Game server admins arrested for Chinese DNS attacks
By jacqui@arstechnica.com (Jacqui Cheng) on security
A denial of service attack that took down Internet access in parts of China earlier this year has been attributed to an over-enthusiastic game provider trying to take down rivals. Police in Foshan, a city in Guangdong, have announced that they arrested four individuals for the attack, noting that they would go to trial sometime in the mysterious future.
The group was headed up by a 23-year-old factory worker with the surname Bing, according to the police announcement. Bing and his cohorts had set up a number of private servers for gamers to use, but weren't making much money because rivals had been engaging in distributed denial of service (DDos) attacks against them, constantly taking down the service. Bing was apparently angered by this and decided to drop 280,000 yuan (roughly US$41,000) to rent even more servers for the sole purpose of retaliating against his own attackers.
Phishers cut bait, slip on trojans instead
By jacqui@arstechnica.com (Jacqui Cheng) on Symantec
Phishing e-mails have dropped during the first half of 2009, indicating that cybercriminals are looking for other ways to scam unsuspecting users. Researchers from IBM's Internet Security sector, X-Force, revealed in their Mid-year Trend and Risk Report that banking Trojans appear to be taking the place of phishing for financial info. This trend is reflected by other security firms, too, but not everyone agrees on whether this is a true shift or just a temporary dip.
The X-Force team described the drop as "dramatic," noting that phishing only made up about 0.1 percent of all spam during the first six months of the year. Comparatively, phishing e-mails made up close to 1 percent of all spam during the same period in 2008, and an average of 0.5 percent during all of 2008. Of the phishing e-mails that are still floating around in the wild, the large majority of subject lines have to do with PayPal, with the remainder indicating that they are related to banking or other financial accounts.
Snow Leopard includes rudimentary malware protection (Updated)
By chris.foresman@arstechnica.com (Chris Foresman) on Snow Leopard
The malware threat on Mac OS X is infinitesimally small, but it does exist. The biggest threat so far seems to come from trojans that attempt to disguise themselves as legitimate software updates or installers. Though it's not mentioned anywhere in the extensive list of enhancements and refinements on Apple's website, it turns out that Snow Leopard does have some level of protection against such malware.
Security firm Intego turned up the feature, which seems to be an enhancement of the usual "This file is from the Internet, are you sure you want to open it?" warning. If a disk image or installer package contains known malware, Snow Leopard will warn that it can damage your computer. If you don't choose to open the installer anyway (and we recommend you don't), the offending file will be automatically moved to the Trash. Intego hasn't been able to identify exactly how the mechanism works, but several MacRumors forum members confirmed that it does identify known trojans.
Chances are this functionality won't protect against unknown attacks, and it's not clear exactly how Apple might protect against new trojans (yes, new malware definitions would come via Software Update, but when? how often?). The feature also doesn't seem to be as extensive as third-party antivirus software, but we don't know a lot of details at this point. Still, it is an extra safety net to keep you from being the victim of a social engineering hack.
UPDATE: I was pointed towards some information that sheds a little more light on how this feature works. According to Panic developer Cabel Sasser, the malware definitions are in the file /System/Library/CoreServices/CoreTypes.bundle/Contents/Resources/XProtect.plist
. From what's been discovered so far, this file only identifies the iServices and RSPlug trojans. However, it should be fairly trivial for Apple to update this file with new information, though how often those updates would occur is still anyone's guess—Apple has so far not responded to our request for comment. It should also be noted that only files downloaded via e-mail or the Web are scanned—it seems to work with Safari, Firefox, iChat, Entourage, Mail, and Thunderbird—checking external volumes and general file scanning are not implemented.
Botnet traffic bounds back 90% within 48 hours of ISP shutdown
By casey.l.johnston@gmail.com (Casey Johnston) on traffic
A common way of combating spam traffic is to shut down the service provider through which the traffic is being processed. With a new variety of botnets, though, this method is becoming increasingly ineffective. The August report from Message Labs indicates that the shutdown of a Latvian ISP, while initially effective, ultimately did little to quell the malicious activity of one botnet, whose traffic recovered in a matter of days.
Cutwail is one of the largest botnets running amuck on the Internet, and is estimated to be behind 15-20 percent of all spam, including malicious websites, phishing websites, and fake antivirus products. Message Labs noted that Cutwail was conducting a large portion of its dubious business through Real Host, an ISP based in Riga, Latvia. Real Host was allegedly involved with "command-and-control" servers allowing large-scale botnet infection.
Obsessions with Jessica Biel lead to a world of malware hurt
By jacqui@arstechnica.com (Jacqui Cheng) on virus
Admit it: every so often, you pop over to Google to search for a hot celebrity or two (or if you don't, you know somebody who does). If Jessica Biel is at the top of your (or their) list, you might want to exercise a bit more caution, as security firm McAfee has rated the 7th Heaven star as the most likely to net you an infection or two—on your computer, that is.
McAfee performs an annual survey of sites that purport to have information and pictures of A-list celebrities. Paris Hilton and Brad Pitt have both been at the top of the list in the past, but Biel has passed Pitt to become the riskiest star to search for. According to McAfee, fans searching for downloads, wallpapers, screensavers, photos, and videos of Biel have a one-in-five chance of ending up at a site that hosts spyware, malware, viruses, adware, spam, or phishing scams. "Jessica Biel screensavers" in particular were very dangerous—almost half of the downloads coming from those sites were malicious.
Former Symantec exec launches cloud-based, social antivirus
By david@arstechnica.com (David Chartier) on security
Considering that Microsoft feels the need to enter the antivirus market and 12 of the top 35 anti-malware makers failed Virus Bulletin's August 2009 test, one could argue that antivirus products are not where they should be. Former Symantec executive Oliver Friedrichs thinks a different approach is necessary, so he built a new cloud-based, social antivirus product called Immunet Project.
Harnessing what Immunet calls "Collective Immunity," Immunet Project claims to be able instantly fortify all of its users' computers against new virus threats. "Immunet uses a global community to collect anonymous information on applications running across the Immunet population," Friedrichs told Ars Technica. "We extract specific attributes from Windows PE files that are then coalesced in the cloud and classified as good or bad." When Immunet finds a piece of malware on a user's computer, it notifies the rest of the user network, supposedly in real time. Because of this approach, Immunet keeps most of its client infrastructure on its servers; the actual client install takes up less than 5MB of space.
Apache.org Compromised via stolen SSH keys
By Robert A. on IndustryNews
Netcraft is reporting that apache.org has been compromised. The apache blog posted the following message indicating an SSH key compromise. "This is a short overview of what happened on Friday August 28 2009 to the apache.org services. A more detailed post will come at a later time after we complete the...
Article: Bypassing DBMS_ASSERT in certain situations
By Robert A. on Vulns
David "I like to beat up on oracle" Litchfield has published a new paper outlining how DBMS_ASSERT can be misused in such a way that SQL Injection is possible. From the whitepaper "The DBMS_ASSERT builtin package can be used by PL/SQL developers to protect against SQL injection attacks[1]. In [2] Alex...
Flash Worm - SANS Analysis
By Robert A. on Interviews
Sans has write up about a recent flash worm. "A few days ago a lot of media wrote about a Flash worm. I managed to get hold of samples and analyzed it (thanks to Peter Kruse of CSIS for the samples). First of all, while the exploit code contains Flash, it...
WASC Distributed Open Proxy Honeypot Update - XSS in User-Agent Field
By Robert A. on XSS
"In case you missed it, the WASC Distributed Open Proxy Honeypot Project launched Phase III at the end of July. We have a few sensors online and as we start gathering data, we are starting our analysis. Our goal is to be able to release "events of interest" to the community...
AppSec DC 2009
By Robert A. on IndustryNews
"OWASP Announces International Application Security Conference for 2009 Speaker Agenda Released and Registration Open for 2009's Largest Web Application Security Event Washington DC August 20th, 2009 -- Following in the footsteps of the Open Web Application Security Project's (OWASP, http://www.owasp.org ) immensely successful and popular conferences earlier this year in Australia,...
WASC Threat Classification v2 updates
By Robert A. on WASC
We're nearing the completion of the WASC Threat Classification v2 (2 sections left!) and have added the following new sections since my last couple of posts. Null Byte Injection Integer Overflows We've also heavily updated the following sections Buffer Overflows (in depth discussion of heap vs stack vs integer overflows) SQL...
Accused mastermind of TJX hack to plead guilty
By Michelle Meyers
Albert Gonzalez, the alleged ringleader of one of the largest known identity theft cases in U.S. history, has agreed to plead guilty to all 19 counts of related charges against him, according to court documents filed Friday.
Gonzalez, 28, of Miami, was accused in August 2008 of helping steal ...
Trend Micro's 2010 suite is sharp at the top
By Seth Rosenblatt
Trend Micro released its 2010 security products earlier this week, with three programs offering varying levels of security and service. The comparatively barebones Trend Micro Antivirus + AntiSpyware clocks in at $40, with the basic suite Trend Micro Internet Security available for $10 more and $70 for the premium Trend Micro Internet Security Pro. ...
Originally posted at The Download Blog
Beware fake Snow Leopard sites
By Elinor Mills
People eager to get a copy of the latest version of the Mac operating system, Snow Leopard, should be wary of sites offering free copies because they are likely to get some nasty malware instead, according to antivirus company Trend Micro.
Trend Micro said in a blog posting on Wednesday ...
Originally posted at InSecurity Complex
Facebook ratchets up privacy controls (again)
By Caroline McCarthy
A recent simplification of Facebook's user privacy controls wasn't enough for some policymakers.
On Thursday, in conjunction with the Canadian Privacy Commissioner, Facebook announced a new set of modifications to its user privacy controls as well as its developer API, and the targets of these changes are the ...
Originally posted at The Social
Researchers who hack the Mac OS
By Elinor Mills
Dino Dai Zovi
(Credit: Tehmina Beg)
It was summer 2005. Dino Dai Zovi walked into a Manhattan Starbucks, ordered a coffee, sat down, and opened up his laptop.
Before his coffee was cold he had found a local privilege escalation vulnerability in Mac OS ...
Originally posted at InSecurity Complex
Snow Leopard could level security playing field
By Elinor Mills
Share of the Mac operating system is growing, and with it the number of malware threats targeting the platform.
(Credit: Net Applications)
Friday's release of the new version of the Mac OS, dubbed Snow Leopard, could include some security features that would make ...
Originally posted at InSecurity Complex
ACLU chapter flags Facebook app privacy
By Caroline McCarthy
The Northern California chapter of the American Civil Liberties Union has put out a campaign designed to raise awareness of the privacy implications of Facebook's developer platform. It's focusing specifically on the popular "quiz" applications, like "Which Cocktail Best Suits Your Personality?" and "Which Wes Anderson Movie Character ...
Originally posted at The Social
Report: Antivirus feature for Snow Leopard?
By Tom Espiner
(Credit: Apple)
The next version of Apple's OS X, which is due out Friday, may bundle antivirus capabilities.
Mac security firm Intego said that the latest version of the operating system, Mac OS X Snow Leopard, could have an antimalware feature, according to reports, in a blog post Tuesday. ...
Originally posted at News - Apple
Symantec pulls Norton patch after error reports
By Elinor Mills
This is the error message on the Norton support Web site after users reported that the patch failed to install properly.
(Credit: Symantec)
Symantec is providing a fix for customers who got error messages after a patch deployment went awry for some Norton users, the company said on Tuesday.
The ...
Originally posted at InSecurity Complex
Google patches severe Chrome vulnerabilities
By Stephen Shankland
Google has fixed two high-severity vulnerabilities in the stable version of its Chrome browser that could have let an attacker remotely take over a person's computer.
With one attack on Google's V8 JavaScript engine, malicious JavaScript on a Web site could let ...
Originally posted at Deep Tech
Jessica Biel most 'dangerous' celeb in cyberspace
By Lance Whitney
Through no fault of her own, actress Jessica Biel is now the most hazardous celebrity on the Internet.
McAfee names Jessica Biel most dangerous celebrity online in 2009.
(Credit: Business Wire)
Fans searching online for Biel have a one-in-five chance of hitting a Web site with malware, according to McAfee'...
Cracking GSM phone crypto via distributed computing
By Elinor Mills
If you are using a GSM phone (AT&T or T-Mobile in the U.S.), you likely have a few more months before it will be easy for practically anyone to spy on your communications.
Security researcher Karsten Nohl is launching an open-source, distributed ...
Originally posted at InSecurity Complex
Cisco wireless LANs at risk of attack, 'skyjacking'
By Elinor Mills
Cisco Systems wireless local area network equipment used by many corporations around the world is at risk of being used in denial-of-service attacks and data theft, according to a company that offers protection for WLANs.
Researchers at AirMagnet, which makes intrusion-detection systems for WLANs, discovered the vulnerability, which affects all ...
Originally posted at InSecurity Complex
Jailed SF network administrator faces fewer charges
By Steven Musil
A judge has dismissed most of the charges against a former San Francisco network administrator accused of hijacking the city's computer network he designed and maintained.
