I have been thinking recently about the meme that InfoSec is pointless, and that we are falling backwards in our pursuit of security. See Sysyphus for those with a classical education. :-)
I think we are coming to a very clear split, with certain things and objects being clearly labelled "Public" and therefore not needing security, and other domains being labelled
Monday, May 11, 2015
Monday, February 6, 2012
Resuming here
I stepped away from this platform for a long time to pursue other systems. Much of my posting can be found of Google+, but maybe there is a place for long-form writing as well. I'll try to post here more often. Thanks!
Friday, August 27, 2010
Corona Art Teacher
Linda Cooper is a great Art Teacher for kids and adults. She can now be found at http://coronaart.wordpress.com Please look her up in SW Riverside County.
Monday, January 11, 2010
Monday 01/11/10
When PDFs And Flash Files Attack Posted by John H. Sawyer
It's getting harder to protect our users from threats coming at them from seemingly trusted places. The Websites they've been using for years are suddenly the source of attacks through malicious advertisements being pushed to the "trusted" site by a third-party advertising service. File format attacks against Adobe's Flash and Acrobat are becoming the exploit du jour for attackers.
----------
Adobe Reader's Patch Tuesday Posted by Wolfgang Kandek
Next Tuesday, Jan. 12, is Microsoft Patch Tuesday. Beyond the usual patches from Microsoft, we will also get a critical update for a piece of software that increasingly plays a role in exploiting desktop systems -- the Adobe Reader from Adobe Systems.
----------
Facebook Security:
http://digg.com/security/Facebook_s_Zuckerberg_I_know_that_people_don_t_want_privacy
----------
Chrome sets browser security standard, says expert
Wow, a browser from an advertising company?!?
---
Chrome has included sandboxing since its September 2008 debut. And while Dai Zovi considers it easily the leader in security because of that, other browser have, or will, make their own stabs at reducing users' risks.
For example, Microsoft's Internet Explorer 7 (IE7) and IE8 on Vista and Windows 7 include a feature dubbed "Protected Mode," which reduces the privileges of the application so that it's difficult for attackers to write, alter or destroy data on the machine, or to install malware. But it's not a true sandbox as far as Dai Zovi is concerned.
...
----------
White House calls for IT boost to fight terrorism
... In listing the various causes for this failure (underwear bomber), the report noted that information technology within the counter-terrorism community "did not sufficiently enable the correlation of data that would have enabled analysts to highlight the relevant threat information."
----------
More flash drive firms warn of security flaw; NIST investigates
http://www.kingston.com/driveupdate/
Kingston's Secure USB Drive Information PageIt has recently been brought to our attention that a skilled person with the proper tools and physical access to the drives may be able to gain unauthorized access to data contained on the following Kingston Secure USB drives:
DataTraveler BlackBox (DTBB)
DataTraveler Secure – Privacy Edition (DTSP)
DataTraveler Elite – Privacy Edition (DTEP)
It is important to note that the following Kingston Secure USB drives are NOT AFFECTED:
DataTraveler Locker (DTL)
DataTraveler Locker+ (DTL+)
DataTraveler Vault (DTV)
DataTraveler Vault – Privacy Edition (DTVP)
DataTraveler Elite (DTE)
DataTraveler Secure (DTS)
----------
Heartland to pay up to $60M to Visa over breach
----------
Fake Android Application
Somehow I missed that "First Tech Credit Union" warned its users late in December about a fake Android application which pilfers user's passwords [1].
This is a somewhat expected event. Malware is frequently willingly installed by users. As users move to new platform like mobile devices, malware is going to follow them. This particular application, "Droid09" has since been removed from the Android Market Place. But it is probably just a matter of time for the next application to show up. It is probably possible for a similar application to sneak past the iTunes store approval process as well. In each case, the more managed software delivery environment limits the expose time but doesn't eliminate it.
[1] http://www.firsttechcu.com/home/security/fraud/security_fraud.html
----------
Survey: 54 Percent Of Organizations Plan To Add Smartphone Antivirus This Year In anticipation of increased mobile threats in the next year, 40 percent of organizations worldwide plan to recruit mobile security staff
----------
GREAT analysis of Airport Security Theater by Bruce Schneier:
Post-Underwear-Bomber Airport Security
----------
Hidden admin access on D-Link routers
A flawed implementation of the Home Network Administration Protocol (HNAP) reportedly allows attackers to gain unauthorised admin access to numerous D-Link router models more…
----------
Not Security related, but very cool:
http://content.zdnet.com/2346-13615_22-382181.html?tag=col1;post-11005
----------
Airport Scanners Can Store, Transmit Images
By Kim Zetter
January 11, 2010
Categories: Surveillance
Contrary to public statements made by the Transportation Security Administration, full-body airport scanners do have the ability to store and transmit images, according to documents obtained by the American Civil Liberties Union.
----------
L.A. Apple Store shoppers targeted by thieves
The L.A. Times Blog reports about an ongoing series of thefts targeting more than 100 Los...
