Sunday, December 25, 2005

Happy Holidays

Peace on Earth....A Christmas Wish
Bing Crosby/David Bowie

Peace on Earth
Can it be?
Years from now
Perhaps we'll see.
See the day of Glory
See the day when men of Good Will
Live in Peace
Live in Peace again.

Peace on Earth
Can it be?

Every child must be made aware
Every child must be made to care
Care enough for his fellow man
To give all the love that he can.

I pray my wish will come true
For my child and your child too
He'll see the day of Glory
He'll see the day when men of good will
Live in Peace again.

Peace on Earth
Can it Be?
Can it Be?

Tuesday, December 20, 2005

Sober Worm Makes Pedophile Arrest

Generally, the word "computer virus" sends shivers down the spine of any computer user. These small, but deadly programs, obviously designed with the most malicious intentions, have done a lot of damage over the past few years. However, it seems that every now and then, viruses become…vigilantes.

The story reported by the Reuters agency seems taken out of a bad comedy. A German child porn offender has turned himself in to the Police, after receiving an e-mail, that that listed the sender as Germany's Federal Criminal Police Office (BKA), allegedly warning him that he is under investigation for visiting some illegal websites. However, no official authority had sent that e-mail. The author was none other than our “friendly” neighborhood friend, the Sober worm.

"It just goes to show that computer worms aren't always destructive," said a spokesman for police in the western city of Paderborn. "Here it helped us to uncover a crime which would otherwise probably have gone undetected."

Police charged the 20-year-old man after finding pornographic images of children on his home computer.

I think that this story proves that old proverb saying that "Every cloud has a silver lining", even if, in the case of worms and viruses, these silver linings are harder to find than a needle in a haystack...

NYC Safety Agent Dies at School

This is just sad for all kinds of reasons...

A city school safety agent died Friday 12/16 of an apparent heart attack after an unruly 12-year-old girl punched the officer during a Crown Heights school dance, police said.

Vivian Samuels, 58, was ejecting the girl about 5:30 p.m. from the dance at MS 390 at 1224 Park Place at the request of Principal Tyona Washington, police said.

As she was being escorted out, the girl struck Samuels at least twice in the face, causing the agent to fall to the ground. Two other agents had to help restrain the girl.

Maker of EnCase Forensics Software Hacked

Guidance Software had to do a forensic investigation on its own systems after a hacker broke in and accessed records, including credit card data, of thousands of customers.

The attack occurred in November, but wasn't discovered until Dec. 7, John Colbert, chief executive officer of Guidance, said in an interview Monday. The attack exposed data on thousands of the company's customers, including 3,800 whose names, addresses and credit card details were exposed, he said.

"A person compromised one of our servers," Colbert said. "This incident...highlights that intrusions can happen to anybody and nobody should be complacent about their security."

Gee you think?

Monday, December 19, 2005

Insider Threat Statistics

From Europe, although I doubt it's any different in the U.S.:
  • One in five workers (21%) let family and friends use company laptops and PCs to access the Internet.
  • More than half (51%) connect their own devices or gadgets to their work PC.
  • A quarter of these do so every day.
  • Around 60% admit to storing personal content on their work PC.
  • One in ten confessed to downloading content at work they shouldn't.
  • Two thirds (62%) admitted they have a very limited knowledge of IT Security.
  • More than half (51%) had no idea how to update the anti-virus protection on their company PC.
  • Five percent say they have accessed areas of their IT system they shouldn't have.
One caveat: the study is from McAfee, and as the article rightly notes:

Naturally McAfee has a vested interest in talking up this kind of threat....

And finally:

Based on its survey, McAfee has identified four types of employees who put their workplace at risk:
  • The Security Softie – This group comprises the vast majority of employees. They have a very limited knowledge of security and put their business at risk through using their work computer at home or letting family members surf the Internet on their work PC.
  • The Gadget Geek – Those that come to work armed with a variety of devices/gadgets, all of which get plugged into their PC.
  • The Squatter – Those who use the company IT resources in ways they shouldn't (i.e. by storing content or playing games).
  • The Saboteur – A very small minority of employees. This group will maliciously hack into areas of the IT system to which they shouldn't have access or infect the network purposely from within.
I like this list...

Thursday, December 15, 2005

Netcraft Anti-Phishing Toolbar Available for Firefox 1.5

Firefox users who haven't yet tried the Netcraft Toolbar are invited to install the latest version, which has been updated for compatibility with Firefox 1.5. Current users upgrading from Firefox 1.0.7 or earlier will need to install the newest version of the toolbar.

Analysis of Malcode - Step by Step

An interesting look at the process of dissecting a malcode sample using tools and techniques that are commonly used by forensic teams...
Overview: (Please Read)
=+=+=+=+=+=+=+=+=+=+=+=+=+
As many of you venture into a pervasive computing environment, it will not be long before
you will be faced with a situation where forensics will be needed. This is an upcoming, and
in my opinion, will be the hottest area of security. If you’re one to chase the big bucks and
you want to stay in the technology track, then this is the route for you. Otherwise, go off
and write documentation for all of the new regulations. That too is hot and returning hefty salaries.

Hey It's Not Friday! - Patriot Act II

Wednesday, December 14, 2005

Home Security - Table Converts to Club and Shield

The 'Safe Bedside Table' has a removable leg that acts as a club and a top that doubles as a shield for self-defense. This is for people who are willing to take on an intruder, providing an extra sense of security whilst in bed.

Students Find Teacher’s Porn - Students Get Suspended

Are things a little backward - down under? This is a fine Humpty Doo...
Three Northern Territory high school students have been caught allegedly accessing a pornographic screensaver on a teacher's computer.

The year seven students were suspended from attending the The St Francis of Assisi Humpty Doo school after typing in a password that brought up a screen saver of a naked woman in a pornographic pose.

The computer accessed was the personal laptop of a female teacher.

The teacher has been reprimanded by the Territory Catholic Education Office for bringing inappropriate material to school, the Northern Territory News reported.

Monday, December 12, 2005

Play Doh Fingers Fool Fingerprint Readers

$3.1 million to play with Play-Doh? Not a bad gig...

Clarkson University Associate Professor of Electrical and Computer Engineering Stephanie C. Schuckers has unmasked the weakness of most fingerpint readers by tricking them into accepting PLAY DOH fingers as real. She used "dental materials" to create a mold of a person's finger, then pressed the Play Doh into the mold. Other materials -- not to mention real-but-severed fingers -- do the trick as well. She and her team are working on improving the technology by teaching scanners to read perspiration patterns in fingers, instead of just the pattern of fingerprints.

Schuckers' biometric research is funded by the National Science Foundation (NSF), the Office of Homeland Security and the Department of Defense. She is currently assessing spoofing vulnerability in fingerprint scanners and designing methods to correct for these as part of a $3.1 million interdisciplinary research project funded through the NSF.

Sunday, December 11, 2005

Air Force Will Guard Cyberspace?

