Friday 08/07/09

Microsoft to Deliver 9 Security Updates on Tuesday
Advance notice offers clues Microsoft will update software hit by deep dev bug.

----------

Critical Bug in Win7 RTM
The bug is a memory leak involving the chkdsk.exe utility. It appears when you attempt to run the program against a secondary drive using the "/r" (read and verify all file data) parameter. Windows division president Steven Sinofsky claims it is far from being a show stopper and joked about the blogosphere blowing things out of proportion. Here is his comment: http://www.wservernews.com/9VWNR1/090810-Comment

----------

--Weak Passwords Allow Congressional Web Site Defacements (August 6, 2009)

A rash of digital graffiti on the websites of at least 18 US Representatives has been blamed on weak administrative passwords established by a third party vendor. The defacements have been cleaned up and no real damage was done to the sites; some have established stronger passwords as a result of the incident. The attacks occurred during the first week of August. The House's Chief Administrative Officer Dan Beard has called for a review of the relationship with the Alexandria, Va.-based vendor, GovTrends.
http://voices.washingtonpost.com/securityfix/2009/08/hackers_target_housegov_sites.html
[Editor's Note (Weatherford): All this proves is that our jobs are never done. We've been preaching about strong passwords for years and it's a part of almost every talk I give yet people still don't get it and still believe "it can't happen to me."]

----------

--Blue Screen of Death Scareware
(August 4 & 5, 2009)
A new scareware variant exploits the pit-of-the-stomach feeling that accompanies the Windows Blue Screen of Death. The malware displays what appears to be the blue screen indicative of a Windows system crash along with an alert window urging users to download software to fix the alleged problem. The phony antivirus package is called SystemSecurity.
http://blogs.zdnet.com/security/?p=3912
http://www.theregister.co.uk/2009/08/04/bsod_scareware/

----------

Cyber attackers empty business accounts in minutes
http://cwflyris.computerworld.com/t/5618759/6339517/209987/0/

----------

What brought Twitter down
Twitter was ground to a halt Thursday by a distributed denial-of-service attack, which, Dan Fletcher explains, is one of the oldest tricks among hackers. TIME

----------

ISPs Team In Bot Cleanup
ISP group issues guidelines for how to clean up bot-infected consumers

----------

Weaponizing Apple's iPod Touch
Security expert converts popular music/movie player and browsing device into a penetration testing, hacking tool

----------

'FOCA' And The Power Of Metadata Analysis From Evil Bytes
Metadata is an interesting -- and often unrealized -- problem for anyone who uses office applications, like Microsoft Office, OpenOffice, and Adobe Acrobat.

----------

Nine U.K. Workers Fired For Tapping Into National Identity Database
Thirty-four U.K. government employees accessed Customer Information System for personal reasons, report says

----------

Adobe Reader affected by Flash Player vulnerability

In order to offer enhanced active content in PDF files, the Adobe Reader now includes the Adobe Flash Player, thus it is now necessary to update both Adobe Reader and all the individual Flash Player plugins for each browser when Adobe releases security updates for Flash.

For more information, refer to:
http://secunia.com/advisories/35948/
http://secunia.com/advisories/35949/

----------

Researcher: Microsoft may launch 'month of ATL' patches on Tuesday
http://cwflyris.computerworld.com/t/5615852/6339517/209670/0/

----------

DDoS attack that downed Twitter also hit Facebook

----------

White House Still Seeking Cybersecurity Czar PC Magazine – Wed Aug 5, 12:50 pm ET
President Barack Obama is still searching for the right person to lead the fight against an epidemic of cybercrime, the White House said on Tuesday as it came under fire following the resignation of a top cybersecurity adviser.

----------

Inside Job: 8 Companies That Got Burned by Rogue IT Workers
Many call them rogue IT staffers, others might consider them IT heroes, and some are still innocent until proven guilty. But whatever the name or intention, these tech-savvy employees wreaked havoc at their organizations — and paid a price.

----------

Recruiters Post Fake Jobs, Sell Your Resume
Analysis: There is a nice cottage industry going on now in this area — see what happens when we make up three resumes of fake people.

----------

Kevin Mitnick Seeks Refuge From Hackers
FRAMINGHAM - Kevin Mitnick, the ex-hacker turned security consultant, is such a high-profile target himself that the Web-hosting firm he was using finally told him it wouldn't host Web pages for him anymore.

"They kicked me off," Mitnick says, noting he doesn't begrudge Hostedhere.net, which he used for five years. But after a number of break-ins that targeted the former hacker, "they decided it wasn't cost-effective to keep me around," Mitnick says, adding, "I'm a target," mostly for those who want to play "king of the hill" by hacking someone once known as a notorious hacker.

----------

Storing text docs in XML may run afoul of Microsoft patent
August 7, 6:08 p.m. UTC - by John Timmer Posted in: One Microsoft Way
At the same time that Microsoft was pushing for the adoption of an XML-based file format for documents, it had a patent pending that would cover most uses of XML for word processing files.
Read more

----------

August 2009 Advance NotificationPosted Thursday, August 06, 2009 10:07 AM by MSRCTEAM

Advance Notification for the August 2009 Security Bulletin Release
In this month’s Advance Notification we are making customers aware that next Tuesday August 11th we plan to release 9 security bulletins at approximately 10:00 a.m. PDT (UTC -8). Those bulletins consist of:

· 8 bulletins affecting Windows five of which are rated critical and three are rated as important.
o One of the critical Windows bulletins also affects Client for Mac.
o One of the important Windows bulletins also affects the .NET Framework.
· One critical bulletin affecting Microsoft Office, Microsoft Visual Studio, Microsoft ISA Server and Microsoft BizTalk Server. This update addresses the issue discussed in security advisory 973472.

Concerning restart requirements, all of the updates for Windows will require a restart except one (this is the update also affecting the .NET Framework). The Office related bulletin may require a restart if the binaries being updated are in use. To reduce your chances of requiring a restart, please see Knowledge Base article 887012.

----------

Russia-Georgia Conflict Blamed for Twitter, Facebook Outages
The theories behind who and what attacked Twitter and Facebook yesterday -- causing intermittent outages at each -- are flying like so many tweets across the Internet. The prevailing theory suggests that the outage was due to a cyber skirmish stemming from simmering tensions between Russia and Georgia.

CNet and CNN place blame for the incident on an elaborate, politically motivated vendetta timed to coincide with the one year anniversary of the Russia-Georgia war, a brief but costly skirmish in August 2008 accompanied by cyber attacks on Georgian government Web sites. In short: the outage at Twitter (and to a lesser extent Facebook & LiveJournal) was due to an effort to silence an anti-Russian blogger from Tbilisi who has been calling attention to a recent resurgence of tensions in the region.

Continue reading this post »

----------

Naming trick opens mail servers
Spammers with access to an exploited host's DNS configuration can smuggle their junk ads through badly configured mail servers simply by using the name "localhost" more…

----------