----------
McAfee Labs’ January Spam Report
Angelina Jolie and Barack Obama are the #1 celeb subjects of choice for spammers, according to our January Spam Report.
----------
Spiceworks Is Becoming The Facebook For IT Managers; Raises $16 Million Series C
by Leena Rao on January 11, 2010
Spiceworks, a startup that develops Web-connected social IT management software, has raised $16 million in Series C funding round led by Institutional Venture Partners with Austin Ventures and Shasta Ventures participating. This brings the startup’s total funding to $29 million.
Spiceworks develops a desktop software suite that helps a company’s IT staff collaborate with each other and manage “everything IT.” The IT management software, which is free and ad-supported, is currently being used by 850,000 IT professionals at small to medium businesses in 196 countries to inventory, monitor, troubleshoot, report on and run a help desk for their IT networks. Currently more than 25 percent of all businesses with greater than 100 employees rely on Spiceworks to manage part of their IT operations.
----------
More Researchers Going On The Offensive To Kill Botnets
Jan 11,2010
Another botnet bites the dust, as more researchers looking at more aggressive ways to beat cybercriminals
----------
Researcher Rates Mac OS X Vulnerability 'High'
Jan 08,2010
Flaw in versions 10.5 and 10.6 can be exploited by a remote attacker, says SecurityReason
----------
It's getting harder to protect our users from threats coming at them from seemingly trusted places. The Websites they've been using for years are suddenly the source of attacks through malicious advertisements being pushed to the "trusted" site by a third-party advertising service. File format attacks against Adobe's Flash and Acrobat are becoming the exploit du jour for attackers.
----------
Adobe Reader's Patch Tuesday Posted by Wolfgang Kandek
Next Tuesday, Jan. 12, is Microsoft Patch Tuesday. Beyond the usual patches from Microsoft, we will also get a critical update for a piece of software that increasingly plays a role in exploiting desktop systems -- the Adobe Reader from Adobe Systems.
----------
Facebook Security:
http://digg.com/security/Facebook_s_Zuckerberg_I_know_that_people_don_t_want_privacy
----------
Chrome sets browser security standard, says expert
Wow, a browser from an advertising company?!?
---
Chrome has included sandboxing since its September 2008 debut. And while Dai Zovi considers it easily the leader in security because of that, other browser have, or will, make their own stabs at reducing users' risks.
For example, Microsoft's Internet Explorer 7 (IE7) and IE8 on Vista and Windows 7 include a feature dubbed "Protected Mode," which reduces the privileges of the application so that it's difficult for attackers to write, alter or destroy data on the machine, or to install malware. But it's not a true sandbox as far as Dai Zovi is concerned.
...
----------
White House calls for IT boost to fight terrorism
... In listing the various causes for this failure (underwear bomber), the report noted that information technology within the counter-terrorism community "did not sufficiently enable the correlation of data that would have enabled analysts to highlight the relevant threat information."
----------
More flash drive firms warn of security flaw; NIST investigates
http://www.kingston.com/driveupdate/
Kingston's Secure USB Drive Information PageIt has recently been brought to our attention that a skilled person with the proper tools and physical access to the drives may be able to gain unauthorized access to data contained on the following Kingston Secure USB drives:
DataTraveler BlackBox (DTBB)
DataTraveler Secure – Privacy Edition (DTSP)
DataTraveler Elite – Privacy Edition (DTEP)
It is important to note that the following Kingston Secure USB drives are NOT AFFECTED:
DataTraveler Locker (DTL)
DataTraveler Locker+ (DTL+)
DataTraveler Vault (DTV)
DataTraveler Vault – Privacy Edition (DTVP)
DataTraveler Elite (DTE)
DataTraveler Secure (DTS)
----------
Heartland to pay up to $60M to Visa over breach
----------
Fake Android Application
Somehow I missed that "First Tech Credit Union" warned its users late in December about a fake Android application which pilfers user's passwords [1].
This is a somewhat expected event. Malware is frequently willingly installed by users. As users move to new platform like mobile devices, malware is going to follow them. This particular application, "Droid09" has since been removed from the Android Market Place. But it is probably just a matter of time for the next application to show up. It is probably possible for a similar application to sneak past the iTunes store approval process as well. In each case, the more managed software delivery environment limits the expose time but doesn't eliminate it.
[1] http://www.firsttechcu.com/home/security/fraud/security_fraud.html
----------
Survey: 54 Percent Of Organizations Plan To Add Smartphone Antivirus This Year In anticipation of increased mobile threats in the next year, 40 percent of organizations worldwide plan to recruit mobile security staff
----------
GREAT analysis of Airport Security Theater by Bruce Schneier:
Post-Underwear-Bomber Airport Security
----------
Hidden admin access on D-Link routers
A flawed implementation of the Home Network Administration Protocol (HNAP) reportedly allows attackers to gain unauthorised admin access to numerous D-Link router models more…
----------
Not Security related, but very cool:
http://content.zdnet.com/2346-13615_22-382181.html?tag=col1;post-11005
----------
Airport Scanners Can Store, Transmit Images
By Kim Zetter
January 11, 2010
Categories: Surveillance
Contrary to public statements made by the Transportation Security Administration, full-body airport scanners do have the ability to store and transmit images, according to documents obtained by the American Civil Liberties Union.
