Security News (111 Posts)

<< Next - First ... 8 9 10 11 12 . Last - Previous >>

Stuxnet, a Digital Worm with physical consequences (not to say political!)

#16 - Posted on 4 October 2010 - Author: SM - Category: Security

To follow-up on the theme of my last post, this worm has recently received a lot of media attention:
– It targeted Iran nuclear Plants (among other things)
– It is so sophisticated that it has likely been done with some country/national support
– It had a payload with physical consequences

One thing which did catch my attention was that in order for this worm to be so successful against a Process Network, the group of “hackers” must have had access to a testing environment… not everyone has a refinery in their back garden…

Below is a good explanation of what it actually does and how it does it.
If you are in a hurry:
http://www.symantec.com/connect/blogs/exploring-stuxnet-s-plc-infection-process
If your TV is broken:
...
>>[READ MORE]

Are you taking ZeuS wrath seriously?

#15 - Posted on 29 September 2010 - Author: SM - Category: Security

ZeuS seems to be a popular and quite successful Trojan at the moment, at least in the UK.
It has been around for a while and has been updated several times (at least 3).
There is an excellent white paper written by M86 Security describing its use in what looks like an ongoing and sustain attack against British Banks.
The latest arrests were announced today where hackers had managed to steal about 20m pounds!
If you search the Internet you can see a trend where British bank customers have been successfully defrauded from their money over the last year, all by hackers using the ZeuS Trojan and for what seems an increasing amount of money!

What I find interesting is the fact money is being stolen at large and increasing scale. Actual...
>>[READ MORE]

A funny case for not reusing passwords

#13 - Posted on 17 September 2010 - Author: SM - Category: Security

By the way, you are free to create an account on my website! ;)

As seen on XKCD.COM!

...
>>[READ MORE]

Arcsight, another expensive acquisition… sorry, merger!

#12 - Posted on 14 September 2010 - Author: SM - Category: Security

Following on the $7 billion and a bit acquisition of mcAfee by Intel last month, it is now the turn of Arcsight, a data correlation engine, to get acquired by HP for $1.5 billion, a bargain then! This follows a trend for large non IT Security companies to step into the security field.

What I found interesting though is the difference in vocabulary used by the two companies, actually, by the Arcsight current CEO Tom Reilly. HP speaks about “acquisition”, which really it’s what it is; whereas Tom’s email to Arcsight clients speaks about a “merger”. I guess this is standard practise when the smaller party get “swallowed” by a bigger company.

I’d be interested to see what changes this “merger” will bring to Arcsight and if any of the HP Operation Manager technology (aka OpenView) will find its way in a future Arcsight ESM release… or vice versa!

...
>>[READ MORE]

DoD Windows OS Security guides

#11 - Posted on 10 September 2010 - Author: SM - Category: Guides, Security

I have recently came across that Department of Defence website where they provide free and unclassified Windows Security Guides. From Windows 2000 to windows 7, they provide a set of checklist and “STIG” which stands for Security Technical Implementation Guides.

Having only checked the Windows 7 “STIG”, I found it a useful resource when one can get some ideas on how to secure/validate a windows 7 server configuration.

http://iase.disa.mil/stigs/content_pages/windows_os_security.html

...
>>[READ MORE]

Apple new Patent could mean Big Brother on your phone

#9 - Posted on 24 August 2010 - Author: SM - Category: Security

The following article from Macworld describes a new patent from Apple to detect jail-broken iphone/ipad. It also gives an interesting security twist on that patent, where it is in theory possible to take hidden photos and voice recording of a potential thief, analyse the accelerometer data to define if the thief is walking, driving or even flying, get GPS location, etc.
http://www.macworld.com/article/153612/2010/08/apple_mobiledevice_patent.html

I also came across that app for the iphone, which does not go quite as far but highlight the fact people have already thought about this:
SpyTools for iphone

...
>>[READ MORE]

New York Times Article on Russian Harcker’s Arrest

#8 - Posted on 24 August 2010 - Author: SM - Category: Security

There is maybe nothing new about governments protecting their national hackers but this is a good example on how a hacker can openly operate in his own country and then get caught in another.
The article below also makes reference to an earlier case where a Russian hacker was lured to the USA and arrested through evidence gathered by the FBI hacking his computer back own.
I have always wondered how could such evidence stand in court, what would stop the FBI to plant some fake evidence?? How is hacking into the computer located in a different country be legal either?

Hacker’s Arrest Offers Glimpse Into Crime in Russia

...
>>[READ MORE]

Intel set to acquire McAfee for £5 billion

#7 - Posted on 19 August 2010 - Author: SM - Category: Security

According to the article below both companies’ board of directors have agreed a deal. With Intel looking at providing some “hardware-enhanced” security i wonder if we will one day see an AV aware CPU? :)

SC Magazine Article

...
>>[READ MORE]

Weekly Digest #3 – Interesting Articles

#6 - Posted on 14 August 2010 - Author: SM - Category: Security

A rather large selection of news as I missed last week weekly digest!

Are Anti Virus Obsolete?
I recently had a discussion with a work colleague who was claiming Anti Virus are not as good at preventing infections as they used to be, technology is moving fast and Anti Virus vendors seem to be playing catchup with more and more delay. He also stated that most AV only detects 20% of new viruses… A claim I haven’t been able to verify by doing a quick search on the Internet, so let’s just say I agree we are seeing more and more new viruses that we, as security professionals, have to inform the AV vendors about.

On that topic, the future of AV looks to be a difficult road ahead as discussed in a recent Kaspersky’s interview below, what I found the most interesting is the last paragraph were they mention a hacker who wrote a tool which gathered many security company IP addresses. The hacker then used this information to change the...
>>[READ MORE]

Weekly Digest #2 – Interesting Articles

#5 - Posted on 2 August 2010 - Author: SM - Category: Security

WPA Cracking
An interestingreference on Schneier’s blog to an article describing a “in the cloud” service to crack WPA keys.It is the realisationofthe concept of distributed security cracking mentioned in 2008 by Chad Perrin, not sure if he was the first to introduce that idea.
http://blogs.techrepublic.com.com/security/?p=4097

WPA2 Vulnerability – Hole 196
A new man-in-the-middle attack for WPA2 seems to have been found and recently demonstrated at the Defcon 18
http://www.airtightnetworks.com/WPA2-Hole196

World’s Top Malware
FireEye has produced a nice colourful report on the 20 top malware they found on the net with their technology. Although this could be guess, it is interesting that the top4 types of ...
>>[READ MORE]