The U.S. Air Force's goals now include "fighting" in cyberspace, according to a new mission statement released this past week...
"The mission of the United States Air Force is to deliver sovereign options for the defense of the United States of America and its global interests -- to fly and fight in Air, Space, and Cyberspace."
Not all that new for them, see this document from January 25, 2005...
The Air Force is pursuing technologies that it believes could engender new operational concepts, to dominate air, space, and cyberspace. These include high performance stealthy aircraft (the F/A-22 and Joint Strike Fighter (JSF)), unmanned combat aerial vehicles (UCAVs), directed energy weapons (such as the airborne laser), miniaturized munitions, and advanced command, control, communications, computers and intelligence (C4I). The Air Force’s space-related programs are in varying states of maturity, and include space-based radars, space-based lasers, micro satellites, “next generation” missile defense, and space operations vehicles. Air Force efforts in the area of cyberspace include computer network attack, computer network defense, and information assurance activities. Both space and cyberspace capabilities are expected to become increasingly important as the Air Force and the other services leverage U.S. information technology assets in numerous warfighting applications.

Friday, December 09, 2005

eBay Pulls Bidding for MS Excel Vulnerability

Whats the retail value of a security vulnerability in Microsoft Corp's Excel spreadsheet program? At last check: $53 and counting.

An unknown security researcher chose a novel way to issue a warning for a code execution flaw in Excelposting it for sale on eBay. But the auction was pulled late Thursday after discussions between Microsoft and eBay Inc.

When the auction was squashed, the bidding had reached $53 and had attracted 19 offers.

A spokeswoman for Microsoft confirmed that the eBay listing was indeed a legitimate security flaw in Excel.

They have even assigned a CVE entry for this:
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2005-4131

Screen shot here

More Friday Fun - The EyeBall Camera

New wireless police camera can be thrown into dangerous situations, like the girls' shower...

The EyeBall camera weighs less than a pound and is protected by a rugged rubber and polyurethane housing. That allows it to be thrown through windows or bounced off walls. When it comes to a rest, the ball stabilizes itself, then begins transmitting footage and sound up to 200 yards away.

Fridays Are For Fun! - Cop Zaps Partner over Soda Break

A police officer has been charged with using a Taser on his partner during an argument over whether they should stop for a soft drink.

Ronald Dupuis, 32, was charged Wednesday with assault and could face up to three months in jail if convicted. The six-year veteran was fired after the Nov. 3 incident.

Dupuis and partner Prema Graham began arguing after Dupuis demanded she stop their car at a store so he could buy a soft drink, according to a police report.

The two then struggled over the steering wheel, and Dupuis hit her leg with his department-issued Taser, the report said. She was not seriously hurt.

Hamtramck police union lawyer Eugene Bolanowski said he expected Dupuis to hire a private lawyer.

Hamtramck is a city of 23,000 surrounded by Detroit.

Thursday, December 08, 2005

Port Scans May Not Always Signal Attacks

University of Maryland'’s A. James Clark School of Engineering researchers have released quantitative data on how hackers break into computers. Their work could change the way system administrators secure their computer systems.

Many (don't count me) in the computer security community have assumed for years that "port scans" precede actual attempts to hack into computers (in a port scan, the hacker tries to find the availability and potential weaknesses of the computer). While some of the largest corporations and government agencies have focused on similar issues, they have not released their findings.

The Clark School researchers, in an article published earlier this year at the Institute of Electronics and Electrical Engineers (IEEE) International Conference on Dependable Systems and Networks DISNEYN Â’05), revealed that port scans precede attacks only around 5 percent of the time. More than 50 percent of attacks are not preceded by a scan of any kind. Hackers donÂ’t necessarily look before they leap.

Wednesday, December 07, 2005

Security Auditing Toolset - Ferret-1.2 Just Released

Ferret is a software tool for checking host vulnerabilities. Ferret helps system administrators by quickly finding vulnerabilities that are present on a host. Ferret is a freely available open-source software implemented in VBScript and Java.

Tuesday, December 06, 2005

How Things Work - Cisco Vulnerability

An interesting window into the hacker mentality. This guy walks step by step through the process of figuring out how to exploit a Cisco IOS HTTP Server code injection vulnerability.

The Cisco advisory here

Homeland (not) Security - 9/11 Commission Grades Progress

9/11 Commission grades the governments progress on it's recommendations - The Bush administration and US Congress are "moving at a crawl" against nimble terrorists", leaving the country vulnerable more than four years after the 2001 attacks, the former September 11 Commission has said in a scathing final report.

Sunday, December 04, 2005

Quonset Huts Yesterday and Today -- Book and Exhibition

This one is for GP - Prefab Quonset huts -- which Buckminster Fuller helped design -- were a staple of WWII logistics, a city for any climate that you could erect in a day. After the war, surplus Quonsets became ubiquitous in American architecture, being converted to houses, churches, and places of work. The Anchorage, Alaska Museum of History and Art is staging an exhibition of Quonsets past and present and has released a book to commemorate it.

Man Uses Open Wi-Fi Networks to Forge Prescriptions

A man who was addicted to pain killers was recently arrested while in line at a Kroger, because the pharmacy suspected him of bogus prescriptions. He used neighbors open Wi-Fi to download prescriptions, then he took them back to his motel room, re-wrote them, and printed them out.

Police say the scheme started with a keychain gadget known as a wi-fi finder, which scans for wireless Internet service. Once Mockensturm found a signal, detectives say would park his van in front of someone's house, steal their wireless Internet access, and download the prescription painkiller information he needed --- without them ever knowing it.

Once he returned to his motel room, detectives say Mockensturm would plug the painkiller information into his computer, then scan an actual prescription, rewrite it, and print out a bogus batch.

Police say the real prescription was for a name-brand drug. But without medical insurance, Mockensturm could only afford a cheap high-- so he went for generic painkillers.

Mockensturm got busted waiting in line at Kroger, when workers at the pharmacy smelled fraud.

Saturday, December 03, 2005

Secure Driving - Stoned Drivers Die More Often

Cannabis almost doubles the risk of fatal car crashes, according to a new study, though smoking the drug is still far less risky than drink-driving, the researchers say.

Stoned drivers were almost twice as likely to be involved in a fatal car crashes than abstemious drivers, according to a study of 10,748 fatal car crashes in France between 2001 and 2003. More than half of the drivers in the study themselves died as a result of their accidents and all the subjects were tested for drug and alcohol use after crashing.

Even after accounting for factors such as the age of the drivers and the condition of the vehicle, the researchers conclude that cannabis caused a significant number of the fatalities, with 2.5% of the crashes directly attributed to cannabis use. Alcohol was the direct cause of about 29%.

Using cannabis and alcohol together was 16 times more risky than driving with neither drug in their body.

Friday, December 02, 2005

Fridays are for Fun - Secure your Nuts!

Russian squirrel pack 'kills dog' - Squirrels have bitten to death a stray dog which was barking at them in a Russian park, local media report. Passers-by were reportedly too late to stop the attack by the black squirrels in a village in the far east, which reportedly lasted about a minute. They are said to have scampered off at the sight of humans, some carrying pieces of flesh.

