Author: The Intern
December 3, 2008 at 10:02 am · Filed under News
Click here to subscribe to Liquidmatrix Security Digest!.
Good Morning!
I’m back after many days away, it’s good to be here.
Didya miss me?
I think Dave might have.
Thanks for joining us!
The Intern
And now, the news…
-
What’s wrong with tape backup? - The Register
-
Apple Removes Antivirus Support Note, Reiterates OS Xs Built-In Protections - Gizmodo
-
Gunmen Used Technology as A Tactical Tool - The Washington Post
-
Online payment site hijacked by notorious crime gang - The Register
-
U.S. FCC to mull free internet plan - The Globe and Mail
-
Browser Head to head: Chrome vs. Firefox vs Flock - Mashable I’ll put $10 on Flock, thanks.
-
Behavioral screening — the future of airport security? - CNN
-
Secret Geek A-Team Hacks Back, Defends Worldwide Web - Wired I am keenly interested in the thought processes of geeks, this article speaks to that a bit.
Tags: News, Daily Links, Security Blog, Information Security, Security News
Author: Dave Lewis
December 2, 2008 at 10:13 pm · Filed under Crime, Forensics, Hardware
I love stories like the one where a Mac user helped the cops apprehend her laptop thief. But, what if your laptop got pinched? Would you be prepared? Is the hard drive encrypted? Is the data backed up somewhere? Will your accumulated collection of feet pictures cause you some degree of embarrassment?
Well, the feet notwithstanding (ugh), the makers of the Lenovo Thinkpad have added an interesting feature. I thought I wrote about this at the time but, for the life of me I could find it. Ah well.
The feature (taking my methylphenidate) is a chance to brick your stolen laptop and completely piss of the jackass who purloined your loin cooker. Just send it an SMS message and bingo, she’s locked up.
From Dark Reading:
“If a hard drive is turned on and the OS is loaded, the encryption technology makes all the data on the drive available in clear text to the operating system,” Cannady says. “If someone steals my PC off my desk or off the table in Starbucks and I’m logged on and the lid is down in ’suspend’ mode, there’s a chance [the thief] could get that data — even though I have military-grade encryption technology turned on.”
Cannady says the new Lenovo feature lets you send a kill command directly to the laptop, using a mobile phone. “When the kill command is received, the PC will shut down and refuse to turn on again,” he says.
Which would mean something if you knew your system was missing in the first place. If you were unaware well, you’d be pretty much boned. Worse still if the thief happened to have a faraday cage lying around.
Still, a neat feature.
Article Link
UPDATE: Received this tweet from Amrit at BigFix.
“BigFix can do that, send a “fixlet” to snap a pic using the built-in iSight camera and then email it. One of our custs sent “fixlets” to 5 stolen laptops w/a pop-up that noted the IP & said they wouldn’t call cops if they were returned. The thief called the # in the pop-up and returned the laptops within the hour”
Ah, the fun it would be to get that call.
Author: Dave Lewis
December 2, 2008 at 10:11 am · Filed under News
Dealing with nasty keyboards, new office and petulant consultants. Ugh, and cold coffee, blech.
Have a great day all!
Click here to subscribe to Liquidmatrix Security Digest!.
And now, the news…
- Canadian IT Exec Accused Of Stealing Customer Database | Dark Reading
- UDP won’t ‘crash Internet’, rages BitTorrent | Techworld
- London Hospitals Nearly Back Online After Worm Infection | Yahoo News
- EFF to court: Don’t shield telecoms from illegal-spying suits | CNET
- Buffer overflow in Cain&Abel password recovery tool | Heise
- Writing Wireshark network traffic filters | Search Security
- ArcSight Named a Leading Vendor in Key Segments | CNN
Tags: News, Daily Links, Security Blog, Information Security, Security News
Author: Dave Lewis
December 1, 2008 at 10:25 pm · Filed under Malware, Tools
Macs are vulnerable to malware? Say it ain’t so! (ok, in case it was missed I’m being sarcastic)
From Washington Post:
In a notable shift, Apple is now recommending that Mac users install anti-virus software to help users secure their systems.
