The Register has reported that over 10,000 websites have been hacked. These sites were infected by a Trojan downloader and it installs a malware on the computers of users who visit one of the sites.

Paul Ferguson of Trend Micro, a security firm, said that the number of infected sites jumped from 1,100 to 2,500 between the days of Friday and Sunday.

“It’s all over the map. The sheer numbers right now are keeping us pretty busy. All this Web 2.0 stuff is going to turn in to Web uh oh!” said Ferguson.

It is known that the redirected sites use an MPack attack kit. Symantec said that this MPack is “a professionally written collection of PHP software components designed to be hosted and run from a PHP server with a database backend.”

Source: The Register

I wrote earlier about keyloggers, and why they should not be used. Now, I want to focus more on the business environment, and look at keyloggers from a security and confidentiality perspective.
Read the rest of this entry »

A user has found away to make Microsoft’s authentication for Genuine Windows work by using a copy of Xubuntu.

He downloaded the application instead of testing it online to test the authentication since IE4Linux does not support Active X technology. When he ran the program, he received a code. Then he pasted this code in the authentication box. It verified correctly and it forwarded him to a webpage where he can download Windows Defender which was the program that he wanted on Xubuntu.

A video is available on rapidshare and it shows how he did it. The link is located on theinquirer.net’s article.

Source: The Inquirer

An update has been released by Apple which fixes three vulnerabilities in their Safari browser for users of Windows operating systems.

The newest beta version of the browser is now 3.01 although it is uncommon that version numbers of software changes during the beta stages.

One of the three vulnerabilities was discovered by a researcher named Thor Larholm. However, he did not get any credit.

He wrote in a blog, “Given that Apple has a lousy track record with security on OS X, and a hostile attitude towards security researchers, a lot of people are expecting to see quite a number of vulnerabilities targeted at this new Windows browser.”

Source: Secure Computing

I’ve seen a lot of talk recently about using key loggers. For those not familiar with the term, these are programs or pieces of hardware which record all of the keystrokes entered by a user at a computer, storing them for later retrieval.

Clearly these devices have uses such as obtaining passwords, bank login details, credit card numbers, and so forth, but also they can be used to monitor activities on a computer. This is the kind of use I wish to discuss today.
Read the rest of this entry »

Almost a twenty percent of people in employment in the UK (a small island with a lot of places that are next to each other and therefore quite easy to get to unlike the US or Australia) are teleworkers (CIPD Autumn 2006). These are people who work from home at some point, using a telephone and a computer to conduct their business. Some of the reason for this is geographical (it makes sense from a travel point of view), some of it is financial, and some of it is to do with flexible working and family friendly arrangements. However, the one area where your front bedroom is definitely at a disadvantage to your office is the distinct lack of technical support available. Any takers????
Read the rest of this entry »

The Register has reported that there was a Yahoo! flaw that lets an attacker take control of a user’s Yahoo! account by tricking the user to click on a malicious link.

That flaw has now been fixed by Yahoo! and it has something to do with cross-site scripting (XSS).

When the user gets tricked, the attacker can view his or her address book, make instant messages, view recent searches, and change settings in the user’s account.

“Yahoo! takes security seriously and consistently employs measures to help protect our users,” said a Yahoo! spokesman.

“It’s incredibly powerful because it allows the attackers to to do anything they want to any website that’s vulnerable,” said Robert Hansen who is a researcher.

Source: The Register

Computerworld has posted on their website that a new type of email spam has been released. Their article call it ‘image spam’ and these spams are stationery backgrounds that are embedded to emails to avoid a software’s antispam technology.

One of these emails has a title which says ‘GED’.

Paul Henry of Secure Computing said, “Many spam filters look in the [e-mail] body, but don’t look into the headers.”

Mozilla’s email software, Thunderbird, did not display the image when it received the same email.

One way to prevent on receiving the spam is by setting display to just text. However, it will also block images that user’s may actually want to view in their other email messages.

Source: COMPUTERWORLD

An enormous number of people set their web browser, e-mail client, and other software, to store their login details. Then, they leave the computer unattended for maybe hours at a time, often without locking the workstation first. I surely do not need to spell out how this could affect security.
Read the rest of this entry »

Today I had an onsite computer repair callout where the description was that “the computer was running slow and they installed some stuff”. I get these kind of callouts all the time and it is usually a malware infection or virus of some sort which uses alot of system resources and lags the computer. This time it was different.
Read the rest of this entry »