From the advisory "The attack starts with the attacker logging into an account he owns at the (honest) Consumer site. The attacker initiates the OAuth authorization process but rather than follow the redirect from the Consumer to obtain authorization, the attacker instead saves the authorization request URI (which includes the Request...

Device identification in online banking is privacy threat, expert says

By Elinor Mills

SAN FRANCISCO--A widely used technology to authenticate users when they log in for online banking may help reduce fraud, but it does so at the expense of consumer privacy, a civil liberties attorney said during a panel at the RSA security conference on Thursday.

When logging into bank Web sites, ...

Google fixes severe Chrome security hole

By Stephen Shankland

Google released a new version of its Chrome browser Thursday to fix a high-severity security problem.

The problem affects Google's mainstream stable version of Chrome and is fixed in the new version 1.0.154.59 (download). Google has built Chrome so it updates itself automatically with no user ...

Hacking online games a widespread problem

By Daniel Terdiman

SAN FRANCISCO--It will likely come as no surprise to anyone familiar with virtual worlds and online games that they can be hacked. But what might come as a shock is the sheer breadth of types of exploits that are possible.

That was the broad message of a Thursday panel called, ...

Originally posted at News - Gaming and Culture

Conficker infected critical hospital equipment, expert says

By Elinor Mills

SAN FRANCISCO--The Conficker worm infected several hundred machines and critical medical equipment in an undisclosed number of hospitals recently, a security expert said on Thursday in a panel at the RSA security conference.

"It was not widespread, but it raises the awareness of what we would do if there were ...

Malware on Demand

By Rik Ferguson on malicious code

I came across a very well designed and presented SEO pay-per-click “affiliate program” a couple of days ago. This scheme offers the affiliate a customised “file” (detected by Trend Micro as TROJ_DROPPER.JLA) which you can then distribute to your victims using whichever means are the most convenient for you. Maybe you want to push it out through [...]

Spammers Recover from McColo Shutdown - Spam Back To 91%

By Darknet on symantec

You might remember back in November last year Spam ISP McColo was Cut Off From the Internet and there was a fairly drastic drop in spam e-mail traffic. Well it looks like the spammers have got their acts back together as spam levels are back up to 91% of their previous volume. Having McColo shut down was [...]

Researchers show how to take control of Windows 7

Security researchers demonstrated how to take control of a computer running Microsoft's upcoming Windows 7 operating system at the Hack In The Box Security Conference (HITB) in Dubai on Thursday.

Hathaway advocates direct White House role on cybersecurity

Endorsing a viewpoint that's been gaining currency in the security industry, President Obama's acting senior director for cyberspace Wednesday called for a more direct White House role in coordinating national cybersecurity efforts.

Vendors release password cracking, management tools

As full-disk encryption becomes increasingly used to protect data, new software tools that can recover lost passwords or change forgotten ones are being released.

Symantec: Malaysian SMBs will spend on security

Malaysian small and medium businesses (SMBs) will continue to spend on security and storage, according to security solutions firm Symantec Malaysia.

Flaws in 'Internet SAFETY' bill

Friend and colleague Robert Gezelter points to serious deficiencies in the thinking behind legislation currently under consideration in the House and Senate.

New surveys on small business security and success

Understanding small business is tough because there are so many of them and they vary so widely. But all small businesses share certain problems, attitudes, and approaches to those problems. Let's give a hand to Symantec and Network Solutions for doing their part to discover the state of security and creating (and studying) the Small Business Success Index.

Security promises in the cloud

A survey released this week at RSA is troubling in that it says businesses using cloud services are concerned about security, but don't verify what providers do to meet the security promises they make.

Why the Top U.S. Cyber Official is Losing Sleep

The United States' top cybersecurity official already knew the world's digital infrastructure needed help before she took on a 60-day cyberspace policy review. With the review now complete, she admits the gravity of the situation seeps into her dreams and disturbs her sleep.

Cloud computing a 'security nightmare,' says Cisco CEO

If anyone has the right to be excited about cloud computing, it's John Chambers. But on Wednesday Cisco's Chairman and CEO conceded that the computing industry's move to sell pay-as-you-go computing cycles available as a service on the Internet was also "a security nightmare."

Click fraud rate dropped in Q1

Click fraud, a scam based on the highly profitable search advertising business, dipped in the first quarter after hitting an all-time high in the last three months of 2008.

Criminal Infrastructure Lets Malware Thrive

The lurking Trojan and the password-hungry keylogger are only the tip of the iceberg.

