Collection of security news, happenings and articles from the past week
This is a weekly roundup of all the security news, articles, software releases, vendor advisories and webcasts that were published on Help Net Security during the past week.
This roundup is sponsored by:
Detect vulnerabilities on your Internet-facing server with
FREESCAN from Qualys
FreeScan allows you to quickly and accurately scan your server for
thousands of vulnerabilities that could be exploited by an attacker.
If vulnerabilities exist on the IP address provided, FreeScan will
find them and provide detailed information on each risk – including
its severity, associated threat, and potential impact. It even
provides links to give you more information about the vulnerability
and how to correct it.
Click here to receive your FreeScan:
Table of contents:
1) Security news
2) Advisories
3) Articles
4) Software
5) Webcasts
6) Conferences
7) Security World
8) Virus News
[ Security news ]
—————————————————————-
BEWARE OF DATA DUMPSTER DIVERS
Trashing an old PC with sensitive data on the hard drive can be
almost as bad as leaving it out on the sidewalk in terms of data
security.
http://www.net-security.org/news.php?id=14830
TOP SECRET: WE’RE WIRETAPPING YOU
It could be a scene from Kafka or Brazil. Imagine a government
agency, in a bureaucratic foul-up, accidentally gives you a copy of a
document marked “top secret.” And it contains a log of some of your
private phone calls.
http://www.net-security.org/news.php?id=14831
TIME TO BLACKLIST BLACKLISTS
Blacklists have their place for detecting and identifying malicious
content and activity, with the whole signature-based malware
detection industry effectively being built around the concept that
blacklists are reliable mechanisms.
http://www.net-security.org/news.php?id=14832
KNOW THE ENEMY WITHIN
An in depth study of threats in the workplace has highlighted exactly
what they are as well as users’ attitudes to those threats, and what’s
behind them. The fact is that we all know the kind of activities that
users get up to if they are not closely monitored and controlled, but
the scale of it and the threat that it represents may be seriously
underestimated.
http://www.net-security.org/news.php?id=14833
INSTALLING METASPLOIT ON MAC OS X
The goal of the Metasploit Project is to provide useful information
to people who perform penetration testing, IDS signature development,
and exploit research.
http://www.net-security.org/news.php?id=14834
EBAY ART FAKES REVEALED
Shoppers buying art online should be just as careful as if they were
buying from a dealer, the popular online auction site eBay says.
http://www.net-security.org/news.php?id=14835
FREE TOOL FROM LENOVO FOR SAFE HARD DRIVE WIPING
Secure Data Disposal is available for download free on Lenovo
notebooks and desktop PCs.
http://www.net-security.org/news.php?id=14836
GARTNER: ORACLE ‘NO LONGER A BASTION OF SECURITY’
Analyst warning follows 82-patch update.
http://www.net-security.org/news.php?id=14837
AVERAGE ZERO-DAY BUG HAS 348-DAY LIFESPAN
Thriving bug market only squashed by publicizing or patching.
http://www.net-security.org/news.php?id=14839
IPHONE: SECURITY PREDATORS SALIVATING
“The biggest threat to the iPhone right now is its popularity,” says
Neel Mehta, team lead of the advanced research group at IBM’s
Internet Security Systems.
http://www.net-security.org/news.php?id=14838
A HACKER’S NASDAQ
In the summer of 2005, Charlie Miller was working in his living room
when he discovered a hackable vulnerability in a common species of
server software.
http://www.net-security.org/news.php?id=14840
SECRET SERVICE NABS GANG BLAMED FOR $75M IN CREDIT CARD FRAUD LOSSES
They also recovered some 200,000 credit card account numbers.
http://www.net-security.org/news.php?id=14841
DETECTING “OFF PORT” SERVICES WITH NESSUS
If you are attempting to perform network security monitoring in a
large, unmanaged environment that has “poor” security, you are most
likely dealing with botnets, phishing attempts, worms and Trojans.
http://www.net-security.org/news.php?id=14842
DEBUGGING SSL COMMUNICATIONS
This article will discuss two utilities (ssldump and openssl) that
can help debug applications utilizing SSL.
