Browse by Tags
All Tags »
.security (
RSS)
When looking at the Dell battery replacement site, using IE 7 (beta 3), the certificate was expired and even though I said "please ignore that and continue", I saw this interesting feature as you can see in the screen shot. The address box has a red background - warning me and also a new Certificate error. This is certainly interesting and my kudos to the...
Interesting new worm based on the likes of the movies such as the ring or feardotcom spreading via MSN. It is quite dangerous as it disables many security and antivirus software running such as antivirus, firewalls and even Windows programs like the Task Manager and RegEdit. It is easy to recognize, as you will get the following instant message - which downloads...
Shipping with Vista Beta 2, there is a new security feature called Address Space Layout Randomization (a.k.a ASLR); other than being a mouthful, this helps defend against buffer overrun exploits. It does this by moving the entry points into the system dll's around randomly in memory. Its all about odd, and there are 256 locations it can be loaded in, or...
If you use American Express, then beware there is a Trojan going around that asks for secure information when when logged into Amex's secure site. Amex has provided a screen shot of what it looks like, check it out so you know in case you see it. You can read more on this at eweek here .
Stephen Toub at Microsoft warns about a scam where people have been getting mailings (not emails) offering them MSJ - this a scam as MSJ is not published anymore! Don't send them your hard earned money.
Beware, there is a new IM worm that promises a picture of Santa, but instead delivers a rootkit ! The initial message will appear to come from someone on your IM list and will include "santaclause.aol.com/a?|" DONT click on that link! The worm is called IM.GiftCom.All. Read more here .
While I totally agree with the concept of combacting rootkit with rootkit when it comes to the new generation of spyware, etc. (remember Sony's need for control fiasco ), but my concern is there are many lazy programmers (yours truly included) out there and most companies are in a hurry to ship a product out the door without testing as thoroughly as one...
Here are a few more DOS pings from last night, I think these are poor souls who don't know they have infected machines (or lets hope so). There is one (218.201.43.148) from China belonging to someone called Ming Chen in Chongqing, might have to drop his/her ISP an email. inetnum: 218.201.40.1 - 218.201.43.254 netname: CQ-CHONGQINGYIDONG country: CN descr...
From PCMag, Sony's incredible gaffe - creating a DRM applet that loads prior to the operating system - has caused an incredible furor. Sony agreed to suspend the program , but that's not all. Now the rest of the world is piling on. Microsoft now says it will delete the rootkit directly with its anti-spyware program, and it'll be included in the December...
I got this via a colleague of mine and thought I should spread the warning. I don't forward chain letters, but send this link to other folks, what helps is the pictures, so you know what to look out for. UPDATE : Here is another story (by Guardian) send my a colleague which has pictures for the ATM for UK, where these scams have been around for the last...
It has been long overdue and now its finally present. Vista has something called the Secure Startup Volume Encryption which will work on computers with the Trusted Module Platform (TPM) chip. Here, all except the bare minimum of the boot volume is encrypted and at boot time the TPM transparently allows access to the drive. If someone either removed the hard...
Well I have been thinking of something like this and stumbled across Tor: An anonymous Internet communication system via /. Has anyone used this? What do they think? What is it? Tor is a toolset for a wide range of organizations and people that want to improve their safety and security on the Internet. Using Tor can help you anonymize web browsing and publishing...
A tool provided by Microsoft could let people get around a check meant to prevent those with pirated copies of Windows from downloading additional software from the company, according to a security researcher. The threat is mitigated because the keys generated by the GenuineCheck tool expire "rapidly," the Microsoft representative said. Consequently, it...
Two vulnerabilities in the popular Firefox browser have been rated "extremely critical" because exploit code is now available to take advantage of them. The cross-site scripting and remote system access flaws were discovered in Firefox version 1.0.3, but other versions may also be affected, said security company Secunia, which issued the ratings Sunday....
Yes, I know, I have been harping about XP 64 bit and how you can upgrade to XP 64 bit for free , but you might want to rethink for in the short term (for about 6-12 months). Why you ask? Well in addition to the drivers (remember your 32 bit drivers will *not* work), the two biggest Antivirus solutions (Norton and McAfee) are not available and they don't...
Got this via internal communities at Avanade. Seems like in Ohio it is legal for cops to steal someone else's identity as long as it is part of an investigation without your consent - quite scary I think.
SecurityFocus has two part article that looks at the new generation of WEP cracking tools for WiFi networks, which offer dramatically faster speeds for penetration testers over the previous generation of tools. In many cases, a WEP key can be determined in seconds or minutes. Part one , compares the latest KoreK based tools that perform passive statistical...
I don't agree with Microsoft's approach here . Essentially if you are running XP and don't have SP2 installed, then that will be forced down your throat. Now, I had SP2 running the day it went Beta and have not had any problems, but I am not sure if this really is to get the security patches out or forcing people running pirated copy of Windows to buy legal...
Seattle Times has a story from the RSA Conference , where surprisingly they find Windows is more secure than Linux. No, this is not a study done by Microsoft. They compared Windows Server 2003 and Red Hat Enterprise Server 3 running databases, scripting engines and Web servers (Microsoft's on one, the open source Apache on the other). Their criteria included...
Robert Hensing writes a very interesting and controversial article where he recommends not to use any kind of passwords on a Windows network? Why you ask? Well because passwords are very easily cracked and worms such as Agobot / Phatbot / Polybot / SDBot / RBot / etc. ship with boat-loads of dictionaries of passwords. Not to mention that either automated...
Microsoft today just released another update on a security hole. This honestly is good, that the holes are being identified and being plugged. Yes, I am sure there are the “bashers” who would scoff at it, but the reality is, in the millions of lines of code across various products, such thing creeps in and its better to accept the responsibility...
Microsoft is currently investigating a reported vulnerability in ASP.NET (does not affect ASP) where an attacker can send specially crafted requests to the server and view secured content without providing the proper credentials. This issue affects anyone running any version of ASP.NET on Microsoft Windows 2000 Professional, 2000 Server, XP Professional...
Bruce has a post (which I verbatim here) highlighting one of the small changes in Whidbey which will make life easier for a whole bunch of us. In Whidbey, the name of the .snk file is included as a property on the project and is picked up my msbuild when compiling. To get to it: Right-click on the project in the solution explorer and select Properties. Click...
Microsoft released today another critical security update - Buffer Overrun in JPEG Processing (GDI+) Could Allow Code Execution (833987) . A buffer overrun vulnerability exists in the processing of JPEG image formats that could allow remote code execution on an affected system. Any program that processes JPEG images on the affected systems could be vulnerable...