Sunday, December 20, 2009

Microsoft Getting Into Kiddie Porn Business

"Microsoft, through a combination of efforts from the National Center for Missing and Exploited Children (NCMEC), their own dedicated Microsoft Research section and Dartmouth College, Hanover, a new next-generation technology is being launched with the aim of tacking online child abuse imagery.

"Using PhotoDNA, the system picks out images which are identical, even if they have been edited, resized, cropped and edited in other ways, and logs them. The system matches them through a technique which monochromes the image, breaks the image into smaller chunks and the intensity gradients are converted into a signature.

"The signatures, even through editing, will remain the same and allow the system to find copies of the original image. Some similarities could compare QR codes to this, allowing similar cells to match other images, allowing the system to recognise similar gradients and therefore image copies across massive sets of data."

More at ZDNet Blogs...

Thursday, December 17, 2009

Adobe Says: "SUX 2B U"

"Adobe won't patch the newest critical vulnerability in its PDF viewing and editing software for another four weeks, even though attack code has been publicly released.

"In an update yesterday to the security advisory it issued Tuesday, Adobe set the patch date as Jan. 12, 2010, which is also the next regularly-scheduled quarterly security update for Adobe Reader and Adobe Acrobat. Most of the advisory was dedicated to confirming the bug -- which the company had first disclosed late Monday -- and providing instructions for blacklisting the JavaScript API call that contains the flaw.

"Other security experts have urged users to disable JavaScript in Reader and Acrobat to protect themselves until Adobe ships a fix."


There's An App For That

"Militants in Iraq have used $26 off-the-shelf software to intercept live video feeds from U.S. Predator drones, potentially providing them with information they need to evade or monitor U.S. military operations.

"Senior defense and intelligence officials said Iranian-backed insurgents intercepted the video feeds by taking advantage of an unprotected communications link in some of the remotely flown planes' systems. Shiite fighters in Iraq used software programs such as SkyGrabber -- available for as little as $25.95 on the Internet -- to regularly capture drone video feeds, according to a person familiar with reports on the matter.

"U.S. officials say there is no evidence that militants were able to take control of the drones or otherwise interfere with their flights. Still, the intercepts could give America's enemies battlefield advantages by removing the element of surprise from certain missions and making it easier for insurgents to determine which roads and buildings are under U.S. surveillance."


Conficker Still The Shame Of The AV Industry

"Waikato District Health Board has been crippled by a computer worm which has seen every PC in the organisation shut down.

"While the main hospital in Hamilton and smaller outlying hospitals were continuing to function, spokeswoman Mary-Ann Gill said it was important people only came for treatment if it was absolutely necessary.

"Emergency care was still available but those arriving for routine appointments were being affected, as were GPs who often made referrals to hospitals via email.

"`We are asking GPs to only make urgent referrals,` she said.

"`We need to keep as many people out of hospitals as we can.`

"Ms Gill said DHB technicians were working on a computer upgrade overnight when things started to go awry.

"`About 2am they noticed there were some issues with the computers. By 4am they realised a computer virus had got into our whole system.

"`We brought in Microsoft and have been working with them through the night.`

"Conficker has been identified as the culprit."

More at

Tuesday, December 15, 2009


"It’s no secret that most people use the same password over and over again for most of the services they sign up for. While it’s obviously convenient, this becomes a major problem if one of those services is compromised. And that looks to be the case with RockYou, the social network app maker.

"Over the weekend, the security firm Imperva issued a warning to RockYou that there was a serious SQL Injection flaw in their database. Such a flaw could grant hackers access to the the service’s entire list of user names and passwords in the database, they warned. Imperva said that after it notified RockYou about the flaw, it was apparently fixed over the weekend. But that’s not before at least one hacker gained access to what they claim is all of the 32 million accounts. 32,603,388 to be exact. The best part? The database included a full list of unprotected plain text passwords. And email addresses. Wow..."

More at TechCrunch...

Thursday, December 10, 2009

Microsoft Sat On IE 0day For Months

"Microsoft may not have hustled as fast as researchers thought when the company patched a zero-day bug in Internet Explorer (IE) just 18 days after exploit code went public.

"According to VeriSign iDefense, Microsoft had information about the browser bug nearly six months before the researcher dubbed "K4mr4n" posted attack code to the Bugtraq security mailing list on Nov. 20.

