Password reminders: hard to remember, but easy to hack
By jtimmer@arstechnica.com (John Timmer) on web
Forgetting which password you used for a rarely used shopping site can be a pain, one that's often made worse by the fallback authentication method. If you're like me, you're often stumped by which of your past pets you considered your favorite two years ago, or whether you put a "the" in front of your favorite sports franchise when first registering. Those sorts of failures should be worth it, since they add an extra layer of security to the password recovery process.
Except they don't.
Google result-manipulating Gumblar exploit picking up steam
By jacqui@arstechnica.com (Jacqui Cheng) on security
Security researchers are stepping up their warnings about the Gumblar malware exploit as it continues to hijack webpages and manipulate Google results. Gumblar recently got the attention of the United States Computer Emergency Readiness Team (US-CERT), which noted on its website that Gumblar is alive and well and continues to circulate by hijacking vulnerable Web applications, poor configuration settings, or simply by stealing FTP credentials.
Experts who have been tracking Gumblar since March say that the malware directly manipulates files on Web servers after getting access to them. From there, the attack changes the files to inject scripts and distribute more malicious code out of gumblar.cn or from other, varying IP addresses. The code appears to target sites that show up in Google searches, according to the ScanSafe STAT Blog, and although Google began delisting compromised websites months ago, the code keeps changing, keeping Google on its toes.
Flaw in encryption armor discovered
By Tom Espiner
An underlying flaw in the widely used encryption protocol Open Secure Shell (OpenSSH) has been made public by researchers from the Royal Holloway, University of London.
The flaw, which lies in version 4.7 of OpenSSH on Debian/GNU Linux, allows 32 bits of encrypted text to be rendered in ...
'Gumblar' attacks spreading quickly
By Matthew Broersma
The attackers behind a series of rapidly spreading Web site compromises have begun using a new domain to deliver their malicious code, security experts say.
The attacks, collectively referred to as "Gumblar" by ScanSafe and "Troj/JSRedir-R" by Sophos, grew 188 percent over the course of a week, ScanSafe said ...
Protecting yourself from vishing attacks
By Marguerite Reardon
You might have heard about online "phishing" scams designed to steal money from unsuspecting Web users, but now criminals are using another type of scam called "vishing" to commit the same crimes.
Last week, the Federal Trade Commission filed lawsuits against two telemarketing firms in Florida and a company claiming ...
Originally posted at News - Wireless
Google Poisoning Attack Gumblar Still Causing Problems
By Darknet on web search security
I thought this would have been stamped out by now, but sadly it’s still going on. With the advent of cheap web hosting and easy to use CMS systems like Wordpress more and more people are managing their own websites (gone are the days of Geocities). More people with websites means more FTP details to be [...]
Mediterranean Hack Wave Maps Regional Upswell
In Virus and Spyware
Growth of hacking in the Mediterranean region illustrates a classic path for global cybercrime evolution.
Security Researcher: Microsoft Downplaying IIS Vulnerability
In Vulnerability Research
A researcher from security firm nCircle accused Microsoft of gamesmanship in their description of a vulnerability in their IIS Web server software he contends is more serious than they are letting on.
McAfee -- not RSA -- Hooks Up with EMC to Secure PCs Online
In security
This item is a bit strange. McAfee, the world's second-largest IT security company behind RSA Security, said May 18 that it plans to partner with storage giant EMC to offer online PC backup services. This is odd for this reason:...
Increasing School IT Security Breaches Causing Headaches
In superintendents
Elementary and high school districts are always under pressure from parents, school board members, teachers' unions, truant trackers -- you name it. My hat's off to district superintendents; this is no job for the faint of heart. Anyway, there's another...
Health IT program needs ID management
The Obama administration's health IT initiative needs strong identity management tools to protect patient privacy, according to vendors, providers and other experts at a panel today.
GAO cites information security weaknesses
The Government Accountability Office says agencies continue to face major information security vulnerabilities despite making progress in complying with FISMA requirements.
iPhone Security, Part 2
Steinberger: Based on my personal observation and analysis, the main security constraints imposed by the iPhone Operating System are as follows.
Web Site Hijack Morphs, Continues to Grow
In an attempt to stay one step ahead of security companies, the Gumblar web attack has jumped over to using a new domain to pull its malicious software.
Security group to consider wireless, virtualization standards for payment-card industry
The PCI Security Standards Council may address requirements related to the use of virtualization and wireless technologies by payment-card handlers.
