« Archives in June, 2010

The Devil Is In The Details: DHS Monitoring Web & "Wrong" Words

ssshh! Don’t share this! This is just between us.

DHS will monitor more U.S. citizens on the Internet, the feds may have the power to pull the plug on the Web, and certain words automatically incriminate you if used in emails. It’s been a busy week, eroding away at privacy. The devil in the details of censorship.

Take a look at some of the incriminating words not to use in emails: bar*, cure, employ*, agreement*, draft*, repo*, repurchase, fed, risk*, expos*, *liquid* caution or concern or increase or toxic or outsized or significant, downgrade*, reduce*, write*, effect*, cash, sweep*, haircut, negotiate*, need*, strongly disagree, can’t or cannot or shouldn’t or should not or won’t or will not w/5 discuss or “talk about” w/5 email, e-mail, or computer or should w/5 discuss or talk w/5 phone or “in person”, cannot believe, serious trouble, big trouble, unsalvageable, shocked, speechless, too late, uncomfortable, not comfortable, I don’t think we should, *sensitive, *confidential, do not share this, don’t share this, between you and me, just between us.

Read more…

My new phone

I finally decided to trade in my iPhone 3Gs for a new one. No, I didn’t stand in line forever to get the long awaited iPhone 4. Instead I gave into the peer pressure of my colleagues to go with an Android phone. So I didn’t have to go through the hassle of contract negotiation with AT&T, I bought the Google Nexus One.

Can’t wait until it arrives on my doorstep. I’m like a little kid waiting on Christmas.

THC-Hydra 5.7

After some time, a new version of THC-Hydra has been released.

This version has added some changes and fixes, but most importantly it is again maintained.

Download it at http://www.thc.org/thc-hydra/

Researchers find 12 zero day flaws, targeting 5 web malware exploitation kits

Security researchers from TEHTRI-Security, have found twelve zero day flaws targeting five of the most common web malware exploitation kits such as Neon, Eleonore, Liberty, Lucky and the Yes exploitation kits.

TEHTRI-Security blog post

I’m not really sure that this was a good thing. Publicly disclosing vulnerabilities in exploitation kits used by the “bad-guys” just tips them off to fix their code.

VeriSign SSL certs open to tampering, competitor warns

VeriSign and one of its partners have come under fire for publicly exposing webpages used to process customer security certificates, a practice a competitor claims puts some of the biggest names on the web at risk of serious targeted attacks.

Read more…

'World's No. 1 hacker' tome rocks security world

This is what gives security professionals a bad name. People trying to be what they are not for the all mighty buck.

A recently published e-book penned by the self-proclaimed “world’s No. 1 hacker” is rocking the security community with back-and-forth allegations of plagiarism, racism, and even threats against a security podcaster and his family.

How to Become the World’s No. 1 Hacker is purportedly written by Gregory D. Evans, an animated felon who went on to become CEO of Ligatt Security International, a publicly traded company worth about 0.0002 cent per share that bills itself as a full-service computer security firm. Released by the obscure Cyber Crime Media publishing house, the 342-page PDF is a comprehensive, step-by-step guide for consumers who want to learn how to harden their networks against attackers. Unix security, Wi-Fi cracking, and web service configuration are all covered.

The article posted on The Register® by Dan Goodin goes on to talk about Evans self proclaimed association with Kevin Mitnick.

Read more…

Google releases command line tool for accessing Web services

Google has announced the availability of a new tool called GoogleCL that will allow users to interact with the company’s popular Web services directly from the command line.

GoogleCL was developed in Python on top of the gdata-python-client library. It’s an open-source software project that’s hosted on Google Code and distributed under the Apache license. GoogleCL will make Google-hosted data more accessible to common command-line workflows. The GoogleCL tool offers an easy way to pipe your GMail contact list into sed and awk, or use a shell glob to specify which photos and movies to batch upload to Picasa and YouTube. It also supports Blogger, Google Calendar, and Google docs.

The tool can be downloaded from its project page on the Google Code Web site.

Microsoft sneaks Firefox add-on into Patch Tuesday update

Microsoft has silently slipped a Firefox extension onto user machines via an automatic software update. Again.

This week, as part of its regular Patch Tuesday, Redmond released an update for its various browser toolbars, and as Ars Technica noticed, this update also installed an entire add-on for Internet Explorer and an extension for Mozilla Firefox – without asking users. Ars was unable to identify the installs, but Microsoft now tells The Reg that the update was installing the latest version of its Bing toolbar on machines that were running the older Windows Live Toolbar or MSN Toolbar.

BTW, Microsoft apologizes for any inconvenience this may have caused. Didn’t Sony get in trouble a few years back for installing something without the users knowledge?

Read more…

Mass hack plants malware on thousands of webpages

More than 100,000 webpages, some belonging to newspapers, police departments, and other large organizations, have been hit by an attack over the past few days that redirected visitors to a website that attempted to install malware on their machines. The sites were infected using SQL injection exploits, which allow attackers to tamper with a server’s database by typing commands into search boxes and other user-input fields.

Interesting origin of the attacks. If you haven’t already guessed, the SQL injection attacks came from Chinese IP address

Read more…

Porn Sites More Infected Than Thought

This goes without saying!

“Porn sites are five times as likely to host malware as previously thought, with 3.6% offering up a digital infection of some sort, according to a researchers who set up their very own adult sites for a new study. One reason for the high rate of malware is that the online porn industry makes use of affiliate programs, where one site will drive traffic to another in exchange for links, cash or simply free pornographic material to use. Because such programs don’t check who they’re doing business with, and sites use disguised links and other clandestine methods to drive people to different pages, it’s easy for criminals to abuse the system to spread malware. Researcher Gilbert Wondracek said: ‘They inadvertently have created an ecosystem that can easily be abused on a large scale by cyber criminals, and that’s worrying.'”