Uncategorized

The built-in malware protection in Apple’s Snow Leopard upgrade appears to be nothing more than a XProtect.plist file containing five signatures for two of the most popular Mac OS X trojans — OSX.RSPlug and OSX.Iservice.  Read the full story [zdnet.com]

From The Last Watchdog (Byron Acohido)

How much time should vendors of popular technology be given to fix a known security flaw? That’s the central question of the “full disclosure” debate – and one that is being tested again via Karsten Nohl’s campaign to compile a decryption handbook useful for eavesdropping on transmissions from AT&T and Tmobile phones, including iPhones and GPhones.

Nohl, a computer science PhD candidate from the University of Virginia, is calling for the global community of hackers to crack the encryption used on GSM phones. He plans to compile this work into a code book that can be used to eavesdrop on conversations and data transfers to and from GSM phones. Read the full story [lastwatchdog.com]

From Computerworld (Michael Scalisi)

While security has never been more important than it is today, the fastest way for an IT professional to become the most despised person in the company is to start enforcing a strong password policy. A policy perceived as overbearing may cause people to write down their passwords on a sticky-note near their computers, circumventing its very purpose. Your policy will be ineffective if your users don’t know how to create strong passwords that are easy to remember.  Read the full story [computerworld.com]

By Rich Mogull (Macworld)
As a security analyst and researcher, I often find myself exploring some of the darker corners of the Internet. In the course of staying current on security issues, I frequently must browse the sorts of Web sites no average person should go anywhere near; I’m also far more likely to be targeted in an attack. That’s forced me to develop a somewhat extreme approach to safer surfing.  Read the full story [macworld.com]

From the HP Security Labs blog
If Google detects that your website is hosting malware, it is pretty clear your site has been attacked.  A frightening trend with SQL Injection attacks concerns how an attacker will insert links to javascript content used to serve malicious links that may try and automatically compromise the users of your website.  When this happens, Google will automatically detect this and actively deter users from visiting your  website.
Here are some of the  basic recovery steps that need to be taken to ensure all content that was possibly modified by the attacker will be removed. The steps below are simply a very rough set of guidelines on one way that a security  analyst might approach securing a hacked website.  Read the full story [hp.com]

From Computerworld (Gregg Keizer)
Microsoft’s plan to “sandbox” documents in the next version of Office looks like a “very good step forward,” according to one security analyst.
Last week, Microsoft revealed more details about a new security feature in Office 2010, dubbed “Protected View,” that is designed to shut down the popular hacker tactic of feeding users rigged Word, Excel and PowerPoint files.  Read the full story [computerworld.com]

From NYTimes.com (Brad Stone)
Albert Gonzalez, a suspect in several hacking cases, was close to reaching a comprehensive plea agreement with federal prosecutors in Massachusetts and New York when federal prosecutors in New Jersey indicted him on Monday on a new raft of computer crimes, said Mr. Gonzalez’s lawyer, Rene Palomino Jr. Read the full story [NYTimes.com].