----------
L.A. Apple Store shoppers targeted by thieves
The L.A. Times Blog reports about an ongoing series of thefts targeting more than 100 Los...
----------
McAfee Labs’ January Spam Report
Angelina Jolie and Barack Obama are the #1 celeb subjects of choice for spammers, according to our January Spam Report.
----------
Spiceworks Is Becoming The Facebook For IT Managers; Raises $16 Million Series C
by Leena Rao on January 11, 2010
Spiceworks, a startup that develops Web-connected social IT management software, has raised $16 million in Series C funding round led by Institutional Venture Partners with Austin Ventures and Shasta Ventures participating. This brings the startup’s total funding to $29 million.
Spiceworks develops a desktop software suite that helps a company’s IT staff collaborate with each other and manage “everything IT.” The IT management software, which is free and ad-supported, is currently being used by 850,000 IT professionals at small to medium businesses in 196 countries to inventory, monitor, troubleshoot, report on and run a help desk for their IT networks. Currently more than 25 percent of all businesses with greater than 100 employees rely on Spiceworks to manage part of their IT operations.
----------
More Researchers Going On The Offensive To Kill Botnets
Jan 11,2010
Another botnet bites the dust, as more researchers looking at more aggressive ways to beat cybercriminals
----------
Researcher Rates Mac OS X Vulnerability 'High'
Jan 08,2010
Flaw in versions 10.5 and 10.6 can be exploited by a remote attacker, says SecurityReason
----------
Monday, January 4, 2010
Monday 01/04/10
TSA Gaffe Shows Pitfalls of Redaction
The inadvertent exposure of a sensitive Transportation Security Administration security manual last month serves as a sobering reminder about the pitfalls of trying to redact, or hide, electronic text.
The lapse occurred when a contract employee posted the improperly redacted security manual -- which described TSA airport screening methods that are designed to thwart terrorists -- on a public Web site for federal procurements.
Other organizations, such as HSBC Bank and Facebook Inc., have also had embarrassing incidents in which text in electronic documents that they thought was unreadable was revealed.
----------
Google Chrome OS may be security hot spot in 2010
Chrome OS will be targeted by attackers, probably even before it's officially released, said Sam Masiello, the director of threat management at antivirus vendor McAfee Inc.
"It'll be the new kid on the block, that's one of the primary drivers why we think cybercriminals will target Chrome OS," said Masiello. "The same thing happened to Windows Vista and Windows 7, even before they were finished. Since Chrome OS is new, it's going to be of interest to security researchers, and it's going to be poked by cybercriminals as well."
----------
Hacker Pleads Guilty in Massive Fraud Case PC World – Wed Dec 30, 1:20 am ET
A hacker from Miami pled guilty to conspiracy to hack into computer networks at major U.S. retail and financial groups, and to steal data on tens of millions of credit cards and debit cards on Tuesday.
----------
Top 10 Security Nightmares of the Decade PC World – Tue Dec 29, 9:00 pm ET
Blame the Internet for the latest decade of security lessons. Without it, you probably wouldn't even recognize the terms phishing, cybercrime, data breach, or botnet. Let's revisit the top security horrors of the past ten years, and try to remember what we learned from each. Full Story »
----------
Target Co was victim of hacker Albert Gonzalez Reuters – Tue Dec 29, 7:03 pm ET
BOSTON/NEW YORK (Reuters) - Target Co said it was among the victims of computer hacker Albert Gonzalez, mastermind of the biggest identity theft in U.S. history.
----------
Hackers Show It's Easy to Snoop on a GSM Call PC World – Mon Dec 28, 9:40 pm ET
Computer security researchers say that the GSM phones used by the majority of the world's mobile-phone users can be listened in on with just a few thousand dollars worth of hardware and some free open-source tools.
----------
Good Guys Bring Down the Mega-D Botnet PC World – Sun Dec 27, 9:00 pm ET
For two years as a researcher with security company FireEye, Atif Mushtaq worked to keep Mega-D bot malware from infecting clients' networks. In the process, he learned how its controllers operated it. Last June, he began publishing his findings online. In November, he suddenly switched from defense to offense. And Mega-D--a powerful, resilient botnet that had forced 250,000 PCs to do its bidding--went down.
----------
FBI probing cyber theft at Citibank: WSJ AFP – Tue Dec 22, 1:10 pm ET
AFP/File
WASHINGTON (AFP) - The US Federal Bureau of Investigation is probing an attack by suspected Russian computer hackers on Citigroup Inc. that resulted in the theft of tens of millions of dollars, The Wall Street Journal reported Tuesday.
----------
Sophisticated, targeted malicious PDF documents exploiting CVE-2009-4324
Couple of days ago one of our readers, Ric, submitted a suspicious PDF document to us. As you know, malicious PDF documents are not rare these days, especially when the exploit for a yet unpatched vulnerability is wide spread.
