http://www.secuobs.com Observatoire de la securite Internet fr webmaster@secuobs.com 2009-07-04 00:53:33 - Hacker Public Radio : Klaatu continues his Network Basics series This episode covers TCP andUDP You can download the ogg version of this episode, or if you areusing Firefox 35 then you can just listen to it right in yourbrowser, by clicking herehttp://www.secuobs.com/revue/news/116858.shtmlhttp://www.secuobs.com/revue/news/116858.shtml 2009-07-04 00:36:19 - 4sysops : TCP Analyzer was just added recently to CodePlex, Microsoft’s OpenSource platform It is the first Network Monitor Expert extensionthat was not developed by the Network Monitor team, but from MicrosoftResearch It allows you to analyze network traces of TransmissionControl Protocol TCP connections Statistical analysis is onlyuseful if you analyze large http://www.secuobs.com/revue/news/116849.shtmlhttp://www.secuobs.com/revue/news/116849.shtml 2009-07-03 20:27:13 - gHacks technology news : The wireless network scanner inSSIDer can be used to quickly scan thearea for wireless networks The software program works well withWindows Vista and Windows XP even the 64-bit editions and canquickly display all wireless networks in the vicinity A networkadapter has to be selected to start the scanning All discoveredwireless http://www.secuobs.com/revue/news/116805.shtmlhttp://www.secuobs.com/revue/news/116805.shtml 2009-07-03 14:49:22 - Global Security Mag Online : Reconnue parmi les 10 premières sociétés françaises d'Ingénierie,spécialisée dans l'Industrie de Process, ERAS s'engage aux côtés desindustriels dans la conception et la maîtrise d'ouvre globale de leursprojets Avec 16 implantations en France, ERAS Ingénierie est àproximité de ses clients, avec des équipes réactives, impliquées et àl'écoute de leurs besoins Son siège social est basé à LyonBesoin de sécuriser le Siège social et les seize agencesEras gère des projets importants qui s'appuient sur des -Marchéshttp://www.secuobs.com/revue/news/116714.shtmlhttp://www.secuobs.com/revue/news/116714.shtml 2009-07-03 11:21:18 - Security Bloggers Network : 182http://www.secuobs.com/revue/news/116669.shtmlhttp://www.secuobs.com/revue/news/116669.shtml 2009-07-03 07:23:03 - National Vulnerability Database : Stack-based buffer overflow in rping in HP OpenView Network Node ManagerOV NNM 753 on Linux allows remote attackers to execute arbitrarycode via unspecified vectors, possibly involving a CGI request towebappmonexe NOTE: this may overlap CVE-2009-1420http://www.secuobs.com/revue/news/116630.shtmlhttp://www.secuobs.com/revue/news/116630.shtml 2009-07-03 03:30:33 - Security Park : Hytec, part of OLM Group, has announces the availability of GPsecure, anew solution to secure NHS N3 network connections between GP surgeriesand their primary care trusts PCTs GPsecure will help PCTs meet NHSConnecting for Health guidelines to ensure that GP surgeries withintheir trusts are electronically secure While N3 is a private network,the integrity of its data depends on its use morehttp://www.secuobs.com/revue/news/116588.shtmlhttp://www.secuobs.com/revue/news/116588.shtml 2009-07-02 23:06:02 - Rootsecure.net : Lifehacker: How to Crack a Wi-Fi Network's WEP Password with BackTrackhttp://www.secuobs.com/revue/news/116489.shtmlhttp://www.secuobs.com/revue/news/116489.shtml 2009-07-02 22:06:09 - gHacks technology news : Version 33 of the Microsoft Network Monitor has been released a fewmonths ago The Network Monitor application has been designed forcapturing and analysing of network traffic The new version of NetworkMonitor added a few exciting features to the network monitoringsoftware including the ability to add so called Experts – standaloneapplications http://www.secuobs.com/revue/news/116440.shtmlhttp://www.secuobs.com/revue/news/116440.shtml 2009-07-02 21:51:16 - 4sysops : In the last post in this series, I introduced the Network MonitorExperts, which basically is a set of plug-ins for Microsoft NetworkMonitor 33 Top Users Expert is an extension that helps you findheavy talkers in a captured trace “Users” should not be understoodliterally here In this context, users essentially are http://www.secuobs.com/revue/news/116418.shtmlhttp://www.secuobs.com/revue/news/116418.shtml 2009-07-02 17:31:35 - Kellep Charles Information Security Blog Space : This articles originally is posted on: wwwsecurityorbcomPersonal Security on Social Networking SitesByKellep A Charles, CISA, CISSPkellep_charles@yahoocomVisits to social networking sites account for more than 10% of thetotal time people spend on the Internet, according Nielsen Online Asocial network site focuses on building online communities of peoplewho share common interests and activities, such as Linkedincom andFacebookcom Facebook is now the most visited social networking siteon the Internet, with nearly 12 billion visits in January 2009 alone,while Twitter and Linkedin are steadily gaining groundHackers have adopted the popularity of social networking sites intotheir malicious plans to compromise systems and steal personalidentifiable information Recent attacks such as the Koobface virus onFacebook and the clickjacking issues faced by Twitter are all primeexamples of the recent challenges Also, these very same hackers havethe capability to remain anonymous on these social networking sites,which enforces the notion, you really do not know who is on theInternet with youSecurity on social networking sites are at a minimal standard rightnow, they rely on usernames and passwords for authentication andsecurity, which means that anyone who finds out your username andpassword can gain access to your account Until social networking sitesecurity evolves with time and improves, users need to be very carefuland diligentHere are a few tips that should assist in making sure you are safewhen using social networking sites:1 Understand how the social networking site displays yourinformation Some sites will allow the user to control who can seeyour information, while others will allow anyone and everyone to viewpostings2 Don't click on shortened or "condensed" URL's, like those createdby TinyURL and Bitly There's no telling where these links lead to,and that makes it easy to funnel you to malicious websitesDrive-by-Download3 Be mindful of your personal information such as, don't post yourfull name, address, age, hometown or information about your familyEven your screen name can pose a lot of identifiable information4 Post appropriate information that are comfortable with othersseeing and knowing, such as your employer, co-workers and acquaintsMany people will see your page or postings, including the people whowill be interviewing you for a current position or a future job5 Remember that once you post information online, it may beimpossible to take it back This includes photos that can bemanipulated6 Be careful when it comes to online personal socializations such asflirting or disputes Some people lie about whom they are Be wary ifa new online friend wants to meet you in person7 Trust your instincts if you have suspicions If you feel threatenedby someone or uncomfortable because of something online, report it tothe police and to the operators of the social networking site Youcould end up preventing someone else from becoming a victimSocial networking sites are evolving into our personal and businesslives People from various stages and walks of life are participatingin these events with very little knowledge into the dangers of thesesocial networking sites The site owners only provide the minimalrequired security measures, while hackers are using tactics that hasshown great success in circumventing them It is up to us, to do whatis necessary to protect ourselves until better security measures areimplemented or the hackers give up Don’t hold your breath on thehacker’s giving upFor more information on this article and other informative articles goto: wwwsecurityorbcomIMAGEhttp://www.secuobs.com/revue/news/116344.shtmlhttp://www.secuobs.com/revue/news/116344.shtml 2009-07-02 12:13:25 - Tenable Network Security : Implementing Different Scan Types Often, Nessus and Security Center usersask how often they should run a vulnerability scan, and what kinds ofscans should be run In a previous post we explored some of thedifferent scan types, includinghttp://www.secuobs.com/revue/news/116228.shtmlhttp://www.secuobs.com/revue/news/116228.shtml 2009-07-02 01:16:23 - Security Park : Located on Lake Michigan, Navy Pier is the top-visited tourist andleisure destination in the Midwest, welcoming more than eight millionvisitors annually Originally opened in 1916 as a shipping andrecreation facility, it is now one of the country's unique recreationand exposition facilities, showcasing more than 50 acres of parks,gardens, restaurants, shops, attractions, sightseeing and dininmorehttp://www.secuobs.com/revue/news/116077.shtmlhttp://www.secuobs.com/revue/news/116077.shtml 2009-07-02 00:18:10 - ITAC Blog : Following is an exclusive podcast with Jim Harvey, partner in andco-chair of the Global Technology, Outsourcing et Privacy Group at thelaw firm Hunton et Williams Jim discusses what the average citizenshould do to protect their privacy when dealing with social networkshttp://www.secuobs.com/revue/news/116053.shtmlhttp://www.secuobs.com/revue/news/116053.shtml 2009-07-02 00:09:23 - 4sysops : Microsoft Network Monitor is probably the only free network and protocolanalysis tool that is a match for Wireshark It still lacks a fewfeatures when it comes analyzing stored network traces and that’swhere the Network Monitor Experts comes in At the moment, there arethree available Open Source extensions: TCP Analyzer, Simple Search,http://www.secuobs.com/revue/news/116032.shtmlhttp://www.secuobs.com/revue/news/116032.shtml 2009-07-02 00:05:16 - Hot Security News : Today, Trapeze Networks, a Belden brand, announced global availability ofthe Trapeze RF Firewall, a location-based firewall securing wirelessLAN networks WLANs The Trapeze RF Firewall is the first applicationavailable on the new Trapeze LA-200E Location Appliance, alsoannounced todayIMAGEIMAGEIMAGE IMAGE IMAGEhttp://www.secuobs.com/revue/news/116023.shtmlhttp://www.secuobs.com/revue/news/116023.shtml 2009-07-01 19:17:07 - eIQviews : On Monday, eIQ announced our fiscal year 2009 results, which ended onApril 30 You can check out the release to see the details No, wedidn’t talk about specific sales numbers private companies don’t dothat, but we are happy to announce 60%+ growth – in the worsteconomic situation of our time Significant company http://www.secuobs.com/revue/news/115887.shtmlhttp://www.secuobs.com/revue/news/115887.shtml 2009-07-01 19:11:53 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/115878.shtmlhttp://www.secuobs.com/revue/news/115878.shtml 2009-07-01 19:11:53 - Global Security Mag Online : Contact : Olivier Arous, Directeur MarketingAnnée de création : 2000Activités : Editeur français de solutions de sécurité informatiquepour les entreprises et pionnier reconnu de la protection desinfrastructures IT, ARKOON Network Security protège l'information, lescommunications et l'infrastructure au travers de solutionscomplémentairesDescription du produit phare pour 2009/2010 :La suite logicielle Security BOXElle répond aux besoins de confidentialité, d'intégrité etd'authenticité des - FIREWALLhttp://www.secuobs.com/revue/news/115875.shtmlhttp://www.secuobs.com/revue/news/115875.shtml 2009-07-01 17:10:06 - Steve on Security : http://www.secuobs.com/revue/news/115870.shtmlhttp://www.secuobs.com/revue/news/115870.shtml 2009-07-01 16:20:59 - Bulletins et Alertes de Sécurité SECURINFOS.INFO : Une vulnérabilité a été rapportée dans Sun Solaris, qui pourrait êtreexploitée par des personnes malintentionnées pour passer outrecertaines restrictions de sécuritéhttp://www.secuobs.com/revue/news/115852.shtmlhttp://www.secuobs.com/revue/news/115852.shtml 2009-07-01 15:45:12 - Help Net Security News : The main goal of this conference is to promote research on all aspects ofnetwork security, as well as to build a bridge between research oncryptography and on network security We therefore welcome http://www.secuobs.com/revue/news/115829.shtmlhttp://www.secuobs.com/revue/news/115829.shtml 2009-07-01 05:53:36 - New RFCs : 60KB This memo describes a Transport Security Model for the SimpleNetwork Management Protocol SNMPhttp://www.secuobs.com/revue/news/115688.shtmlhttp://www.secuobs.com/revue/news/115688.shtml 2009-07-01 05:53:36 - New RFCs : 81KB This memo describes a Transport Model for the Simple NetworkManagement Protocol SNMP, using the Secure Shell SSH protocolhttp://www.secuobs.com/revue/news/115687.shtmlhttp://www.secuobs.com/revue/news/115687.shtml 2009-07-01 05:53:36 - New RFCs : 83KB This document defines a Transport Subsystem, extending the SimpleNetwork Management Protocol SNMP architecture defined in RFC 3411This document defines a subsystem to contain Transport Models that iscomparable to other subsystems in the RFC 3411 architecture As workis being done to expand the transports to include secure transports,such as the Secure Shell SSH Protocol and Transport Layer SecurityTLS, using a subsystem will enable consistent design and modularityof such Transport Models This document identifies and describes somekey aspects that need to be considered for any Transport Model forSNMP STANDARDS TRACKhttp://www.secuobs.com/revue/news/115686.shtmlhttp://www.secuobs.com/revue/news/115686.shtml 2009-07-01 04:49:07 - Network Security Blog : Martin is off in Japan this week, so I’m joined by our good friend AmritWilliams from BigFix and the Techbuddha blog Amrit and I start off bytalking about the rolling blackouts in California and disasterpreparedness, before jumping into the week’s security news I’m off in Japan, but not forgotten I’m almost http://www.secuobs.com/revue/news/115640.shtmlhttp://www.secuobs.com/revue/news/115640.shtml 2009-07-01 01:53:19 - Hack In The Box : Admit it: You are currently addicted to social networking Your drug ofchoice might be Facebook or Twitter, or maybe Myspace or LinkedInSome of you are using all of the above, and using them hard, even ITsecurity practitioners who know better While it's impossible toescape every social networking threat out there, there are steps onecan take to significantly reduce the risks CSOonline recently checkedin with dozens of IT security professionals ironically, using morethan one social networking platform to do so to pinpoint seventypical security mistakes people make; and how to avoid themOver-sharing company activitiesThis is a sin of pride, when someonegets excited about something their company is working on and simplymust tell everyone about it Maybe you work for a drug company that ison the verge of developing the cure for cancer Maybe the company isdeveloping a new car that runs on curbside trash -- in other words,something everyone will wanthttp://www.secuobs.com/revue/news/115597.shtmlhttp://www.secuobs.com/revue/news/115597.shtml 2009-06-30 20:42:20 - The Academy Pro : Today we have two Network Critical videos The featured videodemonstrates how to configure V-Line mode on a Network Critical TAPThe second video builds on the first by covering how to enable V-Linebypass on the same TAP Don’t forget to view the 400+ videos in thevideo directory categorized by technology After you login http://www.secuobs.com/revue/news/115384.shtmlhttp://www.secuobs.com/revue/news/115384.shtml 2009-06-30 19:56:15 - Global Security Mag Online : Contact : Pascal Desaint, Directeur général pour la France et l'Europe duSud ou Roger Hockaday, directeur marketing, EMEAAnnée de création : 2002Activités : Fournisseur mondial de réseaux sans fil et de solutionsunifiées et sécurisées de mobilité, ainsi que de solutionsd'administration pour les réseaux sans fil hétérogènes Description duproduit phare pour 2009/2010 :Aruba Networks fournit des réseaux sans fil Wi-Fi sécurisés auxentreprises et aux administrations La société étend aussi des -SECURITE DU WI-FIhttp://www.secuobs.com/revue/news/115339.shtmlhttp://www.secuobs.com/revue/news/115339.shtml 2009-06-30 18:14:53 - Steve on Security : http://www.secuobs.com/revue/news/115334.shtmlhttp://www.secuobs.com/revue/news/115334.shtml 2009-06-30 13:37:21 - ISN InfoSec News Mailing List : InfoSec News: Juniper Networks Gags "ATM Jackpot" Researcher:http://riskybiz/news_and_opinion/patrick-gray/2009-06-30/juniper-networks-gags-atm-jackpot-researcherBy Patrick Gray RISKYBIZ June 30, 2009A security researcher due to "jackpot" an ATM live on stage at theupcoming Black Hat security conference in Las Vegas has had his talkpulled by his http://www.secuobs.com/revue/news/115226.shtmlhttp://www.secuobs.com/revue/news/115226.shtml 2009-06-30 11:46:35 - Global Security Mag Online : NetworkD, spécialiste dans la gestion du cycle de vie des systèmes, dansla gestion de la sécurité des postes de travail et serveurs, leservice desk et les solutions d'amélioration des processusinformatiques pour les entreprises à travers le monde annonceaujourd'hui avoir été choisi par Europe Airpost pour intégrer etimplémenter les outils de LANDesk® Service DeskBesoins de l'entreprise : Mettre en place un Service Desk structuré etfonctionnelSolution : 8 jours de Service pour mettre en œuvre - Marchéshttp://www.secuobs.com/revue/news/115200.shtmlhttp://www.secuobs.com/revue/news/115200.shtml 2009-06-30 09:23:46 - DarkReading All Stories : Infonetics expects a struggling NAC appliance market to rebound big-timeby 2013, to nearly $700 millionhttp://www.secuobs.com/revue/news/115189.shtmlhttp://www.secuobs.com/revue/news/115189.shtml 2009-06-30 04:19:40 - News : Cable television and broadband provider Comcast launched a high-speedwireless data service in Portland, Monday, with plans to bring theservice to Atlanta, Chicago and Philadelphia by the end of 2009read moreIMAGEhttp://www.secuobs.com/revue/news/115085.shtmlhttp://www.secuobs.com/revue/news/115085.shtml 2009-06-29 23:09:35 - Global Security Mag Online : Trapeze Networks, une enseigne Belden, annonce le lancement mondial de lasolution Trapeze RF-Firewall™, un pare-feu destiné à la sécurisationdes réseaux locaux sans fil WLAN en fonction de leurgéolocalisation Ce pare-feu est la première application disponiblepour la nouvelle solution Trapeze LA-200E Location Appliance, dont lamise sur le marché a également été annoncéeLe pare-feu Trapeze RF-Firewall est une - Produitshttp://www.secuobs.com/revue/news/114970.shtmlhttp://www.secuobs.com/revue/news/114970.shtml 2009-06-29 20:07:44 - Threatpost Feed : Digital Underground podcast with Dennis Fisher - June 29, 2009In this episode, Dennis Fisher talks with Robert “Rsnake” Hansen abouthis Slowloris tool, low-bandwidth DoS attacks and the law ofunintended consequencesYou are missing some Flash content that should appear here Perhapsyour browser cannot display it, or maybe it did not initialisecorrectlyhttp://www.secuobs.com/revue/news/114948.shtmlhttp://www.secuobs.com/revue/news/114948.shtml 2009-06-29 19:11:54 - MX Logic Security News : Spammers have been creating profiles on social networking sites toattract unsuspecting users through spam friend requests and messages,according to Google researcher Jason Morrison, writing on the Googlewebmaster blogSome fake profiles include popular pharmaceuticals as the profilename, but savvier spammers have begun to use real names and realisticdata to fly under the radar and populate the network with bad links"To make sure their newly-minted gibberish profile shows up insearches they will also generate links on hacked sites, comment spamand yes, other spam profiles," Morrison said on the blog "Thisresults in a lot of bad content on your domain, unwanted incominglinks from spam sites and annoyed users"Morrison warned that spammers can exploit bulletin boards and contentmanagement systems such as vBulletin, phpBB, Moodle and Joomla thatgenerate member pages for every user that creates an accountWebmasters can cut down on spammers exploiting their websites throughanti-spam features such as CAPTCHAs and user reporting of suspectprofilesFacebook, under attack from spammers using hijacked accounts, filed alawsuit in February against notorious "spam king" Sanford Wallace,claiming they violated CAN-SPAM and won a restraining order in Marchbanning them from the siteADNFCR-1765-ID-19241128-ADNFCRhttp://www.secuobs.com/revue/news/114869.shtmlhttp://www.secuobs.com/revue/news/114869.shtml 2009-06-29 18:43:07 - Global Security Mag Online : Arkoon Network Security renforce ses équipes, notamment son équipecommerciale Channel, en recrutant trois ingénieurs commerciauxAvec la nomination de trois nouveaux ingénieurs commerciaux amenés àcouvrir les régions Sud, Rhône-Alpes, Ouest, Ile de France et Est,Arkoon confirme la présence d'une équipe forte et efficace auprès deses partenaires distributeurs, revendeurs, opérateurs, Ces nouvelles forces apportent une dynamique supplémentaire à ArkoonNetwork Security, notamment grâce à - Businesshttp://www.secuobs.com/revue/news/114848.shtmlhttp://www.secuobs.com/revue/news/114848.shtml 2009-06-29 15:01:57 - Help Net Security News : Learn about web-based threats, the impact to your business, and the mosteffective solution to implementhttp://www.secuobs.com/revue/news/114800.shtmlhttp://www.secuobs.com/revue/news/114800.shtml 2009-06-29 10:48:36 - Raymond.CC Blog : 3 years ago when I worked on a government project, one of theirrequirements was to create a jukebox server I seriously had no ideawhat exactly they wanted but I guessed it’s something where theemployees is able to connect to the server and then listen to songsAfter a little research, I http://www.secuobs.com/revue/news/114758.shtmlhttp://www.secuobs.com/revue/news/114758.shtml 2009-06-29 07:46:00 - Security Park : InfoExpress has announced the availability of the InfoExpress Compliance,Authorization, and Rogue Enforcement CARE service, a comprehensivemanaged service for Network Access Control NAC deployment andoperation, including host integrity, guest access, and endpointcompliance InfoExpress CARE lets organizations deploy NAC for theirLANs, VPNs and wireless networks at a reduced cost without i morehttp://www.secuobs.com/revue/news/114745.shtmlhttp://www.secuobs.com/revue/news/114745.shtml 2009-06-29 07:33:44 - Hack In The Box : THERE has been an upsurge in the deployment of wireless networks inZimbabwe both at home and corporate environments The number ofInternet hotspots also bear testimony to this uptake Althoughwireless networking offers lots of benefits, including mobility, easydeployment and low maintenance costs, it poses a number of securityrisks These security risks, if not properly addressed, can reversethe benefits of wireless networking Wireless networking works with nophysical wired connection between sender and receiver by using radiofrequency RF The cornerstone of any wireless network is an accesspoint AP The primary job of an access point is to broadcast awireless signal that computers can detect and "tune" into comparethis to base stations for mobile phones In order to connect to anaccess point and join a wireless network, computers and devices mustbe equipped with wireless network adapters With wireless networkingyou do not have to worry about cables You can sit and work fromanywhere within the signal range When you move offices you can set upa network in the new premises in a matter of hours than days It’s avery convenient technology for enabling the mobile workforce, but thesecurity risks are realhttp://www.secuobs.com/revue/news/114734.shtmlhttp://www.secuobs.com/revue/news/114734.shtml 2009-06-29 07:33:44 - Hack In The Box : A third of social networkers have at least three pieces of informationvisible on their profiles that could make them vulnerable to ID theft,says the security firm Webroot Research by the UK security softwarefirm revealed that 78 percent of Brits are concerned about the privacyof information on their social networks such as Facebook and MySpaceHowever, despite these concerns 59 percent of social networkers areunsure of who can see their profile while 78 percent have profilesthat are visible in a Google search A further 36 percent admittedthat they didn't hide any of their personal information from peopleviewing their profile and 28 percent said they accepted 'friendrequests' from strangershttp://www.secuobs.com/revue/news/114733.shtmlhttp://www.secuobs.com/revue/news/114733.shtml 2009-06-28 13:14:32 - Raymond.CC Blog : If you do a little research on FTP security, you will find many articlessaying that it is totally insecure because when you log in to yourserver via FTP to upload some files, it is actually sending theusername and password in clear text, NOT encrypted If you are gettingyour Internet connection http://www.secuobs.com/revue/news/114549.shtmlhttp://www.secuobs.com/revue/news/114549.shtml 2009-06-27 23:03:06 - Cleanslate : When developing applications using OpenFlow, a small network of OpenFlowswitches is often needed for testing and debugging Using a simulatednetwork for such development would be ideal, allowing more people todevelop efficiently at their own pace The ”OpenFlow Virtual MachineSimulation” OpenFlowVMS package is developed to create that virtualsimulated network http://www.secuobs.com/revue/news/114471.shtmlhttp://www.secuobs.com/revue/news/114471.shtml 2009-06-27 20:28:15 - PenTestIT : Sguil is a open source Network Security Monitoring tool, Sguil can becollaborated with many open source tool as per your need Sguil’s maincomponent is an intuitive GUI that provides access to realtime events,session data, and raw packet captures Sguil facilitates the practiceof Network Security Monitoring and event driven analysis The Sguilclient http://www.secuobs.com/revue/news/114467.shtmlhttp://www.secuobs.com/revue/news/114467.shtml 2009-06-27 06:24:27 - News : A bill in the US Senate that would allow President Barack Obama toshut down parts of the Internet during a cybersecurity crisis willlikely be rewritten and needs input from private businesses, said acongressional staff member associated with the legislationread moreIMAGEhttp://www.secuobs.com/revue/news/114378.shtmlhttp://www.secuobs.com/revue/news/114378.shtml 2009-06-27 03:02:34 - Hack In The Box : A survey from Internet security softwarecompany Webroot finds members ofonline social networks may be more vulnerable to financial loss,identity theft and malware infection than they realize Surveying morethan 1,100 members of Facebook, LinkedIn, MySpace, Twitter and otherpopular social networks, the company uncovered numerous behaviors thatput social networkers' identities and wallets at risk Among theresults of the survey, two-thirds of respondents don't restrict anydetails of their personal profile from being visible through a publicsearch engine such as Google, and more than half aren't sure who cansee their profile About one-third include at least three pieces ofpersonally identifiable information, more than one-third use the samepassword across multiple sites, and one-quarter accept "friendrequests" from strangershttp://www.secuobs.com/revue/news/114363.shtmlhttp://www.secuobs.com/revue/news/114363.shtml 2009-06-26 23:25:07 - Rootsecure.net : Light Blue Touchpaper: The Economics of Privacy in Social Networkshttp://www.secuobs.com/revue/news/114301.shtmlhttp://www.secuobs.com/revue/news/114301.shtml 2009-06-26 22:55:41 - iDefense Public Vulnerability Disclosures : http://www.secuobs.com/revue/news/114260.shtmlhttp://www.secuobs.com/revue/news/114260.shtml 2009-06-26 18:36:18 - Security Database Tools Watch : NBIM is a Network-based Integrity monitor, that detects unauthorizedchanges on Web sites and domainsIt constantly monitors multiple blacklist databases, whoisinformation, DNS and the web site content to detect changes in theintegrity just like a HIDS, but applied to network assetsTool Submitted by dd from sucurinet - Security Tools / IDS, NetworkMonitoring, NBIMIMAGE IMAGE IMAGE IMAGE IMAGEIMAGEhttp://www.secuobs.com/revue/news/114139.shtmlhttp://www.secuobs.com/revue/news/114139.shtml 2009-06-26 18:22:56 - The Academy Pro : We end the week with a Network Critical video We begin by outliningexactly what packet slicing is and the overall benefits, than proceedwith a demonstration on how to configure it on a Network Critical TAPDon’t forget to view the 400+ videos in the video directorycategorized by technology After you login to the http://www.secuobs.com/revue/news/114123.shtmlhttp://www.secuobs.com/revue/news/114123.shtml 2009-06-26 18:11:55 - MX Logic Security News : Hackers sympathetic to Iran's ruling regime hijacked the University ofOregon website on Wednesday to redirect visitors to a site that saidthe regime "never cheated" in the disputed June 12 electionThe Associated Press reported that visitors to the university's websystem during a 90-minute window Wednesday were taken to an 89-wordpro-Iranian message that warned President Obama to stay out of IranianaffairsThe hackers used the university's network to send the message to APand others The message addressed the president as "Hey Stupid FlyCatcher Obama"Diane Saunders, spokeswoman for the university, told AP that thehackers were able to gain control of the site through third-partysoftware that had not been updated Saunders said the computers ofvisitors to the site were not compromisedRob Housman, executive director of the Cyber Secure Institute, aresearch and advocacy firm, said the hack highlighted how the UnitedStates is engaged in a "low-level conflict" across cyberspaceHousman said it reveals the extent to which US network security isinadequate"Consider the damage possible if the attackers weren't lesssophisticated Iranian protestors but the Chinese military'scyber-special-forces or the legions of Russian cyber-irregulars," hesaid ADNFCR-1765-ID-19238397-ADNFCRhttp://www.secuobs.com/revue/news/114117.shtmlhttp://www.secuobs.com/revue/news/114117.shtml 2009-06-26 15:47:55 - Light Blue Touchpaper : We often think of social networking to Facebook, MySpace, and thealso-rans, but in reality there are there are tons of social networksout there, dozens which have membership in the millions Around theworld it’s quite a competitive market Sören Preibusch and I decidedto study the whole ecosystem to analyse how free-market competitionhttp://www.secuobs.com/revue/news/114085.shtmlhttp://www.secuobs.com/revue/news/114085.shtml 2009-06-26 14:22:44 - BankInfoSecurity.com Blogs RSS Syndication : The power of social networking web sites can be measured by just lookingat the number of hits or visits to a person's web page on suchwell-known sites as MySpace or FacebookThe negative side web users should consider before placing informationon such social networking sites include the connection one MySpacepage owner had to last year's Eliot Spitzer scandalhttp://www.secuobs.com/revue/news/114043.shtmlhttp://www.secuobs.com/revue/news/114043.shtml 2009-06-26 10:02:26 - The Day Before Zero : We often talk about the dynamic nature of botnets and the way in whichthey’re evolving Today I want to brief you about a new botnetoperational model we’ve run in to – something that doesn’t fit any ofthe classical categories if there ever was such a thing The natureof this botnet doesn’t fit http://www.secuobs.com/revue/news/113978.shtmlhttp://www.secuobs.com/revue/news/113978.shtml 2009-06-26 07:50:47 - Computer Security News : Market research firm Infonetics Research released the 1Q09 edition ofits Network Security Appliances and Software reporthttp://www.secuobs.com/revue/news/113971.shtmlhttp://www.secuobs.com/revue/news/113971.shtml 2009-06-26 07:16:53 - Technicalinfo.net Blog : The other day we staggered across a strange botnet It was only small asfar as IP addresses were concerned, but gigantic as far as domainsunder management greater than 25,000 currently in use The cost ofregistering that number of domains is a significant investment by thebotnet operators - at $20 each to register, you're looking at $500k insetup costs aloneBut the strangeness doesn't end there The botnet is being used forpharmaceutical scams ie Canada Drugs, but the DNS lookup processis messed up Somehow the botnet operators have figured out how tomanipulate the com root servers in to doing some weirdness - andhaving them act as the authoritative resolvers for the 3LDsI'm not sure how this situation arose, but the criminals behind thisare making good use of the flaw/exploit/manipulation What they noweffectively have is a system that prevents the good-guys from shuttingdown the resolution of where their scam Web sites are Not goodI'm still looking in to how this arose and what the real longer-termramifications of this are But its new to me and definitely in thestrange/weird departmentI've posed a full blog about this botnet over on the Damballa site -Strange Bot-powered Scam Network Take a look at whats going onIMAGEhttp://www.secuobs.com/revue/news/113954.shtmlhttp://www.secuobs.com/revue/news/113954.shtml 2009-06-25 22:15:50 - Infosecurity.US : In Wake Of Iranian Crackdown, Growing Consumer Boycott Pummels NokiaSiemens News, via Wired’s Kim Zetter, of a consumer levelboycott/backlash targeting Nokia Siemens NYSE: NOK productsSpecifics regarding the boycott are based on a brief write-up in theWall Street Journal noting the marketing of equipment to the Iranianauthorities with the expressed purpose of http://www.secuobs.com/revue/news/113796.shtmlhttp://www.secuobs.com/revue/news/113796.shtml 2009-06-25 22:12:34 - Security Provoked : I just took a close look at the Article 29 Data Protection WorkingParty’shttp://www.secuobs.com/revue/news/113792.shtmlhttp://www.secuobs.com/revue/news/113792.shtml 2009-06-25 19:00:09 - Network World on Security : A third of social networkers have at least three pieces of informationvisible on their profiles that could make them vulnerable to ID theft,says Webroothttp://www.secuobs.com/revue/news/113733.shtmlhttp://www.secuobs.com/revue/news/113733.shtml 2009-06-25 19:00:09 - Network World on Security : National Grid has signed £207 million worth of deals with Cable etWireless for a new data networkhttp://www.secuobs.com/revue/news/113732.shtmlhttp://www.secuobs.com/revue/news/113732.shtml 2009-06-25 17:47:38 - Internet Security News : Users of online social networks may be more vulnerable to financial loss,identity theft and malware infection than they realize, according to anew survey from security software firm WebrootThe survey found two-thirds of respondents don't restrict any detailsof their profiles from being visible through a search engine likeGoogle and over half are not sure who can see their profileAbout one third include at least three pieces of personallyidentifiable information and more than one third use the same passwordfor multiple sites In addition, one quarter accept "friend requests"from strangers"The growth of social networks presents hackers with a huge targetThe amount of time spent on communities like Facebook last year grewat three times the rate of overall Internet growth," said MikeKronenberg, chief technology officer of Webroot's Consumer business"Three in ten people we polled experienced a security attack through asocial network in the past year, including identity theft, malwareinfection, spam, unauthorized password changes and 'friend indistress' money-stealing scams The first step to staying protected isbeing aware of what the threats are and knowing how to help preventthem"Cybercriminals use various types of trickery and malware to takeadvantage of risky behaviors One common tactic is phishing, whichhackers use to entice victims into downloading an infected file,visiting a risky site outside the social network, or wiring money to a"friend in distress"Webroot says in recent months it has seen an increase in these typesof attacks on social networks, including "Trojan-MyBlot," whichtargeted users of MyYearbookcom and others targeting Facebook users"Hackers lure users into taking actions they shouldn't by making itappear as if a friend within their social network has sent them amessage - only the message is from a hacker who's hijacked thefriend's account," continued Kronenberg"We've seen instances where a salacious yet poorly worded messagelike, 'This video of u is evrywhere' includes a link that, whenclicked, prompts the user to download a seemingly legitimate filewhich, once on your PC, can do a number of things -- spam yourfriends, monitor your online activity or record your personalinformation"IMAGEIMAGE IMAGE IMAGE IMAGE IMAGEhttp://www.secuobs.com/revue/news/113708.shtmlhttp://www.secuobs.com/revue/news/113708.shtml 2009-06-25 13:31:43 - Help Net Security News : Members of online social networks may be more vulnerable to financialloss, identity theft and malware infection than they realize,according to a new survey from Webroot, a leading provider ofInternhttp://www.secuobs.com/revue/news/113577.shtmlhttp://www.secuobs.com/revue/news/113577.shtml 2009-06-25 10:38:10 - Rootsecure.net : Network World: Adobe issues update for Shockwave Playerhttp://www.secuobs.com/revue/news/113559.shtmlhttp://www.secuobs.com/revue/news/113559.shtml 2009-06-25 10:38:10 - Rootsecure.net : Network World: UK shut out for Microsoft Security Essentials "Microsoft'snew free antivirus product - Microsoft Security Essentials - is nowavailable in beta, but not if you live in the UK"http://www.secuobs.com/revue/news/113558.shtmlhttp://www.secuobs.com/revue/news/113558.shtml 2009-06-25 04:58:46 - News : Users who shared their social networking implementation stories at theEnterprise 20 conference in Boston on Wednesday emphasized thatsuccess requires careful consideration of corporate culture and goals,as well as effective technologyread moreIMAGEhttp://www.secuobs.com/revue/news/113434.shtmlhttp://www.secuobs.com/revue/news/113434.shtml 2009-06-24 21:06:57 - MX Logic Security News : Members of online social networks may be more vulnerable to financialloss, identity theft and malware infection than they realize,particularly users of the younger generation, according to a newsurvey from WebrootThe growing prevalence of spear-phishing attacks, spam and wormsacross social networks could be attributed to the more relaxedattitudes about privacy and web security displayed by young peopleages 18-29Surveying over 1,100 members of Facebook, LinkedIn, MySpace, Twitterand other popular social networks, Webroot said huge numbers of usersput their identities at riskAmong younger users, 51 percent use the same password on multiplesites, versus 36 percent overall; 40 percent accept friend requestsfrom strangers, versus 28 percent overall; and greater numbers sharemore personal information that may compromise online privacy 67percent share birth date, versus 52 percent overallBecause of these risks, younger users experience a security attack ata greater frequency - nearly 40 percent of younger users have been hitby cyberattacks versus 30 percent of all usersOn Facebook, the most popular of the sites with an estimated 200million users worldwide, cybercriminals have recently targeted userswith password-stealing phishing attacks and malware worms includingKoobface and several spread through the domains mygenerim, ponbonimand hunroimADNFCR-1765-ID-19234349-ADNFCRhttp://www.secuobs.com/revue/news/113243.shtmlhttp://www.secuobs.com/revue/news/113243.shtml 2009-06-24 18:06:13 - Biometrics Resource findBIOMETRICS.com : Enhances Physical and Cyber Security and Compliance -Interop Las Vegashttp://www.secuobs.com/revue/news/113195.shtmlhttp://www.secuobs.com/revue/news/113195.shtml 2009-06-24 17:33:05 - Packet Storm Security Headlines : http://www.secuobs.com/revue/news/113172.shtmlhttp://www.secuobs.com/revue/news/113172.shtml 2009-06-24 17:02:22 - Help Net Security News : Head First Networking has a visually rich format, which provides atask-based approach to computer networking that makes it easy to getyour brain engaged You'll learn the concepts by tying them to ohttp://www.secuobs.com/revue/news/113149.shtmlhttp://www.secuobs.com/revue/news/113149.shtml 2009-06-24 16:48:37 - Dragos Lungu Dot Com Security Tools And Tips : NetWitness is the most impressive network forensics tool ever It takes aradically new approach on raw traffic analysis by recomposing all thenetwork sessions and presenting an array of nouns, verbs, adjectivesrelated to the captured datahttp://www.secuobs.com/revue/news/113136.shtmlhttp://www.secuobs.com/revue/news/113136.shtml 2009-06-24 14:11:31 - Network World on Security : Social-networking sites, and in some instances their users, areresponsible for protecting the privacy rights of the people whoseinformation they exchange online, according to an influential Europeandata protection committeehttp://www.secuobs.com/revue/news/113098.shtmlhttp://www.secuobs.com/revue/news/113098.shtml 2009-06-24 13:11:21 - Help Net Security News : Netgear announced the addition of a new, high-density network storagesystem to its family of ReadyNAS products for SMBs The ReadyNAS 3200is a 2U 12-bay unified storage platform that provides up to http://www.secuobs.com/revue/news/113071.shtmlhttp://www.secuobs.com/revue/news/113071.shtml 2009-06-24 05:48:28 - Hack In The Box : An avid Twitter user, Alana Taylor wrote a song about the socialnetworking site and uploaded it to YouTube last April Soon, herTwitter feed became flooded with messages linking to it "'Everyonewas like, 'RT: Alana Taylor's Twitter song,' " said Taylor, 21, astudent at New York University and marketing manager at OneTXT "Itjust spread, and a lot of it had to do with retweeting" Retweeting,represented on Twitter with the symbol "RT," means a user has takensomeone else's tweet -- or message -- and copied part or all of itThe original author is often credited through the convention";@username," although sometimes the true source gets lost as messagesspread further Apart from being used to share amusing links such asTaylor's video, retweeting has taken on a powerful role in politicalactivism Many young protesters in Iran have used Twitter to organizedemonstrations against the results of the recent election, and thewords, photos and videos of people on the ground in the country havespread globally through retweetinghttp://www.secuobs.com/revue/news/112994.shtmlhttp://www.secuobs.com/revue/news/112994.shtml 2009-06-24 04:29:54 - Network Security Blog : We start the show off by wishing Martin luck with his presentation at theFIRST conference in Kyoto, foolishly trusting Rich with the keys tothe podcast Then Rich fawns over his iPhone 3GS a little too much,but he does manage to talk about some cool new security features Richalso rants a little on http://www.secuobs.com/revue/news/112921.shtmlhttp://www.secuobs.com/revue/news/112921.shtml 2009-06-24 01:29:06 - Computer Security News : An audit showed the Minnesota system that administers retirement andother benefits to state and public employees lacked plans and policiesto protect the security of its data and computershttp://www.secuobs.com/revue/news/112911.shtmlhttp://www.secuobs.com/revue/news/112911.shtml 2009-06-24 00:25:42 - Security Provoked : CSI Members can view our Guides to Securing Social Networks for LinkedIn,Facebook and MySpace through the members-only CSI Security ResourceCenter Please visithttp://gocsicom/membersonly/showArticlejhtmlarticleID=218100937etcatID=14130to read the guides, and feel free to pass them along to yourend-users Not a member, but interested in receiving our guides andAlerts for security professionals E-mail me at http://www.secuobs.com/revue/news/112901.shtmlhttp://www.secuobs.com/revue/news/112901.shtml 2009-06-23 21:11:01 - Biometrics Resource findBIOMETRICS.com : Criminal Investigation Organizations Choose Industry’s Most RobustCriminalhttp://www.secuobs.com/revue/news/112845.shtmlhttp://www.secuobs.com/revue/news/112845.shtml 2009-06-23 20:16:25 - Security Bloggers Network : A couple of weeks ago, I jotted down a few thoughts on the letter fromthe NRF to the PCI-SSC about the PCI Standards My post was a bitrant-ish, but Anton Chuvakin threw down a great review in hishttp://www.secuobs.com/revue/news/112789.shtmlhttp://www.secuobs.com/revue/news/112789.shtml 2009-06-23 09:15:43 - What's New @ Mu : Mu Dynamics, the leader in providing network operators and vendorsnetwork application testing for converged services today announces thenew Mu Studio module Mu Studio expands the breadth and depth of theaward-winning Mu Test Suite by automating the creation and applicationof complex, custom and proprietary test case scenarios to pinpointcritical software weaknesses Mu Studio leverages the Mu’saward-winning platform in use at more than 100 locations globallyincluding the vast majority of leading network operators and theirvendor suppliershttp://www.secuobs.com/revue/news/112600.shtmlhttp://www.secuobs.com/revue/news/112600.shtml 2009-06-23 05:18:35 - Thaumatocracy : This season for barcamp I was able to secure an Aruba networks wirelesspackage: 1 mc200 controller and 3 ap125’s This was AMPLE for barcampThere were a total of 232 unique mac addresses that joined the barcampnetwork There were a total of 242 individuals who signed in withsecurity at the event Thats very http://www.secuobs.com/revue/news/112559.shtmlhttp://www.secuobs.com/revue/news/112559.shtml 2009-06-23 04:37:02 - The Tor Blog blogs : In the past few days the Tor network is seeing a lot of new userscoming from Iran At the same time we have heard from many people whowant to support the Tor network by setting up more relays and bridgesNow we wanted to know, are these just promises, or did the networkreally grow Here are the results:The number of relays has grown by 359 or 24% to now 1827 relays withinonly one week to the highest number of relays the network has everseen Likewise, the number of bridges has increased by an incredible69 % from 255 to 432 within one week AwesomeIMAGEIMAGESo, does this mean everything is taken care of and no more relays orbridges are needed Not at all As you may know, Tor has someperformance issues that are, among other things, the result of too fewbandwidth capacity for too many clients If you can, go setup morerelays and bridges and keep them running even when the conflicts inthe world do not hit the headlines Be sure that your support is muchappreciatedhttp://www.secuobs.com/revue/news/112528.shtmlhttp://www.secuobs.com/revue/news/112528.shtml 2009-06-23 00:47:28 - Syrinx Technologies Podcasts : This podcast will focus on the technology around the Behavior-basedNetwork IDS The guest is Mark Williams, Sales Director at PrimeVoiceMark studied Physics and Electrical Engineering at both University ofVirginia undergrad and Virginia Tech graduate He has 13 years oftelecommunications experience working for companies such as DominionTelecom, BAE, Level 3, and Net Telcos Mark lives in Richmond with hiswife Amy and a 2 month old son named Matthewhttp://www.secuobs.com/revue/news/112446.shtmlhttp://www.secuobs.com/revue/news/112446.shtml 2009-06-23 00:08:12 - Slashdot Your Rights Online : BcNexus writes with news from Minnesota that may have significance forcities around the US where municipal networks are either in place orplanned: "Here's the latest development in a fight pitting atelecommunication company against government competition The telco,TDS, took its fight all the way to the Minnesota Supreme Court becauseit thought the city had no right to serve people's internet, voice andtelevision needs with its own network, but has failed" Also fromMinnesota today, BcNexus writes "The State of Minnesota was the firstto blink and chose to avoid a court showdown when it dropped itsattempt to block online gambling sites"IMAGERead more of this story at SlashdotIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/112429.shtmlhttp://www.secuobs.com/revue/news/112429.shtml 2009-06-22 23:37:30 - Help Net Security News : NCP engineering has developed a blueprint for next generation networkaccess technology The roadmap details the 12 essential componentsorganizations need to secure their networks, foster productivithttp://www.secuobs.com/revue/news/112398.shtmlhttp://www.secuobs.com/revue/news/112398.shtml 2009-06-22 23:34:58 - ContactlessNews Contactless Smart Cards, RFID, Payment, Transit and Security : Bling Nation, a Palo Alto, Calif-based local payments networkprovider for community banks nationwide, announced that The StateBank, La Junta, Colo, recently went live with Bling’s CommunityPayments Service, a contactless payments network that enables banksand merchants to avoid global network costs through a secure localdebit networkThe State Bank, which is supported by Integrated Bank Technology’sbanking software, is offering the Community Payments Service to localmerchants and its almost 5,000 customers Using Bling, merchants nolonger are faced with expensive interchange fees and can offercustomizable rewards programs to customersBling Nation’s core technology is an integrated issuing and acquiringplatform designed specifically for local and regional banks Throughits Community Payments Service, Bling Nation enables financialinstitutions to support payments between their local demand depositaccount customers and their merchant customershttp://www.secuobs.com/revue/news/112396.shtmlhttp://www.secuobs.com/revue/news/112396.shtml 2009-06-22 20:56:01 - Rootsecure.net : Network World: Fraudsters try to scam security expert on eBay "The firstbuyer of his laptop used a hacked account, the second tried to trickhim into sending it without payment"http://www.secuobs.com/revue/news/112362.shtmlhttp://www.secuobs.com/revue/news/112362.shtml 2009-06-22 18:59:58 - Global Security Mag Online : Aruba Networks, acteur des réseaux sans fil et des solutions unifiées etsécurisées de mobilité, a annoncé la disponibilité de son nouveaupoint d'accès « invisible », l'AP-65WB, conçu pour offrir unediscrétion absolue à ses clientsL'AP-65WB est un point d'accès sans fil a/b/g à double radio qui atoute l'apparence d'une plaque électrique murale Les antennesplanaires sont intégrées au sein de cette plaque de protection et donccomplètement invisibles L'apparence discrète et la conception robustede - Produitshttp://www.secuobs.com/revue/news/112274.shtmlhttp://www.secuobs.com/revue/news/112274.shtml 2009-06-22 04:44:07 - Computer Security News : Growth in the Asia-Pacific network security market will slump to 65%this year - falling nearly two thirds from 2008 - " as the full impactof the global recession hits Asia, Frost et Sullivan saidhttp://www.secuobs.com/revue/news/112131.shtmlhttp://www.secuobs.com/revue/news/112131.shtml 2009-06-20 19:40:39 - Rootsecure.net : Network World: Google grabs 1 million phone numbers for Google Voicehttp://www.secuobs.com/revue/news/111892.shtmlhttp://www.secuobs.com/revue/news/111892.shtml 2009-06-20 19:40:39 - Rootsecure.net : Arbor Networks: Iran DDoS Activity - Chatter, Tools and Traffic Rateshttp://www.secuobs.com/revue/news/111889.shtmlhttp://www.secuobs.com/revue/news/111889.shtml 2009-06-20 04:48:01 - Infrastructure 2.0 : Who knows who created the “intercloud” term, but it is a majordevelopment in articulating the enterprise cloud payoff Check outthis Cisco blog and intercloud preso It is a grand and spectacularvision of where computing needs to goThink of the intercloud as an elastic mesh of on demand processingpower deployed across multiple data centers The payoff is massivescale, efficiency and flexibilityJust when you thought that Google and Amazon would control the skies,along comes Cisco with a brilliant vision that amplifies the role ofthe network and offers enterprises a sexy alternativeAs hot an idea as it is, the Intercloud might have detractors likeMark Masterson, who recently published a brilliant presentation onenterprise cloud security You want to watch the preso He makes thecase for why security needs to evolve to protect the cloud Theintercloud will need to address these issues even more so than thepartially virtualized racks of blades some are already calling cloudsThe brilliance of the intercloud is today’s gap between the intercloudpromise and reality: the network That’s why it makes great sense fornetworking hardware like Cisco to begin educating the market aboutwhere cloud computing needs to go, and ultimately the investments inautomation and management that will be required The vision will helpto champion the needed technologyBefore we get too carried away with the intercloud promise, let’s talkabout a few challenges here on the ground Everyone probably agreesthat it will be the most powerful, cost effective and compelling formof cloud computing for the enterprise Yet according to Internetvisionary Vinton Cerf, today’s Internet isn’t yet prepped for the muchsimpler stuff:“One of the most critical needs is authentication, Cerf said, and hetold the crowd at a TechAmerica gathering Wednesday that anyone whoperforms transactions over the Internet -- which is everyone --"should be deeply concerned about that technology"The lack of authentication is pervasive and is even a problem insimple cases, such as authenticating entries in the domain namesystem, he said”Patrick Thibodeau, Computerworld June 11, 2009There are also still issues with management and virtualization, asDenise Dubie suggested in Network World recently:“A majority of IT departments are deploying virtualization, but stillmost don't feel comfortable with the tools and technologies they havein place to manage application performance or troubleshoot problems inthe virtual environment, according to recent survey results”- Denise Dubie, Network World, May 2009The intercloud won’t be a cakewalk As Cerf advises authenticationincluding the ages old art of addressing will need to be tackled asa part of infrastructure 20 Management of more fluid VM environmentswill also continue to be issues Bit what a sexy visionhttp://www.secuobs.com/revue/news/111810.shtmlhttp://www.secuobs.com/revue/news/111810.shtml 2009-06-19 21:20:03 - gHacks technology news : This morning I needed a visual representation of my local Lan in order tofind out what machines were associated with what IP addresses Forthis task I used a tool that has come in handy on a number ofoccasions That tool Lanmap Lanmap is a command-line only toolavailable for Ubuntu that will http://www.secuobs.com/revue/news/111666.shtmlhttp://www.secuobs.com/revue/news/111666.shtml 2009-06-19 20:49:20 - Latest articles from SC Magazine US : Researchers are set to discuss a wide range of topics at the annual BlackHat conferenceIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/111645.shtmlhttp://www.secuobs.com/revue/news/111645.shtml 2009-06-19 17:00:19 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/111562.shtmlhttp://www.secuobs.com/revue/news/111562.shtml 2009-06-19 17:00:19 - Global Security Mag Online : Kaspersky Lab annonce l'intégration de ses dernières technologiesantivirales aux passerelles de services de la gamme SRX Series et auxrouteurs de services J Series de Juniper NetworksLe filtre antivirus est un composant essentiel de tout système deprotection réseau De nombreux facteurs décisifs ont conduit au choixde Kaspersky Lab comme partenaire : son expérience et sa notoriétésans égal en tant que fournisseur leader de technologies antivirales,la fiabilité de protection de ses - Businesshttp://www.secuobs.com/revue/news/111559.shtmlhttp://www.secuobs.com/revue/news/111559.shtml 2009-06-19 15:07:40 - Bulletins et Alertes de Sécurité SECURINFOS.INFO : Une vulnérabilité a été rapportée dans Sun Solaris, qui pourrait êtreexploitée par des personnes malintentionnées pour causer un Déni deService DoShttp://www.secuobs.com/revue/news/111545.shtmlhttp://www.secuobs.com/revue/news/111545.shtml 2009-06-19 12:14:30 - Rootsecure.net : Network World: iPhone OS 30 includes bevy of hidden featureshttp://www.secuobs.com/revue/news/111516.shtmlhttp://www.secuobs.com/revue/news/111516.shtml 2009-06-19 05:16:20 - Security : In the past couple of weeks, I’ve been blogging about Smart Grid froma positive, green technology standpoint But those of us in securityknow that it’s also rife with potential security risks And recentevents underscore that point In April, The Wall Street Journalreported that spies from other countries had hacked into the grid,planting software that could have been used to disrupt service Whileno such disruption occurred, the incident does point to the need forenhanced monitoring and control over such vital servicesThe Obama administration is not taking the possibility of cyberthreats lightly In fact, it has undertaken several initiatives tomake cybersecurity a top priority To begin with, they’ve committed todeveloping a comprehensive policy for the United States Thispositions the White House to assume a leadership role in protectingthe nation’s information infrastructure, and fosters globalcooperation on cybercrime to ensure a safer networking environmenthttp://www.secuobs.com/revue/news/111459.shtmlhttp://www.secuobs.com/revue/news/111459.shtml 2009-06-19 00:37:37 - Security Bytes : Could flaws in social networks send the Internet spiraling out ofcontrol A flaw discovered in URL shortener Cligs Cligs lastweekend demonstrates the fragility of the social networking ecosystemand how potentially dangerous it could be Cligs competes againstTinyURL and Bitly, which dominate link shortening on Twitter It isrecognized as the 4th most used http://www.secuobs.com/revue/news/111374.shtmlhttp://www.secuobs.com/revue/news/111374.shtml 2009-06-19 00:28:50 - The Tech Herald Security News : In the recent Cybercrime Intelligence report from Finjan, the companytells the story of Golden Cash botnet The botnet consists of anentire trading platform for malware infested computers, includingbuying and selling, attack-based toolkits, and distribution viapartners During research for the CI report, Finjan gained insightinto the Golden Cash CetC process as well as operationshttp://www.secuobs.com/revue/news/111355.shtmlhttp://www.secuobs.com/revue/news/111355.shtml 2009-06-18 20:55:10 - Fortinet FortiGuard Blog : While the next generation of tech has arguably arrived, it is simply afact now that social networking sites and the blogosphere have becomean integrated part of many peoples lives - some may even call themhome at least to their browsers In 2008, we predicted the wave ofspam that would hit these http://www.secuobs.com/revue/news/111294.shtmlhttp://www.secuobs.com/revue/news/111294.shtml 2009-06-18 15:48:01 - Syrinx Technologies : Unless you've been living under a rock lately you're probably well awareof the whole "social networking" craze Whether you're a fan ofFacebook, LinkedIn or Twitter doesn't matter to me Everyone has tomake their own choices as to where, when and how much they spend theirtime on each of these diversions For me the choice is clear, I'm aLinkedIn fan because of my business I don't have friends or childrenin remote lands and I'm a little old for the dating scene I useLinkedIn strictly for business to connect with my current and futureclientsIn Richmond there have been several articles in the past couple ofdays regarding the whole phenomenon As you might expect there arelots of people ready to line up on both sides Decide foryourselfthere is no right or wrong answer If you're interested inreading the local chatter check out these two links:http://wwwrichmondbizsensecom/2009/06/17/richmond-20-tweeting-for-business/http://wwwrichmondbizsensecom/2009/06/18/hello-will-you-be-my-friend/Syrinx Technologies also recently interviewed Paula Gulak on thetopics of "Personal Branding" and "Taking Advantage of Social Media"The first episode is now available at:http://wwwsyrinxtechcom/podcasts/rsshtmlThe second episode will be available sometime in the near futurePaula has over 25 years of experience and in both episodes shediscusses her thoughts on the social networking issueIMAGEhttp://www.secuobs.com/revue/news/111191.shtmlhttp://www.secuobs.com/revue/news/111191.shtml 2009-06-18 12:37:39 - ISN InfoSec News Mailing List : InfoSec News: 'Golden Cash' botnet-leasing network uncovered:http://newscnetcom/8301-1009_3-10266977-83htmlBy Elinor Mills Security CNet News June 17, 2009Researchers at security firm Finjan said on Wednesday that they haveuncovered an underground botnet-leasing network where cyber criminalscan pay $5 to $100 to install malware on 1,000 PCs for things likestealing data and sending spamThe Golden Cash network, dubbed "Your money-making machine" on itshome page, sells access to botnets comprised of thousands ofcompromised PCs to cyber criminals for custom malware spreading jobs,according to issue 2 of the Cybercrime Intelligence Report for 2009Here's how it works: a cyber criminal creates a botnet by hidingmalicious code in a legitimate Web site that is used to turn Websurfing PCs into zombies The code, typically an iFrame, points thePCs to a separate Web site where they are then infected with a Trojanbackdoor that reports back to the Golden Cash command and controlserverIn order to increase the number of botnets, the Golden Cash serverinstalls an FTP file transfer protocol grabber on new zombies tosteal credentials used by the computers to run Web sites, giving theserver control over additional legitimate Web sites Approximately100,000 domains, including corporate domains from around the world,were identified among the stolen FTP credentials under Golden Cash'scontrol, according to the reporthttp://www.secuobs.com/revue/news/111137.shtmlhttp://www.secuobs.com/revue/news/111137.shtml 2009-06-18 12:10:53 - Security for the Masses : Arbor Networks has posted an analysis of Iranian internet traffic sincethe disputed election took place There is some interestingspeculation on how Iran is trying to throttle the Web 20 revolutiontaking place in that country and the unintended side effects tobusiness and infrastructureRead more at ArborUnintended side effectswho is winning the war, Iran or the InternetIMAGEhttp://www.secuobs.com/revue/news/111124.shtmlhttp://www.secuobs.com/revue/news/111124.shtml 2009-06-18 01:01:39 - Latest articles from SC Magazine US : Researchers at a web security firm have discovered what they term thelatest milestone in the evolving cybercriminal underground: aone-stop-shop for hackersIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/110962.shtmlhttp://www.secuobs.com/revue/news/110962.shtml 2009-06-17 22:09:06 - Office of Inadequate Security : A Boston-based non-profit organization that provides job training,JFYNetWorks, has notified pdf the New Hampshire Attorney General’sOffice last week of a recent incident: We recently learned of thepossible unauthorized access as part of what appears to have been partof a larger attack on our organization, which occurred on June 3,2009 The attacker http://www.secuobs.com/revue/news/110900.shtmlhttp://www.secuobs.com/revue/news/110900.shtml 2009-06-17 21:41:13 - Global Security Mag Online : Trapeze Networks, une enseigne Belden, annonce que le Forum des images adéployé une infrastructure Wi-Fi basée sur les normes 80211 a, b, get n, pour offrir à ses visiteurs un accès à InternetAprès 3 ans de travaux pour remise en conformité et restructurationinterne, le Forum des images a réouvert ses portes fin 2008 avec pourbut de mieux répondre aux évolutions technologiques, aux pratiquescinéphiliques - Marchéshttp://www.secuobs.com/revue/news/110876.shtmlhttp://www.secuobs.com/revue/news/110876.shtml 2009-06-17 13:31:19 - Rootsecure.net : Wired: Lawyers in DVD-Copying Case Charge up to $765 Hourly "Hollywoodstudios are paying up to $765 an hour for attorneys litigating alawsuit aimed at preventing RealNetworks from marketing software thatallows movie fans to copy their DVDs"http://www.secuobs.com/revue/news/110649.shtmlhttp://www.secuobs.com/revue/news/110649.shtml 2009-06-17 04:48:20 - Hack In The Box : South Korea's military computer networks are under ever-growing cyberattack with 95,000 cases reported daily on average, officials saidThe Defence Security Command said in a report to a security forum thatevery day the military counters an average of 10,450 hacking attemptsand 81,700 computer virus infections in addition to other cases Theattacks increased 20 percent this year compared to 2008, it said Aspokesman for the command told AFP most of the attacks are the same asordinary people experience at home, but one-tenth are serioushttp://www.secuobs.com/revue/news/110566.shtmlhttp://www.secuobs.com/revue/news/110566.shtml 2009-06-17 03:08:29 - Network Security Blog : This week we had a chance to talk to Jeff Moss, the founder of a coupleminor security events, Black Hat and Defcon Of course some would saythat they’re the biggest social events of the year, along with havingthe best presentations on cutting edge security research, but what dothey know A lot http://www.secuobs.com/revue/news/110491.shtmlhttp://www.secuobs.com/revue/news/110491.shtml 2009-06-16 23:54:43 - The Tor Blog blogs : On this year's HotPETs workshop August 5-7 in Seattle, WA, USA I'mgoing to present some results on Measuring the Tor Network from PublicDirectory Information The main idea is to observe trends in the Tornetwork without having to measure any data other than public directoryinformation These data are there anyway as they are required forclients to make good path selection decisions and build circuits Theresults of this paper reveal problems in the current Tor network thatneed to be addressed, eg, by lowering requirements for assigningcertain flags, facilitating the upgrade process, improving support fordynamic IP addresses, possibly calculating bandwidth capacity morereliably, and clarifying legal issues for running relays in view ofdata retention laws The next step in understanding the problems ofthe Tor network requires an extension of network measurements toimprove performance and blocking-resistance of Torhttp://www.secuobs.com/revue/news/110466.shtmlhttp://www.secuobs.com/revue/news/110466.shtml 2009-06-16 20:36:05 - Network World on Security : The Asia-Pacific network security market is expected to grow by 65 percent this year, dropping nearly two-thirds from the robust growth in2008http://www.secuobs.com/revue/news/110390.shtmlhttp://www.secuobs.com/revue/news/110390.shtml 2009-06-16 18:51:46 - Global Security Mag Online : BoostEdge est une appliance qui accélère les temps de réponse, permetd'économiser de la bande passante et de sécuriser les applicationsWeb Elle assure également leur tenue en charge et la hautedisponibilité des serveurs Grâce à sa technologie brevetée,l'installation du boîtier BoostEdge peut s'effectuer directement dansun réseau en production en moins de deux heures, en mode transparent,sans modification du réseau, ni des postes clients, ni du paramétragedes applicationsCette caractéristique - Produitshttp://www.secuobs.com/revue/news/110265.shtmlhttp://www.secuobs.com/revue/news/110265.shtml 2009-06-16 18:51:46 - Global Security Mag Online : LOXAM a souhaité alléger la charge d'administration de son infrastructureLANDesk® L'objectif de cette démarche a été de pouvoir valoriserl'engagement des collaborateurs LOXAM en les orientant vers desmissions de travail créatrices de valeur pour l'entreprise Dans cetteoptique d'optimisation, NetworkD a proposé à LOXAM de bénéficier del'expertise des consultants NetworkD pour la gestion opérationnelle deses solutions LANDesk®“ L'approche IMS de NetworkD nous a permis d'accélérer l'utilisation - Marchéshttp://www.secuobs.com/revue/news/110256.shtmlhttp://www.secuobs.com/revue/news/110256.shtml 2009-06-16 15:24:10 - Help Net Security News : RedSeal Systems announced Network Advisor 40, the industry’s firstenterprise-wide network security assurance software RedSeal NetworkAdvisor continuously analyzes the end-to-end interaction of firhttp://www.secuobs.com/revue/news/110202.shtmlhttp://www.secuobs.com/revue/news/110202.shtml 2009-06-15 23:43:42 - Help Net Security News : The new D-Link Network Camera DCS-1100 is 'mydlink-enabled', allowingit to be easily viewed and managed by the mydlink portal A wireless80211n version, the DCS-1130, is expected to ship at end ohttp://www.secuobs.com/revue/news/109973.shtmlhttp://www.secuobs.com/revue/news/109973.shtml 2009-06-15 20:49:56 - Reverse Engineering Mac OS X : Since there are programs with serial numbers tied to network card macaddress it might be useful to change it There are some fancy GUIprograms for this but it’s faster from terminal: ifconfig en0 lladdrX:XX:XX:XX:XX:XX And that’s it…http://www.secuobs.com/revue/news/109915.shtmlhttp://www.secuobs.com/revue/news/109915.shtml 2009-06-15 20:13:27 - News : Business continuity planning has evolved from simply somethingcompanies hope never to roll out, to an important focus of securityoperations, according to a new survey from ATetTread moreIMAGEhttp://www.secuobs.com/revue/news/109860.shtmlhttp://www.secuobs.com/revue/news/109860.shtml 2009-06-15 17:07:23 - Threatpost Feed : By Alex Rothacker, Team SHATTERIt seems as though the latest rash of threats and attacks all have afamiliar ring to them: they’re all aimed at social networking siteslike Twitter and Facebook, which is interesting, because smartattackers will use whatever means possible to get to the stuff thatreally counts – enterprise datahttp://www.secuobs.com/revue/news/109810.shtmlhttp://www.secuobs.com/revue/news/109810.shtml 2009-06-15 15:13:21 - Security Park : As consumers increasingly demand better quality video for everything fromHDTV to YouTube to mobile television on cell phones, videotechnologies have improved to produce extremely vivid motion pictures,multi-channel audio and higher frame rates, resulting in a morerealistic viewing experience But with the increase in clarity andrealism naturally comes larger file sizes The length of an averamorehttp://www.secuobs.com/revue/news/109778.shtmlhttp://www.secuobs.com/revue/news/109778.shtml 2009-06-15 15:13:21 - Security Park : Established in 1576 and set in the beautiful surroundings of the Kentcountryside, Sutton Valence School SVS is a co-educationalindependent day and boarding school for ages 3 to 18 It is one of theoldest public schools in the UK Incorporating a senior and apreparatory school, the SVS network connects staff, pupils and guestswithin 15 buildings and one branch location In 2007, SVS begamorehttp://www.secuobs.com/revue/news/109775.shtmlhttp://www.secuobs.com/revue/news/109775.shtml 2009-06-14 11:53:29 - Rootsecure.net : Network World: International telecom hacker group busted "Global lawenforcement team takes down alleged authors of $55M-plus scam"http://www.secuobs.com/revue/news/109460.shtmlhttp://www.secuobs.com/revue/news/109460.shtml 2009-06-14 07:21:07 - Computer Security News : Hifn, recently acquired by Exar Corporation , the Company poweringconnectivity, today announced an OEM agreement for its SentryXLsecurity processors with IBASE Technology, a leading innovator ofindustrial computers and embedded systemshttp://www.secuobs.com/revue/news/109450.shtmlhttp://www.secuobs.com/revue/news/109450.shtml 2009-06-13 04:03:17 - Computer Security News : Growth slows to 65 percent this year, but Asia-Pacific networksecurity market remains resilient says Frost et Sullivan INDIA: TheAsia-Pacific network security market is expected to grow by 65 percent in 2009, dropping nearly two-thirds from the robust growth in2008http://www.secuobs.com/revue/news/109276.shtmlhttp://www.secuobs.com/revue/news/109276.shtml 2009-06-12 22:01:04 - gHacks technology news : Network Troubleshooting can be one of the most frustrating tasksespecially for the average computer user There is always the questionwhere to start the troubleshooting process The Windows operatingsystem comes with troubleshooting wizards that usually do not help atall except for the most basic of troubles that users can run into Buthttp://www.secuobs.com/revue/news/109188.shtmlhttp://www.secuobs.com/revue/news/109188.shtml 2009-06-12 21:59:09 - Security Bloggers Network : The sci-fi masterpiece Ender's Game details the formative years of thestory's hero - Ender Wiggin Upon entering battle school, he isimmediately made into an outcast by his superiors and begins an uphillclimb to gain power and a following Early on, he figures out that hecan send messages that appear to come from other students He doesthis by creating a new identity in the shcool computers and exploitingan implementation flaw within the system Ender leverages the weaknessto twist his opponent's words, humiliating his adversary and winningover his friendsThe 44th president has a LinkedIn profile and a Twitter account Howdo we know that it's actually Barack tweeting and making connectionsIgnoring the fact that an aid is probably responsible for managingBarack's online identities, what is to stop any barely computerliterate individual from setting up a facebook account in your nameHow long could an impostor go undetected Social networks naturallysupport multiplicities of an identity Take for example the many facesof Paris Hilton on LinkedInImpersonating online identities, or "Endering", uses personalinformation from one or more sources and turns that into an onlineidentity within a social network The potential sources vary wildlyand include court records, job boards, wikipedia, mailing lists,social networks, background checks, credit reports etc In itssimplest form, Endering involves an exact duplication of an existingonline identityEndering is actively being conducted on popular social networksTweeple were left confused in May of this year after witnessing whatappeared to be an MP's tweets indicating inside knowledge of anupcoming general election At least one Moroccan individual hasreceived Jail time for Endering Less extreme cases in the US haveresulted in Law SuitsEndering and its variations are attacks with political implicationsand consequences In practical terms, these attacks can be used tomarket products, stage hilarious practical jokes, subvert employees,distribute propaganda, manipulate the press, recruit talent, monitoremployees, and moreMore ExamplesFake facebook student used to monitor student bodyNorthwestern officials declined to comment on whether they use orwould consider using a false Facebook account to gain access tostudents’ information But in general, they said, they would notrule out using information found through Facebook, or other Webcommunication, in disciplinary mattersGuyana President ImpersonatedFacebook said that under the network's terms of use members arebanned from attempting to "impersonate any person or entity"Stealing FriendsOnce your fake identity has been setup, you'll want to do somethingwith it Before you can do much of anything useful, you will need toconvince some of your target's associates to become your clone'sassociates A little research goes a long way here Some of the bestcandidates are those you can learn about from public sources but donot have accounts on the social network you're operating within Forexample, you want to impersonate the CEO of a company You know thatthe CEO is friends with a VP of the same company however the VP doesnot have a Facebook/LinkedIn/Hi5/YouNameIt accountAnother option is to hijack connections This one requires somegrifting but can be just as fruitful The associate being targetedalready has an account on the social network but you will need totrick them into becoming your associate, so in your invitation toconnect message, you let them know that your other account was hacked,you lost the password, or some other form of "my dog ate it" It'salready fairly common for this to happen without attackers beingthrown into the mixIMAGEhttp://www.secuobs.com/revue/news/109185.shtmlhttp://www.secuobs.com/revue/news/109185.shtml 2009-06-12 21:59:09 - Security Bloggers Network : One might ask why would a Techie-geek security management person likemyself would go to #140 Conference in New York There are lThesecurity reason of interest to myself and to my organization isrelated to information leakage through twitter as well as furtheringsocial education about new technology risks What is #140Conf : Youcan http://www.secuobs.com/revue/news/109184.shtmlhttp://www.secuobs.com/revue/news/109184.shtml 2009-06-12 21:57:40 - News : The Australian Commonwealth Scientific and Research OrganisationCSIRO will install some 200 solar-powered, sensor network nodes overthe next two years to help rehabilitate rainforest in the SpringbrookWorld Heritage precinct in south-east Queenslandread moreIMAGEhttp://www.secuobs.com/revue/news/109177.shtmlhttp://www.secuobs.com/revue/news/109177.shtml 2009-06-12 15:21:42 - Security Park : Syphan Technologies's ITC220 network security appliance uses FPGAtechnology and multi-dimensional parallel processing techniques todeliver True 10G performance through the box with total IP inspectionup to layer 7 without latency Capable of supporting up to 50,000field-upgradable inspection rules and over 500 virtualised customerprofiles, the ITC220 is fully extensible and scalable to p morehttp://www.secuobs.com/revue/news/109005.shtmlhttp://www.secuobs.com/revue/news/109005.shtml 2009-06-12 04:34:13 - National Vulnerability Database : Unspecified vulnerability in HP OpenView Network Node Manager OV NNM751 and 753, when used with SNMP aka HPOvNNMHPOVSNMP before130009 and MIB aka HPOvNNMHPOVMIB before 130009, allows remoteattackers to execute arbitrary code or cause a denial of service viaunknown vectorshttp://www.secuobs.com/revue/news/108886.shtmlhttp://www.secuobs.com/revue/news/108886.shtml 2009-06-12 04:19:35 - From a malicious attacker : The sci-fi masterpiece Ender's Game details the formative years of thestory's hero - Ender Wiggin Upon entering battle school, he isimmediately made into an outcast by his superiors and begins an uphillclimb to gain power and a following Early on, he figures out that hecan send messages that appear to come from other students He doesthis by creating a new identity in the shcool computers and exploitingan implementation flaw within the system Ender leverages the weaknessto twist his opponent's words, humiliating his adversary and winningover his friendsThe 44th president has a LinkedIn profile and a Twitter account Howdo we know that it's actually Barack tweeting and making connectionsIgnoring the fact that an aid is probably responsible for managingBarack's online identities, what is to stop any barely computerliterate individual from setting up a facebook account in your nameHow long could an impostor go undetected Social networks naturallysupport multiplicities of an identity Take for example the many facesof Paris Hilton on LinkedInImpersonating online identities, or "Endering", uses personalinformation from one or more sources and turns that into an onlineidentity within a social network The potential sources vary wildlyand include court records, job boards, wikipedia, mailing lists,social networks, background checks, credit reports etc In itssimplest form, Endering involves an exact duplication of an existingonline identityEndering is actively being conducted on popular social networksTweeple were left confused in May of this year after witnessing whatappeared to be an MP's tweets indicating inside knowledge of anupcoming general election At least one Moroccan individual hasreceived Jail time for Endering Less extreme cases in the US haveresulted in Law SuitsEndering and its variations are attacks with political implicationsand consequences In practical terms, these attacks can be used tomarket products, stage hilarious practical jokes, subvert employees,distribute propaganda, manipulate the press, recruit talent, monitoremployees, and moreMore ExamplesFake facebook student used to monitor student bodyNorthwestern officials declined to comment on whether they use orwould consider using a false Facebook account to gain access tostudents’ information But in general, they said, they would notrule out using information found through Facebook, or other Webcommunication, in disciplinary mattersGuyana President ImpersonatedFacebook said that under the network's terms of use members arebanned from attempting to "impersonate any person or entity"Stealing FriendsOnce your fake identity has been setup, you'll want to do somethingwith it Before you can do much of anything useful, you will need toconvince some of your target's associates to become your clone'sassociates A little research goes a long way here Some of the bestcandidates are those you can learn about from public sources but donot have accounts on the social network you're operating within Forexample, you want to impersonate the CEO of a company You know thatthe CEO is friends with a VP of the same company however the VP doesnot have a Facebook/LinkedIn/Hi5/YouNameIt accountAnother option is to hijack connections This one requires somegrifting but can be just as fruitful The associate being targetedalready has an account on the social network but you will need totrick them into becoming your associate, so in your invitation toconnect message, you let them know that your other account was hacked,you lost the password, or some other form of "my dog ate it" It'salready fairly common for this to happen without attackers beingthrown into the mixIMAGEhttp://www.secuobs.com/revue/news/108855.shtmlhttp://www.secuobs.com/revue/news/108855.shtml 2009-06-11 23:49:45 - Rootsecure.net : Network World: Free Microsoft antivirus 'coming soon'http://www.secuobs.com/revue/news/108757.shtmlhttp://www.secuobs.com/revue/news/108757.shtml 2009-06-11 21:35:37 - Biometrics Resource findBIOMETRICS.com : Leading Mexican Bank Deploys Verint Nextiva Video Management Solutionhttp://www.secuobs.com/revue/news/108683.shtmlhttp://www.secuobs.com/revue/news/108683.shtml 2009-06-11 20:51:38 - Help Net Security News : While standards and products now support PSTN-equivalent services forvoice, video and text over IP, there are significant difficulties indeploying attractive, large-scale, reliable and secure IP telhttp://www.secuobs.com/revue/news/108648.shtmlhttp://www.secuobs.com/revue/news/108648.shtml 2009-06-11 19:16:44 - About.com Internet Network Security : Free is almost always a good thing Sometimes you get what you pay for,but the price is right With a global economic recession, free is moreof a necessityhttp://www.secuobs.com/revue/news/108621.shtmlhttp://www.secuobs.com/revue/news/108621.shtml 2009-06-11 19:00:35 - Les derniers documents du CERTA. : Une vulnérabilité dans HP OpenView Network Node Manager permet à unepersonne malintentionnée sur le réseau local d'effectuer un déni deservice, voire d'exécuter du code arbitrairehttp://www.secuobs.com/revue/news/108603.shtmlhttp://www.secuobs.com/revue/news/108603.shtml 2009-06-11 18:36:42 - Security Bloggers Network : Here’s a nifty little tool to use in analyzing your network connectionfrom the folks at ICSI at Berkeley Useful for security or otherpurposes ICSI Netalyzr link here Alex Eckelberryhat tiphttp://www.secuobs.com/revue/news/108561.shtmlhttp://www.secuobs.com/revue/news/108561.shtml 2009-06-11 15:56:48 - SecGuru : Protect your network with self-regulating network security solutionsthat combat both internal and external threats* Provides an overview of the security components used to designproactive network security* Helps network security professionals understand what the latesttools and techniques can do and how they interact* Presents detailed information on how to use integrated managementto increase security* Includes a design guide with step-by-step implementationinstructionsSelf-Defending Networks: The Next Generation of Network Security helpsnetworking professionals understand how to deploy an end-to-end,integrated network security solution It presents a clear view of thevarious components that can be used throughout the network to not onlymonitor traffic but to allow the network itself to become moreproactive in preventing and mitigating network attacks This securityprimer provides unique insight into the entire range of Cisco securitysolutions, showing what each element is capable of doing and how allof the pieces work together to form an end-to-end Self-DefendingNetwork While other books tend to focus on individual securitycomponents, providing in-depth configuration guidelines for variousdevices and technologies, Self-Defending Networks instead presents ahigh-level overview of the entire range of technologies and techniquesthat comprise the latest thinking in proactive network securitydefenses This book arms network security professionals with thelatest information on the comprehensive suite of Cisco security toolsand techniques Network Admission Control, Network InfectionContainment, Dynamic Attack Mitigation, DDoS Mitigation, HostIntrusion Prevention, and Integrated Security Management are allcovered, providing the most complete overview of various securitysystems It focuses on leveraging integrated management, rather thanincluding a device-by-device manual to implement self-defendingnetworksIMAGEIMAGEIMAGE IMAGE IMAGE IMAGE IMAGEIMAGEhttp://www.secuobs.com/revue/news/108497.shtmlhttp://www.secuobs.com/revue/news/108497.shtml 2009-06-11 15:54:08 - Darknet The Darkside : http://www.secuobs.com/revue/news/108491.shtmlhttp://www.secuobs.com/revue/news/108491.shtml 2009-06-11 14:02:46 - Security Park : The European Commission recently set an IPv6 target adoption rate of 25percent by 2010, and the chairman of the Asia Pacific NetworkInformation Centre predicted that all IPv4 addresses will be depletedby 2011, forcing wide-scale IPv6 adoption In June 2008, the USfederal government requires that all its executive agencies add IPv6to their network backbones A number of Internet powerhouses morehttp://www.secuobs.com/revue/news/108472.shtmlhttp://www.secuobs.com/revue/news/108472.shtml 2009-06-11 10:48:59 - Help Net Security News : There is a general lack of awareness and enforcement of security policiesand procedures in companies today, according to new research announcedby the Ponemon Institute - "Trends in Insider Complianchttp://www.secuobs.com/revue/news/108407.shtmlhttp://www.secuobs.com/revue/news/108407.shtml 2009-06-11 00:25:31 - Security Wire Weekly : Security consultant Lenny Zeltser of Savvis Security Consulting Servicesexplains the threats posed by employee use of social networkingwebsites and what security pros can do to address them Zeltser is afaculty member at the SANS Institute Also, a brief overview ofMicrosoft Patch Tuesdayhttp://www.secuobs.com/revue/news/108227.shtmlhttp://www.secuobs.com/revue/news/108227.shtml 2009-06-11 00:14:22 - OpenDNS Blog : Building on the successes of OpenDNS, today I'm proud to announce BestPath Networks, a new arm of OpenDNS that provides services topartnershttp://www.secuobs.com/revue/news/108208.shtmlhttp://www.secuobs.com/revue/news/108208.shtml 2009-06-10 21:49:35 - Global Security Mag Online : Contact : Christophe CasalegnoAnnée de création : 1999Activités : sécurité informatique, intelligence économique, housing,serveurs dédiés, management de la perception et de l'informationServices proposés :Tests d'intrusion, audit sécurité, politique de sécurité,sécurisation, intelligence économique, veille stratégique, housing,baie, transit ip, serveurs dédiés, infogérance, campagnes decommunication internet, management de la perception, collecte ettraitement de l'information, réinformation - CONSULTANTShttp://www.secuobs.com/revue/news/108146.shtmlhttp://www.secuobs.com/revue/news/108146.shtml 2009-06-10 16:53:29 - Latest articles from SC Magazine US : A free online event on June 16, SC Magazine's eConference: MobileSecurity, offers advice on dealing with the rising tide of mobilethreatsIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/107997.shtmlhttp://www.secuobs.com/revue/news/107997.shtml 2009-06-10 14:04:57 - Global Security Mag Online : Contact : Serge CuestaAnnée de création : 2004Activités : Editeur de solutions d'accélération de flux web,ActivNetworks assure la disponibilité, la fluidité et la sécuritéd'accès aux applications web pour tous les utilisateurs, à toutmoment, en tout lieu ActivNetworks, Ultimate Web AcceleratorsDescription du produit phare pour 2009/2010 : BoostEdge - « The MagicBox », permet de compresser, accélérer et sécuriser les flux webGrâce à la technologie brevetée « Plug'n Activ' », BoostEdge est misen - SOLUTIONS D'OPTIMISATIONhttp://www.secuobs.com/revue/news/107946.shtmlhttp://www.secuobs.com/revue/news/107946.shtml 2009-06-10 11:46:35 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/107883.shtmlhttp://www.secuobs.com/revue/news/107883.shtml 2009-06-10 10:40:03 - Computer Security News : McAfee, Inc today outlined details of its network security strategy,providing enterprises with unmatched network security protection anddramatically lower operational costshttp://www.secuobs.com/revue/news/107871.shtmlhttp://www.secuobs.com/revue/news/107871.shtml 2009-06-10 10:15:51 - Bulletins et Alertes de Sécurité SECURINFOS.INFO : Une vulnérabilité a été rapportée dans HP OpenView Network Node Manager,qui pourrait être exploitée par des personnes malintentionnées pourcauser un Déni de Service DoS ou compromettre un système vulnérablehttp://www.secuobs.com/revue/news/107864.shtmlhttp://www.secuobs.com/revue/news/107864.shtml 2009-06-10 07:21:38 - StillSecure, After All These Years : Today StillSecure announced something that I have wanted for a long timeOur Safe Access NAC product can now use WSUS to remediatenon-compliant endpoints Prior to this it was possible to use WSUS butit was much more ofhttp://www.secuobs.com/revue/news/107840.shtmlhttp://www.secuobs.com/revue/news/107840.shtml 2009-06-10 07:18:18 - Network Security Blog : Rich was somewhere in the air over the Midwest today, which would havemade recording a podcast questionable at best So rather than take anychances with technology, we got a stand in for him in the form of ourvery own Security Curmudgeon, Jack Daniel I met Jack face to face forthe first http://www.secuobs.com/revue/news/107839.shtmlhttp://www.secuobs.com/revue/news/107839.shtml 2009-06-10 03:14:11 - Computer Security News : Mobile USA, the No 4 US mobile carrier, said it was investigating aclaim that somebody hacked into its computers, stealing reams ofconfidential datahttp://www.secuobs.com/revue/news/107786.shtmlhttp://www.secuobs.com/revue/news/107786.shtml 2009-06-09 23:39:17 - News : IBM will launch this month a social-networking site for its 100,000partners worldwide to let them exchange ideas, showcase theirexpertise and market focus, share best practices and collaborate ondealsread moreIMAGEhttp://www.secuobs.com/revue/news/107691.shtmlhttp://www.secuobs.com/revue/news/107691.shtml 2009-06-09 23:39:17 - News : Forget 24/7 availability: By 2013, telecommunications operators willdeliver at least 48 hours of Internet connectivity to their customers,every day of the week, according to a study by Cisco Systemsread moreIMAGEhttp://www.secuobs.com/revue/news/107690.shtmlhttp://www.secuobs.com/revue/news/107690.shtml 2009-06-09 19:51:33 - Rational Survivability : Those crafty Citrix chaps are at it again Last month I reported fromCitrix Synergy about discussions I had with Simon Crosby and Ian Prattabout the Citrix/Xen Openswitch which is Citrix’s answer to the CiscoNexus 1000v married to VMware’s vSphere Virtualizationcom thismorning reported that Vyatta — who describe themselves as the “opensource alternative Related posts:1 The Forthcoming Citrix/Xen/KVM Virtual Networking Stack…What DoesThis Mean to VMware/Cisco 1000v2 Quick Bit: Virtual et Cloud Networking - Where It ISN’T Going…3 Video Interview - Hoff et Crosby: Who Should Secure VirtualEnvironmentshttp://www.secuobs.com/revue/news/107595.shtmlhttp://www.secuobs.com/revue/news/107595.shtml 2009-06-09 19:49:30 - Network World on Security : T-Mobile confirmed on Tuesday that internal information posted on theInternet by hackers was stolen from its systems, but said it does notappear customer data is in jeopardyhttp://www.secuobs.com/revue/news/107590.shtmlhttp://www.secuobs.com/revue/news/107590.shtml 2009-06-09 19:43:47 - Biometrics Resource findBIOMETRICS.com : WAN Optimization Technology Bolsters Performance and Reliability ofBiometrichttp://www.secuobs.com/revue/news/107588.shtmlhttp://www.secuobs.com/revue/news/107588.shtml 2009-06-09 14:01:27 - Help Net Security News : DeviceAnywhere added the new Palm Pre phone to its network of 2000+feature phones and smartphones available over the DeviceAnywhereplatform and accessible by organizations seeking to develop and teshttp://www.secuobs.com/revue/news/107341.shtmlhttp://www.secuobs.com/revue/news/107341.shtml 2009-06-08 22:51:59 - Rootsecure.net : Network World: T-Mobile net reportedly hit by hacker/extortion attackhttp://www.secuobs.com/revue/news/107146.shtmlhttp://www.secuobs.com/revue/news/107146.shtml 2009-06-08 19:43:03 - SecurityTube.Net : Cracking APless WPA Protected Network Using Rogue AP Video TutorialIMAGEhttp://www.secuobs.com/revue/news/107019.shtmlhttp://www.secuobs.com/revue/news/107019.shtml 2009-06-08 18:32:45 - Computer Security News : McAfee is making a major play for the network security market with aunified security suite offering and improved firewall technology thatit hopes will make it an even competitor with Symantec and Ciscohttp://www.secuobs.com/revue/news/107004.shtmlhttp://www.secuobs.com/revue/news/107004.shtml 2009-06-08 18:22:37 - FSecure Antivirus Research Weblog : I've been testing our ISTP for several weeks now here in the LabThe more I that use our ISTP — the more I find to like — and I'm verymuch looking forward to this year's product releasesThis past weekend I tested some new ISTP features from home One thingI've never really had a need for is anti-spam for a POP mail accountI've been using webmail since 1997That's why I was curious to test our new Browsing protection ratingsfor webmail based links And I have to say, it does a pretty crediblejob so far I'm looking forward to it being in full productionHere's a sample screenshot using a malware domain list pulled frommalwaredomainscom, a useful blocklist site The red "X" icons showthe domains that our network reputation services already recognize asmaliciousISTP Browsing protectionNext I e-mailed myself some Facebook phishing linksISTP Browsing protectionThe fourth URL in my test isn't detected, so I clicked on the "" iconto report that particular linkISTP Browsing protectionThen all I needed to do was to select "It is harmful to use" and toclick on the OK buttonISTP Browsing protectionThat then submits information to be analyzed by our Network Reputationteam and their automationTo Jay-R and team — Keep up the good work This is a great serviceSigning off,SeanOn 08/06/09 At 03:12 PMhttp://www.secuobs.com/revue/news/107002.shtmlhttp://www.secuobs.com/revue/news/107002.shtml 2009-06-08 18:21:20 - eSecurity Planet News : An expert at a security industry confab says that to protect your networksecurity you must know your network really wellhttp://www.secuobs.com/revue/news/106998.shtmlhttp://www.secuobs.com/revue/news/106998.shtml 2009-06-08 17:38:11 - Mubix's Links : http://wwwgns3net/Probably the best way of getting hands on a Cisco without buying oneoff of eBay Tons of features and probably the only sim I’ve workedwith that has the complete feature set of the actual devicesProbably because you have to supply it with a real IOS fileIMAGEIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/106972.shtmlhttp://www.secuobs.com/revue/news/106972.shtml 2009-06-08 16:57:47 - Global Security Mag Online : Juniper Networks, Inc a présenté sa carte d'interface de routeurEthernet 100 Gigabit 100GE jamais proposée dans l'industrie, quiéquipera le routeur d'infrastructure T1600 L'augmentation rapide dutrafic — stimulée notamment par la vidéo, les services sans filavancés et de nouvelles tendances comme l'informatique en nuages — neva pas tarder à imposer aux réseaux d'infrastructure le passage à unenouvelle échelle, et, face à la plupart des interfaces proposéesaujourd'hui, la 100 GE est la mieux - Produitshttp://www.secuobs.com/revue/news/106950.shtmlhttp://www.secuobs.com/revue/news/106950.shtml 2009-06-08 16:57:47 - Global Security Mag Online : Palo Alto Networks annonce PAN-OS 30, la dernière version de sonOperating Système PAN-OS 30 comprend de nouvelles fonctionnalités,comme la QoS et l'intégration des clients VPN SSL Ces nouvellesfonctionnalités permettent en outre aux entreprises d'utiliser denouvelles applications tout en gérant les risques inhérents àl'utilisation de ces applicationsLes entreprises utilisent un éventail d'applications Internet, de plusen plus large pour des raisons culturelles ou professionnelles, dansle - Produitshttp://www.secuobs.com/revue/news/106948.shtmlhttp://www.secuobs.com/revue/news/106948.shtml 2009-06-08 16:14:06 - PenTestIT : Good news for the fans of NetworkMiner A new version is out These arethe functionalities added to the new version: NetworkMiner 088: *Support for the Cisco HDLC cHDLC layer 2 protocol * Support forLinux cooked captures a layer 2 packet format often generated bytcpdump * Support for IPv6 * Parsing of SSH only to extract http://www.secuobs.com/revue/news/106937.shtmlhttp://www.secuobs.com/revue/news/106937.shtml 2009-06-08 15:26:07 - Help Net Security News : McAfee outlined details of its network security strategy which integratesMcAfee’s complete network security suite, including network firewalls,intrusion prevention systems, Web and e-mail gateway sehttp://www.secuobs.com/revue/news/106921.shtmlhttp://www.secuobs.com/revue/news/106921.shtml 2009-06-08 15:25:12 - Dancho Danchev's Blog Mind Streams of Information Security Knowledge : IMAGEFollowing the GazTransitStroy/GazTranZitStroy gaztranzitstroyinforu;6715253241 coverage, the gang behind the bogus gas companydrilling for insecure PCs across the Web has returned to its roots -St Petersburg, Russia, with routing services courtesy of PIN-ASPetersburg Internet Network LLC AS44050 internet-spbru :"descr: Petersburg Internet Network LLCaddress: Sedova 80address: St-Petersburg, Russiae-mail: support@internet-spbruphone: +7 812 4483863fax-no: +7 812 4483863person: Metluk Nikolay Valeryevichaddress: korp 1a 40 Slavy ave,address: St-Petersburg, Russiae-mail: nm@internet-spbruphone: +7 812 4483863fax-no: +7 812 2683113PIN LLCSedova 80+7 812 4483863support@internet-spbruIMAGEMetluk Nikolay Valeryevichkorp 1a 40 Slavy ave,St-Petersburg, Russia+7 812 4483863nm@internet-spbruLadoha Anton Vladimirovichkorp 1a 40 Slavy ave,St Petersburg, Russia+7 812 4483863admin@internet-spbruStrukov Evgeny Olegovichkorp 1a 40 Slavy ave,St-Petersburg, Russia+7 812 4483863admin2@internet-spbruestrukov@pinspbruPrefixes 91212410/24; 9521500/22; 19411160/24;19411200/23; 19522400/23"IMAGEWhat's also worth pointing out that is a huge number of ofdomains operated by GazTransitStroy's customers, and, of course,GazTranzitStroy themselves not only traceroute back to PetersburgInternet Network LLC's network, but also, there's an evident migrationto the legitimate NETDIRECT-NET - 891492060 - 89149207255 -AS2875, as well as to CHINANET-SH CHINANET shanghai province network -2226400 - 22273255255IMAGECombined with the fact that EUROHOST-NET/Eurohost LLCeurohostbizua 91212650 - 9121265255 - AS48841 remain aninseparable part of GazTransitStroy's info, clearly indicates thepresence of a well known cybercrime powerhouse - the RBN itselfThe following domains crimeware, live exploits, scareware, you nameit they engage in it maintained by GazTranzitStroy have migrated asfollows From 912124196 to CHINANET-SH CHINANET shanghai provincenetwork - 2226400 - 22273255255:loshadinet comroselambda cnuse-sena cnpeopleopera cnforexsec cnsymphonygold cndreamlitediamond cnvilihood cnbookadorable cndrawingstyle cnhousedomainname cnroomsme cnvilasse cnworkfuse cnstakeshouse cnfinanceimprove cnlifenaming cntravetbeach cnschoolh cnrainfinish cnhousevisual cnkvkhousevisual cnxflnhousevisual cnworksean cnblogtransaction cnliteauction cnseamodern cnsmilecasino cnnewtransfer cnoceandealer cnpuboceandealer cnmusicdomainer cnwowregister cnwebsiteflower cntravets cndesignroots cnteamwows cnstartgetaways cnmoulitehat cncaxfmoulitehat cnislandtravet cnweekendtravet cnresorttravet cnlitefront cnpalaceyou cnyoubonusnew cnclubmillionswow cnrainjukebox cnxuyxuyxuy cnFrom 9121241114 to NETDIRECT-NET - 891492060 - 89149207255 -AS28753, interestingly, the DNS servers for the following domainsns1pubilcnameserver7com/ns1pubilcnameserver7com are diversifyingat 8914920756 and 9121241114:freeantivirusplus09 comrealantivirusplus09 comgetantivirusplus09 comsmartantivirusplus09 comaddedantivirusonline comaddedantivirusstore comaddedantiviruslive comaddedantiviruspro comcountedantiviruspro complusantiviruspro commyplusantiviruspro comaddedantivirus comyouraddedantivirus combestaddedantivirus comeasyaddedantivirus comyourcountedantivirus combestcountedantivirus comyourplusantivirus comeasyplusantivirus comyourguardonline cneasydefenseonline cnbestprotectiononline cnfreecoveronline cnatioqe cnyourguardstore cnmycheckdiseasestore cnexaminepoisonstore cnfreecoverstore cnmyexaminevirusstore cnbestexaminedisease cnyourfriskdisease cneasyfriskdisease cnfriskdiseaselive cnbestdefenselive cnbigprotectionlive cnbigcoverlive cnexamineillnesslive cnexodih cnsuxpymi cnaciazi cnyourfriskinfection cneasyserviceprotection cneasyincomeprotection cneasypersonalprotection cneasybestprotection cnmyascertainpoison cnyourguardpro cnrefugepro cnmycheckdiseasepro cnascertaindiseasepro cnyourcheckpoisonpro cneasycheckpoisonpro cnyourfriskviruspro cnmyascertainviruspro cnfegbywo cnfeptuaq cnmyexamineillness cnexousyt cnnewguard2u cnfreedefense2u cnbigdefense2u cnbestcover2u cnnewguard4u cnmydefense4u cnbestcover4u cnnewguard4you cnmydefense4you cnbestcover4you cnyourguardforyou cnnewguardforyou cnmyguardforyou cnfreedefenseforyou cnmydefenseforyou cnbestcoverforyou cnIMAGEThe ongoing affiliation with EUROHOST-NET/Eurohost LLC eurohostbizua91212650 - 9121265255 - AS48841, and the migration of domainsscareware, live exploits, crimeware etc as follows From9121241119 to 91212657 EUROHOST-NET/Eurohost LLC:nicdaheb cnsehmadac cnralcofic cnbikpakoc cnxidsasuc cnkoqsuyod cntozxiqud cnbowselaf cncuzlumif cnporgacig cnhifgejig cnrogkadej cnsipcojeq cnsilzefos cnpopyodiw cnhayboxiw cnpeskufex cnridmoyey cncakpapaz cnIMAGE What kind of an ISP be maintaining a permanent UnderConstruction page and engage in Zeus and live exploit servingactivities on the same IP as its web server EUROHOST-NET/Eurohost LLCis one of them:"person: Mikhail Ignatyevaddress: off 1, 81 Frunze str,phone: +38 093 079 00 32address: Evpatoria, Crimea, Ukrainee-mail: ipadmin@eurohostbizua"At eurohostbizua 91212655 we also have parked 123-serviceru,serving a deja-vu account suspended message - "This account has beensuspended Either the domain has been overused, or the reseller ranout of resources" as well as ramshanabcru, with another accountsuspended message despite its previous involvement in Zeus crimewarecampaigns in January, 2009 ramshanabc ru/ferrari/mainbin;ramshanabc ru/ferrari/mainbinBesides these domains, several others, again registered tokirilboltovnet@yandexru are known to have been maintaining runningZeus crimeware campaigns as well:grafjasqq ru/kiew/kiewcfgheliskamm ru/kiew5cfgmamaloki ru/dir2cfg489mamaloki ru/kiew3cfgnionalku ru/dir5cfgnionalku ru/kiew6cfgStill not convinced in how malicious their intentions really are Thephone number +7 928 7867612 used in the registrations of thesedomains was most recently used in a spammed Zeus crimeware campaignimpersonating Western UnionIMAGEIMAGE IMAGE IMAGE IMAGEIMAGE IMAGE IMAGEIMAGEhttp://www.secuobs.com/revue/news/106919.shtmlhttp://www.secuobs.com/revue/news/106919.shtml 2009-06-08 07:19:50 - PenTestIT : When you talk of a Network Scanner, most think of NMAP NMAP is greatWe do not deny the fact But, it is not as stealthier as HPING isAlso, NMAP can scan a range of IP addresses, while HPING can only portscan one individual IP address HPING has this ability to send onlyhttp://www.secuobs.com/revue/news/106853.shtmlhttp://www.secuobs.com/revue/news/106853.shtml 2009-06-08 07:12:04 - Malware Forge : One of my good friends over at jeekorg has put out a script he wrotebased off his jsunpack tool This script is very much like his tool onhttp://jsunpackjeekorg/dec/go, but is written in python and can beused to detect javascript exploits on the network Some of the newfeatures he mentions are:-Tracks streams and decodes Transfer and Content encodings of typeschunked and gzip-Completely passive: Don't need to worry about User-Agents, proxies,or other tricks that attackers use to prevent analysisread morehttp://www.secuobs.com/revue/news/106845.shtmlhttp://www.secuobs.com/revue/news/106845.shtml 2009-06-08 07:08:44 - Hack In The Box : From the Full Disclosure mailing list: Hello world, The US T-Mobilenetwork predominately uses the GSM/GPRS/EDGE 1900 MHz frequency-band,making it the largest 1900 MHz network in the United States Serviceis available in 98 of the 100 largest markets and 268 millionpotential customers Like Checkpoint Tmobile has been owned for sometime We have everything, their databases, confidental documents,scripts and programs from their servers, financial documents up to2009 We already contacted with their competitors and they didn't showinterest in buying their data -probably because the mails got to thewrong people- so now we are offering them for the highest bidderhttp://www.secuobs.com/revue/news/106831.shtmlhttp://www.secuobs.com/revue/news/106831.shtml 2009-06-08 02:01:56 - Security Database Tools Watch : A passive network sniffer/packet capturing tool for Windows NetworkMinercan detect OS's, hostnames, open ports, sessions and extract fileswithout putting any traffic on the network NetworkMiner can alsoparse PCAP files for offline forensic analysisNetworkMiner performs OS fingerprinting based on TCP SYN and SYN+ACKpacket by using OS fingerprinting databases from p0f by MichalZalewski and Ettercap by Alberto Ornaghi and Marco ValleriNetworkMiner can also perform OS - Security Tools / Data Mining,Network Monitoring, Forensics, NetworkMinerIMAGE IMAGE IMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/106754.shtmlhttp://www.secuobs.com/revue/news/106754.shtml 2009-06-07 21:40:38 - SecGuru : An introduction to the key tools and technologies used to securenetwork access* Examine common security vulnerabilities and the defenses used toprotect network resources* Learn about cryptography, including modern-day techniques like3DES, RSA, hashing, and the use of certificates* Learn how to design, adopt, and enforce security policies* Evaluate the nuances of secure network design* Secure HTTP traffic by hardening operating systems, servers, andbrowsers* Protect routers through administrative access policies andservices* Understand what firewalls do and how to implement them to maximumeffect* Inspect and monitor network activity with IDS* Utilize VPNs for secure remote access* Learn about PKI technologies* Examine secure wireless design techniques* Use logging and auditing tools, such as syslog, SNMP, RMON, andSAA, to manage network trafficCompanies have long been struggling with threats from the hackingcommunity Keeping pace with the rapid evolution of securitytechnology and the growing complexity of threats is a challenge evenin the best of times The increased focus on security has sent ITmanagers and engineers scrambling to acquire the proper expertise toimplement complex, multilayered solutions Network SecurityFundamentals introduces the topic of network security in aneasy-to-understand and comprehensive manner This book is designed toprovide a fundamental understanding of the various components of anetwork security architecture and to demonstrate how each componentcan be implemented to achieve best results The book usesstraightforward language to introduce topics and to show the features,mechanics, and functionality of various network security devices Aseries of case studies helps illuminate concepts and shows how you canapply the concepts to solve real-world problems Divided into fourparts, Network Security Fundamentals takes you on a tour of all theessential technologies and modern defenses at your disposal to helpyou maintain network uptime and data integrity Part I covers thebasics, introducing terms and concepts and laying the foundation of asolid security structure The discussion focuses on weaknesses andvulnerabilities along with an overview of the traditional defensesused to thwart attacks Part II examines two components ofsecurity-cryptography and security policies Part III looks at thevarious security components Separate chapters cover web security,router security, firewalls, intrusion detection systems IDS, remoteaccess security, virtual private networks VPN, Public KeyInfrastructure PKI, wireless security, and logging and auditingEach chapter in this section is a self-contained tutorial, allowingyou to skip to those topics of greatest interest or primary concernPart IV includes several reference appendixes, including the CiscoSAFE Blueprint, NSA guidelines, and SANS policies Whether you arelooking for an introduction to network security principles andpractices or a security configuration reference, this book providesyou with the invaluable insight you need to protect valuable companyresourcesIMAGEIMAGEIMAGE IMAGE IMAGE IMAGE IMAGEIMAGEhttp://www.secuobs.com/revue/news/106727.shtmlhttp://www.secuobs.com/revue/news/106727.shtml 2009-06-07 21:15:30 - Global Security Mag Online : Créée en 2003 en Californie, Consentry Networks s'est fixé pour objectifde sécuriser le réseau LAN En pleine crise financière cette société alevé 80M$ dont 10M$ en décembre 2008 Pour Ismet Geri, directeur EMEAConsentry Networks cette réussite est du au fait que l'offre de sonentreprise répond aux besoins des entreprises, mais aussi que sessolutions se caractérisent par la simplicité et la facilitéd'utilisationGSM : Pouvez-vous nous présenter votre entreprise Ismet Geri : Consentry - Interviews / affiche_gauchehttp://www.secuobs.com/revue/news/106720.shtmlhttp://www.secuobs.com/revue/news/106720.shtml 2009-06-07 17:44:46 - PenTestIT : Okay Don’t confuse yourselves with the PEiD et nPEiD It is not a toolby the same people Though, it can be used to perform similar tasks ona whole new level Consider that you are watching a live file transferin progress on the wire You want to verify if it has been packedhttp://www.secuobs.com/revue/news/106695.shtmlhttp://www.secuobs.com/revue/news/106695.shtml 2009-06-07 07:50:44 - SecGuru : Ethereal is the #2 most popular open source security tool used bysystem administrators and security professionals This all new bookbuilds on the success of Syngress' best-selling book Ethereal PacketSniffingThis book provides complete information and step-by-stepInstructions for analyzing protocols and network traffic on Windows,Unix or Mac OS X networks First, readers will learn about the typesof sniffers available today and see the benefits of using EtherealReaders will then learn to install Ethereal in multiple environmentsincluding Windows, Unix and Mac OS X as well as building Ethereal fromsource and will also be guided through Ethereal's graphical userinterface The following sections will teach readers to usecommand-line options of Ethereal as well as using Tethereal to capturelive packets from the wire or to read saved capture files Thissection also details how to import and export files between Etherealand WinDump, Snort, Snoop, Microsoft Network Monitor, and EtherPeekThe book then teaches the reader to master advanced tasks such ascreating sub-trees, displaying bitfields in a graphical view, trackingrequests and reply packet pairs as well as exclusive coverage of MATE,Ethereal's brand new configurable upper level analysis engine Thefinal section to the book teaches readers to enable Ethereal to readnew Data sources, program their own protocol dissectors, and to createand customize Ethereal reports Ethereal is the #2 most popular opensource security tool, according to a recent study conducted byinsecureorgSyngress' first Ethereal book has consistently been one ofthe best selling security books for the past 2 yearsThe companion Website for the book provides readers with dozens of open source securitytools and working scriptsIMAGEIMAGEIMAGE IMAGE IMAGE IMAGE IMAGEIMAGEhttp://www.secuobs.com/revue/news/106654.shtmlhttp://www.secuobs.com/revue/news/106654.shtml 2009-06-07 07:50:44 - SecGuru : If you're preparing for the new CompTIA 2006 certification in A+, orthe current Network+ and Security+ certifications, you'll find thisbook invaluable It provides all the information you need to get readyfor these exams, including the four new A+ exams -- the requiredEssentials exam and three elective exams that pertain to your area ofspecialization As with other O'Reilly Nutshell books forcertification exams, A+, Network+ and Security + in a Nutshell followsa proven style and approach It reviews all of the topics needed tomaster each exam in a remarkably concise format, with requiredknowledge boiled down to the core Instead of plowing through 500 to700 pages to prepare for each exam, this book covers each one inapproximately 150 pages And because the objectives for the threeelective A+ exams are redundant, and the book covers them in onesection The exams covered include:* A+ Essentials: Required for A+ 2006 certification* EXAM 220-602: For the A+ IT Technician specialization* EXAM 220-603: For the A+ Remote Support Technician specialization* EXAM 220-604: For the A+ IT Depot specialization* EXAM N10-003: For Network+ Certification* EXAM SYO-101: For Security+ CertificationEach exam is covered in three parts: Exam Overview, Study Guide andPrep and Practice Plenty of detailed tables and screen shots areincluded, along with study notes and practice questions Once you havecompleted the exams