jess LAND
       www.jessland.net
        Sponsored by:       
One eSecurity
www.one-esecurity.com
JISK Knowledgebase >>    About    News    Essentials    Architecture    FWs    IDS/IPS    Honeypots    Malware    Forensics   
  +  JSS Home    Projects    JSS Community    Events    News    Docs    About    Contact .

JISK > News > Archive > 2006 News Section Map

Security News Archive - 2006


 30/12/06  IDS  USA's Federal Aviation Administration (FAA) plans to install wireless IDS at FAA training centers, air traffic control centers and FAA headquarters 
 29/12/06  Privacy  French court favors personal privacy over piracy searches 
 24/12/06  Privacy  [ JG ] A couple of articles have caught my eye during the last few days: Vodafone fined 76m over Greek wiretap scandal and DHS's 'Secure Flight' Program Proven Insecure. It seems quite obvious that these massive 'Big Brother' programs in the real world do a lot against the privacy of the individual and very little for the security of the community, in spite of all the propaganda around them. The sad thing is that most of the people are not against them because they don't understand the risks and because they provide a False Sense of Security they feel comfortable with. Sigh. 
 20/12/06  Forensics  Google searches help convict wireless hacker. His searches included "how to broadcast interference over wifi 2.4 GHZ," "interference over wifi 2.4 Ghz," "wireless networks 2.4 interference," and "make device interfere wireless network.". Unfortunately the court documents do not reveal how the FBI managed to discovere his search terms. Bummer. It would have been interesting to see if this was the result of a subpoena to Google (Google declared it can return an individual's search terms if provided an IP or a Web Cookie, while MSN and AOL say they can't). 
 18/12/06  Web Apps  Learn How Not To Use Cookies, and take a look at some other related references on Web Application Security. 
 17/12/06  IDS  Marty Roesch on Snort 3.0 
 11/12/06  IDS  Take a look at this cool (& certainly useful) Map of the Internet IPv4 Address Space
 30/11/06  Privacy  A "funny" story on why you should be VERY careful when you get rid of your old computers, hard drives, flash drives, etc. Let's not mention what may happen if there is a forensically-savvy person at the other end. 
 29/11/06  Honeypots  A couple of new Honeypot Tools have been released: HoneySnap and Honeyclient 
 28/11/06  Malware  A bot program has been identified to propagate using several Windows vulnerabilities and a six-month old vulnerability in the Symantec Antivirus. Isn't it "funny" when defensive software becomes an attack vector? 
 28/11/06  Databases  David Lichtfield has published a paper about a new class of vulnerabilities which he has called Cursor snarfing
 27/11/06  Legal (US/EU)
Privacy 
 The US access to data on international bank transfers, granted by SWIFT (the Society for Worldwide Interbank Financial Telecommunications), violated the privacy laws of the EU.''. Check the original statement or the Securityfocus Article at that respect. 
 26/11/06  SSH  A new tool called Sharpener has been released to block SSH Brute Forces and a new associated SSH Brute Forcers Black List. I'm not a big fun of Black Lists unless they have been thoroughly tested (and even then...), but in any case, it's an interesting initiative. A similar initiative, DenyHosts has been running for some time as well.(JG) 
 25/11/06  Malware / IDS  A really interesting new tool, Universal Pattern Searcher which looks for common patterns in different datasets has been released. 
 23/11/06  Database  The Week of Oracle Database Bugs. Our colleagues at Argeniss have announced an initiative to release an Oracle 0-day exploit every day during a week on December. Will this change Oracle's security posture at all? 
 22/11/06  Legal (US)  Justices hand victory to free speech online: The California Supreme Court has ruled that websites annot be sued for posting or distributing libelous material written by others. 
 21/11/06  Databases  David Lichtfield has just published an illustrative paper Which is more secure? Oracle vs Microsoft. Oracle seems to clearly be the loser in this battle (as of today). 
 20/11/06  Malware  There is an interesting analysis by Lenny Zeltser at the SANS ISC about a commercial binary packer called Themida. The coolest part is this immunization idea suggested by a couple of ISC readers consisting on modifying standard (non-VM) systems in a way that they show VM-like characteristics, so malware which checks for the presence of a VM environment will not run. Really smart! Also interesting is the statistics referenced by Lenny: Three out of 12 malware specimens recently captured in our honeypot refused to run in VMware. 
