Video Screencast Help
Search Video Help Close Back
to help

Security Response

Showing posts tagged with Security Risks
Showing posts in English
I’ve Got a Crush on You.
Angela Thigpen | 03 Jan 2008 08:00:00 GMT | 0 comments

Social networking sites are currently thehottest spots to hang out on the Internet. Grandma has a MySpace pageand your little sister is on Facebook. People in nightclubs no longergive out phone numbers, they tell you to find them on Friendster. Evencell phones are in on it with the hot features that link you right toyour favorite social spot.

You didn’t think it would remain safe and friendly forever, did you?Facebook allows third party applications to be added and wouldn’t youknow, it didn’t take long for someone to figure out they could makesome cash exploiting that.

Who hasn’t gotten a little excited to know that someone has a crushon them? Taking advantage of the all too human curiosity seems to beall the rage. Signing in to Facebook, seeing that someone has sent youan invitation to find out who your "secret crush" is, you know you’regoing to want to "find out who." That little bit of curiosity is goingto cost you and with quite a few people...

Read more
High-Speed Collisions
Peter Ferrie | 02 Jan 2008 08:00:00 GMT | 0 comments

Recently, a post to the full-disclosuremailing list described an update to the well known MD5 collisionproblem. The authors - Marc Stevens, Arjen K. Lenstra, and Benne deWeger - provided a method whereby they can append only a few thousandbytes to two arbitrary files, with the result that both files have thesame MD5 value. This is known as a "chosen prefix collision." Not onlythat, but they produced their proof-of-concept files using one machinein less than two days. If you distribute the work, you can make it go faster.

While what they have achieved is not the same as producing anidentical MD5 for an existing file, it's still not a good thing. Inparticular it causes serious trouble for application white-listingimplementations. Why? Imagine this scenario:
- malware author creates a harmless application.
- malware author creates a malicious application.
- malware author uses the chosen prefix collision method to alter these two...

Read more
Notes from the Underground
Peter Ferrie | 27 Dec 2007 08:00:00 GMT | 0 comments

There should be no question anymore that the VX scene is dying.

On the 29A forum there was a post that roy g biv has officially leftthe 29A group. Given that Vallez has been silent for over a year, itseems clear that the 29A group is really dead now. We wish the boysluck in whatever legal pursuits that they find now.

On the EOF and DoomRiderz fora, we can read that neither group hasenough material for a new zine. On the rRlf site there's a message thatthe same thing has happened to them. EOF and DoomRiderz alreadyannounced their intention to produce a combined zine and now rRlf hasannounced that they will join in, too. Of course, if people aresubmitting the same thing to multiple groups in case one of themreleases a zine, then even those three groups combined might not haveenough material for a zine. In any case, it will probably not happenthis year.

This brings us to another point - the supposed AV-VX "symbioticrelationship." It should be...

Read more
Cashing Out on Identity Theft
M.K. Low | 19 Dec 2007 08:00:00 GMT | 0 comments

There’s been a lot of coverage on the FBI Bot Roast II campaignwhere they released information about eight suspects who have beenindicted for conducting criminal botnet activity. Bot herder suspectsfrom across the United States have been linked to criminal activitiessuch as DDoS attacks, conducting multi-million dollar phishing andspamming scams, and in particular stealing personal information thatcould lead to identity theft.

Thousands of pieces of personal information are sold and traded inunderground economy servers found in Internet relay chat (IRC) rooms.When I look around the servers that we monitor, it reminds me ofCauseway Bay at night in Hong Kong. Large advertisements bombard youwith capital letters and carders repeat their sales pitches acrossmultiple lines to attract people to their bargains. They list off theirbest deals and even offer cheaper prices if...

Read more
The 12 Days of Christmas Spam
Kelly Conley | 14 Dec 2007 08:00:00 GMT | 0 comments


On the first day of Christmas
a spammer offered me –
a brand new shiny PC.

On the second day of Christmas
a spammer offered me –
a Rolex watch,
and a brand new shiny PC.

On the third day of Christmas
a spammer offered me –
cheesy business cards,
a Rolex watch,
and a brand new shiny PC.

On the fourth day of Christmas,
a spammer offered me –
H – D – TV,
cheesy business cards,
a Rolex watch,
and a brand new shiny PC

On the fifth day of Christmas
a spammer offered me –
Vi – a – grrrr – ra,
H – D – TV,
cheesy business cards,
a Rolex watch,
and a brand new shiny PC.