Quick analysis of the document confirmed that it is exploiting this vulnerability (CVE-2009-4324 – the doc.media.newPlayer vulnerability). This can be easily seen in the included JavaScript in the PDF document, despite horrible detection (only 6 out of 40 AV vendors detected this when I initially submitted it here).
----------
FTC: Orgs Liable for Employee Statements on Facebook, Twitter?
Michael Overly looks at FTC regulations that went into effect in December.
New FTC guidelines (http://www.ftc.gov/os/2009/10/091005revisedendorsementguides.pdf) that went into effect on December 1, 2009, may impose liability on businesses for statements their employees make on social networking sites like Facebook, Twitter, LinkedIn, MySpace, personal blogs, and other sites – even if the company had no actual knowledge those statements were being made. Specifically, if an employee makes comments about the business’ products and services and that employee fails to disclose their employment relationship with the business, the business may be subject to an enforcement action for deceptive endorsements.
----------
NIST-certified USB Flash drives with hardware encryption cracked
Security firm SySS has found that supposedly secure NIST certified USB Flash drives from three of the top vendors can be cracked with relative ease more…
...
When notified by SySS about this worst case security scenario, the respective vendors responded quite differently. Kingston started a recall of the affected products; SanDisk and Verbatim issued woolly security bulletins about a "potential vulnerability in the access control application" and provided a software update. When asked by heise Security, Verbatim Europe said that none of the affected drives have been sold in Europe – and that none will be shipped before the hole has been closed.
----------
Adobe working on new automatic updater
Ryan Naraine: In the wake of a dramatic surge in malware attacks against Adobe's Reader, Acrobat, and Flash Player, the company plans to ship a new automatic updater mechanism that will silently patch security holes without any user action.
----------
Waldec spreading through fake New Year's e-cards
Angela Moscaritolo December 31, 2009
The Waledac botnet is spreading spam messages that contain the subject line "Happy New Year 2010" and provide a link for what the email claims to be a New Year's greeting card.
----------
How to Automate Windows 7 Backups
(Video) How to set up and automate backups in Windows 7.
----------
The inadvertent exposure of a sensitive Transportation Security Administration security manual last month serves as a sobering reminder about the pitfalls of trying to redact, or hide, electronic text.
The lapse occurred when a contract employee posted the improperly redacted security manual -- which described TSA airport screening methods that are designed to thwart terrorists -- on a public Web site for federal procurements.
Other organizations, such as HSBC Bank and Facebook Inc., have also had embarrassing incidents in which text in electronic documents that they thought was unreadable was revealed.
----------
Google Chrome OS may be security hot spot in 2010
Chrome OS will be targeted by attackers, probably even before it's officially released, said Sam Masiello, the director of threat management at antivirus vendor McAfee Inc.
"It'll be the new kid on the block, that's one of the primary drivers why we think cybercriminals will target Chrome OS," said Masiello. "The same thing happened to Windows Vista and Windows 7, even before they were finished. Since Chrome OS is new, it's going to be of interest to security researchers, and it's going to be poked by cybercriminals as well."
----------
Hacker Pleads Guilty in Massive Fraud Case PC World – Wed Dec 30, 1:20 am ET
A hacker from Miami pled guilty to conspiracy to hack into computer networks at major U.S. retail and financial groups, and to steal data on tens of millions of credit cards and debit cards on Tuesday.
----------
Top 10 Security Nightmares of the Decade PC World – Tue Dec 29, 9:00 pm ET
Blame the Internet for the latest decade of security lessons. Without it, you probably wouldn't even recognize the terms phishing, cybercrime, data breach, or botnet. Let's revisit the top security horrors of the past ten years, and try to remember what we learned from each. Full Story »
----------
Target Co was victim of hacker Albert Gonzalez Reuters – Tue Dec 29, 7:03 pm ET
BOSTON/NEW YORK (Reuters) - Target Co said it was among the victims of computer hacker Albert Gonzalez, mastermind of the biggest identity theft in U.S. history.
----------
Hackers Show It's Easy to Snoop on a GSM Call PC World – Mon Dec 28, 9:40 pm ET
Computer security researchers say that the GSM phones used by the majority of the world's mobile-phone users can be listened in on with just a few thousand dollars worth of hardware and some free open-source tools.
----------
Good Guys Bring Down the Mega-D Botnet PC World – Sun Dec 27, 9:00 pm ET
For two years as a researcher with security company FireEye, Atif Mushtaq worked to keep Mega-D bot malware from infecting clients' networks. In the process, he learned how its controllers operated it. Last June, he began publishing his findings online. In November, he suddenly switched from defense to offense. And Mega-D--a powerful, resilient botnet that had forced 250,000 PCs to do its bidding--went down.
----------
FBI probing cyber theft at Citibank: WSJ AFP – Tue Dec 22, 1:10 pm ET
AFP/File
WASHINGTON (AFP) - The US Federal Bureau of Investigation is probing an attack by suspected Russian computer hackers on Citigroup Inc. that resulted in the theft of tens of millions of dollars, The Wall Street Journal reported Tuesday.
