Security Tools News & Tips

This time it’s a javascript that allows its owner to temporarily access the browser’s MySpace account. The bad guys may have managed to spam about 1.5 million MySpace accounts.

Stalkertrack.com advertises a free and upcoming service that tracks the people who visit a client’s MySpace profile. Users are required to divulge their MySpace login credentials, and until we interviewed one of the site owners, terms of service permitted Stalkertrack to log in to MySpace users’ account and send each friend spam messages promoting the site, according to this Google cache. (Those terms were removed in the last 24 hours.)

• Leave a comment...(0)

John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), Windows, DOS, BeOS, and OpenVMS. The primary purpose of this free and open source software is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix flavors, supported out of the box are Kerberos AFS and Windows NT/2000/XP/2003 LM hashes, plus several more with contributed patches.

• More information or Write a review...

2 Korean programmers, aged 20 and 26, are arrested by South Korean authorities in Seoul. These young men have allegedly sent 1.6 billion spam emails between September and December 2006, and have obtained personal and financial information from 12,000 victims which they then sold to other firms. South Korea is the third-worst nation in the world for relaying spam, after US and China.

• Leave a comment...(0)

This year will be a year of Phishing Attacks. That’s what the Messagelabs Intelligence Report for January 2007 suggests. For the first time, they found that proportion of phishing attacks has exceeded the number of threats from virus or Trojan attacks. In numbers they look like this: one in 93.3 (1.07 percent) emails comprised some form of phishing attack, and one in 119.9 emails (0.83 percent) emails were infected with viruses.

MessageLabs attributes the increase in phishing attacks to several factors. Firstly, virus attacks have become more targeted and are no longer occurring as one large outbreak. Secondly, online merchants have recently shifted toward deploying two-factor authentication methods which have given rise to ‘man-in-the-middle’ phishing sites. Man-in-the-middle attacks could signify an end to the traditional phishing techniques currently in use, and an escalation in more sophisticated phishing methods. Finally, an increasing number of phishing sites are now using Flash content rather than HTML in an attempt to evade anti-phishing technology deployed in Web browsers.

• Leave a comment...(0)

After the Nokia’s defacement it’s Coca-Cola’s turn. As of writing this entry, Coca-Cola Singapore is still defaced by crackers_child. This is the second time coca-cola Singapore’s site has been hacked, first time it was hacked in 2003. They’re running Windows 2003 with IIS6. Here is the screenshot I’ve captured.

• Leave a comment...

In response to the suspension of his popular domain Seclists.org, Fyodor has created a new site NoDaddy.com. It’s a public interest site, with suggestion to alternative registrars, GoDaddy Horror Stories, Forums and links to free speech organizations. The perfect domain name was donated by another user who had been harassed by GoDaddy in the past. Doug Karr has contributed the logo. Now they’re looking for Forum operator and other contributors.

Here’s the response from Ben Butler (Director of Network Abuse at Go Daddy).
This is what Jim Davidson thinks about the case.

• Leave a comment...

Windows Vista is finally released to consumers. Bill Gates introduced the Vista to audience in New York and his speech was broadcast live over the web. He emphasized on Vista’s security features such as, IE anti-phishing, anti-spyware, parental controls and many more… Microsoft is claiming Vista to be the most secure Windows. But skeptics say Microsoft claimed the same with WinXp too. It’s launched with a promise saying “wow starts now”, but Mac users say there’s no “wow”, they’ve just copied OS X. Anyway, Vista is launched after a long delay and Microsoft has made security a real priority, but let’s see how it copes in real world. BTW, windows Vista SP1 is already on the way and Vista DRM already Cracked?! BBC has an interesting review from two Vista users, a Linux user, and an OS X user, as part of their coverage of the launch of Vista.

• Leave a comment...(0)

VisualRoute offers integrated traceroute, ping tests, reverse DNS and Whois lookups, and display the actual route of connections and IP address locations on a global map. VisualRoute helps determine if a connectivity problem is due to an ISP, the Internet, or the destination web site, and pinpoints the network where a problem occurs. VisualRoute also has the unique ability to identify the geographical location of routers, servers, and other IP devices. This information is very useful for security purposes to help identify the source of network intrusions and Internet abusers.

• More information or Write a review...(0)

idproxy.net, allows you to sign in using your Yahoo! account and create/use more OpenIDs. This was done by developer, Simon Willison using Yahoo’s open authentication API, so he says, it’s perfectly valid and Yahoo! won’t be squashing this effort. This ability to use Yahoo IDs means a boost for startups by eliminating the need for registration. But there’s a greater threat to this than Yahoo!. It’s Phishing! OpenID is extremely vulnerable to phishing, with OpenID the phishers won’t have to mimic the legit sites but just create any web site and ask users to login using OpenID. Here’s Wilson’s proposal to Solving the OpenID phishing problem

Instead of displaying the login form directly, providers should show a page that looks something like this:

To log in, please navigate to login.example.com. The page your are currently viewing should contain no links; if there are any links or this text is changed in any way you may become a victim of online identity theft.

Via: Digg

• Leave a comment...(0)

WebScarab is a framework for analysing applications that communicate using the HTTP and HTTPS protocols. It is written in Java, and is thus portable to many platforms. WebScarab has several modes of operation, implemented by a number of plugins. In its most common usage, WebScarab operates as an intercepting proxy, allowing the operator to review and modify requests created by the browser before they are sent to the server, and to review and modify responses returned from the server before they are received by the browser. WebScarab is able to intercept both HTTP and HTTPS communication. The operator can also review the conversations (requests and responses) that have passed through WebScarab.

• More information or Write a review...(0)