San Francisco Superior Court Judge Kevin McCarthy on Friday tossed three tampering charges against Terry Childs, while preserving a lone charge of denying
...
Apache SSH Key compromised
By Rik Ferguson on web
UPDATE: A post regarding this incident from apache.org is available at https://blogs.apache.org/infra/entry/apache_org_downtime_initial_report ______________________________________________________________________________ As of this moment, Apache.org is reporting that SSH key associated with its US servers has been compromised and are shifting all traffic to their European mirror. Details of the attack/compromise are few at the moment, as this is breaking news. It is worth remembering however [...]
Apple anti-malware? Snow joke!
By Rik Ferguson on malicious code
It looks, on one hand, as it Apple are now alive to the danger that malicious code represents to their users. Reports from beta testers indicate that in the newest version of MacOS Snow Leopard, due for release tomorrow, Apple have included anti-malware technology (although someone needs to tell their marketing department who as previously [...]
SMiShing Time, wish you were here!
By Rik Ferguson on telephone
Earlier this summer, CIFAS, the Fraud Prevention agency warned about a rise in the threat from SMiShing, this warning has recently been echoed by the Guardian Newspaper. SMiShing reports date back to around 2006 when this threat started to become noticeable. Spoofed or otherwise faked SMS messages are used as bait to lure victims to responding via SMS [...]
Mac OS X Snow Leopard Bundled With Malware Detector
By Darknet on snow leopard security
Ah we saw this coming didn’t we, back in June we reported on Apple Struggling With Security & Malware and now they have shown they were paying attention. Even though they tried to do so quietly, they are slipping a ‘malware detector’ into the latest OS X update known as Snow Leopard. The problem is though, it [...]
Trafscrambler – Anti-sniffer/IDS Tool
By Darknet on trafscrambler
Trafscrambler is an anti-sniffer/IDS LKM(Network Kernel Extension) for OSX, licensed under BSD. Features Injection of packets with bogus data and with randomly selected bad TCP cksum or bad TCP sequences Userland binary(tsctrl) for controlling trafscrambler NKE SYN decoy – sends out number of SYN pkts before the original SYN pkt TCP reset attack – sends out RST/FIN pkt with bad [...]
TJX Hacker Albert “Segvec” Gonzalez Indicted By Federal Grand Jury
By Darknet on tjx hacker
We’ve been following the whole TJX saga for quite some time now since way back in September 2007 when the hack became public as the Largest Breach of Customer Data in U.S. History and in August 2008 when the TJX Credit Card Hackers Got Busted. The legal system has ticked along and now they have to [...]
Filtering Network Attacks With A 'Netflix' Method
University of California at Irvine researchers devise new model for blacklisting network attackers
Attack Of The Tweets: Major Twitter Flaw Exposed
UK researcher says vulnerability in Twitter API lets an attacker take over a victim's account -- with a tweet
New IEEE Printer Security Standard Calls For Encryption, Authentication, Electronic "Shredding"
Printers finally get security attention, but locking them down depends on actual implementation, configuration, experts say
IDC Report: Most Insider Leaks Happen By Accident
Unintentional leaks may cause more damage than internal fraud, IDC research study says
PCI Council Releases Recommendations For Preventing Card-Skimming Attacks
New best practices aimed at helping retailers -- especially small merchants -- but security experts say skimming risk runs deeper
Newly Discovered Vulnerability Could Threaten Cisco Wireless LANs
Cisco's wireless LANs could be vulnerable to attack through over-the-air provisioning feature, researchers say
Hacker Ring Tied To Major Breaches Just Tip Of The Iceberg
TJX-Heartland attacker and cohorts also reportedly hacked ATM machines in 7-Elevens, but their wide net is likely just one of many
Symantec: Eavesdropping Trojan Targets Skype
In Web 2.0
Symantec has uncovered a Trojan that eavesdrops on conversations and sends the audio files to a server controlled by the attacker.
China Flooding Web with SQL Injection Attacks
In Virus and Spyware
SQL injection attacks remain a serious problem, with new waves of the threats being generated in China over the last month.
Google: Malware Sites on the Upswing
In Virus and Spyware
Google reports that it is seeing a rapid increase in the sheer volume of malware sites it encounters, while returning fewer infected URLs to search users.
IBM Report Examines Online Threats for First Half of 2009
In Vulnerability Research
IBM X-Force released a report Aug. 26 highlighting the most prevalent security risks of the first six months of 2009. The news was a mix of the good, the bad and the ugly.
Survey: Hackers on Vacation Before Q4 Saturation
In Virus and Spyware
Malicious hackers like to take off during Q3, much like their adversaries in IT security, before putting the hammer down over the holidays.
Latest AES Encryption Attack Not the End of the World
In Vulnerability Research
Although recent research on attacks targeting AES-256 encryption are an improvement over past attacks, they do not make the widely-used encryption scheme ineffective. Experts say AES remains secure.
Researchers Warn of Powerful New Data Theft "Cocktail"
In iframe
Researchers have discovered a powerful new blended data theft malware package spreading rapidly through legitimate Web sites.
Bill would give president power to disconnect private networks
A Senate bill proposes giving the president the power to shut down and disconnect any government or private computer network or system that is compromised by a cyberattack.
DHS sets new policy on computer searches at border
DHS issued two new directives that deal with searches of laptop computers and other devices at U.S. borders.
DHS, industry assess risks to IT sector
Government and private-sector experts identify risks to the country's information technology sector's key functions.
FISMA reporting must use automated tool
By Nov. 18, agencies must use a new automated reporting tool to meet their reporting requirements under the Federal Information Security Management Act.
DOD updates IPv6 Standard Profile
The updated IPv6 Standard Profile provides a technical and standards based definition of interoperability requirements for IPv6-capable products to be used in DOD networks.
Former cop, wife plead guilty to hacking
Posted by InfoSec News on Aug 28
http://chronicle.northcoastnow.com/2009/08/28/former-cop-wife-plead-guilty-to-hacking/
By Brad Dicken
Chronicle Online
August 28, 2009
ELYRIA - An Amherst police officer and his wife took a plea deal Thursday to misdemeanor charges for hacking into an Amherst police dispatcher's personal...
NHS heals serious spoof email flaw
Posted by InfoSec News on Aug 28
http://www.theregister.co.uk/2009/08/27/nhs_spoof_email_xss_flaw/
By John Leyden
The Register
27th August 2009
Updated - Cross-site scripting (XSS) vulnerabilities on the National Health Service's website created a means to send spoofed emails with dodgy medical advice. The...
QampA: DHS Cybersecurity Chiefs Speak Out
Posted by InfoSec News on Aug 28
http://www.informationweek.com/news/government/security/showArticle.jhtml?articleID=219500331
By J. Nicholas Hoover
InformationWeek
August 27, 2009
As the federal government continues to try to figure out ways to effectively manage cybersecurity, the Department of Homeland Security is...
Security test prompts federal fraud alert
Posted by InfoSec News on Aug 28
http://www.computerworld.com/s/article/9137215/Security_test_prompts_federal_fraud_alert?taxonomyId=17
By Robert McMillan
August 28, 2009
IDG News Service
A sanctioned security test of a bank's computer systems had some unexpected consequences this week, leading the federal agency that...
Secunia Weekly Summary - Issue: 2009-35
Posted by InfoSec News on Aug 28
The Secunia Weekly Advisory Summary 2009-08-20 - 2009-08-27 This week: 77 advisories
========================================================================
...
Crowbar cracks SD cards and retrieves data without a trace
Posted by InfoSec News on Aug 28
http://gcn.com/articles/2009/08/24/gcn-lab-review-mantech-crowbar.aspx
By John Breeden II
GCN.com
Aug 21, 2009
Pros: Easy to use, can set up password crack groups for greater hacking speed Cons: Only works with MMC/SD cards
Performance: A
Ease Of Use: A
Features: C
Value: C
Price:...
New attack cracks common Wi-Fi encryption in a minute
Posted by InfoSec News on Aug 27
http://www.computerworld.com/s/article/9137177/New_attack_cracks_common_Wi_Fi_encryption_in_a_minute?taxonomyId=17
By Robert McMillan
August 27, 2009
IDG News Service
Computer scientists in Japan say they've developed a way to break the WPA encryption system used in wireless routers in...
The Longest Yard and a Half
Posted by InfoSec News on Aug 27
http://thedailywtf.com/Articles/The-Longest-Yard-and-a-Half.aspx
By Jake Vinson
in Feature Articles
2009-08-13
Owein R. knew that security at the government facility was going to be a big deal, but it wasn't clear how big a deal it was going to be until he started his job.
To get...
Employees Fired After Reporting Security Breach
Posted by InfoSec News on Aug 27
http://www.wpbf.com/mostpopular/20552910/detail.html
WPBF.com
August 25, 2009
LAKE WORTH, Fla. -- When Andres Reyes and Howard Jordan sit down at a table, they have more than 60 years of power grid experience between them.
So when the Lake Worth Utilities employees noticed an...
FISMA reporting must use automated tool
Posted by InfoSec News on Aug 27
http://fcw.com/articles/2009/08/25/web-fisma-automated-reporting-tool.aspx
By Ben Bain
FCW.com
Aug 25, 2009
Agencies must use an automated reporting tool to show their compliance with the Federal Information Security Management Act this year, Obama administration officials have said.
...
Event: Mangle-A-Thon Boston, September 19th, 2009
Posted by InfoSec News on Aug 26
Forwarded from: David Shettler <dave (at) opensecurityfoundation.org>
http://mangleathon.opensecurityfoundation.org/
Join OSF in Somerville, MA on September 19th, 2009 from 8am to midnight, and help us mangle vulnerabilities into the Open Source Vulnerability Database (OSVDB), and...
GSM network is not secure
Posted by InfoSec News on Aug 26
http://www.ftd.de/technik/it_telekommunikation/:GSM-Netz-nicht-sicher-Handys-bald-f%FCr-jedermann-abh%F6rbar/557540.html
(FYI: this is a Google Translation - WK)
By Maija Palmer (London)
Financial Times Germany
24.08.2009
Over the next six months could face a wave of eavesdropping on...
The Analyzer Pleads Guilty in 10 Million Bank-Hacking Case
Posted by InfoSec News on Aug 26
http://www.wired.com/threatlevel/2009/08/analyzer/
By Kim Zetter
Threat Level
Wired.com
August 25, 2009
Ehud Tenenbaum, aka "The Analyzer," quietly pleaded guilty in New York last week to a single count of bank-card fraud for his role in a sophisticated computer-hacking scheme...
DHS official: Agencies must make high-risk cyber threats top priority
Posted by InfoSec News on Aug 26
http://www.nextgov.com/nextgov/ng_20090825_7424.php
By Jill R. Aitoro
Nextgov.com
08/25/2009
Federal agencies should prioritize their information security requirements to ensure mission-critical operations are protected first, and delineate between "that which is aggravating and...
Cyber crooks increasingly target small business accounts
Posted by InfoSec News on Aug 26
http://www.computerworld.com/s/article/9137112/Cyber_crooks_increasingly_target_small_business_accounts?taxonomyId=17
By Jaikumar Vijayan
August 25, 2009
Computerworld
An organization representing more than 15,000 financial institutions has issued a warning about a growing wave of...
Message From Hackers: Enjoy The Summer Break Because Winter Attacks Will Be Harsh
Posted by InfoSec News on Aug 26
http://www.darkreading.com/security/intrusion-prevention/showArticle.jhtml?articleID=219401410
By Kelly Jackson Higgins
DarkReading
Aug 25, 2009
In case you're worried about taking that last-minute summer vacation and leaving your IT staff a little short, relax (for now, anyway): Most...
Newly Discovered Vulnerability Could Threaten Cisco Wireless LANs
Posted by InfoSec News on Aug 25
http://www.darkreading.com/security/vulnerabilities/showArticle.jhtml?articleID=219401274
By Tim Wilson
DarkReading
Aug 24, 2009
A flaw in the provisioning system used by Cisco wireless LANs could allow attackers to collect data about users' wired networks or even gain access to...
Simple steps can prevent e-fraud: Specialist
Posted by InfoSec News on Aug 25
http://timesofindia.indiatimes.com/news/city/kolkata-/Simple-steps-can-prevent-e-fraud-Specialist/articleshow/4921062.cms
[Any guesses which classified international intelligence agency Ankit Fadia is working with? I'll place my bets its listed below... ...
Arrest Over Software Illuminates Wall St. Secret
Posted by InfoSec News on Aug 25
http://www.nytimes.com/2009/08/24/business/24trading.html
By Alex Berenson
The New York Times
August 23, 2009
Flying home to New Jersey from Chicago after the first two days at his new job, Sergey Aleynikov was prepared for the usual inconveniences: a bumpy ride, a late arrival.
He was...
Better security boosts agencies use of wireless devices
Posted by InfoSec News on Aug 25
http://gcn.com/articles/2009/08/24/mobile-wireless-security-government-agencies.aspx
By Rutrell Yasin
GCN.com
Aug 24, 2009
In what might have been a symbolic event in the development of mobile communications, President Barack Obama, for whom security is paramount, kept his BlackBerry...
