juct writes: "The UK site The H took a quick look at the tool being used in the recent DDoS attacks against Mastercard, Visa and Paypal. It's called LOIC ("Low Orbit Ion Cannon") and connects to an IRC channel or a Twitter account to receive orders for coordinated denial of service attacks. Essentially it works a bit like a voluntary bot network."
juct writes: "Under certain conditions Microsoft's antivirus product fails to load signature updates for days. Heise Security was able to reproduce this issue with a laptop that was suspended after work by closing the lid."
juct writes: "Firefox is going to check the version of installed Adobes Flash plug-ins and warn users if it discovers an outdated version with potential security holes. Mozilla confirmed this new security feature and said that the Flash version check was part of a wider commitment to "protect users from emerging threats online". Only recently a study confirmed, that 80 per cent of users surf with a vulnerable version of Adobe's plug-in."
juct writes: "A former agent of the British MI5 secret service, told tales out of school at the 24th Chaos Communication Congress (24C3) in Berlin last Saturday. Apart from revealing details about the agency's computer problems she also gave insight into the thought processes and methods used by spies and called emphatically for more democratic control."
juct writes: "In their yearly top 20 security risks the Internet Storm Center names web applications as top risk for servers: "Every week hundreds of vulnerabilities are reported in commercially available and open source web applications, and are actively exploited." The number one problem they list is "PHP Remote File Include". So why not spend a little time to secure your web server now. heise Security has a writeup on Basic PHP security with practical examples."
juct writes: "In a test of 17 antivirus products, the german magazine c't concluded, that the effectiveness has fallen off, and more and more pests can now slip past these barriers. Most of the products perform
reasonably well if they can rely on their database of signatures. But if
they have to detect new malware with heuristics, the results were worse
than last year. Besides this c't did the first comprehensive test of behaviour blocking
in antivirus products and found that more than half of them did not react on suspicious behaviour at all. The test itself is available only in the printed magazine, heise Security published a summary."
juct writes: "While everybody is talking about phishing and online fraud, the rate of ATM fraud raises silently. With nearly undetectable skimming devives, additional touchpads and cameras, fraudsters copy your card data, catch your PIN and loot your account. Look at the pictures, to see, if you spotted them."
Felix writes: "Wireless keyboards and mice are becoming an increasingly common sight on desks. However, wireless hardware carries large hidden risks. Dreamlab Technologies has shown that it is possible to capture and decrypt keystrokes, meaning that user names, passwords, bank details or confidential correspondence can be very easily eavesdropped.
Checkout http://www.dreamlab.net/ for further information."
bluetooth insecurities. No presentors were denied entry into Canada.
juct writes: "The long standing suspicion, that the anonymizing network TOR is (ab)used to catch sensitive data by Chinese, Russian and American government agencies as well as hacking groups gets new support.
Members of the Teamfurry community found TOR exit-nodes which only forward unencrypted versions of certain protocols. These peculiar configurations invite speculation as to why they are set up in this way. Another tor exit node has been caught doing MITM attacks using fake SSL certificates."
juct writes: "In March 2006 Apple defused a security problem in Apple Mail that made it possible to inject disguised malignant code. In Leopard, the patch was apparently forgotten. This means that you can inadvertently start an executable by double-clicking a mail attachment that looks like a JPEG image file.
This works with special attachmnets of the MIME type AppleDouble, that carry information which application should be used to open a file. In Tiger you got a warning about a program being opened, Leopard silently executes a shell script with Terminal.app. heise Security provides a demo, where you can check for yourself."
juct writes: "Starting this Thursday Radio amateurs and cryptologists are being challenged to decode encrypted radio messages generated by a Lorenz SZ42 cipher machine and sent using the original radio protocol from WWII. Those taking part in the cipher event will compete against a rebuild of the computer used to crack enciphered messages sent by the German high command 63 years ago. See: Who will defeat Colossus?"
jmt(tm) writes: "The uk version of German it news site heise runs a follow up of earlierstories on problems with the firewall in Apple's new version of OS X. They take a look at Apple's own documentation, now available at the Mac OS X 10.5: About the Application Firewall page. Their verdict is clear: "Alltogether this confirms the impression created by the initial functionality test. In its current version, this firewall cannot be recommended for practical use.""