Monday, January 28, 2008

Metasploit releases Version 3.1

This new version features a graphical user interface and full featured Windows interface. This also incorporates many other useful modules, the one I am particularly interested in testing is the Lorcon 802.11 packet fuzzing module.

Saturday, January 19, 2008

One of the challenges we face as corporate Information Security professionals is educating the users and make them understand the various threats in the online world. No matter how hard you try some users don't get it and they keep doing the things that jeopardizes the security of the organization. They think that the various risk analysis we do are made up and done to create FUD and justify the costs for deploying the various security devices.

Here is an example of people still doing such things as logging into their bank accounts from public computers.

Hotel hacker confesses to Trojan mayhem

Friday, January 18, 2008

Privacy tips

Apart from some of the essential tools like antivirus, anti-spyware, firefox, personal firewall, here are some of the must have tools that will help you protect against the various online threats.

Secunia PSI - check my earlier post on this

DVDburn and CDburn from windows Resource kit - a very simple command line utility to burn CDs and DVDs

sysinternals tools - a very handy set of tools

ccleaner

md5summer - check my earlier post on this

windows update - keep up to date with hotfixes and service packs

sigverif - this is a windows xp tool which verifies the file integrity of the windows files that are digitally signed by Microsoft.

Other tips,

Don't login as Administrator or as an admin user. This is the primary reason how malicious code received via email or some other means gets executed.

Use the firefox extensions no script, refcontrol, safecache and safehistory. Also use the firefox feature to create seperate profiles, one for regular use and one while logging to banking and other financial sites. This is a great way to guard against CSRF attacks

It is also a good idea to enable logging (successful and dropped connections) on the Windows Firewall and periodically check for any unusual activity.

Wednesday, January 16, 2008

Banking Trojan

Symantec reports the emergence of a banking trojan capable of variety of attacks. Make sure the virus definitions are kept up to date

Privacy and MySpace

I have written multiple time about privacy and social networking sites and I don't recommend people add their profiles on these sites. However, I do welcome the recent announcement that calls for new protection for Teens and tools for parents. Some of the key principles are,

"making the profiles of 14 and 15 year old users automatically private and protecting them from being contacted by adults that they don’t already know in the physical world, and deleting registered sex offenders from MySpace. Examples of improvements MySpace will make include defaulting 16 and 17 year old users’ profiles to private and strengthening the technology that enforces the site’s minimum age of 14."

"MySpace will explore the establishment of a children’s email registry that will empower parents to prevent their children from having access to MySpace or any other social networking site."

"As part of the Principles, MySpace will organize, with the support of the Attorneys General, an industry-wide Internet Safety Technical Task Force to develop online safety tools, including a review of identity authentication tools."


Friday, January 11, 2008

More on expectation of privacy

More on my earlier post, do you expect any privacy on social networking sites? Here is another instance

http://www.startribune.com/local/west/13663951.html

Before registering at these sites (if you absolutely have to) I suggest you read their privacy policy.

I want to list some of the very important ones

  • "Facebook helps you share information with your friends and people around you. You choose what information you put in your profile, including contact and personal information, pictures, interests and groups you join"
  • "When you enter Facebook, we collect your browser type and IP address. This information is gathered for all Facebook visitors. In addition, we store certain information from your browser using "cookies.""
  • "We recommend that minors over the age of 13 ask their parents for permission before sending any information about themselves to anyone over the Internet."
  • "Facebook Beacon is a means of sharing actions you have taken on third party sites, such as when you make a purchase or post a review, with your friends on Facebook. In order to provide you as a Facebook user with clear disclosure of the activity information being collected on third party sites and potentially shared with your friends on Facebook, we collect certain information from that site and present it to you after you have completed an action on that site. You have the choice to have Facebook discard that information, or to share it with your friends."

Wednesday, January 9, 2008

iPhone Trojan

The first Trojan targeting the iPhone is out confirming my fears for 2008. More information here,

http://www.f-secure.com/weblog/archives/00001355.html

Tuesday, January 8, 2008

Critical Microsoft Security update

The first update of the new year from Microsoft starts with a critical update affecting all the Windows platforms. Microsoft lists two vulnerabilities on this Bulletin, the more critical one is the IGMP vulnerability which is enabled by default on all Windows XP SP2 machines. On corporate networks, even though IGMP could be blocked at the perimeter, a worm infected PC could be used as a jumping point to exploit other machines. So patch ASAP

More information here,

http://www.microsoft.com/technet/security/Bulletin/MS08-001.mspx

http://www.frsirt.com/english/advisories/2008/0069

Monday, January 7, 2008

Expectation of Privacy

When you register with sites like Facebook and Google Talk, do you expect any privacy? Check the recent news items from WSJ

"The program, which Facebook CEO Mark Zuckerberg unveiled last month, allows Facebook to track its users' activities, such as purchases, on third-party Web sites that partner with the social-networking site and broadcast them to the users' friends."

More here,

http://online.wsj.com/article/SB119687856122414681.html


"Last month, Google introduced a new feature that essentially guesses who your friends are—based on chatting habits in its Google Talk service, among other things—and automatically shows those people your shared items."

More here,

http://blogs.wsj.com/biztech/2008/01/02/the-hazards-of-using-google-reader/


These are some of the reasons why I don't put my profile out at these sites

Saturday, January 5, 2008

MBR Rootkit

Prevx has identified a new Master Boot Record Rootkit, read their blog here

http://www.prevx.com/blog/75/Master-Boot-Record-Rootkit-is-here-and-ITW.html

Secunia PSI

One of the best ways to keep your PC safe is by regularly patching the applications, windows update patches the Microsoft applications but what about third party softwares like Adobe and WinZip? The answer is Secunia PSI, I have been using this for about 6 months now and the recent update has many new features which makes it a comprehensive tool for keeping all the applications in your PC up to date.

Once installed the software searches for all the installed packages and verifies if they need any software updates to make it secure. The software identifies what the updates are and provides you a link where the latest updates can be found.



The new version tracks the performance week by week and gives a score of how secure the applications installed in the system is.




Download and install the software today, it is a must have software for all the home PCs.