8 total posts
Hackers hit Japanese government systems
By Dan Ilett, ZDNet (UK)
Published on ZDNet News: February 24, 2005, 12:37 PM PT
The Japanese Government has suffered a spate of cyberattacks on two of its Web sites this week, according to reports. A government representative told the Associated Press that key Web servers had stopped working after hackers flooded them with data, making it impossible for people to access the Prime Minister's Office and the Cabinet Offices' Web sites.
Take three: Antivirus apps could spread infection
By Robert Lemos, CNET News.com
Published on ZDNet News: February 24, 2005, 3:22 PM PT
Internet Security Systems has found a flaw in Trend Micro's virus-scanning software--the third time this month that the security company has picked a hole in an antivirus product.
The vulnerability affects Trend Micro's Antivirus Library, a common set of code used by at least 29 Trend Micro products, according to separate advisories posted on Trend Micro's Web site on Wednesday and on ISS' site on Thursday. An attacker could create a program that exploits the security hole, causing the antivirus program to run a virus instead of blocking the malicious program, the companies said.
"Successful exploitation of this vulnerability could be used to gain unauthorized access to networks and machines being protected by Trend Micro Antivirus Library products," ISS said in its advisory.
The flaw is similar to those found in antivirus software from Symantec and F-Secure. Because it's a library flaw, it adds up to a broad vulnerability in Trend Micro products that could be exploited to automatically run a malicious program. The flaw is caused by a memory error known as a heap overflow.
Firefox fix plugs security holes
By Steven Musil, CNET News.com
Published on ZDNet News: February 24, 2005, 9:00 PM PT
The Mozilla Foundation on Thursday released an update to the Firefox Web browser to fix several vulnerabilities, including one that would allow domain spoofing.
The open-source project released Firefox 1.0.1 to fix, among other bugs, a vulnerability in the Internationalized Domain Names (IDN), a standard for handling special character sets in domain names that could let an attacker spoof Web sites on non-Microsoft browsers. The standard allows companies to register domain names that appear to be the same in different languages.
That encoding scheme could enable an attacker to create a fake Web site for a phishing scam. A spoofed link would seem to be a legitimate URL in the address bar of affected browsers. But instead of taking the victim to the trusted site, the link would lead to a phony Web site with a domain rendered as the same address under the IDN process.
The updated browser will display the IDN Punycode in the address bar, preventing URL spoofing. Punycode is the encoding of Unicode strings into the limited character set supported by the Domain Name System and IDN.
Microsoft puts a little money where its mouth is
Published: February 25, 2005, 4:50 AM PST
By Stefanie Olsen
Staff Writer, CNET News.com
Afraid Microsoft's anti-spyware will muck up your hard drive, erasing your digital photos, music collection and work files?
Don't worry, you've got a $5 rebate coming your way in this worst-case scenario--enough to buy five songs on iTunes. That is, if you read and take advantage of Microsoft's legal promise.
According to the AntiSpyware Beta end-user license agreement (EULA), Microsoft will reimburse direct damages up to $5 for problems associated with the new downloadable tool that wards off spyware, adware and any other "potentially unwanted software."
Microsoft to nix some Net product activation
Published: February 24, 2005, 4:44 PM PST
By Robert Lemos
Staff Writer, CNET News.com
Customers who find themselves reinstalling Windows XP should be ready for a headache: Microsoft will no longer support activating the product over the Internet for PCs which have Windows pre-installed.
Intended to curtail the stealing and selling of certificates of authenticity, the new security measure will start at the end of this month. At first, it will be limited to the Windows XP software preinstalled on systems shipped by the top 20 PC sellers.
"The main reason (for the change) is to address piracy in this area," a Microsoft representative said on Thursday. "Microsoft has found various people selling the labels of authenticity that they have copied or have pulled off other PCs."
Opera Tackles Phishing: Second Beta of the Opera Browser
"Opera Software ASA today released the second Beta version of its next browser, which includes an answer to the recent security debate over Web site spoofing. In this Beta, the browser displays security information inside the address bar, located next to the padlock icon that indicates the level of security present on a site.
The small, yellow security bar appears on secure sites and displays the name of the organization that owns the certificate. By clicking on the bar the user has access to more information about the validity of the certificate. These anti-spoof measures help users make educated decisions about a site's validity and security.
"One of the most important measures to counter phishing attacks is the use of security certificates," says Christen Krogh, Opera's Vice President of Engineering. "The challenge for browser vendors is to better explain the verification of certificates and to make the user more aware of this additional verification before entering into secure transactions."
More in http://www.opera.com/pressreleases/en/2005/02/25/
ICANN Statement on IDN Homograph Attacks and Request for
ICANN is aware of the recent publicity regarding the vulnerability of certain web browsers to URI and domain name spoofing that relies on the use of Internationalised Domain Name (IDN) resolution.[..]
ICANN is concerned about the potential exacerbation of homograph domain name spoofing as IDNs become more widespread, and is equally concerned about the implementation of countermeasures that may unnecessarily restrict the use and availability of IDNs. ICANN calls for views and positions regarding both homograph vulnerability, which is not unique to IDNs, and the proposed countermeasures, which include having browser support for IDNs turned off by default, while at the same time not protecting against older forms of URI and domain name abuse.
ICANN encourages the global Internet community to participate in this public comment forum as part of an effort to improve public protection from abusive use of domain names while responsibly opening up opportunities for non-Latin language characters to be used in registered domain names.
More in http://www.icann.org/announcements/announcement-23feb05.htm