SecGuru -

Microsoft Security Bulletin Advance Notification for January 2009

Param — Thu, 08 Jan 2009 12:50:36 -0800

Microsoft is starting 2009 with a single security update, according to an advance notice, issued by the software giant.

Microsoft said the security update corrects a critical flaw in Windows. The update is part of Microsoft's monthly patch release. It corrects a flaw that could be exploited to execute code remotely. The update is rated critical and affects Windows 2000, Windows XP, and Windows Server 2003. It is rated moderate for Windows Server 2008, and Windows Vista.

The update will require a restart and will be detectable using the Microsoft Baseline Security Analyzer.

2008 H2 Fast Flux Data Analysis

Param — Thu, 08 Jan 2009 11:44:16 -0800

ATLAS has spent a good portion of 2008 tracking fast flux botnets and recording the data there. We’ve been sharing the data with some folks and digging into it, but here’s some of the analysis you may not see in the every day reports that ATLAS produces.

I took the past two quarter’s worth of data from ATLAS, specifically the domains discovered fluxing by date and the domain names, and analyzed them. By comparing these two quarters we can size up what’s happening in the malicious, fast flux hosting world.

TA-Mapper - Application Penetration Testing Effort Estimator

Param — Thu, 08 Jan 2009 11:32:48 -0800

Time and Attack Mapper (alternatively known as TA-Mapper) is an effort estimator tool for blackbox security assessment (or Penetration Testing) of applications. This tool provides more accurate estimation when compared to rough estimation. Penetration testers who always has hard time explaining/justifying the efforts charged (or quoted) to their customers can find this tool handy by able to calculate efforts with greater accuracy required for application penetration testing.

I wrote this tool back in 2004 to support some of my freelancing assessment. I was intrigued to write this tool when I was asked by one of my Fortune 100 customer to justify efforts quoted against the activities for a penetration testing assignment. It not just helped me win the project but also help me educate the customer in knowing the activities involved at the micro-level.

Data losses set to soar, predicts KPMG

Param — Thu, 08 Jan 2009 07:57:53 -0800

KPMG's Data Loss Barometer predicts that the number of people affected by data loss around the world could soar to 190 million in 2009, compared to 92 million in the previous year, as the credit crunch deepens.

In the three months to November 2008 the number of people affected by data loss incidents (47.8 million) was more than for the first eight months of the year combined - and 38 per cent higher than the same period in 2007 (34.5 million).

The Data Loss Barometer research concludes that the total number of reported incidents for 2008 will be 427, compared to 2007 (412) - the highest annual figure recorded by KPMG since the firm began collecting the data in 2005.

UK Police Set to Step Up Hacking of Home PCs

Param — Thu, 08 Jan 2009 07:57:51 -0800

The Home Office has quietly adopted a new plan to allow police across Britain routinely to hack into people's personal computers without a warrant.

The move, which follows a decision by the European Union's council of ministers in Brussels, has angered civil liberties groups and opposition MPs. They described it as a sinister extension of the surveillance state which drives "a coach and horses" through privacy laws.

The hacking is known as "remote searching". It allows police or MI5 officers who may be hundreds of miles away to examine covertly the hard drive of someone's PC at his home, office or hotel room.

Material gathered in this way includes the content of all e-mails, web-browsing habits and instant messaging.

Under the Brussels edict, police across the EU have been given the green light to expand the implementation of a rarely used power involving warrantless intrusive surveillance of private property. The strategy will allow French, German and other EU forces to ask British officers to hack into someone's UK computer and pass over any material gleaned.

Data Breaches Up Almost 50 Percent, Affecting Records of 35.7 Million People

Param — Thu, 08 Jan 2009 07:57:48 -0800

Businesses, governments and educational institutions reported nearly 50 percent more data breaches last year than in 2007, exposing the personal records of at least 35.7 million Americans, according to a nonprofit group that works to prevent identity fraud.

Identity Theft Resource Center of San Diego is set to announce today that some 656 breaches were reported in 2008, up from 446 in the previous year. Nearly 37 percent of the breaches occurred at businesses, while schools accounted for roughly 20 percent of the reported incidents.

