Tuesday, January 31, 2006

Computer Forensics, Network Security and Computer Crime Podcast

Two former Federal Agents produce a podcast on computer crime etc...

This week's episode -
In this episode we interview President of Red Cliff Consulting, Mr. Kevin Mandia, about trends in incident response. Also we talk about the windows registry, what not to do when interviewing for a tech job, brief talk with Nicholas Harbour about new version of DCFLDD, and NSA document redaction guidelines.

NMAP 4.0 Released!

Nmap has undergone many substantial changes since their last major release (3.50 in February 2004). This is a great tool and it is well worth your time to upgrade...

British School Bans Raising Hands

Not a security story, but...
A school in London has banned children from raising their hands in class and teachers from calling on students with their hands raised.

"It is every child's instinct and every teacher's instinct as well because it is ingrained in us," said Andrew Buck, the school's principal.

"Some pupils are jiggling so much to attract the teacher's attention that it sometimes looks as if they need the lavatory, then when it is their turn they often don't know the answer. Boys -- and it is usually boys -- are seeking attention, so they put their hands up before they have had time to think about the question."

Buck said the same children often wave their arms in the air, but when teachers try to involve less adventurous pupils by choosing them instead, it leads to feelings of victimization, the Daily Telegraph reported Saturday.

To spare embarrassment of the students who do not know the answer, the school has incorporated a "phone a friend" system, allowing one child to nominate another to take the question instead.

Sunday, January 29, 2006

TorPark: Anonymous Browsing on a USB Drive

TorPark is a fully configured combination of Tor (The Onion Router) and Mozilla's browser technologies. Both programs are in the zip files, fully configured. Just unzip them to a flash drive and run the setup file. This won't work for a CD because Tor needs a local directory to write to. Since you don't want to leave tracks on the computer you are using, Tor is set to write to their local directory. And since a CD can't readily be written to, the program will terminate. Once you are running, it may not bring up the start page correctly the first time, just hit the "Home" button.

Friday, January 27, 2006

Friday Fun - Old space-suit = Experimental Satellite

Astronauts on the International Space Station are turning an old Russian space-suit into a satellite by shoving it out the airlock with extra batteries. The suit will transmit a looped message that people with ham radios or police-band scanners can tune into, and there's prizes for people who spot the "SuitSat" from the ground.

Details here.

Black Hat Federal 2006 - Presentations

Black Hat Federal 2006 - Jan 23-26 in Washington DC just wrapped up and the presentations can be found here.

Thursday, January 26, 2006

[IN]SECURE Magazine - Issue 5 (January 2006) Released

DOWNLOAD ISSUE 1.5 HERE

The covered topics are:

  • Web application firewalls primer
  • Review: Trustware BufferZone 1.6
  • Threat analysis using log data
  • Looking back at computer security in 2005
  • Writing an enterprise handheld security policy
  • Digital Rights Management
  • Revenge of the Web mob
  • Hardening Windows Server 2003 platforms made easy
  • Filtering spam server-side

New Blog Worm Found!


Blog.Worm


Link here.

Wednesday, January 25, 2006

Software Security: Building Security In

The latest book from Gary McGraw...

ISBN: 0321356705; Published: Jan 23,
2006; Copyright 2006; Dimensions 7x9-1/4
; Pages: 448; Edition: 1st.

Software Security is about putting the touchpoints to work for you. Because you can apply these touchpoints to the software artifacts you already produce as you develop software, you can adopt this book's methods without radically changing the way you work. Inside you'll find detailed explanations of

  • Risk management frameworks and processes
  • Code review using static analysis tools
  • Architectural risk analysis
  • Penetration testing
  • Security testing
  • Abuse case development

In addition to the touchpoints, Software Security covers knowledge management, training and awareness, and enterprise-level software security programs.

Now that the world agrees that software security is central to computer security, it is time to put philosophy into practice. Create your own secure development lifecycle by enhancing your existing software development lifecycle with the touchpoints described in this book. Let this expert author show you how to build more secure software by building security in.

Users to Blame for Net Banking Woes

Maybe this attitude will transfer to this side of the pond...
The blame for online banking insecurity is as much down to user ignorance as banking inadequacy, the UK Financial Services Authority (FSA) has argued.

In its Financial Risk Outlook 2006, published today, the authority identified several groups of banking customers that it says present the greatest security problems.

These included a hardcore five percent of users who take no security precautions whatsoever when using banking websites, and a further 21 percent who think it unlikely that criminals could access their accounts without the user knowingly having supplied the login. Overall, the FSA found that the young tend to be less security conscious.

A surprisingly high 45 percent of customers surveyed believe that banks should take sole responsibility for online security. If the banks attempted to move all liability for online banking losses to customers, 77 percent say they would abandon Internet banking completely.

