SkiifGeek - Slashdot User

Submission + - How are Tech Companies Fighting the Recession? (beskerming.com)

Submitted by

SkiifGeek

on Saturday November 29, 2008 @01:13AM

SkiifGeek writes: "By now we all will have experienced the negative effects of the current credit crisis / economic downturn / guaranteed recession (depending on where you are in the world) in one way or another. Venture funds are drying up, fly-by-night web 2.0 startups are disappearing almost as fast as they once appeared, and those who might have a valid business plan and plan of action are being forced to cut back on staff. Even well established companies are facing the same problems, with some being lucky enough to be able to delay the belt tightening for the immediate future.

One company has taken the step of discounting all of their services and products until the downturn / recession / crisis is officially over, no matter how long it takes.

What are other companies doing to help their users and clients through this difficult economic period? Many will be offering discounts over the festive season, but what are other companies doing for the long term crisis? What are you doing to help those who rely upon you for technical expertise to be able to survive this crisis?"

Submission + - Thanksgiving Week the Peak for Virus Infection? (beskerming.com)

Submitted by

SkiifGeek

on Tuesday November 18, 2008 @10:17AM

SkiifGeek writes: "PC Tools has come out and claimed that the Monday before Thanksgiving is the peak time of year for system infection, based off figures collected from 2007.

This claim seems a little suspect, given the lack of supporting figures and material provided by the company and the almost consistent contrary information being reported by competing security firms, which show a continued growing trend of infections and available new malware, with only a couple of specific malware types showing a spike in November.

There may be some justification for the claims being put forward, but there seems to be far more information available which suggests that the opposite is true."

Submission + - Microsoft to Pay You to Use Their Search Engine (beskerming.com)

Submitted by

SkiifGeek

on Sunday November 09, 2008 @04:21AM

SkiifGeek writes: "It sounds like the fake chain email from the turn of the century, but this time it seems to be real, Microsoft is going to pay you (via rebate) for spending money online after using their online services.

Despite launching the program to minimal fanfare in May of this year, Microsoft looks to be going all out in the lead up to the peak shopping season. With all the conditions and limitations that are applied to the various rebate opportunities (max of $200, PayPal only, US only for the eBay one), it severely limits the program's usefulness to Internet-using majority outside of the US.

For a business division that is continuing to lose money hand over fist, perhaps it is time Microsoft tried to hang on to its money with respect to online services."

Submission + - Countries With High WinOS Piracy Not Most Infected (beskerming.com)

Submitted by

SkiifGeek

on Saturday November 08, 2008 @11:05PM

SkiifGeek writes: "Microsoft have released Volume 5 of their Security Intelligence Report, covering data reported from January to June 2008. Using data drawn from Microsoft security tools on end user systems, breach data from datalossdb.org, and data from a number of online service providers, Microsoft has compiled a very detailed security picture that few others can come close to matching.

While the report suffers from a self-selection bias and only covers Microsoft operating systems and software it is still a quality report and filled with valuable insight and data about how Microsoft views the threats and vulnerabilities targeting Microsoft-based systems globally. Of special interest is how Microsoft has observed the breakdown of malware on a per-country basis. For countries like South Korea and Brazil this breakdown can reflect how the online environment has evolved in those countries. Another inferred outcome is the discovery that increased software piracy (pick any number of sources for piracy rates) doesn't mean increased rates of system compromise.

If it doesn't already, Microsoft's SIR should take it's place alongside annual and semi-annual reporting from OWASP and ISC as a key bellwether of global Information Security in practice."

Submission + - Microsoft Issues Security Report for Jan-Jun 2008 (beskerming.com)

Submitted by

SkiifGeek

on Friday November 07, 2008 @12:57AM

SkiifGeek writes: "Microsoft have released Volume 5 of their Security Intelligence Report, covering data reported from January to June 2008. Using data drawn from Microsoft security tools on end user systems, breach data from datalossdb.org, and data from a number of online service providers, Microsoft has compiled a very detailed security picture that few others can come close to matching.