RSA chief calls for inventive collaboration among vendors

Two years after suggesting that independent security vendors were headed for extinction, Art Coviello, president of RSA, is calling for "inventive collaboration" among vendors for dealing with the expanding range of threats facing business and government.

Obama administration said to consider military cyber command

The Obama administration is considering a new military cyber command for protecting Department of Defense networks and developing offensive cyber war capabilities, according to a report in the Wall Street Journal.

Security maven sics 'special ops' on botnet gangs

League of net justice

RSA Sometimes fighting botnets, spam, and other online crime is like raking leaves on a windy day. Bag one operation and almost overnight there are a half-dozen more that take its place.…

For security's sake! Send your kid to hacker camp

No easy fix for doom and gloom

RSA A computer security expert has called on the United States government to train the nation's youth in offensive and defensive cyber technologies so the country is less vulnerable to attacks on its critical infrastructure.…

Doubt cast over ContactPoint security assurances

No, Minister

A UK government minister has issued assurances about the security of the government's child protection database ContactPoint, but the minister's assurances are incomplete, if not misguided, says one expert.…

GPS, swipe cards to monitor Welsh school kids

We know what you're doing at the back, boyo

Councils in North Wales are equipping school buses with GPS and swipe card technology to help monitor attendance and antisocial behaviour.…

Botnet speed test uncovers drag racers of malware

Supercharged spam powerhouses revealed

Researchers have discovered that Zombie machines within the Xarvester and Rustock botnets are capable of sending up to 25,000 junk mail messages per hour.…

Big boost for Aussie firewall

Another shrimp on anti-prawnography trial barbie

The controversial Great Aussie Firewall got a big boost yesterday when Australia's second largest ISP Optus agreed to join the pilot.…

Spy chiefs size up net snoop gear

Deep packet inspection bonanza

The security minister has confirmed officials are considering installing technology that could enable on-demand wiretapping of all communications passing over the internet by the intelligence services and law enforcement.…

Under-caution spam faxer fined over £6,000

Debt firm fax up

A man who sent hundreds of spam faxes while under caution from privacy regulator the Information Commissioner's Office (ICO) faces more than £6,000 in fines for his actions.…

Data Leak Prevention: Proactive Security Requirements of Breach Notification Laws, (Fri, Apr 24th)

I'm beginning to prepare for a talk I plan to give at SANSFIRE 09 on Data Leak Prevention. The talk ...(more)...

Some trendmicro.com services down, (Thu, Apr 23rd)

A couple of people have reported that TrendMicro is having network issues and the following site has ...(more)...

Possible MS09-013 activity, (Thu, Apr 23rd)

Jack sends us notice that Symantec is alerting on possible MS09-013 activity. This information ...(more)...

RSA researcher Ari Juels: RFID tags may be easily hacked

By Neil Roiter

SearchSecurity.com caught up with Dr. Ari Juels and asked the well-known cryptographer about RFID security, cloud storage innovations and his new novel.

Operational risks could mire virtualization deployment, panel says

By Robert Westervelt

Future virtualization platforms and features could cause confusion when managing who owns virtual machines within an organization and how network traffic can be monitored.

Compliance drives opportunities for security integrators

By Kelley Damore

At the 2009 RSA Conference, new regulations and initiatives such as NERC, HITRUST and CNCI could signal some opportunities in healthcare and energy verticals.

Cyberspace Director Urges National Dialogue on Threats (NewsFactor)

In business

NewsFactor - A little over two months ago, President Barack Obama appointed Melissa Hathaway as the acting senior director for cyberspace for the National Security Council and the Homeland Security Council. Her primary task, the president said, was a two-month review of the nation's cybersecurity readiness and to propose improvements.

China insists it does not hack into US computers (AFP)

In technology

AFP - China insisted on Thursday it was opposed to Internet crimes, following a US media report that said Chinese hackers may have been behind a cyber attack on computers linked to a new US fighter jet.

Woz interviewed about hackery, life (Macworld.com)

In technology

Macworld.com - While you may know that Apple co-founder Steve Wozniak tore it up on ABC's Dancing with the Stars and has recently joined hardware startup Fusion-IO, I sure didn't know that he's still using Eudora, a program that I stopped using circa 2002, as his everyday e-mail client.

RSA: The Elusive Structure of the Cyber-criminal Economy

At the RSA Conference in San Francisco, security researchers outlined the underground economy for cyber-crooks. The black market for stolen data is thriving in an increasingly sophisticated and compartmentalized landscape.
- As it turns out, stealing credentials is actually the easy part of cyber-theft. The hard part is using them to steal the get away with pilfering bank accounts. Fortunately for phishers, they have no shortage of help in that regard. This ecosystem of hackers, malware writers and money mules was on f...