In a technical note quietly published to its support site on Nov. 21, Apple issued the following advice:
“Apple encourages the widespread use of multiple anti-virus utilities so that virus programmers have more than one application to circumvent, thus making the whole virus writing process more difficult.”
This is news to me. Just under three months ago, I asked an employee at our local Apple store whether I needed anti-virus for my MacBook, and was told not to bother, that it was not necessary.
Even if it was nothing more than a malware that happened to be stored on a Mac its enough to warrant a check. Antivirus software is not the ‘be all’ but, it’s a damn sight better than none at all. The fact that Apple has suggested the use is just prudence. No operating system is 100% secure and they won’t be any time soon.
I had a similar encounter to Brian Krebs, when I got my Macbook, with an Apple store employee where I was told that “antivirus isn’t necessary on a Mac”. Hmm.
So, you can look at it like this. You can use security on your systems or you can drink the $VENDOR koolaid of your choice.
Article Link
Author: Dave Lewis
November 28, 2008 at 7:43 pm · Filed under Hacker, Military
DoD computer systems have been apparently taking ‘fire’ from Russian hackers.
From the LA Times:
Reporting from Washington — Senior military leaders took the exceptional step of briefing President Bush this week on a severe and widespread electronic attack on Defense Department computers that may have originated in Russia — an incursion that posed unusual concern among commanders and raised potential implications for national security.
Defense officials would not describe the extent of damage inflicted on military networks. But they said that the attack struck hard at networks within U.S. Central Command, the headquarters that oversees U.S. involvement in Iraq and Afghanistan, and affected computers in combat zones. The attack also penetrated at least one highly protected classified network.
This comes at a time of increasing tension between the two countries. The true nature of the attack remains a bit of a mystery for the time being. Well, at least for those of us who are members of the public. I have little doubt that the folks in know have a clear idea of the target of the attacks.
Article Link
Author: Dave Lewis
November 27, 2008 at 10:22 pm · Filed under Vendor News
I guess the world economy isn’t taking the piss out of everyone. Today we get word (thx tipster) that security firm Next Generation Security Software Ltd (“NGSS”) has been purchased by the NCC Group.
From the NCC Group Website:
NCC Group plc (LSE: NCC, “NCC Group” or “the Group”), the international, independent provider of Escrow Solutions, Assurance Testing and Consultancy, has acquired Next Generation Security Software Ltd (“NGSS”), a security and testing company, for a maximum consideration of up to £10.0m in cash.
This is the third acquisition by NCC Group in less than two years and as well as complementing its own capabilities in the network, testing and software security market; it will also substantially strengthen the Group’s position in this fast growing sector.
An all cash deal? Yup, the market is still good for some folks.
Congrats to David Litchfield and crew.
Article Link
Author: Dave Lewis
November 27, 2008 at 9:02 pm · Filed under Exploit, Hacker
CBS.com, one of the highest ranking sites on the web according to Quantcast (3.9 million visitors over 4 months) and Alexa (which ranked it 964 overall), was compromised by hackers apparently operating from Russia. The security firm Finjan discovered the breach and alerted CBS.
From Finjan:
The cybercriminals added a malicious obfuscated script to the infected page. The injected script injects a malicious IFrame to the page.
The injected IFrame automatically loads another malicious script from a remote server controlled by criminals in Russia, causing a possible installation of malware on the unsuspecting client machine. The remote Russian server is already down.
One can only wonder how many folks got nailed with this exploit as no doubt folks are checking the site as they enjoy their Thanksgiving weekend in the US.
Article Link
Author: Dave Lewis
November 26, 2008 at 7:46 pm · Filed under App Security, Patches, Web Security
To the bloggers out there using Wordpress as their platform of choice its time to upgrade. This release addresses a couple of security issues.