Fraudulent iTunes charges are worth watching for
Credit card fraud and identity theft on the Internet are nothing new--these days, they're just a fact of life. But in case you're not already keeping close tabs on your monthly credit card statement, here's yet another reason to be vigilant: iTunes-related fraud.
Klingon Anti-virus Available for Download. Really.
They walk the warrior's path and they devour horrible-looking bowlfuls of red worms, but hey, Klingons need malware protection too.
Web sites infested with major new malware attack
There is a new security threat for Web users to watch out for and its name is JSRedir-R.
Wi-Fi hikes security by adding to WPA2 requirements
The Wi-Fi Alliance has expanded its WPA2 certification program to include a tool for secure handoffs between Wi-Fi and 3G networks, as well as an authentication system that uses multiple secured tunnels.
Study: Secret questions don't safeguard passwords
Even if your spouse doesn't know your e-mail password, he or she probably knows enough information to get it.
Sophos: JSRedir-R surpasses other Web-based malware
A new web-based attack, JSRedir-R, has blown all previous Web-based malware out of the water, and is currently being found six times more often than its nearest rival, said Sophos Tuesday.
New Windows netbooks may harbor malware
Kaspersky Labs is warning users to scan brand new systems for malware before connecting them to the Internet after discovering attack code on a just-out-of-the-box Windows XP netbook.
Microsoft confirms serious IIS bug, downplays threat
Microsoft late Monday confirmed that its Internet Information Services (IIS) Web-server software contains a flaw that could let attackers steal data, but it downplayed the threat.
Cybersecurity groups pledge to work together
Three cybersecurity groups want to create a network of organizations and people focused on securing the Internet in an effort to combat malicious software.
ISPs need more oversight and regulation
The Internet service provider industry is a rats and mice business that needs greater regulation and oversight said Alastair MacGibbon, former director of trust and safety at eBay, and prior to that, the former director of the High Tech Crime Centre.
Cybersecurity groups band together in malware fight
'A chain of trust'
Three cybersecurity groups said Tuesday they plan to band together to combat the growing scourge of malware.…
Gumblar Google-poisoning attack morphs
Drive-by download juggernaut relocates and picks up speed
A Web attack that poisons Google search results is getting worse, according to security researchers.…
Deleted Tweets found living in the hereafter
Web 2.0 - Where blunders never die
Careless Twitterers are in for a healthy dose of Web 2.0 reality with the advent of a site that shows it's not really possible to purge errant tweets, as the microblogging site might have them believe.…
Six months on, Macs still plagued by critical Java vuln
No Java applets for you!
More than six months after Sun Microsystems warned that a flaw in its Java virtual machine made it trivial for attackers to execute malware on end users' machines, the vulnerability remains unpatched on Apple's Mac platform.…
BBC asks nicely to run second hacking demo
Lovely manners make new Trojan attack a happier experience
The BBC has followed its recent controversial botnet demonstration with a new filmed demo of how a Trojan attack works - except this time it made sure to ask nicely.…
Ford crushes half-price hybrid hoax
Credit crunch car sale nonsense quashed
Ford has stepped forward to debunk a hoax email suggesting the motor firm was selling new models of a hybrid car at half price in response to the global financial crisis.…
Gut instinct no protection against net scams
OFT research hits the right mark
Those who rely on gut instinct and are open to persuasion are more at risk of falling prey to internet scams, according to a research sponsored by the UK Office of Fair Trading.…
Police force eBay scammer to cough up ill-gotten gains
Jailbird only has £102,206.04 to hand
Lancashire Police have obtained a confiscation order to seize over £100,000 from a convicted eBay scammer.…
Follow the Bouncing Malware: Gone With the WINS - Part II, (Wed, May 20th)
Imagine, if you will, that you're the newest contestant on the latest reality-tv show, Idle American ...(more)...
Web Toolz, (Wed, May 20th)
Ok, a couple of web app testing tools have been recently updated/released: My buddies Kevin J ...(more)...
Advanced blind SQL injection (with Oracle examples), (Tue, May 19th)
Quite often developers ask me if they should put controls about every single parameter that they rec ...(more)...
US-CERT warns of Gumblar, Martuz drive-by exploits
By Robert Westervelt
Website's poisoned with the Gumblar and Martuz drive-by download exploits could pass on malware to users who don't have their patches up to date.
