Collection of security news, happenings and articles from the past week

This is a weekly roundup of all the security news, articles, software releases, vendor advisories and webcasts that were published on Help Net Security during the past week.

This roundup is sponsored by:

Get a detailed report on 1 publicly facing IP address.

Detect vulnerabilities on your Internet-facing server with
FREESCAN from Qualys

FreeScan allows you to quickly and accurately scan your server for
thousands of vulnerabilities that could be exploited by an attacker.
If vulnerabilities exist on the IP address provided, FreeScan will
find them and provide detailed information on each risk – including
its severity, associated threat, and potential impact. It even
provides links to give you more information about the vulnerability
and how to correct it.

Click here to receive your FreeScan:

http://freescan.qualys.com/?lsid=7022

Table of contents:

1) Security news
2) Advisories
3) Articles
4) Software
5) Webcasts
6) Conferences
7) Security World
8) Virus News

[ Security news ]

—————————————————————-

BEWARE OF DATA DUMPSTER DIVERS
Trashing an old PC with sensitive data on the hard drive can be
almost as bad as leaving it out on the sidewalk in terms of data
security.
http://www.net-security.org/news.php?id=14830

TOP SECRET: WE’RE WIRETAPPING YOU
It could be a scene from Kafka or Brazil. Imagine a government
agency, in a bureaucratic foul-up, accidentally gives you a copy of a
document marked “top secret.” And it contains a log of some of your
private phone calls.
http://www.net-security.org/news.php?id=14831

TIME TO BLACKLIST BLACKLISTS
Blacklists have their place for detecting and identifying malicious
content and activity, with the whole signature-based malware
detection industry effectively being built around the concept that
blacklists are reliable mechanisms.
http://www.net-security.org/news.php?id=14832

KNOW THE ENEMY WITHIN
An in depth study of threats in the workplace has highlighted exactly
what they are as well as users’ attitudes to those threats, and what’s
behind them. The fact is that we all know the kind of activities that
users get up to if they are not closely monitored and controlled, but
the scale of it and the threat that it represents may be seriously
underestimated.
http://www.net-security.org/news.php?id=14833

INSTALLING METASPLOIT ON MAC OS X
The goal of the Metasploit Project is to provide useful information
to people who perform penetration testing, IDS signature development,
and exploit research.
http://www.net-security.org/news.php?id=14834

EBAY ART FAKES REVEALED
Shoppers buying art online should be just as careful as if they were
buying from a dealer, the popular online auction site eBay says.
http://www.net-security.org/news.php?id=14835

FREE TOOL FROM LENOVO FOR SAFE HARD DRIVE WIPING
Secure Data Disposal is available for download free on Lenovo
notebooks and desktop PCs.
http://www.net-security.org/news.php?id=14836

GARTNER: ORACLE ‘NO LONGER A BASTION OF SECURITY’
Analyst warning follows 82-patch update.
http://www.net-security.org/news.php?id=14837

AVERAGE ZERO-DAY BUG HAS 348-DAY LIFESPAN
Thriving bug market only squashed by publicizing or patching.
http://www.net-security.org/news.php?id=14839

IPHONE: SECURITY PREDATORS SALIVATING
“The biggest threat to the iPhone right now is its popularity,” says
Neel Mehta, team lead of the advanced research group at IBM’s
Internet Security Systems.
http://www.net-security.org/news.php?id=14838

A HACKER’S NASDAQ
In the summer of 2005, Charlie Miller was working in his living room
when he discovered a hackable vulnerability in a common species of
server software.
http://www.net-security.org/news.php?id=14840

SECRET SERVICE NABS GANG BLAMED FOR $75M IN CREDIT CARD FRAUD LOSSES
They also recovered some 200,000 credit card account numbers.
http://www.net-security.org/news.php?id=14841

DETECTING “OFF PORT” SERVICES WITH NESSUS
If you are attempting to perform network security monitoring in a
large, unmanaged environment that has “poor” security, you are most
likely dealing with botnets, phishing attempts, worms and Trojans.
http://www.net-security.org/news.php?id=14842