http://www.net-security.org/news.php?id=14843
RUNNING THE PUTTY SSH CLIENT ON A NOKIA E61
PuTTY allows you to use your Symbian-powered mobile device to connect
securely to a remote computer no matter where you are located. With
this tool you can perform various tasks and I bet many of you would
like to be able to control their server from the road, we all know
problems occur at the least opportune time.
http://www.net-security.org/news.php?id=14844
MAN WHO STOLE DATA ON 110,000 PEOPLE GETS FIVE-YEAR SENTENCE
He later attempted to sell the info.
http://www.net-security.org/news.php?id=14845
PHISHING TOOL CONSTRUCTS NEW SITES IN TWO SECONDS
Easy-peasy-sleazy 0wnage in 120 seconds.
http://www.net-security.org/news.php?id=14846
EMBEDDED SECURITY
Security is arguably the single most important issue for business and
the public sector in the 21st century.
http://www.net-security.org/news.php?id=14847
PRACTICAL PASSWORD POLICIES – THEY CAN NEVER REDUCE RISK TO ZERO
Having weak passwords certainly can make life difficult for everyone.
Nobody likes having to recover or change all their identity cards and
information when their password gets compromised.
http://www.net-security.org/news.php?id=14848
SAFE CRACKERS GOOGLE FOR INSTRUCTIONS
Two burglars had door keys, pass codes and combinations to help them
break the safes at an indoor amusement center, but they had to turn
to Google for help to steal their loot.
http://www.net-security.org/news.php?id=14849
STORAGE REQUIREMENTS FOR THE WINDOWS VISTA SECURITY LOG
Here are a few examples of how Vista security logs tend to grow much
more quickly than their predecessors.
http://www.net-security.org/news.php?id=14850
RESEARCHERS: ENTERPRISES SHOULD PATCH MICROSOFT SERVER BUG
Put the critical Active Directory vulnerability at ‘top of the list,’
say experts.
http://www.net-security.org/news.php?id=14851
THE FIVE PHASES OF RECOVERING DIGITAL EVIDENCE
This is the second post in a series about the five phases of
recovering data structures from a stream of bytes (a form of digital
evidence recovery).
http://www.net-security.org/news.php?id=14852
SCAN HOSTNAMES EFFICIENTLY WITH NMAP
Your DNS team sends you the company’s entire domain name inventory in
a CSV (comma-separated values) file.
http://www.net-security.org/news.php?id=14853
INTRODUCING HAUTE SECURE, THE MALWARE FILTER
Haute Secure is a malware filter, much like a phishing or spam filter
in existing applications.
http://www.net-security.org/news.php?id=14854
MARK RUSSINOVICH: FROM WINTERNALS TO MICROSOFT, ON WINDOWS SECURITY,
WINDOWS COREARCH
If you write code on Windows or like to know what goes on under the
hood in Windows, then you’ve no doubt heard of Mark Russinovich. He’s
an OS kernel expert, a Technical Fellow in Windows and is a member of
the Windows Core Architecture team.
http://www.net-security.org/news.php?id=14855
FIRMS BREACHING DATA PROTECTION
A “horrifying” number of companies, government departments and other
public bodies have breached data protection rules in the past year, a
report says.
http://www.net-security.org/news.php?id=14856
TUNNELLING HTTP TRAFFIC THROUGH XSS CHANNELS
An XSS Channel is an interactive communication channel between two
systems which is opened by an XSS attack. At a technical level, it is
a type of AJAX application which can obtain commands, send responses
back and is able to talk cross-domain.
http://www.net-security.org/news.php?id=14857
HOW THE INTEGRITY MECHANISM IS IMPLEMENTED IN WINDOWS VISTA
Shows how the Windows integrity mechanism was modified in Windows
Vista to include support for User Account Control (UAC), Microsoft
Internet Explorer Protected Mode, and the Windows Component Object
Model (COM).