On the sixth day of Christmas,
a spammer offered me –
a pink iPod nano,
Vi – a – grrrr – ra,
H – D – TV,
cheesy business cards,
a Rolex watch,
and a brand new shiny PC.

On the...

Read more
Run Installer, Run!
Andrea Lelli | 06 Dec 2007 08:00:00 GMT | 0 comments

Given the choice when browsing, I woulddownload and save an executable file rather than directly run it. Freewill has always been a hot topic in philosophy and when it comes to Webbrowser security the topic suddenly gets hot as well! I was recentlybrowsing a well known adware vendor Web site when I decided to downloada game and try it. As usual I came across a normal download page:

image1_lrg.jpeg
Figure 1: The standard Web download interface

After clicking “continue” I was prompted with the usual “FileDownload” message box from Internet Explorer, but it actually took me awhile to realize something was missing:

image2_lrg.jpeg
Figure 2: File...

Read more
Bot Roast II Completed
Brian Ewell | 29 Nov 2007 08:00:00 GMT | 0 comments

On November 29 the FBI announced the results of its second Bot Roast (see the FBI release).This is the FBI operation responsible for hunting out and attempting tobring to justice cyber criminals involved in cultivating botnets. Thesebotnets, which can call home to millions of computers, are responsiblefor millions of dollars in financial losses at both a corporate andconsumer level. The FBI operation has resulted in the successfulcapture, indictment, and/or sentencing of multiple criminals. In thelong run it may be only a small slice of the world of botnets, but makeno mistake, any gains in fighting this epidemic are well received. TheFBI and those involved should be commended.

Of course, what's a blog entry without the standard "practice safecomputing" comment: Insure your system is patched and protected as bestas possible through the use of a security package. Anything we...

Read more
A Look Ahead to Security Trends in 2008
Kevin Haley | 26 Nov 2007 08:00:00 GMT | 0 comments

Last week, we talked about the year inreview. And now, everyone wants to know what will happen next. Well, Idon't claim to be a clairvoyant, but it’s safe to say that thefollowing areas will be interesting to watch in the coming year:

o Election Campaigns – As political candidates increasingly turn to the Internet, it is important to understand the associated IT security risksof increased dependence and interdependence on technology in theelection process. These risks include, among others, the diversion ofonline campaign donations; dissemination of misinformation; fraud;phishing; and the invasion of privacy.

o Bot Evolution – We expect bots to diversify andevolve in their behavior. For example, we may see things like phishingsites hosted by bot zombies.

o Advanced Web Threats...

Read more
A Look Back at the Security Trends of 2007
Kevin Haley | 23 Nov 2007 08:00:00 GMT | 0 comments

It’s the time of year when we begin to lookback and take stock of the events of the last twelve months. Newspapersand magazines will soon be publishing their list of top movies,records, and books. Symantec is publishing a top 10 list, too. Whilenot as fun, in many cases this collection of security trends confirmsthe predicted evolution of cybercrime becoming more professional andcommercial. Two words come to mind when I look at the list: "topical"and "trust." Attackers are exploiting current events and trusted brandsto trick computer users in an effort to make money. And securitycompanies like Symantec continue to block their efforts.

Here, in no particular order, are the top 10 Internet security trends of 2007:

1. Data Breaches – High-profile data breaches underscored the importance of data loss prevention technologies and strategies.

2. Vista Introduction – Microsoft Vista made itsdebut and quickly...

Read more
Playing on Doubts and Fears
Con Mallon | 23 Nov 2007 08:00:00 GMT | 0 comments

While the scale of the data loss by theUK’s Revenue and Customs is indeed stunning, there is still noindication that the missing disks containing information from 25million UK residents has actually fallen into unfriendly hands.However, this is now almost irrelevant as we in the security industrysit and wait for the first scam or phishing attack that plays onpeople’s doubts and fears.

For those unaware of this issue, on November 20th Her Majesty’sRevenue & Customs (HMRC - the UK's tax and excise agency)acknowledged that it had lost two computer disks containing largeamounts of confidential information, including names, addresses, datesof birth, and in some cases bank account information. The missing disks— apparently lost while being transported — may include information onas many as 25 million individuals, including recipients of childbenefits.

HMRC believe the disks are still within one of their sites, butafter an exhaustive search, they have...

Read more