----------
Sophisticated, targeted malicious PDF documents exploiting CVE-2009-4324
Couple of days ago one of our readers, Ric, submitted a suspicious PDF document to us. As you know, malicious PDF documents are not rare these days, especially when the exploit for a yet unpatched vulnerability is wide spread.
Quick analysis of the document confirmed that it is exploiting this vulnerability (CVE-2009-4324 – the doc.media.newPlayer vulnerability). This can be easily seen in the included JavaScript in the PDF document, despite horrible detection (only 6 out of 40 AV vendors detected this when I initially submitted it here).
----------
FTC: Orgs Liable for Employee Statements on Facebook, Twitter?
Michael Overly looks at FTC regulations that went into effect in December.
New FTC guidelines (http://www.ftc.gov/os/2009/10/091005revisedendorsementguides.pdf) that went into effect on December 1, 2009, may impose liability on businesses for statements their employees make on social networking sites like Facebook, Twitter, LinkedIn, MySpace, personal blogs, and other sites – even if the company had no actual knowledge those statements were being made. Specifically, if an employee makes comments about the business’ products and services and that employee fails to disclose their employment relationship with the business, the business may be subject to an enforcement action for deceptive endorsements.
----------
NIST-certified USB Flash drives with hardware encryption cracked
Security firm SySS has found that supposedly secure NIST certified USB Flash drives from three of the top vendors can be cracked with relative ease more…
...
When notified by SySS about this worst case security scenario, the respective vendors responded quite differently. Kingston started a recall of the affected products; SanDisk and Verbatim issued woolly security bulletins about a "potential vulnerability in the access control application" and provided a software update. When asked by heise Security, Verbatim Europe said that none of the affected drives have been sold in Europe – and that none will be shipped before the hole has been closed.
----------
Adobe working on new automatic updater
Ryan Naraine: In the wake of a dramatic surge in malware attacks against Adobe's Reader, Acrobat, and Flash Player, the company plans to ship a new automatic updater mechanism that will silently patch security holes without any user action.
----------
Waldec spreading through fake New Year's e-cards
Angela Moscaritolo December 31, 2009
The Waledac botnet is spreading spam messages that contain the subject line "Happy New Year 2010" and provide a link for what the email claims to be a New Year's greeting card.
----------
How to Automate Windows 7 Backups
(Video) How to set up and automate backups in Windows 7.
----------
Monday, December 21, 2009
Monday 12/21/09
Deconstructing Facebook's New Privacy Settings
Forrester Research analyst Chenxi Wang picks apart Facebook's new privacy settings so the rest of us can figure out how to navigate and even benefit from them.
----------
Check Your Friends! Facebook IMs May Lead To Trouble
Monday December 21, 2009 at 7:27 am CST
I ran into a few strange IMs over the weekend. When I was not shoveling out my driveway from the 15 inches of snow that covered it I was logged into Facebook telling people about it…. It was then that I started receiving some VERY interesting IMs from a friend extolling the virtues of a clean colon (yep – you read that right)...
----------
Cisco Regains Top Spot in IPS Market by Jamey Heary
Cisco Snatches Q3 Security Market Share from its Competitors
----------
Federal Government to streamline online authentication
The Federal Government has moved to streamline the use of authentication tools among departments...
----------
Ford Pushes For Wi-Fi Enabled Vehicles
New SYNC vehicles will take USB 3G modems
----------
Are you ready for 4k sector drives?
Robin Harris: Western Digital has started shipping drives that drop the ancient 512 byte disk sector for a 4096 byte - 4k - sector. What's in it for you? And what will it do to you?
...
Gotchas?
If you are in either of these 2 groups:
1) Windows XP does not automatically align writes on 4k boundaries, which hurts performance. WD has software - the Advanced Format Align Utility for their drives. I assume other vendors will too when they start shipping.
XP users need to run this utility once to use a 4k drive with a clean install, cloning software or a do-it-yourself USB drive. WD-branded 4k USB drives are already aligned so it isn’t needed for those drives.
2) Windows clone software vendors have yet to implement 4k support. If you clone an XP, Vista or W7 drive you should run the align utility. The cloning vendors need to get on board Real Soon Now. Vendors are welcome to comment on their plans.
----------
David Pogue Weighs In On Ebook DRM: Non-DRM'd Ebook Increased His Sales
Pogue relates his own experience in running a test with his publisher (which is O'Reilly) in putting out a non-DRM'd ebook, and he found that sales increased...
----------
Heartland settles with American Express over breach
Dan Kaplan December 18, 2009
Heartland Payment Systems has settled its first lawsuit with a card brand over the 2008 data breach.
----------
Thief steals U.S. Army laptop from employee's home
Angela Moscaritolo December 17, 2009
A laptop containing the personal information of tens of thousands of U.S. Army soldiers, family members and U.S. Department of Defense employees was recently stolen.