http://www.net-security.org/news.php?id=14858
EXPLOITING REFLECTED XSS VULNERABILITIES
This is a look at exploiting reflected XSS vulnerabilities where user
input must come through HTTP Request Headers.
http://www.net-security.org/news.php?id=14859
DATA ON AMERICANS MINED FOR TERROR RISK
The FBI is gathering and sorting information about Americans to help
search for potential terrorists, insurance cheats and crooked
pharmacists, according to a government report obtained Tuesday.
http://www.net-security.org/news.php?id=14860
OHIO: STOLEN DEVICE CONTAINS 859,800 IDS
Including info on those who had not cashed state income refund
checks.
http://www.net-security.org/news.php?id=14861
A NUCLEAR RUSE UNCOVERS HOLES IN U.S. SECURITY
Undercover Congressional investigators set up a bogus company and
obtained a license from the Nuclear Regulatory Commission in March
that would have allowed them to buy the radioactive materials needed
for a so-called dirty bomb.
http://www.net-security.org/news.php?id=14862
MILITARY FILES LEFT UNPROTECTED ONLINE
Online military data is not always secure.
http://www.net-security.org/news.php?id=14863
FBI: EXPECT MORE SPAM PROSECUTIONS
Partnership between law enforcement agencies and industry reaps
results, identifying more than 100 ‘significant spammers’.
http://www.net-security.org/news.php?id=14864
ONLINE SECURE BACKUPS WITH THE ALLMYDATA WEB 2.0 APPLICATION
Backups are an important part of anyone’s computer life. As a result
of Murphy’s Laws, you will lose your precious data in the most
inappropriate situation, so backing up should be one of your regular
habits. The problem with burning CDs or DVDs is that often they get
often misplaced, so using an online backup is good way to go. As I am
following the rise (and fall) of Web 2.0 applications I came across a
nice online solution called Allmydata.
http://www.net-security.org/news.php?id=14869
THE RISE OF ANTIFORENSICS
New, easy to use antiforensic tools make all data suspect,
threatening to render computer investigations cost-prohibitive and
legally irrelevant.
http://www.net-security.org/news.php?id=14865
GREEK SPYING CASE UNCOVERS FIRST PHONE SWITCH ROOTKIT
Someone tapped into the phones of top government officials.
http://www.net-security.org/news.php?id=14866
MOUNTING SCRUTINY FOR GOOGLE SECURITY
As Google moves into the business environment, it is starting to face
the same security questions other business app vendors face.
http://www.net-security.org/news.php?id=14867
THE COMPUTER VIRUS TURNS 25
It’s been a rocky quarter-century, but according to Richard Ford and
Eugene Spafford, two computer scientists writing in this week’s issue
of the journal Science, viruses can look forward to a long, fruitful
life.
http://www.net-security.org/news.php?id=14868
—————————————————————-
Detect vulnerabilities on your Internet-facing server with
FREESCAN from Qualys
FreeScan allows you to quickly and accurately scan your server for
thousands of vulnerabilities that could be exploited by an attacker.
If vulnerabilities exist on the IP address provided, FreeScan will
find them and provide detailed information on each risk – including
its severity, associated threat, and potential impact. It even
provides links to give you more information about the vulnerability
and how to correct it.
Click here to receive your FreeScan:
[ Advisories ]
All advisories are located at:
http://www.net-security.org/archive_advi.php
—————————————————————-
Turbolinux Security Announcement – gimp -> Buffer overflow
http://www.net-security.org/advisory.php?id=7722
Mandriva Linux Security Update Advisory – perl-Net-DNS
(MDKSA-2007:146)
http://www.net-security.org/advisory.php?id=7721
US-CERT Technical Cyber Security Alert – Apple Releases Security
Updates for QuickTime (TA07-193A)
http://www.net-security.org/advisory.php?id=7720
SUSE Security Announcement – php4,php5 (SUSE-SA:2007:044)
http://www.net-security.org/advisory.php?id=7719
US-CERT Technical Cyber Security Alert – Adobe Flash Player Updates
for Multiple Vulnerabilities (TA07-192A)
http://www.net-security.org/advisory.php?id=7718
Apple Security Update – QuickTime 7.2 (APPLE-SA-2007-07-11)
http://www.net-security.org/advisory.php?id=7717
Gentoo Linux Security Advisory – XnView: Stack-based buffer overflow
(GLSA 200707-06)
http://www.net-security.org/advisory.php?id=7716
Cisco Security Advisory – Cisco Unified Communications Manager
Overflow Vulnerabilities (cisco-sa-20070711-cucm)
http://www.net-security.org/advisory.php?id=7715
Ubuntu Security Notice – openoffice.org(2)/-amd64 vulnerability
(CVE-2007-0245)
http://www.net-security.org/advisory.php?id=7714
Mandriva Linux Security Update Advisory – wireshark (MDKSA-2007:145)
http://www.net-security.org/advisory.php?id=7713
US-CERT Technical Cyber Security Alert – Microsoft Updates for
Multiple Vulnerabilities (TA07-191A)
http://www.net-security.org/advisory.php?id=7712
Mandriva Linux Security Update Advisory – openoffice.org
(MDKSA-2007:144)
http://www.net-security.org/advisory.php?id=7711
Mandriva Linux Security Update Advisory – mplayer (MDKSA-2007:143)
http://www.net-security.org/advisory.php?id=7710
Ubuntu Security Notice – imagemagick vulnerabilities (USN-481-1 )
http://www.net-security.org/advisory.php?id=7709
Debian Security Advisory – vlc (DSA 1332-1 )
http://www.net-security.org/advisory.php?id=7708
SUSE Security Announcement – kernel (SUSE-SA:2007:043)
http://www.net-security.org/advisory.php?id=7706
—————————————————————-
[ Articles ]
All articles are located at:
http://www.net-security.org/articles_main.php
Articles can be contributed to articles@net-security.org
—————————————————————-
ONLINE SECURE BACKUPS WITH THE ALLMYDATA WEB 2.0 APPLICATION
Backups are an important part of anyone’s computer life. As a result
of Murphy’s Laws, you will lose your precious data in the most
inappropriate situation, so backing up should be one of your regular
habits. The problem with burning CDs or DVDs is that often they get
often misplaced, so using an online backup is good way to go. As I am
following the rise (and fall) of Web 2.0 applications I came across a
nice online solution called Allmydata.
http://www.net-security.org/article.php?id=1034
TUNNELLING HTTP TRAFFIC THROUGH XSS CHANNELS
An XSS Channel is an interactive communication channel between two
systems which is opened by an XSS attack. At a technical level, it is
a type of AJAX application which can obtain commands, send responses
back and is able to talk cross-domain.
http://www.net-security.org/article.php?id=1033
RUNNING THE PUTTY SSH CLIENT ON A NOKIA E61
PuTTY allows you to use your Symbian-powered mobile device to connect
securely to a remote computer no matter where you are located. The
software is free and it enables you to use SSH to be sure a secure
channel is created between you and the remote machine. With this tool
you can perform various tasks and I bet many of you would like to be
able to control their server from the road, we all know problems
occur at the least opportune time. This article will cover the
installation and usage of PuTTY on a Nokia E61. It is filled with
screenshots that will make the entire process easy to follow.
http://www.net-security.org/article.php?id=1032
KNOW THE ENEMY WITHIN
An in depth study of threats in the workplace highlights exactly what
they are as well as users’ attitudes to those threats, and what’s
behind them. The fact is that we all know the kind of activities that
users get up to if they are not closely monitored and controlled, but
the scale of it and the threat that it represents may be seriously
underestimated.
http://www.net-security.org/article.php?id=1031
—————————————————————-
[ Software ]
Windows software is located at:
http://net-security.org/software_main.php?cat=1
Linux software is located at:
http://net-security.org/software_main.php?cat=2
Pocket PC software is located at:
http://net-security.org/software_main.php?cat=3
Mac OS X software is located at:
http://net-security.org/software_main.php?cat=5
—————————————————————-
AD-AWARE 2007 FREE (Windows)
Ad-aware is a free multi spyware removal utility.
