Spyware, Viruses, & Security forum

General discussion

NEWS - January 16, 2007

Creating a culture of security ? the real challenge

Tuesday, 16 January 2007, 1:03 AM CET

An ever-growing growing percentage of computer crimes are being committed by professional ?criminals? who steal market-valued sensitive data ? e.g. credit card data and customer identities.

http://www.net-security.org/index.php

Discussion is locked
You are posting a reply to: NEWS - January 16, 2007
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: NEWS - January 16, 2007
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Symantec: A Sudden Rise in ActiveX Vulnerabilities

In reply to: NEWS - January 16, 2007

Symantec wrote:

There has been a significant increase in the vulnerabilities that affect ActiveX controls. These vulnerabilities can facilitate an assortment of attacks that may simply cause the disclosure of sensitive information to an attacker or, in the worst-case scenario, allow them to execute code to gain unauthorized access to an affected computer.

In the year 2001, DeepSight Alert Services reported a single vulnerability affecting an AcitveX control. This number reached 50 during 2006.

This rise of vulnerabilities in ActiveX controls can be attributed to a variety of reasons. These include an increasing number of vendors shipping insecure ActiveX controls and the availability of a variety of security testing tools and ActiveX fuzzers that allow researchers and attackers to rapidly find vulnerabilities with relative ease. The rise of vulnerabilities might also be due to the prospects of finding critical vulnerabilities that facilitate remote unauthorized access in the context of the client application.[/quote]

Complete article at http://www.symantec.com/enterprise/security_response/weblog/2007/01/a_sudden_rise_in_activex_vulne.html

Collapse -
Brazilian Blackhats use Russian Web Attacker toolkit

In reply to: NEWS - January 16, 2007

Brazilian-based malicious code authors are now utilizing a popular web exploit kit which originates in Russia. This combination of groups working together is relevant because previously we have not seen such collaboration. The Web Attacker toolkit allows attackers to place code on their website that infects users when the site is visited.

This toolkit is the most popular exploit kit on the web today. Previously, Brazilian attacks mostly used deception as a means to dupe users into running their code. These attacks provide the largest volume of unique samples that Websense Security Labs sees on daily basis.

Read more: http://www.snpx.com/cgi-bin/news55.cgi?target=182188004?-2622

Collapse -
Google Crossed Up By XSS Again

In reply to: NEWS - January 16, 2007

David A. Utter

Yet another cross-site scripting issue has cropped up with Google, as their dominant place on the Internet could be starting to draw Microsoft-like attention from malicious hackers.

Even though Google seemingly has a license to print money with its lucrative search advertising business, it isn't time to start minting coins with a motto of "In Google We Trust." Curious explorations of the code for their web-based services have been revealing some scary potential within them.

Garett Rogers posted at his Googling Google blog how another cross-site scripting issue with Google has been discovered. This would be the third such problem found in the past few weeks.

Read more: http://www.snpx.com/cgi-bin/news55.cgi?target=182149414?-1313

Collapse -
Trojans fuel ID theft boom

In reply to: NEWS - January 16, 2007

By John Leyden 16 Jan 2007

Phishing season
Identity theft, both offline and online, is on the rise with keylogging Trojan software often forming the weapon of choice for would-be fraudsters, according to a new study by net security firm McAfee.

McAfee reckons the number of keylogging malware packages increased 250 per cent between January 2004 and May 2006. The number of phishing attacks tracked by the Anti-Phishing Working Group has multiplied 100-fold over the same period of time, it notes.

Read more: http://www.snpx.com/cgi-bin/news55.cgi?target=182161570?-14215

Collapse -
New Universal Man-in-the-Middle Phishing Kit discovered

In reply to: NEWS - January 16, 2007

[ Johannesburg, 16 January 2007 ] - SecureData, a member of the JSE-listed ERP.com Group and distributor for RSA Security products in Sub-Saharan Africa, today announced that the latter's 24x7 Anti-Fraud Command Centre (AFCC) has uncovered a new phishing kit being sold and used online by fraudsters.

This new kit, a Universal Man-in-the-Middle Phishing Kit, is designed to facilitate new and sophisticated attacks against global organisations in which the victims communicate with a legitimate Web site via a fraudulent URL set by the fraudster. This allows the fraudster to capture victims' personal information in real-time.