successfully, you will find this all-in-one bookto be a valuable reference to core administration and security skillsIMAGEIMAGEIMAGE IMAGE IMAGE IMAGE IMAGEIMAGEhttp://www.secuobs.com/revue/news/106647.shtmlhttp://www.secuobs.com/revue/news/106647.shtml 2009-06-07 05:29:25 - SecGuru : Malicious code is a set of instructions that runs on your computer andmakes your system do something that you do not want it to do Forexample, it can delete sensitive configuration files from your harddrive, rendering your computer completely inoperable; infect yourcomputer and use it as a jumping-off point to spread to all of yourbuddies' computers; and steal files from your machine Malicious codein the hands of a crafty attacker is indeed powerful It's becomingeven more of a problem because many of the very same factors fuelingthe evolution of the computer industry are making our systems evenmore vulnerable to malicious code Specifically, malicious codewriters benefit from the trends toward mixing static data andexecutable instructions, increasingly homogenous computingenvironments, unprecedented connectivity, an ever-larger clueless userbase, and an unfriendly world Skoudis addressed malicious code injust one chapter of his previous book Here, a dozen chapters focus onone of the most interesting and rapidly developing areas of computerattacks*Chapter 11, "Defender's Toolbox," rolls together thedefensive strategies described in the bookAs a bonus, Skoudis givesrecipes for creating your own malicious code analysis laboratory usingcheap hardware and softwareIMAGEIMAGEIMAGE IMAGE IMAGE IMAGE IMAGEIMAGEhttp://www.secuobs.com/revue/news/106636.shtmlhttp://www.secuobs.com/revue/news/106636.shtml 2009-06-06 22:31:50 - Slashdot Your Rights Online : DAMN MY LIFE writes "I'm going to Central Michigan University in thefall Upon examination of their poorly organized network usagepolicies, I'm worried that using their internet service will expose myweb browsing habits, emails, and most importantly, passwords Anotherconcern I have is the "Client Security Agent" that students arerequired to install and leave on their systems to use the networkThrough this application, the IT department scans everyone's computerfor what they claim are network security purposes Of course, scanninga person's hard drive can turn up all kinds of things that arepersonal Do all colleges have such extreme measures in place Isthere any way that I can avoid this There are no wireless broadbandproviders available in the area, I already checked"IMAGERead more of this story at SlashdotIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/106586.shtmlhttp://www.secuobs.com/revue/news/106586.shtml 2009-06-06 17:32:47 - SecurityTube.Net : Backtrack Series 2 Cracking Clientless WEP Protected Network Using ARPPacket Replay Video TutorialIMAGEhttp://www.secuobs.com/revue/news/106535.shtmlhttp://www.secuobs.com/revue/news/106535.shtml 2009-06-06 17:32:47 - SecurityTube.Net : Backtrack Series 3 Cracking Clientless WEP Protected Network Using ChopChop Attack Video TutorialIMAGEhttp://www.secuobs.com/revue/news/106534.shtmlhttp://www.secuobs.com/revue/news/106534.shtml 2009-06-06 17:32:47 - SecurityTube.Net : Backtrack Series 4 Cracking Clientless WEP Protected Network UsingFragmentation Attack Video TutorialIMAGEhttp://www.secuobs.com/revue/news/106533.shtmlhttp://www.secuobs.com/revue/news/106533.shtml 2009-06-06 17:32:47 - SecurityTube.Net : Backtrack Series 5 Cracking WPA Protected Network Using ASCII DictionaryAttack Video TutorialIMAGEhttp://www.secuobs.com/revue/news/106532.shtmlhttp://www.secuobs.com/revue/news/106532.shtml 2009-06-06 17:32:47 - SecurityTube.Net : Backtrack Series 6 Cracking WPA Protected Network Using Precomputed WPAKeys Database Attack Video TutorialIMAGEhttp://www.secuobs.com/revue/news/106531.shtmlhttp://www.secuobs.com/revue/news/106531.shtml 2009-06-06 17:32:47 - SecurityTube.Net : Backtrack Series 7 Cracking APless WEP Protected Network Using HirteAttack Video TutorialIMAGEhttp://www.secuobs.com/revue/news/106530.shtmlhttp://www.secuobs.com/revue/news/106530.shtml 2009-06-06 17:32:47 - SecurityTube.Net : Backtrack Series 8 Cracking APless WEP Protected Network Using CaffeLatte Video TutorialIMAGEhttp://www.secuobs.com/revue/news/106529.shtmlhttp://www.secuobs.com/revue/news/106529.shtml 2009-06-06 11:25:36 - Evilcodecave's Weblog : Hi, The ability to detect Suspicious or Malicious Binaries on a networkstream is one of the fundamental Risk Mitigation technique, only byknowing what flows in a traffic stream can allow the best efficientcountermeasure Here nPEiD Network PEiD which allows you to detectbinary packers into a network streamhttp://wwwmalforgecom/npeid/npeidzip http://www.secuobs.com/revue/news/106495.shtmlhttp://www.secuobs.com/revue/news/106495.shtml 2009-06-06 04:10:33 - Hack In The Box : Infamous hacker Kevin Mitnick earned his reputation—and jail time—notfor his technical prowess, but rather his ability to find soft targetsin his target organizations and silver tongue in plying them forinformation that allowed him to access systems The technique is knownas “social engineering” Nothing new to report here, and it’s abit passé to even talk about social engineering as a threat given theproliferation of malware, spam, mass phishing, botnets and advancedhacking techniques However, Aaron Higbee, a managing partner andco-founder of the Intrepidus Group, says social engineering is aliveand well, and probably remains the most effective hacking technique“Attackers are bypassing all the layers of security and going afterthe soft targets, the humans, with targeted spear-phishing and it’svery effective,” Higbee sayshttp://www.secuobs.com/revue/news/106468.shtmlhttp://www.secuobs.com/revue/news/106468.shtml 2009-06-06 00:35:21 - 4sysops : ClearApps Network Inventory Advisor 35 is here New: SNMP support,User-defined fields, Command-line interface Microsoft’s Bing OvertakesYahoo For Now, Report Says Impressive Disaster Recovery for Hyper-VPart 1 Windows 7 Application Compatibility: Your Questions AnsweredPart 1 - Springboard Series Virtual Roundtable Copyright ©2006-2009, 4sysops, Digital fingerprint:3db371642e7c3f4fe3ee9d5cf7666eb0http://www.secuobs.com/revue/news/106412.shtmlhttp://www.secuobs.com/revue/news/106412.shtml 2009-06-05 20:07:25 - News : Forget spam, viruses, worms, malware and phishing These threats areapparently old school when compared to a new class ofdenial-of-service DOS attacks that threaten wireless data networksread moreIMAGEhttp://www.secuobs.com/revue/news/106320.shtmlhttp://www.secuobs.com/revue/news/106320.shtml 2009-06-05 15:15:48 - Security : If you haven’t got your applications’ health, then you haven’t gotanythingallergensIf you happen to be unlucky enough to suffer from Celiacdisease - gluten intolerance wheat, barley, oats, rye - then youknow how important it is to keep gluten out of your diet If you don’tknow let’s just say that you have to keep even trace amounts of glutenout of your diet lest you suffer the consequences, which can bedifferent from person to person, but none are pleasantYou feed off food; applications feed off requests and responses Likethose who suffer from gluten intolerance, applications are sensitive,too, and need a pure diet free of “bad stuff” – including maliciouscontent, malware, and illegitimate requests that attempt to infiltrateyour network for nefarious purposesLike those learning to adopt a gluten-free diet, you need to be evervigilant for not only the obvious sources of “bad stuff” but thehidden ones, too This takes time and effort and requires readingevery label Obviously this increases the total time it takes to doyour grocery shopping but it’s totally worth the peace of mind thatcomes from knowing you aren’t subjecting your health to something thatwould jeopardize it---------------------------------------------------------------------ARE YOU A HIDDEN SOURCE OF TOXINS---------------------------------------------------------------------Like gluten that sneaks into the diet you may not know when “dirty”content has snuck into your applications Unlike gluten, which affectsonly the intolerant person’s health, dirty content in application datacan spread and infect other applications – and clients Unless clientsare able to track down the source of the contamination you may notfigure out for months that you’re that source And unlike sources ofgluten attackers are intelligent They specifically target websitesand web applications with the intention of spreading their particularbrand of unhealthy data to others in the hopes that they’ll score bigOne of the most interesting tidbits often offered by Jeremiah Grossmanis not that attacks are increasing but that the target of the attackshas slowly morphed from your systems to your users Attackers arestill trying to leverage your systems but rather than treat them asthe target they are merely a vehicle, a distribution point throughwhich malicious code and scripts can be forced upon unsuspectingusers The intended use of your systems is to inevitably gain accessto juicy data that can result in identity theft or compromisedfinancial accounts of various types And it’s working, according tomost reports Consider that identity theft is a growing problem:According to the Federal Trade Commission, the number of identitytheft reports filed from the Shoals area to the FTC increased morethan 45 percent from 2007 to 2008And then further consider how you – and your applications – may or maynot be contributing to the problem Like third-party manufacturers ofspices and “flavorings” your applications may be indirectlyresponsible for poisoning the health of of clients If yourapplications have been contaminated you may be an unwitting partner inthe most widespread crime spree of the decade: the spread of maliciouscode via web applicationsConsider, too, the business costs to you of not only potentially beinga party to aiding identity theft but in being a victim of it as wellIf someone purchases your goods or services illegitimately, well,you’re going to lose it in the end because it wasn’t legit40% of business costs for individual cases of identity theftexceed $15,000 The Aberdeen Group has estimated that $221 billiona year is lost by businesses worldwide due to identity theftIf you aren’t doing everything you possibly can to prevent it then youjust aren’t doing everything possible to protect your customers andusers from the toxicity of tainted data And considering the potentialloss of business revenue to you from such events wouldn’t it be niceif other businesses enabled the same protections on theirapplications---------------------------------------------------------------------TIME OR HEALTH---------------------------------------------------------------------Like reading labels, inspecting requests and responses as they areflowing through the system takes time It delays the time it takes fora request to be fulfilled but in the end it’s totally worth it becausethe end result is peace of mind knowing that the data is free of “badstuff” that can harm the health of your applicationsWhether it’s DLP Data Leak Prevention through outbound contentinspection or inbound inspection of requests that potentially carrymalicious code it behooves every security professional to understandthe potential ramifications of allowing sensitive data to leave thecorporate network – or malicious data to enter itYes, thorough content inspection takes time – just like it takes timefor gluten sensitive individuals to thoroughly read labels – but doyou really have a choice other than potentially poisoning your ownapplications or your users/customers with contaminated data Theaddition of a few microseconds – even one full second – is likely notworth the riskWhether it’s via a web application firewall, DLP specific solutions,or a programmable platform capable of bi-directional contentinspection, it’s should be a regular part of every organization’ssecurity strategy to enforce inspection of content – inbound and out –on every web application for which you are responsible This isparticularly true for Web 20 applications where user-generatedcontent is king User-generated content increases the risk of attackas well as the potential for contamination and should always be viewedsuspiciouslyAnything else is just risking your applications’ health And if youhaven’t got your applications’ health, you haven’t got anythingFollow me on Twitter IMAGEView Lori's profile on SlideShareIMAGEIMAGE IMAGEfriendfeedicon_facebook AddThis Feed ButtonBookmark and ShareTechnorati Tags: MacVittie,security,risk,identity theft,contentinspection,web application firewall,web application security,Web 20,maliciousdata,DLP,data leak prevention,application delivery,gluten,toxin,poison,web,internet,blog,TwitterRelated blogs et articles:* Beware Using Internal Encryption as an IT Security Blanket* The Real Meaning of Cloud Security Revealed* Would you risk $31,000 for milliseconds of application responsetime* What IT Security can learn from a restroom sign* The Web 20 Botnet: Twisting Twitter and Automated Collaboration* Hackers tweet, Infect Twitter users with scareware* “Beladen” website compromises cropping up* Twitter Users Victims of Two-Phase Attack: ScreencastIMAGEhttp://www.secuobs.com/revue/news/106200.shtmlhttp://www.secuobs.com/revue/news/106200.shtml 2009-06-05 06:10:35 - Security for the Masses : The Federal Trade Commission issued takedown orders for this ISPinvestigating it and finding little legal content on the sites ithosted A quote from the FTC:"Pricewert hosts very little legitimate content and vast quantities ofillegal, malicious, and harmful content, including child pornography,botnet command and control servers, spyware, viruses, trojans,phishing related sites, illegal online pharmacies, investment andother Web-based scams, and pornography featuring violence, bestiality,and incest," the FTC saidIncredibly a botmaster, controlling 200,000 bots gets tech supportfrom the head programmer, who complains how much work it will beRead a good article at SecurityFixIMAGEhttp://www.secuobs.com/revue/news/106107.shtmlhttp://www.secuobs.com/revue/news/106107.shtml 2009-06-05 03:52:10 - Hack In The Box : A step-by-step guide to protecting your network against home wirelesshackers and educating employees on the safe use of wireless homenetworks Today, as the lines between home and business computingcontinue to blur, even enterprise IT administrators need to beconcerned with their employees’ security practices on their homewireless networks The last thing you want is for a hacker tocompromise an employee’s computer via an under-secured home wirelessconnection, and then quickly and efficiently travel down that handyremote user VPN tunnel straight into your business’s networkhttp://www.secuobs.com/revue/news/106072.shtmlhttp://www.secuobs.com/revue/news/106072.shtml 2009-06-05 00:42:43 - Rootsecure.net : Network World: Cybercriminals refine data-sniffing software for ATM fraud"The malware, which steals PINs and card data, works on ATMs runningWindows XP"http://www.secuobs.com/revue/news/106014.shtmlhttp://www.secuobs.com/revue/news/106014.shtml 2009-06-04 16:39:25 - ReverseConnection : Section: Web, Websites According to the researching firm Nielsen Online,the United States has experienced an 83 percent leap in the number oftime spent on social networking websites No big surprise thatFacebook experienced one of the biggest leaps, with over 700 percentgrowth in just a year Figures should that users spent close http://www.secuobs.com/revue/news/105793.shtmlhttp://www.secuobs.com/revue/news/105793.shtml 2009-06-03 20:10:58 - News : Colleges give themselves modest marks in network security and fearmalware the most among a long list of potential threats, according toa survey of university technology executivesread moreIMAGEhttp://www.secuobs.com/revue/news/105500.shtmlhttp://www.secuobs.com/revue/news/105500.shtml 2009-06-03 20:10:23 - Help Net Security News : The arrival of what appears to be the first scareware distribution attackon the Twitter microblogging service at the weekend, signals the factthat firms need to think very hard before allowing staffhttp://www.secuobs.com/revue/news/105491.shtmlhttp://www.secuobs.com/revue/news/105491.shtml