15078094
submission
harrymcc writes:
The iPad is selling as well as it is in part because no large manufacturer has had a direct rival out yet. But boy, is that going to change in the next few months. Over at Technologizer, I rounded up known information on 32 current and future tablet computing devices, from potentially worthy iPad competitors to wannabees to interesting specialty devices. By early 2011 these things are going to be everywhere, and it'll be fascinating to see how they fare.
14550922
submission
Trailrunner7 writes:
Microsoft has no plans to follow in the footsteps of Mozilla and Google and pay researchers cash rewards for the bugs that they find in Microsoft's products.
In the wake of both Mozilla and Google significantly increasing their bug bounties to the $3,000 range, there have been persistent rumors in the security community that Microsoft soon would follow suit and start paying bounties as well. However, a company official said on Thursday that Microsoft was not interested in paying bounties.
"We value the researcher ecosystem, and show that in a variety of ways, but we don’t think paying a per-vuln bounty is the best way. Especially when across the researcher community the motivations aren’t always financial. It is well-known that we acknowledge researcher’s contributions in our bulletins when a researcher has coordinated the release of vulnerability details with the release of a security update," Microsoft's Jerry Bryant said.
14431500
submission
Trailrunner7 writes:
Bot herders and the crimeware gangs behind banker Trojans have had a lot of success in the last few years with using bulletproof hosting providers as their main base of operations. But more and more, they're finding that social networks such as Twitter and Facebook are offering even more fertile and convenient grounds for controlling their malicious creations.
New research from RSA shows that the gangs behind some of the targeted banker Trojans that are such a huge problem in some countries, especially Brazil and other South American nations, are moving quietly and quickly to using social networks as the command-and-control mechanisms for their malware. The company's anti-fraud researchers recently stumbled upon one such attack in progress and watched as it unfolded.
14385914
submission
Trailrunner7 writes:
Microsoft has acknowledged the vulnerability that the new malware Stuxnet uses to launch itself with .lnk files, but said it has no plans to patch the flaw right now. The company said the flaw affects most current versions of Windows, including Vista, Server 2008 and Windows 7 32 and 64 bit.
Meanwhile, the digital certificate that belonging to Realtek Semiconductor that was used to sign a pair of drivers for the new Stuxnet rootkit has been revoked by VeriSign. The certificate was revoked Friday, several days after news broke about the existence of the new malware and the troubling existence of the signed drivers. Stuxnet is an odd case. It is spread via infected USB thumb drives, which contain the rootkit code, along with two drivers that researchers say are used to hide the existence of the malware both on the USB drive and on the PC, once it's infected. The drivers are signed using a valid digital certificate owned by Realtek, a Taiwanese hardware manufacturer, and Stuxnet uses .lnk shortcut files to launch as soon as the USB drive is opened on a PC.
14340618
submission
Trailrunner7 writes:
In an effort to enlist more help finding bugs in its most popular software, such as Firefox, Thunderbird and Firefox Mobile, Mozilla is jacking up the bounty it pays to researchers who report security flaws to $3,000. "For new bugs reported starting July 1st, 2010 UTC we are changing the bounty payment to $3,000 US per eligible security bug. A lot has changed in the 6 years since the Mozilla program was announced, and we believe that one of the best way to keep our users safe is to make it economically sustainable for security researchers to do the right thing when disclosing information," Lucas Adamski, director of security engineering at Mozilla, said.
In addition to Mozilla, Google also has established a bug bounty program. However, none of the larger software vendors such as Microsoft or Oracle have taken that step. Some researchers see that as an inevitiability, however.
14023400
submission
fiziko writes:
Yes, it's blatant self-promotion. As those who subscribe to the "Sci-Fi News" slashbox may know, Bureau 42 has launched its first Summer School. This year, we're doing a nine part series (every Monday in July and August) taking readers from high school physics to graduate level physics, with no particular mathematical background required. Part one can be read here.
13814442
submission
Trailrunner7 writes:
Adobe today shipped a critical Reader/Acrobat patch to cover a total of 17 documented vulnerabilities that expose Windows, Mac and UNIX users to malicious hacker attacks. The update, which affects Adobe Reader/Acrobat 9.3.2 (and earlier versions), includes a fix for the outstanding PDF "/Launch" functionality social engineering attack vector that was disclosed by researcher Didier Stevens.
