Security Tools News & Tips

Christopher Soghoian is reporting that many popular Firefox extensions like Google Toolbar, Google Browser Sync, Yahoo Toolbar, Del.icio.us Extension, Facebook Toolbar, AOL Toolbar, Ask.com Toolbar, LinkedIn Browser Toolbar, Netcraft Anti-Phishing Toolbar, PhishTank SiteChecker and a number of others, mainly commercial have vulnerability in the upgrade mechanism.

Users are vulnerable and are at risk of an attacker silently installing malicious software on their computers. This possibility exists whenever the user cannot trust their domain name server (DNS) or network connection. Examples of this include public wireless networks, and users connected to compromised home routers.

Here’s a video demo of the attack against Google Browser Sync. It is recommended to disable or delete insecure extensions from your browser until there’s a fix.

• Leave a comment...

Apple Plugs QuickTime Security Holes - The patch is available for both Mac and Windows, which plugs two holes that could trick users to visit a malicious website and may lead to arbitrary code execution.

Google buys GreenBorder - Google gets deeper into Net security after buying GreenBorder, a browser virtualization software company that creates a sandboxed environment for your existing Firefox or Internet Explorer.

Phony BBB email dupes more than 1,400 execs - “a highly sophisticated phishing scheme that has already duped at least 1,400 US executives. They were fooled into sending sensitive information in response to an email purporting to come from officials at the Better Business Bureau.”

• Leave a comment...(0)

US Defense Department reports that China is preparing for cyberwarfare by developing viruses and training more seriously for computer attacks. The main target is of course Taiwan, but since US would intervene in case of such attack, so US is a potential target too.

“The PLA has established information warfare units to develop viruses to attack enemy computer systems and networks,” the annual DOD report on China’s military warned. At the same, Chinese armed forces are developing ways to protect its own systems from an enemy attack, it said, echoing similar warnings made in previous years.

• Leave a comment...(0)

Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, recovering wireless network keys, revealing password boxes, uncovering cached passwords and analyzing routing protocols. The program does not exploit any software vulnerabilities or bugs that could not be fixed with little effort. It covers some security aspects/weakness present in protocol’s standards, authentication methods and caching mechanisms; its main purpose is the simplified recovery of passwords and credentials from various sources, however it also ships some “non standard” utilities for Microsoft Windows users.

• More information or Write a review...(0)

An independent assessment of Windows vs. Linux. Microsoft Windows Server 2003 vs. Red Hat Enterprise Linux AS v.3 were examined to see which platform is more secure.

The results were not unexpected. Even by Microsoft’s subjective and flawed standards, fully 38% of the most recent patches address flaws that Microsoft ranks as Critical. Only 10% of Red Hat’s patches and alerts address flaws of Critical severity. These results are easily demonstrated to be generous to Microsoft and arguably harsh with Red Hat, since the above results are based on Microsoft’s ratings rather than our more stringent application of the security metrics. If we were to apply our own metrics, it would increase the number of Critical flaws in Windows Server 2003 to 50%.

• Leave a comment...(0)

Lessons From a Honeynet That Attracted 700,000 Attacks - The Continuous Processes of Vulnerability Management: Create security policies & controls, Track inventory / categorize assets, Scan systems for vulnerabilities, Compare vulnerabilities against inventory, Classify risks, Pre-test patches, Apply patches, Re-scan and confirm fixes.

Apple patches a dozen security holes - Apple released security updates to Mac OS X operating system and other software.

MS update patches patching - Microsoft this week pushed an update to patch their patching system.

OpenOffice virus reaches across platforms - “A virus writer with something to prove has written a proof-of-concept OpenOffice document to demonstrate a way to infect Windows, Linux and Mac OS X systems with a single script.”

• Leave a comment...(0)

X-Scan is a general scanner for scanning network vulnerabilities for specific IP address scope or stand-alone computer by multi-threading method, plug-ins are supportable. Which X-Scan feature include in the following: service type, remote OS type and version detection, weak user/password pair, and all of the nessus attack scripts combination.

• More information or Write a review...(0)

Google Online Security Blog - Google has gone public with it’s new security blog. The first post says: “we’ve started this blog where we hope to periodically provide updates on recent trends, interesting findings, and efforts related to online security. Among the issues we’ll tackle is malware, which is the subject of our inaugural post.”

Top 10 vulnerabilities in Web applications in Q1 2007 - “In this study, Cenzic identified 1,561 unique vulnerabilities during the first quarter of 2007. Of the reported vulnerabilities, file inclusion, SQL injection, cross-site scripting and directory traversal were the most prevalent, totaling 63 percent. The majority of vulnerabilities affected Web servers, Web applications and Web browsers, with Cenzic classifying the bulk as easily exploitable.”

Top 15 free SQL Injection Scanners - “Checking for SQL Injection vulnerabilities involves auditing your web applications and the best way to do it is by using automated SQL Injection Scanners. We’ve compiled a list of free SQL Injection Scanners we believe will be of a value to both web application developers and professional security auditors.”

• Leave a comment...

Nemesis is a command-line network packet crafting and injection utility for UNIX-like and Windows systems. Nemesis, is well suited for testing Network Intrusion Detection Systems, firewalls, IP stacks and a variety of other tasks. As a command-line driven utility, Nemesis is perfect for automation and scripting. Nemesis can natively craft and inject ARP, DNS, ETHERNET, ICMP, IGMP, IP, OSPF, RIP, TCP and UDP packets. Using the IP and the Ethernet injection modes, almost any custom packet can be crafted and injected.

• More information or Write a review...

KeePassSD (KeePass for Smart Devices) is the Windows Mobile port of the popular Windows password manager KeePass - The Open-Source Password Safe. There are two separate versions under development for Windows Mobile: KeePassPPC (based on KeePass V1.xx) and KeePassSD (based on KeePass V2.xx). KeepPassPPC works on all PocketPC 2003 SE and Windows Mobile 5.0 PocketPC and Phone Edition based platforms. KeepPassSD should run on PocketPC 2003 SE, Windows Mobile 5.0 PocketPC, Phone Edition and SmartPhone, Windows Mobile 6.0 standard and Pro editions.

• More information or Write a review...(0)