Botmaster

James Ancheta aka "Resjames" or "Botmaster" pleaded quilty in Los Angeles Monday for running a botnet and selling bots.

James seems to be offline nowadays... However, the court papers make a fun read.

Tuesday, January 24, 2006

Laptop Mini Wireless Antenna

A wireless antenna made from a standard ball point pen. This site has lots of wireless antenna examples and tips.

Saturday, January 21, 2006

Thief Makes Off With $2,000 Toilet Seat

Dang, now there will be a CA law on toilet seat controls, then a federal regulation, then...
San Diego police are searching for a valuable, high-tech toilet seat taken from an unlocked storage closet.

Hamid Shoushtari bought the toilet seat on the Internet. He said the missing seat -- worth an estimated $2,000 -- is heated. He had planned to see whether he could market the seat in California when it was stolen.

"We may not use it in California, but in colder places like Chicago or New York, in the morning you can program it and it will heat up your toilet seat for about 15 minutes or whatever time you want," Shoushtari said. "You sit on it, you can adjust the water temperature if you want to make it warmer or colder."

Shoushtari said he did have concerns about how the toilet seat would work because it combined electricity and water, a potentially deadly situation for someone sitting on it.

The case is the first grand theft of a toilet seat in San Diego.

Friday, January 20, 2006

Microsoft Earns Patching Praise from IT Execs

More Friday fun! A little hughman quote to end the week...
Microsoft Corp. may take the most heat on security vulnerabilities, but other software vendors need to catch up when it comes to dealing with flaws found in their products, according to users and analysts interviewed last week.

“Their biggest problem now is trying to get past all of the negative legacy perceptions,” said Hugh McArthur, director of information systems security at Chantilly, Va.-based Online Resources Corp., which offers online banking and bill payment services to the financial industry. McArthur added that he would give Microsoft “an A for effort and a B+ for execution” on security issues.

Fridays are for Fun - But Watch Your Step...

www.biyosecurity.be

Thursday, January 19, 2006

Annual FBI Computer Crime Survey

The FBI has just released their Annual 2005 Computer Crime Survey, and I don't think you will find any surprises...

One item that did catch my attention was that according to the survey "Just 9% of the participants said they reported incidents to law enforcement, believing the infractions were not illegal or that there was little law enforcement could or would do. Of those reporting, however, 91% were satisfied with law enforcement's response. And 81% said they'd report future incidents to the FBI or other law enforcement agencies."

I think the issue here is the general lack of understanding of what a threat is, how to judge what should be reported and/or why even bother at all...

Today the PC virus celebrates its 20th Anniversary

The PC virus celebrates its 20th year of existence following the detection back in January '86 of the boot sector virus, Brain, which infected computers via floppy disk. While the virus Brain itself was relatively harmless, it set in motion a long chain of events leading up to today’s virus situation.

Boot sector viruses, now long extinct along with the floppy disk, held a relatively long reign from 1986 to 1995. Since transmission was via disk from computer to computer, infection would only reach a significant level months or even years after its release. This changed in 1995 with the development of macro viruses, which exploited vulnerabilities in the early Windows operating systems. For four years, macro viruses reigned over the IT world and propagation times shrank to around a month from the moment when the virus was found to when it was a global problem.

Blacklisted411 - Online Edition 4 - 01.16.2006

Established over 20 years ago in October of 1983 as the first disk based hacker underground magazine (e-zine), Blacklisted 411 has become not only one of the oldest of the hacker quarterlies available today, but has positioned itself as the top selling print magazine in its market.

Wednesday, January 18, 2006

hacker. (towards an understanding of a word and a concept)

A very interesting site examining the hacker mythology and history.

Parrot Spilled the Beans and got the Boot

Having a Parrot might be a good home security investment. However, seems like being a whistle blower still has its risks...

Somewhere in Yorkshire, there lurks a proverbially nauseous parrot. Ziggy, an eight-year-old African Grey, had provided Chris Taylor with years of companionship until the fateful day when he opened his beak to mimic his owner's girlfriend and squawked out one word: Gary.

Ziggy's obsession with his latest impression grew and he began uttering "Hi Gary!" every time Suzy Collins' mobile phone rang. Chris's suspicions deepened after Ziggy started to make long kissing noises whenever he heard the name Gary on television or the radio.

Things between Chris and Suzy finally came to a head the night Ziggy decided to blurt out: "I love you, Gary" in her voice.

When Chris confronted Suzy about his pet's obsession, she admitted to having had a four-month affair with Gary, a former colleague.

Unable to bear the verbal taunts of his faithful bird, the 30-year-old computer programmer gave Ziggy to a local parrot dealer and asked him to find him a new home.

Tuesday, January 17, 2006

Russian Ultranationalist Party Says Hackers Could Help Fight Terror

Hey, maybe if these guys get day jobs they will leave the rest of us alone... (not)
Russia’s ultranationalist Liberal Democratic Party has called for enlisting services of computer hackers to fight extremism and terrorism.

A statement released by the party and obtained by the Interfax news agency on Tuesday read that hackers “should be widely involved in thwarting pro-terrorist and pro-extremist websites and encouraged to take part in such activities.”

Whatever the public attitude towards those individuals, “the Internet is the domain where hackers are omnipotent,” the statement reads. Therefore, their services should be enlisted to fight terrorism. “A hacker attack is a strong weapon that may be used not only for breaking into bank accounts or performing other illegal actions, but also for the benefit of the nation and the state,” the LDPR activists are convinced.

LDPR is led by Vladimir Zhirinovsky, deputy chairman of the State Duma, the lower house of Russian parliament. Zhirinovsky rose to prominence as a flamboyant politician, notorious for his extravagant ideas and eccentric behavior.

Covers come off UK Spy Plane

Raven, Corax, and DarkStar... I just posted this because of all the cool names...

Images of the UK's first prototype stealth surveillance aircraft have been unveiled.

The unmanned vehicle, which has been built by BAE Systems, is known as the Corax, or as the Raven.

The Corax bears some resemblance to a cancelled US military spy plane called DarkStar, analysts have said.

Jane's International Defence Review said the unmanned aircraft "indicated a new direction in combat vehicles for the UK's armed forces".

Monday, January 16, 2006

Insecurities of Online Banking

Symantec's Candid Wuuest has done some interesting research on the insecurities of E-banking, and a nice job in comparing the different security measures next to one another. His slides also provide a lot of useful info on the topic.

More info on the topic an also be found at:

Why eBanking is Bad for your Bank Balance
Risk Management Principles for Electronic Banking

Google + Public Knowledge + Sex Offenders

Enter your address and it will show your house on a map. All the little colored boxes are Sex Offenders near you. Click on them and you get a name, address & picture of the person along with his crime. It also shows you where they live in proximity to your home and the local schools...

Sunday, January 15, 2006

OpenRCE

Founded in June of 2005 as the brainchild of Pedram Amini, the Open Reverse Code Engineering community was created to foster a shared learning environment among researchers interested in the field of reverse engineering. Heavily modeled on the architecture of Greg Hoglund's rootkit.com, OpenRCE aims to serve as a centralized resource for reverse engineers (currently heavily win32/security/malcode biased) by hosting files, blogs, forums articles and more.

Saturday, January 14, 2006

ShmooCon 06

Just an all around great con/event! After spending all day Saturday at the Wardman Park Marriott I can tell you that there is not a better security event for your $s anywhere...

Compared to what you get for your money at say a SANS and/or a CSI event, ShmooCon is the clear winner.

The Post's Brian Krebs was quick to cover Simple Nomad's chat on "Hacking the Friendly Skies".

Fyodor did a great presentation on Nmap, a copy of his slides and a special ShmooCon dist can be found here.

I also liked kaos.theory and their Anonym.OS LiveCD. Anonym.OS is an OpenBSD 3.8 Live CD with strong tools for anonymizing and encrypting connections. Standard network applications are provided and configured to take advantage of the tor onion routing network. You can download it here.

Charlie Brown's Philosophy About Security

Charlie Brown and Peppermint Patty are sitting under a tree. Peppermint Patty asks Charlie Brown, "What do you think security is, Chuck?"

Charlie Brown: Security is sleeping on the back seat of the car when you're a little kid, and you've been somewhere with your mom and dad, and it's night, and you're riding home in the car, asleep. You don't have to worry about anything. Your mom and dad are in the front seat and they do all the worrying. They take care of everything.

Peppermint Patty: That's real neat.

Charlie Brown: But it doesn't last. Suddenly you're grown up, and it can never be that way again!

Peppermint Patty: Never?

Charlie Brown Absolutely never.

Peppermint Patty (horrified): Hold my hand, Chuck!

Friday, January 13, 2006

Forged Credentials and Security - Crooks Flashing Fake Badges

There doesn't seem to be an easy way to solve this. How do we effectively authenticate individuals? Especially when people aren't trained to do so...

When Frank Coco pulled over a 24-year-old carpenter for driving erratically on Interstate 55, Coco was furious. Coco was driving his white Chevy Caprice with flashing lights and had to race in front of the young man and slam on his brakes to force him to stop.

Coco flashed his badge and shouted at the driver, Joe Lilja: "I'm a cop and when I tell you to pull over, you pull over, you motherf-----!"

Coco punched Lilja in the face and tried to drag him out of his car.

But Lilja wasn't resisting arrest. He wasn't even sure what he'd done wrong.

"I thought, 'Oh my God, I can't believe he's hitting me,' " Lilja recalled.

It was only after Lilja sped off to escape -- leading Coco on a tire-squealing, 90-mph chase through the southwest suburbs -- that Lilja learned the truth.