RSA's analysts researched and analysed a demo of the kit that was being offered as a free trial on one of the online fraudster forums that the AFCC monitors regularly.

Read more: http://www.snpx.com/cgi-bin/news55.cgi?target=182153390?-14215

Collapse -
Panda: Comparing the Comparatives

In reply to: NEWS - January 16, 2007

Panda research is saying that comparing and reporting simple detection rates are now based on old, limited views of reality.

"The fact remains that traditional engines are insufficient against new malware. It's apparent that if you want protection nowadays you cannot rely on signatures and heuristics alone, regardless of how "leading edge" you're told it is. Use of behavioural analysis and other proactive techniques is an absolute must. Many leading solutions are finally starting to implement behavioural technologies in their solutions and that is A-Good-Thing."

MVP Paul Laudanski (castlecops.com) have been doing a great job in tracking detection rates of newer malware.

See http://research.pandasoftware.com/blogs/research/archive/2007/01/16/Comparing-the-comparatives.aspx

Collapse -
Oracle flags up 52 security flaws

In reply to: NEWS - January 16, 2007

Databases come under security spotlight

Robert Jaques, vnunet.com 16 Jan 2007

Oracle has issued its first pre-release security patch announcement, flagging up no fewer than 52 critical updates, just as a security company has highlighted the vulnerability of many databases.

However, security firm Secerno warned that weaknesses in the development process are often more serious than any vendor vulnerabilities.

However, security firm Secerno warned that weaknesses in the development process are often more serious than any vendor vulnerabilities.

Read more http://www.vnunet.com/vnunet/news/2172616/databases-come-under-security

Collapse -
FaceTime Reports IM & P2P Malware is Packing a Bigger Punch

In reply to: NEWS - January 16, 2007

FaceTime Communications today announced its analysis of malware affecting today's enterprise networks through instant messaging, P2P file sharing, and chat applications. In an analysis of threats tracked or identified by FaceTime Security Labs, 1,224 unique threats on greynet applications were reported in the past year, with attacks over peer-to-peer networks increasing by 140 percent over 2005 and multi-channel attacks increasing from 18 percent in 2005 to 29 percent of all attacks in 2006.

http://www.prnewswire.com/cgi-bin/stories.pl?ACCT=104&STORY=/www/story/01-16-2007/0004506873&EDATE=

Collapse -
'Whitelisting' Repairs Broken Anti-Malware Model

In reply to: NEWS - January 16, 2007

Today's antivirus model is broken, largely because it seeks to block known malware without any way of anticipating the nature of the next attack. This blacklisting approach hit a rough stretch last year as attackers developed faster, automated ways of launching variations of malware that eluded unsuspecting defenses. As a consequence, a newer "whitelisting" approach has emerged that acts like a nightclub bouncer working from a guest list. If you're not on the list, you're not getting in.

http://www.techweb.com/showArticle.jhtml?articleID=196901081

Collapse -
Google patches XSS security flaw

In reply to: NEWS - January 16, 2007

Google has patched a cross-site scripting (XSS) vulnerability in one of its web-hosting services.

If left unpatched, the vulnerability could have allowed hackers to modify third-party Google documents and spreadsheets, and view mail subjects and search history, according to the Google Blogoscoped blog.

Philipp Lenssen, the author of Google Blogoscoped, a third-party site that comments on Google developments, said the vulnerability was similar to another vulnerability in Blogger Custom Domains reported on Sunday night.

http://news.zdnet.co.uk/security/0,1000000189,39285492,00.htm

Collapse -
Q&A: Trustworthy Computing at Five Years

In reply to: NEWS - January 16, 2007

Collapse -
Persistent zombie attacks target Symantec corporate software

In reply to: NEWS - January 16, 2007

By Joris Evers, CNET News.com
Published on ZDNet News: January 16, 2007, 1:17 PM PT

Symantec first dismissed the threat, but worm attacks that exploit a known security hole in the company's corporate antivirus tool are proving to be persistent.

The attacks target computers running older versions of Symantec Client Security and Symantec AntiVirus Corporate Edition. Compromised systems are turned into remotely controlled zombies by the attacker and used to relay spam and other nefarious activities. Symantec's Norton consumer software is not affected.

"What we have been seeing in December and in the last week and a half is related to new variants of Spybot," Vincent Weafer, senior director of Symantec Security Response, said Tuesday. "We had a couple of versions of Spybot that went nowhere, but these ones found a way to propagate more effectively."

Read more: http://news.zdnet.com/2100-1009_22-6150560.html?tag=nl.e589

Collapse -
Spammers hijacking legit newsletters

In reply to: NEWS - January 16, 2007

Frank Washkuch Jr. Jan 16 2007 19:22
Newsletter creators aren't the only ones hoping their products don't get caught in spam filters now that hackers have begun using newsletters to launch spam.


Researchers at Symantec say they've uncovered email messages that appear to be genuine newsletters ? only to find the emails have been hijacked by spammers.

Spammers embed their messages within a single file, according to the Cupertino, Calif.-based anti-virus firm. The message pops up after an affected user reads what they think is a normal newsletter message.

Read more: http://www.scmagazine.com/us/news/article/626123/spammers-hijacking-legit-newsletters/

Collapse -
CA backup software has 'critical' security flaws

In reply to: NEWS - January 16, 2007

It has now released patches for the security flaws

Bryan Betts

January 16, 2007 (TechWorld.com) -- A stack of vulnerabilities has surfaced in Windows versions of CA Inc.'s BrightStor ARCserve backup software. The holes were rated "moderately critical" by Secunia ApS, and CA has now released patches for them.

Although CA does have its own security team, all the flaws were discovered by researchers at other security groups, including 3Com Corp.'s TippingPoint, VeriSign Inc.'s iDefense Labs, ISS X-Force, which is now part of IBM, and others.

Some of the vulnerabilities were first reported as long ago as last November, when ISS X-Force and TippingPoint updated their firewalls to block them.

A CA spokeswoman was unable to say why it took the company so long to issue a public advisory that might have enabled other users to apply firewall rules to protect themselves while patches were being developed. "In this specific case, we have not been made aware of any customers who have been affected by this vulnerability," she noted.

Read more: http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9008112&source=rss_topic17

Collapse -
Agnitum's insights on Vista Firewall

In reply to: NEWS - January 16, 2007

Agnitum, the maker of Outpost Firewall published their January 2007 Agnitum Security Insight. It's at http://www.agnitum.com/news/securityinsight/issues/january2007

This month issue is about the Firewall in Windows Vista and Agnitum showed some of their findings about firewall in Vista. (Note: They also reviewed OneCare's firewall last year - http://www.agnitum.com/news/securityinsight/issues/june2006 )

Their conclusion is as follows:

"Microsoft's move to improved OS security has been long awaited - some might say long overdue - and will bring some benefit to users. Certain of the new security measures introduced will undoubtedly make users safer, although at a cost - increased prompts triggered by UAC or IE Protected Mode, as well as other distractions. But it's clear one thing that won't ever bother most users: the Windows Vista firewall. It doesn't control outbound activity, and so it is inherently incapable of delivering real-time control over network traffic. The fact that it can only allow or block connections creates a sizeable security risk if the firewall allows outbound connections and a serious interference with productive PC usage if all outbound traffic is blocked.

Unsurprisingly, then, it's my view that users would be better advised to use a dedicated, time-proven third party firewall like Outpost to protect their online activities."

More details on the above - demonstration and why they think there is a vulnerability and why 3rd party firewall is best to use in http://www.agnitum.com/news/securityinsight/issues/january2007

Collapse -
Top Security Companies Align to Support Consumer Launch of

In reply to: NEWS - January 16, 2007

Windows Vista

Top Security Companies Align to Support Consumer Launch of Windows Vista

Anti-virus and family safety solutions bolster built-in security of newest version of Windows.

Companies committing to the availability of consumer and small-business security solutions for Windows Vista by Jan. 30 include these:

* CA Inc.
* ContentWatch Inc.
* GRISOFT
* IMSafer Inc.
* Kaspersky Lab
* McAfee Inc.
* Microsoft Windows Live OneCare
* Panda Software International
* PixAlert
* SafeBrowse.com
* Symantec Corp.
* Trend Micro Inc

http://www.microsoft.com/Presspass/press/2007/jan07/01-16SecuritySupportPR.mspx

Popular Forums

icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

REVIEW

Sublime suburban chariot

High on style and technology, the 2019 Volvo XC90 is an incredibly satisfying everyday crossover.