DEBUGGING SSL COMMUNICATIONS
This article will discuss two utilities (ssldump and openssl) that
can help debug applications utilizing SSL.
http://www.net-security.org/news.php?id=14843

RUNNING THE PUTTY SSH CLIENT ON A NOKIA E61
PuTTY allows you to use your Symbian-powered mobile device to connect
securely to a remote computer no matter where you are located. With
this tool you can perform various tasks and I bet many of you would
like to be able to control their server from the road, we all know
problems occur at the least opportune time.
http://www.net-security.org/news.php?id=14844

MAN WHO STOLE DATA ON 110,000 PEOPLE GETS FIVE-YEAR SENTENCE
He later attempted to sell the info.
http://www.net-security.org/news.php?id=14845

PHISHING TOOL CONSTRUCTS NEW SITES IN TWO SECONDS
Easy-peasy-sleazy 0wnage in 120 seconds.
http://www.net-security.org/news.php?id=14846

EMBEDDED SECURITY
Security is arguably the single most important issue for business and
the public sector in the 21st century.
http://www.net-security.org/news.php?id=14847

PRACTICAL PASSWORD POLICIES – THEY CAN NEVER REDUCE RISK TO ZERO
Having weak passwords certainly can make life difficult for everyone.
Nobody likes having to recover or change all their identity cards and
information when their password gets compromised.
http://www.net-security.org/news.php?id=14848

SAFE CRACKERS GOOGLE FOR INSTRUCTIONS
Two burglars had door keys, pass codes and combinations to help them
break the safes at an indoor amusement center, but they had to turn
to Google for help to steal their loot.
http://www.net-security.org/news.php?id=14849

STORAGE REQUIREMENTS FOR THE WINDOWS VISTA SECURITY LOG
Here are a few examples of how Vista security logs tend to grow much
more quickly than their predecessors.
http://www.net-security.org/news.php?id=14850

RESEARCHERS: ENTERPRISES SHOULD PATCH MICROSOFT SERVER BUG
Put the critical Active Directory vulnerability at ‘top of the list,’
say experts.
http://www.net-security.org/news.php?id=14851

THE FIVE PHASES OF RECOVERING DIGITAL EVIDENCE
This is the second post in a series about the five phases of
recovering data structures from a stream of bytes (a form of digital
evidence recovery).
http://www.net-security.org/news.php?id=14852

SCAN HOSTNAMES EFFICIENTLY WITH NMAP
Your DNS team sends you the company’s entire domain name inventory in
a CSV (comma-separated values) file.
http://www.net-security.org/news.php?id=14853

INTRODUCING HAUTE SECURE, THE MALWARE FILTER
Haute Secure is a malware filter, much like a phishing or spam filter
in existing applications.
http://www.net-security.org/news.php?id=14854

MARK RUSSINOVICH: FROM WINTERNALS TO MICROSOFT, ON WINDOWS SECURITY,
WINDOWS COREARCH
If you write code on Windows or like to know what goes on under the
hood in Windows, then you’ve no doubt heard of Mark Russinovich. He’s
an OS kernel expert, a Technical Fellow in Windows and is a member of
the Windows Core Architecture team.
http://www.net-security.org/news.php?id=14855

FIRMS BREACHING DATA PROTECTION
A “horrifying” number of companies, government departments and other
public bodies have breached data protection rules in the past year, a
report says.
http://www.net-security.org/news.php?id=14856

TUNNELLING HTTP TRAFFIC THROUGH XSS CHANNELS
An XSS Channel is an interactive communication channel between two
systems which is opened by an XSS attack. At a technical level, it is
a type of AJAX application which can obtain commands, send responses
back and is able to talk cross-domain.
http://www.net-security.org/news.php?id=14857

HOW THE INTEGRITY MECHANISM IS IMPLEMENTED IN WINDOWS VISTA
Shows how the Windows integrity mechanism was modified in Windows
Vista to include support for User Account Control (UAC), Microsoft
Internet Explorer Protected Mode, and the Windows Component Object
Model (COM).
http://www.net-security.org/news.php?id=14858

