| |
Current Topic: Computer Security |
|
Topic: Computer Security |
12:39 am EDT, Aug 7, 2006 |
Aol released TONS of user information in the form of search engine queries, and whether or not links were clicked on. While they did obliterate the name, replacing it with a number, anyone that has egosurfed is clearly at risk.. So...what am I going to do? I'm going to post a link to the file. AOL has taken the original file down. This one sprung up shortly after. Link to AOL data release |
|
Detecting, Analyzing, and Exploiting Intranet Applications using JavaScript |
|
|
Topic: Computer Security |
1:23 am EDT, Jul 29, 2006 |
Or: How Acidus [*] learned how to port scan company intranets using JavaScript! Imagine visiting a blog on a social site like MySpace.com or checking your email on a portal like Yahoo’s Webmail. While you are reading the Web page JavaScript code is downloaded and executed by your Web browser. It scans your entire home network, detects and determines your Linksys router model number, and then sends commands to the router to turn on wireless networking and turn off all encryption. Now imagine that this happens to 1 million people across the United States in less than 24 hours. This scenario is no longer one of fiction.
You can visit the proof of concept page he created and test drive it now. This is really, really, really scar^H^H^H^H cool! Detecting, Analyzing, and Exploiting Intranet Applications using JavaScript |
|
Breach case could curtail Web flaw finders |
|
|
Topic: Computer Security |
1:34 am EDT, May 2, 2006 |
Security researchers and legal experts have voiced concern this week over the prosecution of an information-technology professional for computer intrusion after he allegedly breached a university's online application system while researching a flaw without the school's permission.
Find a bug. Report it. Have the U.S. Attorney claim in court that you are liable for the costs associated with fixing the bug. Go to Jail. Dave Aitel has it right... Retarded... Boy am I glad this wasn't the case a few years back. I know there were some students at Shorter College here in Rome expelled and prosecuting for exploiting a very similiar flaw, but I've not looked into the details of it. There are a lot of problems with Sungard/Banner software/webCT integration. Colleges want to forget all about security - it just has to be easy and cheap. This is retarded and encourages people to keep stuff quiet. Breach case could curtail Web flaw finders |
|
RFID Viruses: Is your cat infected with a computer virus? |
|
|
Topic: Computer Security |
3:49 am EST, Mar 16, 2006 |
The prankster decides to unwittingly enlist his cat in the fun. The cat has a subdermal pet ID tag, which the attacker rewrites with a virus using commercially available equipment. He then goes to a veterinarian (or the ASPCA), claims it is stray cat and asks for a cat scan. Bingo! The database is infected. Since the vet (or ASPCA) uses this database when creating tags for newly-tagged animals, these new tags can also be infected. When they are later scanned for whatever reason, that database is infected, and so on. Unlike a biological virus, which jumps from animal to animal, an RFID virus spread this way jumps from animal to database to animal.
I ignored this article this morning but its actually pretty cool. SQL injection, CSS, and buffer overflows from data stored in RFIDs is a vector that few people have really looked at. I wonder if the new U.S. Passports are vulnerable? RFID Viruses: Is your cat infected with a computer virus? |
|
DOD has vulnerability from Symantec products - DEC 21 - NO fix yet |
|
|
Topic: Computer Security |
3:00 am EST, Dec 24, 2005 |
Just stumbled upon this.... (really symantec users have a problem) Symantec Vulnerability December 21, 2005 A new vulnerability identified in Symantec Antivirus Products in use by the DOD that can result in a heap overflow condition and the ability for an attacker to execute arbitrary code and gain full control of the system. The vulnerability is caused due to a boundary error in Dec2Rar.dll when copying data based on the length field in the sub-block headers of a RAR archive. This can be exploited to cause a heap-based buffer overflow and may allow arbitrary code execution when a malicious RAR archive is scanned. There is no fix provided by Symantec at this time, but blocking .rar files at the email servers and gateways to prevent this vulnerability from being exploited is recommended. This block should remain in place until a fix can be provided by Symantec. Here's more info http://xforce.iss.net/xforce/alerts/id/210 DOD has vulnerability from Symantec products - DEC 21 - NO fix yet |
|
Extortion by IM - Do this or I'll RUIN your business, just watch me.... |
|
|
Topic: Computer Security |
11:05 pm EST, Dec 7, 2005 |