Thursday, December 01, 2005

A Bunch of Bluetooth Hacks

Headphone hijacking, green plaque multi dongle discovery, link key theft... Lots of fun stuff...

Wednesday, November 30, 2005

Hacking Wiretapping Systems

Nice research by Matt Blaze on evading telephone wiretapping systems. Here's his paper and a companion article. The page is worth visting just to listen in and find out what Alice and Bob have been up to.

War Sucks

I don't care what side you are on... The kids factor has to make you think-- there must be a better way.

This presents about 4,000 photographs showing the Iraq War killing and maiming, most from the Associated Press's archive and others from sources listed.

Firefox 1.5 is Out Today

Firefox 1.5 came out earlier today. I've been using the beta for a week or two now, and no complaints. If you're still using Microsoft's IE now is a great time to switch -- better ad-blocking, better usability, better security, better standards-compliance and it's free!

Download Link

Smarter Surveillance Cameras

Surveillance cameras often capture only a blurred mug shot of a suspect, either because they are moving or because the camera is not focused correctly.

But IBM has developed a solution. Instead of using a single camera to monitor a scene, IBM has patented a system that uses several cameras at once.

The idea is that a fixed camera takes a series of shots of a person, enabling a computer to then calculate their direction and speed of motion. This information will then be used to make movable cameras follow the target's path, enabling them to focus accurately. The result should be crystal clear pictures, no matter how fast the subject is moving and should also be able to follow more than one target.

The system may be good for more than security surveillance too. IBM reckons it could also be used at airports to rapidly identify passengers standing in line, if combined with face recognition software.

Read about the smarter surveillance patent here.

Tuesday, November 29, 2005

ET Might be a Malicious Hacker

As if spotty teenagers releasing computer viruses on to the internet from darkened rooms were not enough of a headache. According to a scientific report, planet Earth's computers are wide open to a virus attack from Little Green Men.

The concern is raised in the next issue of the journal Acta Astronautica by Richard Carrigan, a particle physicist at the US Fermi National Accelerator Laboratory in Illinois. He believes scientists searching the heavens for signals from extra-terrestrial civilisations are putting Earth's security at risk, by distributing the jumble of signals they receive to computers all over the world.

Sunday, November 27, 2005

Consumer Privacy Top 10

Chris Hoofnagle is the West Coast Director for EPIC, here's his "top 10" things you can do with very little money or effort to protect your privacy.

Saturday, November 26, 2005

Interview: Nessus' Ron Gula

Here is an interview with Ron Gula, to get a glimpse of Tenable's free Nessus 3 vulnerability scanner. The interview discusses license changes, community involvement, daemon security, GPL open-source versus free, and more.

Secure Your Christmas - Start Your List Now!

The VisionStation - Standard flat-screen applications can display a field of view (FOV) of no more than 60°. The Elumens VisionStation allows for a fully immersive display of 160°. The VisionStation’s ultra-wide FOV creates an amazing sense of space and depth, without need for goggles or glasses. The large size of the VisionStation screen (1.5 meters) also helps promote an excellent sense of immersive 3D.

Friday, November 25, 2005

Cracking Safes with Thermal Imaging

This "research" paper presents an interesting physical world attack that may be easily deployed by a determined attacker to compromise many high-security access control systems in use today. Although this paper's findings are hardly groundbreaking (and in some ways, are downright obvious), it includes some cool pictures of what should be most certainly taken into account in risk management, secure zone planning, and when drafting operating procedures for high-risk areas.

Author Michal Zalewski is respected in the hacking and security communities for his intelligence, curiosity and creativity...

Thursday, November 24, 2005

A Secure and Happy Thanksgiving

Maybe this event is too dangerous and should be cancelled. Even only if to save one person! The humanity...
The 79th Macy's Thanksgiving Day parade stepped off as scheduled Thursday after concern windy weather would ground the famous balloons.

A straying M&M balloon, possibly whipped by the wind, hit a lamp post at Times Square, sending shattered glass to the ground and two people to the hospital, WABC, New York, said. Their condition was not known.

Another M&M balloon struck WABC's Good Morning America studio, also in Times Square...
A special thanks to all our troops around the world keeping us safe. Be safe and come home soon.

Wednesday, November 23, 2005

Aw Nuts - U.S. Seen Vulnerable to Space 'pulse' Attack

Are you kidding me? The "single most serious national-security challenge."
The United States is highly vulnerable to attack from electronic pulses caused by a nuclear blast in space, according to a new book on threats to U.S. security.

A single nuclear weapon carried by a ballistic missile and detonated a few hundred miles over the United States would cause "catastrophe for the nation" by damaging electricity-based networks and infrastructure, including computers and telecommunications, according to "War Footing: 10 Steps America Must Take to Prevail in the War for the Free World."

"This is the single most serious national-security challenge and certainly the least known," said Frank J. Gaffney Jr. of the Center for Security Policy, a former Pentagon official and lead author of the book, which includes contributions by 34 security and intelligence specialists.
People have been thinking about the EMP threat for, what, forty (fifty?) years now. "Least known?"- my fanny. I am getting a box of tin foil and heading for the basement right now!

Personal Security - 911 Audio Hears Texas Granny Shoots Intruder

Clutching her .38-caliber revolver, Susan Gaylord Buxton swung open each closet door of her northwest Arlington, TX home early Wednesday, convinced that an intruder had broken a window and hidden inside.

Finally, as she yanked open the door to the closet near the front door, her light revealed a man's face peering from underneath a coat.

"Shh," he begged.

"Then he popped out of the door like a jack-in-the-box," Buxton recalled.

Buxton, 66, warned the man to lie on the floor or she'd shoot him.

When he didn't, she did.

  • Listen to the Audio

  • Full Story - Here

    Some Folks Should be in Jail for Just Being Stupid!

    Bad idea: taking kiddie porn pictures with your digital camera and going to Best Buy for help when you can't figure out how to delete them by yourself. BTW - sounds like a nice nighborhood...
    "The customer, police say, turned to Best Buy for help in deleting the alleged child pornography from his digital camera. The employees distracted the suspect while police making a drug bust in the parking lot were alerted."

    Tuesday, November 22, 2005

    Soviet Topographic Maps

    For the 50 years prior to the collapse of the Soviet Union in the early 1990s, the Soviet military sought to map every corner of the globe. The result was an extensive collection of standardized maps at various scales. John Davies been researching the history of the Soviet global mapping project and, in particular, the large scale plans of British and Irish towns and cities produced from 1950s to 1990.

    His findings so far, have been documented in two articles. Part 1 was published in Sheetlines 72 dated April 2005, part 2 in Sheetlines 73 of August 2005. Sheetlines is the journal of The Charles Close Society.

    Monday, November 21, 2005

    Mutant Worms Find A New Home Inside Your Instant Messaging Client

    An article posted on SC Magazine talks about new mutant worms and Trojans that are making their rounds on the Internet. Their mode of transportation? A local IM client near you.