----------
Judge grants TJX hacker sentencing delay over health
Angela Moscaritolo December 17, 2009
A psychiatric evaluation has determined that Albert Gonzalez's actions were consistent with the behaviors of someone who suffers from Asperger's syndrome, and his sentencing has been delayed until March.
----------
Facebook sues three over alleged spam, phishing
Dan Kaplan December 17, 2009
Fresh off a $711 million spam judgment in its favor, Facebook this week sued three more individuals that it contends assaulted its members with spam.
----------
Cisco WebEx WRF Player Vulnerabilities
Cisco today released details of a set of buffer overflow vulnerabilities and fixes for their WebEx WRF player. The exploits describe multiple buffer overflows caused by a maliciously crafted WRF file (generally posted on a website), or by attending a WebEx meeting with an attacker attending. The results of the exploit can result in execution of arbitrary code on the target system.
http://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml
----------
Is Netflix "borking" lesbians with subscriber data releases?
2 days ago - by Nate Anderson Posted in: Law & Disorder
An Ohio lesbian doesn't want to be outed by her Netflix recommendations, and she is part of a new class-action lawsuit against the movie rental company.
----------
Suspected NKoreans hack war plan for SKorea AFP – Thu Dec 17, 11:27 pm ET
AFP/File
SEOUL (AFP) - Computer hackers who may be from North Korea have gained access to a secret US-South Korean plan to defend the peninsula in case of war, the defence ministry said Friday.
----------
Cybercrooks Target File-Sharing Networks
Security experts at Kaspersky Labs warn that cybercriminals are shifting their focus from worms and spams to file-sharing services.
----------
Twitter's DNS Provider Denies Hack
Rerouting was managed from within Twitter's own account, says the microblogging site's domain manager.
----------
Italian Police Arrest Hacker Sought for Fraud
Italian police have arrested an alleged hacker who is accused of defrauding banks and mobile phone operators out of several million dollars.
----------
Adobe explains PDF patch delay
Unless users apply one of the workarounds that Adobe's suggested, the decision will leave systems open to attack until Jan. 12, when the patch is released. According to several security firms, the flaw has been in use by criminals since at least Nov. 20. Adobe only found out Monday that the vulnerability in its Reader and Acrobat applications was being actively exploited.
----------
Drone incident serves up data encryption lesson
In a story that's receiving widespread attention, the Wall Street Journal yesterday reported that Iranian-backed groups in Iraq and Afghanistan were tapping into live feeds from Predator drones using a $26 software tool called SkyGrabber from Russian company SkySoftware.
The hitherto largely unknown software product doesn't require Internet connectivity and is designed to intercept music, photos, video and TV satellite programming for free. Insurgents in Iraq, however, were able to use SkyGrabber to grab live video feeds from unmanned Predator drones because the transmissions were being sent unencrypted to ground control stations.
----------
Forrester Research analyst Chenxi Wang picks apart Facebook's new privacy settings so the rest of us can figure out how to navigate and even benefit from them.
----------
Check Your Friends! Facebook IMs May Lead To Trouble
Monday December 21, 2009 at 7:27 am CST
I ran into a few strange IMs over the weekend. When I was not shoveling out my driveway from the 15 inches of snow that covered it I was logged into Facebook telling people about it…. It was then that I started receiving some VERY interesting IMs from a friend extolling the virtues of a clean colon (yep – you read that right)...
----------
Cisco Regains Top Spot in IPS Market by Jamey Heary
Cisco Snatches Q3 Security Market Share from its Competitors
----------
Federal Government to streamline online authentication
The Federal Government has moved to streamline the use of authentication tools among departments...
----------
Ford Pushes For Wi-Fi Enabled Vehicles
New SYNC vehicles will take USB 3G modems
----------
Are you ready for 4k sector drives?
Robin Harris: Western Digital has started shipping drives that drop the ancient 512 byte disk sector for a 4096 byte - 4k - sector. What's in it for you? And what will it do to you?
...
Gotchas?
If you are in either of these 2 groups:
- Windows XP users
- Windows users who clone disks with software like Norton Ghost
1) Windows XP does not automatically align writes on 4k boundaries, which hurts performance. WD has software - the Advanced Format Align Utility for their drives. I assume other vendors will too when they start shipping.
XP users need to run this utility once to use a 4k drive with a clean install, cloning software or a do-it-yourself USB drive. WD-branded 4k USB drives are already aligned so it isn’t needed for those drives.
2) Windows clone software vendors have yet to implement 4k support. If you clone an XP, Vista or W7 drive you should run the align utility. The cloning vendors need to get on board Real Soon Now. Vendors are welcome to comment on their plans.
----------
David Pogue Weighs In On Ebook DRM: Non-DRM'd Ebook Increased His Sales
Pogue relates his own experience in running a test with his publisher (which is O'Reilly) in putting out a non-DRM'd ebook, and he found that sales increased...
----------
Heartland settles with American Express over breach
Dan Kaplan December 18, 2009
Heartland Payment Systems has settled its first lawsuit with a card brand over the 2008 data breach.