Russian hackers vandalized BTC pipeline data servers
Posted by InfoSec News on Aug 25
http://news.am/en/news/2963.html
News.am
08/24/2009
Russian hackers through the agency of Russian Special Service vandalized servers of energy pipe, carrying gas from Azerbaijan to Europe bypassing Russia, 1news.az and Aviation Week report. According to the publication, Russian hackers...
Pair charged with BNP list breach
Posted by InfoSec News on Aug 24
http://www.theregister.co.uk/2009/08/21/bnp_list_charges/
By Chris Williams
The Register
21st August 2009
Two people have today been charged with offences under the Data Protection Act for leaking the BNP's membership list last year.
The pair will appear before magistrates in Nottingham...
VA Reports Detail Misconduct By IT Officials
Posted by InfoSec News on Aug 24
http://www.informationweek.com/news/government/policy/showArticle.jhtml?articleID=219400889
By J. Nicholas Hoover
InformationWeek
August 21, 2009
Two reports issued by the inspector general of the Department of Veterans Affairs point to a range of misconduct in the agency's IT...
Jailed SF network administrator faces fewer charges
Posted by InfoSec News on Aug 24
http://news.cnet.com/8301-1009_3-10315708-83.html
By Steven Musil
Security
CNet News
August 23, 2009
A judge has dismissed most of the charges against a former San Francisco network administrator accused of hijacking the city's computer network he designed and maintained.
San...
Linux Advisory Watch - August 21st 2009
Posted by InfoSec News on Aug 24
+----------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | August 21st, 2009 Volume 10, Number 34 | | | |...
Comelec urged to adopt cyber security amid hacking fears
Posted by InfoSec News on Aug 24
http://www.mb.com.ph/articles/217277/comelec-urged-adopt-cyber-security-amid-hacking-fears
By JEAMMA E. SABATE
mb.com.ph
August 23, 2009
A computer expert said Sunday that there is need for the Commission on Election (Comelec) to adopt cyber security amid fears of internet hacking as the...
5 Security Lessons From Real-World Data Breaches
We break the code of silence on data breaches to show how criminals operate -- and how you can thwart them.
DHS Clarifies Laptop Border Searches
By Thomas Claburn
The new rules leave open the possibility that travelers may face penalties for refusing to provide passwords or encryption keys.
DHS Clarifies Laptop Border Searches
By Thomas Claburn
The new rules leave open the possibility that travelers may face penalties for refusing to provide passwords or encryption keys.
Identity Theft Ring Ensnared Fed Chairman Bernanke
By Thomas Claburn
Identity thieves may have drawn more attention that they wanted when they defrauded the nation's top banker.
Facebook Promises Stronger Privacy Controls
By Thomas Claburn
Developers who create Facebook applications will have to get explicit permission to use personal information from Facebook users.
Social Networkers Risk More Than Privacy
By Antone Gonsalves
Facebook and Twitter users post personal information that could be used by professional home burglars looking for targets, says a U.K. study.
Q&A: DHS Cybersecurity Chiefs Speak Out
By J. Nicholas Hoover
The Department of Homeland Security aims to grow its cybersecurity workforce and technical capabilities, Phil Reitinger and Greg Schaffer say.
Apple's Snow Leopard Brings Compatibility, Security Concerns
By Thomas Claburn
Adobe CS3 users are expressing dismay that Snow Leopard compatibility hasn't been tested while hackers tempt Mac users with malware in Snow Leopard clothing.
Amazon Launches Private Cloud Service
By Mary Hayes Weier
Customers will create a VPN to bridge Amazon to their existing IT infrastructures and use their existing security systems to protect data.
Jessica Biel Searches Deemed Most Dangerous
By Thomas Claburn
Searching for celebrities may be one of the most effective ways to infect your computer.
White House Overhauls Cybersecurity Reporting
By J. Nicholas Hoover
Federal agencies will now be required to submit standardized cybersecurity reports via new software, rather than spreadsheets.
White House Overhauls Cybersecurity Reporting
By J. Nicholas Hoover
Federal agencies will now be required to submit standardized cybersecurity reports via new software, rather than spreadsheets.
Social Networks Leak Personal Information
Internet users are revealing information that identifies them through the use of social networking sites, a research study claims.
Google Fights Street View Ban In Switzerland
The Swiss data commissioner worries that Google Maps Street View reveals too much and may force Google to blur or remove even more of its images.
Federal Agencies Pursue Cybersecurity Common Ground
NIST is working with defense and intelligence agencies to develop cybersecurity specifications that could be applied across government.
Readers as patrons in the digital age
By Elinor Mills
Robin Sloan gives a video pitch for his book project on Kickstarter.
(Credit: Robin Sloan)
A few months ago someone sent me a link to a short story a friend of his had written and posted online. I made the mistake of glancing at it while at work and then ...
Beware fake Snow Leopard sites
By Elinor Mills
People eager to get a copy of the latest version of the Mac operating system, Snow Leopard, should be wary of sites offering free copies because they are likely to get some nasty malware instead, according to antivirus company Trend Micro.
Trend Micro said in a blog posting on Wednesday ...
Researchers who hack the Mac OS
By Elinor Mills
Dino Dai Zovi
(Credit: Tehmina Beg)
It was summer 2005. Dino Dai Zovi walked into a Manhattan Starbucks, ordered a coffee, sat down, and opened up his laptop.
Before his coffee was cold he had found a local privilege escalation vulnerability in Mac OS ...
Snow Leopard could level security playing field
By Elinor Mills
Share of the Mac operating system is growing, and with it the number of malware threats targeting the platform.
(Credit: Net Applications)
Friday's release of the new version of the Mac OS, dubbed Snow Leopard, could include some security features that would make ...
Symantec pulls Norton patch after error reports
By Elinor Mills
This is the error message on the Norton support Web site after users reported that the patch failed to install properly.
(Credit: Symantec)
Symantec is providing a fix for customers who got error messages after a patch deployment went awry for some Norton users, the company said on Tuesday.
The ...
Cracking GSM phone crypto via distributed computing
By Elinor Mills
If you are using a GSM phone (AT&T or T-Mobile in the U.S.), you likely have a few more months before it will be easy for practically anyone to spy on your communications.
Security researcher Karsten Nohl is launching an open-source, distributed ...
Cisco wireless LANs at risk of attack, 'skyjacking'
By Elinor Mills
Cisco Systems wireless local area network equipment used by many corporations around the world is at risk of being used in denial-of-service attacks and data theft, according to a company that offers protection for WLANs.
Researchers at AirMagnet, which makes intrusion-detection systems for WLANs, discovered the vulnerability, which affects all ...
Confidence Scams
By Adam Wosotowsky on Web and Internet Safety
I always get a lot of questions about confidence scams. These types of spam emails have been around almost as long as email has been available to the public. Confidence scams are a child of phishing scams, and the annoying little brother of lonely girl scams, always showing up at the wrong time or hiding [...]
Prepare for the new upcoming 2010 AV products.
By Dirk Kollberg on Web and Internet Safety
Many major security companies are about to release their new retail product for 2010. Expect some comparative reviews in the next months, check what you need and stay protected. Some ‘2010’ products are already out on the web, but unfortunately most of them are FakeAlert Trojans or Scareware. Once downloaded, you see pop up windows alerting you [...]
Is Apple Opening a Can of Worms?
By Craig Schmugar on Malware Research
It has now been widely reported that Apple’s latest operating system, Snow Leopard contains the ability to identify two families of Mac malware–OSX/Puper and OSX/IWService–when the infectious DMG files are downloaded and mounted as part of the infection process. There are a number of ramifications of such a move that could be discussed, but the intention of this [...]
Brazilian Malware Writers Stumble Again
By Pedro Bueno on virus
I like to pick on malware writers, especially the dumb ones as you can see here. Sometimes they’re just too big a target to ignore. The latest round is with Brazilian malware writers again. As you are aware, some days ago the Delphi virus was discovered; we detect it as W32/Induc. So today I got a [...]
Journal: Emerging Standards, Technology Will Relieve Audit Fatigue
By David Marcus on Web and Internet Safety
There is a light at the end of the tunnel—risk and compliance technologies and standards are relieving auditors and businesses in this age of increased electronic accountability. On the heels of our integration of SolidCore’s technology, researchers from McAfee Avert Labs have laid out the compliance challenges facing organizations, and the new standards that can [...]
Spammers Broadcast It for FREE!
By Paras Gupta on Web and Internet Safety
“FREE” is by far the most commonly used term in spam mails. The word free is such a striking term that any layman, without the knowledge of these tricks of the trade, can get into the trap of cloaked mails sent by the spammers. Here are a couple of the most often used sentences in spam [...]
Privacy missing from Google Books settlement
If Google digitizes the world's books, how will it keep track of what you read?
Apple: Exploding iPhones Not Our Fault
Apple says it's not to blame for a series of exploding iPods and iPhones, according to a report published on Friday. The company has been under fire, so to speak, for devices overheating and shattering across Europe and the U.K.
Lawmakers strike new tone with proposed bill giving Obama power to shut down Internet
The second draft of a Senate cybersecurity bill appears to tone down language that would grant President Obama the power to shut down the Internet.
'New' travel search rules just won't fly
The chorus of folks singing "meet the new boss, same as the old boss" just got a little bigger and louder yesterday, after the Obama Administration issued "new" rules for border laptop searches that bear an uncanny resemblance to the old rules.
Security test prompts federal fraud alert
A sanctioned security test of a bank's computer systems had some unexpected consequences this week, leading the federal agency that oversees U.S. credit unions to issue a fraud alert.
China game boss sniped rivals, took down Internet
An attack by a Chinese online game provider meant to cripple the servers of its rivals ballooned to cause an Internet outage in much of the country in May, according to police.
Snow Leopard Malware Protection a Growing Pain for Mac OS
Mac users have long relished the fact that malware is nearly a foreign concept to them. Yet, in a tacit acknowledgment of the growing threat of malware on the Mac platform, Apple has added some rudimentary malware protection into Snow Leopard.
Swiss coder publicises government spy Trojan
A software engineer who created Trojans for the Swiss authorities to intercept Voice-over-IP (VoIP) phone calls has published the source code to his programs in order to draw attention to the surveillance threat posed by such software.
Researcher plots downfall of GSM phone security
A US-based researcher has published a new method of attacking the encryption used to secure GSM mobile phones that he believes will force networks to revise the current generation of call security.
Thanks, Canada: Facebook's 4 Big Privacy Fixes
Pick on Canada all you want, but this week the country did good by muscling Facebook into making privacy changes. Our northern neighbors took the lead on scrutinizing Facebook's privacy policy and required alterations in accordance with Canada's privacy laws. Here are the four major privacy fixes we'll be seeing from Facebook, plus a couple privacy concerns that remain:
Snow Leopard: Five Reasons to Upgrade Now
After a year of hype, Snow Leopard is finally here. But does it have claws? Apple's newest Mac OS has been billed as an under-the-hood upgrade-a necessary evolution of the operating system. But it's a little light on new features that Mac users can touch, see and feel (except, of course, for the mouse that responds to multiple finger gestures).
Web attacks across globe appear linked, security researcher says
Three significant waves of SQL injection attacks appear to be under the control of the same source, according to one security researcher.
Facebook and Twitter users failing on security
Just 27 percent of social networkers are protecting themselves against online threats, says AVG.
Snow Leopard Needs Better Anti-Malware, Should Be Free
Is the "malware protection" in Apple's new Snow Leopard really lame or what? But, it's on a par with other features of the OS "upgrade."
Facebook to tighten privacy after Canadian investigation
Facebook will enhance its social-networking site's privacy features over the next 12 months as a result of a set of recommendations from the Canadian government.
Pentagon reviews Stealth encryption prototype
The Stealth encryption prototype from Unisys has been accepted by the Pentagon for review in a technical-evaluation program as a required first step that could, if successful, make Stealth a candidate for future use in secure IP-based communications across the military.
ACLU sues for information on laptop searches at U.S. borders
The American Civil Liberties Union is suing the U.S. Department of Homeland Security (DHS)'s Customs and Border Protection (CBP) unit for information on its policies related to searches of laptops and other electronic devices at U.S. borders.
Apple adds basic anti-malware to Snow Leopard
Apple has expanded a download warning feature in Mac OS X 10.5 to create rudimentary anti-malware detection in the new Snow Leopard operating system due out Friday.
New attack cracks common Wi-Fi encryption in a minute
Computer scientists in Japan say they've developed a way to break the WPA encryption system used in wireless routers in about one minute.
Goodbye Liskula, Skanks of New York Is Over
Liskula Cohen, it was nice knowing you, but it's time to move on. Rosemary, file your suit, or don't. It's over between us, too.
DHS report: IT sector is resilient against serious cyberattacks
A U.S. Department of Homeland Security presents scenarios in which well-chosen attacks against key IT infrastructure elements could cause disruptions on a national scale. The document also offers a surprisingly sunny assessment of the resilience and redundancies within the IT sector to mitigate the risk of such disruptions.