    Sunday, November 20, 2005

    20 Years Of Windows

    Today marks the twentieth anniversary of Microsoft's release of Windows 1.0 - WALSTIB...
    November 20, 2005, marks the twentieth anniversary of Microsoft's release of Windows 1.0, one of the most important events in PC history. Even the staunchest Mac or OS/2 devotees must acknowledge that Windows has had a profound impact on the world of computing (although their blood pressure may rise dangerously at the thought).

    Eradicating the evils of iPorn

    Yikes, what's next... Kids downloading copies of National Geographic?

    It's been a tough week for the iPod's image. First, security experts said it could be used for major breaches in networks and servers. Now, the popular device is being blamed for spreading porn among minors and in the workplace.

    Saturday, November 19, 2005

    The New Hackers On The Block

    More evidence that hackers are migrating into crime:

    Forget the outdated hacker image of a spotty anarchic teenager holed up in his bedroom defacing the Web sites of global organisations, today's hackers are not only older but more determined than ever to claim your cash and identity.

    Many early depictions of hackers on the silver screen portrayed relatively benign individuals, such as Matthew Broderick's teenage boy in the 1984 film 'War Games', or Val Kilmer's young prodigy in 'Real Genius'.

    Since then, organised crime units have continued to provide a fruitful income for a group of hackers that are effectively on their payroll. Their willingness to pay for hacking expertise has also given rise to a new subset of hackers. These are not hardcore criminals in pursuit of defrauding a bank or duping thousands of consumers. In one sense, they are the next generation of hackers that carry out their activities in pursuit of credibility from their peers and the 'buzz' of hacking systems considered to be unbreakable.

    Where they come into contact with serious criminals is through underworld forums and chatrooms, where their findings are published and they are paid effectively for their intellectual property. This form of hacking - essentially 'hacking for hire' - is becoming more common with hackers trading zero-day exploit information, malcode, bandwidth, identities and toolkits underground for cash. So a hacker might package together a Trojan that defeats the latest version of an anti-virus client and sell that to a hacking community sponsored by criminals.

    Friday, November 18, 2005

    Friday's Are For Fun - Surveillance Cameras for Dummies

    The folks at WiLife have developed a consumer PC-based digital video surveillance system that is very simple to set-up and use.

    Simply 1) Install the LukWerks software on your PC 2) Plug the included receiver to a USB port on your Web-connected PC and 3) Begin suction-cupping these sleek cameras anywhere-you-damn-please (within 250 feet or so of the receiver). The cameras offer no sound (apparently audio snooping is against the law in most states), but delivers excellent wireless video streams, which can be accessed from any PC in the world and even via smartphones. The cameras also record all the action, so you can review video at a later date or, if you wish, have motion alerts forwarded to your e-mail. The basic setup kit‹which includes a receiver, camera and software‹will run you $299, with additional cameras costing $229 each.

    Thursday, November 17, 2005

    Securing Records - Sparrow Knocks Over 23,000 Dominoes - and is Shot

    Animal rights activists in the Netherlands want charges laid in the shooting of a rare sparrow that knocked over 23,000 dominoes as a TV company was setting up for a world-record attempt.

    The sparrow, which is on the national endangered list, had flown [through an open window] into an exposition centre on Monday in the northern city of Leeuwarden. After knocking over the dominoes, it was chased into a corner and shot by an exterminator with an air rifle.

    but wait there is more...

    'Domino sparrow' becomes a porn star

    Hackers placed very explicit porn on a Dutch website created to commemorate the "Domino D-Day sparrow", it was reported on Thursday.

    The Dutch-language site (www.dodemus.nl) had recorded 53,982 hits by noon on Thursday. The porn was removed some time earlier.

    The site was set up earlier this week following the news that a common sparrow — a protected species in the Netherlands — was shot dead with an air gun on Monday.

    Cox Using Wardriving To Shut Down Customers?

    Interesting thread on netstumbler.org -
    I just got off the phone with a good friend of mine in the mobile IT business. He had a client today who had their account suspended without notification, after a call to Cox support he was told that the customer's account was disabled because of an 'open wireless access point.' After some further questions he found out that now have vans driving around in various customer areas throughout Orange County and San Diego.

    Anyone else heard of this going on? What are the implications of this? Is Cox connecting to customer networks without their permission or just scanning to see for a AP without WEP? What are the chances of Cox turning off a customer that has an AP (without WEP) powered on but not connected to the net? What is the deal with not telling customers they have been turned off and still billing them?

    Wednesday, November 16, 2005

    ShmooCon - Registration Reminder

    The second annual ShmooCon will be January 13-15, in Washington, D.C., at the Marriott Wardman Park Hotel, just minutes from your choice of overly-curious 3-letter agencies. Save yourself money and a seat by registering early, please. Once ShmooCon is sold out, there is NO way to register.

    ShmooCon is a different breed of security convention.

    In a nutshell, over three days, there are three tracks:

    1. Break It! A track dedicated to the demonstration of techniques, software, and devices devised with only one purpose in mind--technology exploitation. You will bear witness to some of the most devious minds, source code, and gadgets on the planet that focus their energies on breaking the technology we mindless sheep keep on buying. Baaaaa.
    2. Build It! A track that showcases inventive software & hardware solutions--from distributed computing or stealth p2p networks to miniature form-factor community wireless network node hardware or robotics even. Let loose your inner geek, and feel free to gawk. With all the neat stuff, it's important to take notes--that way we all have evidence to shoot down some sleazeball patents 5 years from now.
    3. Bof It! A track that promotes the open discussion of critical information security issues in a "birds of a feather" format. From lightning open source code audits or wireless insecurity discussion panels to DRM rants or anonymity & privacy strategies--it's down and dirty, with plenty of controversy for folks who like hashing it out with fellow hackers. Feel free to throw your Shmooballs here, but no fisticuffs, please. Settle your differences with some head-to-head Xbox in the evening, instead.

    An Overview of Cryptography

    A very-very complete look at Cryptography.
    "Cryptography is the science of writing in secret code and is an ancient art; the first documented use of cryptography in writing dates back to circa 1900 B.C. when an Egyptian scribe used non-standard hieroglyphs in an inscription. Some experts argue that cryptography appeared spontaneously sometime after writing was invented, with applications ranging from diplomatic missives to war-time battle plans. It is no surprise, then, that new forms of cryptography came soon after the widespread development of computer communications. In data and tele- communications, cryptography is necessary when communicating over any untrusted medium, which includes just about any network, particularly the Internet."

    Point and Shoot - Was Never So Much Fun!

    Beset by Controversy and Lagging Sales, Taser to Offer Stun Gun Cameras. Taser International Inc. has developed a Taser Cam, which company executives hope will illuminate why Tasers are needed - and add another layer of accountability for any officer who would abuse the weapon.

    The Taser Cam is an audio and video recorder that attaches to the butt of the gun and starts taping when the weapon is turned on. It continues recording until the weapon is turned off. The Taser doesn't have to be fired to use the camera.

    Tuesday, November 15, 2005

    Brain Security - Effectiveness of Aluminium Foil Helmets

    Among a fringe community of paranoids, aluminum helmets serve as the protective measure of choice against invasive radio signals. We investigate the efficacy of three aluminum helmet designs on a sample group of four individuals. Using a $250,000 network analyser, we find that although on average all helmets attenuate invasive radio frequencies in either directions (either emanating from an outside source, or emanating from the cranium of the subject), certain frequencies are in fact greatly amplified. These amplified frequencies coincide with radio bands reserved for government use according to the Federal Communication Commission (FCC). Statistical evidence suggests the use of helmets may in fact enhance the government's invasive abilities. We speculate that the government may in fact have started the helmet craze for this reason.

    Saturday, November 12, 2005

    Security at Disney World

    The bag searches are cursory at best; most of the guards never check bag pockets etc. There are no metal detectors...

    Sunday, November 06, 2005

    Thumb Chopping - Ratings Winner!

    The Vegas mayor and the Big O think alike...

    The mayor of Las Vegas has suggested that people who deface freeways with graffiti should have their thumbs cut off on television.

    "In the old days in France, they had beheadings of people who commit heinous crimes," Mayor Oscar Goodman said Wednesday on the TV show "Nevada Newsmakers."

    Goodman said the city has a beautiful highway landscaping project and "these punks come along and deface it."

    "I'm saying maybe you put them on TV and cut off a thumb," the mayor said. "That may be the right thing to do."

    Goodman also suggested whippings should be brought back for children who get into trouble.

    Another panelist on the show, state university system regent Howard Rosenberg, said cutting off the thumbs of taggers won't solve the problem and Goodman should "use his head for something other than a hat rack."

    Saturday, November 05, 2005

    Mysterious Signals Jamming Garage Door Openers

    Hundreds of automatic garage doors in the Ottawa area have suddenly and strangely stopped working, due to a powerful radio signal that appears to be interfering with their remote controls.

    The Door Doctor has received more than 100 calls from irate customers who can't operate their doors using the remote. It installs Liftmasters, one of the most popular door openers in North America, which operates by radio frequency.

    The signal is transmitted on the 390-megahertz band, which is used by virtually all garage door openers on the continent.

    It's the same frequency used by the U.S. military's new state-of-the-art Land Mobile Radio System.

    Friday, November 04, 2005

    Fridays Are For Fun! - NOVELTY PAYCHECK STUBS!!

    Feeling down about your Salary? Fret, no more! Are the finer things in life getting you down? Make yourself feel better with a fake paycheck stub! Whether you are looking for a great gag gift for a friend, or you need to convince your spouse you really have been waking up and going to work, we can help.

    "Will I need to provide you with my social security number?

    To make the check stubs appear authentic, we definitely recommend it."

    Just when you thought you had seen everything...

    Weekly National Security Index

    A little report known as the National Security Index, put out periodically by the Senate Democratic Policy Committee. It contains some truly grim statistics that are rarely reported by the mainstream media even though the report is available on the Committee's web site, along with footnotes documenting every statistic.

    Thursday, November 03, 2005

    Secure Planet - Model Foresees Carbonated Planet

    Given the computing/programming horsepower at the two National Labs — Lawrence Livermore and Los Alamos — you can appreciate what this means to the question of Global Warming...

    Researchers at Lawrence Livermore National Laboratory predicted a significant increase in average air temperature over the long term - iceless polar regions, 40 degrees Fahrenheit warmer, and a 20-foot rise in ocean sea levels by the year 2300.

    A new study uses a series of interlinked computer models, including a LLNL model that connects carbon input with climate, an ocean-atmosphere model from National Center for Atmospheric Research, and the Parallel Ocean Program (POP) from Los Alamos National Laboratory that simulates ocean circulation.

    Authenticating People by their Typing Pattern

    The University of Regensburg in Germany has released authentication software that makes use of the fact that each person's typing behavior is unique. It works by requesting that the person who seeks access to a computer or a password-protected file type a short passage on an ordinary keyboard: the longer the passage, the more reliable the authentication.

    Wednesday, November 02, 2005

    Grandpa Is Sued Over Grandson's Downloads

    To me this brings to light a bigger issue… Ethics training should be a mandatory subject in grade schools.

    Ethics, like the gyroscope, is a mechanism that must be used consciously and continuously to maintain direction, stability, and equilibrium.
    Ethics Workbook | 1999

    A 67-year-old man who says he doesn't even like watching movies has been sued by the film industry for copyright infringement after a grandson of his downloaded four movies on their home computer.

    The Motion Picture Association of America filed a federal lawsuit Tuesday against Fred Lawrence of Racine, seeking as much as $600,000 in damages for downloading four movies over the Internet file-sharing service iMesh.

    The suit was filed after Lawrence refused a March offer to settle the matter by paying $4,000.

    "First of all, like I say, I guess I'd have to plead being naive about the whole thing," he said.

    "I personally didn't do it, and I wouldn't do it. But I don't think it was anything but an innocent mistake my grandson made."

    Lawrence said his grandson, who was then 12, downloaded "The Incredibles," "I, Robot," "The Grudge," and "The Forgotten" in December, without knowing it was illegal to do so.

    The Racine man said his grandson downloaded the movies out of curiosity, and deleted the computer files immediately. The family already owned three of the four titles on DVD, he said.

    "I can see where they wouldn't want this to happen, but when you get up around $4,000 ... I don't have that kind of money," Lawrence said. "I never was and never will be a wealthy person."

    Kori Bernards, vice president of corporate communications for MPAA, said the movie industry wants people to understand the consequences of Internet piracy. She said the problem is the movies that were downloaded were then available to thousands of other users on the iMesh network.

    "Basically what you are doing when you use peer-to-peer software is you are offering someone else's product that they own to thousands of other people for free, and it's not fair," Bernards said.

    Illegal downloading costs the movie industry an estimated $5.4 billion a year, she said.

    Secure Home - Man Kills Buck With Bare Hands in Bedroom

    It looked like a crime scene, but no charges will be filed after Wayne Goldsberry killed a buck with his bare hands in his daughter's bedroom.

    The engagement lasted an exhausting 40 minutes, but Goldsberry finally subdued the five-point whitetail deer that crashed through a bedroom window at his daughter's home Friday. When it was over, blood splattered the walls and the deer lay on the bedroom floor, its neck broken.

    Goldsberry was at his daughter's home when he heard glass breaking. He went back to check on the noise and found the deer.

    "I was standing about like this peeking around the corner when the deer came out of the bedroom," said Goldsberry, demonstrating while peering around his kitchen wall. The deer ran down the hall and into the master bedroom — "jumping back and forth across the bed."

    "I could tell he was really tearing up the place back there," Goldsberry said.

    Goldsberry entered the bedroom to confront the deer and, after a brief struggle, emerged to tell his wife to call police. After returning to the bedroom, the fight continued. Goldsberry finally was able to grip the animal and twist its neck, killing it.

    INSECURE Magazine - Issue 4

    This issue covers: Structured traffic analysis, Access Control Lists in Tiger and Tiger Server - true permission management, Automating I.T. security audits, Biometric security, PDA attacks, Build a custom firewall computer, and more...

    Tuesday, November 01, 2005

    Secure Earth - Those Pesky UFOs

    Admit it. It’s a common problem everyone’s faced. You wake up in the morning wondering, “Where were UFOs sighted last May?” and had nowhere to look. Well, now you do.

    Hooking into Google Maps, these people have created a visual indication of reported sightings. Make sure to click on a UFO to get the details on a sighting.

    They’ve also created some other interesting maps using the same system.

    Bluetooth Scanning goes Mainstream

    In the last week, Network Chemistry and Airmagnet both released free Windows utilities that scan for Bluetooth devices... With the release of these easy-to-use utilities, are we now on the verge of a "BlueDriving" age? Interesting piece at tomsnetworking.

    Monday, October 31, 2005

    Story of the First Internet Worm

    When was first Internet worm launched? What did it do? What happened to author? (Hint: he became a multi-millionaire.) The answers might surprise you!

    Car handle fingers criminals

    Hitachi has developed a finger-vein-detecting security system for use on car door handles and steering wheels.

    The biometric technique could provide drivers with a highly secure, keyless entry and ignition system.

    A working version fitted to a vehicle is being displayed at this year’s Tokyo Motor Show. When a hand grips the car handle, the embedded unit emits light to capture a clear image of the dorsal vein patterns on the outside of the finger.

    The results are compared to computerised records of vein patterns of registered vehicle users.

    The Outing of Valerie Plame

    60 Minutes did an extensive report on the damage and bad blood that was caused by the outing of Valerie Plame. The piece went on to give a brief history of her with the CIA and the outrage by former officers. Joseph Wilson speaks on behalf of Valerie who is not allowed to defend herself in this whole process.

    Scooter Libby Indictment (PDF)

    Sunday, October 30, 2005

    2005 Information Security Summit Presentations

    Didn't make the 3rd annual Information Security Summit held near Cleveland, OH this year? The presentations are now posted.

    Saturday, October 29, 2005

    Pumpkin PC










    Just in time for Halloween, the staff at the computer store at the University of Arkansas have created a seasonally appropriate PC.

    The Safe and Secure Future (ACLU Style)

    Watch and listen to the sounds of ordering a pizza — in the safe and secure future.

    Friday, October 28, 2005

    Milworm.com - Open Source Exploits

    This site promotes open source security by posting exploits found in popular programs. This site had a Firefox 1.0.7 exploit only a week or two after its release.

    Thursday, October 27, 2005

    Spammers Peddle Drugs to Combat Bird Flu

    GP, placed your order yet? Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis centers, have warned internet users that spammers are putting the lives of innocent people at risk, by peddling drugs online that are said to combat bird flu.

    Sophos's spamtraps are picking up an increasing number of junk messages which claim to sell Tamiflu, the drug believed most effective at protecting humans from the H5N1 strain of the bird flu virus. The drug is in high demand because of fears that the virus could become a pandemic, and spread further around the world after deaths in Asia.

    The spam emails urge recipients to protect themselves and their families from the avian flu virus by purchasing Tamiflu from an online website. The website linked to also supposedly sells Viagra, and a number of other medications.

    Money Laundering - 101

    Money Laundering is a crime. "Money Laundering is also the world’s third largest industry by value".

    Money laundering happens in almost every country in the world, and a single scheme typically involves transferring money through several countries in order to obscure its origins. In this article, you will learn exactly what money laundering is and why it's necessary, who launders money and how they do it and what steps the authorities are taking to try to foil money-laundering operations.

    Wednesday, October 26, 2005

    Microsoft Toughening IE7

    Microsoft's making Internet Explorer (IE) 7 a tougher browser by giving the boot to Secure Sockets Layer (SSL) 2.0 and sliding Transport Layer Security (TLS) 1.0 into the slot. These changes will users a more secure environment to utilize the Internet. The biggest change is the switch to TLS 1.0. HTTPS utilizes one of two secure protocols to protect your data. Those protocols are the SSL or the stronger TLS. The changes they've incorporated will disable the SSL and enable the TLS. IE7 users will negotiate either through the SSL3.0 or the TLS1.0. In a nutshell, it means your Internet connection will be more secure for various things. IE7 will also block sites without digital certificates or expired or revoked digital certificates. The rules for this include certificates issued to a hostname other the current URL's hostname; certificates issued by an untrusted root; and then if the certificates are expired or revoked. What happens is when users get to sites that meet these criteria, they have the option to walk away or continue on to the untrusted sites. They did say on their IEBlog, "Generally, IE users will not notice any difference in the user-experience due to this change; it's a silent improvement in security."

    Tuesday, October 25, 2005

    Chronicles of a Wardriver

    "Day 78 - 147 miles and 2,407 APs" - Here is someone with a lot more free time than me... But the site has lots of good stories, tips, links, etc.

    The Story of Snort: Past, Present and Future

    Martin Roesch, the creator of Snort, the de facto standard for intrusion detection/prevention, presents the story of Snort that covers seven years of development that made this tool one of the most important security software titles ever developed.

    During his talk you'll get all the details on how Snort was initially conceived as well as how it is expected to develop further now after Check Point acquired Sourcefire. Among other things Martin talks about all the major Snort releases, the founding of Sourcefire, the enhancements added to the last versions of Snort, new technology that presents a self-tuning engine, and much more.

    The article is located at:
    http://www.net-security.org/article.php?id=860

    Submitted by: Mirko Zorz

    Monday, October 24, 2005

    Personal Security - Web Spy and Cute Too!

    Just what the Big O needs for keeping an eye on the old homestead! "Monitors your room while you are away, automatically takes snap shot of every movement that occurs in your room, you can even set the software to send you an email with attached picture snap shot of the intruder... with built in microphone... sharp video, high resolution."

    Sniffer Wasps may Replace Dogs — Someday...

    US boffins have come up with a device that uses trained sniffer wasps, rather than dogs, to detect chemicals such as explosives and illegal drugs.

    The trained hymenoptera are held in a cup-sized device, called a 'Wasp Hound', developed by the University of Georgia and US Department of Agriculture (USDA).

    Sunday, October 23, 2005

    Assessing Web App Security with Mozilla

    Web application assessment is a challenging task for security analysts. Several products and tools are available, each claiming to perform automated analysis on entire applications. Their capabilities include obtaining data, corroborating it, and printing aesthetically appealing reports--all without user intervention.

    The nature of web applications is very different from that of standard applications. Many times, these tools miss key vulnerabilities in the application. The best way to perform web application assessment is by using the unassailable combination of automated tools and human intellect. This article examines the LiveHTTPHeaders project, which fits seamlessly into Mozilla browser components to facilitate very effective web application assessment.

    Saturday, October 22, 2005

    Security Awareness Posters

    Strange and amusing tour of U.S. government security awareness posters.

    Google Hacking Tips

    This article gives an nice introduction on how to find new vulnerabilities and exploits and then use the google search engine to find sites that still are exploitable.

    Friday, October 21, 2005

    BAITCAR.com - Fridays Are For Fun!