----------
Thief steals U.S. Army laptop from employee's home
Angela Moscaritolo December 17, 2009
A laptop containing the personal information of tens of thousands of U.S. Army soldiers, family members and U.S. Department of Defense employees was recently stolen.
----------
Judge grants TJX hacker sentencing delay over health
Angela Moscaritolo December 17, 2009
A psychiatric evaluation has determined that Albert Gonzalez's actions were consistent with the behaviors of someone who suffers from Asperger's syndrome, and his sentencing has been delayed until March.
----------
Facebook sues three over alleged spam, phishing
Dan Kaplan December 17, 2009
Fresh off a $711 million spam judgment in its favor, Facebook this week sued three more individuals that it contends assaulted its members with spam.
----------
Cisco WebEx WRF Player Vulnerabilities
Cisco today released details of a set of buffer overflow vulnerabilities and fixes for their WebEx WRF player. The exploits describe multiple buffer overflows caused by a maliciously crafted WRF file (generally posted on a website), or by attending a WebEx meeting with an attacker attending. The results of the exploit can result in execution of arbitrary code on the target system.
http://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml
----------
Is Netflix "borking" lesbians with subscriber data releases?
2 days ago - by Nate Anderson Posted in: Law & Disorder
An Ohio lesbian doesn't want to be outed by her Netflix recommendations, and she is part of a new class-action lawsuit against the movie rental company.
----------
Suspected NKoreans hack war plan for SKorea AFP – Thu Dec 17, 11:27 pm ET
AFP/File
SEOUL (AFP) - Computer hackers who may be from North Korea have gained access to a secret US-South Korean plan to defend the peninsula in case of war, the defence ministry said Friday.
----------
Cybercrooks Target File-Sharing Networks
Security experts at Kaspersky Labs warn that cybercriminals are shifting their focus from worms and spams to file-sharing services.
----------
Twitter's DNS Provider Denies Hack
Rerouting was managed from within Twitter's own account, says the microblogging site's domain manager.
----------
Italian Police Arrest Hacker Sought for Fraud
Italian police have arrested an alleged hacker who is accused of defrauding banks and mobile phone operators out of several million dollars.
----------
Adobe explains PDF patch delay
Unless users apply one of the workarounds that Adobe's suggested, the decision will leave systems open to attack until Jan. 12, when the patch is released. According to several security firms, the flaw has been in use by criminals since at least Nov. 20. Adobe only found out Monday that the vulnerability in its Reader and Acrobat applications was being actively exploited.
----------
Drone incident serves up data encryption lesson
In a story that's receiving widespread attention, the Wall Street Journal yesterday reported that Iranian-backed groups in Iraq and Afghanistan were tapping into live feeds from Predator drones using a $26 software tool called SkyGrabber from Russian company SkySoftware.
The hitherto largely unknown software product doesn't require Internet connectivity and is designed to intercept music, photos, video and TV satellite programming for free. Insurgents in Iraq, however, were able to use SkyGrabber to grab live video feeds from unmanned Predator drones because the transmissions were being sent unencrypted to ground control stations.
----------
Monday, December 14, 2009
Monday 12/14/09
Rather than patch, Microsoft blocks buggy code
http://www.computerworld.com/s/article/9142140/Rather_than_patch_Microsoft_blocks_buggy_code?taxonomyId=17
Microsoft has decided to disable a 17-year-old video codec in older versions of Windows rather than patch multiple vulnerabilities, according to the company's security team.
----------
Top Five Reasons For Security FAIL
Adi Ruppin admits the Internet security industry has seen every type of product fail. The good news, he says, is that there's much to learn from such failures. Here are five such lessons.
The weakest link
Industry standard vs. proprietary
The right solution to the wrong problem
The human factor
Usability
----------
DHS: Counterfeit Goods Still Rampant in U.S.
Phony products seizures fell slightly, but counterfeiting continues to be big business
----------
Not Security but...
Britain's First 140mph Train Service Begins
----------
Secret Copyright Treaty Timeline Shows Global DMCA
Michael Geist, a leading critic of the ACTA secret copyright treaty, has produced a new interactive timeline that traces its development. The timeline includes links to leaked documents, videos, and public interest group letters that should generate increasing concern with a deal that could lead to a global three-strikes and you're out policy.
----------
Building a Global Cyber Police Force
One of the biggest obstacles to fighting hackers and cyber-criminals is that many operate in the safe harbors of their home countries, insulated from prosecution by authorities in foreign countries where their targets reside. As Larry Walsh writes in his blog, several security vendors and a growing number of countries are now beginning to consider the creation of a global police force that would have trans-border jurisdiction to investigate and arrest suspected hackers.
----------
Supreme Court Takes Texting Case
http://www.nytimes.com/2009/12/15/us/15scotus.html?_r=1&hp
WASHINGTON — The Supreme Court agreed on Monday to decide whether a police department violated the constitutional privacy rights of an employee when it inspected personal text messages sent and received on a government pager.
The case opens “a new frontier in Fourth Amendment jurisprudence,” according to a three-judge panel of an appeals court that ruled in favor of the employee, a police sergeant on the Ontario, Calif., SWAT team.
