There have been a couple stories out of the “Blackhat federal” conference in the last couple days. Brian Krebs at the Security Fix gives a good overview. One of the more troubling notes is the possibility of creating a rootkit that can hide itself in a systems BIOS. Security Focus has some detail on this as well.
Blog
-
The Blackworm, Nyxem, KamaSutra Worm…
Lot’s of news following up on the Nyxem worm in the last few days. It’s currently going under a number of names, the Kama Sutra Worm, Blackworm are some of the more common names. Sans has a page for information on the worm here. Microsoft has detailed manual removal instructions. The counter that logs the worms infections, is close to 2 million. That last note might be taken with a grain of salt, as the counter is tracking all visits to the page, even curious security researchers. Why all the big fuss?
-
A Deeper look at Nyxem
First I should raise an alarm of warning on this one, this virus is supposed to overwrite all accessible document files (network shares too) on the 3rd of the month, so February 3rd we may be seeing some problems. Don’t wait until then to make sure you have current antivirus definitions. The Nyxem virus though does something else interesting.
-
Google News graduates
One of Google’s longest Beta-tests… Google News has now graduated from beta status. There is a “suggest news stories” options in the personalized search feature. I wondered if it would ever be non-beta. Somewhere along the line I had read speculation that the holdup was advertising and there was trepidation that targetted ads within Google News would spur a revolt among the news feed providers. A quick look doesn’t seem to show any ads – so that speculation seems to have been a bit off the mark I guess.
-
Your own wikipedia….
I’ve made quite a bit of use out of the wikipedia in recent years. I know it has it’s flaws (I’ve run across some first hand), but I’ve found typos in textbooks as well. However that doesn’t mean that it can’t be a very useful reference. In fact, in some of my browsing I’ve gone through the spanish language version of the wikipedia putting some of my spanish reading skills to the test. Anyway, in the last couple days I became curious for various reasons about actually downloading a copy and installing the wikipedia locally. Now, I know one of the benefits of the wikipedia is that it’s collaborative and this way I’ll miss out on current and changing/improving/updating articles. But I can see some reasons to want to have a “snapshot”.
-
Too many things, not enough time
The last few days has been a situation of “too many things to do and not enough time”. I’ve got a growing list of items that I am interested to post in coming days, but things have been busy enough to keep me from it for the most part. It looks like this week (which at the moment seems like just a continuation of last week) will be quite busy as well. Hopefully I’ll be able to start catching up Thursday.
-
Using ssh to protect web browsing over wireless or other hostile networks
This really could be used to encyrpt web traffic over any “hostile” network. Here’s what I’m talking about. Laptop using wireless. Within our internal network we would LIKE all our web traffic to be encrypted at least from the laptop to a wired host. (From there to the outside world it will be open.) At the minimum we would like to have the traffic encrypted over the wireless leg of the journey. Here’s the most straightforward approaches uing ssh.
-
Apache2 not starting because of ssl_scache file
I mentioned this a while back, but I didn’t go into much detail on a long term solution. Let me re-set the situation. Linux server running apache2. It’s Mandrake (now Mandriva) (an older version.) When the system has suffered abrupt outage (power loss). Everything starts up normally with the exception of httpd2. It claims that it’s running but gives an error message. (For reference here’s the old article. Basically when you try to manually restart you see..
Cannot allocate shared memory: (17)File exists apache
-
Nyxem.E virus delete files payload
F-secure has some details on a dangerous payload for the Nyxem.E virus. (The Nyxem.E virus is very similar to the Email-Worm.Win32.VB.bi that was talked about earlier in the week.) In fact, this virus seems to be spreading fairly well (not the blockbuster spread of older email viruses, but it is spreading.) Anyway, according to f-secure it will on the 3rd of the month, delete all files matching the following patterns. *.doc *.xls *.mdb *.mde *.ppt *.pps *.zip *.rar *.pdf *.psd *.dmp *(on all accessible drives.)