    A bait car is a vehicle owned by the police and is intended to be stolen. After a bait car is stolen, the location, speed, and direction of travel of the vehicle is monitored by police dispatchers at EComm through GPS tracking. Everything that takes place inside the bait car is caught on audio and video. The dispatcher will coordinate a police response and once officers are in position behind the bait car, the engine will be disabled at the click of a mouse button which allows for the quick arrest of the car thieves.

    Thursday, October 20, 2005

    Personal Security - Dangerous Bugs Found in Water on US Planes

    Look GP more good news!

    Dangerous levels of bacteria have been found in drinking water aboard 15% of planes at US airports, an investigation carried out by the US Environmental Protection Agency has found.

    Twenty-four US airlines have now agreed to routinely disinfect their water supplies and monitor water quality in response to the EPA study. "Passengers must feel confident of the water safety on an airplane," says Grant Nakayama of the EPA. "These new protocols will provide protection."

    Ethereal 0.10.13 Released

    Ethereal 0.10.13 has been released. Several security-related vulnerabilities have been fixed. Everyone is encouraged to upgrade.

    For a complete list of changes, please refer to the 0.10.13 release notes.

    Official releases can be found on the download page.

    Wednesday, October 19, 2005

    Metasploit Update - 2.5 Released

    The Metasploit Framework is an advanced open-source exploit development platform. The 2.5 release includes three user interfaces, 105 exploits and 75 payloads.

    The Framework will run on any modern operating system that has a working Perl interpreter. The Windows installer includes a slimmed-down version of the Cygwin environment.

    This is a maintenance release - all updates to 2.4 have been rolled into 2.5, along with some new exploits and minor features.

    This release is available from the Metasploit.com web site:
    - Unix: http://metasploit.com/tools/framework-2.5.tar.gz
    - Win32: http://metasploit.com/tools/framework-2.5.exe

    A demonstration of the msfweb interface is running live from:
    - http://metasploit.com:55555/

    Information about version 3.0 has been posted online:
    - http://metasploit.com/projects/Framework/msf3/

    iPod Video paves way for Porncast Explosion

    From cable television, to the VCR, and even the complexities of streaming media we enjoy on the web today. Porn has not only helped with tech advancements, it has been a very strong revenue generator along the way.

    Sure, research has shown that if you want to have a successful podcast, just throw in a moan or two, but audio only tickles us a little bit (though it may be a bit better for women). But now with the iPod Video on the market, the Podfather Adam Curry predicts that porn is "going to be huge" (pun intended) in a recent Daily Source Code podcast.

    Expect to see a huge jump in Vidcasting now that the iPod Video is on the market. And expect to see the real trailblazing in RSS media delivery to be made by the Porn Industry. The porn industry will take RSS with Enclosures to the next level, simplifying, improving - and yes - making a profit along the way.

    How long will it be, before the first big iPod exploit?

    Changing Environment?

    I don't subscribe to the notion that the security environment is changing. There is nothing new about encryption, two-factor authentication, or even fraud prevention. The basic technologies being deployed now have been around for decades. The essential security tenet CIA (confidentiality, integrity, and availability) is just as applicable today as it was 25 years ago.

    Then what has changed?

    What has changed and/or is changing, is that because of external pressures (be it regulatory, customer, etc.) businesses are being forced to do what they should have been doing all along. Because in the past they weren’t force to do so (couldn’t find the magic ROI for security, etc.), folks are getting caught today with their pants down and paying the price.

    Use encryption as an example: Many security pundits have promoted the encryption of “production data” for years because it was the right thing to do and until recently this idea was unwaveringly rejected by business management at many levels, including by some of the very same individuals that are promoting it today. Promoting it today why? Because it was the right thing to do or because of regulatory and industry pressure? Or is it due to some individuals practicing a little CYA?

    Certainly there are always business implications, priorities, and risks to be considered and evaluated. However, today we need to be especially aware of doing things more securely from the start. To be forward thinking in evaluating the risks and ultimately the cost of doing so will be much less than trying to play catch-up later.

    We don’t need to look at what is new as much as we need to get back to basics. We need to look at CIA first and a little less CYA after the fact. Often doing the right thing first isn’t always the easiest path, but it sure makes it easier to sleep at night in the long run.

    Tuesday, October 18, 2005

    Hacking Sleep - Or How to Get Thru the Weekly Maint. Window

    Polyphasic Sleep, also know as the Uberman Sleep Cycle is a method in which one sleeps 6 times, every 4 hours, for 20 minutes, during every 24 hour period. Why? Well, only sleeping 2 hours a day instead of 7 or 8, give you 3 extra months of awake time each year! This Blog follows Nick Busey's attempt at trying to convert to, and live under this sleep schedule.

    Microsoft Consults Ethical Hackers at Blue Hat

    As part of its second "Blue Hat" conference, Microsoft invited white-hat hackers to campus to try their hand at cracking Microsoft's code. Six white hatters and more than 1,000 Softies were in attendance for the two-day confab.
    Six ethical or "white hat" hackers attended, including noted security expert Dan Kaminsky, Brett Moore of Security-Assessment.com, and David Maynor, a researcher at ISS (Internet Security Systems) Inc., Toulouse said.

    Maynor, who works for ISS' X-Force team in Atlanta, Ga., said he showed Microsoft developers and executives how an attacker could use a USB device to load attack code directly into the memory of Windows machine and force it to run by taking advantage of the DMA (Direct Memory Access) rights assigned by Windows.

    "The DMA vector was the most devastating in my talk because it is hard for just Microsoft to address it. They need support from hardware vendors as well," he said.

    Maynor said Microsoft is working on a more secure model for handling peripheral devices, and may add security checks as a component of the company's USB device driver signing program in the future.

    Personal Security - Body Found After Crash

    Places not to wreck your car...

    The body of a Walton woman who died in her van as the result of an accident Sunday afternoon was not discovered until Monday morning, Delaware County Undersheriff Douglas Vredenburgh said.

    Mary Ellen Martini-Butler, 38, was found under the dashboard on the passenger side of her van more than 18 hours after the accident, deputies said. The van had been towed to Fred'’s Body Shop in Walton.

    On Sunday, authorities, relatives and residents were unsuccessful in a search for Martini-Butler in the vicinity of the crash on state Route 10, and deputies said it was believed she had left the site.

    Deputies said her body was discovered after Fred Babcock, owner of the body shop, sent someone to retrieve the registration from the van at about 8:45 a.m. Monday. When the person moved a pile of boxes, he found the body.

    Monday, October 17, 2005

    Interview With Fyodor Creator Of NMAP

    A Whitedust interview with Fyodor, the creator of one of the most famous (infamous) security tools in existence: NMAP

    Sunday, October 16, 2005

    Open Source Digital Forensics

    The Open Source Digital Forensics site is a reference for the use of open source software in digital forensics and incident response. Open source tools may have a legal benefit over closed source tools because they have a documented procedure and allow the investigator to verify that a tool does what it claims.

    Saturday, October 15, 2005

    Personal Security - Pillows: A Hot Bed Of Fungal Spores

    Damm GP look at this... Researchers at The University of Manchester funded by the Fungal Research Trust have discovered millions of fungal spores right under our noses -- in our pillows.

