Computer Internet network security News

Windows Vista has a feature Microsoft boast makes it very secure, this is the UAC (user account control), this is the box that pops up on your Vista operating system every time you try and do anything apart from breathe. It has been found out recently from Ollie Whitehouse, an architect at Symantec’s advanced threats research team that the SUPER SECURE Windows Vista UAC is not only flawed but can also be spoofed. When Ollie Whitehouse contacted Microsoft about this flaw, they did what they often do and just brushed him aside.

This basically means a malicious hacker could drop a dll (direct link library) file onto a Vista system and basically trick the operating system into thinking that its all ok and then make a call to execute other commands and when the UAC comes up it will give an innocent little notice asking you to just press “continue” for something just like the control panel.

More information can be found about this flaw here.

Technorati Tags: flaw, security, microsoft, vista, operating system, windows, uac, command, spoofed, ollie whitehouse, symantec

Microsoft security, Windows security Microsoft security, Windows security, Windows-Vista

As of 11/2/07 the copy protection scheme know as AACS which is the most expensive DRM ever created (developed by Intel, Disney, Microsoft, Sony plus a few others) has been broken.

Earlier this year attempts to break AACS the copy protection method used for both HD-DVD and Blu-Ray disc was made but only worked for one movie and was not an all round solution.

But now with the recent discovery of the actual processing keys being used, it is now possible to break every movie having been encrypted with AACS.

The actual processing key is:
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0

More information about this can be found here at the arstechnica.com website

And also Jontillman.com

Technorati Tags: AACS, bluray, hd, hddvd, dvd, arstechnica, jontillman, encryption, microsoft, sony, intel, disney, drm

Computer security Systems Computer security Systems

We continue our monthly series of Security Insight newsletter with the discussion of Rogue Dialers and their implications. The article was prepared with contribution by the author of DialStop plug-in for Outpost. Read the article here, and share your opinion below.
Igor PankovProduct Marketing ManagerAgnitum Ltd.

Original post by Agnitum BLOG and a wordpress plugin by Elliott

Computer security Systems Computer security Systems

Click here to listen/download (10:36).
Recently at the industry-wide RSA Conference in San Francisco, Speaking of Security blogger, Shannon Kellogg, sat down with Ron Teixeira, Executive Director of the National Cyber Security Alliance, to discuss that organization’s national information security awareness programs. We invite our listeners to learn more about this important initiative.

Original post by blog@rsa.com (Podcast Producers) and software by Elliott

Computer security Systems Computer security Systems

According to the recent article by Dan Morrill, “Google Desktop Applications, or Google Apps is a risky decision to be making, small company or big company it does not matter”.

Information Security - Google has a lot of money to spend on information security, but Google also has a track record like every other software maker, of having code with bugs. If you use Google apps, you have to trust their code over the internet, and you have to trust them to patch their code in a timely manner.

Legal Discovery – so far the law has worked in this fashion, ISP or Company gets a discovery notice, the ISP or Company is not obligated to inform you, rather they usually make a copy of all the data and send it to the legal group requesting the information. Since all your data is hosted outside the company on a 3rd party server system, ownership is most likely not going to be efficiently defined until there is a series of lawsuits to determine who owns information on 3rd party service providers. Technically, it should already all belong to Google.

Control – usually when working with technology and 3rd party outsource, only “authorized” people are allowed to call for support. Control of the help desk, and the services that the help desk provides for lost information, e-mail support, password reset support, and other low level support functions are now being taken over by Google.

Other Legalities – Have you engaged legal counsel before signing up? This is a big one, what do the company lawyers say about the issue? Will they be involved in the decision, and will management listen to what legal counsel is saying, and what the legal liabilities are.

Federal/State Mandates – if you are covered under HIPAA, SOX, GLB, HB1386, or otherwise, how does using Google Apps help you gain compliance, or remain in compliance if you use their system? From the legal mandates and laws side, unless Google can provide a statement of compliance that will stand up in court, anyone who is under any federal or state law for information security compliance might want to think twice before using this service.

Think long and hard before using Google Apps, make sure there are legal protections and someone can not just randomly request data without talking to legal council first. Make sure that the bases are covered, and if you are in a regulated industry that you get a certificate of compliance from Google. Otherwise, there is a ton of free or low cost software out there that will allow you to do the same things, do them in an equal or like manner.

See full story.

This blog is run by the authors of FindProtected.
FindProtected is a security program that allows you to search for password protected files. With FindProtected, you can effectively identify protected files containing sensitive data on your network.

