Friday, March 20, 2009

Friday 03/20/09

Researchers make wormy Twitter attack Computer security researchers have devised a new Twitter attack that they say could spread virally, much like a worm on the microblogging service. Read more...

----------

A search is launched for Conficker's first victim
March 20, 2009 (IDG News Service) Where did the Conficker worm come from? Researchers at the University of Michigan are trying to find out, using a vast network of Internet sensors to track down the so-called "patient zero" of an outbreak that has infected more than 10 million computers to date.

The university uses so-called Darknet sensors that were set up about six years ago to keep track of malicious activity. With funding from the U.S. Department of Homeland Security, computer scientists have banded together to share data collected from sensors around the world.

"The goal is to get close enough so you can actually start mapping out how the spread started," said Jon Oberheide, a University of Michigan graduate student who is working on the project.
...

----------

Post-breach criticism of PCI security standard misplaced, Visa exec says

Visa pilots new payment card security initiatives
Acknowledging the need for controls that go beyond those offered by the Payment Card Industry (PCI) Data Security Standard, a senior Visa Inc. executive today described two new initiatives to reduce payment card fraud being tested by the company.

One of the pilots involves Fifth Third Bank, which is testing the use of magnetic stripe technology to create unique digital fingerprints for cards, said Ellen Richey, Visa's chief enterprise risk officer. Each stripe contains unique characteristics that can be captured and used to verify the digital identity of the card, Richey said at a security event being hosted by Visa today. The goal is to stop the creation and use of counterfeit cards based on stolen payment card data.

----------

Expert: Hackers penetrating industrial control systems

----------

Researcher hacks just-launched IE8
...
Just hours before Microsoft Corp. officially launched the final code for Internet Explorer 8, a German researcher yesterday hacked the browser during the PWN2OWN contest to win $5,000 and a Sony Viao laptop.

The researcher, a computer science student from Germany who would only give his first name, Nils, broke into the Sony within minutes by exploiting a previously unknown vulnerability in the new browser, said Terri Forslof, manager of security response at 3Com Corp.'s TippingPoint, the contest sponsor. The laptop was running what Forslof described as a "recent Microsoft internal build" of Windows 7.
...

----------

Researcher cracks Mac in 10 seconds at PWN2OWN, wins $5k
...
"I can't talk about the details of the vulnerability, but it was a Mac, fully patched, with Safari, fully patched," said Miller on Wednesday, not long after he had won the prize. "It probably took five or 10 seconds." He confirmed that he had researched and written the exploit before he arrived at the challenge.
...

----------

Harvard professor apologizes to judge for faulty motion in RIAA music piracy case
In yet another twist to a music piracy case that already has attracted lots of attention, a Harvard University law professor who is defending a Boston University graduate student accused of copyright infringement by the Recording Industry Association of America (RIAA) apologized this week to a federal judge in Boston for wasting the court's time with one of his motions.

The written apology by Harvard Law School professor Charles Nesson came on Tuesday, a week after U.S. District Judge Nancy Gertner sharply rebuked Nesson over a motion he had filed seeking to depose a person who he claimed was a representative of the record companies that filed the lawsuit.
...

----------

Vulnerability Found In Intel CPU Caching
Mar 20, 2009
Flaw could allow attackers to remotely control Intel-based devices or extract data from memory

Stealthier then a MBR rootkit, more powerful then ring 0 control, it’s the soon to be developed SMM root kit.

----------

Apple Imposes NDA for App Store Rejections

----------

TomTom fights Microsoft FAT32 lawsuit with suit of its own
about 4 hours ago - by Jacqui Cheng Posted in: Law & Disorder
TomTom has filed a countersuit against Microsoft, accusing the software giant of infringing on three of its in-car navigational patents. The suit is just the latest in the back-and-forth between the two companies, though some believe they'll eventually just settle.
Read more

----------

Rogue Antivirus Distribution Network Dismantled
Posted at 01:08 PM ET, 03/20/2009

A major distribution network for rogue anti-virus products has been shut down following reports by Security Fix about massive profits that the network's affiliates were making for disseminating the worthless software.

On Monday, Security Fix profiled TrafficConverter2.biz, a program that pays affiliates handsome commissions for spreading "scareware" products like Antivirus2009 and Antivirus360. Scareware tries to frighten consumers into purchasing fake security software by pestering them with misleading and incessant warnings about threats resident on their systems.

According to a message posted at TrafficConverter2.biz and its sister sites, the programs credit card payment processor pulled the plug on them shortly after our story ran. TrafficConverter2.biz is currently unreachable...
Permalink

----------

Antivirus2009 Holds Victim's Documents for Ransom
Posted at 06:35 AM ET, 03/20/2009

Security experts are warning that some new "scareware" programs, software that tries to frighten consumers into purchasing bogus security products, also encrypt the victim's digital documents until he or she agrees to pay a $50 ransom demand.

Newer versions of scareware family Antivirus2009 warn users in a fake Windows alert that files in the "My Documents" folder are corrupt. The program them directs the victim to download a program called "FileFixerPro" to fix the supposedly corrupt files.

In fact, this version of Antivirus2009 encrypts or scrambles contents of documents in that folder, so that only users who pay $50 for a FileFixerPro license can get the decryption key needed to regain access to the files in their My Documents folder.
Permalink

----------

New firewall for the Linux kernel

----------

Larry Dignan: The browser battle: What about security?
Special report: New battles loom with the introduction of Internet Explorer 8, Chrome beta, and Opera Turbo this week. As the browser makers wrangle over speed, rendering abilities, and new tools, experts are asking, what about security?

----------

Death of actress Natasha Richardson exploited by scareware
Greg Masters March 20, 2009
A day after news broke of the death of British actress Natasha Richardson, malicious websites sprung up to lure victims looking for information on the tragedy.

----------

Online Organ Transplant Scam Results in Death, Arrest
The authorities have arrested a U.S. fugitive in Guam accused of running a bogus online organ transplant service that duped the sick out of as much as $400,000 – a scam prosecutors said Thursday led to the death of Canadian man awaiting a liver.

----------

Bugs found and announced to manufacturers but NOT patched yet:

http://dvlabs.tippingpoint.com/advisories/upcoming/
There are currently 82 advisories pending public disclosure.

No comments: