Keep OSNews alive by becoming a Patreon, by donating through Ko-Fi, or by buying merch!

Privacy, Security Archive

MSR Develops ‘Zozzle’ JavaScript Malware Detection Tool

"As browser-based exploits and specifically JavaScript malware have shouldered their way to the top of the list of threats, browser vendors have been scrambling to find effective defenses to protect users. Few have been forthcoming, but Microsoft Research has developed a new tool called Zozzle that can be deployed in the browser and can detect JavaScript-based malware at a very high effectiveness rate."

Avast! Pro License Key Used Illegally 774651 Times

It's no secret that I'm not a particular fan of antivirus software vendors. Other than the excellent Microsoft offering, I haven't yet seen a single antivirus program that doesn't suck the life out of computers, infesting every corner, making machines slow and full of annoying pop-ups. Still, a single license key for Avast! Pro being shared 774651 times? That's a bit harsh.

Firesheep Countermeasure Tool BlackSheep

Firesheep is a Firefox extension that makes it easier to steal logins and take over social media and email accounts after users log in from a WiFi hotspot or even their own unprotected network. Zscaler researchers have created, and are now offering to every consumer, a free Firefox plugin called BlackSheep, which serves as a counter-measure. BlackSheep combats Firesheep by monitoring traffic and then alerting users if Firesheep is being used on the network. BlackSheep does this by dropping ‘fake’ session ID information on the wire and then monitors traffic to see if it has been hijacked.

Trend Micro Goes Boo-Hoo, Raises Antitrust Concerns Over MSE

Well, this was to be expected: an anti-virus company complaining that Microsoft's Security Essentials - by far the best anti-virus tool for Windows - is anti-competitive. Microsoft recently began offering MSE as an optional download via the optional Microsoft Update service (which is not Windows Update), and Trend Micro (a patent troll) is going into boo-hoo mode over it.

Past, Present and Future of Metasploit

HD Moore is the CSO at Rapid7 and Chief Architect of Metasploit, an open-source penetration testing platform. HD founded the Metasploit Project with the goal of becoming a public resource for exploit code research and development. Rapid7 acquired Metasploit in late 2009. In this interview, HD Moore talks about the transition to Rapid7, offers details on the development and different versions of Metasploit and discusses upcoming features.

The Zeus Malware R&D Program

A new version of the Zeus financial malware has added sophisticated new mechanisms to commit online fraud and remain the Trojan of choice for criminals. Zeus has not only improved its business logic but also its ability to avoid detection and automatic analysis by antivirus vendors. Just like commercial application developers, the creators of Zeus run an R&D program to ensure it can avoid detection and side-step the growing number of IT security mechanisms designed to detect, block and eliminate it.

Microsoft Release Regez Fuzzer Tool

Microsoft has released a free tool to help programmers test their regular expressions for vulnerability to denial of service attacks. The JSDL Regex Fuzzer, released by the software giant earlier this week, is designed to test programmers' regular expressions - a ubiquitous formal language for matching strings of text - for clauses that execute in exponential time and which stand the chance of being exploited for nefarious means.

BlindElephant: Open Source Web Application Fingerprinting Engine

In this video recorded at Black Hat USA 2010, Patrick Thomas, a vulnerability researcher at Qualys, discusses the open source web application fingerprinting engine BlindElephant he created. BlindElephant is a tool that helps security professionals and systems administrators identify everything running on their servers, including any web applications users may have downloaded. It doesn't check for vulnerabilities or vulnerability to a particular exploit, but rather what version of applications are running on their site. For each application that the tool will support, BlindElephant consumes a number of version directories. All files and directories are processed, and a hash is computed for each file. This hash is stored in a temporary table, along with the path and version of the application it came from. Accuracy of the tool was demonstrated by a large-scale survey on Internet-visible hosts.

Microsoft Releases Free Security Tool for Older Platforms

Microsoft has released a free tool to bring newer security protections to older platforms and applications. The enhanced mitigation experience tookit (EMET) was announced at the BlackHat USA 2010 security conference in Las Vegas. EMET will be available from August and is designed to help block targeted attacks against unpatched vulnerabilities in platforms such as Windows XP and Windows Server 2003.

Shortcut Worm Vulnerability Affects All Windows Versions

Microsoft confirmed the existence of a critical vulnerability in all supported versions of Windows. The new zero-day vulnerability is easily exploitable via USB storage devices, network shares or remote WebDAV shares. All that is required for exploitation is for the contents of the USB device to be viewed in Windows Explorer. Specially crafted shortcut (.lnk) files are allowed to execute code when the shortcut's icon is loaded to the GUI. An exploit targeting this vulnerability is currently in limited use and additional exploits are very likely in the coming weeks.

20 Ways To Lose Your Database

It has been proven to be relatively easy to bribe someone on the inside - or even plant a rogue employee in the organization -- to gain access to sensitive data -- but even if we leave this well-documented risk aside, how often has someone left your organization taking company stationery with them? Do you know what else has been taken? Could they have sneaked out with sensitive material? What about a copy of the entire corporate database? Would you even know if they had?

Microsoft Opens Source Code to Russian Secret Service

Microsoft has signed a deal to open its Windows 7 source code up to the Russian intelligence services. Russian publication Vedomosti reported on Wednesday that Microsoft had also given the Russian Federal Security Service (FSB) access to Microsoft Windows Server 2008 R2, Microsoft Office 2010 and Microsoft SQL Server source code, with hopes of improving Microsoft sales to the Russian state. The agreement will allow state bodies to study the source code and develop cryptography for the Microsoft products through the Science-Technical Centre 'Atlas', a government body controlled by the Ministry of Communications and Press, according to Vedomosti. . . The agreement is an extension to a deal Microsoft struck with the Russian government in 2002 to share source code for Windows XP, Windows 2000 and Windows Server 2000, said Vedomosti.