EXPLOITING REFLECTED XSS VULNERABILITIES
This is a look at exploiting reflected XSS vulnerabilities where user
input must come through HTTP Request Headers.
http://www.net-security.org/news.php?id=14859

DATA ON AMERICANS MINED FOR TERROR RISK
The FBI is gathering and sorting information about Americans to help
search for potential terrorists, insurance cheats and crooked
pharmacists, according to a government report obtained Tuesday.
http://www.net-security.org/news.php?id=14860

OHIO: STOLEN DEVICE CONTAINS 859,800 IDS
Including info on those who had not cashed state income refund
checks.
http://www.net-security.org/news.php?id=14861

A NUCLEAR RUSE UNCOVERS HOLES IN U.S. SECURITY
Undercover Congressional investigators set up a bogus company and
obtained a license from the Nuclear Regulatory Commission in March
that would have allowed them to buy the radioactive materials needed
for a so-called dirty bomb.
http://www.net-security.org/news.php?id=14862

MILITARY FILES LEFT UNPROTECTED ONLINE
Online military data is not always secure.
http://www.net-security.org/news.php?id=14863

FBI: EXPECT MORE SPAM PROSECUTIONS
Partnership between law enforcement agencies and industry reaps
results, identifying more than 100 ‘significant spammers’.
http://www.net-security.org/news.php?id=14864

ONLINE SECURE BACKUPS WITH THE ALLMYDATA WEB 2.0 APPLICATION
Backups are an important part of anyone’s computer life. As a result
of Murphy’s Laws, you will lose your precious data in the most
inappropriate situation, so backing up should be one of your regular
habits. The problem with burning CDs or DVDs is that often they get
often misplaced, so using an online backup is good way to go. As I am
following the rise (and fall) of Web 2.0 applications I came across a
nice online solution called Allmydata.
http://www.net-security.org/news.php?id=14869

THE RISE OF ANTIFORENSICS
New, easy to use antiforensic tools make all data suspect,
threatening to render computer investigations cost-prohibitive and
legally irrelevant.
http://www.net-security.org/news.php?id=14865

GREEK SPYING CASE UNCOVERS FIRST PHONE SWITCH ROOTKIT
Someone tapped into the phones of top government officials.
http://www.net-security.org/news.php?id=14866

MOUNTING SCRUTINY FOR GOOGLE SECURITY
As Google moves into the business environment, it is starting to face
the same security questions other business app vendors face.
http://www.net-security.org/news.php?id=14867

THE COMPUTER VIRUS TURNS 25
It’s been a rocky quarter-century, but according to Richard Ford and
Eugene Spafford, two computer scientists writing in this week’s issue
of the journal Science, viruses can look forward to a long, fruitful
life.
http://www.net-security.org/news.php?id=14868

—————————————————————-

Get a detailed report on 1 publicly facing IP address.

Detect vulnerabilities on your Internet-facing server with
FREESCAN from Qualys

FreeScan allows you to quickly and accurately scan your server for
thousands of vulnerabilities that could be exploited by an attacker.
If vulnerabilities exist on the IP address provided, FreeScan will
find them and provide detailed information on each risk – including
its severity, associated threat, and potential impact. It even
provides links to give you more information about the vulnerability
and how to correct it.

Click here to receive your FreeScan:

http://freescan.qualys.com/?lsid=7022

[ Advisories ]

All advisories are located at:
http://www.net-security.org/archive_advi.php

—————————————————————-

Turbolinux Security Announcement – gimp -> Buffer overflow
http://www.net-security.org/advisory.php?id=7722

Mandriva Linux Security Update Advisory – perl-Net-DNS
(MDKSA-2007:146)
http://www.net-security.org/advisory.php?id=7721

US-CERT Technical Cyber Security Alert – Apple Releases Security
Updates for QuickTime (TA07-193A)
http://www.net-security.org/advisory.php?id=7720

SUSE Security Announcement – php4,php5 (SUSE-SA:2007:044)
http://www.net-security.org/advisory.php?id=7719

US-CERT Technical Cyber Security Alert – Adobe Flash Player Updates
for Multiple Vulnerabilities (TA07-192A)
http://www.net-security.org/advisory.php?id=7718

