Google patches Chrome file-stealing bug
Laid-Off Sysadmin Arrested for Threats to Harm Servers
A systems administrator who was laid off this month by a New York-based financial services firm was arrested in New Jersey last week for allegedly threatening to damage the company's servers if it didn't increase his severance pay.
Viktor Savtyrev, a 29-year-old New Jersey resident, also demanded extended medical coverage and "excellent" job references in e-mails and phone calls to officials at the firm, federal prosecutors said. They declined to identify the firm, but Third Avenue Management LLC confirmed that it is the company involved in the case.
Microsoft: First Exploit Ratings Show Success
Microsoft Corp. last week called its first crack at predicting whether hackers would create exploit code for its software flaws a success -- even though its forecasts were less than 50% accurate.
Can a Cybercrook Get $21,619 off of You?
Too many users neglect their antivirus updates and other cybersecurity measures, a British survey reports.
Wanted: Programmers with Ethics
Morals and ethics join communication and programming skills in a survey of wish lists for IT workers.
A competitor to the free Wireshark packet sniffer program is available for free. It offers some interesting additions beyond the free product. The fully functional and licensed free version of NetWitness Investigator is at: http://download.netwitness.com.
Employees Ignore Online Shopping Risk
Rich Mogull: 7 Infosec Trends for 2009
Shrinking budgets, the collapse of the database security market, DLP going mainstream - the former Gartner pundit places his bets for the coming year. (Part of the What Happens Next security predictions series.)
Read more
Data Loss Prevention goes mainstream. In late 2009 DLP will finally go early mainstream due to the push from the big vendors. Content discovery will drive more deals than network monitoring, and provide more value to most users.
FOIA docs show feds can lojack mobiles without telco help
Documents obtained by civil liberties groups suggest the feds can track cell phone locations without the help of providers.
November 16, 2008 - 10:45PM CT - by Julian Sanchez
Tuesday, November 11, 2008 10:40 AM
MS08-068: SMB credential reflection defense
Today Microsoft released a security update, MS08-068, which addresses an NTLM reflection vulnerability in the SMB protocol. The vulnerability is rated Important on most operating systems, except Vista and Windows Server 2008 where it has a rating of Moderate. This blog post is intended to explain why the issue is less severe on Vista and Windows Server 2008, and provide some additional details to help people determine the risk they face in their environment.
This vulnerability allows an attacker to redirect an incoming SMB connection back to the machine it came from and then access the victim machine using the victim’s own credentials. (Hence the term “credential reflection”). In typical Windows XP configurations where SMB sharing is enabled and the user is a member of the Administrators group, this allows the attacker to easily take over the machine. Public tools, including a Metasploit module, are available to perform this attack.
Typical attack vectors for this vulnerability will leverage HTML either via a web browser or e-mail. Resources within the HTML document (such as IMG tags) can be used to reference a file on the attacker’s machine, and these file are then retrieved using the SMB protocol. The attacker’s machine prompts the victim for credentials and then reflects these credentials to the victim’s machine, gaining access. In cases where the attacker is on the same network as the victim, even “trusted” websites can be leveraged to perform this attack – since network data can be modified before the victim receives it.
Google "Flu Trends" Raises Privacy Concerns
Google announced this week a new web tool that may make it possible to detect flu outbreaks before they might otherwise be reported. Google Flu Trends relies on individual search terms, such as "flu symptoms," provided by Internet users. Google has said that it will only reveal aggregate data, but there are no clear legal or technological privacy safeguards to prevent the disclosure of individual search histories concerning the flu, or related medical concerns, such as "AIDS symptoms," "ritalin," or "Paxil." Privacy and medical groups have urged Google to be more transparent and publish the algorithm on which Flu Trends data is based so that the public can determine whether the privacy safeguards are adequate. At some point aggregate data is identifiable data. Advocacy groups are seeking information on the privacy protections intended to safeguard against abuse or misuse of search information.