Security Groups Tout Chain of Trust Initiative to Combat Malware
The Chain of Trust cyber-security initiative aims to link together all organizations and individuals that play a role in securing the Internet.
- Three cyber-security groups said May 19 they are launching a new initiative applying many of the same approaches used to bring nuisance adware under control, a chain-of-command plan for quot;all organizations and individuals that play a role in securing the Internet. quot; Developed by the ...
Microsoft Brings Secure Development Help to Application Developers for Free
Microsoft wants to speed adoption of its security development lifecycle (SDL), starting with the release of a free SDL Process Template that is integrated with the Visual Studio Team System. The company also announced additions to its SDL Pro Network and updates to the SDL process.
- Microsoft wants to bring its secure development lifecycle to an application near you. In a series of announcements, the company laid out a path today to speed the adoption of its security development lifecycle (SDL) in the developer community. For starters, the company has released version 1....
Hackers Circle Microsoft Server Software Flaw
Microsoft's Internet Information Services software has a privilege escalation vulnerability that US-CERT says is under attack by hackers. While users wait for a patch, here are ways to mitigate the vulnerability.
- Exploit code for a vulnerability in Microsoft's Internet Information Services software is circulating around the Web, leaving organizations in search for ways to keep hackers at bay. According to US-CERT, attacks leveraging the vulnerability are already under way, though Microsoft said in an...
Advanced Algorithms Enlisted To Fight Cyberwars (PC World)
In technology
PC World - First Estonia. Then Georgia. Increasingly, the theoretical potential for cyberwar is becoming hard reality. One new report argues that the unchecked proliferation of cyber warfare weapons is comparable to that of nuclear warheads. At least one branch of the US military, United States Navy takes the threat seriously and monitors cyber threats on a daily basis.
Klingon Anti-virus Available for Download. Really. (PC World)
In technology
PC World - They walk the warrior's path and they devour horrible-looking bowlfuls of red worms, but hey, Klingons need malware protection too.
Chinese Regulations Target Rising Cybercrime (PC World)
In technology
PC World - China has targeted cybercrime in three new sets of regulations issued this month as the activity starts to look like an established industry in the country.
IIS 6 Attack Could Let Hackers Snoop on Servers (PC World)
In technology
PC World - Security vendors are warning users of Microsoft's Internet Information Services 6 Web-server software that a new online attack could put their data at risk.
Microsoft Security Advisory 971492
By MSRCTEAM
I wanted to let you know that we have just posted Microsoft Security Advisory (971492).
This advisory contains information regarding public reports of a vulnerability in Microsoft Internet Information Services (IIS) that could allow Elevation of Privilege. Products affected are IIS 5.0, IIS 5.1, and IIS 6.0. The advisory contains guidance and workarounds that customers can use to help protect themselves. We will continue to monitor the situation and post updates to the advisory and the MSRC Blog as we become aware of any important new information.
At this time, we are not aware of any known attacks that attempt to use this vulnerability.
An elevation of privilege vulnerability exists in the way that the WebDAV extension for IIS handles HTTP requests. An attacker could exploit this vulnerability by creating a specially crafted anonymous HTTP request to gain access to a location that typically requires authentication.
Microsoft will take the appropriate action to protect our customers, which may include providing a solution through our monthly security update release process, or an out-of-cycle security update, depending on customer needs.
To better help understand the issue, Microsoft security experts have provided additional technical details on the Microsoft Security Research & Defense blog.
We have activated our Software Security Incident Response Process (SSIRP) and we are continuing to investigate this issue. In addition, we are actively working with partners in the Microsoft Active Protections Program (MAPP) and the Microsoft Security Response Alliance (MSRA) program to provide information that they can use to provide broader protections to customers.
Christopher Budd
Web Site Hijack Morphs, Continues to Grow
The Gumblar site attacks are now using a new domain to pull malware, and continue to infect more sites with malware-spreading code.
Chinese Regulations Target Rising Cybercrime
China has targeted cybercrime in three new sets of regulations issued this month as the activity starts to look like an established industry in the country.
Cybersecurity Groups Pledge to Work Together
Three cybersecurity groups pledge to work together and engage the Internet community to fight malware.
Study: Secret Questions Don't Safeguard Passwords
Secret questions used to reset e-mail passwords are often easily guessable by a person's friends and, in some cases, strangers, according to a new study.
Microsoft Confirms Serious IIS Bug, Downplays Threat
Only a specific IIS configuration is at risk, company says.
No comments:
Post a Comment