From Wordpress:
WordPress 2.6.5 is immediately available and fixes one security problem and three bugs. We recommend everyone upgrade to this release.
The security issue is an XSS exploit discovered by Jeremias Reith that fortunately only affects IP-based virtual servers running on Apache 2.x. If you are interested only in the security fix, copy wp-includes/feed.php and wp-includes/version.php from the 2.6.5 release package.
Please note that the jump from 2.6.3 to revision 2.6.5 is intentional. There is not, nor will ever be, a version of Wordpress at 2.6.4 due to a fake code release.
Right, on yer bike.
Article Link
Author: Dave Lewis
November 26, 2008 at 7:35 pm · Filed under Education, Email
Today brings news that the spammers that were using McColo Corp have retaken their botnet and are back in business of blasting out spam. As a tangent, we read Google’s response to the rise in pwned Gmail accounts.
From Google Online Security Blog:
We’ve seen some speculation recently about a purported security vulnerability in Gmail and the theft of several website owners’ domains by unauthorized third parties. At Google we’re committed to providing secure products, and we mounted an immediate investigation. Our results indicate no evidence of a Gmail vulnerability.
With help from affected users, we determined that the cause was a phishing scheme, a common method used by malicious actors to trick people into sharing their sensitive information. Attackers sent customized e-mails encouraging web domain owners to visit fraudulent websites such as “google-hosts.com” that they set up purely to harvest usernames and passwords. These fake sites had no affiliation with Google, and the ones we’ve seen are now offline. Once attackers gained the user credentials, they were free to modify the affected accounts as they desired. In this case, the attacker set up mail filters specifically designed to forward messages from web domain providers.
The thought by some folks was that this was due to a CSRF bug that was discovered in Sept 2007. According to Google this problem was addressed within 24 hours of the initial discovery.
Today I received an email from someone I know who had their Gmail account pinched by ne’er do wells. They were nice enough to blast out spam with his/her entire address book in the “To:” field.
Decidedly uncool.
What does this accomplish? Does this make the spammer money? Of course not. Does it piss off people that would like nothing better than to hunt the little peckerwoods down? You bet.
The long and the short of it is that we all need to take precautions when using any webmail account. Google offers this advice on how to help better protect oneself using HTTPS with Gmail. Is it bulletproof? No. But, it’s better than getting your password snarfed.
Article Link
Author: The Intern
November 26, 2008 at 9:49 am · Filed under News
Good morning!
I may have actually lost it just prior to posting this. I cannot be held responsible for the content of this edition. It’s Dave’s fault, he gave me the password.
To the Americans - I sincerely hope you have a peaceful long holiday weekend with a combination of laughter, gratitude and a good night’s sleep or two.
Warm Regards,
The Intern
Click here to subscribe to Liquidmatrix Security Digest!.
And now, the news…
-
The 5 Books Every IT Manager Should Read Right Now - Baseline
-
Google admits breaking App Store rules - C-Net
-
Juror dismissed over Facebook poll - The Register And somehow this member of the brain trust made it through the jury selection process.
-
Blue Box Evidence Images from the FBI, 1971 - Boing Boing
-
You Gotta Try Mr. Tweet - Mashable
-
Final judgment: SCO owes Novell millions (plus interest) ars technica Here’s one for the vultures of Intellectual Property claimants.
-
Aussie government muffs plans for internet filtering - The Register
-
Hardening the Linus desktop IBM We know we should do it, but do you?
-
Bailout costs more than Marshall Plan, Louisiana Purchase, moonshot, S&L bailout, Korean War, New Deal, Iraq war, Vietnam war, and NASA’s lifetime budget — *combined*! - Boing Boing
… and finally, we at the Digest really do care about you and familial harmony. We do.
-
7 Tip for Getting Along With Your Difficult Relatives over Thanksgiving - The Happiness Project
Tags: News, Daily Links, Security Blog, Information Security, Security News
Next entries »