While the report suffers from a self-selection bias and only covers Microsoft operating systems and software it is still a quality report and filled with valuable insight and data about how Microsoft views the threats and vulnerabilities targeting Microsoft-based systems globally. Of special interest is how Microsoft has observed the breakdown of malware on a per-country basis. For countries like South Korea and Brazil this breakdown can reflect how the online environment has evolved in those countries.

If it doesn't already, Microsoft's SIR should take it's place alongside annual and semi-annual reporting from OWASP and ISC as a key bellwether of global Information Security in practice."

Submission + - Old Malware Tricks Still Defeat Most AV Scanners (beskerming.com)

Submitted by

SkiifGeek

on Thursday November 06, 2008 @11:06PM

SkiifGeek writes: "A year ago Didier Stevens discovered that padding IE malware with 0x00 bytes would happily slip past most of the scanners in use at VirusTotal.com. Revisiting his earlier discovery, Didier found that detection on his initial samples had improved, but not by much.

For all the talk of AV companies moving away from signature based detection to heuristics, it is painfully obvious that not many of the tested engines can successfully handle such a simple and well known obfuscation method and the best of those that can detect the obfuscation can only detect it as a generic malware type. At least the scanning engines that can detect the presence of malware with the obfuscation aren't trying to claim each differential as a new variant."

Submission + - Flashy 2008 Olympic Ticket Scam Site Traps Many (beskerming.com)

Submitted by

SkiifGeek

on Monday August 04, 2008 @09:34AM

SkiifGeek writes: "News is rapidly spreading of a number of Beijing ticket scams that have trapped hundreds, if not thousands of people across the globe. In an age when the P-p-p-powerbook incident should be read and understood by anyone with a credit card before they go online, and there is greater awareness of 419 scammers, it seems that all you need to do to separate people from their money is to claim to have desirable items that you can't actually send them for a few months, and a pretty website (that's the scam site).

It makes for an interesting case study on how we allocate trust to sites that we may not have seen before, based on how other sites relate to them (a bit like search engines used to work). When MSNBC silently fixed their article that initially pointed to the scam site it took away the evidence of how many people would have come to trust the malicious site, but we can thank cache for the truth.

If you think you might have been affected by such a scam, or just want more information on what is being done to hunt down those behind the scams, a good clearinghouse for this information is over at Beijing Ticket Scam."

Submission + - Outsourcer Steals Data, Sells to Competitors (computerworld.com.au)

Submitted by

SkiifGeek

on Monday June 02, 2008 @10:13AM

SkiifGeek writes: "When an Indian outsourcing firm had their contract with an American client cancelled, rather than look at what they could do to improve their service delivery or retain their customers, the firm was closed and the owner is accused of taking the internal data belonging to his ex-client and selling it to the ex-client's American competitors.

While the case represents a risk that many who outsource some of their operations would prefer not happen, it does highlight what can happen when things go wrong with any business relationship and the need to keep a tight control over information being passed outside of a company. It is somewhat ironic that the affected US company was engaged in the selling of mailing and email lists as its core business as it has now experienced what it is like to have private data sold for profit by someone else."

Submission + - Attack Code Surfaces Targeting Debian SSH Keygen (computerworld.com.au)

Submitted by

SkiifGeek

on Thursday May 15, 2008 @10:09PM

SkiifGeek writes: "It's been only a couple of day since the discovery (and patching) of the weak SSH key generation affecting Debian and Debian-derived distros, but already there are a number of exploit samples available that are targeting the entire keyspace (possibly as low as 9,500 keys) for key lengths up to 8192-bit RSA.

There is a good article over at Computerworld summarising the available exploits, keys that have been blacklisted, and the sorts of systems that could be affected that might not initially appear to be Debian-related."

Submission + - Just how Effective is System Hardening? (arnnet.com.au) 1

Submitted by

SkiifGeek

on Monday May 12, 2008 @02:11AM

SkiifGeek writes: "Recent Coverage of what the NSA went through to create SELINUX raises an interesting question as to just how effective system hardening is at preventing successful attack?