----------
National data breach notification bill passed in U.S. House
Angela Moscaritolo December 10, 2009
The Data Accountability and Trust Act would require any organization that experiences a breach of electronic data containing personal information to notify all affected U.S. residents.
----------
Report finds enterprises failing to protect sensitive data
Angela Moscaritolo December 09, 2009
Just 40 percent of respondents in a recent survey said all of their organizations sensitive data is adequately secured.
----------
The Machine SID Duplication Myth
by Mark Russinovich
----------
Plastic Surgery Allows Exploit of Biometric ID System
Now what you are born with may not be as secure as biometric ID systems are purported to be. Lin Rong is accused by Japanese authorities of having her fingerprints surgically altered to enter the country illegally. She is reported to have had surgery to switch the finger tips of her right and left hand. The ruse was discovered by Japanese authorities after she was arrest for an unrelated offense.
'Fake fingerprint' Chinese woman fools Japan controls , BBC, December 7, 2009
----------
Full Disk Encryption: What It Can And Can't Do For Your Data
Dec 14,2009
Protection depends on how implementation -- and user know-how
Warning: disk is unlocked when it is on (duh!)
----------
FBI: Rogue Antivirus Scammers Have Made $150M
PC World – Fri Dec 11, 2:50 pm ET
They're the scourge of the Internet right now and the U.S. Federal Bureau of Investigation says they've also raked in more than US$150 million for scammers. Security experts call them rogue antivirus programs.
----------
Amazon's data center outage reads like a thriller
----------
http://www.computerworld.com/s/article/9142140/Rather_than_patch_Microsoft_blocks_buggy_code?taxonomyId=17
Microsoft has decided to disable a 17-year-old video codec in older versions of Windows rather than patch multiple vulnerabilities, according to the company's security team.
----------
Top Five Reasons For Security FAIL
Adi Ruppin admits the Internet security industry has seen every type of product fail. The good news, he says, is that there's much to learn from such failures. Here are five such lessons.
The weakest link
Industry standard vs. proprietary
The right solution to the wrong problem
The human factor
Usability
----------
DHS: Counterfeit Goods Still Rampant in U.S.
Phony products seizures fell slightly, but counterfeiting continues to be big business
----------
Not Security but...
Britain's First 140mph Train Service Begins
----------
Secret Copyright Treaty Timeline Shows Global DMCA
Michael Geist, a leading critic of the ACTA secret copyright treaty, has produced a new interactive timeline that traces its development. The timeline includes links to leaked documents, videos, and public interest group letters that should generate increasing concern with a deal that could lead to a global three-strikes and you're out policy.
----------
Building a Global Cyber Police Force
One of the biggest obstacles to fighting hackers and cyber-criminals is that many operate in the safe harbors of their home countries, insulated from prosecution by authorities in foreign countries where their targets reside. As Larry Walsh writes in his blog, several security vendors and a growing number of countries are now beginning to consider the creation of a global police force that would have trans-border jurisdiction to investigate and arrest suspected hackers.
----------
Supreme Court Takes Texting Case
http://www.nytimes.com/2009/12/15/us/15scotus.html?_r=1&hp
WASHINGTON — The Supreme Court agreed on Monday to decide whether a police department violated the constitutional privacy rights of an employee when it inspected personal text messages sent and received on a government pager.
The case opens “a new frontier in Fourth Amendment jurisprudence,” according to a three-judge panel of an appeals court that ruled in favor of the employee, a police sergeant on the Ontario, Calif., SWAT team.
----------
National data breach notification bill passed in U.S. House
Angela Moscaritolo December 10, 2009
The Data Accountability and Trust Act would require any organization that experiences a breach of electronic data containing personal information to notify all affected U.S. residents.
----------
Report finds enterprises failing to protect sensitive data
Angela Moscaritolo December 09, 2009
Just 40 percent of respondents in a recent survey said all of their organizations sensitive data is adequately secured.
----------
The Machine SID Duplication Myth
by Mark Russinovich
----------
Plastic Surgery Allows Exploit of Biometric ID System
Now what you are born with may not be as secure as biometric ID systems are purported to be. Lin Rong is accused by Japanese authorities of having her fingerprints surgically altered to enter the country illegally. She is reported to have had surgery to switch the finger tips of her right and left hand. The ruse was discovered by Japanese authorities after she was arrest for an unrelated offense.
'Fake fingerprint' Chinese woman fools Japan controls , BBC, December 7, 2009
----------
Full Disk Encryption: What It Can And Can't Do For Your Data
Dec 14,2009
Protection depends on how implementation -- and user know-how
Warning: disk is unlocked when it is on (duh!)
----------
FBI: Rogue Antivirus Scammers Have Made $150M
PC World – Fri Dec 11, 2:50 pm ET
They're the scourge of the Internet right now and the U.S. Federal Bureau of Investigation says they've also raked in more than US$150 million for scammers. Security experts call them rogue antivirus programs.
----------
Amazon's data center outage reads like a thriller
----------
Subscribe to:
Posts (Atom)