 19/11/06  Vulnerabilities  The 2006 Edition of the SANS Top 20 has just been released. This year it has changed a little bit its focus, and it has been renamed to: SANS Top-20 Internet Security Attack Targets 
 18/11/06  Legal  We at JSS (and many others) suffered a while ago the consequences of Guidance Software's security breach. Now Guidance settles FTC breach charges. This is the saddest part: Guidance failed to implement "simple, inexpensive and readily available security measures" to protect consumers' data. As well as failing to take precautions to prevent web attacks, Guidance failed to detect unauthorised access to its network, a particularly embarrassing oversight given the nature of Guidance's business. We at the security business must be the first to be paranoid about our customers' security, but it looks like some companies aren't. Sad. 
 17/11/06  Malware  As you probably already know, malware (and specially rootkits) is targeting the hardware more and more. We saw Blue Pill (ab)using the virtualization features of the new generation of processors. Now, it's turn for PCI cards (network, video, etc.): PCI cards the next haven for rootkits?. The paper behind this news is Implementing and Detecting a PCI Rootkit by John Heasman. 
 16/11/06  Hacking  Digital Armaments have published their November-December Challenge, this time targeting Kernel vulnerabilities. A good opportunity for learning and having some fun. 
 15/11/06  BSD  It looks like the guys in the NetBSD community have been working pretty hard lately. The Recent Security Enhancements in NetBSD are definitely pretty impressive. 
 15/11/06  SPAM  I'm sure you've noticed the important increase in SPAM during the last 2 months (a perceived increase from 30% to 450% according to different sources). It looks like Bot nets are likely behind this jump in SPAM 
 14/11/06  Fingerprinting  A new version of SinFP, a tool which uses a new approach to active and passive OS fingerprinting, has been released. 
 14/11/06  Assessment  A new article about the Challenges faced by automated web application security assessment tools
 13/11/06  Auditing  The old Solaris Basic Security Module (BSM) has been openly ported to BSD, giving birth to OpenBSM. BSM is great if you are willing to sacrifice performance vs audit info, but the key in the real world is the tools to analyze the enormous amount of data produced. We'll wait to see what tools the FreeBSD community comes up with... 
 11/11/06  Legal  U.K. outlaws denial-of-service attacks
 10/11/06  Privacy  Interesting news today in Slashdot: "European expert researchers on identity and identity management summarize their findings from an analysis of passports with RFID and biometrics Machine Readable Travel Documents or MRTDs and recommend corrective measures." 
 08/11/06  Malware  A new interesting article in Securityfocus by Jamie Riden: Using Nepenthes Honeypots to Detect Common Malware 
 30/10/06  Encryption  Seagate announced today that they will produce hard drives that automatically encrypt the data, requiring users to have a key or password for decryption. 
 18/10/06  Log  Now that Log Management is getting so popular, it's good news that the final version of NIST publication Guide to Computer Security Log Management has seen the light. It's very recommended reading, as it covers a lot of different perspectives, from technical to operational and legal. 
 06/04/06  Honeypots  Malware wars! Botnets are being used by cybercriminals to perform denial of service attacks against antivirus vendors malware collection honeypots
 05/04/06  Malware  Kaspersky labs reported through Viruslist's weblog a cross-platform Proof-of-Concept virus that is capable of infecting both linux and windows binaries. 
 05/04/06  Vulnerabilities  Developers have quickly fixed about 900 bugs in popular open-source software as part of an U.S. government-sponsored source-code analysis project. 
 04/04/06  VoIP  Bruce Schneier describes why encryption in VoIP is so important due to a combination of traditional telephony threat model and the IP-networked one.Phil Zimmermman recently released ZFone a new Secure VoIP Phone based on a new protocol (ZRTP) proposed to be an IETF standard
 04/04/06  System  Virtualization software wars between Microsoft (who will provide Virtual Server Free), and VMWare who recently published the Server and Player software for free and just opened their Virtual Machine Disk Format Specification to the community. 
 27/03/06  Log Management  An interesting upcoming SANS webcast on Tuesday, March 28 at 1800 UTC/GMT: WhatWorks in Log Management: "Meeting Regulatory Compliance Requirements At Northwestern Memorial Hospital" Webcast 
 26/03/06  Hacking  Digital Armaments has launched a new edition of their Hacking Challenge, starting on April 1st: Oracle Database Hacking Challenge
 24/02/06  Phising  The Anti-Phishing Working Group just published their latest (December 05) trend report 
 24/02/06  Misc  Part 1 and part 2 of a really interesting interview with our two SANS colleagues Mike Poor & Ed Skoudis. 
