From The New York Times, by Saul Hansell
Microsoft is at work on a couple of new technologies that may finally help enterprises unravel the giant ball of yarn that is user identity management. The head of the company’s server and tools business, Bob Muglia, said Microsoft’s Azure technology, as well as a tool called Direct Access in Windows 7, will give enterprises the help they need to make sense of identity management.
Browsing Category: Vulnerabilities
From The New York Times, by Saul Hansell
Digital Underground podcast with Dennis Fisher
In this episode, Dennis Fisher talks with Dino Dai Zovi, a security researcher and co-author of “The Mac Hacker’s Handbook,” about the ease of exploiting Mac OS X, the value of vulnerability research and his “no more free bugs” campaign.
From DarkReading.com (Kelly Jackson Higgins)
Big-name botnets like Kraken/Bobax, Srizbi, Rustock, the former Storm — and even the possible botnet-in-waiting, Conficker — have gained plenty of notoriety, but it’s the smaller and less conspicuous ones you can’t see that are doing the most damage [darkreading.com] in the enterprise.
These mini-botnets range in size from tens to thousands versus the hundreds of thousands, or even millions, of bots that the biggest botnets deploy. They are typically specialized and built to target an organization or person, stealing corporate and personal information, often without a trace. They don’t attract the attention of the big spamming botnets that cast a wide net and generate lots of traffic; instead they strike quietly, under the radar. Read the full story [darkreading.com]
By Sumner Lemon, IDG News Service
An expected activation of the Conficker.c worm at midnight today passed without incident [computerworld.com], despite sensationalized fears [cbsnews.com] that the Internet itself might be affected, but security researchers said users aren’t out of the woods yet.
While infected computers have started reaching out to command servers as expected, nothing untoward has happened. Read the full story [computerworld.com]. CNet’s Elinor Mills is also tracking [zdnet.com] Conficker’s April 1st activation closely.
By Tim Wilson, DarkReading/InformationWeek
We polled more than 400 business technology professionals to determine which threats they consider the most serious, how they prioritize their defensive efforts, and what plans they’ve put in place to keep their organizations’ data safe in 2009 and beyond. We find that professionals worry about threats from outside attackers [informationweek.com], but it’s the danger from within the company that really keeps them awake at night. About 52% of more than 400 respondents say they’re most concerned about internal risks, including both accidental and malicious data compromises by employees or business partners during the course of their day-to-day activities.
Read the full story [informationweek.com]
Jeremiah Grossman and Trey Ford of WhiteHat Security explain low-tech and no-tech schemes for making money online in this TechWebTV video from Black Hat USA 2008.
By Georg Wicherski
As already reported by F-Secure, criminals are using the Conficker hype to push rogue anti-virus software to computer users.
Their solution will sometimes display false alerts on clean systems and try to lure their victims into buying a fake cleaning program for $39.95 from them. Opposed to what they were claiming on remove-conficker.org (website already taken down), their solution fails to detect Kido. Read more and see video demo [viruslist.com] of this latest threat.
As the world prepares for the complete destruction of the Internet tomorrow when the Conficker worm makes a small change in its communication protocol, a voice of reason has emerged from the wilderness. The Honeynet Project on Monday released a paper with a detailed analysis of the worm as well as some weaknesses in its design that allow for identification of infected machines.
By Gunter Ollmann
It’s like one of those magic candles people place on birthday cakes that sparkle and relight themselves each time you think they’ve been blown out. That’s how I’d define the most recent ignition of the “bugs for cash” debate.
By now you’ll have probably heard that Dino Dai Zovi, Charlie Miller and Alex Sotirov have declared “No more free bugs” (Dai Zovi affirms his position and provides insight to his side of the argument over on his blog titled “No more free bugs”).
By Dancho Danchev, ZDNet
Earlier this month, the controversial BBC purchase of a botnet and modifying the infected hosts in the name of “public interest” sparked a lot of debate on the pros and cons of their action. Condemned by certain security vendors, and naturally, at least from guerrilla PR perspective, applauded and encouraged as a awareness raising tactic by others, the discussion shifted from technical to moral and legal debate, leaving a single question unanswered – what is the name of the botnet that the BBC rented and what’s so special about it?
Until now. Let’s take a peek inside the BBC “Chimera Botnet” [zdnet.com] offered for rent by a Russian Cybercrime-as-a-service (CaaS) vendor.