Extortion is going to be the next wave of cyber crime. I'm convinced of that. Data held hostage, businesses threatened. Its already here actually, its just not at a critical point. I believe that eBay users will be particularly susceptible to this. I would really like to see eBay getting a program in place to educate users on how to best respond to such a situation and a cooperation with businesses to help shut down these folks as soon as possible, while preserving data for law enforcement. I'm thinking it was probably a good move to keep the person online for as long as this person did as long as it was not a direct connection. Makes for more log entries, SHOULD anyone that can do something give a crap. This could ALSO be an attempt to discredit a legitimate site. Whatever, in any case, it stinks. ---------------------------------------------------------------- Just in case ebay removes the thread, here's a copy of the alleged IM: (Its NOT me talking.) ------------------------------------------------------------------- I hope it is ok to post this here. I do not know what to do. This is a copy of an IM (I am QueenVal32) ullahebay [6:49 P.M.]: i guess you dont wnat your ebay business right? ullahebay [6:49 P.M.]: do you want me to create fake bids and kill it? ullahebay [6:50 P.M.]: if you not going to help me then i will destroy your ebay business ullahebay [7:03 P.M.]: ok i will gohead and bid on your items ullahebay [7:03 P.M.]: if oyu are not going to reply me with in a min ullahebay [7:07 P.M.]: ok i've bid on your items couple of them ullahebay [7:07 P.M.]: if i wont get a response from you ullahebay [7:08 P.M.]: i will bid on your 200 items and make you loose your business at eBay! QueenVal32 [7:13 P.M.]: WHO ARE YOU?? ullahebay [7:13 P.M.]: i want you to give me all the email addresses that you have in your "sold" file ullahebay [7:14 P.M.]: if you wont give it to me, i will destroy your ebay business QueenVal32 [7:14 P.M.]: why would I do that?? ullahebay [7:14 P.M.]: coz i need them to tell them about my new auction site QueenVal32 [7:14 P.M.]: why don't you just go about things the legit way? ullahebay [7:15 P.M.]: what way? ullahebay [7:15 P.M.]: i didnt get that QueenVal32 [7:16 P.M.]: why do you want my sold file? ullahebay [7:16 P.M.]: i dont want your sold file ullahebay [7:17 P.M.]: i want the email addresses of the users at ebay that you have in your sold folder, because i have a auction website and i dont want to advertise because it cost lots of money and i can't afford that ullahebay [7:17 P.M.]: so i want people to visit my auction site by emails QueenVal32 [7:17 P.M.]: so you harass ME??? Why ME?? ullahebay [7:17 P.M.]: visit my new auction site, www.bidstar.net ullahebay [7:18 P.M.]: not only you, im doing it to everyone. and i've de... [ Read More (0.7k in body) ] Extortion by IM - Do this or I'll RUIN your business, just watch me.... |
|
Kaminski Analysis of Sony Rootkit traffic |
|
|
Topic: Computer Security |
5:41 pm EST, Nov 15, 2005 |
Sony. Sony has a rootkit. The rootkit phones home. Phoning home requires a DNS query. DNS queries are cached. Caches are externally testable (great paper, Luis!), provided you have a list of all the name servers out there.
Nice pictures of worldwide distribution of the rootkit. Kaminski Analysis of Sony Rootkit traffic |
|
Sony to Suspend Making Antipiracy CDs - Yahoo! News |
|
|
Topic: Computer Security |
8:45 pm EST, Nov 12, 2005 |
Stewart Baker, assistant secretary for policy at DHS, did not cite Sony by name in his remarks Thursday but described industry efforts to install hidden files on consumers' computers. "It's very important to remember that it's your intellectual property, it's not your computer," Baker said at a trade conference on piracy. "And in the pursuit of protection of intellectual property, it's important not to defeat or undermine the security measures that people need to adopt in these days."
Sony to Suspend Making Antipiracy CDs - Yahoo! News |
|
The VanZants post link to Sony DRM software uninstall 'service patch' |
|
|
Topic: Computer Security |
10:58 am EST, Nov 7, 2005 |
Oh, it seems someone is figuring out they have screwed up BIG TIME but they aren't admitting it~! " Software Updates Latest Update Service Pack 2 2|Nov|2005, 3.253Mb This Service Pack removes the cloaking technology component that has been recently discussed in a number of articles published regarding the XCP Technology used on SONY BMG content protected CDs. This component is not malicious and does not compromise security. However to alleviate any concerns that users may have about the program posing potential security vulnerabilities, this update has been released to enable users to remove this component from their computers." The VanZants post link to Sony DRM software uninstall 'service patch' |
|
Mark's Sysinternals Blog: Sony, Rootkits and Digital Rights Management Gone Too Far |
|
|
Topic: Computer Security |
3:11 pm EST, Nov 2, 2005 |
The entire experience was frustrating and irritating. Not only had Sony put software on my system that uses techniques commonly used by malware to mask its presence, the software is poorly written and provides no means for uninstall. Worse, most users that stumble across the cloaked files with a RKR scan will cripple their computer if they attempt the obvious step of deleting the cloaked files. While I believe in the media industry’s right to use copy protection mechanisms to prevent illegal copying, I don’t think that we’ve found the right balance of fair use and copy protection, yet. This is a clear case of Sony taking DRM too far.
Sony has gone very far over the line here. I will happily join in the chorus of people screaming lawsuit. Letting this one go would establish the premise that it's acceptable for the media industry to violate your property in order to protect theirs. That approach can only lead to worse problems. Mark's Sysinternals Blog: Sony, Rootkits and Digital Rights Management Gone Too Far |
|