Category Archives: Security

Scammers Target Microsoft’s Genuine Advantage Program

Security

 Scammers are targeting users of Windows XP with a socially engineered phishing scheme that is designed to exploit Microsoft’s Windows Genuine Advantage program. The WGA-specific scam attempts to extort credit card information from its victims by warning that they must validate their Windows installation by updating account information, or risk losing access to their data.

Windows Genuine Advantage is a new anti-piracy effort that employs a system of incentives and disincentives to verify that customers have installed licensed copies of the OS. The program was initially a pilot that provided customers who opted-in with special perks for being “legal.” In return for their cooperation, customers will receive discounts on software and bonus downloads.
Read More at BetaNews

Hell Freezes Over? Non-MIE Security Problem.

Security, Software

Hell must of frozen over, there is a new browser exploit that does not attack Internet Explorer.  According to a paper recently published by Eric Johanson of the Shmoo Group, users on most Mozilla-based browsers (Firefox 1.0, Camino .8.5, Mozilla 1.6, etc), Safari 1.2.5, Opera 7.54, Omniweb 5 are victim to a complex International Domain Name [IDN] spoof.

This new attack allows an attacker/phisher to spoof the domain/URLs of businesses. Every recent gecko/khtml based browser implements IDN (which is just about every browser except for Internet Explorer). The Smoo Group have created a proof of concept where the links are directed at “http://www.pаypal.com/”, which the browsers punycode handlers render as www.xn--pypal-4ve.com.  According to the group there is however an easy to way to detect you’re under a spoof attack, cut & paste the url you are accessing into notepad or some other tool (under OSX, paste into a terminal window) which will allow you to view what character set/pagecode the string is in. You can also view the details of the SSL cert etc.
You can read more on it at NeoWin

VOIP Security Alliance says VOIP is not Safe

Information, Security, Services

 The VOIP Security Alliance, or VOIPSA, launches today. So far, 22 entities, including security experts, researchers, operators and equipment vendors, have signed up. They range from equipment vendor Siemens and phone company Qwest to research organization The SANS Institute.  Their goal is to counteract a range of potential security risks in the practice of sending voice as data packets, as well as educate users as they buy and use VOIP equipment. An e-mail mailing list and working groups will enable discussion and collaboration on VOIP testing tools.  David Endler, chairman of the VOIP Security Alliance said , there are many ways to attack a VOIP system. First, VOIP inherits the same problems that affect IP networks themselves: Hackers can launch distributed denial of service attacks, which congest the network with illegitimate traffic. This prevents e-mails, file transfers, web-page requests and, increasingly, voice calls from getting through. Voice traffic has its own sensitivities, which mean the user experience can easily be degraded past the point of usability.

Read more about their early research in this article. 

A Basic USB Drive Security Lesson

Security

HNS – A Simple Guide to Securing USB Memory Sticks

Since their introduction the USB memory stick has been hailed by those fed up with the shortcomings of the floppy. Their small physical size, satisfactory speed and ever-increasing storage capacity makes them the most convenient device to use for transferring files from one place to another. However, these very features can introduce new security risks and amplify risks that already existed with floppy disks. The primary risks associated with USB memory sticks can be identified as:

  • Virus Transmissions – Data sharing opens up an avenue for viruses to propagate
  • Corruption of data – Corruption can occur if the drive is not unmounted cleanly
  • Loss of data – All media is susceptible to data loss
  • Loss of media – The device is physically small and can easily be misplaced
  • Loss of confidentiality – Data on the lost physical media can be obtained by others

Read the full article from the link above. Much is basic, but there is something for us all to learn.

 

MSN Messenger Worm Packs Double Punch

Security

MSN Messenger Worm Packs Double Punch
Anti-virus vendors have raised the threat level on a double-barrelled MSN Messenger worm that lures users with the promise of sexy image files.MSN Worm

 The worm, identified as W32/Bropia, arrives as a download link within MSN instant messaging sessions, but instead of sexy photographs, infected users get an image of a cooked chicken on a platter with a neatly drawn bikini tan line.

The worm also deposits a variant of the Rbot backdoor Trojan that is capable of using infected machines to create zombie networks, security experts warn.

Microsoft Attempts to Lock-Down As Much as Possible

Commerce, Information, Security

Microsoft Licenses Analog Anti-rip Technology 

CD copy-protection specialist Macrovision is to work with Microsoft to ensure their respective DRM and anti-rip technologies are interoperable, the two companies said this week. Sounds straightforward enough, but the deal runs deeper. Microsoft agreed to license a number of Macrovision’s patents, in particular those relating to analogue copy protection technology and more recent extensions to that system that cover video-on-demand, pay-per-view content and support for the US ‘broadcast flag’, which determines whether consumers will be able to record digital TV broadcasts.

Asian Online Gaming loaded with Malware

Security

I cringe every time my kids play an online game from a source I am not familiar with. This is one of the reasons that machine is stand-alone and isolated from the rest of the network. Seems some Asian game sites are loaded with malware. Makes you wonder if the Internet is going to become a contaminated playground and PC’s will have to re-build them-selves nightly to assure nothing naughty isnt still lingering.[Cnet]