ACLU files lawsuit on border laptop searches
The American Civil Liberties Union (ACLU) has filed a lawsuit demanding that U.S. Customs and Border Protection (CBP) release details of its policy that allows the agency to search travelers' laptops at U.S. borders without suspicion of wrongdoing.
Microsoft: Word patent ruling, injunction 'miscarriage of justice'
Microsoft's lawyers said the verdict that awarded a Canadian developer nearly $300 million in damages and resulted in an impending ban on sales of the company's popular Word software was a "miscarriage of justice.
Sixth State Dept. worker pleads guilty to passport snooping
A sixth person who has worked for the U.S. Department of State has pleaded guilty to a charge related to illegally accessing electronic passport application files, the U.S. Department of Justice said.
New internet piracy measures get mixed reactions
New measures to tackle internet piracy that could cut illegal downloaders' web access, have been applauded by Moneysupermarket.com.
Unmasking DLP: The Data Security Survival Guide
You've heard from all the vendors who claim to have just the thing for your DLP needs. But how do you know what's best for your company's particular security needs? In this series, CSOonline talks to IT security practitioners, vendors and analysts about what is and isn't true DLP.
Report: Snow Leopard To Confront Mac Malware
Adding anti-malware to Snow Leopard is a Catch-22 for Apple: In solving a problem, Apple must first admit a problem actually exists. Which is hard when one of your major selling points is that you're secure and your major competitor--Microsoft Windows--is not.
Symantec offers fix for buggy Norton patch
Symantec has posted a software fix after hundreds of users reported problems with a buggy update of the company's flagship Norton AntiVirus software.
Trojan attacks up, phishing attacks down this year, IBM finds
Spam-based phishing attacks declined noticeably during the first half of the year, but cyber-criminals may simply be shifting to other technologies found to be more effective in stealing personal data, according to IBM in its semi-annual security threat report .
Identity theft resource center
Identity theft (IDT) continues to grow in the US and the world as electronic personally identifiable information (PII) about all of us increases in volume and dispersion. The Identity Theft Resource Center® (ITRC) provides excellent resources to help information assurance (IA) professionals and the public keep informed about current IDT developments and countermeasures.
Hackers like Christmas best of all
Most people may be busy with year-end gift buying and holiday parties at the end of December, but security professionals have an added obligation: keeping the hackers off their corporate networks.
Sun plans on-chip security boost for Ultrasparc
Sun Microsystems' product plans are up in the air pending its acquisition by Oracle, but the company's chip engineers continue to present new designs in the hope they'll see the light of day.
Cyber crooks increasingly target small business accounts
The NACHA electronic payments association is warning its 15,000 member of increasing attacks by cyber criminals on small businesses using electronic payment networks.
Five Lessons from Microsoft on Cloud Security
While Google, Amazon and Salesforce have gotten the most attention as cloud service providers, Microsoft-with its 300 products and services delivered from its data centers-has a large cloud bank all its own.
Personal spy gear: Is it ethical? Is it legal?
From disguised video security cams to GPS tracking loggers, personal security is going high-tech. But these gadgets bring up a host of sticky ethical and legal questions.
Illegal downloaders face broadband ban
Aggressive efforts to cut off illegal file sharers from the internet, originally rejected in the government's Digital Britain report, are back on with a new plan which effectively takes communications regulator Ofcom out of the loop as an online anti-piracy enforcer.
Jordan gossip puts web users at risk
Fans of glamour girl Jordan could be putting themselves at risk by searching for the latest gossip about her on the web, says McAfee.
Comodo Internet Security Antivirus Software
Comodo Internet Security has both a firewall and an antivirus utility in its free package. While we can't speak for the firewall's effectiveness (we didn't test that feature), its antivirus component leaves much to be desired. In our rankings of free antivirus software, it landed at number six, last among the chart-makers.
Can You Trust Free Antivirus Software?
Free antivirus programs vary just as much as paid security programs do in the quality of their protection. And frugal computer users on the hunt for no-cost antivirus software--already faced with tons of options--will have even more to choose from when new free offerings from Microsoft and Panda join the programs currently available from Alwil (Avast), AVG, Avira, Comodo, and PC Tools.
Avira AntiVir Personal Free Antivirus Software
Avira AntiVir Personal's excellent malware detection, disinfection, and scan speed earned it the top spot in our ranking of free antivirus software. Its interface could be better, though, and using the app means putting up with daily pop-up ads.
Alwil Avast Antivirus Home Edition
Avast Antivirus Home Edition, developed in the Czech Republic, offers capable malware detection and faster-than-average scan speed, both of which helped propel the app to the number two spot in our rankings of free antivirus software. Its clunky interface badly needs updating, however.
PC Tools Antivirus Free Edition Software
PC Tools Antivirus Free Edition does a remarkably poor job of keeping a PC safe, largely because it holds to a now-archaic distinction between spyware and other forms of malware. It came in at number five (out of six contenders) in our rankings of free antivirus software.
Clamwin Free Antivirus Software
ClamWin Free Antivirus stands apart from other free antivirus software because it's open-source, with no proprietary or commercial aspects. But in the essential task of blocking malware, it doesn't get the job done.
PC Tools Threatfire 4.5 Antivirus Software
Unlike most of the other pieces of free antivirus software that we tested recently, PC Tools Threatfire is not a stand-alone antivirus program. Instead, Threatfire supplements your existing security app with highly effective behavioral analysis that can stop malware based solely on what the file tries to do on your PC.
Cisco wireless LAN vulnerability could open 'back door'
Some wireless access points from Cisco have a vulnerability that could allow a hacker to redirect traffic outside the enterprise or potentially gain access to an entire corporate network, a security company said.
Is Your PC Bot-Infested? Here's How to Tell
As fireworks boomed on the Fourth of July, thousands of compromised computers attacked U.S. government Web sites. A botnet of more than 200,000 computers, infected with a strain of 2004's MyDoom virus, attempted to deny legitimate access to sites such as those of the Federal Trade Commission and the White House. The assault was a bold reminder that botnets continue to be a massive problem.
Report: U.S. Hotel Security Varies Widely
Road warriors who travel frequently for business have likely seen a wide disparity when it comes to hotel quality. Soft sheets and accommodating staff may be the most noticeable factors, but what about safety and security? A new hotel management research study from Cornell's Center for Hospitality Research finds that safety and security equipment in U.S. hotels varies dramatically by size, location, and overall hotel class (For more on hotel W-Fi security, check out Dan Lohrman's blog post on the topic).
The 'Skanks in NYC' Soap Opera: Will Google Be Sued?
Soap opera fans, listen up: The Liskula Cohen "Skanks in NYC" debacle is turning into quite the saucy story. In one corner, we have the former Vogue cover girl who claims she's been defamed by a blogger's harsh words. In the other, we have the blogger -- anonymous until a recent court order unmasked her -- who now claims she's the one who's been wronged.
A6 promises a way to check up on public cloud security
What cloud services users need is a way to verify that the security they expect is being delivered, and there is an effort underway for an interface that would do just that.
A skank discussion: Privacy, anonymity, and misogyny
In response to last week's post about former supermodel Liskula Cohen forcing Google to give up the identity of an anonymous blogger ("Skanks for nothing: Google must identify anonymous blogger"), I got a couple of e-mails that are worth exploring in a little more depth. So here goes.
The Art of Creating Strong Passwords
While security has never been more important than it is today, the fastest way for an IT professional to become the most despised person in the company is to start enforcing a strong password policy. A policy perceived as overbearing may cause people to write down their passwords on a sticky-note near their computers, circumventing its very purpose. Your policy will be ineffective if your users don't know how to create strong passwords that are easy to remember.
Sony debuts HD security cameras
Sony has unveiled a new range of high definition pan tilt zoom (PTZ) security cameras designed for surveillance and applications such as identification and motion detection.
New virus spreads by attacking Borland compiler
An imaginative new virus that infects programs as they are being compiled has claimed its first scalps, infecting software sent out on a cover CD by a major German computer magazine and even other malware programs.
U.S. Says SQL Injection Caused Major Breaches
The huge data thefts at Heartland Payment Systems and other retailers resulted from SQL injection attacks and could finally push retailers to deal with Web application security flaws.
IA Policies Part 2
How do we resolve the issue of acknowledging (to ourselves) that some of our information assurance (IA) policies cannot, or should not, be strictly enforced, while at the same time conveying to staff the importance of always following IA policies?
Snow Leopard security - The good, the bad and the missing
Vista lessons not learned
Apple Engineers missed a key opportunity to implement an industry-standard technology in their latest operating system that would have made it more resistant to hacking attacks, three researchers have said.…
Accused TJX hacker faces 15 to 20
The largest (known) identity theft caper in US history
The hacker accused of orchestrating the largest-known identity theft in US history will serve between 15 to 25 years in prison under a plea deal filed Friday.…
US Dems fill inboxes with 419 scams
democrats.org co-opted
Scammers pumping out emails that try to trick recipients into parting with large sums of cash are getting a helping hand from the Democratic National Committee.…
Fed chairman hit by ID thieves
22 charges after hundreds are hit by pickpocket-allied fraudsters
The US Federal Reserve Board chairman has become the latest high-profile public figure to fall victim to identity theft.…
Mobile operators pooh-pooh universal phone-snooping plan
'What, us worry?'
Mobile operators have struck back at organizers of an open-source project that plans to crack the encryption used to protect cell phone calls, saying they are a long way from devising a practical attack.…
Hackers scalp Apache
SSH hits the fan
The website of Apache was taken offline for several hours on Friday after the SSH remote administration key on one of its servers was compromised.…
Hackers serve up pre-release malware to Mac fanboys
Snow Leopard scuppered, f*cks it for Foxit
Virus slingers are taking advantage of the release of Apple's Snow Leopard operating system by offering malware from sites touting operating system upgrades.…
WPA keys gone in 60 seconds
Time to move to WPA 2
Networking nerds claim to have devised a way of breaking Wi-Fi Protected Access (WPA) encryption within 60 seconds.…
Feds warn of malware in fake credit union advisory
Trojan goes postal
A government agency is warning all federally insured credit unions to be on the lookout for a bogus alert delivered through the US mail that includes two CDs containing malware.…
Trojan zaps banking credentials via IM
Instant gratification
No longer the province of teens and chat-obsessed netizens, instant messaging is being adopted by a growing number of banking malware applications, which zap pilfered credentials to thieves in real time.…
Phishing emails dry up as fraudsters switch tactic
Change up
Phishing email volumes fell during the first half of 2009, according to a variety of security reports out this week.…
UK banks 'not doing enough' on internet fraud
Which? lists security saints and sinners
Security offered by UK banks to online customers varies widely, according to a survey by Which? Computing.…
Mass web infection pinned on hardened crime gang
DIY exploit launch pads mushroom
A mass compromise that has hit tens of thousands of English-language webpages is probably part of a much larger wave of attacks that's been under way since June by a sophisticated band of criminals, a security researcher said Wednesday.…
Twitter botches patch for nasty account-hijacking bug
All your tweets are belong to us
For the past 24 hours, Twitter engineers have been fighting a gaping hole that makes it easy for hackers to hijack the accounts of users who do nothing more than view a booby-trapped message.…
Google applies patch to nasty Chrome vulns
Heal thy bleeding sores
Google has pushed out a patch for two severe vulns found in its Chrome browser.…
MS phishing filter blacklists everything
You all look bloody shifty to me
A wide range of uk.com websites were misclassified as malign by anti-phishing technology built into the latest versions of Microsoft's browser software on Wednesday.…
Notorious hacker Analyzer pleads guilty on credit card scam
$10m scam perp puts hands up
Notorious recidivist hacker Ehud Tenenbaum has pleaded guilty to credit card fraud as part of a plea bargaining agreement with US authorities in a multi-million dollar fraud case.…
Teen kidnapped over Sony PSP
When resale goes bad
Perhaps exchanging used video games for an eighth their value in store credit isn't such a terrible idea after all. A 17-year-old lad from Utah discovered there's worse things than getting jerked around by retail after getting kidnapped in a PSP sale gone bad.…
Apple sneaks malware protection into Snow Leopard
Coverage goes only so far
Apple is dipping yet another toe into the anti-malware pond with a feature in the latest beta version of its forthcoming Snow Leopard operating system.…
Incompetence a bigger IT security threat than malign insiders
You'd do better to worry about Mr Bean in accounts
Accidental security incidents involving workers happen more frequently and have the greater potential for negative impact than malicious insider attacks, according to new research from RSA.…
Cisco Wireless LANs at risk from 'skyjacking' flaw
Catchily named vuln is all talk so far
Security researchers have discovered a potential denial of service or information stealing flaw affecting Cisco's wireless networking kit.…
Pink Floyd worm spreads on 'Chinese Facebook'
Wish You Weren't Here
Malware authors have developed a cross-site scripting worm that's spreading across a Chinese social networking website.…
Shock jock blames Britain for hack attack
Savage site ravaged - entire population to blame
Controversial shock jock Michael Savage was hit by a hacking attack last weekend that forced his site offline for around an hour on Saturday.…
Mass infection turns websites into exploit launch pads
More than 57K pwned
Malicious hackers have managed to infect about 57,000 web pages with a potent exploit cocktail that targets a variety of vulnerable applications to surreptitiously install malware on visitor machines.…
4chan pwns Christians on Facebook
Unholy hack
The denizens of notorious imageboard 4chan are up to mischief again with an attack on Christians over the weekend.…
Scammers step up attacks on Warcraft players
'Particularly nasty' hole closed after four months
Out to steal online gold and other assets worth real money, scammers are stepping up attacks on World of Warcraft players, according to security researchers.…
Tearaways deface Tayside Police website
Wee security snafu down Dundee way
Tayside Police have restored their website following an embarrassing defacement late last week.…
London hospital recovers from Conficker outbreak
Whipps Cross worm-whipped
An east London hospital has confirmed its computer systems were infected by the Conficker worm earlier this month.…
USB - Ubiquitous Security Backdoor
Category: Threats/Vulnerabilities
Paper Added: August 25, 2009
Immunet Protect - Cloud and Community Malware Protection, (Sat, Aug 29th)
This past week I have been using Immunet Protect as an additional layer of protection with my anti ...(more)...