Is There a Privacy Risk in Google Flu Trends?, New York Times, November 13, 2008
"NASA has built a new software package to track problems with the Space Shuttle using open source tools from Mozilla. '[Alonso Vera, the lead of the Ames Human-Computer Interaction Group] wouldn't say exactly how much the new systems cost to build, but he said they were an order of magnitude cheaper than what was being used before, closer to $100,000 than the $1 million it would have cost in the past.' The Space Shuttle Endeavor launched successfully on Friday, so the new system is being used to track any problems which may crop up in the current mission. As one commentator pointed out, 'A system like this could save more than money; it could save lives.'"
Read More
"TorrentFreak reports that Toyota's lawyers have recently contacted computer wallpaper site Desktop Nexus in a blatant example of DMCA abuse. Toyota issued a blanket request to demand the immediate removal of all member-uploaded wallpapers featuring a Toyota, Lexus, or Scion vehicle (citing copyright violation), regardless of whether Toyota legally holds the copyright to the photos or not. When site owner Harry Maugans requested clarification on exactly which wallpapers were copyrighted by Toyota, he was told that for them to cite specifics (in order to file proper DMCA Takedown Notices), they would invoice Desktop Nexus for their labor."
Read More
Intrepid iPhone developers bypass security for functionality
The Apple iPhone is vulnerable to a new bug related to the signing of iPhone applications. Applications that are created with the official iPhone SDK need to be cryptographically signed by the author and Apple before they’re allowed into the App store or installed on an iPhone. The digital signing is a security measure that serves two purposes; helping to identify the developer in case of any problems and making sure that an approved application hasn’t been modified.
An iPhone developer discovered the bug while looking for a way to duplicate a feature of Apple created iPhone applications: dynamic default.png files. The default.png file is displayed when an iPhone application is launched and can be used as a static splashscreen. When you quit an Apple created application, it takes a snapshot of the screen when you quit and saves it as default.png within itself. The next time you start the app it loads the new default.png, and everything looks like it was when it was last run. The application hasn’t fully loaded yet, but the saved default.png trick makes it look that way.
Unlike Apple’s apps, those created by other developers can’t modify their default.png files. Since the default.png is stored within the application as a part of itself, it gets digitally signed. Modifying the image file and thus the app, makes the digital signature invalid. An alternative would be to use a default.png in the application’s data directory, but only the file within the application is supported on the iPhone.
...
Cybersecurity advice for President-elect Obama to be previewed at SC World Congress
Greg Masters November 14, 2008
Recommendations from the Commission on Cyber Security for the 44th Presidency will be previewed at the SC World Congress.
Email ruse uses Federal Reserve Bank name to drop PDF exploit
Dan Kaplan November 14, 2008
Bucking the trend of declines in spam this week, a new socially engineered attack is making the rounds.
Black Friday Takedown Notices Hitting Mailboxes
While retailers don't anticipate a widely profitable Black Friday, they're already rounding up the lawyers to threaten websites who publish pre-released sale prices for the day after Thanksgiving shopping stampede.
Consider Wal-Mart, which has already begun sending takedown notices demanding the online removal of their Black Friday ads. Wal-Mart and a host of other retailing concerns perform this act every year ahead of Black Friday.
PLA armor brigade exercise fails due to computer virus
According to news.ifeng, an unidentified PLA armor brigade was the victim of a computer virus that caused electronic ammunition resupply orders to show up blank. During the force-on-force, Red and Blue exercise, operations were hampered due to a computer virus that left the main attack force without ammunition resupply.
During the exercise, the Red Army basic command post, command and control station, received information from the main attack force that 3/4 of their ammunition had been depleted. A resupply order was immediately sent to the rear command post. However, after transmission, the order form appeared blank.
Ten minutes later, the main attack force once again sent a request for ammunition resupply. They were told to wait, that the request for resupply had already been processed. In the end, the main attack force had no hope of getting their ammunition. The ammunition was exhausted, people died and the exercise was lost.
NOTE: When the article states that people died, they are speaking in terms of the exercise. There were no actual fatalities.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment