http://www.secuobs.com Observatoire de la securite Internet fr webmaster@secuobs.com 2010-03-20 16:12:19 - Rootsecure.net : H Security LiMux project management, We were nave http://www.secuobs.com/revue/news/203679.shtmlhttp://www.secuobs.com/revue/news/203679.shtml 2010-03-20 16:12:19 - Rootsecure.net : Krebs On Security Naming and Shaming Bad ISPs http://www.secuobs.com/revue/news/203676.shtmlhttp://www.secuobs.com/revue/news/203676.shtml 2010-03-20 16:02:55 - Exploit DB updates : http://www.secuobs.com/revue/news/203664.shtmlhttp://www.secuobs.com/revue/news/203664.shtml 2010-03-20 06:15:00 - Security Bloggers Network : Risk mitigation is about making an assessment more or less objectively of circumstances that might determine an impact Perception of risk is an important factor to determine on how we react to risks either proactively or reactively Perception can be http://www.secuobs.com/revue/news/203634.shtmlhttp://www.secuobs.com/revue/news/203634.shtml 2010-03-20 04:29:41 - Packet Storm Security Headlines : http://www.secuobs.com/revue/news/203619.shtmlhttp://www.secuobs.com/revue/news/203619.shtml 2010-03-20 00:14:31 - eSecurity Planet Features : Landmark Internet security legislation returns with 'kill switch' provision dropped and scales back the potential privacy incursions outlined in the original version http://www.secuobs.com/revue/news/203555.shtmlhttp://www.secuobs.com/revue/news/203555.shtml 2010-03-19 22:43:48 - Security Bloggers Network : It s that time again to take another poll If your concerned about users accessing Social Network Sites like Facebook, Twitter and many others Please choose the answer that is most appropriate and then leave a comment as to why your concerned Comments could be I m very concerned company information could be leaked out Related Posts Security Poll http://www.secuobs.com/revue/news/203527.shtmlhttp://www.secuobs.com/revue/news/203527.shtml 2010-03-19 22:33:36 - PenTestIT : Finally Mr Michal Zalewski is out with Skipfish We respect Mr Zalewski a lot for his knowledge about web application security As of now, we are installing skipfish and testing it in our networks, but pardon the lack of Sun here in India It is about 1 AM in the morning and we will get IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE http://www.secuobs.com/revue/news/203521.shtmlhttp://www.secuobs.com/revue/news/203521.shtml 2010-03-19 22:32:40 - MX Logic Security News : The amount of information available on a person's Facebook profile page makes the popular social networking site more dangerous than other popular competitors such as Twitter, according to AVG Technologies Identity theft is the primary threat posed to web security through social networking websites Phishing attacks and other methods meant to target login information often result in further password theft Phishing attacks on Twitter have become easy to spot for most seasoned users, but new users or those ignorant of malware still struggle However, because shortened links are also used on Facebook now, users of that network must be aware of the phishing attacks as well as discrete in putting contact information on their page Even listing a cell phone number can lead to a web security breach Text spam sent to a phone can result in a malicious link or potentially dangerous download To curtail the negative effect of shortened links on its site, Twitter recently announced it will automatically scan all links posted to its site for potential malware Facebook's responsibility to its users' web security has come into question recently as the company has not responded to questions relating to scareware on its siteADNFCR-1765-ID-19680159-ADNFCR http://www.secuobs.com/revue/news/203520.shtmlhttp://www.secuobs.com/revue/news/203520.shtml 2010-03-19 21:33:47 - threatpost The First Stop for Security News : Google has released its own Web application security scanner, called Skipfish The free scanner is designed to work within a variety of existing Web application frameworks and is built with an emphasis on speed and low false-positives, the company said Shorten URL http threatpostcom en_us Oix Click to copy to clipboard or post to Twitter http://www.secuobs.com/revue/news/203504.shtmlhttp://www.secuobs.com/revue/news/203504.shtml 2010-03-19 21:06:33 - Security Shell : A fully automated, active web application security reconnaissance tool Skipfish is an active web application security reconnaissance tool It prepares an interactive sitemap for the targeted site by carrying out a recursive crawl and dictionary-based probes The resulting map is then annotated with the output from a number of active but hopefully non-disruptive security checks The final report generated by the tool is meant to serve as a foundation for professional web application security assessments More info and download http codegooglecom p skipfish http://www.secuobs.com/revue/news/203502.shtmlhttp://www.secuobs.com/revue/news/203502.shtml 2010-03-19 19:01:49 - Security Bloggers Network : Six months ago, two bills regarding cybersecurity were introduced in the US senate and a lot of people objected to the possibility that the bills would allow the US president to shut down the Internet in case of a cyber emergency Read the rest of the article from the guys at Help Net Security Related Posts IT firm http://www.secuobs.com/revue/news/203470.shtmlhttp://www.secuobs.com/revue/news/203470.shtml 2010-03-19 18:51:00 - Optimal Security : IMAGE Lumension talks security with Charles Kolodgy of IDC at RSA about the evolution in endpoint management and security and what role new and emerging technologies will play in managing risk Also, future predictions and trends http://www.secuobs.com/revue/news/203460.shtmlhttp://www.secuobs.com/revue/news/203460.shtml 2010-03-19 18:33:09 - LinuxSecurity.com Latest News : LinuxSecuritycom Lawmakers on Wednesday introduced in the US Senate a revised draft of the Cybersecurity Act, striking out a controversial clause that would have given the president power to shut down the internet http://www.secuobs.com/revue/news/203452.shtmlhttp://www.secuobs.com/revue/news/203452.shtml 2010-03-19 18:33:09 - LinuxSecurity.com Latest News : LinuxSecuritycom The Drupal team has just released a whole heap of security advisories Drupal's Email Input Filter, Keys and Tag Order modules all contain security vulnerabilities Updated versions, in which the problems are fixed, are now available Only Email Input Filter and Tag Order for Drupal 5 and 6 and Keys for Drupal 6 are affected http://www.secuobs.com/revue/news/203451.shtmlhttp://www.secuobs.com/revue/news/203451.shtml 2010-03-19 17:37:23 - Security Bloggers Network : Corporate email server is giving me attitude But, the Blackberry is getting email without an issue It must be Friday What s that It is Capital Have a great one folks cheers, Dave Click here to subscribe to Liquidmatrix Security Digest And now, the news F king With Foursquare Goes MSF Style Carnal 0wnage Security Conferences vs Critical Infrastructure Conferences Jagersec http://www.secuobs.com/revue/news/203435.shtmlhttp://www.secuobs.com/revue/news/203435.shtml 2010-03-19 17:35:55 - Help Net Security News : Six months ago, two bills regarding cybersecurity were introduced in the US senate and a lot of people objected to the possibility that the bills would allow the US president to shut down the Internet http://www.secuobs.com/revue/news/203430.shtmlhttp://www.secuobs.com/revue/news/203430.shtml 2010-03-19 16:26:11 - PenTestIT : Today, we have this post from the Alik Levin s Blog by Mr Alik Levin Automating Code Review for Common ASPNET Performance Security Anti-Patterns is a post by the author that lets us automate code review when searching MSIL for common performance and security anti-patterns Very useful while your occasional malware analysis trips The author has done IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE http://www.secuobs.com/revue/news/203407.shtmlhttp://www.secuobs.com/revue/news/203407.shtml 2010-03-19 15:23:19 - securitystream.info : The Senate Wednesday re-introduced a cybersecurity bill it considered last year, minus a provision that would have allowed the president to shut down the Internet in the event of a major cyber attack Related posts 1 Cybersecurity bill to give president new emergency powers 2 Revised cybersecurity bill introduced in Senate 3 House Passes Cybersecurity Bill http://www.secuobs.com/revue/news/203392.shtmlhttp://www.secuobs.com/revue/news/203392.shtml 2010-03-19 14:53:38 - атсн²² in sесuяitу : After looking over the slidedeck from Michael theprez98 Schearer s Blackhat Webcast, I decided like a lot of people I m sure to have a quick look at what Firefox add-ons were available to make penetration testing using the browser a little easier My portable Firefox edition already has a number of extensions installed for the usual stuff Things like FoxyProxy, Web http://www.secuobs.com/revue/news/203382.shtmlhttp://www.secuobs.com/revue/news/203382.shtml 2010-03-19 13:56:34 - Schneier on Security : Interesting research Psychologist Jeremy Ginges and his colleagues identified this backfire effect in studies of the Israeli-Palestinian conflict in 2007 They interviewed both Israelis and Palestinians who possessed sacred values toward key issues such as ownership over disputed territories like the West Bank or the right of Palestinian refugees to return to villages they were forced to leave these people viewed IMAGE http://www.secuobs.com/revue/news/203373.shtmlhttp://www.secuobs.com/revue/news/203373.shtml 2010-03-19 13:50:50 - Office of Inadequate Security : Bill Cotterell reports from Florida A lawmaker Thursday demanded to know how a 248-million personnel contract got renewed with a Convergys operation recently sold to a British firm The Department of Management Services assured Sen David Aronberg that security of state employee data, and operation of Tallahassee and Jacksonville service centers, will continue unchanged Aronberg, D-Greenacres, said he http://www.secuobs.com/revue/news/203369.shtmlhttp://www.secuobs.com/revue/news/203369.shtml 2010-03-19 13:44:53 - Ivan Ristić : Last night, during the recording of an OWASP Podcast episode, Jim Manico asked me what the state of ModSecurity was The question was so simple and straightforward, yet it remained with me for long after the recording Indeed, what is http://www.secuobs.com/revue/news/203367.shtmlhttp://www.secuobs.com/revue/news/203367.shtml 2010-03-19 13:39:59 - SecurityPark.net : Security guards and door supervisors trained by Canterbury-based Mission Training are being equipped with RedWeb Security's Offender ID spray to deter troublemakers from attacking them or other shoppers, pub and club goers, or passers-by Mission Training is training security personnel to use RedWeb's Offender ID - a portable spray that 'tags' an offender so that they can be identified even if more http://www.secuobs.com/revue/news/203365.shtmlhttp://www.secuobs.com/revue/news/203365.shtml 2010-03-19 11:27:24 - Computer Security News : The Senate Wednesday re-introduced a cybersecurity bill it considered last year, minus a provision that would have allowed the president to shut down the Internet in the event of a major cyber attack http://www.secuobs.com/revue/news/203348.shtmlhttp://www.secuobs.com/revue/news/203348.shtml 2010-03-19 10:30:38 - Network World on Security : The rapidly evolving information technology threat landscape means enterprises are now demanding tailored security solutions across physical, cloud computing and virtualised environments, according to IT risk and compliance specialists Trend Micro http://www.secuobs.com/revue/news/203338.shtmlhttp://www.secuobs.com/revue/news/203338.shtml 2010-03-19 09:56:24 - securitystream.info : Posted by InfoSec News on Mar 18 http www2hickoryrecordcom content 2010 mar 18 furniture-company-targeted news By Richard Gould Hickory Daily Record March 18, 2010 It only took 12 hours for a hacker to run up 45,582 in telephone charges for a local furniture company More than 10,000 minutes of phone calls were made from the phones at Sherrill Furniture on Highland Ave NE from 9 pm on Friday, March 5 to 9 am the following day The company reported the security Related posts 1 Protecting Your Smartphone From Hackers 2 Hacker charges 43, 000 in calls to Buffalo Grove firm s phone 3 Heartland Breach Colorado Bank Reports New Fraud http://www.secuobs.com/revue/news/203333.shtmlhttp://www.secuobs.com/revue/news/203333.shtml 2010-03-19 08:17:15 - ISN InfoSec News Mailing List : InfoSec News 45, 582 telephone bill Furniture company's security breach traced back to Somalia http www2hickoryrecordcom content 2010 mar 18 furniture-company-targeted news By Richard Gould Hickory Daily Record March 18, 2010 It only took 12 hours for a hacker to run up 45,582 in telephone charges for a local furniture company More than 10,000 minutes of phone calls were made from the phones at Sherrill Furniture on Highland Ave NE from 9 pm on Friday, March 5 to 9 am the following day The company reported the security breach to police Tuesday and the preliminary investigation revealed that the phone calls originated in Somalia Investigators know that calls were made to Austria, Bulgaria, France, Korea, and the Philippines We're not sure why the calls were made, said Capt Thurman Whisnant of the Hickory Police Department http://www.secuobs.com/revue/news/203315.shtmlhttp://www.secuobs.com/revue/news/203315.shtml 2010-03-19 06:44:44 - DarkReading All Stories : Chief exec no longer has unilateral power to disconnect networks from the Internet in the event of a major cyberattack http://www.secuobs.com/revue/news/203304.shtmlhttp://www.secuobs.com/revue/news/203304.shtml 2010-03-19 06:44:44 - DarkReading All Stories : Without proof that strong passwords and Website certificates actually keep them safe, it's no wonder end users ignore security advice, experts say http://www.secuobs.com/revue/news/203303.shtmlhttp://www.secuobs.com/revue/news/203303.shtml 2010-03-19 03:43:18 - Security Bloggers Network : Intel raised the bar in the processing game when this Tuesday they announced the release of the first 32nm processors The big selling point here, according to the vendor, is the security aspects From The Taiwan Economic Times According to world s No1 chipmaker, the new processors are the industry s first 32nm enterprise-grade devices integrating security capabilities that http://www.secuobs.com/revue/news/203245.shtmlhttp://www.secuobs.com/revue/news/203245.shtml 2010-03-19 01:55:46 - Hack In The Box : A WEB security loophole allowing hackers to access the personal details of thousands of rail passengers has been closed after it was uncovered by a newspaper The SNCF has been aware of the flaw since June 2008, according to Le Canard Enchainà , which received a leaked internal memo from then warning of a possible misuse of customer data A hacker showed how easy it was to access the name, address, telephone number and date of birth of customers registered on wwwvoyages-sncfcom - all that was needed was one person's railcard number The Canard says this data is very valuable - fetching between â 8 and â 20 per person when sold on to other companies for marketing purposes http://www.secuobs.com/revue/news/203213.shtmlhttp://www.secuobs.com/revue/news/203213.shtml 2010-03-19 01:55:46 - Hack In The Box : Two recent unrelated news stories struck me as indicative of a fundamental problem with IT security We seem to favor looking at symptoms over finding the root cause of problems The first story was nearly comical for the effort that was expended to pin blame Back in December, the Conficker virus infected 3,000 computers on the network of the Waikato District Health Board , which encompasses all of the hospitals in a district that accounts for 10pourcents of New Zealand's population Officials claimed that emergency operations were not affected, but the district hospitals requested that only true emergencies be referred to them Certainly, it is critical that steps be taken to assure that nothing like this ever happens again I just don't agree that an effective response would include a three-month investigation into the incident The report came in this month, and, believe it or not, they say they found the source of the infection According to the report, someone plugged an infected USB drive into a computer in a parking garage tollbooth, bringing multiple hospitals to a near standstill for three days http://www.secuobs.com/revue/news/203201.shtmlhttp://www.secuobs.com/revue/news/203201.shtml 2010-03-19 01:41:48 - 411 on Spyware : Security Guard screenshotThe Security Guard virus employs all the latest badware tools to wreak havoc on your computer and ruin your day This fake antispyware from the crooks who made CleanUp Antivirus and Security Antivirus fills your computer with a bunch of useless junk and then tries to get you to pay to remove this same useless junk To make things worse, it shows endless Security Guard pop-ups and tries to scare you with phony system scans that detect a long list of mean-sounding viruses with names like VirusWin32Fakera Most of these are just recycled names from years-old viruses, and they probably haven't been anywhere near your computer Ready to restore sanity to your hard drive Here's how to get rid of Security Guard for free http://www.secuobs.com/revue/news/203187.shtmlhttp://www.secuobs.com/revue/news/203187.shtml 2010-03-19 01:12:35 - Security Bloggers Network : Hacker Disables More Than 100 Cars Remotely wiredcom This story circulated a lot on different websites and on Twitter today and is the reason for this rant Normally I have high regards for wiredcom for the articles they write, including the series they did on hackerspaces But with this article, they really disappointed me I'm used that the main media makes this mistake but not Wired How would you define an ex-employee, guessing or stealing a former co-worker's password to access the system and screwing with it out of revenge A cybercriminal A hacker Wrong and wrong It's an insider threat He really must had mad 1337 skills to pull this one off I know that the word hacker is a confusing term meaning a lot of different things to different people, including the media's insistent wish to use it to describe cybercriminals Hint use a dictionary But this all leads to so many misunderstanding Hardware hacker, blackhat hackers, whitehat hackers, greyhat hackers, software hackers, kernel hackers, lifehackers, script kiddies, etc etc there are so many different dimensions to the word hacker that it leaves the average outsider confused But I have to be honest, I sometimes catch even myself using the word hacker in the context of 'cybercriminal' Even if I know better, it's a bad habit I often try to correct myself and others but it's an uphill battle Let's use more specific terms But a lot of the above variations have a common element taking things apart and learning how they work and improve on them It's this sharing and curiosity of how things work that is at the core of the original meaning of 'hacking' and involve non-computer related domains as well I'm a big supporter of the rise of the current flood of hackerspaces around the world and also in Belgium As these spaces embody the original meaning of hacking and enables users to learn and share knowledge Sometimes compared to Do-it-yourself labs or workplaces Frank Rieger, part of the Chaos Computer Club couldn't have said it better in this BBC article today For CCC member Frank Rieger, the word hacking - the process of reconfiguring or reprogramming a system to do things that its inventor never intended - needs to be reclaimed, and stripped of negative connotations We are trying to show people the beauty of technology, and how exciting it can be to find out new stuff and then do good things with that, he says Source BBC news Emphasis added by me So is it time to educate the media and others to reclaim the word hacker for what it really means It might be I have no special talent, I am only passionately curious -- Albert Einstein Related posts Hackerspace Ghent Whitespace or 0x20 will have their Open weekend on 19 - 21 March Hackerspace Antwerp in bootstrap mode The date for the Hackerspace Antwerp Startup Meeting Discussing about Hackerspace Antwerp What is a hackerspace What does a hackerspace look like And the next Hackerspace Brussels meetup IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE http://www.secuobs.com/revue/news/203179.shtmlhttp://www.secuobs.com/revue/news/203179.shtml 2010-03-19 00:49:27 - Rootsecure.net : H Security Dispute about Virtual PC security holes http://www.secuobs.com/revue/news/203167.shtmlhttp://www.secuobs.com/revue/news/203167.shtml 2010-03-19 00:48:00 - Reverse Engineering : submitted by rolfr link comment http://www.secuobs.com/revue/news/203166.shtmlhttp://www.secuobs.com/revue/news/203166.shtml 2010-03-19 00:28:30 - eSecurity Planet Features : Taking down a botnet, especially one of the biggest, is a daunting task that needs to be done in 'layers' and severing the creature's connections to the outside world doesn't get rid of the beast http://www.secuobs.com/revue/news/203164.shtmlhttp://www.secuobs.com/revue/news/203164.shtml 2010-03-19 00:21:34 - Stoned Bootkit : It feels like a déjà-vu - seems like Ikarus Security Software cares a fuck about my intellectual property They passed further my Stoned Bootkit 2 Alpha 4, and the license of it clearly states ANY FILE HERE MAY NOT BE USED ANYHOW BY IKARUS SECURITY SOFTWARE, their lawyers, Josef Pichlmayr or any person in contact with Ikarus, Kaspersky or Avira, including Franz Lehner, Fabasoft Distribution GmbH and partners of mentioned companies or any AV company without explicit permission of Peter Kleissner But Ikarus cares a fuck about it, ain't they http://www.secuobs.com/revue/news/203162.shtmlhttp://www.secuobs.com/revue/news/203162.shtml 2010-03-18 23:59:00 - SANS Internet Storm Center InfoCON green : more http://www.secuobs.com/revue/news/203158.shtmlhttp://www.secuobs.com/revue/news/203158.shtml 2010-03-18 22:57:35 - Security Wire Weekly : From buffer overflows to SQL injection, hackers have many techniques at their disposal to attack Web applications, and new methods constantly emerge This week s podcast edition of Threat Monitor highlights one of the tips from this special Web application attack security guide, entitled Prevent cross-site scripting hacks with tools, testing http://www.secuobs.com/revue/news/203138.shtmlhttp://www.secuobs.com/revue/news/203138.shtml 2010-03-18 22:49:17 - Security Bloggers Network : Dear Diary, Back from another trip to New Zealand Wellington on Tuesday and Auckland on Wednesday Probably should have arranged to stay over Wednesday evening, as it was St Patrick's Day Thanks to timezone magic, Auckland is almost the first place in the world which gets to celebrate St Pat's the Eastern islands of Kiribati, at http://www.secuobs.com/revue/news/203134.shtmlhttp://www.secuobs.com/revue/news/203134.shtml 2010-03-18 22:49:17 - Security Bloggers Network : Cybersecurity Bill Trims Presidents Power Cybersecurity InformationWeek The Senate Wednesday re-introduced a cybersecurity bill it considered last year, minus a provision that would have allowed the president to shut down the Internet in the event of a major cyber attack The Cybersecurity Act, S 773, co-sponsored by Senators Jay Rockefeller D-WVa and Olympia Snowe R-Maine , http://www.secuobs.com/revue/news/203131.shtmlhttp://www.secuobs.com/revue/news/203131.shtml 2010-03-18 22:42:28 - MX Logic Security News : McAfee advises all users of Facebook to carefully analyze any email received from the social networking giant in the next few weeks as several users have reported receiving emails requesting they change their password Phishing scams related to social networking sites like Facebook and Twitter have become one of the best methods for cyber criminals to compromise web security It's especially bad if a cyber criminals gain access to a Facebook user's account because people frequently use the same password for multiple websites and accounts Any email received ostensibly sent by Facebook that says a new password is available in an attachment should be discarded and reported to the company Facebook does not reset passwords in this fashion This threat is potentially very dangerous considering that there are over 350 million Facebook users who could fall for this scam, McAfee wrote on its blog This is also the sixth most prevalent piece of malware targeting consumers in the last 24 hours, as tracked by McAfee Labs In recent months, Facebook has been the target of criticism for its lack of action against the spread of malware Ira Winkler, a Candian web security professional, sent an email to the company demanding that it remove an ad spreading scareware from the site last monthADNFCR-1765-ID-19677716-ADNFCR http://www.secuobs.com/revue/news/203125.shtmlhttp://www.secuobs.com/revue/news/203125.shtml 2010-03-18 22:42:28 - MX Logic Security News : The Conficker worm was by far the most notorious piece of malware in 2009 for several reasons Not only did it receive media attention and infect more computers than any other strain, according to Katonda, a business technology website, it reminded web security professionals of bygone days when major epidemics were the norm The patch for the hole that the program exploited hit the web in 2008 thanks to Microsoft, but Conficker continues to find its way onto the hard drives of computer users Microsoft recently announced a 250,000 reward for any information that leads to the arrest of the cyber criminal who created the strain Conficker's primary motive is stealing password information for social networking sites, online banking institutions and other sensitive material Katonda reports that USB drives are among the primary vectors for the virus' continued spread The malware finds its way onto USB drives when inserted into an infected computer From there, it is spread onto other drives it comes into contact with Conficker is the largest worm on the web since the SQL Slammer, which attacked computers in 2003, according to the New York TimesADNFCR-1765-ID-19677725-ADNFCR http://www.secuobs.com/revue/news/203122.shtmlhttp://www.secuobs.com/revue/news/203122.shtml 2010-03-18 22:42:28 - MX Logic Security News : Leading web security experts believe that the recently released National Broadband Program is potentially a major risk to national web security As more people move from dial-up and other slower forms of internet access, they will be exposed to malware and be unable to handle it The dangers are especially damning for users who did not have internet access before their adoption of broadband When most Americans first started using the web, malware was minimal Cyber criminals will learn the best ways to target new users as more of them begin using broadband Younger broadband users are especially suceptible to malware infection as they're more likely to download programs laced with malicious software These 100 million newbies don t stand a chance They've effectively been shielded by one of the best anti-spyware and anti-malware systems ever invented - dial-up If we bring these people into the broadband world, we're going to need to beef up our security across the board ZDNet blogger David Gerwitz writes Kaspersky reported in February that while new malware strains remained flat in 2009, the programs have become increasingly sophisticated If experienced computer users are struggling with viruses, new users must be alerted to potential risksADNFCR-1765-ID-19677810-ADNFCR http://www.secuobs.com/revue/news/203121.shtmlhttp://www.secuobs.com/revue/news/203121.shtml 2010-03-18 22:16:22 - LinuxSecurity.com Latest News : LinuxSecuritycom If you have read any of the Samba content here on Ghacks you probably will have noticed that within the smbconf configuration file a line that begins with security This is a very important part of Samba setup and generally the section that gives users the most problems Although the security mode would seem fairly straight-forward, it is certainly worth explaining http://www.secuobs.com/revue/news/203114.shtmlhttp://www.secuobs.com/revue/news/203114.shtml 2010-03-18 21:59:54 - eSecurity Planet Features : Core Security Technologies said it's found a nasty bug in Windows Virtual PC that could let an attacker bypass important security protections But what does Microsoft think http://www.secuobs.com/revue/news/203105.shtmlhttp://www.secuobs.com/revue/news/203105.shtml 2010-03-18 21:49:41 - threatpost The First Stop for Security News : Here are four techniques and related technologies several cited as underrated in today's security fight Since one security pro's miracle tool is another's waste of budget, it's no surprise that a couple of the technologies panned earlier are praised here Read the full article CSO Shorten URL http threatpostcom en_us OlD Click to copy to clipboard or post to Twitter http://www.secuobs.com/revue/news/203102.shtmlhttp://www.secuobs.com/revue/news/203102.shtml 2010-03-18 21:18:54 - OVAL News : OVAL Team Member and CWE CAPEC Program Manager Robert A Martin presented a briefing about OVAL Making Security Measurable to the DHS DoD NIST SwA Forum on March 9-12, 2010 http://www.secuobs.com/revue/news/203098.shtmlhttp://www.secuobs.com/revue/news/203098.shtml 2010-03-18 20:52:27 - News : A bug in Microsoft's software gives hackers a way to exploit virtual Windows machines which would be attack-proof if they were running on real hardware, a researcher said today http://www.secuobs.com/revue/news/203087.shtmlhttp://www.secuobs.com/revue/news/203087.shtml 2010-03-18 19:28:17 - Security Database Tools Watch : iWep PRO is an application for the iPhone and iPod touch that allow users check if their routers are exposed to some vulnerabilities Main vulnerability is WEP WPA key calculation There are some routers that can be easily hacked just in few minutes This happens ONLY when router s factoy settings were not changed If factory settings were changed, iWep PRO is useless with your router iWep PRO is based in WEP WPA calcualtion methods found in internet You can find them on your own, and - Security Tools Vulnerability Scanner, Wireless, Configurations checks, iWep Pro IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE http://www.secuobs.com/revue/news/203058.shtmlhttp://www.secuobs.com/revue/news/203058.shtml 2010-03-18 18:25:32 - securitystream.info : The Drupal team has just released a whole heap of security advisories Drupal's Email Input Filter, Keys and Tag Order modules all contain security vulnerabilities Updated versions, in which the problems are fixed, are now available Read the full article The H Security Shorten URL http threatpostcom en_us Oqh Click to copy to clipboard or post to Twitter ZeroClipboardsetMoviePath 'http threatpostcom sites all modules threatpost_tweaks ZeroClipboardswf' var clip new ZeroClipboardClient clipsetHandCursor true clipsetText 'http threatpostcom en_us Oqh' clipglue 'short_url_link' , 'short_url_cont' Related posts 1 Cisco Patches, Updates Unified MeetingPlace 2 Mozilla Updates 3 Critical Firefox Flaws 3 Taking Vendors to Task on Security Flaws http://www.secuobs.com/revue/news/203036.shtmlhttp://www.secuobs.com/revue/news/203036.shtml 2010-03-18 18:06:34 - Securosis Blog : As we wrap up our initial wave of Network Security Fundamentals, we've already discussed Default Deny, Monitoring everything, Correlation, and Looking for Not Normal Now it's time to see if we can actually get in the way of some of these nasty attacks So what are we trying to block Basically a lot of the issues we find through looking for not normal The general idea involves implementing a positive security model not just to inbound traffic default deny , but to outbound traffic as well This is called egress filtering, and in practice is basically turning your perimeter device inside out and applying policies to outbound traffic This defensive tactic ensures that non-standard ports and protocols don't make their way out of your network Filtering can also block reconnaissance tactics, network enumeration techniques, outbound spam bots, and those pesky employees running Internet businesses from within your corporate network Amazingly enough this still happens, and too many organizations are none the wiser Defining Egress Filtering Policies ---------------------------------- Your best bet is to start with recent incidents and their root causes Define the outbound ports and protocols which allowed the data to be exfiltrated from your network Yes, this is obvious, but it's a start and you don't want to block everything Not unless you enjoy being ritually flayed by your users Next leverage the initial steps in the Fundamentals series and analyze correlated data to determine what is normal Armed with this information, next turn to the recent high-profile attacks getting a lot of airtime Think Aurora and learn how that attack exfiltrates data custom encrypted protocol on ports 443 For such higher-probability attacks, define another set of egress filtering rules to make sure you block or at least are notified when you have outbound traffic on the ports used during the attacks You can also use tighter location-based filtering policies, like not allowing traffic to countries where you don't do business This won't work for mega-corporations doing business in every country in the world, but for the other 9999pourcents of you, it's an option Or you could enforcing RFC standards on Port 80 and 443 to make sure no custom protocol is hiding anything in a standard HTTP stream Again, there are lots of different ways to set up your egress filtering rules Most can help, depending on the nature of your network traffic, none are a panacea Whichever you decide to implement, make sure you are testing the rules in non-blocking mode first to make sure nothing breaks Blocking or Alerting -------------------- As you can imagine, it's a dicey proposition to start blocking traffic that may break legitimate applications So take care when defining these rules, or take the easy way out and just send alerts when one of your egress policies is violated Of course, the alerting approach can and probably will result in plenty of false positives, but as you tune the policies, you'll be able to minimize that Which brings up the hard truth of playing around with these policies There are no short cuts Vendors who talk about self-defending anything, or learning systems, or anything else that doesn't involve the brutal work of defining policies and tuning them over time until they work in your environment, basically doesn't spend enough time in the real world 'nuff said To finish our discussion of blocking, again think about these rules in terms of your IPS You block the stuff you know is bad, and you alert on the stuff you aren't sure about Let's hope you aren't so buried under alerts that something important gets by, but that's life in the big city No Magic Bullets ---------------- Yes, we believe egress filtering is a key control in your security arsenal, but as with everything else, it's not a panacea There are lots of attacks which will skate by undetected, including those that send traffic over standard ports So once again, it's important to look at other controls to provide additional layers of defense These may include outbound content filtering, application-aware perimeter devices, deep packet inspection, and others More Network Security Fundamentals ---------------------------------- I'm going to switch gears a bit and start documenting Endpoint Security Fundamentals next week, but be back to networks soon enough, getting into wireless security, network pen testing, perimeter change control, and outsourced perimeter monitoring Stay tuned - Mike Rothman 0 Comments IMAGE IMAGE IMAGE IMAGE IMAGE http://www.secuobs.com/revue/news/203021.shtmlhttp://www.secuobs.com/revue/news/203021.shtml 2010-03-18 18:01:55 - MSRC Ecosystem Strategy Team : IMAGE Handle Silver Surfer IRL Mike Reavey Rank Director, MSRC Likes Warm weather, Battlestar Galactica, and responsibly reported vulnerabilities Dislikes Rain, Rain without end, Clouds with potential for rain, reality TV, and unpatched vulns I m here at the second edition of the BlueHat Security Forum, this time in Buenos Aires So far it is shaping up to be an immensely successful event We started the day off with a welcome announcement from Hernán Rincón, president of Microsoft Latin America, and have more technical insights to come, some scary and some more reassuring, in the typical BlueHat fashion We have near 100 attendees with us here today from across Latin America Countries including Brazil, Argentina, Mexico and Peru are represented Attendees span local and regional business and industry, government, academia, CERTs and security researcher communities The thematic focus will range from e-crime attacks, the vulnerability economy and the regional threat landscape, cloud security, mobile security, embedded devices, social networks and the web 20 community, and last but surely not least, the Microsoft Security Response Center processes and integration of a Security Development Lifecycle To learn about out the presenters taking the podium today, check out Celene s announcement post for a deeper look IMAGE In our continued efforts to evolve BlueHat and keep content innovative and relevant, we ve taken an idea from our friends at H2HC and kicked off our event by hosting a panel entitled Hackers and you We have invited Ivan Arce, co-founder of Core Security Technologies Rodrigo Rubira Branco, Hacker to Hacker Conference H2HC organizer local security researcher and previous BlueHat speaker, Manuel Caballero You Sh0t the Sheriff YSTS conference organizer, Luiz Eduardo Felix FX Lindner, head of Recurity Labs and PH-Neutral fame Damian Hasse, Principal Security Development Manager of the MSRC MSEC and Nico Waisman of Immunity to contribute their thoughts around the term hacker what it means to be one, how it differs throughout regions, and how to keep hackers part of an effective enterprise security team The panel was moderated by our own Andrew Cushman, senior director of Trustworthy Computing at Microsoft, and offered a variety of unique insights There was a ton of good commentary, Rodrigo mentioned how the security researcher community really drove broad awareness and vendor responsiveness FX spoke about how understanding a system is the best way for strong defense and highlighted approaches such as the Elevation of Privilege Eop card game produced by our SDL team From the MSRC perspective, Damian shared how he s made an effort to keep an active hacker mindset as part of an effective security team within Microsoft Ivan closed the commentary by highlighting how BlueHat provides a platform for seemingly disparate groups of attendees to effectively engage where they may not otherwise have the opportunity to do so with typical formal communication methods He encouraged all attendees to look to their neighbors in the audience and take advantage of such experiences to seize and create strategic, mutually beneficial opportunities IMAGE We have strategically partnered with Security Week, a Microsoft hosted event put on by the local Microsoft office in the region This partnership allows us to bring security and privacy information to local IT Pros, BDMs and Policy Makers So far this Security Week Buenos Aires installment has reached more than 500 people, providing over 40 presentations throughout the course of the week If you haven t seen the recent posts by BlueHat Security Forum members, check out Manuel Caballero and FX s insights and stay tuned for future updates Nothing like bringing the legitimate security space of Latin America together and creating a melting pot of new ideas and relationship-bridging This might even beat the lomo J - Mike Postings are provided AS IS with no warranties, and confers no rights IMAGE http://www.secuobs.com/revue/news/203020.shtmlhttp://www.secuobs.com/revue/news/203020.shtml 2010-03-18 17:50:49 - LinuxSecurity.com Latest News : LinuxSecuritycom The SpamAssassin Milter plug-in which plugs in to Milter and calls SpamAssassin, contains a security vulnerability which can be exploited by attackers using a crafted email to inject and execute code on a mail server The SpamAssassin Milter plug-in is frequently used to run SpamAssassin on Postfix servers http://www.secuobs.com/revue/news/203017.shtmlhttp://www.secuobs.com/revue/news/203017.shtml 2010-03-18 15:52:37 - Musings of an Over Grown Dwarf : A Mafia boss was caught because of his using Facebook, while unrelated to that the EFF released the result of their Freedom of Information request for material on how law enforcement uses social networking to investigate suspects under cover The SEC moved to freeze portfolios and accounts following attacks by a Russian hacker, who manipulated stocks InfoSecurity magazine has a story on espionage in sport, mentioning how where there's a motive, cyber-crime follows And of course, the leading story which I discovered thanks to a post on Facebook by Dave Aitel is how an hacker if that is a descriptive word in this case broke into 100 cars to cause inconvenience, such as honking, or immobilizing customer the cars He hijacked the remote control system web-based vehicle-immobilization system normally used to get the attention of consumers delinquent in their auto payments by logging on with an account of an employee He used to be an employee himself, until fired later on Gadi Evron, ge linuxboxorg Follow me on twitter http twittercom gadievron http://www.secuobs.com/revue/news/202975.shtmlhttp://www.secuobs.com/revue/news/202975.shtml 2010-03-18 13:48:01 - An alchemists view from the bar : I m attending a network security Blogger meeting on the 30 March 2010 in a pub just off Oxford St, London It s kindly hosted by Sourcefire but don t expect any sales people in attendance It will be an informal event with drinks, nibbles, and networking read free beer Hopefully we ll discuss what s hot or not right now, share http://www.secuobs.com/revue/news/202936.shtmlhttp://www.secuobs.com/revue/news/202936.shtml 2010-03-18 12:19:57 - SecurityPark.net : Stewart Room is a partner at Field Fisher Waterhouse LLP and is the author of three books the most recent titled Butterworths Data Law Practice 2009 Stewart Room offers organisations structured advice to keep them out of court, and avoid the GBP500K fine to be levied by the Information Commissioner from April, should they experience a security breach or data loss This is an area where orga more http://www.secuobs.com/revue/news/202918.shtmlhttp://www.secuobs.com/revue/news/202918.shtml 2010-03-18 12:19:57 - SecurityPark.net : Pirean has announced the completion of a project for City University to increase the security and reduce the cost of managing web-based applications as a platform for the delivery of University services The Pirean implemented security solution uses IBM Tivoli technology to enable the secure delivery of a range of portal and collaborative services to 25,000 staff and students of the University more http://www.secuobs.com/revue/news/202916.shtmlhttp://www.secuobs.com/revue/news/202916.shtml 2010-03-18 10:38:01 - Network World on Security : The National Broadband Plan released by the Federal Communications Commission this week contains several recommendations that are designed to boost the preparedness of communications networks to deal with cyberthreats http://www.secuobs.com/revue/news/202902.shtmlhttp://www.secuobs.com/revue/news/202902.shtml 2010-03-18 09:51:42 - Rootsecure.net : Computer World What Are the Most Underrated Security Technologies http://www.secuobs.com/revue/news/202897.shtmlhttp://www.secuobs.com/revue/news/202897.shtml 2010-03-18 09:29:20 - securitystream.info : Posted by InfoSec News on Mar 17 http wwwcomputerworldcom s article 9172438 Revised_cybersecurity_bill_introduced_in_Senate taxonomyId 17 By Jaikumar Vijayan Computerworld March 17, 2010 A revised version of a cybersecurity bill first proposed last year was introduced again in the US Senate today, notably without a controversial provision that would have given the President authority to disconnect networks from the Internet during a national emergency The bill, Related posts 1 Cybersecurity bill to give president new emergency powers 2 Senate Considers P2P Security Bill 3 Bill Would Ban P2P Use By Federal Employees http://www.secuobs.com/revue/news/202896.shtmlhttp://www.secuobs.com/revue/news/202896.shtml 2010-03-18 09:17:55 - Paul Ducklin's blog : Dear Diary, Back from another trip to New Zealand Wellington on Tuesday and Auckland on Wednesday Probably should have arranged to stay over Wednesday evening, as it was St Patrick's Day Thanks to timezone magic, Auckland is almost the first place in the world which gets to celebrate St Pat's the Eastern islands of Kiribati, at http://www.secuobs.com/revue/news/202889.shtmlhttp://www.secuobs.com/revue/news/202889.shtml 2010-03-18 06:01:23 - DarkReading All Stories : Nasty questions to ask your security vendors http://www.secuobs.com/revue/news/202878.shtmlhttp://www.secuobs.com/revue/news/202878.shtml 2010-03-18 02:51:41 - Hack In The Box : M86 has revealed that it was using Amazon's EC2 cloud computing platform to roll out hosted security services to its customers in Australia M86 created a virtual instance of its web application on Amazon's EC2 platform for each customer, said Werner Thalmeier, M86's vice president of product management We started the prototype 18 months ago From our point of view it was faster and most reliable way to market and the most scalable, said Thalmeier The image is built and tested by M86, which optimises for EC2 and performs quality assurance The customer can only pick a ready image which can connect to internal policy filters or use the system browser interface through an encrypted connection and can't be spoofed, claimed Thalmeier http://www.secuobs.com/revue/news/202848.shtmlhttp://www.secuobs.com/revue/news/202848.shtml 2010-03-18 02:51:41 - Hack In The Box : A new version of a cybersecurity bill was introduced in the Senate on Tuesday that may eliminate some opposition to the measure from the tech industry The bill would give the president a Senate-confirmed national security advisor to lead all cybersecurity matters, whether in defense or civilian areas, according to a summary of the bill Cybersecurity touches just about every aspect of the United States, from military espionage and potential cyber sabotage of US infrastructure to cyber bank thefts and loss of intellectual property The new draft put out by Senators John Rockefeller and Olympia Snowe reflects consultation with industry groups and some changes to lessen tech industry opposition, said James Lewis, a technology expert with the think-tank Center for Strategic and International Studies http://www.secuobs.com/revue/news/202845.shtmlhttp://www.secuobs.com/revue/news/202845.shtml 2010-03-18 02:17:08 - Chester Wisniewski's Blog : New Sophos podcast series, a weekly look at the news and what you need to know http://www.secuobs.com/revue/news/202836.shtmlhttp://www.secuobs.com/revue/news/202836.shtml 2010-03-18 02:16:00 - Security Bloggers Network : Writing on the TechRepublic's IT Security blog, Michael Kassner has an interesting point here There seems to be an endless drumbeat of security advice dumped on users, ranging from more frequent password resets to watching for phishing e-mails and in http://www.secuobs.com/revue/news/202833.shtmlhttp://www.secuobs.com/revue/news/202833.shtml 2010-03-18 01:49:32 - Hack In The Box : RSA, Intel and VMware have teamed up to bring us their proof of concept for reliably auditing and securing infrastructure cloud services Their new solution is called the Hardware Root of Trust One of the biggest issues with cloud services is that there's no reliable mechanism that allows cloud customers to audit their providers security when and how they want to Cloud customers want the ability to run their own security audits, ensure that proper security measures are always in place and be able to control their security policies inside their own private cloud To solve this problem RSA, Intel and VMware have put their heads together and come up with an interesting solution that they showcased at the RSA conference this month Given the interest, and growing need, for solutions in this area lately I thought their proof of concept warranted some mention http://www.secuobs.com/revue/news/202820.shtmlhttp://www.secuobs.com/revue/news/202820.shtml 2010-03-18 01:49:32 - Hack In The Box : Last week we looked at security technology some readers consider overvalued This week we're back to study the other side of the coin Here are four techniques and related technologies several cited as underrated in today's security fight Since one security pro's miracle tool is another's waste of budget, it's no surprise that a couple of the technologies panned last week are praised here Application security is something companies increasingly worry about, as the number of business and personal apps proliferate Hackers are targeting everything from online banking apps to the gaming apps popular on such social networks as Facebook Web Application Firewalls WAFs are among the technologies designed to reduce the risk One of the more overlooked features of the technology is whitelisting -- the art of allowing only traffic known to be valid to pass through the gate thus providing an external input validation shield over the application http://www.secuobs.com/revue/news/202817.shtmlhttp://www.secuobs.com/revue/news/202817.shtml 2010-03-18 01:02:27 - Rootsecure.net : H Security Security vulnerability in SpamAssassin filter module http://www.secuobs.com/revue/news/202789.shtmlhttp://www.secuobs.com/revue/news/202789.shtml 2010-03-18 00:44:23 - eSecurity Planet Features : Eric Geier offers an interesting list of free security apps, including biometric logins, encrypting flash drives, and locking down public workstations http://www.secuobs.com/revue/news/202785.shtmlhttp://www.secuobs.com/revue/news/202785.shtml 2010-03-17 23:57:25 - Information Security Short Takes : After all the risk assessments, cost analysis and decisions, you decide to send your data into the cloud And things are good - at least until the security breach When that happens, every security professional and IT management will get grilled by top management Youtube has a mockup video that just might give you the feeling of how this will look like Ofcourse, a video of Hitler reacting to a hacked cloud computing service is a bit of an overkill But be sure that you'll hear a lot of the sentences that are mocked up, even if not in that tone You can see the video here Talkback and comments are most welcome Related posts Security Concerns Cloud Cloud Computing How to Trust Cloud Computing Cloud Computing - Premature murder of the datacenter IMAGE http://www.secuobs.com/revue/news/202766.shtmlhttp://www.secuobs.com/revue/news/202766.shtml 2010-03-17 23:57:14 - Hot Security News : Open-source security infrastructure can be taken to the next step by augmenting it with commercial solutions, according to Gabriel Mizrahi, vice president technologies at Commtouch R Mr Mizrahi will be speaking about this subject at WebhostingDay this week in Cologne, Germany IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE http://www.secuobs.com/revue/news/202764.shtmlhttp://www.secuobs.com/revue/news/202764.shtml 2010-03-17 22:43:57 - ha.ckers.org web application security lab : It s not every day I come across real wisdom in research but I saw a link yesterday to So Long, And No Thanks for the Externalities The Rational Rejection of Security Advice by Users which is a research paper written by one of the guys at Microsoft There are some amazingly choice quotes in http://www.secuobs.com/revue/news/202749.shtmlhttp://www.secuobs.com/revue/news/202749.shtml 2010-03-17 22:35:15 - Prevx Blog : Formerly known as the Browser Security Bake Off Challenge Jacques knew that this was going to be a tough one to kick off when he made the post on this We attended the eCrime Congress this week in the UK and had a graphic example of why vendors in the same or adjacent market segments can benefit from the approach we outlined above Myself and the CEO of EISST, Dr Corrado Ronchi were introduced by someone assisting a major government department understand how EISST's E-Capsule Private Browser and our Prevx SafeOnline squared up or could even be teamed up Naturally, such an encounter would frequently end up with two CEO's sparring, happily this was not the case I mentioned our bake off challenge maybe too glibly named IMO and suggested the same testing could assist vendors and potential clients if it was to take the form of a Taxonomy analysis which could be used to compare but also to consider the combination of multiple products to meet customer's specific requirments Dr Ronchi agreed So we will be adding their E-Capsule Private Browser to the list for testing Thanks also to Dr Ronchi for also agreeing to pay the entry fee to enable us to have the tests done independently by a top research lab I just back to the office from eCrime to hear that Ilya Rabinovich of Softsphere wanted to propose DefenseWall which we wiil of course add to the list I will formerly write to the other firms with products listed to ask them to support the initiative I'll let you know what they say We are also still keen to learn of other competing or adjacent technologies in the Browser Security space http://www.secuobs.com/revue/news/202741.shtmlhttp://www.secuobs.com/revue/news/202741.shtml 2010-03-17 20:38:07 - SecuraBit : Hosts Anthony Gartner anthonygartner Christopher Mills thechrisam Chris Gerling chrisgerling Jason Mueller securabit_jay Andrew Borel andrew_secbit Guests Brian Krebs briankrebs - http wwwkrebsonsecuritycom VRT Blog Post http vrt-sourcefireblogspotcom 2010 03 apt-should-your-panties-be-in-bunch-andhtml Eric Chien, Symantec Zeus, King of the Bots http wwwnoryaknet papers zeuspdf Chat with us on IRC at ircfreenodenet securabit http://www.secuobs.com/revue/news/202708.shtmlhttp://www.secuobs.com/revue/news/202708.shtml 2010-03-17 20:36:20 - Redspin Security Blog : Earlier this week the Office of the National Coordinator for Health Information Technology ONC released an initial draft of its healthcare IT framework and strategic plan This is a high level outline of the themes, principles, strategies and objectives that the ONC will address and reflects an update to the Federal Health IT Strategic http://www.secuobs.com/revue/news/202707.shtmlhttp://www.secuobs.com/revue/news/202707.shtml 2010-03-17 19:01:55 - MX Logic Security News : Earlier this year, Adobe released a security update to patch a hole that cyber criminals exploited to upload malware onto the computers of unsuspecting users However, Marian Radu, a web security researher for Microsoft recently announced on his blog that he had discovered a similar vulnerability When the PDF is opened, Adobe Reader immediately opens and then closes itself The malware moves directly to the user's hard drive without notice The malware uses JavaScript for a majority of its actions, so Radu recommends disabling it for unknown files and activating it only when prompted while visiting reputable websites While recently analyzing a malicious PDF file, I noticed a vulnerability exploited by the sample which I've never encountered before After a bit of research I came to the conclusion that this specific sample exploited CVE-2010-0188 This is a fresh vulnerability, information about which was just published this February, Radu wrote on his blog Adobe has released a security update for this vulnerability, and the company advises all users to download the patch ScanSafe reported that 56 percent of all malware infections originated from PDF files in the fourth quarter 2009ADNFCR-1765-ID-19674768-ADNFCR http://www.secuobs.com/revue/news/202666.shtmlhttp://www.secuobs.com/revue/news/202666.shtml 2010-03-17 18:36:37 - Network World on Security : Nobody fires you if you buy Cisco' it was once said but it seems somebody should tell the corporate security sector which has deserted the giant in droves in late 2009, new figures show http://www.secuobs.com/revue/news/202654.shtmlhttp://www.secuobs.com/revue/news/202654.shtml 2010-03-17 17:51:10 - The New School of Information Security : Some time back, a friend of mine said Alex, I like the concept of Risk Management, but it s a little like the United Nations Good in concept, horrible in execution Recently, a couple of folks have been talking about how security should just be a diligence function, that is, we should just prove that we re http://www.secuobs.com/revue/news/202635.shtmlhttp://www.secuobs.com/revue/news/202635.shtml 2010-03-17 17:25:25 - SecurityTube.Net : Introduction to FLY CriticalSecurity's LiveCD Video Tutorial IMAGE http://www.secuobs.com/revue/news/202617.shtmlhttp://www.secuobs.com/revue/news/202617.shtml 2010-03-17 17:13:13 - SecurityPark.net : Since 2005, basically all of the 1,500 miles 2,500 km of expressways in service within China's Shaanxi province are using Infinova products for security surveillance This includes over 2,000 cameras, approximately 100 video matrix switching systems plus fiber optic modems Effective highway video surveillance alerts authorities as congestion starts to develop and helps them deploy highwa more http://www.secuobs.com/revue/news/202615.shtmlhttp://www.secuobs.com/revue/news/202615.shtml 2010-03-17 17:01:10 - Infosecurity USA Latest News : Security research company Core Security says that it has found a security flaw in Microsoft's Virtual PC hypervisor that could undermine fundamental security measures included in the Vista and Windows 7 operating systems http://www.secuobs.com/revue/news/202612.shtmlhttp://www.secuobs.com/revue/news/202612.shtml 2010-03-17 16:58:14 - eSecurity Planet Features : RSA has added more than 70 new features to its Data Loss Prevention DLP applications designed to protect sensitive information in the enterprise http://www.secuobs.com/revue/news/202611.shtmlhttp://www.secuobs.com/revue/news/202611.shtml 2010-03-17 16:28:26 - Stratagem 13 : Get to the root of security threats - Get to the root of security threats Security Central - InfoWorld http://www.secuobs.com/revue/news/202606.shtmlhttp://www.secuobs.com/revue/news/202606.shtml 2010-03-17 16:24:23 - Security Bloggers Network : A Happy St Patrick s Day to one and all cheers, Dave Click here to subscribe to Liquidmatrix Security Digest And now, the news Researchers find zero day flaw in Windows Virtual PC V3 How Privacy Vanishes Online NY Times UK ID card data to be split among three databases Third Factor Secret Document Calls Wikileaks Threat to US Army Medicare data http://www.secuobs.com/revue/news/202600.shtmlhttp://www.secuobs.com/revue/news/202600.shtml 2010-03-17 16:23:34 - News : Cisco Wednesday is unveiling new Ethernet access switches and enhanced routers designed to take on more of the jobs frequently handled by separate devices, such as those dedicated to handling video traffic or ensuring network security IMAGE http://www.secuobs.com/revue/news/202597.shtmlhttp://www.secuobs.com/revue/news/202597.shtml 2010-03-17 15:58:34 - Information Security Today Essential Information for Managing the Security of a Modern Evolving En : There are two base assumptions about what is not right about information security 1 Most organizations are not doing enough to truly secure themselves and 2 Not only are organizations not doing enough, they are convincing themselves and the people around them to the contrary This chapter discusses the underlying or root causes behind these issues in an organizational setting and identifies the issues and challenges associated with achieving true security within an organization http://www.secuobs.com/revue/news/202589.shtmlhttp://www.secuobs.com/revue/news/202589.shtml 2010-03-17 14:22:55 - Tenable Network Security : Welcome to the Tenable Network Security Podcast - Episode 25 Announcements Two new blog posts have been released titled The Value Of Credentialed Vulnerability Scanning and Microsoft Patch Tuesday - March 2010 - It Won't Happen To Me Edition Also, http://www.secuobs.com/revue/news/202569.shtmlhttp://www.secuobs.com/revue/news/202569.shtml 2010-03-17 14:14:58 - Rootsecure.net : Forbes Researcher Will Expose 20 Hackable Apple Security Flaws http://www.secuobs.com/revue/news/202568.shtmlhttp://www.secuobs.com/revue/news/202568.shtml 2010-03-17 13:43:22 - Infosecurity.US : The Security Bloggers Network Disclaimer InfosecurityUS is a long-time member blog of the SBN Best Corporate Blog has been awarded to the well deserved Jeremiah Grossman founder and Chief Technology Officer of WhiteHat Security A short snippet of the original post, appears after the jump Congrats Jeremiah WhiteHat Security s Jeremiah Grossman Honored With 2010 Social Related Posts 1 Tuesday s MustRead Jeremiah Grossman 2 BlackHat Webcast Jeremiah Grossman On Clickjacking 3 Jeremiah Grossman Clickjacking Video 4 OWASP AppSec NY 2008 Disclosure of ClickJack Exploit Postponed By Vendor Request 5 Shimel Security Bloggers Network Designated Press Bloggers At CSI Conference http://www.secuobs.com/revue/news/202563.shtmlhttp://www.secuobs.com/revue/news/202563.shtml 2010-03-17 13:32:52 - Cryptome : March 17, 2010 http://www.secuobs.com/revue/news/202557.shtmlhttp://www.secuobs.com/revue/news/202557.shtml 2010-03-17 10:00:49 - Rootsecure.net : Slashdot Users Rejecting Security Advice Considered Rational pdf http://www.secuobs.com/revue/news/202526.shtmlhttp://www.secuobs.com/revue/news/202526.shtml 2010-03-17 09:32:11 - securitystream.info : Posted by InfoSec News on Mar 16 http wwwv3couk computing news 2259522 security-experts-warns-firms By Dave Bailey Computing 16 March 2010 Medium- and lower-risk flaws are being used more by hackers to penetrate enterprise networks, due to firms taking longer to patch them Security experts have warned businesses that hackers are moving their focus from flaws designated as high risk by software vendors to flaws normally seen as lower risks Lloyd's of London chief Related posts 1 Hacker Report High Risk Flaws in Safari Browser 2 Taking Vendors to Task on Security Flaws 3 More flash drive firms warn of security flaw NIST investigates http://www.secuobs.com/revue/news/202525.shtmlhttp://www.secuobs.com/revue/news/202525.shtml 2010-03-17 09:32:11 - securitystream.info : Posted by InfoSec News on Mar 16 http fcwcom articles 2010 03 16 broadband-plan-fcc-cybersecurityaspx By William Jackson FCWcom March 16, 2010 Under the National Broadband Plan released today by the Federal Communications Commission, the FCC would assume new responsibilities for helping to secure the nation's privately owned communications infrastructure As the world moves online, America's digital borders are not nearly as secure as its physical Related posts 1 US Declassifies Part of Secret Cybersecurity Plan 2 Rugged Manifesto promotes secure coding 3 Plan to Counterattack Hackers Draws More Fire http://www.secuobs.com/revue/news/202524.shtmlhttp://www.secuobs.com/revue/news/202524.shtml 2010-03-17 08:57:27 - ISN InfoSec News Mailing List : InfoSec News Broadband plan would make FCC a player in cybersecurity framework http fcwcom articles 2010 03 16 broadband-plan-fcc-cybersecurityaspx By William Jackson FCWcom March 16, 2010 Under the National Broadband Plan released today by the Federal Communications Commission, the FCC would assume new responsibilities for http://www.secuobs.com/revue/news/202515.shtmlhttp://www.secuobs.com/revue/news/202515.shtml 2010-03-17 06:10:38 - Network Security Blog : We ve been hearing about the Aurora attacks on Google and a host of other companies since early January So why is it that NSS Labs is finding that the majority of the End Point Protection aka AV companies aren t protecting against the vulnerability yet And why is AVG upset with NSS Labs and their testing http://www.secuobs.com/revue/news/202494.shtmlhttp://www.secuobs.com/revue/news/202494.shtml 2010-03-17 05:43:53 - Hack In The Box : Researchers at Core Security Technologies issued an advisory today about a new security vulnerability that leaves users of Microsoftâ s Virtual PC software open to attack According to Core Security, certain versions of the Virtual PC hypervisor contain a vulnerability that allows attackers to bypass Windows security mechanisms, including Data Execution Prevention DEP and Address Space Layout Randomization This means other bugs that are not exploitable when running in a non-virtualized operating system could be exploited if running within a guest OS in Virtual PC â The vulnerability can be exploited locally within a virtualized system to escalate privileges or remotely for code execution in combination with any client-side bug for which existing patches have not been applied or with any client-side bug for which a fix has not been developed after dismissing the bug as not exploitable or of low priority,â Ivan Arce, CTO of Core Security, told eWEEK in an e-mail â The vulnerability does not seem usable to escape from a virtualized OS guest to execute code in the context of the non-virtualized OS host Use of the vulnerability to implement covert inter-process communications within the virtualized OS or to establish inter-VM virtual machine communication have not been researched in full but are deemed possibleâ http://www.secuobs.com/revue/news/202490.shtmlhttp://www.secuobs.com/revue/news/202490.shtml 2010-03-17 05:43:53 - Hack In The Box : Security experts have warned businesses that hackers are moving their focus from flaws designated as high risk by software vendors to flaws normally seen as lower risks Lloyd's of London chief information security officer Marcus Alldrick said, Hackers are not going for the normal high risk flaws, they're going for the medium risk ones In the patch management cycle, the medium risk flaws are being patched later That delay in patching is also being exacerbated by hackers combining the lower-risk flaws to create so-called blended threats, explained BT global head of business continuity, security governance practice Ray Stanton By combining two lower-risk flaws, hackers can cause high-risk threats to an organisation http://www.secuobs.com/revue/news/202489.shtmlhttp://www.secuobs.com/revue/news/202489.shtml 2010-03-17 05:16:39 - The New School of Information Security : Industry 'experts' misfired when they criticized Microsoft's Scott Chareney's Internet Security Tax idea Q How many of these 'experts' know any thing about information economics and public policy responses to negative externalities A Zero Thus, they aren't really qualified to comment This is just one small case in the on-going public policy discussions regarding economics of information security, but given the reaction of the 'experts', this was a step backward http://www.secuobs.com/revue/news/202484.shtmlhttp://www.secuobs.com/revue/news/202484.shtml 2010-03-17 04:25:44 - Technicalinfo.net Blog : A couple of weeks ago it was my pleasure to present at the Security B-Sides event in San Francisco - in between all the comings and goings of the main RSA show For those of you who are interested, the presentation deck is now available Your Computer Is Worth 30 - This Battle for Control of Your Computer Isn't Personal, Its Business Abstract The botnet ecosystem is evolving at a rapid pace Specialized services have come to fill every niche of the hacking world The frontline is rarely the mechanical process of exploitation and infection - instead it lies with innovative 24x7 support and helpdesk ticketing systems - quality of service is the competitive edge How much is your computer worth to them The price point is dropping day-by-day, but 30 cents is a pretty average trade value Why is it so low Because your computer is only part of the ecosystem - and a commodity one at that http://www.secuobs.com/revue/news/202475.shtmlhttp://www.secuobs.com/revue/news/202475.shtml 2010-03-17 03:59:48 - PaulDotCom : Live from CCDC Episode 190 Show Notes CCDCBadgeLightuppngDirect Audio Download Hosts Larry HaxorTheMatrix Pesce, Paul PaulDotCom Asadoorian, John Strand, Mick Douglas, Carlos Dark0perator Perez Audio Feeds IMAGE IMAGE IMAGE http://www.secuobs.com/revue/news/202474.shtmlhttp://www.secuobs.com/revue/news/202474.shtml 2010-03-17 03:30:41 - Speaking of Security the RSA Blog and Podcast : Click to Download Listen RSA has announced enhancements to its RSA Data Loss Prevention DLP Suite Hear about them on this week's Speaking of Security podcast http://www.secuobs.com/revue/news/202442.shtmlhttp://www.secuobs.com/revue/news/202442.shtml 2010-03-17 03:16:42 - Hack In The Box : Charlie Miller is an NSA-trained hacker with an elite reputation for tracking down dangerous security flaws in software But his latest work could be subtitled Apple Hacking For Dummies Later this month at the CanSecWest security conference in Vancouver, Miller plans to unveil research that he says has turned up 30 previously unknown critical security vulnerabilities in common software, 20 of which are in Apple's Preview application In other words, he says he's found 20 different ways that a cybercriminal could hijack the machine of any Mac user tricked into opening an infected PDF--or given that Safari uses the same code as Preview to render PDFs, simply visiting an infected Web pageThat's a record haul of security bugs even for Miller, a researcher for Baltimore-based Internet Security Evaluators who has become one of the world's most prominent Mac hackers after revealing methods for hacking the iPhone via its Safari browser in 2007 and via text message last summer http://www.secuobs.com/revue/news/202437.shtmlhttp://www.secuobs.com/revue/news/202437.shtml 2010-03-17 03:16:42 - Hack In The Box : Sixty percent of virtualized servers will be less secure than the physical servers they replace through 2012, according to market research firm Gartner Inc The decreased server security topped Gartnerâ s list of the six most common virtualization security risks and how to combat them Virtualization is not inherently insecure, according to Neil MacDonald, vice president and Gartner fellow The problem is that most virtualized workloads are deployed insecurely â a result of immature tools, processes and limited training for staff, resellers and consultants http://www.secuobs.com/revue/news/202436.shtmlhttp://www.secuobs.com/revue/news/202436.shtml 2010-03-17 03:16:42 - Hack In The Box : When organisations try to manage their expanding stores data, they too often neglect key information risks by focusing too narrowly on data security threats such as viruses and hackers, according to one industry expect â Some security specialists have quite a narrow and technologically focused view of risk,â says Simon Oxley, managing director at Citicus, an information risk software vendor â They tend to share the attitude that everything is solvable by an appliance of some sort that will automate security to mitigate those risks That view is promulgated by the heads of compliance vendors, who say they have a risk and compliance solution for all your needs, whether under the Payment Card Industry Data Security Standard or the Sarbanes-Oxley Actâ http://www.secuobs.com/revue/news/202431.shtmlhttp://www.secuobs.com/revue/news/202431.shtml 2010-03-17 03:16:42 - Hack In The Box : One of my clients was recently hit again by the Conficker worm The company's systems were all fully patched, yet the malware still managed to infiltrate hundreds of machines It was evident that worm was able to spread rapidly via a network share vector But the real question remains How did the worm infiltrate the network in the first place, given that all the systems were patched This scenario perfectly illustrates the importance of root-cause analysis -- that is, determining how your company can be most successfully attacked by malware and malicious hackers While there's no single, general recipe for achieving this goal -- that requires full security review of your particular environment -- you need to perform a dollar-wise risk assessment, starting with a root-cause analysis http://www.secuobs.com/revue/news/202430.shtmlhttp://www.secuobs.com/revue/news/202430.shtml 2010-03-17 02:41:23 - InSecurity Complex : Microsoft is downplaying the problem, but Core Security says the vulnerability could allow an attacker to bypass security defenses to compromise virtualized Windows systems http://www.secuobs.com/revue/news/202410.shtmlhttp://www.secuobs.com/revue/news/202410.shtml 2010-03-17 01:15:00 - SearchSecurity.com.au Analysis Commentary : Windows Server's Group Policy features can help to improve your organisation's security - if you are tweaking the right policies We've got five that can make a difference in this story IMAGE IMAGE IMAGE IMAGE http://www.secuobs.com/revue/news/202394.shtmlhttp://www.secuobs.com/revue/news/202394.shtml 2010-03-17 01:14:18 - MX Logic Security News : As though local school districts and governments didn't have enough to worry about, cyber criminals have targeted small public institutions and have stolen millions of dollars In recent months, school districts and small governments throughout the US have reported substantial funds stolen by cyber criminals, ranging from the 34,000 taken from the town of Sandwich, Massachusetts to the 3 million swiped from the school district in Duanesburg, New York You think you are going to be dealing with teachers and providing the best program for students, Duanesburg School District Superintendent Chris Crowley told Fox, and suddenly you are told you lost 3 million to computer hackers you can't even fathom what it feels like Upon investigation, Crowley found that the attacks originated from foreign nations like Cyprus, Ukraine and Hong Kong The American Bankers Association has advised organizations with substantial funds in private accounts to monitor their activity frequently, according to Fox For public institutions with funds stored in banks, a new program developed by Trusteer may help institutions defend against lost funds Flashlight allows banks to remotely access computers with the permission of the user to find the malware responsible for the attackADNFCR-1765-ID-19672964-ADNFCR http://www.secuobs.com/revue/news/202393.shtmlhttp://www.secuobs.com/revue/news/202393.shtml 2010-03-17 01:10:29 - Infosec Ramblings : Good afternoon everybody I hope your day is going well Here are today's Interesting Information Security Bits from around the web Ever wondered what targeted attack emails look like This post shows you What do the Targeted Attack emails look like - F-Secure Weblog News from the Lab Tags malware phishing So, how do the bad guys http://www.secuobs.com/revue/news/202391.shtmlhttp://www.secuobs.com/revue/news/202391.shtml 2010-03-17 00:15:13 - Information Security Resources : From the Infosec Island Network The need for businesses to have an online foot print is critical to reach the masses in today's competitive environment, but the potential loss of client data and security threats to your network are daunting http://www.secuobs.com/revue/news/202381.shtmlhttp://www.secuobs.com/revue/news/202381.shtml 2010-03-17 00:10:38 - Security Musings : Last weekend, people from all corners of the technology converged on Austin, Texas for the 2010 South By Southwest Interactive SXSWi conference Much of the coverage has echoed the focus of an old real estate mantra Location, location, location In a rivalry dubbed the geolocation wars, mobile start-ups Foursquare and Gowalla competed for attention as http://www.secuobs.com/revue/news/202379.shtmlhttp://www.secuobs.com/revue/news/202379.shtml 2010-03-16 22:48:00 - Errata Security : IMAGE Intel has released an update version of their Nehalem processors, called Westmere The flagship processor, Westmere-EP has 6 cores running at 333 GHz, and can be purchased for desktops Core i7 980x or servers Xeon 5600 series Low-end Westmere variants are available for notebooks and desktops as well Core i3 Westmere contains several security features beyond what Nehalem had, so I thought I'd discuss them here AES speed The press echoes Intel's claims that they speed up AES by 9 times over software implementations, but that's not completely true It's complicated You only get that performance increase when you can encrypt or decrypt multiple blocks at a time That is because the instructions have a high 6 clock cycle latency When encrypting a block, each instruction depends upon the results of the previous instruction, so the processor must stop and wait When encrypting multiple blocks in parallel, the instructions for encrypting different blocks don't depend upon each other, and therefore the instructions can operate in parallel Some uses of AES chain blocks together It uses data from the previous block in order to encrypt the next block of data This prevents the CPU from executing the AES instructions in parallel, and is a huge performance loss This is the default mode for SSL Disk encryption products typically don't chain blocks together, because software often reads from the middle of files random access You wouldn't want to have to decrypt the file from the start in order to read bytes from the end of the file Thus, if want use the new AES instructions for TrueCrypt or BitLocker disk encryption, you'll probably get around a 9 fold increase in encryption performance However, if you want to use these new processors for SSL website hosting, you are only likely to get a 3 fold increase in encryption performance Note that in both cases, AES encryption is only part of the web hosting or disk encryption, so overall performance will not change as much AES security A software implementation accelerates encryption by using lookup tables in memory Each key causes a different pattern of memory lookups Hackers can write software such that even though it's running on a different virtual machine, can still detect the pattern of memory access and thus recover part of the AES encryption key Intel's new AES instructions prevent this It uses internal calculations in the CPU rather than lookup tables The memory access pattern is the same, regardless of the key This is largely a theoretical attack In the typical case of multiple customers sharing hardware for hosting websites, SSL generates a new key for every session, which are too short to make key recovery practical However, in cryptography, theoretical attacks are frequently proven practical Therefore, the new instructions are an important improvement SHA-3 selection The government is currently looking for a new hash standard to replace SHA-1, which has proven to be weak Some have proposed algorithms that can be easily implemented in software, like Skein Other have proposed algorithms that are based on the same building blocks as AES This means that while they may be slower on many processors, they will be faster on the latest Intel processors and other processors that similarly contain AES features Experiments with AES-like hash algorithms show that they can be sped up 5 to 10 times with the new Intel instructions Now that Intel is shipping these new processors, it might prejudice the SHA-3 selection committee toward one of the AES-based proposals Trusted Execution TXT and vPro Intel added TXT features to the previous generation of processors Core 2 , but they were missing from the current generation Nehalem, Core i7 The Westmere processor now includes the same TXT features as Core 2 Trusted Execution protects against some specific hacker attacks For example, full disk encryption products require the user to enter a password before the system can boot from the encrypted disk In theory, a hacker could change the bootloader to first steal the password before booting the system TXT in theory prevents the bootloader from being changed Another attack is to hook up a hostile device to the Firewire port that reads the contents of memory to a flash drive, or installs a virus on a running system In theory, TXT features VT-d prevent this by restricting the range of memory the Firewire hardware can access this Fiddling with hardware, such as the sound or video card, has been one way that software running on a virtual machine could break into another virtual machine TXT makes this more secure, by doing a better job of isolating hardware A lot of this is theory While it certainly makes things harder for hackers, researchers have found ways around some of the technology Conclusion Corporations should take a look at vPro laptops and desktops, in particular, with full disk encryption in mind TXT will protect the bootup processor for BitLocker, and the new AES instructions will accelerate encryption Web-hosting providers will like the AES encryption acceleration and greater isolation of virtual machines The 6 cores of Westemere over the 4 cores of Nehelem processors are also a clear benefit These processors use the same sockets, so web hosters can easily swap out the old processors for the new ones Notes Intel has a whitepaper called Intel Advanced Encryption Standard AES Instructions Set It has good information, including sample implementations of AES using the new instructions DJB has a paper benchmarking optimized software AES New AES software speed records He gets 1057 clocks-per-byte in his optimized software for the Core 2 processor, compared to my guess of 375 clocks-per-byte for the new AES instructions in non-parallel modes like CBC This implies a 3-fold increase for the new AES instructions The paper The Intel AES Instructions Set and the SHA-3 Candidates looks at how these new instructions might accelerate SHA-3 candidates It also guesses that the core AES instructions have a 6-cycle latency From this, I guess that the new AES instructions will encrypt data at 375 cycles per byte each instruction executes a full AES round, each block requires 10 rounds, and there are 16 bytes per block, thus 6 10 16 375 Security researcher Joanna Rutkowska has found several issues with TXT that are worth reading about You should also look at the rebuttal to her points as well Overall, it doesn't mean TXT is worthless it still makes it harder to hack a system when deployed correctly Sniffing my Gmail connection, I see that it negotiates AES in chaining mode Secure Socket Layer TLSv1 Record Layer Handshake Protocol Server Hello Content Type Handshake 22 Version TLS 10 0x0301 Length 74 Handshake Protocol Server Hello Handshake Type Server Hello 2 Length 70 Version TLS 10 0x0301 Random Session ID Length 32 Session ID F71EC579BD9E19F3EA64CAE5F78D3B2 Cipher Suite TLS_RSA_WITH_AES_256_CBC_SHA 0x0035 Compression Method null 0 AnandTech and Tom's Hardware have benchmarks of the new AES instructions using the Clarksdale desktop processor instead of Westmere , but the performance should be essentially the same http://www.secuobs.com/revue/news/202354.shtmlhttp://www.secuobs.com/revue/news/202354.shtml 2010-03-16 22:15:58 - Infosecurity USA Latest News : Trend Micro has updated its hosted email security service with a range of new features targeting both small and large customers http://www.secuobs.com/revue/news/202348.shtmlhttp://www.secuobs.com/revue/news/202348.shtml 2010-03-16 22:11:05 - eSecurity Planet Features : Key security considerations for enterprises to bear in mind when deploying the Apple iPad http://www.secuobs.com/revue/news/202346.shtmlhttp://www.secuobs.com/revue/news/202346.shtml 2010-03-16 21:25:35 - MX Logic Security News : No matter how potent an antivirus software or other web security program is, the most important step in defending a computer from malware is vigilance on the part of the user, according to business technology news site Katonda Antivirus programs are as strong as ever, but so is malware It is very easy for a cyber criminal to infect a computer, but it's even easier for a user to defend their computer against harmful programs Not downloading programs from any website known to distribute malware and avoiding links with sucpicious URLs will help a user stay malware-free Computer users are relatively easily duped into downloading a slew of malware - ranging from rogue antivirus solutions, bogus applications, free music to adult content, according to Katonda In order to view this content, many of these apps require the user to first install a video codec or ActiveX component, which makes the user into easy prey for encrypted, password-protected threats Users in the US are more suceptible to malware infection than anywhere else in the world According to AVG Technologies, 40 percent of malware is hosted in the US because Americans and US enterprises are the primary targetsADNFCR-1765-ID-19672754-ADNFCR http://www.secuobs.com/revue/news/202320.shtmlhttp://www.secuobs.com/revue/news/202320.shtml 2010-03-16 18:42:38 - Security Bloggers Network : A reader recently wrote I am concerned with spying on our corporate iPhones As a policy, we don t encourage accessing the Web, we wipe the memory, we use PINs to authenticate, and we make sure our users never let the devices out of their sight Users receive and send emails via Gmail, but they typically http://www.secuobs.com/revue/news/202275.shtmlhttp://www.secuobs.com/revue/news/202275.shtml 2010-03-16 18:19:27 - Dan Griffin's Blog : Good post here about recent hype in the IT press and blogosphere regarding Advanced Persistent Threats and China s attacks on Google http://www.secuobs.com/revue/news/202259.shtmlhttp://www.secuobs.com/revue/news/202259.shtml 2010-03-16 17:23:27 - Computer Security News : Products of the Year State of The Market 2010 Tech Books Online Top 100 Executives By Yara Souza 7 17 PM EDT Mon http://www.secuobs.com/revue/news/202220.shtmlhttp://www.secuobs.com/revue/news/202220.shtml 2010-03-16 17:11:05 - eSecurity Planet Features : McAfee's new Consumer Threat Alert program is dedicated to keeping consumers informed about the latest malware and online scams http://www.secuobs.com/revue/news/202216.shtmlhttp://www.secuobs.com/revue/news/202216.shtml 2010-03-16 16:01:09 - threatpost The First Stop for Security News : Through 2012, 60 percent of virtualized servers will be less secure than the physical servers they replace, according to Gartner Although they expect this figure to fall to 30 percent by the end of 2015, analysts warned that many virtualization deployment projects are being undertaken without involving the information security team in the initial architecture and planning stages Read the full article Help Net Security Shorten URL http threatpostcom en_us 3SF Click to copy to clipboard or post to Twitter http://www.secuobs.com/revue/news/202193.shtmlhttp://www.secuobs.com/revue/news/202193.shtml 2010-03-16 15:36:16 - Help Net Security News : Through 2012, 60 percent of virtualized servers will be less secure than the physical servers they replace, according to Gartner Although they expect this figure to fall to 30 percent by the end of 2 http://www.secuobs.com/revue/news/202183.shtmlhttp://www.secuobs.com/revue/news/202183.shtml 2010-03-16 12:05:38 - SecurityPark.net : Located on the grounds of the Edith Cavell Hospital site, The Cavell Centre, Peterborough's new mental health unit, is part of the GBP335 million Greater Peterborough Health Investment Plan GPHIP The Cavell Centre has installed a SALTO XS4 access control system to provide advanced security management The hospital awarded the contract to local approved SALTO business partner, Turentek Ltd more http://www.secuobs.com/revue/news/202143.shtmlhttp://www.secuobs.com/revue/news/202143.shtml 2010-03-16 12:05:38 - SecurityPark.net : With about 60,000 employees and a network of 125 manufacturing facilities across 26 countries, ZF develops and manufactures innovative transmissions, steering systems, axels and chassis components for the world's top vehicle makers ZF has deployed Thales hardware security modules HSMs to protect mission-critical business and manufacturing processes and help meet regulatory requirements To s more http://www.secuobs.com/revue/news/202142.shtmlhttp://www.secuobs.com/revue/news/202142.shtml 2010-03-16 10:52:25 - Network World on Security : Wep Solutions, an Indian security software and services startup, is offering its unified threat management appliance software free to small businesses around the world http://www.secuobs.com/revue/news/202132.shtmlhttp://www.secuobs.com/revue/news/202132.shtml 2010-03-16 10:52:25 - Network World on Security : McAfee's new vulnerability-assessment scanning service is aimed at giving cloud-computing service providers a way to provide security assurances to their customers http://www.secuobs.com/revue/news/202131.shtmlhttp://www.secuobs.com/revue/news/202131.shtml 2010-03-16 10:17:41 - Latest Security Products entries at ESecurity Planet Product Guide : Protect your most sensitive facilities with advanced biometrics featuring two-factor authentication for the perfect blend of security and simplicity Mar 15, 2010 http://www.secuobs.com/revue/news/202129.shtmlhttp://www.secuobs.com/revue/news/202129.shtml 2010-03-16 10:17:41 - Latest Security Products entries at ESecurity Planet Product Guide : Prevent network breaches from unauthorized network connections and out-of-compliance devices with Veri-NAC tm , the affordable, one-box vulnerability management and network access control applicance Mar 15, 2010 http://www.secuobs.com/revue/news/202128.shtmlhttp://www.secuobs.com/revue/news/202128.shtml 2010-03-16 10:17:41 - Latest Security Products entries at ESecurity Planet Product Guide : Information Security, Erase Data and Encryption Software Mar 15, 2010 http://www.secuobs.com/revue/news/202126.shtmlhttp://www.secuobs.com/revue/news/202126.shtml 2010-03-16 10:17:41 - Latest Security Products entries at ESecurity Planet Product Guide : Batch PDF security locker Set PDF open user password owner password protection Mar 15, 2010 http://www.secuobs.com/revue/news/202125.shtmlhttp://www.secuobs.com/revue/news/202125.shtml 2010-03-16 09:53:25 - Rootsecure.net : Net Security Blazing fast password recovery with new ATI cards http://www.secuobs.com/revue/news/202110.shtmlhttp://www.secuobs.com/revue/news/202110.shtml 2010-03-16 09:22:34 - securitystream.info : Posted by InfoSec News on Mar 15 http englishfarsnewscom newstextphp nn 8812230838 Fars News Agency 15 March 2010 TEHRAN FNA - Iran announced that it has arrested 30 individuals on charges of waging a US-backed cyber war against the country A statement issued by Tehran's Public and Revolutionary Court on Saturday said that following a series of complicated security operations in area of information and communication technology, the country's security forces have Related posts 1 DARPA moves ahead with National Cyber Range project for advanced cyber security research 2 China denies involvement in Google cyberattacks 3 Fortinet launches rare net security IPO http://www.secuobs.com/revue/news/202107.shtmlhttp://www.secuobs.com/revue/news/202107.shtml 2010-03-16 09:04:40 - Help Net Security Articles : All too often you read about security breaches that cost firms millions of dollars or hit individuals with loss of personal data or both But all this pales in comparison when you consider the implica http://www.secuobs.com/revue/news/202103.shtmlhttp://www.secuobs.com/revue/news/202103.shtml 2010-03-16 09:04:18 - Help Net Security News : All too often you read about security breaches that cost firms millions of dollars or hit individuals with loss of personal data or both But all this pales in comparison when you consider the implica http://www.secuobs.com/revue/news/202101.shtmlhttp://www.secuobs.com/revue/news/202101.shtml 2010-03-16 08:58:45 - Cryptome : March 15, 2010 http://www.secuobs.com/revue/news/202096.shtmlhttp://www.secuobs.com/revue/news/202096.shtml 2010-03-16 08:37:31 - ISN InfoSec News Mailing List : InfoSec News Iran Arrests 30 for Endangering National Security through Cyber War http englishfarsnewscom newstextphp nn 8812230838 Fars News Agency 15 March 2010 TEHRAN FNA - Iran announced that it has arrested 30 individuals on charges of waging a US-backed cyber war against the country A statement issued by Tehran's Public and Revolutionary Court on http://www.secuobs.com/revue/news/202088.shtmlhttp://www.secuobs.com/revue/news/202088.shtml 2010-03-16 08:14:32 - securitystream.info : Now, users of the iPhone will be able to securely login to their company network to safely gain access to corporate information, email, calendar functions, etc Related posts 1 iPhone worms can create mobile botnets 2 iPhone worms can create mobile botnets 3 Kingston recalls some USB drives due to security flaw http://www.secuobs.com/revue/news/202083.shtmlhttp://www.secuobs.com/revue/news/202083.shtml 2010-03-16 07:59:23 - Security Bloggers Network : Let me start by saying I ve always enjoyed reading Bill Brenner s postings and articles and it was a great pleasure to finally meet him at RSA this year I came across this article the other day and had some pretty strong agreements and disagreements with it, so I thought I would post and hear some of http://www.secuobs.com/revue/news/202079.shtmlhttp://www.secuobs.com/revue/news/202079.shtml 2010-03-16 07:03:45 - Packet Storm Security Last Files : Buck-Security is a security scanner for Debian and Ubuntu Linux It helps you to harden your system by running some important security checks For example, it finds world-writable files and directories, setuid and setgid programs, superuser accounts, and installed attack tool packages It also checks your umask and checks if the sticky bit is set for tmp, among other checks http://www.secuobs.com/revue/news/202070.shtmlhttp://www.secuobs.com/revue/news/202070.shtml 2010-03-16 07:03:31 - Packet Storm Security Headlines : http://www.secuobs.com/revue/news/202067.shtmlhttp://www.secuobs.com/revue/news/202067.shtml 2010-03-16 06:52:09 - Help Net Security News : Trend Micro introduced Hosted Email Security based on a new platform which will create a new mission-critical service standard for what small and large customers should expect from their hosted em http://www.secuobs.com/revue/news/202052.shtmlhttp://www.secuobs.com/revue/news/202052.shtml 2010-03-16 06:16:07 - DarkReading All Stories : New survey shows half of security professionals are unhappy in their jobs and of those who move on, nearly half do so for bigger challenges http://www.secuobs.com/revue/news/202047.shtmlhttp://www.secuobs.com/revue/news/202047.shtml 2010-03-16 05:20:49 - Computer Security News : Now, users of the iPhone will be able to securely login to their company network to safely gain access to corporate information, email, calendar functions, etc http://www.secuobs.com/revue/news/202031.shtmlhttp://www.secuobs.com/revue/news/202031.shtml 2010-03-16 03:33:34 - Security Bloggers Network : spencer640_doomsday_604x341jpg OK, here s a bit of news from the cross-section of stupidity and insanity Spencer Pratt is leaving the glitz of Hollywood to become the latest cyber crime fighter Chances are you don t know who Pratt is Frankly, the only reason I know him is from watching The Soup on E a pretty funny clips show, but I digress Pratt and his bombshell wife, Heidi Montag, are stars of the MTV series The Hills What is The Hills about Frankly, I couldn t even begin to tell you, but the clips and outtakes I ve seen have cost me brain cells that I simply cannot replace at any price Based on the few clips I ve seen of Pratt off the set, I can pretty much guess that he s not threatening to become the latest Mensa charter member Nevertheless, published reports say he s leaving the glamour of MTV to study cybersecurity at the University of Southern California and is signing on to establish a cybersecurity division with American Defense Enterprises Security VARs This is your new competition - a airhead Hollywood hung and a gun range operator According to Fox News a true authority in gun ranges , Pratt and ADE are in negotiations to establish the cybersecurity division Based on the statements given by ADE president Bill Beasley, Pratt is putting his millions behind the new security venture We are looking at creating a cybersecurity division separate from ADE It's rare to see a celebrity put his reputation and actual money up for America itself, he told Fox News So what s Pratt s motivation Pure patriotism, apparently Upon learning of President Obama's declaration that the 'cyber threat is one of the most serious economic and national security challenges we face as a nation,' I have decided to refocus my energy and devote my full resources to helping America face this and other unprecedented challenges, he told MSNBC My new mission is this To do my part in maintaining the technological superiority of the US military and prevent emerging technologies from threatening our nation's security I feel safer already Pratt is doing more than just taking a break from television He s also giving up management of his wife s career According to MSNBC, Montag has hired psychic Aiden Chase to handle her professional affairs Yeah, Chase saw that one coming So just how did Pratt get hooked up with ADE in the first place Well, he was taking firearms classes at the firm s gun ranges Naturally, that led to talks of cybersecurity So security VARs, who is your celebrity acquisition going to be There are still plenty of people out there who could fill a critical tech skill and credibility gap This is a case where Gary Coleman s mall cop experience or Mr T s time as a nightclub bouncer is simply invaluable http://www.secuobs.com/revue/news/201981.shtmlhttp://www.secuobs.com/revue/news/201981.shtml 2010-03-16 02:47:00 - New RFCs : 16KB A number of protocols wish to leverage Transport Layer Security TLS to perform key establishment but then use some of the keying material for their own purposes This document describes a general mechanism for allowing that STANDARDS TRACK http://www.secuobs.com/revue/news/201965.shtmlhttp://www.secuobs.com/revue/news/201965.shtml 2010-03-16 02:05:25 - The Microsoft Security Response Center MSRC : Hello, Today we published the Questions Answers from the March 2010 Security Bulleting webcast We answered a total of 13 questions concerning the March bulletins and open Security Advisories No particular themes emerged from the questions but there were some good ones so please review them The video covers the core part of the presentation Adrian Stone and I gave during the webcast We talk about the two bulletins for March, a bulletin re-release and Security Advisory 981374 Get Microsoft Silverlight More listening and viewing options Windows Media Video WMV Windows Media Audio WMA iPod Video MP4 MP3 Audio High Quality WMV 25 Mbps Zune Video WMV Please join us for our next scheduled webcast where Adrian and I, along with a room full of subject matter experts, will present on the Security Bulletins for April and try to answer all your questions live Date Wednesday, April 14 Time 11 00 am PST UTC -8 Registration http mseventsmicrosoftcom CUI WebCastEventDetailsaspx EventID 1032427721 Thanks Jerry Bryant Sr Security Communications Manager Lead This posting is provided AS IS with no warranties, and confers no rights IMAGE http://www.secuobs.com/revue/news/201955.shtmlhttp://www.secuobs.com/revue/news/201955.shtml 2010-03-16 01:13:52 - MX Logic Security News : The moment the 65-team field for the 2010 NCAA Divsion I Men's Basketball Tournament became public, cyber criminals began their latest attacks on web security The threat is especially dangerous because of the popularity of the field in the workplace Employees spend time watching games and highlights in the office, so web security experts believe that cyber criminals may focus their attacks on businesses Beyond malware, watching live streaming video can seriously impact the capability of a network In the earliest stages of the tournament, most games are played in the early and late afternoon when businesses are in peak operation The amount of corporate bandwidth used to view these basketball games during work hours is shocking Most employers don't know the bandwidth impact of these streaming sessions and are unaware of any financial implications, said Spencer Parker of ScanSafe In 2010, cyber criminals have exploited the earthquakes in Haiti and Chile along with the Winter Olympics to spread malware Web security professionals advise users to avoid clicking links or downloading from any site that they do not immediately recognizeADNFCR-1765-ID-19670336-ADNFCR http://www.secuobs.com/revue/news/201946.shtmlhttp://www.secuobs.com/revue/news/201946.shtml 2010-03-16 00:48:55 - Hack In The Box : NEARLY TWO THIRDS of virtualised servers will be less secure than the physical machines they replace over the course of the next two years, according to analyst firm Gartner The market researchers reckon that companies jumping on the virtualisation bandwagon are doing so without talking to the information security guys in the next room, leaving the configurations full of holes for hackers to waltz through unimpeded Virtualisation is not inherently insecure, said Neil MacDonald, vice president and Gartner fellow However, most virtualised workloads are being deployed insecurely The latter is a result of the immaturity of tools and processes and the limited training of staff, resellers and consultants http://www.secuobs.com/revue/news/201938.shtmlhttp://www.secuobs.com/revue/news/201938.shtml 2010-03-16 00:48:55 - Hack In The Box : Microsoft has been forced to admit that a security update for its popular Excel application caused non-English text to appear on some usersâ screens In a posting on the Office Sustained Engineering blog, Microsoft engineers branded the error a â cosmetic issueâ caused by the firmâ s patch update which shipped on Tuesday â We have received reports from some of our Excel 2003 and Excel 2002 customers that after installing update KB978471 or KB978474, they are seeing non-English text in the Add or Remove Programs tool WinXP or the Programs and Features -- Installed Updates view Vista, Win7 ,â the posting noted http://www.secuobs.com/revue/news/201927.shtmlhttp://www.secuobs.com/revue/news/201927.shtml 2010-03-16 00:48:55 - Hack In The Box : Spending on IT security is returning to pre-recession rates according to the latest study from analyst house Canalys In the fourth quarter of the year spending rose 101 per cent sequentially, with the market worth a total of 36bn by the end of the year Spending was spurred on after higher PC buying by businesses and consumers â The release of Windows 7 and the resurgence of the PC market have dramatically helped the client security market,â said Nikki Babatola, analyst at Canalys â This improvement will likely continue throughout 2010 as businesses roll out more computer systemsâ http://www.secuobs.com/revue/news/201926.shtmlhttp://www.secuobs.com/revue/news/201926.shtml 2010-03-16 00:02:54 - Infosec Ramblings : Good afternoon everybody I hope your day is going well Here are today's Interesting Information Security Bits from around the web New social engineering site Looks interesting via dalepearson Head Hacker Tags social-engineering Here is a chuckle for you forensics focused people 10 signs that you work in computer forensics Happy as a Monkey Tags forensics humor http://www.secuobs.com/revue/news/201909.shtmlhttp://www.secuobs.com/revue/news/201909.shtml 2010-03-15 23:14:01 - securitystream.info : For those too stubborn to upgrade Microsoft has released automated workarounds designed to immunize users against a critical vulnerability in earlier versions of Internet Explorer, which criminals are already exploiting online Related posts 1 Microsoft issues security advisory on IE vulnerability 2 New Internet Explorer code-execution attacks go wild 3 Microsoft plugs zero-day IE hole http://www.secuobs.com/revue/news/201902.shtmlhttp://www.secuobs.com/revue/news/201902.shtml 2010-03-15 22:52:24 - Security Bloggers Network : The Jericho Forum has just released it's Self-Assessment Scheme SAS which will help both vendors and customers check the effectiveness of an IT security product - and that it will be properly installed and deployed The way this is done is relatively simple - with eleven thought provoking questions based IMAGE http://www.secuobs.com/revue/news/201879.shtmlhttp://www.secuobs.com/revue/news/201879.shtml 2010-03-15 22:17:22 - Exploit DB updates : http://www.secuobs.com/revue/news/201856.shtmlhttp://www.secuobs.com/revue/news/201856.shtml 2010-03-15 21:22:56 - Help Net Security News : Financial services companies across Europe are unintentionally putting their confidential information at risk, according to research from Ricoh At the heart of the issue is the lack of a centralized http://www.secuobs.com/revue/news/201838.shtmlhttp://www.secuobs.com/revue/news/201838.shtml 2010-03-15 21:14:31 - MX Logic Security News : A new program designed by web security provider Trusteer allows banks to remotely access computers of its online banking users to investigate potential web and network security breaches Currently, banks monitor accounts for unusual activity such as random large purchases or excessive withdrawals The new software will allow banks to quickly scan these computers to check for potential problems Banks cannot access the computer without permission from the account holder, who must first install the program Financial institutions and their customers are being targeted by purpose-built malware variants designed to evade detection and commit online fraud, specifically against their brand, said Amit Klein, CTO of Trusteer The Trusteer Flashlight service enables banks to counter-strike these targeted attacks Any malware discovery will allow the bank to monitor similar activity and prevent against future attacks from the particular strain At the recent RSA Conference in San Francisco, California, a web security expert for the Federal Deposit Insurance Commission reported that online banking fraud cost banks and users more than 120 million in the third quarter of 2009ADNFCR-1765-ID-19670142-ADNFCR http://www.secuobs.com/revue/news/201829.shtmlhttp://www.secuobs.com/revue/news/201829.shtml 2010-03-15 20:54:53 - Rootsecure.net : H Security Tracking down malware http://www.secuobs.com/revue/news/201822.shtmlhttp://www.secuobs.com/revue/news/201822.shtml 2010-03-15 19:28:36 - Rootsecure.net : Net Security The rise of amateur-run botnets http://www.secuobs.com/revue/news/201793.shtmlhttp://www.secuobs.com/revue/news/201793.shtml 2010-03-15 19:25:17 - Network World on Security : Nearly 90 percent of IT workers in the UK have said a laptop in their organisation has been reported lost or stolen, new research has found http://www.secuobs.com/revue/news/201790.shtmlhttp://www.secuobs.com/revue/news/201790.shtml 2010-03-15 19:25:17 - Network World on Security : Been the victim of a virus attack and cleaned it outbut still unsure whether your system has had its security settings altered Then consider Rizone Security Restore This freeware utility will restore the security settings of your computer to their defaults, so that any changes to the settings made by malware will be undone http://www.secuobs.com/revue/news/201789.shtmlhttp://www.secuobs.com/revue/news/201789.shtml 2010-03-15 18:38:06 - Security Bloggers Network : It s gotta be Monday No other day makes me feel this way Doug The Slugs cheers, Dave Click here to subscribe to Liquidmatrix Security Digest And now, the news Iran hacks US spy websites, arrests cyber activists Tech World Ottawa lays out all-hazards national emergency plan The Globe and Mail IT contractors convicted of UK casino hack scam http://www.secuobs.com/revue/news/201766.shtmlhttp://www.secuobs.com/revue/news/201766.shtml 2010-03-15 18:04:41 - Global Security Mag Online : ESET annonce la disponibilité de ESET Mail Security pour Microsoft Exchange Server, la solution de messagerie professionnelle de Microsoft Construit autour de la quatrième génération du moteur ThreatSense , ESET Mail Security pour Microsoft Exchange Server intègre de nouvelles fonctionnalités d'antispam et de greylisting pour le traitement des courriers indésirables Le module de protection antispam intègre plusieurs technologies, telles que l'usage de listes RBL et DNSBL, le contrôle de la - Produits http://www.secuobs.com/revue/news/201749.shtmlhttp://www.secuobs.com/revue/news/201749.shtml 2010-03-15 17:20:43 - Security Bloggers Network : Fair warning - if you're too politically correct to accept a good rant on the cold, hard truth - don't read this entry Move along, the government cheese and political correctness you so desire will return shortly So the threat level has been no lower than Orange at the airports since what fall of 2001 At some point we have to grow out of the paranoia the TSA is hoping we continue to live in more on that in a moment and just come to grips with the fact that we're facing a daily threat That threat is either from radicalized Muslims, domestic terrorists, or others who for one reason or another want to see us dead Let's just come to grips and accept the fact that there is constant evil in the world Let's come to grips with the facts that US foreign policy, coupled with being labeled as westerners and having unacceptable social policies like giving our women equality with men - well those just aren't acceptable to some peoples living in the dark ages Now, having accepted that we can start to do some real security domestically, digitally Here are just a few things that I am compelled to share in light of some of the insanity that's been published lately also I fly way too much, and live in the digital security industry to just ignore this crap 1 First and foremost reset the threat level back to green why you ask Simple - having it up at Orange for so long has begun to do the opposite of what was intended People are starting to be de-sensitized to the Orange-ness and if this happens then Orange is the new Green anyway How many people actually walk around the airport with a heightened sense of security certainly not those out-of-shape, mental midgets wearing TSA badges 2 1 word - profiling Please spare me the petty arguments on how that may hurt someone's feelings - fact is it's done every day You do it, I do it, and the folks monitoring the world's networks on-the-wire do it There's an entire field of behavioral study in criminology that deals with how to effectively determine whether someone is prone to a certain behavioral pattern the political correctness police really need to take a back seat to our safety 3 Cyber Shockwave was one of the biggest detriments to any real security on top of the idiocy already in Washington As I've been shouting for forever now - the government's internal networks are getting raped repeatedly by foreign entities - now they're going to try and expand their powers to private industry Are you serious I'm going to go out on a limb here and say our private cellular infrastructure is better secured than the Pentagon Quote me 4 Security Theater as we all know it isn't fooling anyone Those whole-body scanners, I shudder to say, are the first step to anything meaningful that we've done in airport security in decades I say real security because obviously the TSA agent with his her blue light autographing my boarding pass wasn't able to stop some ass-hat radical from boarding a flight with a bomb in his jock right 5 Do we really need another cyber-whatever-czar I mean, seriously Obama's got someone appointed for everything No one wanted Howard's job it's like working for a manager that needs you to fill a position so you can be the scape-goat when crap goes south, but you won't actually get the power to avoid the crap-hitting-fan situation Howard Schmidt can't succeed, partly because the government is incompetent, partly because his strategy is wrong - and partly because no one gives a sh about some super-FUD government project aimed to scare people into readily giving away what tiny shreds of personal privacy I know, I know it's a fallacy we have left Isn't there anyone sane up there in Washington Now, where's my rifle IMAGE IMAGE IMAGE IMAGE http://www.secuobs.com/revue/news/201730.shtmlhttp://www.secuobs.com/revue/news/201730.shtml 2010-03-15 17:19:25 - News : The Jericho Forum, which advocates improving e-commerce security through knowledge that network perimeters are fading, says organizations need to ask themselves and their vendors tougher questions IMAGE http://www.secuobs.com/revue/news/201727.shtmlhttp://www.secuobs.com/revue/news/201727.shtml 2010-03-15 16:15:40 - SearchSecurity Security Wire Daily News : Many infosec pros claim to feel confident about their career's trajectory, but few are actually planning for it, according to survey results from Information Security Leaders IMAGE IMAGE IMAGE http://www.secuobs.com/revue/news/201697.shtmlhttp://www.secuobs.com/revue/news/201697.shtml 2010-03-15 14:28:47 - Global Security Mag Online : Sophos met gratuitement à disposition, en téléchargement sur son site, Sophos Computer Security Scan Ce nouvel utilitaire permet, sans perturber le fonctionnement des systèmes, d'effectuer un audit de l'état de sécurité du parc informatique à partir d'une console centralisée Sophos Computer Security Scan est un outil optimisé pour l'audit il ne contient aucune des fonctions qui pourraient perturber les solutions de sécurité en place, comme par exemple le scan sur accès il est conçu pour que - Produits http://www.secuobs.com/revue/news/201669.shtmlhttp://www.secuobs.com/revue/news/201669.shtml 2010-03-15 14:26:56 - eSecurity Planet Features : The government extends its dialog with industry and citizens on the vital topic of cybersecurity http://www.secuobs.com/revue/news/201666.shtmlhttp://www.secuobs.com/revue/news/201666.shtml 2010-03-15 14:01:51 - Infosecurity.US : The March 2010 Congressional Report focusing on the National Security Council s Comprehensive National Cybersecurity Initiative CNCI , published by the United States Government Accountability Office US GAO , notes severe flaws in the initiative, specifically detailing procedural and process flaws in strategically addressing identity management and authentication, coordination of actions with Related Posts 1 US-CERT s Einstein Systems 2 Extraordinary Efforts New Cybersecurity Bill On Capitol Hill 3 Cybersecurity Commission Recommends Security Response Plan 4 Just A Bill On Capitol Hill, Redux Pending Legislation Will Consolidate Cybersecurity 5 Los Alamos National Laboratory Data Security Shortcomings http://www.secuobs.com/revue/news/201662.shtmlhttp://www.secuobs.com/revue/news/201662.shtml 2010-03-15 12:13:02 - Security Bloggers Network : Ten of Application Security industry's coolest, most interesting, important, and entertaining links from the past week -- in no particular orderBypassing CSRF protections with ClickJacking and HTTP Parameter PollutionThree Steps to a Rational Securi http://www.secuobs.com/revue/news/201635.shtmlhttp://www.secuobs.com/revue/news/201635.shtml 2010-03-15 11:59:26 - SecurityPark.net : Web 20 is thriving, and so too are applications that take advantage of this technology Interactive sites like LinkedIn, Twitter and even company websites are becoming ever more popular, and yet, many IT departments are unprepared for today's emerging threats As more companies take to the web to conduct business, the opportunity for attack is increased and organisations need to re-adjust secu more http://www.secuobs.com/revue/news/201626.shtmlhttp://www.secuobs.com/revue/news/201626.shtml 2010-03-15 09:45:07 - securitystream.info : Posted by InfoSec News on Mar 14 http gcncom articles 2010 03 12 info-security-hiring-surveyaspx By William Jackson GCNcom March 12, 2010 Federal government is a good place for information security professions during the current economic downturn, with relatively stable budgets, rising wages and growing employment opportunities, according to a recent survey by ISC 2 the International Information Systems Security Certification Consortium Nearly 75 percent of Related posts 1 SECART Second International Workshop on Security and Artificial Intelligence Atlanta, Georgia, USA, July 11, 2010 2 Call for Papers i-Society 2010 3 At RSA, Some Security Pros Don t Practice What They Preach http://www.secuobs.com/revue/news/201612.shtmlhttp://www.secuobs.com/revue/news/201612.shtml 2010-03-15 09:31:19 - Help Net Security News : Smart Security is a rogue security application In order to remove it, find out what files and registry entries to look for below Known system changes Files c ProgramFiles SmartSecurityex http://www.secuobs.com/revue/news/201609.shtmlhttp://www.secuobs.com/revue/news/201609.shtml 2010-03-15 08:19:44 - ISN InfoSec News Mailing List : InfoSec News Help wanted Agencies expect to hire more info security pros in 2010 http gcncom articles 2010 03 12 info-security-hiring-surveyaspx By William Jackson GCNcom March 12, 2010 Federal government is a good place for information security professions during the current economic downturn, with relatively stable budgets, http://www.secuobs.com/revue/news/201603.shtmlhttp://www.secuobs.com/revue/news/201603.shtml 2010-03-15 07:11:48 - Help Net Security Articles : Web 20 is thriving, and so too are applications that take advantage of this technology Interactive sites like LinkedIn, Twitter and even company websites are becoming ever more popular, and yet, man http://www.secuobs.com/revue/news/201596.shtmlhttp://www.secuobs.com/revue/news/201596.shtml 2010-03-15 07:11:38 - Help Net Security News : Web 20 is thriving, and so too are applications that take advantage of this technology Interactive sites like LinkedIn, Twitter and even company websites are becoming ever more popular, and yet, man http://www.secuobs.com/revue/news/201595.shtmlhttp://www.secuobs.com/revue/news/201595.shtml 2010-03-15 06:27:35 - Digital Soapbox Down the Security Rabbithole : Fair warning - if you're too politically correct to accept a good rant on the cold, hard truth - don't read this entry Move along, the government cheese and political correctness you so desire will return shortly So the threat level