WPA with TKIP done, (Fri, Aug 28th)
In a paper titled A Practical Message Falsification Attack on WPA researchers in Japan ...(more)...
apache.org compromised, (Fri, Aug 28th)
apache.org was down this morning and reports are that one of their servers has been compromised due ...(more)...
Malicious CD ROMs mailed to banks, (Wed, Aug 26th)
Update: We go an email and phone call from Brent Huston with Microsolved. This mailing was part of a ...(more)...
Cisco over-the-air-provisioning skyjacking exploit, (Wed, Aug 26th)
Cisco issued a security advisory for its 1100 and 1200 Series access lightweight points. The a ...(more)...
WSUS 3.0 SP2 released, (Wed, Aug 26th)
Microsoft released SP2 for it latest and greatest version of Windows Server Update Services (WSUS). ...(more)...
Flash attack vectors (and worms), (Tue, Aug 25th)
A few days ago a lot of media wrote about a Flash worm. I managed to get hold of samples and analyze ...(more)...
Twitter Issues, (Mon, Aug 24th)
We've received submissions from Chuck, Andrew and others about Twitter being unreachable. It h ...(more)...
Appeals Court Says Plain View Doctrine Does Not Apply to Electronic Searches (August 27, 2009)
A federal appeals court has ruled that the so-called "plain view doctrine," under which evidence may be seized if it is within plain view during a legitimate search, does not apply to electronic searches.......
Proposal Would Require UK ISPs to Suspend Internet Connections of Habitual Copyright Violators (August 25 & 26, 2009)
The UK government is considering establishing a policy that would require Internet service providers (ISPs) to suspend the Internet service of customers who are downloading copyrighted material in violation of copyright law.......
More Insider Security Incidents Are Accidental Than Deliberate (August 25 & 27, 2009)
According to research from RSA, more security incidents arise from incompetence than from malicious insider attacks.......
Pay for Cyber Security Certifications Exceed All Others; Certain Skills In High Demand (July 26, 2009)
While pay for all certifications fell by more than four percent in the second quarter of 2009, pay for security certifications rose two percent, according to the Foote Partners Quarterly IT Pay Update, which aggregates information provided by 84,000 IT professionals at 2,000 employers.......
Gonzalez Reportedly in Plea Talks with Government (August 27, 2009)
An unnamed source says that accused hacker Albert Gonzalez is in plea talks with the US government.......
Tenenbaum Pleads Guilty to Fraud (August 26 & 27, 2009)
Ehud Tenenbaum has pleaded guilty to one count of bank card fraud for his role in break-ins in which more than US $10 million was stolen.......
FBI Investigating Mysterious Laptop Deliveries (August 27, 2009)
The FBI is investigating the origin of five Hewlett-Packard laptops sent to West Virginia Governor Joe Manchin earlier this month.......
Lost USB Stick Contains Nearly Three Times as Many Records as First Reported (August 26 & 27, 2009)
The UK Home Office has acknowledged that there were more data on a lost USB stick than was previously declared.......
DHS to Conduct Cyber Storm III Drill in September 2010 (August 26, 2009)
The US Department of Homeland Security (DHS) plans to conduct a large-scale cyber security drill in September 2010 to test the Obama administration's proposed national cyber response plan.......
Judge Orders Torrent Site to Remove Links to Copyrighted Material (August 26, 2009)
A Dutch court has ruled that Mininova, the self-proclaimed "largest torrent search engine and directory on the net," must remove links to copyrighted material within three months or face a fine of as much as five million euros (US $7.......
Cross-Site Scripting Flaw in Twitter (August 26, 2009)
Twitter has been attempting to fix a cross-site scripting vulnerability that could be exploited to hijack users' accounts or redirect users to malicious sites, but attempts thus far have not been successful.......
Google Addresses Serious Flaws in Chrome Update (August 26 & 27, 2009)
Google has released version 2.......
National Search for The Best Security Awareness Videos (October 28, 2009)
A national competition is being conducted to find the most powerful, timely, and effective video segments (delivered over the web) for educating users on current threats and what they need to know to protect themselves.......
Cyber Criminals Targeting Smaller US Firms; Get Millions (August 25, 2009)
Organized cyber-gangs in Eastern Europe are increasingly preying on small and mid-size companies in the United States, setting off a multimillion-dollar online crime wave that has begun to worry the nation's largest financial institutions.......
Revealed Blogger Suing Google (August 24, 2009)
Rosemary Port, the blogger whose identity was revealed last week by a court order, says she will sue Google for failing to protect her privacy.......
ISP Drops The Pirate Bay to Avoid Fine (August 24, 2009)
Internet service provider (ISP) Black Internet has cut off service to The Pirate Bay website to avoid fines.......
Eight Indicted in AT&T/T-Mobile Goods and Services Theft (August 21, 2009)
Eight people have been indicted in connection with a scheme in which US $22 million worth of devices and services were stolen from AT&T and T-Mobile over four years.......
Judge Dismisses All But One of the Charges Against San Francisco City Network Administrator (August 23, 2009)
A San Francisco Superior Court Judge has dismissed all but one of the charges against former city network administrator Terry Childs.......
Agencies Must Now Submit FISMA Data Over Internet (August 20 & 24, 2009)
A memo from the Office of Management and Budget (OMB) requires all US government agencies to submit Federal Information Security Management Act (FISMA) compliance reports through an online tool.......
DHS Warns of Malicious Spoofed eMail (August 24, 2009)
The US Department of Homeland Security (DHS) has warned of malicious email messages that appear to be from the DHS Division of Intelligence.......
Former NIST Officials Concerned About Proposed IT Lab Reorganization (August 21, 2009)
Former National institute of Standards and Technology (NIST) officials have written a letter expressing their concern with NIST's proposal to reorganize its IT Laboratory.......
ISP Gives Same Default Password to All Subscribers (August 24, 2009)
A European ISP has been assigning the same default password to all new subscribers every month.......
Microsoft Suspends Hotmail Attach-Photo Feature (August 21, 2009)
Microsoft has temporarily suspended the Attach-Photo feature in Hotmail because of security issues.......
Ameriprise Fixes Cross-Site Scripting Vulnerabilities (August 20, 2009)
A number of cross site scripting (XSS) flaws on the website of Ameriprise Financial could have been exploited to steal sensitive information from customers.......
Mozilla Fixes SSL Vulnerability in Thunderbird (August 21, 2009)
Mozilla has issued an update for its Thunderbird email client to address a flaw that could be exploited by phishers.......
Cisco Issues Update to Address Firewall Services Module Software Flaw (August 19, 21 & 22, 2009)
Cisco has issued a security update to address a vulnerability in a number of its routers and network switches.......
London Hospital Cleans Up Conficker Infection (August 21 & 24, 2009)
Whipps Cross University Hospital NHS Trust in London has acknowledged that about five percent of its computers were infected with Conficker earlier this month.......
FTC Rule Expands Health Data Breach Notification Responsibility to Web-Based Entities (August 18, 2009)
The US Federal Trade Commission has issued a final rule on health care breach notification.......
New Gonzalez Indictment Throws Wrench in Plea Agreement (August 17, 19 & 20, 2009)
Albert Gonzalez was on the verge of reaching a plea agreement with federal prosecutors regarding charges in a number of hacking cases when he was indicted again by federal prosecutors in New Jersey in connection with a number of high profile data security breaches, including those at Hannaford Bros.......
Dept. of Agriculture Agency Bans All Browsers but IE (August 19, 2009)
The US Department of Agriculture's Cooperative State Research, Education and Extension Service (CSREES) has banned the use of all browsers but Internet Explorer (IE).......
Google Ordered to Disclose Blogger's Identity (August 20, 2009)
In a landmark case, a New York court ordered Google to provide information leading to the identity of a blogger who posted defamatory comments about Canadian model Liskula Cohen.......
Missouri Woman First to be Charged Under New Cyber Bullying Law (August 18, 2009)
A 40-year-old Missouri woman has been charged with felony cyber bullying for allegedly posting photographs and personal information of a teenager to the Casual Encounters section of Craigslist.......
Clear Ordered Not To Sell Traveler Data (August 19 & 20, 2009)
A federal court judge in Manhattan has ordered Clear not to sell, transfer, or disclose customer data it collected as part of its airport security expediting service.......
Police Investigating Leak of Unreleased Music Tracks (August 19 & 20, 2009)
The police have been called in to help record company Syco and the International Federation of the Phonographic Industry (IFPI) figure out who leaked three unreleased songs by Leona Lewis to the Internet.......
Radisson Breach (August 19, 2009)
Radisson Hotels and resorts has posted an open letter to its guests, informing them "that between November 2008 and May 2009, the computer systems of some Radisson hotels in the US and Canada were accessed without authorization.......
Spam Claims to be Recruiting Users to Participate in DDoS (August 19, 2009)
Spammers have started to exploit the heated opinions surrounding healthcare reform in the US.......
Employers Blocking Social Networking Sites More Often (August 19 & 20, 2009)
According to research from ScanSafe, companies are increasingly blocking social networking sites.......
Webhost and Mobile Carrier Drop Mitnick Due to Attacks on His Accounts (August 19, 2009)
AT&T has informed Kevin Mitnick that it no longer wants him as a customer; it seems that his status as a "celebrity hacker" makes his account an inviting target for script kiddies and the cellular provider no longer wants to direct its resources toward protecting his account from attacks.......
West African Undersea Cable Repaired; Six Others Near Taiwan Damaged By Storm (August 18 & 19, 2009)
A damaged section of the undersea SAT-3 cable that provides Internet service to portions of West Africa has been repaired.......
SSH key compromise shuts down Apache website
By Neil Roiter
Attackers forced Apache to shut down its website for several hours Friday morning, using a compromised SSH key to gain access to one of its servers.
Security expert's PCI analysis misguided, says PCI Council GM
By Bob Russo, PCI Security Standards Council
The PCI Council asserts that everyone in the payment chain should play a role to keep payment information secure, says Bob Russo, general manager of the PCI SSC.
IBM finds sharp spike in malicious content on trusted sites
By Robert Westervelt
Latest midyear trend report finds users being bombarded with malicious Web links. Attackers target trusted search engines, blogs and mainstream news sites to pass malicious code.
Social network study finds identity link to cookies, raising privacy concerns
By Robert Westervelt
Researchers raise privacy concerns as a person's browsing habits could be paired with their identity and passed to third-parties.
Social network privacy study finds identity link to cookies
By Robert Westervelt
Researchers raise privacy concerns as a person's browsing habits could be paired with their identity and passed to third-parties.
DEFCON survey suggests hacker community on vacation
By Robert Westervelt
Hackers beat the heat prior to the lucrative holiday season, according to a survey given to attendees at the DEFCON hacker conference.
External attacks start with unintentional mistakes, survey finds
By Robert Westervelt
More control over user rights and access privileges could help mitigate the risk of employee errors that lead to costly data breaches.
Security technologies fail to address insider threat management
By Brian Sears
Detecting troubled employees before their activities lead to a data security breach could help mitigate the risk of insider threats.
Security Squad: Examining the Heartland breach
By Robert Westervelt
Editors discuss the recent debate over comments made by Heartland CEO Robert Carr blaming the PCI QSA for the breach, the federal cybersecurity coordinator and banning social networks.
WeBrute - Directory Brute Forcer
In Tools
Browsers' FTP Client can be Used to Send Mail
In Security News
Both Internet Explorer and Konqueror can be tricked into sending mail through its FTP client without any more user interaction than loading a page.
Multiple Vulnerabilities in Moodle (view.php, file.php)
In Unix Focus
"Moodle is a course management system (CMS) - a software package designed to help educators create quality online courses."
Stack Overflow in AIFF Demultiplexer
In Unix Focus
A stack buffer overflow vulnerability in the AIFF demultiplexer has been found by Ariel Berkman and was reported to the xine team by D. J. Bernstein. This can be used for an exploit, leading to attacker-chosen code being executed with the permissions of the user running a xine-lib based media application.
