Security Tools News & Tips

Many web sites at Dreamhost have been hacked, they say: approximately 3,500 FTP passwords have been compromised.

We’re still working to determine how this occurred, but it appears that a 3rd party found a way to obtain the password information associated with approximately 3,500 separate FTP accounts and has used that information to append data to the index files of customer sites using automated scripts (primarily for search engine optimization purposes).

• Leave a comment...

Report: Security Certifications Boost Pay - “IT professionals with security certifications—including all versions of the CISSP, CISA, GSE, CISM, SSCP and GCFA—earned 10 percent to 14 percent premiums on their base pay over their non-certified counterparts.”

New vulnerabilities hit Firefox and Internet Explorer - There are no patches yet available from either vendor. The most serious is MSIE page update race condition, and next most severe is Firefox Cross-site IFRAME hijacking.

Encrypt and sign Gmail messages with FireGPG - “It integrates nicely into Gmail’s interface and allows you to sign and encrypt not only email messages but also text snippets from any Web page.”

Google Desktop vulnerable to attack - RSnake has discovered a man-in-the-middle attack on Google Desktop.

• Leave a comment...(0)

Christopher Soghoian is reporting that many popular Firefox extensions like Google Toolbar, Google Browser Sync, Yahoo Toolbar, Del.icio.us Extension, Facebook Toolbar, AOL Toolbar, Ask.com Toolbar, LinkedIn Browser Toolbar, Netcraft Anti-Phishing Toolbar, PhishTank SiteChecker and a number of others, mainly commercial have vulnerability in the upgrade mechanism.

Users are vulnerable and are at risk of an attacker silently installing malicious software on their computers. This possibility exists whenever the user cannot trust their domain name server (DNS) or network connection. Examples of this include public wireless networks, and users connected to compromised home routers.

Here’s a video demo of the attack against Google Browser Sync. It is recommended to disable or delete insecure extensions from your browser until there’s a fix.

• Leave a comment...

Apple Plugs QuickTime Security Holes - The patch is available for both Mac and Windows, which plugs two holes that could trick users to visit a malicious website and may lead to arbitrary code execution.

Google buys GreenBorder - Google gets deeper into Net security after buying GreenBorder, a browser virtualization software company that creates a sandboxed environment for your existing Firefox or Internet Explorer.

Phony BBB email dupes more than 1,400 execs - “a highly sophisticated phishing scheme that has already duped at least 1,400 US executives. They were fooled into sending sensitive information in response to an email purporting to come from officials at the Better Business Bureau.”

• Leave a comment...(0)

US Defense Department reports that China is preparing for cyberwarfare by developing viruses and training more seriously for computer attacks. The main target is of course Taiwan, but since US would intervene in case of such attack, so US is a potential target too.

“The PLA has established information warfare units to develop viruses to attack enemy computer systems and networks,” the annual DOD report on China’s military warned. At the same, Chinese armed forces are developing ways to protect its own systems from an enemy attack, it said, echoing similar warnings made in previous years.

• Leave a comment...(0)

An independent assessment of Windows vs. Linux. Microsoft Windows Server 2003 vs. Red Hat Enterprise Linux AS v.3 were examined to see which platform is more secure.

The results were not unexpected. Even by Microsoft’s subjective and flawed standards, fully 38% of the most recent patches address flaws that Microsoft ranks as Critical. Only 10% of Red Hat’s patches and alerts address flaws of Critical severity. These results are easily demonstrated to be generous to Microsoft and arguably harsh with Red Hat, since the above results are based on Microsoft’s ratings rather than our more stringent application of the security metrics. If we were to apply our own metrics, it would increase the number of Critical flaws in Windows Server 2003 to 50%.

• Leave a comment...(0)

Lessons From a Honeynet That Attracted 700,000 Attacks - The Continuous Processes of Vulnerability Management: Create security policies & controls, Track inventory / categorize assets, Scan systems for vulnerabilities, Compare vulnerabilities against inventory, Classify risks, Pre-test patches, Apply patches, Re-scan and confirm fixes.

Apple patches a dozen security holes - Apple released security updates to Mac OS X operating system and other software.

MS update patches patching - Microsoft this week pushed an update to patch their patching system.

OpenOffice virus reaches across platforms - “A virus writer with something to prove has written a proof-of-concept OpenOffice document to demonstrate a way to infect Windows, Linux and Mac OS X systems with a single script.”

• Leave a comment...(0)

Google Online Security Blog - Google has gone public with it’s new security blog. The first post says: “we’ve started this blog where we hope to periodically provide updates on recent trends, interesting findings, and efforts related to online security. Among the issues we’ll tackle is malware, which is the subject of our inaugural post.”

Top 10 vulnerabilities in Web applications in Q1 2007 - “In this study, Cenzic identified 1,561 unique vulnerabilities during the first quarter of 2007. Of the reported vulnerabilities, file inclusion, SQL injection, cross-site scripting and directory traversal were the most prevalent, totaling 63 percent. The majority of vulnerabilities affected Web servers, Web applications and Web browsers, with Cenzic classifying the bulk as easily exploitable.”

Top 15 free SQL Injection Scanners - “Checking for SQL Injection vulnerabilities involves auditing your web applications and the best way to do it is by using automated SQL Injection Scanners. We’ve compiled a list of free SQL Injection Scanners we believe will be of a value to both web application developers and professional security auditors.”

• Leave a comment...

Estonia hit by ‘Moscow cyber war’ [BBC] - Estonian web sites have suffered massive DoS attacks for the last three weeks, and they’re blaming Russia for it.

Symantec pursues $55m copyright damages [Channel Register] - Symantec is seeking $55m in damages against eight US and Canadian firms for selling illegal copies of its software.

British Judge asks to prosecutor: So what’s a Web site? [msnbc] - “The trouble is I don’t understand the language. I don’t really understand what a Web site is,” he told a London court during the trial of three men charged under anti-terrorism laws.

Global net censorship ‘growing’ [BBC] - The level of state-led censorship of the net is growing around the world, according to a survey

• Leave a comment...(0)

Mac Virus and On-Line Security FAQ - “These days it’s hard to avoid the dirty underbelly of the Internet, it’s not as bad as it seems out there if you have some common sense and know the facts Using a Mac helps too. In this little FAQ, I’ll pass on some tips and get you up to scratch regarding viruses, internet security, firewalls, on-line shopping and more.”

Ubuntu Security Resource - “If you’ve recently switched from Windows to the Linux distribution Ubuntu, you’ve probably experienced a decrease in spyware — and malware in general — on your system. But although Ubuntu is billed as the ultra-secure solution, you should know that even though Ubuntu’s default install has its flaws, like every other operating system.”

Firefox Surfers More Likely Patched Than IE Users - “New statistics released today indicate that people who use Mozilla’s Firefox Web browser are more likely to be cruising the Web with all of the latest security updates installed than those surfing with Microsoft’s Internet Explorer.”

• Leave a comment...(0)