Privacy, Security Archive

Botnet Kill Switch: 100000 BSODs

Thom Holwerda 2009-05-08 Privacy, Security 36 Comments

The past few years, it seemed as if virus writers had moved away from doing actual damage to systems to instead focus on stealth, so that infected machines can silently, and unknowingly, be used for all sorts of malicious practices. Sadly, there are still those crackers out there that prefer the old-fashioned approach to these matters. The result: 100000 ruined Windows machines.

USAF’s Locked-Down Windows XP Configuration

Submitted by SReilly 2009-05-03 Privacy, Security 39 Comments

Can you make Windows XP so secure that the United States Air Force will use it in its systems? Well, apparently, you can, but you do have to talk to Microsoft. The USAF wanted a locked-down edition of Windows XP, and since they were in the midst of renegotiating the desktop-software contract with Microsoft, they decided to ask Steve Ballmer directly to create it for them. They did.

Massive Windows Botnet Uncovered

Thom Holwerda 2009-04-22 Privacy, Security 30 Comments

Researchers at security firm Finjan have uncovered a massive botnet of Windows machines. The botnet is 1.9 million machines strong, with many of the machines located in the United States: 45% of them are located in the US. The researchers detailed their findings at the RSA Conference in San Fransisco.

Conficker Worm: Hoax or Criminally Genius Scheme?

weildish 2009-03-31 Privacy, Security 68 Comments

Many have gotten antsy the past months about the Conficker worm, and all with good reason. Though the worm hasn't done much of anything (yet) except spread like the plague, it's infectious if one doesn't have his or her Windows operating system up-to-date with the most recent security updates. The worm is supposed to execute on April 1st, and the computer world is holding its breath to see if a disaster comparable to the hyped-up supposed Y2K doomsday will ensue or if it's just someone's idea of a sick April Fool's Day joke.

Miller on Mac OS X, Chrome, Firefox, Economics

Submitted by google_ninja 2009-03-20 Privacy, Security 138 Comments

Fresh from winning the PWN2OWN contest yesterday, Charlie Miller has been interviewed by ZDNet. He talks about how Mac OS X is a very simple operating system to exploit due to the lack of any form of anti-exploit features. He also explains that the underlying operating system is much more important in creating a successful exploit than the bowser, why Chrome is so hard to hack, and many other things.

Miller Cracks Safari Within Seconds, Wins PWN2OWN Contest

Submitted by Moulinneuf 2009-03-19 Privacy, Security 82 Comments

As he had already predicted, cracker Charlie Miller has won the PWN2OWN contest by cracking Safari and Mac OS X within seconds of the start of the competition. "It took a couple of seconds. They clicked on the link and I took control of the machine," Miller said after his accomplishment. He took home the USD 10000 prize, as well as the MacBook he performed the exploit on. Internet Explorer 8 fell a while later by cracker Nils, who also cracked Safari and Firefox after being done with IE8.

Romanians Find Cure for Conficker Worm

Thom Holwerda 2009-03-13 Privacy, Security 12 Comments

Remember Conficker, the worm that wouldn't have been as devastating as it has been had people just kept their machines up to date? Even though the critical patch had already been released way before Conficker started its rampage, the worm became one of the worst infections to date. A Romanian company has found a cure for the worm.

Miller: Safari on Mac First to Fall During PWN2OWN Contest

Thom Holwerda 2009-03-05 Privacy, Security 28 Comments

With the infamous PWN2OWN contest drawing ever closer, the heat is ramping up. This year's instalment pitches Apple's Safari (on the Mac), Google's Chrome, Internet Explorer 8, and Firefox (all on Windows 7) against one another, while also allowing crackers to take on mobile platforms. Last year's winner, Charlie Miller, who won by cracking Mac OS X within minutes last year, says Safari on the Mac will be the first to fall.

IBM: ‘AIX Most Secure, Mac OS X Least Secure’

Thom Holwerda 2009-02-12 Privacy, Security 30 Comments

It's time for another security report. You know, those reports that tally vulnerabilities, and then plot or graph them in such a way that their benefactors or clients come out most favourably. Ok, that might be a bit cynical, but fact remains that there is usually something wrong with such reports. The one that's making its rounds across the internet today is certainly one of them. According to IBM, AIX is the most secure operating system, and Mac OS X the least secure. Not only is the report rather slim on details when it comes to operating system vulnerabilities, it seems like most websites reporting on this story have misunderstood what it was about.