As previously reported, Didier created a proof-of-concept PDF file that executes an embedded executable without exploiting any security vulnerabilities. The PDF hack, when combined with clever social engineering techniques, could potentially allow code execution attacks if a user simply opens a rigged PDF file.
13713298
submission
Trailrunner7 writes:
The remote-wipe capability that Google recently invoked to remove a harmless application from some Android phones isn't the only remote control feature that the company built into its mobile OS. It turns out that Android also includes a feature that enables Google to remotely install apps on users' phones as well. Jon Oberheide, the security researcher who developed the application that Google remotely removed from Android phones, noticed during his research that the Android OS includes a feature called INSTALL_ASSET that allows Google to remotely install applications on users' phones.
"I don't know what design decision they based that on. Maybe they just figured since they had the removal mechanism, it's easy to have the install mechanism too," Oberheide said in an interview. "I don't know if they've used it yet."
12164042
submission
Trailrunner7 writes:
For years, security experts, analysts and even users have been lamenting the state of desktop security. Viruses, spam, Trojans and rootkits have added up to create an ugly picture. But, the good news is that the desktop security battle may be over. The less-than-good news, however, is that we may have lost it. Jeremiah Grossman, CTO of WhiteHat Security, said Thursday that many organizations, particularly in the financial services industry, have gotten to the point of assuming that their customers' desktops are compromised. And moving forward from that assumption, things don't get much prettier.
10614780
submission
Trailrunner7 writes:
A month after an advisory was published detailing a new vulnerability in Firefox, Mozilla said it has received exploit code for the flaw and is planning to patch the weakness on March 30 in the next release of Firefox. Mozilla officials said Thursday that the vulnerability, which was disclosed February 18 by Secunia, is a critical flaw that could result in remote code execution on a vulnerable machine. The vulnerability is in version 3.6 of Firefox.
10521496
submission
Coop's Troops writes:
An exploit writer at Core Security Technologies has discovered a serious vulnerability that exposes users of Microsoft’s Virtual PC virtualization software to malicious hacker attacks. The vulnerability, which is unpatched, essentially allows an attacker to bypass several major security mitigations — DEP, SafeSEH and ASLR — to exploit the Windows operating system. As a result, some applications with bugs that are not exploitable when running in a not-virtualized operating system are rendered exploitable if running within a guest OS in Virtual PC
9731870
submission
Trailrunner7 writes:
Microsoft on Thursday confirmed that the blue screen of death issues that affected a slew of users after the latest batch of Patch Tuesday updates is the result of an existing infection by the Alureon rootkit. There was widespread speculation after the patch release that simply installing the MS10-015 update was causing the BSOD condition on some Windows 32-bit machines. However, Microsoft said at the time this was not the case and started an investigation into the problem. In an advisory released Thursday, the company said that it now was confident that the restart problem is being caused by the Alureon rootkit.
9652254
submission
Trailrunner7 writes:
Last year was an interesting year in the security industry in a number of ways, but perhaps none more so than the monstrous increase in the volume of malicious spam . In the second half of 2009, the number of spam messages sent per day skyrocketed from 600 million to three billion, according to new research. For some time now, spam has been accounting for upwards of 90 percent of all email messages. But the volume of spam had been relatively steady in the last couple of years. Now, with the emergence of several large-scale botnets, including Zeus and Koobface, has led to an enormous spike in the volume of spam, according to a new report.
8815340
submission
Trailrunner7 writes:
Apple's first Mac OS X security update for 2010 is out, providing cover for at least 12 serious vulnerabilities. The update, rated critical, plugs security holes that could lead to code execution vulnerabilities if a Mac user is tricked into opening audio files or surfing to a rigged Web site.
7431910
submission
Trailrunner7 writes:
A researcher has published an explanation of a new flaw in FreeBSD that allows a remote attacker to take control of a vulnerable machine. The vulnerability could give an attacker root access to the FreeBSD machine, and the FreeBSD developers have published a patch for the flaw early Tuesday. The vulnerability lies in run-time link-editor and, if exploited, gives an attacker the ability to run arbitrary code. The researcher, Kingcope, has posted an explanation of the flaw on the Full Disclosure mailing list. In a message to FreeBSD users, Colin Percival, the project's security officer, said that because of the severity of the flaw and the fact that exploit code already is available, he felt it was necessary to post the patch as soon as possible, without even publishing a security advisory.