Coco wasn't a cop at all.

He was a criminal.

Fridays Are For Fun! - Surveillance Video

When the masked man came into the Bethlehem gas station Tuesday night, pointed a knife at him and demanded cash, Kuldip Singh took only a second to realize he was tired of being robbed and was going to fight back.
''Oh, I'll give you the money,'' the store clerk said in mocking tones as he grabbed a wooden baseball bat and swung it at the would-be robber. Singh then charged from behind the counter, hitting the man six times in the head and shoulders before he ran off.
Wish some of the folks on the softball team could hit like this... Video from surveillance camera of an attempted robbery of the Bethlehem (Pa.) Exxon on Tuesday, Jan. 10.

Thursday, January 12, 2006

Department of Homeland Security Promotes Vendor Video

The January 4, 2006 Dept. of Homeland Security Daily Infrastructure Report Highlighted a free online vendor video that shows the viewer the tools and procedures they need to hack into a person's computer as well as the vendors solutions/products.

The video is interesting and probably worth a viewing, but what bugs me about this is that DHS is basically giving a free add/plug for a particular vendor...

Wednesday, January 11, 2006

Burned CDs Last 5 years Max -- Use Tape?

Where is the Beef? It would be nice to have some stats, test results, etc...
Although opinions vary on how to preserve data on digital storage media, such as optical CDs and DVDs, Kurt Gerecke, a physicist and storage expert at IBM Deutschland GmbH, takes this view: If you want to avoid having to burn new CDs every few years, use magnetic tapes to store all your pictures, videos and songs for a lifetime.
But from the land of big glasses and smart dudes we get some different info...
NIST has found that recordable disks seem to last much longer than rewritable disks, Byers said, and even longer than manufactured disks such as CDs for installing commercial software.

General industry guidelines now estimate office-burned copies of CDs and DVDs could remain readable for 100 to 200 years.

Tuesday, January 10, 2006

Home Security - Flaming Mouse Burns Down House

Damn and it's not even Friday...

FORT SUMNER, N.M. -- You've probably heard of a house fire, but how about a "mouse fire?"

An 81-year-old Fort Sumner homeowner said he caught a mouse inside his house and just wanted to get rid of it.

The man threw the critter in a pile of burning leaves near his home, but it ran back to the house on fire.

Village Fire Chief Juan Chavez said the mouse ran to just beneath a window and the flames spread up the window and throughout the house.

All contents of the home were destroyed, but no injuries were reported, Chavez said.

Unseasonably dry and windy conditions have charred more than 53,000 acres and destroyed 10 homes in southeastern New Mexico in recent weeks.

Monday, January 09, 2006

US-CERT: 5,198 Software Flaws in 2005

Security researchers uncovered a record 5,198 vulnerabilities in software products this year, nearly 38 percent more than the number of flaws found in 2004, according to statistics published by US-CERT, a cyber security information-sharing collaboration between the Department of Homeland Security and the CERT Coordination Center at Carnegie Mellon University in Pittsburgh.

Data Mining 101: Finding Subversives with Amazon Wishlists

Tom Owad at applefritter.com has posted a detailed story on how he was able to use Amazon wishlists to profile thousands of people. By using the search function at Amazon, he accessed and downloaded over 260,000 publicly-available wishlists. He then searched the lists for "suspicious" books and authors, including Fahrenheit 451, Michael Moore, Rush Limbaugh, the Koran/Quran and, of course, Build Your Own Laser, Phaser, Ion Ray Gun and Other Working Space Age Projects.

At this point, Tom had a list of Amazon usernames and had identified any "suspicious" books and authors that appeared on each user's wishlist.

But there was still more to do. Amazon allows a user to include their city and state information on their wishlist, so Tom had the information to take it to the next level: plotting his suspects on a Google map.

Starbucks Little Secret

Here's a little secret that Starbucks doesn't want you to know: They will serve you a better, stronger cappuccino if you want one, and they will charge you less for it. Ask for it in any Starbucks and the barista will comply without batting an eye. The puzzle is to work out why...

Saturday, January 07, 2006

Personal Security - USMC: Armor Shortfalls

A recent United States Marine Corps forensic study slams the Interceptor OTV body armor system, claiming "as many as 42% of the Marine casualties who died from isolated torso injuries could have been prevented with improved protection in the areas surrounding the plated areas of the vest. Nearly 23% might have benefited from protection along the mid-axillary line of the lateral chest. Another 15% died from impacts through the unprotected shoulder and upper arm," the report says.

Tuesday, January 03, 2006

Demonstration of WMF File Code Execution Vulnerability

Want to see how bad this latest Windows vulnerability is first hand? Have a look a this video by IronGeek.
 
Copyright 2018 e2e Security. Powered by Blogger Blogger Templates create by Deluxe Templates. WP by Masterplan