Microsoft Insists Windows 7 UAC Flaw Is Not a Vulnerability

Thom Holwerda 2009-01-31 Privacy, Security 41 Comments

Yesterday, we reported on the security flaw in Windows 7's UAC slider dialog, and today, Microsoft has given a response to the situation, but it doesn't seem like the company intends to fix it. "This is not a vulnerability. The intent of the default configuration of UAC is that users don't get prompted when making changes to Windows settings. This includes changing the UAC prompting level." I hope this reply came from a marketing drone, because if they intend on keeping this behaviour as-is in Windows 7 RTM, they're going to face a serious shitstorm - and rightfully so. Let's hope the Sinfoskies and Larson-Greens at Microsoft rectify this situation as soon as possible.

Security or Usability: Maliciously Disabling UAC in Windows 7

Thom Holwerda 2009-01-30 Privacy, Security 26 Comments

At OSNews, we usually do not report on individual security breaches, because there are websites specifically tailored to that sort of thing. Still, every now and then, an interesting security issue pops up that deserves some attention. How about this one: through a simple VBScript, you can completely disable UAC in Windows 7. The reason for this might surprise you. Update: Microsoft's response.

New Mac OS X Trojan Found in Pirated iWork ’09

Kroc 2009-01-22 Privacy, Security 55 Comments

"Intego has discovered a new Trojan horse, OSX.Trojan.iServices.A, which is currently circulating in copies of Apple's iWork 09 found on BitTorrent trackers and other sites containing links to pirated software. The version of iWork 09, Apple's productivity suite, are complete and functional, but the installer contains an additional package called iWorkServices.pkg." Update: A new variant has been discovered in a pirated version of Adobe Photoshop CS4, also information about one target of a DDOS attack coming from the trojan.

Several Severe Security Flaws Patched in IE, Firefox, Opera

Thom Holwerda 2008-12-18 Privacy, Security 31 Comments

Most of the attention has been going to Microsoft and its Internet Explorer web browser for having a severe zero-day security hole fixed, but Microsoft wasn't the only one hastily fixing its browser. Both Mozilla as well as Opera had to issue quick patches to fix several security flaws in their browsers.

Major Scammer/Spammer Now Offline

David Adams 2008-11-13 Privacy, Security 13 Comments

McColo Corp, an internet service provider that has been confirmed to be the provider of choice to a rogue's gallery of unsavory clients, has been cut off by its backbone providers, cutting the world's total volume of spam by as much as 75%. Sadly, these people will undoubtedly be able to find other service eventually. But enjoy the respite while it lasts.

Good Code, Bad Computations: a Computer Security Gray Area

Submitted by irbis 2008-11-10 Privacy, Security 2 Comments

"If you want to make sure your computer or server is not tricked into undertaking malicious or undesirable behavior, it's not enough to keep bad code out of the system. Return-oriented programming exploits start out like more familiar attacks on computers. The attacker takes advantage of a programming error in the target system to overwrite the runtime stack and divert program execution away from the path intended by the system's designers. But instead of injecting outside code - the approach used in traditional malicious exploits - return-oriented programming enables attackers to create any kind of nasty computation or program by using just the existing code."

SELinux and Security Changes in the 2.6.27 Linux

Guest post by Rahul 2008-10-13 Privacy, Security No Comments

James Morris, one of the Red Hat SELinux developers has a blog covering the numerous SELinux related changes and general security improvements made in the new 2.6.27 Linux released recently. It is a impressive amount of changes and there is a large number waiting on queue to go into the next revision as well.

Sockstress: a New and Effective DoS Attack

David Adams 2008-10-07 Privacy, Security 7 Comments

"Denial of Service attacks aren’t new, yet they persist in being effective methods of denying access to resources on the Internet. Now meet Sockstress, the newest version of DoS attacks and potentially the most devastating of the bunch."

Cisco Patches Network Hardware

David Adams 2008-09-26 Privacy, Security No Comments

This week Cisco released twelve sets of security patches, eleven of which were to address security vulnerabilities in the Cisco Internetwork Operating System (IOS), the OS that runs on most of its networking hardware.

Panel: Open Phones are More Vulnerable

Submitted by Dannys 2008-09-12 Privacy, Security 34 Comments

The opening up of the mobile industry is great news for application developers but not so good for IT security professionals, according to experts. For example, Symbian, the single most widely used mobile software platform, has already wrestled with the dangers of openness to third-party developers, said Khoi Nguyen, group product manager in mobile security at Symantec. Symbian 7 and 8 were fairly open and allowed almost any application to be installed and run. This led to a few hundred viruses being introduced within a couple of years, so Symbian 9 was locked down significantly, he said.

Fedora Reboots Updates After Hack

Submitted by Renai LeMay 2008-09-11 Privacy, Security 9 Comments

The Red Hat-supported Fedora Project has started issuing updates to its Linux distribution again, after a hiatus of several weeks caused by a hacker break-in. Late yesterday, Fedora emailed its users to let them know that it would soon issue updates for its most recent Fedora 8 and 9 operating systems.