Tuesday, November 30, 2010
"Is the target of the Wikileaks 'Big Bank' exposé going to be Bank of America?
As the Huffington Post points out, Julian Assange talked about BofA last year in an interview with Computer World, claiming "he had acquired a large cache of information from Bank of America."
He specified that he has 5GB of material on the company."
"The TSA isn't the most respected of governmental agencies right now, but at least it comes by the poor reputation honestly. The lack of standards, inconsistent application of searches and policies, and occasional rude agent all combine to make flying an unpleasant experience. It's often derided as "security theater," which describes the experience of Mythbuster Adam Savage before a recent flight."
"Side channel attacks on cryptographic systems are attacks exploiting information gained from physical implementations rather than utilizing theoretical weaknesses of a scheme. In particular, during the last years, major achievements were made for the class of access-driven cache-attacks. The source of information leakage for such attacks are the locations of memory accesses performed by a victim process."
Monday, November 29, 2010
I'm excited to announce a brand new course that Stephen Sims, Joshua Wright and myself have just completed. It is running for the first time in London this week and will be on the schedule in 2011 in numerous locations.
Check it out...
Tuesday, November 23, 2010
"The new version of the Electronic Frontier Foundation's excellent HTTPS Everywhere browser tool specifically protects against having your credentials to many popular sites lifted with Firesheep (as well as by deliberately malicious tools that actual bad guys make). Wherever a site allows for SSL throughout your session, HTTPS Everywhere will add this. I was recently at EFF and asked Seth Schoen, a staff technologist, to print my boarding card for the next day's flight from his computer. It took a long time. When I asked why this was, Seth told me that he'd realized that Continental didn't use SSL to transmit boarding cards by default, but that they supported it, so he was adding a HTTPS Everywhere rule to make sure all the HTTPS Everywhere users who used Continental's boarding pass service would be protected in future. EFF is adding new sites by the shovel-load, making the free/open HTTPS Everywhere indispensable."
"Apple has finally released the highly-anticipated iOS 4.2. While the attention around iOS 4.2 has been focused on the enhancements and new features -- particularly for the iPad -- the update also fixes more than 80 vulnerabilities in the iPhone, iPod, and iPad."
Thursday, November 18, 2010
"A security researcher who specializes in online privacy had his laptop and cell phones temporarily seized after returning to the U.S. on an international flight last night.
Moxie Marlinspike told CNET in an interview today that he had been detained and questioned after an international flight last week and appears to be on a federal "watch list" for domestic flights too but doesn't know why."
Read more (CNET)
Read more (Wired)
Wednesday, November 17, 2010
"Katana is a portable multi-boot security suite which brings together many of today's best security distributions and portable applications to run off a single Flash Drive. It includes distributions which focus on Pen-Testing, Auditing, Forensics, System Recovery, Network Analysis, and Malware Removal. Katana also comes with over 100 portable Windows applications; such as Wireshark, Metasploit, NMAP, Cain & Abel, and many more."
Tuesday, November 16, 2010
"The push for new Internet surveillance capabilities goes back to 1999, when government officials began crafting proposals to institute new surveillance technologies within Canadian networks along with additional legal powers to access surveillance and subscriber information. The so-called lawful access initiatives stalled in recent years, but my weekly technology law column (Toronto Star version, homepage version) notes that earlier this month the government tabled its latest proposal with three bills (C-50, C-51, C-52) that received only limited attention despite their potential to fundamentally reshape the Internet in Canada.
The bills contain a three-pronged approach focused on information disclosure, mandated surveillance technologies, and new police powers."
"Scope of attack is bigger than previous politically motivated attacks in Estonia, Georgia.
Just before holding its first real elections in more than 20 years, Burma's primary Internet services have been hit with a massive distributed denial-of-service (DDoS) attack that has disrupted service all over the country."
"After years of burying malicious software in email and portable storage media, attackers now favor quick downloads via legitimate websites, researcher says."
"At the heart of the controversy over “body scanners” is a promise: The images of our naked bodies will never be public. U.S. Marshals in a Florida Federal courthouse saved 35,000 images on their scanner. These are those images.
A Gizmodo investigation has revealed 100 of the photographs saved by the Gen 2 millimeter wave scanner from Brijot Imaging Systems, Inc., obtained by a FOIA request after it was recently revealed that U.S. Marshals operating the machine in the Orlando, Florida, courthouse had improperly — perhaps illegally — saved images of the scans of public servants and private citizens."
"As of today, Amazon EC2 is providing what they call "Cluster GPU Instances": An instance in the Amazon cloud that provides you with the power of two NVIDIA Tesla “Fermi” M2050 GPUs. The exact specifications look like this:
22 GB of memory
33.5 EC2 Compute Units (2 x Intel Xeon X5570, quad-core “Nehalem” architecture)
2 x NVIDIA Tesla “Fermi” M2050 GPUs
1690 GB of instance storage
I/O Performance: Very High (10 Gigabit Ethernet)
API name: cg1.4xlarge
GPUs are known to be the best hardware accelerator for cracking passwords, so I decided to give it a try: How fast can this instance type be used to crack SHA1 hashes?"
"In recent versions of Windows, specifically Vista and Windows 7, Microsoft has introduced a number of new security features designed to prevent malicious code from running. But attackers are continually finding new ways around those protections, and the latest example is a rootkit that can bypass the Windows driver-signing protection.
The functionality is contained in TDL4, which is the latest version of an older rootkit also known as TDSS and Alureon. TDSS has been causing serious trouble for users for more than two years now, and is an example of a particularly pernicious type of rootkit that infects the master boot record of a PC. This type of malware often is referred to as a bootkit and can be extremely difficult to remove once it's detected. The older versions of TDSS--TDL1, TDL2 and TDL3--are detected by most antimalware suites now, but it's TDL4 that's the most problematic right now."
"This major update to Process Explorer adds a slew of enhancements and new functionality including network and disk monitoring, an improved multi-tab system information dialog, additional memory statistics, a new column that shows aggregate CPU usage for a tree of processes, improved DLL scanning performance and accuracy, command-lines in process tree tooltips, support for more than 64 CPU systems, and more."
Check it out...
"Over the last few months, we’ve received many feature requests for the commercial Metasploit products, and we wanted to give you the low-down on a couple new features that are in direct response to your feedback. Thanks to everyone who has been involved in getting us here, it’s been a fun six months."
Monday, November 15, 2010
Saturday, November 13, 2010
Friday, November 12, 2010
Thursday, November 11, 2010
"Chinese authorities are trying to stop the spread of a spam-texting virus that has infected more than 1 million cell phone users in the country."
Wednesday, November 10, 2010
Wednesday, November 3, 2010
"On this first anniversary of Rapid7's acquisition of The Metasploit Project, we are proud to announce the release of the newest version of the Metasploit Framework, 3.5.0, with over 600 exploits and tons of bug fixes."
Check it out...
Monday, November 1, 2010
"Hacktivist group, the Iranian Cyber Army (ICA), has announced that it plans to sell access to its botnets, which have been responsible for attacks on social networks like Twitter and the Chinese equivalent of Google, Baidu."