Apple Security Update – QuickTime 7.2 (APPLE-SA-2007-07-11)
http://www.net-security.org/advisory.php?id=7717

Gentoo Linux Security Advisory – XnView: Stack-based buffer overflow
(GLSA 200707-06)
http://www.net-security.org/advisory.php?id=7716

Cisco Security Advisory – Cisco Unified Communications Manager
Overflow Vulnerabilities (cisco-sa-20070711-cucm)
http://www.net-security.org/advisory.php?id=7715

Ubuntu Security Notice – openoffice.org(2)/-amd64 vulnerability
(CVE-2007-0245)
http://www.net-security.org/advisory.php?id=7714

Mandriva Linux Security Update Advisory – wireshark (MDKSA-2007:145)
http://www.net-security.org/advisory.php?id=7713

US-CERT Technical Cyber Security Alert – Microsoft Updates for
Multiple Vulnerabilities (TA07-191A)
http://www.net-security.org/advisory.php?id=7712

Mandriva Linux Security Update Advisory – openoffice.org
(MDKSA-2007:144)
http://www.net-security.org/advisory.php?id=7711

Mandriva Linux Security Update Advisory – mplayer (MDKSA-2007:143)
http://www.net-security.org/advisory.php?id=7710

Ubuntu Security Notice – imagemagick vulnerabilities (USN-481-1 )
http://www.net-security.org/advisory.php?id=7709

Debian Security Advisory – vlc (DSA 1332-1 )
http://www.net-security.org/advisory.php?id=7708

SUSE Security Announcement – kernel (SUSE-SA:2007:043)
http://www.net-security.org/advisory.php?id=7706

—————————————————————-

[ Articles ]

All articles are located at:
http://www.net-security.org/articles_main.php

Articles can be contributed to articles@net-security.org

—————————————————————-

ONLINE SECURE BACKUPS WITH THE ALLMYDATA WEB 2.0 APPLICATION
Backups are an important part of anyone’s computer life. As a result
of Murphy’s Laws, you will lose your precious data in the most
inappropriate situation, so backing up should be one of your regular
habits. The problem with burning CDs or DVDs is that often they get
often misplaced, so using an online backup is good way to go. As I am
following the rise (and fall) of Web 2.0 applications I came across a
nice online solution called Allmydata.
http://www.net-security.org/article.php?id=1034

TUNNELLING HTTP TRAFFIC THROUGH XSS CHANNELS
An XSS Channel is an interactive communication channel between two
systems which is opened by an XSS attack. At a technical level, it is
a type of AJAX application which can obtain commands, send responses
back and is able to talk cross-domain.
http://www.net-security.org/article.php?id=1033

RUNNING THE PUTTY SSH CLIENT ON A NOKIA E61
PuTTY allows you to use your Symbian-powered mobile device to connect
securely to a remote computer no matter where you are located. The
software is free and it enables you to use SSH to be sure a secure
channel is created between you and the remote machine. With this tool
you can perform various tasks and I bet many of you would like to be
able to control their server from the road, we all know problems
occur at the least opportune time. This article will cover the
installation and usage of PuTTY on a Nokia E61. It is filled with
screenshots that will make the entire process easy to follow.
http://www.net-security.org/article.php?id=1032

KNOW THE ENEMY WITHIN
An in depth study of threats in the workplace highlights exactly what
they are as well as users’ attitudes to those threats, and what’s
behind them. The fact is that we all know the kind of activities that
users get up to if they are not closely monitored and controlled, but
the scale of it and the threat that it represents may be seriously
underestimated.
http://www.net-security.org/article.php?id=1031

—————————————————————-

[ Software ]

Windows software is located at:
http://net-security.org/software_main.php?cat=1

Linux software is located at:
http://net-security.org/software_main.php?cat=2

Pocket PC software is located at:
http://net-security.org/software_main.php?cat=3

Mac OS X software is located at:
http://net-security.org/software_main.php?cat=5

—————————————————————-

AD-AWARE 2007 FREE (Windows)
Ad-aware is a free multi spyware removal utility.
http://www.net-security.org/software.php?id=135