The center also found that the percentage of breaches attributed to data theft from current and former employees more than doubled from 7 percent in 2007 to nearly 16 percent in 2008.

"This may be reflective of the economy, or the fact that there are more organized crime rings going after company information using insiders," said Linda Foley, the center's co-founder. "As companies become more stringent with protecting against hackers, insider theft is becoming more prevalent."

IP Call Centers Will do Well Despite VoIP Slowdown

Param — Thu, 08 Jan 2009 07:57:43 -0800

Sales of IP contact centers will grow in 2009, but probably not as dramatically as they did in 2008 due to an expected slowdown in sales of IP telephony gear, according to a new Infonetics report.

Worldwide, businesses bought $851 million in IP contact center equipment, up 37% from $622 million in 2007, based on the report, Unified Communications and IP Contact Center Market Share and Forecasts. The 2008 numbers are based on actual sales numbers for the first half of the year and projections for the second half, says Matthias Machowinski, the author of the report.

That blistering pace will likely not be matched this year because sales of IP phone equipment will drop off due to the overall economic climate. "We expect companies to scrutinize expenditures a lot in 2009," Machowinski says, with some areas such as networking gear to face less dramatic reductions than IP phone systems.

The Five Most Dangerous Security Myths

Param — Thu, 08 Jan 2009 07:57:40 -0800

Still think that today's computer viruses and other malware come from some maladjusted teen out to vandalize your PC to make a name for himself? Think again. The persistent myth is a holdover from days long gone, and it's important to dispel it if you want to know what you're up against - and how to protect yourself.

The splashy worms and malicious viruses that clogged entire networks and indiscriminately wiped hard drives are essentially gone. Today, it's all about cash - and lots of it. If there's a way to use evil software to make money, whether it means taking over a PC to send pharmacy-advertising spam, or stealing financial logins and credit card info, or even hacking game accounts, it's out there in some form.

There's even a thriving online black market that sells everything from software kits to roll-your-own malware to spam services using infected PCs to reams and reams of credit card data stolen by keylogger malware.

Comcast starts new year with new network management system

Param — Thu, 08 Jan 2009 07:57:37 -0800

Comcast says that, as of December 31, it has turned over a new leaf, network management practices-wise. The new-and-hopefully-improved "protocol agnostic" system the company unveiled to the Federal Communications Commission in September is now in effect.

"We have deployed the new technique throughout our network and turned off the P2P-specific technique everywhere in the network," Comcast spokesperson Sena Fitzmaurice told Ars.

The company informed the FCC of the changes in a statement filed on Monday. "Comcast will continue to refine and optimize these congestion management practices to deliver the best possible broadband experience for our customers," company Vice President for Regulatory Affairs Kathryn A. Zachem promised the Commission. The announcement also discloses updated acceptable use rules for Comcast customers.

FBI Stoking Fears of Cyber Armageddon

Param — Thu, 08 Jan 2009 07:57:33 -0800

Cyber attacks pose the greatest threat to the United States after nuclear war and weapons of mass destruction -- and they are increasingly hard to prevent, FBI experts said Tuesday.

Shawn Henry, assistant director of the FBI's cyber division, told a conference in New York that computer attacks pose the biggest risk "from a national security perspective, other than a weapon of mass destruction or a bomb in one of our major cities."

"Other than a nuclear device or some other type of destructive weapon, the threat to our infrastructure, the threat to our intelligence, the threat to our computer network is the most critical threat we face," he added.

US experts talk of "cybergeddon," in which an advanced economy -- where almost everything of importance is linked to or even controlled by computers -- is sabotaged by hackers.

Michael Balboni, deputy secretary for public safety in New York state, described "a huge threat out there" against everything from banking institutions to municipal water systems and dams.

Henry said that terrorist groups are working to create a virtual 9/11, "inflicting the same kind of damage on our country, on all our countries, on all our networks, as they did in 2001 by flying planes into buildings."