Once upon a time the bad payload of a malicious email was it’s attachment, that still happens, but in many cases the links are the real lure – like a worm dangled in the water in front of a hungry fish…. the links though hide a danger on the other side…. the hook in our analogy. Brian Krebs writes about a utility called linkscanner that scans a given link to see if it’s hosting up malware. It’s from a place called Exploit Prevention Labs. I don’t know that I’d trust it completely as a safety net, but it might be worthwhile as another level in the defences.
Category: Computers
-
ICQ client and toolbar vulnerabilities
Sans brings this from AOL, advising of vulnerabilities in the ICQ client and the ICQ toolbar for IE. The latest version of ICQ client is 5.1 and is claimed to not be vulnerable. (Toolbar version 1.3 is said to be vulnerable as well. No more recent version of that is available – you might consider disabling the toolbar.)
-
Another Debian server security breach
According to this story, there has been another compromise of a debian project server. (Is this the third in the last year?)… the Alioth webserver was offline most of the 5th of September…
It was simply stopped because we discovered that some script kiddies were running an IRC proxy. After thorough investigation, we discovered that they exploited a pmwiki security hole[1] to deface some web pages, to install some malicious php pages which in turn were used to setup the IRC proxy.
-
Firefox code under the microscope
So, the stories are out of the analysis of the code for Mozilla Firefox. It seems there were a large number of potential flaws found (71 potential security vulnerabilities) according to the article. This was done using an automated tool and many say, that in order to evaluate the true severity of the flaws, you have to be familiar with the code. Some, I’m sure will pounce on this with the “I thought open source software was supposed to be more secure…. I’m going back…” but it’s time to stop and think about things a moment. Open Source software…. anyone can access the source, anyone can analyze it for problems, anyone can run an automated tool to test it…..
-
Microsoft’s priorities…
I didn’t really think of this in context, but George Ou points out that Microsoft issued an “out of cycle” patch for their DRM software in response to the FairUse4WM software that stripped DRM protections from Windows Media Files. It took a mere 3 days from being made aware of the issue to releasing a patch. In context, we have seen numerous instances in the last year of “zero-day” vulnerabilities becoming known just after a monthly patch day, and Microsoft waiting until the next patch day to release a fix. So why the different response?
-
Google puts historical articles online, searchable
Wow, this is nice – and frankly, something I could probably spend hours with. Search Engine Watch tells us that Google will debut a searchable news archive that takes us back through around 200 years worth of news stories. Yes, folks, google is putting the last 200 years of history online. I remember the newsgroups being google-ized was a big deal and that just took us back to the beginnings of the modern internet…. Well, in actuality the articles aren’t hosted at google, but at either the content providers or their aggregation services….
-
Windows XP lost administrators password
Some time ago, I’ve talked about chntpasswd as a great utility for when you’re locked out of a Windows 2000 or XP installation because you’ve either forgotten (or weren’t informed) of the valid password to get in. It turns out there is a different approach… well yes, you could format and install from scratch blowing away all data on the drive, OR you could do a second installation in the same partition – that could be messy though and waste space. If you just need a few files off, you could boot up a linux livecd and copy the files to another disc before wiping and rebuilding, but there is yet another possibility….
-
The ways data is stolen..
Brian Krebs highlights a study on data theft/breaches. There are some interesting results (just 1/3 of data breaches were from criminal hacking, 29% from stolen laptops or storage media, 23% from improper disclosure of information (oops I published all our customers information on the website.) and 7% from inside sources – employees taking/selling data, just 2% from lost backup tapes (wouldn’t that fall under storage media?)
The leaders in data loss seem to be Colleges and Universities, followed by the Government and then businesses.
-
Upgrading laptop wireless
George Ou had a good article on upgrading a laptops wireless to a multiband adapter. It looks like a fairly straightforward process. Personally, I’ve not risked much with regards to laptop repairs. (Keyboard replacement, battery replacement, hard drive replacement and memory have been the typical laptop repairs I’ve done – throw in optical or floppy drive swaps (remember when they had those?) and one or two lcd swaps and that covers 95%+ of what I’ve fixed with regards to laptop hardware.)
-
System patching 0-days and ancient-day vulnerabilities
There’s a good article at Michael Sutton’s Blog which points out something that really makes sense and I think many people are aware of, but with all the buzz that a new previously undisclosed vulnerability has, we forget. The point is this, there are plenty of machines online vulnerable to ancient flaws that have been known (in some cases for years.) In his article, he does a search for one specific vulnerability and finds targets. Some of the comments speculate that some may be honeypots, but I would doubt that a high percentage are and suspect that most are the real deal.