PASSWORD SAFE 3.09 (Windows)
Password Safe is a password database utility.
http://www.net-security.org/software.php?id=172

SHOREWALL 3.4.5 (Linux)
Shorewall is an iptables based firewall that can be used on a
dedicated firewall system, a multi-function masquerade gateway/server
or on a standalone Linux system.
http://www.net-security.org/software.php?id=40

WINSCP 4.0.3 (Windows)
WinSCP is an open source SSH file transfer protocol and secure copy
client for Windows using SSH.
http://www.net-security.org/software.php?id=6

—————————————————————-

[ Webcasts ]

All webcasts are located at:
http://net-security.org/webcasts.php

—————————————————————-

Cross-Site Request Forgeries (CSRF)
Organized by WhiteHat Security on 24 July 2007, 11:00 AM
http://www.net-security.org/webcast.php?id=488

Deploying IPSec with Windows Vista
Organized by Microsoft on 25 July 2007, 9:30 AM
http://www.net-security.org/webcast.php?id=487

—————————————————————-

[ Conferences ]

All conferences are located at:
http://net-security.org/conferences.php

—————————————————————-

Security ’07 – 16th USENIX Security Symposium
Organized by USENIX – 6 August-10 August 2007
http://www.net-security.org/conference.php?id=186

3rd Annual Techno Forensics Conference
Organized by The TrainingCo. – 29 October-31 October 2007
http://www.net-security.org/conference.php?id=212

—————————————————————-

Get a detailed report on 1 publicly facing IP address.
Detect vulnerabilities on your Internet-facing server with
FREESCAN from Qualys

FreeScan allows you to quickly and accurately scan your server for
thousands of vulnerabilities that could be exploited by an attacker.
If vulnerabilities exist on the IP address provided, FreeScan will
find them and provide detailed information on each risk – including
its severity, associated threat, and potential impact. It even
provides links to give you more information about the vulnerability
and how to correct it.

Click here to receive your FreeScan:

http://freescan.qualys.com/?lsid=7022

[ Security World ]

All security world articles are located at:
http://www.net-security.org/secworld_main.php

Send your press releases to press@net-security.org

—————————————————————-

New self-evolving security software
http://www.net-security.org/secworld.php?id=5344

Critical security vulnerabilities in Photoshop CS2 and CS3
http://www.net-security.org/secworld.php?id=5342

SANS announces Network Security 2007 national training event
http://www.net-security.org/secworld.php?id=5341

More money for Microsoft’s associated partner security programs
http://www.net-security.org/secworld.php?id=5340

Botnet that tricks iPhone buyers
http://www.net-security.org/secworld.php?id=5339

New DNSSEC pilot program for the US Government
http://www.net-security.org/secworld.php?id=5338

Cybercrime drives growth and increased competition in the global
anti-malware market
http://www.net-security.org/secworld.php?id=5337

IP business phone featuring VPN security
http://www.net-security.org/secworld.php?id=5336

Charges in a zombie computer stock scam
http://www.net-security.org/secworld.php?id=5335

Password management tool running on a USB drive
http://www.net-security.org/secworld.php?id=5334

New release of NetShred X Mac privacy software
http://www.net-security.org/secworld.php?id=5333

Attend Black Hat USA 2007 Briefings for FREE! – Winners announced
http://www.net-security.org/secworld.php?id=5332

New Samsung ultra-mobile portable PC with a fingerprint sensor
http://www.net-security.org/secworld.php?id=5331

New gateway-to-endpoint products from Trend Micro
http://www.net-security.org/secworld.php?id=5330

Google to acquire messaging security company
http://www.net-security.org/secworld.php?id=5329

Collection of security news, happenings and articles from the past
week
http://www.net-security.org/secworld.php?id=5328

—————————————————————-

[ Virus News ]

All virus news are located at:
http://www.net-security.org/viruses.php

—————————————————————-

Malware week in review: user data stealing trojan and a couple of
worms
http://www.net-security.org/virus_news.php?id=835

Trojans – the most widespread malware in Q2 2007
http://www.net-security.org/virus_news.php?id=834

—————————————————————-

Don't miss