http://www.net-security.org/software.php?id=135
PASSWORD SAFE 3.09 (Windows)
Password Safe is a password database utility.
http://www.net-security.org/software.php?id=172
SHOREWALL 3.4.5 (Linux)
Shorewall is an iptables based firewall that can be used on a
dedicated firewall system, a multi-function masquerade gateway/server
or on a standalone Linux system.
http://www.net-security.org/software.php?id=40
WINSCP 4.0.3 (Windows)
WinSCP is an open source SSH file transfer protocol and secure copy
client for Windows using SSH.
http://www.net-security.org/software.php?id=6
—————————————————————-
[ Webcasts ]
All webcasts are located at:
http://net-security.org/webcasts.php
—————————————————————-
Cross-Site Request Forgeries (CSRF)
Organized by WhiteHat Security on 24 July 2007, 11:00 AM
http://www.net-security.org/webcast.php?id=488
Deploying IPSec with Windows Vista
Organized by Microsoft on 25 July 2007, 9:30 AM
http://www.net-security.org/webcast.php?id=487
—————————————————————-
[ Conferences ]
All conferences are located at:
http://net-security.org/conferences.php
—————————————————————-
Security ’07 – 16th USENIX Security Symposium
Organized by USENIX – 6 August-10 August 2007
http://www.net-security.org/conference.php?id=186
3rd Annual Techno Forensics Conference
Organized by The TrainingCo. – 29 October-31 October 2007
http://www.net-security.org/conference.php?id=212
—————————————————————-
Detect vulnerabilities on your Internet-facing server with
FREESCAN from Qualys
FreeScan allows you to quickly and accurately scan your server for
thousands of vulnerabilities that could be exploited by an attacker.
If vulnerabilities exist on the IP address provided, FreeScan will
find them and provide detailed information on each risk – including
its severity, associated threat, and potential impact. It even
provides links to give you more information about the vulnerability
and how to correct it.
Click here to receive your FreeScan:
[ Security World ]
All security world articles are located at:
http://www.net-security.org/secworld_main.php
Send your press releases to press@net-security.org
—————————————————————-
New self-evolving security software
http://www.net-security.org/secworld.php?id=5344
Critical security vulnerabilities in Photoshop CS2 and CS3
http://www.net-security.org/secworld.php?id=5342
SANS announces Network Security 2007 national training event
http://www.net-security.org/secworld.php?id=5341
More money for Microsoft’s associated partner security programs
http://www.net-security.org/secworld.php?id=5340
Botnet that tricks iPhone buyers
http://www.net-security.org/secworld.php?id=5339
New DNSSEC pilot program for the US Government
http://www.net-security.org/secworld.php?id=5338
Cybercrime drives growth and increased competition in the global
anti-malware market
http://www.net-security.org/secworld.php?id=5337
IP business phone featuring VPN security
http://www.net-security.org/secworld.php?id=5336
Charges in a zombie computer stock scam
http://www.net-security.org/secworld.php?id=5335
Password management tool running on a USB drive
http://www.net-security.org/secworld.php?id=5334
New release of NetShred X Mac privacy software
http://www.net-security.org/secworld.php?id=5333
Attend Black Hat USA 2007 Briefings for FREE! – Winners announced
http://www.net-security.org/secworld.php?id=5332
New Samsung ultra-mobile portable PC with a fingerprint sensor
http://www.net-security.org/secworld.php?id=5331
New gateway-to-endpoint products from Trend Micro
http://www.net-security.org/secworld.php?id=5330
Google to acquire messaging security company
http://www.net-security.org/secworld.php?id=5329
Collection of security news, happenings and articles from the past
week
http://www.net-security.org/secworld.php?id=5328
—————————————————————-
[ Virus News ]
All virus news are located at:
http://www.net-security.org/viruses.php
—————————————————————-
Malware week in review: user data stealing trojan and a couple of
worms
http://www.net-security.org/virus_news.php?id=835
Trojans – the most widespread malware in Q2 2007
http://www.net-security.org/virus_news.php?id=834
—————————————————————-