When Jay Beale presented at DefCon 14, he quoted statistics that Bastille protected against every major threat targeting Red Hat 6, before the threats were known. With simple techniques for the every day user which can start them on the path towards system hardening, just how effective have you found System and network hardening to be?

The NSA does have some excellent guides to help harden not only your OS but also your browser and network equipment."

Submission + - Recovering Redacted PDF Documents now Easier (computerworld.com.au)

Submitted by

SkiifGeek

on Friday May 09, 2008 @04:00AM

SkiifGeek writes: "The dangers associated with Track Changes in Word documents are well known, as is the ease by which redacted information can be retrieved from a PDF document when black rectangles are being used for redaction. Recent work by Didier Stevens has uncovered techniques that allow anyone armed with a text editor (or a hex editor in the worst case) to recover the original form of a PDF document.

It is nothing that can't be gained from reading the PDF specification, but who takes the time to read in depth the technical specification for the data format that they are using?"

Submission + - Google's Audio CAPTCHA falls to Automated Attack (wintercore.com)

Submitted by

SkiifGeek

on Friday May 02, 2008 @09:59AM

SkiifGeek writes: "Early in March, Wintercore Labs published proof of a generic approach to defeating audio CAPTCHAs, using Google's as the case study for their demonstration. With claims of over 90% success rate and expectations that this can be significantly improved with the right mix of filtering algorithms, the in-house tool remains unreleased. With the information published, it shouldn't take long for other developers to create their own tools and start targeting not only Google, but other sites that use audio CAPTCHAs for the vision-impaired.

It isn't the first time that major sites (significantly major webmail providers) have had their CAPTCHAs broken, but it is the first reporting of defeating an audio CAPTCHA using a generic software approach. News about the discovery is slowly starting to spread."

Submission + - DefCon Competition has Antivirus Vendors Upset (beskerming.com)

Submitted by

SkiifGeek

on Sunday April 27, 2008 @11:17AM

SkiifGeek writes: "Race to Zero, a sideline competition being set up at this year's DefCon has already got some Antivirus vendors steaming over the objectives of the contest. The basic gist of the competition is that it is a polymorphism competition. Competitors are given a set of malware samples that they must then modify such that they pass through a battery of antivirus scanners without detection and still have the payload viable.

Even if competitors ignore the published vulnerabilities and weaknesses affecting antivirus vendors, the competition should turn up some interesting results that will provide technical insight and concepts for further research similar to other recent controversial competitions."

Submission + - FOSS Webservers more Likely to be Defaced than Win (beskerming.com)

Submitted by

SkiifGeek

on Saturday March 15, 2008 @08:15AM

SkiifGeek writes: "Zone-H have recently posted the statistical breakdown of the collected website defacements from the last few years. Surprisingly, in 2007 more Linux servers suffered a successful attack than all versions of Windows, combined. Similarly, more Apache installations were successfully attacked than all IIS versions combined.

A day after posting this data, Zone-H have questioned the appropriateness of continuing to operate the archive. Despite the valuable information that can be gleaned from the service, it may soon be lost to the world. The natural successor to the now-defunct Alldas archive of defaced websites, Zone-H's archive maintains records of over 2.6 million defaced sites but may be shut down due to the continuous accusations of impropriety levelled against them any time they disclose and mirror a reported defacement."

Submission + - World's Largest web Defacement Archive may Close (beskerming.com)

Submitted by

SkiifGeek

on Friday March 14, 2008 @07:59AM

SkiifGeek writes: "It appears that the operators of the largest web defacement archive, Zone-H, may soon be closing the archive down. The natural successor to the now-defunct Alldas archive of defaced websites, Zone-H's archive maintains records of over 2.6 million defaced sites but may be shut down due to the continuous accusations of impropriety levelled against them any time they disclose and mirror a reported defacement.

With such a large repository of archived data, Zone-H have shown some interesting statistics about the changing nature of website attacks, such as more Linux servers were compromised in 2007 than all Windows servers combined. Apache suffered the same ignominious problem when compared to the combined reported IIS compromises (historical data here)."

Slashdot Top Deals