Multiple WHM AutoPilot Vulnerabilities
In Unix Focus
"Started by a webhost looking for more out of a simple management script, Brandee Diggs (Owner of Spinn A Web Cafe, Founder of Benchmark Designs) setout to build an internal management system that could handle the day to day operations of a normal hosting company. The key was to remove the need to constantly watch your orders and manage the installs. Alas, WHM AutoPilot was born".
kpdf Buffer Overflow Vulnerability
In Unix Focus
. We reported about xpdf's buffer overflow in our previous article: Multiple Vendor xpdf PDF Viewer Buffer Overflow Vulnerability.
Microsoft Internet Explorer XP SP2 Fully Automated Remote Compromise
In Windows NT
Although hundreds of millions of dollars have been spent on securing SP2, perfection is impossible. Through the joint effort of Michael Evanchik and Paul from Greyhats Security, a very critical vulnerability has been developed that can compromise a user's system without the need for user interaction besides visiting the malicious page. The vulnerability is not actually a vulnerability in itself, but rather it is uses multiple known holes in SP2 including Help ActiveX Control Related Topics Zone Security Bypass Vulnerability and Help ActiveX Control Related Topics Cross Site Scripting Vulnerability.
Netcat for Windows '-e' Buffer Overflow
In Windows NT
Netcat for Windows has a buffer overflow vulnerability that allows remote execution of code. It is exposed when netcat is run using the -e option which execs a process and pipes the listening socket io to the stdio of the exec'd process.
PHP openlog() Buffer Overflow
In Exploit
PHP openlog() function has been found to be prone to a buffer overflow. Passing an overly long size to the function, caused it to overwrite arbitrary memory, resulting in a denial of service. This overflow can be futher extended to cause the program to execute arbitrary code. The exploit code found below can be used to test your system for the mentioned vulnerability.
Lycos Free Email Cross-Site Scripting Vulnerability
In Security News
Lycos's Free Email service "allows users to have their own web based email account very much like Hotmail". A cross site scripting vulnerability in Lycos's Free Email service allows an attacker to steal a user's cookie allowing him full access to his Lycos email account. Further, due to a flaw in the way Lycos handles cookies, even if the user being attacked changes his password, the attacker can still gain access to his account as the cookie will remain valid.
Scripting Vulnerabilities in Indian Email Providers
In Security News
The email services of several big Indian portals are susceptible to scripting attacks i.e., malicious code can be embedded by attackers into email messages, that, when received by unsuspecting users, can cause harmful effects. The services are Rediffmail.com, Indiatimes.com, Sify.com. The combined user base of these services runs into millions and all of these users are vulnerable. I've known about most of these vulnerabilities for years now and I am now releasing them because many are being massively exploited in the wild. All attempts to contact the vendors were unfruitful.
Microsoft Windows Kernel ANI File Parsing Crash and DOS Vulnerability
In Windows NT
Parsing a specially crafted ANI file causes the Windows kernel to crash or stop to work properly. An attacker can crash or freeze a target system if he sends a specially crafted ANI file within an HTML page or within an Email.
Microsoft Windows LoadImage API Integer Buffer Overflow
In Windows NT
An exploitable integer buffer overflow exists in the LoadImage API of the USER32 Lib. This function loads an icon, a cursor or a bitmap and then try to proceed the image. If an attacker sends a specially crafter bmp, cur, ico or ani file within an HTML page or in an Email, it is then possible to run arbitrary code on the affected system.
PHP Scripts Automated Arbitrary File Inclusion (Worm)
In Exploit
The following exploit/worm (PhpInclude.Worm) attacks any CGI it can find using Google and Yahoo and tries to cause them to include an arbitrary PHP file that is then executed becoming the sibling of the worm.
Snort Malformed TCP Options DoS
In Exploit
The following exploit code causes DoS on Snort by sending malformed TCP options to Snort box.
Multiple Vulnerabilities in Oracle Database (Trigger, Extproc, Wrapped Procedures, PL/SQL Injection)
In Security News
Multiple vulnerabilities were discovered in the Oracle database server. All the vulnerabilities are addressed in a new commulative patched issued by Oracle (Trigger, Extproc, Wrapped Procedures, PL/SQL Injection).
Multiple Vulnerabilities in Oracle Database (Character Conversion, Extproc, Password Disclosure, ISQLPlus,TNS Listener)
In Security News
Multiple vulnerabilities were discovered in the (Oracle database server Character Conversion, Extproc, Password Disclosure, ISQLPlus,TNS Listener). All the vulnerabilities are addressed in a new cummulative patched issued by Oracle.
Microsoft Windows winhlp32.exe Heap Overflow Vulnerability
In Windows NT
There is a vulnerability in Microsoft Windows .hlp file parsing program winhlp32.exe. The vulnerability is caused due to a decoding error within the windows .hlp header processing. This can be exploited to cause a heap-based buffer overflow.
IPFront - Windows 2000 and 2003 Hardening GUI
In Tools
Red Pill... Or How To Detect VMM Using (Almost) One CPU Instruction
In Security Reviews
The attached short (4 lines of code, that generate almost a single CPU instruction) exploit code can be used to detect whether the code is executed under a VMM or under a real environment. In addition to the exploit code, a detailed explanation of how this was found and why it works are also provided.
Exploiting Default Exception Handler to Increase Exploit Stability Under Win32
In Security Reviews
The below paper will try to explain how Windows based application's exception handler can be used to increase the exploit's stability in the case of a stack overflow.
HArPy - HTTP Constructor
In Tools
Security Deficiencies of Automated Windows Installations
In Security Reviews
In larger environments Windows workstations are usually installed in an automated manner using a so-called unattended setup. Serious weaknesses concerning the sources of these installations have frequently been identified by Compass Security during internal penetrations tests. Such weaknesses can enable an internal hacker to gain high-privileged (Domain Administrator) access in a short time. The aim of this article is to point out the problems in detail and to give suggestions in order to protect your installation sources properly.
Writing IA32 Restricted Instruction Set Shellcode Decoder Loops
In Security Reviews
Lately SkyLined has been playing with a few vulnerabilities that, when exploited, required a shellcode that would be able to pass through heavy filtering before being run. A lot of data like filenames, paths, urls, etc... gets checked for illegal characters before being processed by an application. Filters that remove non-printable characters or convert everything to uppercase make exploitation difficult but not impossible. rix [1] and obscou [2] have already proven that it is possible to write working alphanumeric and Unicode shellcode. SkyLined started working on a shellcode encoder that could encode any shellcode to alphanumeric shellcode, even 100% uppercase and/or Unicode-proof. While doing so, SkyLined had an idea for a more universal solution to the problem of working with a restricted instruction set.
AIRT - Advanced Incident Response Tool
In Tools
Multiple Collisions attack on MD5 and other Hashing Algorithms
In Security Reviews
Presented below are two papers discussing a Collision attack that affects several hash algorithms, including MD5. The collision allows an attacker to change a very small amount of data in file without changing its signature. This collision attack might someday introduce a weakness in MD5 as a hashing algorithm.
Absinthe - Blind SQL Injection Tool
In Tools
AIRT - Advanced Incident Response Tool
In Tools
VoIPong - VOIP Detector and Sniffer
In Tools
iWebNegar Configuration Nullification (DoS)
In Exploit
iWebNegar is "a farsi weblog software". Due to improper protection done in the /admin/conf_edit.phpscript, it is possible for a remote attacker to cause the script to overwrite the configuration file with an empty file. The following exploit can be used to test your system for the mentioned vulnerability.
William LeFebvre "top" Format String Vulnerability
In Unix Focus
In October of 2000 'vort-fu' aka Ben Bidner located and wrote a patch for a vulnerability in unixtop (also known as top). Somehow the original author William LeFebvre was never notified about the issue. Over four years later the vulnerability still remained in Williams code. Recently LeFebvre was notified about the bug and the issue has since been patched.
Remote DoS in GFI MailEssentials (Microsoft HTML Parser)In Windows NT
GFI MailEssentials for Exchange/SMTP "offers SPAM protection and email management at server level. GFI MailEssentials offers a fast set-up and a high SPAM detection rate using Bayesian analysis and other methods - no configuration required, very low false positives through its automatic whitelist, and the ability to automatically adapt to your email environment to constantly tune and improve SPAM detection. GFI MailEssentials also adds email management tools to your mail server: disclaimers, mail archiving and monitoring, Internet mail reporting, list server, server-based auto replies and POP3 downloading".
Multiple Vulnerabilities in FlatNuke
In Unix Focus
FlatNuke is "a CMS (Content Management System) which doesn't use any DBMS, in favour of text files only (from this fact comes its name)".
Internet Explorer FTP Client Directory Traversal
In Windows NT
Internet Explorer comes with a built-in FTP client. Internet Explorer's FTP client has been found to contain a directory traversal vulnerability that can be used to cause a user to download a malicious executable to any directory the owner of the FTP server desires him to download the file to (without the user's consent).
HTTP Response Splitting and Cross Site Scripting in ViewCVS
In Unix Focus
ViewCVS is "a browser interface for CVS and Subversion version control repositories. It generates templatized HTML to present navigable directory, revision, and change log listings".
ArGoSoft FTP Server Reveals Valid Usernames and Allows Brute Forcing Attacks
In Windows NT
ArGoSoft FTP Server is "a lightweight FTP Server for Microsoft Windows platforms". Two vulnerabilities exist in ArGoSoft, one allows enumerating the existing user database of the FTP program, the other allows executing a brute force attack without the server executing any type of defense against it.
GNUBoard Multiple Extensions Vulnerability
In Unix Focus
GNUBoard is "one of the most widely used web BBS applications in Korea". An input validation flaw in GNUBoard allows a malicious attackers to run arbitrary commands with the privileges of the HTTPD process, which is typically run as the nobody user.
KorWeblog PHP Injection Vulnerability
In Unix Focus
KorWeblog is "one of more popular blog system in Korea". The "lng" parameter found in the "/install/index.php" file isn't properly verified, before it is used to include files.
NetDDE MS04-031 Exploit Code
In Exploit
As we reported in our previous article: Vulnerability in NetDDE Could Allow Remote Code Execution (MS04-031), a vulnerability in NetDDE allows a remote attacker to cause the NetDDE service to execute arbitrary code. The following exploit code can be used to test your system for the mentioned vulnerability.
WINS MS04-045 Exploit Code
In Exploit
As we reported in our previous article: Vulnerability in WINS Allows Remote Code Execution (MS04-045, Name Validation, Association Context), a vulnerability in WINS allows remote attacker to cause the WINS server to execue arbitrary code. The following exploit code can be used to test your system for the mentioned vulnerability.
Mozilla Browser NNTP Heap Overflow
In Unix Focus
A critical security vulnerability has been found in Mozilla Project code handling NNTP protocol.
vBulletin init.php SQL Injection (specialtemplates)
In Unix Focus
vBulletin is "a commonly used web forum system written in PHP. One of its key features is use of templates, which allow the board administrator to dynamically modify the look of the board".
SQL Injection Vulnerability in IBProArcade (Arcade.php)
In Unix Focus
IbProArcade is an online scoreboard powered by Invision Board.
Adobe Flex 3.3 SDK DOM-Based XSS
Adobe Flex is a software development kit released by Adobe Systems for the development and deployment of cross-platform rich Internet applications based on the Adobe Flash platform. An instance of a DOM-based Cross Site Scripting (XSS) vulnerability was found in the default index.template.html of the SDK that is an HTML template used by FlexBuilder to generate the wrapper html for all the application files in your project. The XSS vulnerability appears to affect all user's that download and utilize this HTML wrapper.
Open Auto Classifieds SQL Injection XSS and Filepath Disclosure
Open Auto Classifieds is a vehicle listings manager that is popular with car dealer websites. It's written in PHP + MySQL.
Autonomy KeyView Excel File SST Parsing Integer Overflow Vulnerability
Autonomy KeyView SDK is a commercial SDK that provides many file format parsing libraries. It supports a large number of different document formats, one of which is the Microsoft Excel 97 (XLS) format. It is used by several popular vendors for processing documents. Remote exploitation of an integer overflow vulnerability in Autonomy's KeyView SDK allows attackers to execute arbitrary code with the privileges of the targeted application.
Cisco Unified Communications Manager Denial of Service Vulnerabilities
Cisco Unified Communications Manager is the call processing component of the Cisco IP Telephony solution that extends enterprise telephony features and functions to packet telephony network devices, such as IP phones, media processing devices, VoIP gateways, and multimedia applications. Cisco Unified Communications Manager (formerly CallManager) contains multiple denial of service (DoS) vulnerabilities that if exploited could cause an interruption to voice services. The Session Initiation Protocol (SIP) and Skinny Client Control Protocol (SCCP) services are affected by these vulnerabilities.
Microsoft Office Web Components 2000 Buffer Overflow Vulnerability
Office Web Components is a group of ActiveX controls that can be used to view and edit Microsoft Office files such as spreadsheets and charts. It is commonly used to allow a user to edit a spreadsheet in the browser. The controls are installed with a default installation of Microsoft Office. More information can be found at the vendor's website at the following address. Remote exploitation of a stack based buffer overflow vulnerability in Microsoft Corp.'s Office Web Components 2000 could allow an attacker to execute arbitrary code with the privileges of the logged on user.
