Forgot your password?

Close
typodupeerror

Submission Summary: 0 pending, 13 declined, 2 accepted (15 total, 13.33% accepted)

Security

Windows blue screen may be rootkit infection->

Submitted by L3sPau1
L3sPau1 writes "A rootkit infection may be the cause of a Windows Blue Screen of Death issue experienced by people who applied the latest round of Microsoft patches. It appears that the affected Windows PCs had the rootkit infection prior to deploying the Microsoft patches. Researchers investigating the issue have isolated the infection to the Windows atapi.sys file, a driver used by Windows to connect hard drives and other components. An expert identified the infection as the Tdss-rootkit, which surfaced last November and has been spreading quickly, creating zombie machines for botnet activity."
Link to Original Source
Security

Interview with Bruce Schneier->

Submitted by L3sPau1
L3sPau1 writes "Security expert Bruce Schneier answers questions on a variety of information security topics, including: how security will respond to economic recovery; the move toward security services and which make the most sense for IT; the risks posed by social media; the effectiveness of user awareness programs; security metrics that make the most sense to collect; and third-party security."
Link to Original Source
Security

How to create a bit-image copy of a live server->

Submitted by
L3sPau1
L3sPau1 writes "If you think a critical server has been tampered with, part of your incident response plan should include creating a a bit-image copy before shutting that system down. A bit-image copy is a copy of every bit on the hard drive regardless of how the operating system sees it, rather than a copy of every file. A bit-image is preferred over a file-level copy of the image since it will include fragments of deleted files or data that is otherwise hidden. Free and open source tools are available to simplify this process."
Link to Original Source
Security

PCI Council GM Responds to critics of standard->

Submitted by
L3sPau1
L3sPau1 writes "PCI Security Standards Council GM Bob Russo writes a column for SearchSecurity.com lashing back at criticism of the PCI Data Security Standard and defends his assertion that everyone in the payment chain, from (point-of-sale) POS manufacturers to e-shopping cart vendors, merchants to financial institutions, should play a role to keep payment information secure. There are many links in this chain — and each link must do their part to remain strong, Russo says."
Link to Original Source
Wireless Networking

The dangers of the Free Public Wi-Fi ad hoc->

Submitted by
L3sPau1
L3sPau1 writes "It can be tough to convince users — especially those challenged by shrinking travel budgets — to avoid the allure of free wireless Internet. When employers can't or won't pay for unlimited wireless Internet, employees get creative. Why should they waste thankless hours waiting for planes and trains when they could be using Free Public WiFi to catch up on mail, download iTunes, or watch a little Slingbox? Unfortunately, Free Public WiFi isn't what it sounds like. In most cases, this unsecured wireless network is actually being offered by a nearby laptop or smartphone. Any naive user who tries to connect may well succeed, but the ad hoc node (wireless peer) at the far end isn't an on-ramp to the Internet. At best, it's a wireless cul-de-sac; a dead end for IP packets. At worst, it's a thief using KARMA to spoof destination servers, launch man-in-the-middle attacks and steal personal and business identities."
Link to Original Source
Security

Anti-binary diffing tool released at Black Hat->

Submitted by
L3sPau1
L3sPau1 writes "At the recent Black Hat USA 2009 conference, Jeongwook Oh, a researcher with eEye Digital Security, unveiled an anti binary-diffing tool called Hondon (which translates to chaos in Korean). Hondon, Oh said, obfuscates binaries so that patched elements are essentially invisible to diffing tools without impacting the stability and usability of the patches. The idea behind anti-binary diffing is to extend the time it takes for an attacker to analyze patches and create a working exploit. Oh says all Windows patch binaries have either been manually or automatically diffed; he estimates some can be analyzed in as few as 30 minutes and a working exploit can be developed within a day."
Link to Original Source
Security

MMS messaging spoof hack could have global ramific->

Submitted by
L3sPau1
L3sPau1 writes "You won't be able to trust MMS messages today the same way you did yesterday. Researchers Zane Lackey and Luis Miras presented their work this week at Black Hat, demonstrating attacks in which they spoofed sender numbers and exploited flaws in GSM carriers' networks to bypass them in a MMS message loop. The researchers are able to trick the victim's phone to request content from their servers as opposed to the carrier's server. The attack potentially makes any mobile device on a GSM network anywhere in the world capable of sending media files vulnerable to spoofing, phishing attacks and other scams."
Link to Original Source
Security

DNSSEC deployments gain momentum since Kaminsky DN->

Submitted by
L3sPau1
L3sPau1 writes "DNSSEC won't fix all the security woes in DNS, but it does check cache poisoning, one of the biggest threats to ecommerce and trust on the Internet. Implementing DNSSEC, however, is another matter. Not only does it require a significant infrastructure overhaul for large enterprises and service providers running DNS servers, but a host of political battles are keeping DNSSEC from reaching critical mass."
Link to Original Source

System going down at 1:45 this afternoon for disk crashing.