 23/02/06  Malware  The two most important malware collection projects, nephentes and mwcollect, announced yesterday their fusion. The authoritative site for the joined effort is now http://www.mwcollect.org/ 
 22/02/06  Attacks  Check this interesting article: Demistifying Layer 2 attacks by Abhishek Singh. L2 security is typically one of the big forgotten so it's good to be aware of attack vectors against it. Additionally, remember there is a cool tool called yersinia by our friends David y Alfredo which can help you audit it. 
 22/02/06  Malware  Commtouch reports the January 2006's virus and spam statistics. In Summary: 19 new email-born significant virus attacks, of which a troubling 8 (42%) were graded "low intensity", 7 (37%) "Medium Intensity" and 4 (21%) were massive attacks a rare phenomenon for a single month. 
 21/02/06  Wireless/
Privacy 
 More RFID news. Take a look at this: Cellphones can crack RFID tags. It appears that the RFID technology has come really low regarding security & privacy. RFIDs are going to be really deep into our daily life soon, so we better make sure these things are fixed before that happens. 
 10/02/06  Wireless/
Privacy 
 Two employees have been injected with RFID chips this week as part of a new requirement to access their company's datacenter. Welcome to the future! The most interesting part though is that those chips can be skimmed and cloned
 07/02/06  Malware  An excellent analysis by David Moore and Colleen Shannon from CAIDA of the spread of the Nyxem (or Blackworm or Kama Sutra or MyWife or CME 24) Virus in January and early February 2006. 
 06/02/06  IPS  The next SANS Webcast, on Wed. Feb 8 (18:00 GMT), will be WhatWorks in Intrusion Prevention Systems: "Guarding Sensitive Data with Financial Profiles Inc.", by Alan Paller and Joel Holland. 
 05/02/06  Pentest  Big news for the pentesters out there! The two leading pentesting live CD distros, Whax & Auditor, are merging into a new one: BackTrack
 04/02/06  Malware  Another interesting article on Malware: Malicious Malware: attacking the attackers by Thorsten Holz and Frederic Raynal 
 03/02/06  Malware  The mwcollect Alliance has been launched today. The mwcollect Alliance is a non-profit community effort to collect autonomously spreading malware and share with anti-virus and vulnerability researchers. 
 31/01/06  Malware  A popular report about the business impact of malware has just been released: Computer Economics 2005 Malware Report: The Impact of Malicious Code Attacks. A free executive summary is available. 
 30/01/06  Malware  On Jan 31 there will also be a SANS webcast, Eliminating Virus Outbreaks with Sara Lee, by Alan Paller and Bryan Jordan. 
 29/01/06  Forensics  On Jan 31 there will be a webcast on Automated Incident Response by Guidance Software. 
 27/01/06  Malware  Interesting news about a new approach in the rootkit technologies: Researchers: Rootkits headed for BIOS 
 27/01/06  Malware  The Blackworm worm, an extremely dangerous worm that will overwrite user's files on Feb 3, is spreading fast (300.000 systems so far). Make sure to clean your systems as soon as possible. More info at the SANS ISC
 26/01/06  Generic  Interesting interview with Richard Bejtlich. 
 24/01/06  Malware  The guys at CSRRT-LU, have put up a Malware Contest. Sounds fun! 
 22/01/06  Honeypots  If you speak spanish and you are in the Madrid area on February 9, you may want to attend to an interesting 4-hour course on Honeynets, SANS Stay Sharp: Deploying GenIII Honeynets, taught by Raul Siles. 
 20/01/06  Honeypots  If you are in the Honeypots arena, do not miss this interesting article, Sebek 3: tracking the attackers, part one by Raul Siles 
 19/01/06  Forensics  Interesting Webcast by Guidance Software on Jan 26: Creating a Computer Forensic Lab and Using EnCase in a Lab Environment 
 11/01/06  Forensics  Oracle Database Worm Spreading
 10/01/06  Generic  The SANS Institute has just published the SANS 2005 Information Security Salary & Career Advancement Survey. 
 10/01/06  Malware  An interesting research paper on Malware trends. 

Copyright © 2000-2008 Jessland - Jess Garcia's Website - All rights reserved.