Radvision Scopia Cross Site Scripting Vulnerabilities
Radvision's Scopia provides a solution for voice and video collaborative communications. If the web-based interface is exposed to an XSS attack, the index.jsp page does not check the user's input and it is possible to inject arbitrary code into the page parameters. It's also possible to steal user's cookie or other data by sending a maliciously crafted URL to authenticated user.
ScribeFire Firefox Extension Code Injection Vulnerability
The ScribeFire Firefox extension provides an interface for users to post to their blogs from any website. It allows users to drag images from a website into the editing pane, which publishes that image as part of their blog post.
Cisco Firewall Services Module Denial of Serevice Vulnerability
A vulnerability exists in the Cisco Firewall Services Module (FWSM) for the Catalyst 6500 Series Switches and Cisco 7600 Series Routers. The vulnerability may cause the FWSM to stop forwarding traffic and may be triggered while processing multiple, crafted ICMP messages. There are no known instances of intentional exploitation of this vulnerability. However, Cisco has observed data streams that appear to trigger this vulnerability unintentionally.
VMware libpng and Apache HTTP Server Arbitrary Code and DOS vulnerability
Several flaws were discovered in the way third party library libpng handled uninitialized pointers. An attacker could create a PNG image file in such a way, that when loaded by an application linked to libpng, it could cause the application to crash or execute arbitrary code at the privilege level of the user that runs the application.
Oracle Secure Backup Administration Server Multiple Command Injection Vulnerabilities
This vulnerability allows remote attackers to inject arbitrary commands on vulnerable installations of Oracle Secure Backup. User interaction is not required to exploit this vulnerability but an attacker must be authenticated.
Pidgin and Adium Libpurple msn_slplink_process_msg() Arbitrary Write Vulnerability
Adium and Pidgin (formerly named Gaim) are based on a library named libpurple. Libpurple has support for many commonly used instant messaging protocols, allowing the user to log into various different services from one application.
CA Host-Based Intrusion Prevention System Denial of Service
CA's technical support is alerting customers to a security risk with CA Host-Based Intrusion Prevention System. A vulnerability exists that can allow a remote attacker to cause a denial of service. CA has issued a patch to address the vulnerability.
CA Internet Security Suite vetmonnt.sys Denial Of Service
CA's technical support is alerting customers to a security risk with CA Internet Security Suite. A vulnerability exists that can allow a local attacker to cause a denial of service. CA has issued updates to address the vulnerability.
HP Network Node Manager Local Execution of Arbitrary Code and Denial of Service
JRun Management Console Directory Traversal vulnerability
Directory Traversal vulnerability found in script logviewer.jsp. Using Management Console authenticated attacker can read any file on server.
Vtiger CRM Multiple Vulnerabilities
Vtiger CRM is a free, full-featured, 100% Open Source CRM software ideal for small and medium businesses, with low-cost product support available to production users that need reliable support. Multiple Vulnerabilities exist in Vtiger CRM software.
Adobe Coldfusion 8 Multiple Linked XSS Vulnerabilies
Multiple Linked XSS and XSRF vulnerabilities have been found in Adobe Coldfusion Server 8. An attacker can create an 'evil' link and steal the administrators cookie
Piwigo SQL Injection Vulnerability
Piwigo is a photo gallery application written in PHP. The application suffers from a SQL injection vulnerability in comments.php, as it fails to validate data supplied in the "items_number" variable before being used in an SQL query.
Insight Control Suite For Linux (ICE-LX) Multiple Vulnerabilities
Potential security vulnerabilities have been identified with Insight Control Suite For Linux (ICE-LX). The vulnerabilities could be remotely exploited to allow Cross Site Request Forgery (CSRF) , Remote Execution of Arbitrary Code, Denial of Service (DoS) and other vulnerabilities.
Hacker Agrees to Guilty Plea in Massive Data Breach Case
Notorious hacker Albert Gonzalez agrees to plead guilty to having a role in the theft of data from millions of credit and debit cards. Gonzalez, who has been tied by authorities to a cyber-crimewave that hit companies from Heartland Payment Systems to Hannaford Bros., now faces up to 25 years in prison.
- Reputed hacker Albert Gonzalez, the Miami man tied by investigators to several major data breaches, has agreed to plead guilty to a variety of charges, according to reports. Under the plea agreement, Gonzalez, 28, will face a maximum of 25 years in prison. According to authorities, he is...
REVIEW: 'Nehalem'-Based Sun Fire x4170 Is a Compelling 1U Server Choice
Providing stiff competition in its market space, Sun Microsystems' Intel Nehalem -based Sun Fire x4170 packs generous amounts of compute power, local storage, network bandwidth and PCIe expansion capability into a small footprint.
- With support for the latest Intel quot;Nehalem quot; processors, Sun Microsystems' Sun Fire x4170 server packs copious amounts of compute power, local storage, network bandwidth and PCIe expansion capability into a neatly engineered, 1U footprint. While there is uncertainty about the future of ...
Snow Leopard Reveals Cracks in Apple`s Mac OS X Security Reputation
News Analysis: Although Mac OS X is considered by many to be the most secure operating system available to end users, it does suffer from security issues. Perhaps the new malware detector in Apple's new Mac OS X Snow Leopard release will help prove that.
- Mac OS X is viewed by many as the most secure operating system on the market. It's certainly considered far more secure than Microsoft's Windows operating system. But with a report hitting the wire Wednesday claiming Apple's new Mac OS X release, Snow Leopard, will feature a malware-detectio...
Apple Snow Leopard Used as Lure for Trojan
Trend Micro finds a malware campaign that ropes in victims by offering free copies of Mac OS X 10.6, aka Snow Leopard. What users really get is a DNS-changer Trojan.
- Apple plans to release Mac OS X 10.6, aka Snow Leopard, on Aug. 28, and cyber-criminals have taken notice. A number of rogue sites have popped up offering free copies of the latest version of Apple's operating system. Researchers at Trend Micro are reporting that accessing these malicious sites ...
Twitter XSS Vulnerability Still Wide Open, Developer Says
A cross-site scripting vulnerability affecting Twitter security is still open despite the microblogging service's attempt at a fix, a software developer says. If exploited, the bug could enable an attacker to take over a victim's Twitter account.
- A software developer is claiming Twitter's fix for a critical cross-site scripting bug is no good, meaning users are still vulnerable to an attack that could allow an attacker to take over their accounts. The bug was first reported by techie James Slater. According to Slater, the vulnerability a...
BitTorrent Tracking Site Mininova Considers Appeal After Losing Court Case
Mininova, an alternative to BitTorrent tracking site The Pirate Bay, loses a key legal battle as a Dutch court rules that the Mininova site will face fines if it does not take action to remove links pointing to copyrighted material from its servers.
- As The Pirate Bay fights to stay online, one of its chief rivals has also fallen into the sights of the authorities. A civil court ordered Dutch Website Mininova to remove all files on its servers that point to copyrighted works within three months or face fines. Mininova rivals The Pirate Bay...
Apple Arms Snow Leopard with Mac Malware Detection, Reports Say
Apple has reportedly armed Snow Leopard, the newest version of its Mac OS X operating system, with a new feature to scan downloads for malware. The OS is slated to be released on Friday.
- It appears Apple has bolstered Snow Leopard with some new spots to enhance security. In this case, Apple has apparently added a new malware scanner to analyze downloads for malicious content. Apple did not return a request for comment on the feature, which has understandably caught the atte...
McAfee Names Jessica Biel, Beyonce Most Dangerous Celebrity Web Searches
In an annual report, McAfee lists the celebrities whose names are most likely to lead fans to malware via Web searches. At the top of the list are actress Jessica Biel, singer Beyonce and movie star Jennifer Aniston.
- Trying to find actress Jessica Biel can be dangerous on the Internet, anyway. For the third year in a row, McAfee has put out a list of the most dangerous celebrities when it comes to Internet search results. The list is home to more than a few well-known singers and movie stars, such as M...
Cisco WLAN Vulnerability Uncovered by Researchers
AirMagnet researchers uncover a way for attackers to take advantage of Cisco Systems' Over-the-Air-Provisioning feature. Cisco responds with a security advisory giving some mitigations for the OTAP vulnerability.
- Researchers at AirMagnet have uncovered a serious flaw in a provisioning system used by Cisco Systems WLANs that could enable attackers to gain access to WLAN-attached systems. According to AirMagnet's Intrusion Research Team, the vulnerability, announced Aug. 25, lies in Cisco's OTAP (Over-the...
57,000 Websites Compromised in Mass Attack, ScanSafe Reports
ScanSafe has reported a massive compromise impacting 57,000 legitimate sites. When users visit the infected Web pages, they are greeted with a truckload of password stealers and other Trojans.
- Security firm ScanSafe has uncovered a campaign that has compromised more than 57,000 Websites in a bid to dump gallons of malware on users computers. According to ScanSafe, the sites are being infected with a malicious iFrame via SQL injection. The iFrame in turn loads what ScanSafe Senior...
Pirate Bay Hit as ISP Kills Service After Court Order
Well-known BitTorrent tracking site The Pirate Bay felt the heat when Internet service provider Black Internet terminated service after being threatened with court fines. There are reports that the site is working to restore service.
- A Swedish court has ordered an Internet service provider to shut down service to The Pirate Bay, a well-known site that tracked and indexed BitTorrent files. According to the Swedish newspaper SvD (Svenska Dagbladet), the CEO of ISP Black Internet said the company was told by the court t...
Snow Leopard's Anti-Malware Feature
In Safety Tips
Apple has long maintained that Mac users don't need to worry about viruses and other malicious software. So it's hardly surprising that many media outlets have seized upon revelations that Snow Leopard, the newest version of Apple's OS X operating system, detects and warns users about certain types of malicious software designed to attack Macs. Snow Leopard went on sale Friday and I haven't had a chance to fiddle with it yet (I'm hoping to tackle this over the weekend). By most accounts this anti-malware feature is fairly limited, with the caveat that it could quite easily be expanded to accommodate future security threats to the Mac platform. A blog entry from computer security firm Sophos includes a clever video showing the performance of the Snow Leopard feature alongside the company's own security software built for the Mac. Graham Cluley, a senior technology consultant at Sophos, said Snow Leopard's ability
Phishing Attacks on the Wane
In Latest Warnings
Phishing attacks have fallen out of favor among cyber crooks who make a living stealing personal and financial information, according to a report released this week by IBM. Instead, attackers increasingly are using malicious Web links and password-stealing Trojan horse programs to filch information from victims, the company found. The analysis from X-Force, IBM's security research and development division, notes that Trojan horse programs are taking the place of phishing attacks aimed at financial targets. The company found that throughout 2008, phishing volume was, on average, 0.5 percent of overall spam volume. In the first half of 2009, however, phishing attacks fell to an average of 0.1 percent of spam volume. The targets of phishing attacks also changed, IBM says: In the first half of 2009, 66 percent of phishing schemes targeted the financial industry, down from 90 percent in 2008. I looked at the number of phishing sites tagged
U.K. Govt: Spammers Before Downloaders?
In From the Bunker
The British government plans to suspend the Internet accounts of residents suspected of downloading pirated music and films, according to news reports. But the latest figures on the geographic location spam-spewing zombie PCs suggest the U.K. government might do better to start by disconnecting the nation's most notorious uploaders. The Associated Press reports that plans announced Tuesday by the British Treasury Minister include blocking access to download sites, and temporarily suspending users' Internet accounts. The story didn't say how many of Britain's estimated 48.7 million Internet users are suspected of being serial music and movie downloaders. But Security Fix reviewed the 8.8 million Internet addresses around the globe that are on Spamhaus.org's composite block list -- which tracks connections that show strong signs of being spam relays -- and found that roughly 60,000 U.K. systems currently are blasting junk e-mail to the rest of the world on behalf of spammers.
Microsoft Expands Office Anti-Piracy Program
In New Patches
Microsoft expanded its anti-piracy program this week, shipping a new software update that checks whether Office users are running a licensed or pirated version of the productivity suite. Windows users who have Automatic Updates turned on probably have by now noticed at least one new update available from Redmond. The patch represents the next phase of the Office Genuine Advantage (OGA) anti-piracy pilot program Microsoft launched last year. Microsoft says the update is being gradually rolled out to different countries, so the update will not be available to everyone at the same time. The program checks against Office XP, Office 2003, and Office 2007 installations. Even users who have Automatic Updates set to download and install patches for them will need to approve a license agreement before the OGA patch will fully install. That's a good thing, too, because according to Microsoft, this patch cannot be removed once it is
Businesses Reluctant to Report Online Banking Fraud
In Latest Warnings
A confidential alert sent on Friday by a banking industry association to its members warns that Eastern European cyber gangs are stealing millions of dollars from small to mid-sizes businesses through online banking fraud. Unfortunately, many victimized companies are reluctant to come forward out of fear of retribution by their bank. According to the alert, sent by the Financial Services Information Sharing and Analysis Center (FS-ISAC), the victims of this type of fraud tell different stories, but the basic elements are the same: Malicious software planted on a company's Microsoft Windows PC allows the crooks to gain access to the victim's corporate bank account online. The attackers wire chunks of money to unwitting and in some cases knowing accomplices in the United States who then wire the money to the fraudsters overseas. As grave as that sounds, the actual losses from this increasingly common type of online crime almost certainly
Tighter Security Urged for Businesses Banking Online
In Safety Tips
An industry group representing some of nation's largest banks sent a private alert to its members last week warning about a surge in reported cybercrime targeting small to mid-sized business. The advisory, issued by the Financial Services Information Sharing and Analysis Center, recommends that commercial banking customers take some fairly rigorous steps to secure their online banking accounts. For example, the group recommends that commercial banking customers "carry out all online banking activity from a standalone, hardened, and locked-down computer from which e-mail and Web browsing is not possible." Such a system might be a virgin install of Windows with all the proper updates, using something like Microsoft steady state. Even smarter would be a Mac, or some flavor of Linux, or even a Live CD distribution of Linux (after shutdown, all changes are erased). Why take such extreme precautions? The alert indicates that the sophistication, stealth, and sheer volume
Malware Writers: Will That Be OS X, or W?