"iDefense's Zero Day Initiative (ZDI), one of the two best-known bug bounty programs, reported the vulnerability to Microsoft on June 9, 2009, iDefense noted in an advisory published Wednesday.

"IE6 and IE7, two versions of Microsoft's browser that collectively accounted for approximately 39% of all browsers used last month, were the only editions affected by the vulnerability. The ancient IE 5.01 and the new IE8 were immune from the threat."

More at ComputerWorld...

Wednesday, December 9, 2009

HAWT New Haxx: RAM Scrapers

"Forget keyloggers and packet sniffers. In the wake of industry rules requiring credit card data to be encrypted, malware that siphons clear-text information from computer memory is all the rage among scammers, security researchers say.

"So-called RAM scrapers scour the random access memory of POS, or point-of-sale, terminals, where PINs and other credit card data must be stored in the clear so it can be processed. When valuable information passes through, it is uploaded to servers controlled by credit card thieves.

"While RAM scrapers have been around for a few years, they are a `fairly new` threat, according to a report released Wednesday that outlines the 15 most common attacks encountered by security experts at Verizon Business. They come in the wake of Payment Card Industry rules that require credit card data to be encrypted as it passes from merchants to the processing houses.

"`They are definitely a response to some of the external trends that have been going on in the cybercrime environment,` says Wade Baker, research and intelligence principal for Verizon Business. `Within a year, we've seen quite a few of them in the wild.`"

More at The Register...

Monday, December 7, 2009

First, We Hack All The Lawyers...

"The FBI has some advice for law firms: Be careful.

"The agency recently issued a warning alerting firms that what may appear to be e-mails from clients or contacts could instead be from hackers trying to infiltrate law firm databases.

"The FBI says it has `high confidence` that hackers are targeting legal and public relations firms.

"`Opening a message will not directly compromise the system or network because the malicious payload lies in the attachment or linked domain,` the warning reads. `Infection occurs once someone opens the attachment or clicks the link, which launches a self-executing file and, through a variety of malicious processes, attempts to download another file.`

"... It’s no surprise that law firms are being targeted, said Rohyt Belani, co-founder of the New York-based Intrepidus Group, an information security consulting and software company. `If I can get on a senior partner’s machine or the system administrator’s machine, I’ll get access to the keys to the kingdom for the entire network. A law firm is a place where a lot of sensitive data for different [companies] is collected.`"

More at the Wisconsin Law Journal...

Microsoft Buys Some Gartner™ "Research"

"Business analyst Gartner says proprietary office suites will continue to dominate over web-based office suites because there is a significant performance gap between full-function suites and web-based versions. Gartner points out that one of the biggest gaps is the lack of complete offline services.

"In a report titled `The State of Google Apps`, Gartner argues that Google Apps is not an adequate substitute for Microsoft Office.

"In the short term, Gartner says, few big enterprises would be likely to disrupt what they already have in place for Google's offerings. Changing even something such as the email system in the workplace could be costly and cause problems for security, training staff, service levels and technology."

More at

Friday, December 4, 2009

Facebook Users PWN3D By Rubber Ducky, Cats

"In research commissioned by The Daily Telegraph, which has shocked even top fraud squad police, almost half of users in their 20s agreed to a request from a rubber duck to be Facebook `friends`.

"A similar result occurred with a group of internet users in their 50s, with many agreeing to be Facebook friends with a photo of two cats.

"Many of the Facebook users in both age groups volunteered some of their most intimate details to both the rubber duck and the cats, including their full date of birth, workplace, email address and location. Some even volunteered full addresses and phone numbers without prompting.

"The study was conducted by leading internet security firm Sophos.

"It has raised serious questions about the wisdom of average internet users, given the friend requests were sent without any introduction."

More at The Daily Telegraph...

Thursday, December 3, 2009

Believe It? You Will.

Some Things Never Change

"AT&T got some bad news from Consumer Reports this week, as the magazine's latest survey shows that the carrier now has the lowest level of customer satisfaction in the U.S.

"AT&T got its lowest marks in the survey for its voice services, as it was the only wireless carrier in the United States to receive below-average marks for its voice quality. Verizon received above average marks for its voice service while T-Mobile and Sprint both received average marks. AT&T also received subpar remarks across the board for its customer service while receiving average marks for its text-messaging and data services."

From ComputerWorld...