Business security Business security

I enjoyed talked about ModSecurity (and web application firewalls) in front of the London OWASP Chapter last night. It’s been a while since I talked about ModSecurity. Most of my talks last year were of generic nature, discussing web application firewalls with ModSecurity only mentioned here or there. It was a conscientious effort on my part to help the users make up their own minds. But I think I’ve done enough of that. It’s time to go back to banging on my own drum, so to speak.
My talk, now available from the ModSecurity web site, is a good overview of the current state of ModSecurity. There’s a bit of everything in it: why web application firewalls (with use cases), current and future ModSecurity features, and a mention of the related projects. There is only 13 slides in the presentation but it covers a lot of ground.

Original post by ivanr and powered by Img Fly

ModSecurity ModSecurity

Technology previewMany Outpost Firewall users are asking about the integrated anti-malware protection that we’ll be including in the new security suite, so we thought the best way to address this would be to post some information here about the design concepts behind the anti-malware module as well as its functionality.
First of all, why did we decide to add total malware protection to our core firewall product? Essentially, because we have concluded that ‘point-solutions’ for individual threat types like spyware or Trojans no longer provide the full scope of defense in today’s complex world of security threats.
While the firewall continues to be a reliable deterrent to malware propagation and unauthorized connections, as well as protecting against data leaks, we believe it’s no longer sufficient protection for our discerning customers. By adding comprehensive malware protection, we’re able to block, detect and remove – that is to control – all kinds of malicious [...]

Original post by Agnitum BLOG and software by Elliott

Computer security Systems Computer security Systems

Microsoft announced today that they have released Service Pack 2 for SQL server 2005. This is the long awaited update that makes it Vista compatible.

Key enhancements to SQL Server SP2 include the following:
— Data Mining Add-ins for the 2007 Microsoft Office system enable data mining functionality from SQL Server Analysis Services (SSAS) to be used directly within Excel(R) 2007 and Visio(R) 2007.
— SQL Server Reporting Services (SSRS) compatibility with Microsoft Office SharePoint(R) Server 2007 provides integration with the Report Center in SharePoint, enabling the seamless consumption and management of SSRS reports within SharePoint.
— SQL Server Analysis Services improvements for Excel 2007 and Excel [...]

Original post by Steve Wiseman and a wordpress plugin by Elliott

Computer security Systems Computer security Systems

Click here to listen/download (09:03).
Happy 50th Podcast to us! We celebrate our 50th edition with a special interview with Greg Garcia, Assistant Secretary for Cyber Security and Telecommunications at the Department of Homeland Security. Garcia is the first to hold this position as appointed by Secretary Michael Chertoff last fall.

Original post by blog@rsa.com (Podcast Producers) and software by Elliott

Computer security Systems Computer security Systems

Many times a UNC path does not work properly in a command line bat file. This is a hold over from DOS, a compromise to ensure backward compatibility.

I have found a little known command (At least to me). Actually there are two of them.
PUSHD, and POPD
Call PUSHD with a UNC share as a single argument and it automatically maps the UNC share to a drive letter. (It starts at Z: and moves backward). So, if we wanted to run a few command line programs within our share we would call it like this:
pushd \\server\sharecommand1.exe command2.exe

When you are finished, and want to remove the mapping you call popd. Putting it all together we have this:
pushd \\server\sharecommand1.exe command2.exepopd

I have tested this with Windows NT 4 SP6, and it works all the way through Vista…so you are safe using it on any of these versions of Windows.
Check out our Windows Admin Tools

Original post by Steve Wiseman and software by Elliott

Computer security Systems Computer security Systems

Microsoft MVP Sandi Hardmeier, warns of Winfixer aka ErorSafe malware being distributed via MSN Messsenger ads.
This is a Must Read. Read the entire article at her blog Spyware Sucks.
Digg This!

Read more at ShadowPuterDude

Spyware Spyware

I see two distinctions in the realm of security: security and illusion of security. An example for illusion of security is: you are asked to fill out forms that claim to protect your PII (Personally Identifiable Information), this gives an illusion that your PII is being protected, whether it is actually being protected is a moot point.

1. Banks and other financial institutions have started to use “sitekey” to protect customers from Phishing threat.

2. IE7 has a Phishing filter built into the browser.

3. There are sites like “scandoo” which can help you categorize web sites and eliminate Phishing and Malware web sites.

4. Multitude of other controls built into to existing security tools to prevent Phishing.

Do these controls really prevent a customer from the Phishing threat?  Check out this interesting research paper which make us wonder about:

1. How do customers react when “sitekey” is missing?

2. Do customers recognize the warning from the Phishing filter?

3. What % of customers know about the existence of tools such as scandoo?

It all boils down to how the customers embrace the technology design else it is only the illusion of the designer that technology is working the way the designer expected it to.

No wonder despite all these controls the Phishing trend has not reduced.

It is time to realize that providing an illusion of security is not enough. Educating customers to embrace technology for better security holds the key. This may involve significant time, cost and energy but that is the right path toward real security.

Computer security Systems Computer security Systems