In Latest Warnings
Security researchers increasingly are finding that sites designed to trick the visitor into installing malicious software will serve different malware depending on whether the visitor arrives at the page using a Microsoft Windows PC or a Mac. Trend Micro researcher Ivan Macalintal recently found a new variant of the dreaded DNS changer Trojan that checks to see which operating system the visitor's Web browser appears to be riding on, and then offers the appropriate Windows- or Mac-based installer. The malware was masquerading as a pirated version of Foxit Reader and several anti-virus applications. This follows a similar finding last month by McAfee, which spotted the same tactic being used at sites that try to trick the user into installing a browser plug-in supposedly needed to view online videos: The bogus plug-in was offered as a ".exe" file for Windows visitors, and a ".dmg" installer file for those who browsed the
Brief: Apache investigates Web server attack
Apache investigates Web server attack
Brief: Federal agency warns of postal trojan
Federal agency warns of postal trojan
News: Apple sneaks anti-malware into Mac OS X
Apple sneaks anti-malware into Mac OS X
Mark Rasch: Lazy Workers May Be Deemed Hackers
Lazy Workers May Be Deemed Hackers
Brief: Auto SQL injection co-opts thousands of sites
Auto SQL injection co-opts thousands of sites
Draft Version of New Keeping FreeBSD Applications Up-To-Date
By Richard Bejtlich
This is a follow-up to my recent post Draft Version of New Keeping FreeBSD Up-To-Date. I updated the draft Keeping FreeBSD Up-To-Date document at http://www.taosecurity.com/kfbutd7.pdf to include new sections on building a kernel and userland on one system and installing on another, and upgrading from one major version of FreeBSD to another via binary upgrades (e.g., 7.1 to 8.0 BETA3, since that just became available).
I have also published another draft document titled Keeping FreeBSD Applications Up-To-Date at http://www.taosecurity.com/kfbautd7.pdf. That is a follow-up to my 2004 article of the same name that use FreeBSD 5.x for the examples.
The new document includes the following.
Sections:
---------
Introduction
FreeBSD Handbook
A Common Linux Experience
Simple Package Installation on FreeBSD
Checking for Vulnerable Packages with Portaudit
FreeBSD Package Repositories
Updating Packages by Deletion and Addition
Introducing the FreeBSD Ports Tree
Updatng the FreeBSD Ports Tree
Installing Portupgrade
Updating Packages Using Portupgrade
Removing Packages
Identifying and Removing Leaf Packages
Preparing to Build and Install Packages Using the Ports Tree
Building and Installing Packages Using the Ports Tree: A Simple Example
Building and Installing Packages Using the Ports Tree: A More Complicated Example
Install Packages Built on One System to Another System
Installing Screen Using a Remote FreeBSD Ports Tree
Reading /usr/ports/UPDATING
My Common Package Update Process
Conclusion
As with the last document, this one reflects my personal system administration habits. For example, I use Portupgrade, although others might prefer Portmaster or Portmanager or something else.
If you'd like to read this draft and provide any comments here, I would appreciate them.
On a related note, I'd like to point to the 2006 article The FreeBSD Ports System by Michel Talon. I found it interesting because it takes a deep look at the ports tree and make comparison to Debian systems.
Copyright 2003-2009 Richard Bejtlich and TaoSecurity (taosecurity.blogspot.com and www.taosecurity.com)
Draft Version of New Keeping FreeBSD Up-To-Date
By Richard Bejtlich
Four years ago I wrote an article titled Keeping FreeBSD Up-To-Date. The goal was to document various ways that a FreeBSD 5.2 system could be updated and upgraded using tools from that time, in an example-drive way that complemented the FreeBSD Handbook.
I decided to write an updated version that starts with a FreeBSD 7.1 RELEASE system and ends by running FreeBSD 7.2-STABLE. Sections include:
Sections:
---------
Introduction
FreeBSD Handbook
The Short Answer
Understanding FreeBSD Versions
Learning About Security Issues
Starting with the Installation
Installing Gnupg and Importing Keys
Installing Source Code
Installing CVSup
Applying Kernel Patches Manually
Applying Userland Patches Manually
Using CVSup to Apply Patches
Using Csup to Apply Patches
FreeBSD Update to Upgrade FreeBSD within Versions
STABLE: The End of the Line for a Single Version
What Comes Next?
Conclusion
Looking at the sections, I noted that it might be good to add a section on using FreeBSD Update to upgrade to 8.0, assuming you're starting with a non-7.2-STABLE system. From what I've read, that isn't possible? (Anyone know for sure?)
It would also be nice to publish the final version once 8.0 is RELEASEd so I could incorporate that.
If you'd like to read the document and provide feedback, I'd appreciate constructive comments. The draft is available as a .pdf at http://www.taosecurity.com/kfbutd7.pdf. Thank you.
Copyright 2003-2009 Richard Bejtlich and TaoSecurity (taosecurity.blogspot.com and www.taosecurity.com)
WinINSTALL - Voted WindowSecurity.com Readers' Choice Award Winner - Patch Management
By info@WindowSecurity.com (The Editor)
WinINSTALL was selected the winner in the Patch Management category of the WindowSecurity.com Readers' Choice Awards. GFI Languard and Shavlik NetChk Protect were first runner-up and second runner-up respectively.
Restricting Specific Web Sites in Internet Explorer Using Group Policy
By (Derek Melber)
How to use Group Policy to restrict Web sites access and how to restrict different users from one another.
Fla. man in credit card data theft accepts plea (AP)
In technology
AP - A computer hacker accused of masterminding one of the largest cases of identity theft in U.S. history agreed Friday to plead guilty and serve up to 25 years in federal prison for his crimes.
Microsoft Names Top Ten Windows Malware (PC Magazine)
In technology
PC Magazine - A new list of malware just came out from Microsoft based on their MSRT, or Malicious Software Removal Tool.
Snow Leopard Malware Protection a Growing Pain for Mac OS X (PC World)
In technology
PC World - Mac users have long relished the fact that malware is nearly a foreign concept to them. Yet, in a tacit acknowledgment of the growing threat of malware on the Mac platform, Apple has added some rudimentary malware protection into Snow Leopard.
Man charged in record ID theft case in plea talks (AP)
In technology
AP - An accused computer hacker charged with stealing millions of credit and debit card numbers has been negotiating a plea deal with the federal government, people close to the case said Thursday.
Facebook, Twitter Provide Sensitive Information for Corporate Criminals (PC World)
In technology
PC World - Social networking services like Facebook and Twitter foster a false sense of security and lead users to share information which can be used by cybercriminals and social engineers. The very concept of social networking is based on connecting and sharing, but with who?
Snow Leopard Needs Better Anti-Malware, Should Be Free (PC World)
In technology
PC World - Is the "malware protection" in Apple's new Snow Leopard really lame or what? But, it's on a par with other features of the OS "upgrade."
Apple Confirms Anti-Malware Added to 'Snow Leopard' (PC Magazine)
In technology
PC Magazine - On Wednesday, it was discovered that the latest version of Apple's OS X 10.6, "Snow Leopard," has clear built-in malware protection. Apple has since confirmed the addition.
Inside Snow Leopard's hidden malware protection (Macworld.com)
In technology
Macworld.com - While malicious software has long been a near-daily annoyance for Windows PCs, Mac users have become accustomed to not worrying about malware. Threats arise from time to time-in January of this year, for example, a Trojan horse made the rounds in pirated copies of Apple's iWork software-but most Mac users these days are probably running computers without antivirus software.
Report: Snow Leopard To Confront Mac Malware (PC World)
In technology
PC World - Adding anti-malware to Snow Leopard is a Catch-22 for Apple: In solving a problem, Apple must first admit a problem actually exists. Which is hard when one of your major selling points is that you're secure and your major competitor--Microsoft Windows--is not.
Symantec Offers Fix for Buggy Norton Patch (PC World)
In technology
PC World - Symantec has posted a software fix after hundreds of users reported problems with a buggy update of the company's flagship Norton AntiVirus software.
Cybercriminals Favor Jessica Biel as Malware Bait (NewsFactor)
In business
NewsFactor - Move over, Brad Pitt. Actress Jessica Biel has officially overtaken you as the most dangerous celebrity to search for in cyberspace, according to Internet security company McAfee. McAfee's third annual research report into Hollywood stars and pop culture's favored people offers insights into the riskiest celebrities on the Web.
Jessica Biel Could Give You a (PC) Virus (PC World)
In technology
PC World - Quick, someone tell Justin Timberlake that his girlfriend Jessica Biel is dangerous--in cyberspace.
Biel tops Pitt as 'most dangerous' celebrity on Web (AFP)
In us
AFP - An online search for actress Jessica Biel is the most likely to land a Web surfer on a site hosting spyware, a virus or other malware, Internet security firm McAfee warned on Tuesday.
Jessica Biel tops list as most risky star in cyberspace (Reuters)
In technology
Reuters - Actress Jessica Biel has overtaken Brad Pitt as the most dangerous celebrity to search in cyberspace, according to Internet security company McAfee Inc.
Trend Micro Unveils 2010 Consumer Security Line (PC Magazine)
In technology
PC Magazine - Trend Micro today unveiled new versions of its Trend Micro Internet Security and Trend Micro Internet Security Pro consumer security products, both optimized for Windows 7.
Apache.org hit by SSH key compromise
By Ryan Naraine on Uncategorized
The open-source Apache Software Foundation pulled its Apache.org Web site offline for about three hours today because of server hack caused by a compromised SSH key.
Snow Leopard's malware protection only scans for two Trojans
By Dancho Danchev on Passwords
The much hyped built-in malware protection into Apple’s Snow Leopard upgrade appears to be nothing more than a XProtect.plist file containing five signatures for two of the most popular Mac OS X trojans - OSX.RSPlug and OSX.Iservice. Intego, the company that originally reported the new feature, has just released a comparative review of their (commercial) antivirus [...]
Source code for Skype eavesdropping trojan in the wild
By Dancho Danchev on Spyware and Adware
Earlier this week, Swiss programmer Ruben Unteregger who has been reportedly working for a Swiss company ERA IT Solutions responsible for coding government sponsored spyware, has released the source code of a trojan horse that injects code into the Skype process in order to convert the incoming and outgoing voice data into an encrypted MP3 [...]
The most dangerous celebrities to search for in 2009
By Dancho Danchev on Web 2.0
Searching for which celebrity has the highest probability of tricking you into visiting a malware-friendly web site? Last year it was Brad Pitt, but according to this year’s McAfee report “Riskiest Celebrities to Search on the Web“, it’s Jessica Biel related searches that have “one in five chance of landing at a Web site that’s tested [...]
Hackers mailing malware-infested CDs to banks
By Ryan Naraine on Viruses and Worms
Cybercriminals are currently mailing infected CDs to credit unions and smaller banks as part of a clever offline scheme to load malicious software into computers with valuable data.
High-risk vulnerabilities hit Google Chrome
By Ryan Naraine on Vulnerability research
Google has shipped a new version of its Chrome browser to fix multiple serious security flaws that expose users to code execution attacks.
Apple adds malware blocker in Snow Leopard
By Ryan Naraine on Patch Watch
Apple has quietly added a new Snow Leopard feature to scan software downloads for malware, a no-brainer move that coincides with a noticeable spike in malicious files embedded in pirated copies of Mac-specific software.
Research: 80% of Web users running unpatched versions of Flash/Acrobat
By Dancho Danchev on Research
According to a research published by Trusteer earlier this month, 79.5% of the 2.5 million users of their Rapport security service run a vulnerable version of Adobe Flash, with 83.5% also running a vulnerable version of Acrobat. The company has also criticized Adobe by insisting that their update mechanism “does not meet the requirements of a [...]
55,000 Web sites hacked to serve up malware cocktail
By Ryan Naraine on Vulnerability research
Security researchers are raising an alarm for a potent malware cocktail -- backdoor Trojans and password stealers -- being pushed to Windows users from about 55,000 hacked Web sites.
No comments:
Post a Comment