Tag: security
-
Spam increasing again
Apparently it’s increasing to close to pre-McColo ( one of the major sources of spam last year which was clsoed down ) levels. Levels are now at 74.6% which means that every 3 in 4 emails are spam. The Mega-D (Ozdoc) botnet is making the largest single contribution to junk mail levels, sending more than…
-
OpenMoko anti-semitic and communist
It seems that a forged email at OpenMoko ( the free and open-source cellular handset ) was mistakenly sent out to the OpenMoko mailing list with some interesting content: According to the email, Obama “completely supports the theft of trillions of American taxpayer dollars to the Zionist international bankers” and Obama leading “America, Palestine and…
-
Twitter/LinkedIn malware
Most social networking and Web 2.0 sites have been victims of malware at some point or another and LinkedIn is no different. The latest threat relates to many phony profile pages which tempt users with pictures of nude celebrities. When the user clicks on one of the links, they are taken to an external site…
-
IE fix
Microsoft yesterday release updates for a no. of zero-day vulnerabilities in Internet Explorer versions excluding IE8Beta2 – this one is still forthcoming. Considering this is only the 2nd out of sequence update in 18 months, you’ll have some idea of how serious it is. Please make sure you have auto updates switched on and have…
-
More on the IE exploit
Microsoft says Internet Explorer 5.01, 6 and 8 (beta) are also potentially susceptible to the zero-day exploit, published recently. Until now it had been assumed that only Internet Explorer 7 contained the vulnerability. Microsoft recommends that Data Execution Prevention (DEP) and memory protection be enabled in Internet Explorer 7 (Tools/Internet Options/Advanced/Enable memory protection…), but this…
-
Flash webcam hijacker!
The security issues just keep on rolling in – the latest is a flash vulnerability that allows an attacker to gain control of webcams and microphones. Rated ‘critical’ by Adobe, the bug affects all browsers using the flash plugin or player – a patch isn’t yet available although there is a workaround of some kind.…
-
Crackers target Windows Media encoder bug
It didn’t take long for exploit code to become available after last week’s Microsoft bug fix for the vulnerability in Windows Media Player. The code is distributed in 2 ways: a simple cleartext program where the shellcode has been altered and a widely deployed toolkit called e2. This causes a visitor to a web site…
-
Debian SSH keys
The Debian SSH key fiasco from earlier this year is starting to bear bad fruit. The original issue ( listed earlier in this blog ) is that the Debian project took out some code from the SSH source as part of a code cleansing exercise – this code unfortunately was responsible for inserting randomness into…
-
More global internet issues – BGP
Some security researchers have found a vulnerability in the BGP ( Border Gateway Protocol ) routing protocol that could allow one to intercept internet traffic on a scale not possible before, except by a group such as the NSA with their Echelon project. The attack exploits a man-in-the-middle type vulnerability in BGP to monitor and…
-
DNS security saved by Nominum?
Besides SPR ( source port randomisation ), Nominum have a number of other security options built into their Vantio DNS product: SPR defense: strange queries result in a direct connection to the server resistance: tries not to give out ip’s for name servers ( glue records ) warns ISP of attack So, interesting options from…
-
VMWare forgets about BETA code
VMWare developers recently left beta debug code in an update provided for ESX 3.5, with an expiry date built in. The result would be that users would lose access to their VM’s after applying the update and a ‘general system error’ would be indicated. While the updated update is now working and available, those who…
-
MSNBC.com is spammers’ latest victim
You may have noticed a lot of email purporting to come from MSNBC.com in the last few weeks and this is a result of a new spam campaign doing the rounds. Problem is that some of these headlines could actually be valid; even if people are intelligently looking at their email for spam, they might…
-
OpenID and SSL/DNS poisoning
Ben Laurie of Google’s Applied Security team, while working with an external researcher, Dr. Richard Clayton of the Computer Laboratory, Cambridge University, found that various OpenID Providers (OPs) had TLS Server Certificates that used weak keys, as a result of the Debian Predictable Random Number Generator (CVE-2008-0166). In combination with the DNS Cache Poisoning issue…
-
DNS – Source Port Randomisation
Dan Kaminsky gave a very interesting talk on the recent DNS issues as part of the Black Hat USA 2008 conference currently on the go in Las Vegas. Originally DJ Bernstein had advocated ( and put into DJBDNS ) source port randomisation as part of the DNS request but no one else had as they…
-
Windows Vista insecurity?
The following article comes courtesy of SDV: Some researchers at the recent BlackHat conference have been doing work in the area of Window Vista security and have ( apparently ) found a major hole whereby they can use .Net or similar scripting languages to effectively bypass the memory security functions built into Vista ( DEP…