FBI Spyware Could Look Like Your Average Trojan

OPINION: For years the FBI has been using a Trojan Horse program to spy on suspects' computers.
- In response to a Freedom of Information Act request the FBI has released some details and history of a spyware program they have used over the years to gather details on suspects' computers, according to a recent article in Wired. Information on the CIPAV or quot;Computer and Internet Protocol Add...

How Terrorism Touches the 'Cloud' at RSA

At the RSA Conference, former U.S. military officer Jeff Bardin showed attendees the cyber-world aspects of terrorism, where supporters of groups such as al Qaeda use social networks to recruit and spread their message. In an interview with eWEEK, Bardin discussed some of the things he has seen online.
- When it comes to the war on terrorism, not all battles, intelligence gathering and recruitment happen in the street. Some of it occurs in the more elusive world of the Internet, where supporters of terrorist networks build social networking sites to recruit and spread their message. Enter J...

Windows 7 Security Enhancements Summed Up

OPINION: Enterprises can expect security of authentication, data protection, privilege levels and the DNS to improve for users running the next client version of Windows.
- The evidence that Windows Vista is far more secure than XP, both in theory and in practice, is abundant. With new features and standards Microsoft hopes to make Windows 7 even more secure, especially for enterprises. A paper on their Technet site explores several new security features in Windows 7 ...

The 10 Most Interesting Products at RSA 2009

More than 450 exhibitors are showing their stuff at this year's RSA Conference in San Francisco. eWEEK Labs' Cameron Sturdevant has been scouring the expo floor to find the most compelling products for the enterprise. This year, virtualization security tools were an area of focus, but old standbys-still very much needed in our Windows XP/physical server world-are garnering attention. Read on for Cameron's picks for the 10 most interesting products at the show and visit https://cm.rsaconference.com/US09/catalog/exhibitorCatalog.do for a complete catalog. By Cameron Sturdevant
- ...

Report Claims DNS Cache Poisoning Attack Against Brazilian Bank and ISP

OPINION: Attack shows the potential for serious spoofing attacks that could leave end users helpless. The only real solution is DNSSEC, which will take years to implement under the best of circumstances.
- An unsubstantiated report claims that a successful DNS cache poisoning attack was conducted recently against Banco Bradesco, a Brazilian bank. The reports are in Portuguese. This Google translation explains it in typically clumsy, broken English. The actual DNS cache belonged to Brazilian ISP...

U.S. Cyber-Security Requires Partnerships, Obama Official Says

At the RSA Conference, cyberspace security official Melissa Hathaway called for increased cooperation between the government, academia and the private sector. Hathaway was in charge of the recently completed review of U.S. cyber-security mandated by the Obama administration.
- Academia, government and the private sector need to come together in the name of cyber-security that was the message Melissa Hathaway brought to this year's RSA Conference in San Francisco. Hathaway is acting senior director for cyberspace for the National Security and Homeland Security counc...

Finjan Reveals 1.9 Million-Strong Botnet at RSA

Researchers at Finjan detailed their discovery of a 1.9 million-strong botnet at the RSA Conference in San Francisco. Some 45 percent of the infected bots are believed to be located in the United States.
- Researchers at Finjan have uncovered a massive botnet controlling some 1.9 million zombie computers. The security vendor disclosed the discovery at the RSA Conference in San Francisco. According to reports, the nearly two million bots include machines in 77 government domains in the U.S., U.K. a...

Mozilla Patches 10 Firefox Bugs, Additional Vulnerabilities Fixed

Mozilla developers have fixed several stability bugs identified in the Firefox Web browser and other Mozilla products. However, these crashes showed evidence of memory corruption under certain circumstances, and Mozilla is cautioning that a dedicated hacker could exploit this aspect to run arbitrary code.
- The Mozilla Foundation posted a quot;critical quot; security advisory on April 21, stating that crashes of certain Mozilla products had revealed evidence of memory corruption under certain circumstances. Mozilla cautions that this corruption could be exploited to run arbitrary code. The affec...

What's the Big Idea at RSA? Virtualization

Virtualization provides the opportunity for a security do-over.
- The lead keynote speaker of the 2009 RSA Conference tried to sound a note of revolutionary change, but did so mostly by proxy. Most of RSA President Art Coviello's remarks on April 21 were vague exhortations for greater cooperation among security vendors and mild instructions for practitioners ...