    Aspergillus fumigatus, the species most commonly found in the pillows, is most likely to cause disease; and the resulting condition Aspergillosis has become the leading infectious cause of death in leukaemia and bone marrow transplant patients. Fungi also exacerbate asthma in adults.

    The researchers dissected both feather and synthetic samples and identified several thousand spores of fungus per gram of used pillow - more than a million spores per pillow.

    Google Earth: The Black Helicopters Have Landed

    The results of The Register's "Spot the Black Helicopter" competition are in, but before announcing the winners, they thought it would be a lovely idea to have a look at some of the other entries which prove just why Google Earth will eventually provoke the complete collapse of Western civilization...

    TSA for Fun!

    Now you and/or your kids can re-enact the excitement of airline screening! Yes, the airline screening playset pictured here is real. But unfortunately, the toy is a far cry from reality, since it doesn’t appear that the passenger comes with removable shoes. And sadly, it doesn’t appear that the set comes with a No Fly list...

    Friday, October 14, 2005

    An Unusually Slick Phishing Attempt

    This one's victim-bank is Halifax Bank in the UK. The subject line reads "URGENT ATTENTION - Halifax-Online Fraud Notice" and the body begins by advising of recent phishing attempts against Halifax customers (which, according to Halifax's own site, is even true) and then asks the customer to contact Halifax on receipt of such e-mails!! (The customer service phone number quoted is even the real one.)

    The e-mail continues by advising that Halifax has updated their security system. They are proud of their new SSL servers "where there is no risk of fraud and your account details are kept encrypted at all times." Naturally, because of this update, you are....guess what?..... asked to log on to the system and "verify your account info at the following link"

    Such link being of the usual format -- an IP address (211.35.64.201) hidden behind a reasonable-looking URL -- which points to a real page on Halifax's servers.

    The e-mail is unusually slick, as well as being cheeky. It's almost devoid of spelling mistakes ("unauthorized" should be "unauthorised" since it purports to come from a British company) and likewise of grammar mistakes ("securer" instead of "more secure" and one missing "to"). It could easily have come from a real person at the bank.

    The image at the top of the e-mail actually comes from the real Halifax servers; as mentioned, the phone number quoted will actually get you to Halifax customer service, and if the URL is typed in by hand to a browser it will get you to Halifax's own servers.

    This phishing attempt is almost perfect, a great use of social engineering and professionally put together.

    Thursday, October 13, 2005

    A Different Look at Bagle

    F-Secure attempts a 3D animation that visualizes the structure and execution of the Bagle.AG@mm worm.

    The boxes in the picture are functions of the worm. The one on the top is the 'main' where the execution starts. The first ring contains all the functions that 'main' calls. The second all the functions that the ones on the first ones call and so on. All connecting lines represent the calls from one function to the other. Red boxes belong to the virus code while the blue ones are API calls library code that do not belong to the malicious code.

    For the curious minded, the animation was created using IDA Pro, IDAPython, Blender and some custom scripts.

    The animations can be downloaded in the following formats:
    Windows Media 9 (9.7 MiB)
    Quicktime (9.3MiB)

    How to Foil a Phish

    What happens after phishers strike? This CSO article provides an inside look at one midsize bank's cutting-edge incident response plan.

    The death of a phish doesn't need to be extraordinary. It's just in a day's work...

    Wednesday, October 12, 2005

    Secure Air?

    A 22-year old Georgia man was arrested Wednesday, accused of stealing a Cessna Citation and taking it from St. Augustine, FL, to Gwinnett County Airport/Briscoe Field. Police described the incident as a "joy-ride."

    A jet with a 6-ton capacity on a 350-400 mile flight and the FAA and Homeland Security never noticed...

    Big Brother Awards Later This Month

    At the end of October, activists in many countries will hand out Big Brother Awards to people who've undermined national privacy and freedom. Here's a schedule of upcoming events:

    Switzerland Zurich 29 October 2005
    Czech Republic Prague 28 October 2005
    Germany Bielefeld 28 October 2005
    Austria Vienna 25 October 2005
    Australia Sydney ?? October 2005

    EPIC Page Describes "Theme Parks and Privacy"

    EPIC has developed an issue page on theme parks and privacy. The page is a single source of information for consumers to learn more about theme parks such as Walt Disney World that use fingerprint scans to control visitor access. In this instance, the unchecked broad adoption of biometrics such as fingerprint scans threatens the privacy rights of adults and children as young as 10 years of age. For more information on related issues, see EPIC's pages on Biometrics, Children and Privacy, and the DOD Recruiting Database.

    Tuesday, October 11, 2005

    Personal Security - Bear Farmer Eaten by Own Animals

    Score one for the Da Bears!

    A Chinese man who raised bears to tap them for their bile, prized as a traditional medicine in Asia, has been killed and eaten by his animals, Xinhua news agency said on Tuesday.

    Six black bears attacked keeper Han Shigen as he was cleaning their pen in the northeastern province of Jilin on Monday, Xinhua said.

    "The ill-fated man died on the spot and was eaten up by the ferocious bears," it said, citing a report in the Beijing News.

    In practices decried by animal rights groups, bile is extracted through surgically implanted catheters in the bear's gall bladders, or by a "free-dripping" technique by which bile drips out through holes opened in the animals' abdomens.

    More than 200 farms in China keep about 7,000 bears to tap their bile, which traditional Chinese medicine holds can cure fever, liver illness and sore eyes.

    Monday, October 10, 2005

    White Paper - SQL Injection Attack and Defense

    This paper focuses on educating the security professionals with the risks associated with this situation and tries to give brief understanding of various kinds of attacks that attacker may launch and outline of various strategies that can be evaluated and adopted to protect the valuable information assets.

    Personal Security - Police Tazer Video

    In this video a lady gets a little crazy because she got pulled over. The officer was forced to used his tazer gun.

    (Audio also could be used to emulate a night with The Jackhammer)

    Sunday, October 09, 2005

    The 5th Annual Texas Bigfoot Conference

    The 5th Annual Texas Bigfoot Conference will be in Jefferson, Texas, October 15-16, 2005.

    Hey Kids... Maybe you should be looking in NJ...

    Saturday, October 08, 2005

    CNN Interview with Kevin Mitnick

    To many (not me), the name Kevin Mitnick is synonymous with hacking, the cinematic sort where a snot-nosed kid thumbs his nose at authority. But, Mitnick says, the characterization is a bit overdone and the legend untrue, if not libelous.

    Ok Interview, but I think CNN asked some darn silly questions and Mr. Mitnick's 15 minutes were up a long time ago...

    Hoodie Sweatshirts with Integrated Masks

    Closed-circuit cameras (CCTV) are everywhere making it hard to keep a low profile. How about using one for that next data center audit? Stay warm and undercover!

    These handy, masked French hoodies will help get the job done. Heck on the way home, knock-off the local 7-11 for a bonus...
     
    Copyright 2017 e2e Security. Powered by Blogger Blogger Templates create by Deluxe Templates. WP by Masterplan