has been no lower than Orange at the airports since what fall of 2001 At some point we have to grow out of the paranoia the TSA is hoping we continue to live in more on that in a moment and just come to grips with the fact that we're facing a daily threat That threat is either from radicalized Muslims, domestic terrorists, or others who for one reason or another want to see us dead Let's just come to grips and accept the fact that there is constant evil in the world Let's come to grips with the facts that US foreign policy, coupled with being labeled as westerners and having unacceptable social policies like giving our women equality with men - well those just aren't acceptable to some peoples living in the dark ages Now, having accepted that we can start to do some real security domestically, digitally Here are just a few things that I am compelled to share in light of some of the insanity that's been published lately also I fly way too much, and live in the digital security industry to just ignore this crap 1 First and foremost reset the threat level back to green why you ask Simple - having it up at Orange for so long has begun to do the opposite of what was intended People are starting to be de-sensitized to the Orange-ness and if this happens then Orange is the new Green anyway How many people actually walk around the airport with a heightened sense of security certainly not those out-of-shape, mental midgets wearing TSA badges 2 1 word - profiling Please spare me the petty arguments on how that may hurt someone's feelings - fact is it's done every day You do it, I do it, and the folks monitoring the world's networks on-the-wire do it There's an entire field of behavioral study in criminology that deals with how to effectively determine whether someone is prone to a certain behavioral pattern the political correctness police really need to take a back seat to our safety 3 Cyber Shockwave was one of the biggest detriments to any real security on top of the idiocy already in Washington As I've been shouting for forever now - the government's internal networks are getting raped repeatedly by foreign entities - now they're going to try and expand their powers to private industry Are you serious I'm going to go out on a limb here and say our private cellular infrastructure is better secured than the Pentagon Quote me 4 Security Theater as we all know it isn't fooling anyone Those whole-body scanners, I shudder to say, are the first step to anything meaningful that we've done in airport security in decades I say real security because obviously the TSA agent with his her blue light autographing my boarding pass wasn't able to stop some ass-hat radical from boarding a flight with a bomb in his jock right 5 Do we really need another cyber-whatever-czar I mean, seriously Obama's got someone appointed for everything No one wanted Howard's job it's like working for a manager that needs you to fill a position so you can be the scape-goat when crap goes south, but you won't actually get the power to avoid the crap-hitting-fan situation Howard Schmidt can't succeed, partly because the government is incompetent, partly because his strategy is wrong - and partly because no one gives a sh about some super-FUD government project aimed to scare people into readily giving away what tiny shreds of personal privacy I know, I know it's a fallacy we have left Isn't there anyone sane up there in Washington Now, where's my rifle IMAGE IMAGE IMAGE IMAGE http://www.secuobs.com/revue/news/201594.shtmlhttp://www.secuobs.com/revue/news/201594.shtml 2010-03-15 06:25:00 - Help Net Security News : Buck Security is a collection of security checks for Linux It was designed for Debian and Ubuntu servers, but can be useful for any Linux system The aim of Buck Security is, to allow you to get a http://www.secuobs.com/revue/news/201590.shtmlhttp://www.secuobs.com/revue/news/201590.shtml 2010-03-15 05:22:34 - Chaordic Mind : I am a big proponent of risk management and risk-based security I also work mainly in a very specific, yet large, segment of information security that pertains to the payment card industry PCI Since I ve been involved in this space for a long time I sometimes suffer from the curse of knowledge This helps when http://www.secuobs.com/revue/news/201587.shtmlhttp://www.secuobs.com/revue/news/201587.shtml 2010-03-15 05:13:12 - Beast Or Buddha : Also posted this as a question on Twitter ddrazic Does anyone know a website that documents and posts links to all the more well known Annual Security Surveys and Reports So many come out, it s hard to keep track of them all these days While I take most with a grain of salt, some do have some http://www.secuobs.com/revue/news/201585.shtmlhttp://www.secuobs.com/revue/news/201585.shtml 2010-03-15 02:17:36 - The Ashimmy Blog : Image via Wikipedia Yeah, Yeah I know they signed a deal with McAfee BFD Facebook is not serious about security If they were, they would do something about all of the phishing, spam and misleading questionable ads they are getting http://www.secuobs.com/revue/news/201578.shtmlhttp://www.secuobs.com/revue/news/201578.shtml 2010-03-15 02:01:28 - Hack In The Box : Fake antivirus programs that encourage Web users to part with their hard-earned cash and download hoax security software is likely to be the most costly scam of 2010, says McAfee According to the security firm, cybercriminals make upwards of 300 million from conning web users worldwide into downloading scareware The security firm also said it had seen a 660 percent rise in scareware over the past two years, and a 400 percent increase in reported incidents in the last 12 months Even the savviest of computer users fall victim to online threats because cybercriminals have become so sophisticated, said Jeff Green, senior vice president of McAfee Labs http://www.secuobs.com/revue/news/201571.shtmlhttp://www.secuobs.com/revue/news/201571.shtml 2010-03-15 00:46:15 - SearchSecurity.com.au Analysis Commentary : WhiteHat security's CTO Jeremiah Grossman told the RSA Conference 2010 attendees that rogue certificate authorities remain the worst threat on the Web, and that the combination of a secure browser and a secure website infrastructure must be present to provide protection IMAGE IMAGE IMAGE IMAGE http://www.secuobs.com/revue/news/201548.shtmlhttp://www.secuobs.com/revue/news/201548.shtml 2010-03-14 16:17:56 - Crabbyolbastard Ruminates : By Michael Booth, The Denver Post Published Saturday, March 13, 2010 11 15 PM EST It s not the Internet It s the unstable surfer at the keyboard that constitutes the threat Internet terrorism and crime experts hedged their outrage when reacting to the arrest of Leadville s Jamie Paulin-Ramirez, who was released Saturday without charges Yes, http://www.secuobs.com/revue/news/201487.shtmlhttp://www.secuobs.com/revue/news/201487.shtml 2010-03-14 04:35:59 - Security Bloggers Network : CSOonline published an article entitled, What Are the Most Overrated Security Technologies At the head of the list are, no surprise, Anti-Virus and Firewalls Anti-Virus - signature based anti-virus products simply cannot keep up with the speed and creativity of the attackers What's needed is better behavior anomaly based approaches to complement traditional anti-virus products Firewalls - The article talks about the disappearing perimeter, but that is less than half the story The bigger issue is that traditional firewalls, using stateful inspection technology introduced by Check Point over 15 years ago, simply cannot control the hundreds and hundreds of Web http://www.secuobs.com/revue/news/201449.shtmlhttp://www.secuobs.com/revue/news/201449.shtml 2010-03-14 01:12:41 - Infosec Ramblings : I really intended to get this out earlier this week, but me o my has this been a busy week Anyway, day 2 at RSA 2010 Security BSides started in the reverse order of day1 I went to sessions at RSA first and then tottered over to Security BSides for the afternoon My day 1 recap can be http://www.secuobs.com/revue/news/201433.shtmlhttp://www.secuobs.com/revue/news/201433.shtml 2010-03-13 23:14:30 - Security Bloggers Network : The Verizon Business Security Incident Response team, whose yearly published Data Breach Investigations Reports I've written about here, has has extended its thought leadership in security incident metrics with the release of its Incident Sharing Framework Their purpose is to enable those responsible for incident response to create data sets that can be used and compared because of their commonality Together, we can work to eliminate both equivocality sic and uncertainty, and help defend the organizations we serve The document can be found here Of course Verizon Business is a for-profit organization and the license terms are as follows Verizon http://www.secuobs.com/revue/news/201421.shtmlhttp://www.secuobs.com/revue/news/201421.shtml 2010-03-13 18:39:26 - LinuxSecurity.com Latest News : LinuxSecuritycom A few years ago I wrote a paper for SANS titled Security Implications of the Virtualized Data Center I had been working in system and network security for almost 10 years and, like many IT professionals, had been relying on virtualization as a system tool for many years While using virtualization as a sandbox for security research I was drawn to virtualization security, now called virtsec, once I realized how great the security threat was in x86 virtual computing environments http://www.secuobs.com/revue/news/201383.shtmlhttp://www.secuobs.com/revue/news/201383.shtml 2010-03-13 04:54:11 - Security Bloggers Network : I saw some messages floating around on twitter that today was The Internation Day against Censorship It's the first time I heard about this So I'm helping a bit by mentioning Wikileaks again Don't know what it is Look at this short video from the BBC - The Sunshine Press WikiLeaks is an non-profit organization funded by human rights campaigners, investigative journalists, technologists and the general public Through your support we have exposed significant injustice around the world successfully fighting off over 100 legal attacks in the process Although our work produces reforms daily and is the recipient of numerous prestigious awards, including the 2008 Index on Censorship-Economist Freedom of Expression Award as well as the 2009 Amnesty International New Media Award, these accolades do not pay the bills Nor can we accept government or corporate funding and maintain our absolute integrity It is your strong support alone that preserves our continued independence and strength source wikileaks They still need donations to keep running Help them Happy anti-censorshipday Related posts Ways to bypass the Big Belgian firewall Automated Social Networking Surveillance Systems According to Child Support groups, Net filtering is a waste of money Big Brother 2009 Has the rebellion started Police hacking laws moving from Germany to the rest of Europe Do as I say, not as I do Photo under creative commons from Akbar Simonse away for one more week 's photostream IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE http://www.secuobs.com/revue/news/201306.shtmlhttp://www.secuobs.com/revue/news/201306.shtml 2010-03-13 02:41:45 - Rapid7 Network Security Blog : Healthcare Services and Health Plan Administrators are in the cross-hairs of federal regulators from the Department of Health and Human Services February 17th was the moment the tipping point because after that, the enforcement penalties found in the new Health Information Technology for Economic and Clinical Health Act, also known as the HITECH Act, came http://www.secuobs.com/revue/news/201298.shtmlhttp://www.secuobs.com/revue/news/201298.shtml 2010-03-13 01:27:40 - Rootsecure.net : H Security Google Chrome to do away with unique IDs http://www.secuobs.com/revue/news/201285.shtmlhttp://www.secuobs.com/revue/news/201285.shtml 2010-03-13 01:27:40 - Rootsecure.net : H Security SecurityFocus to partially shut down http://www.secuobs.com/revue/news/201284.shtmlhttp://www.secuobs.com/revue/news/201284.shtml 2010-03-13 00:32:39 - MX Logic Security News : Users of Microsoft's free email service are advised by the Redmond, Washington-based software giant to change their passwords and be vigilant as an increase in spam activity on the site has led to web security breaches Accounts have been hacked in increasing numbers in recent weeks, and the cyber criminals have used the accounts to send spam to the entire contact list of the user Victims have also reported that their email filter settings and other custom account features were changed following the breach Hotmail is seeing instances of accounts being 'hijacked' by spammers who send emails out advertising an electronics website The spam mails usually have subjects like 'Good shopping good mood' and may go to your contact list in addition to a random list of emails, Rob Margel of Microsoft wrote on his blog The spammers do not change passwords to prevent real users from using their accounts, but they intend to access the address more than once Changing the password is the only way to prevent further damage The origin of the malware is unknown, but the results are similar to phishing attacks that take place on Twitter The popular social networking site recently announced phishing attacks have become so frequent that it will now scan every link posted to the site for malwareADNFCR-1765-ID-19667592-ADNFCR http://www.secuobs.com/revue/news/201258.shtmlhttp://www.secuobs.com/revue/news/201258.shtml 2010-03-12 23:32:43 - Security Bloggers Network : IMAGE IMAGE IMAGE http://www.secuobs.com/revue/news/201250.shtmlhttp://www.secuobs.com/revue/news/201250.shtml 2010-03-12 23:27:04 - An Information Security Place : Yes, the logo is weird this time If you can t tell what it is, maybe this will help For the first time ever and probably the only time since I don t get to Atlanta much , An Information Security Place Podcast has joined forces with the Southern Fried Security Podcast to create a joint episode Can http://www.secuobs.com/revue/news/201246.shtmlhttp://www.secuobs.com/revue/news/201246.shtml 2010-03-12 23:24:02 - The Microsoft Security Response Center MSRC : Hi everyone, I m writing to let you know that we have updated Security Advisory 981374 with new workaround information We are aware that exploit code has been made public for this issue As with our last update, Internet Explorer 8 remains unaffected by the vulnerability addressed in the advisory and we continue to encourage all customers to upgrade to this version On Wednesday we added a workaround to the advisory that helps to mitigate the vulnerability by disabling the peer factory class through the modification of a registry key With today s update, we have added a Microsoft Fix It to automate this workaround for Windows XP and Windows Server 2003 customers As always, customers should test this thoroughly before deploying as certain functionality that depends on the peer factory class, such as printing from Internet Explorer and the use of web folders, may be affected We have seen speculation that Microsoft might release an update for this issue out-of-band I can tell you that we are working hard to produce an update which is now in testing This is a critical and time intensive step of the process as the update must be tested against all affected versions of Internet Explorer on all supported versions of Windows Additionally, each supported language version needs to be tested as well as testing against thousands of third party applications We never rule out the possibility of an out-of-band update When the update is ready for broad distribution, we will make that decision based on customer needs Please review the advisory for more information We will keep you posted as additional information becomes available Jerry Bryant Sr Security Communications Manager Lead This posting is provided AS IS with no warranties, and confers no rights IMAGE http://www.secuobs.com/revue/news/201245.shtmlhttp://www.secuobs.com/revue/news/201245.shtml 2010-03-12 22:43:23 - Ma petite parcelle d'Internet... : W hile the news portal section of SecurityFocus will no longer be offered, we think our readers will be better served by this change as we combine our efforts with Symantec Connect and continue to provide a valuable service to the community Change in Focus SecurityFocus Staff, SecurityFocus 2010-03-10 http://www.secuobs.com/revue/news/201241.shtmlhttp://www.secuobs.com/revue/news/201241.shtml 2010-03-12 22:24:39 - Security Bloggers Network : Anton Chuvakin aka Security Warrior was able to sit down with Bob Russo Troy Leach at RSA 2010 for an exclusive interview where he asked a number of questions Here is Anton s introduction I think PCI DSS is the most valuable thing to hit security industry since its inception both as a driving force http://www.secuobs.com/revue/news/201228.shtmlhttp://www.secuobs.com/revue/news/201228.shtml