November 16th, 2009

Microsoft confirms 'detailed' Windows 7 exploit

Posted by Ryan Naraine @ 10:25 am

Categories: Arbitrary Code Execution, Browsers, Denial of Service (DoS), Exploit code, Microsoft, Passwords, Patch Watch, Punditocracy, Vulnerability research, Windows Vista

Tags: Denial Of Service, Web, Attacker, Vulnerability, Microsoft Corp., Web Site, Small And Medium Business, Microsoft Windows 7, Microsoft Windows, Smb/Sme

Microsoft has issued a security advisory to acknowledge a crippling denial-of-service flaw affecting its newest operating systems — Windows 7 and Windows Server 2008 R2.

Exploit code for the vulnerability was released by researcher Laurent Gaffié after failed attempts to get Microsoft’s security response center to acknowledge that this was an issue that needs to be patched (SEE UPDATE BELOW). Read the rest of this entry »

November 10th, 2009

Why is Apple meddling with my Windows AutoRun?

Posted by Ryan Naraine @ 6:46 am

Categories: Apple, Arbitrary Code Execution, Browsers, Data theft, Denial of Service (DoS), Digital rights management, Exploit code, Malware, Microsoft, Pen testing, Punditocracy, iPhone

Tags: Operating System, Apple Inc., Microsoft Windows, Apple iTunes, Digital Music, Digital Media, Operating Systems, Personal Technology, Consumer Electronics, Software

Guest editorial by Costin Raiu

In every system designed by man, there is always a balance between features, usability and security. While designing pretty, easy to use and secure systems is possible, quite often this is not what the users get, or worse, this is not what the users want.

The most popular example of this applies to Apple. Focusing on eye-catching designs and easy to use products, Apple is listed in almost every marketing book as a success story.

Interestingly, maybe their second most popular software product, Mac OS X (after iTunes) represents a curious blend between eye-catching, easy to use, flexible, usable and decently secure, modern operating system. Please notice how I avoided saying “secure” and instead, wrote “decently secure”. Read the rest of this entry »

October 20th, 2009

GAO report: NASA at 'high risk' of data breach

Posted by Ryan Naraine @ 5:29 am

Categories: Anti Virus, Arbitrary Code Execution, Botnets, Complex Attacks, Data theft, Exploit code, Locally Running Web Servers, Passwords, Patch Watch, Pen testing, Punditocracy, Responsible disclosure

Tags: NASA, General Accounting Office, Audior, Security, Strategy, Management, Ryan Naraine

The U.S. Government Accountability Office (GAO) has painted a bleak picture of the NASA’s IT security posture.

An audit of the space agency’s computer systems found weaknesses in several critical areas, especially in the way NASA implemented access controls like user accounts, passwords and the encryption of sensitive data. Read the rest of this entry »

October 19th, 2009

Microsoft: Human error caused critical SMB2 vulnerability

Posted by Ryan Naraine @ 9:35 am

Categories: Adobe, Arbitrary Code Execution, Browsers, Complex Attacks, Data theft, Denial of Service (DoS), Exploit code, Flash, Hackers, Malware, Microsoft, Mozilla, Open source, Pen testing, Punditocracy, Responsible disclosure

Tags: Analysis Tool, Vulnerability, Bug, Microsoft Corp., Humans, Microsoft Windows, Microsoft Windows 7, Productivity, Operating Systems, Security

Microsoft is blaming human error for one of the critical SMB v2 vulnerabilities that exposed Windows users to remote code execution attacks and argues that it’s near impossible to catch these types of bugs with existing code review tools and techniques.

According to a post-mortem of the issue by Redmond security guru Michael Howard (right), the company detected the vulnerable code “very late” in the Windows 7 development process but argued that there are no static analysis tools or SDL requirements that would spot this type of human error.

Read the rest of this entry »

September 24th, 2009

In search of a standard for displaying security threat levels

Posted by Ryan Naraine @ 6:32 am

Categories: Anti Virus, Arbitrary Code Execution, Botnets, Browsers, Data theft, Denial of Service (DoS), Locally Running Web Servers, Malware, Punditocracy, Rootkits, Spam and Phishing, Viruses and Worms

Tags: Security Company, Threat Level, Security, Ryan Naraine

GENEVA — A veteran security researcher today challenged the anti-malware industry to work on a standard way of assigning computer/Internet threat levels to present transparent helpful information to consumers and businesses.

During a presentation at the Virus Bulletin 2009 conference here, Fortinet project manager Bryan Lu discussed the current scenario where anti-malware vendor use different systems to display threat levels — either color-coded or using numbers and arrows — and suggested that vendors use existing data to make threat level indicators more useful and meaningful.

Read the rest of this entry »

September 23rd, 2009

From Gimmiv to Conficker: The lucrative MS08-067 flaw

Posted by Ryan Naraine @ 6:23 am

Categories: Adobe, Anti Virus, Botnets, Browsers, Data theft, Denial of Service (DoS), Exploit code, Flash, Malware, Punditocracy, Responsible disclosure, Rootkits, Viruses and Worms, Vulnerability research, Zero-day attacks

Tags: Flaw, Malware, Conficker, MS08-067, Malware Family, Spyware, Adware & Malware, Cyberthreats, Viruses And Worms, Security, Ryan Naraine

GENEVA — The critical MS08-067 vulnerability used by the Conficker worm to build a powerful botnet continues to be a lucrative security hole for cyber criminals.

During a presentation at the Virus Bulletin 2009 conference here, a trio of Microsoft researchers dissected the malware attacks linked to MS08-067 and found that criminal gangs are still exploiting the flaw to plant data-theft Trojans on vulnerable Windows machines. Read the rest of this entry »

August 6th, 2009

Twitter knocked offline by DDoS attack; Koobface returns with a twist

Posted by Ryan Naraine @ 9:46 am

Categories: Adobe, Anti Virus, Arbitrary Code Execution, Botnets, Browsers, Data theft, Denial of Service (DoS), Exploit code, Facebook, Flash, Malware, Punditocracy, Responsible disclosure, Social Networking Applications, Spam and Phishing, Viruses and Worms, Vulnerability research, Web 2.0

Tags: Kaspersky Lab, DOS, Twitter, Attack, Koobface, Security, Spyware, Adware & Malware, Cyberthreats, Ryan Naraine

Popular microblogging service Twitter was knocked offline for an extended period this morning by what appears to be a massive distributed denial-of-service attacks.

Twitter confirmed the outage was linked to malicious attackers in a brief status message posted around 11:00 a.m EST.
Read the rest of this entry »

August 3rd, 2009

Black Hat recap podcast: SSL, SMS, BIOS rootkits

Posted by Ryan Naraine @ 2:10 pm

Categories: Anti Virus, Apple, Arbitrary Code Execution, Black Hat, Botnets, Browsers, Complex Attacks, Data theft, Denial of Service (DoS), Exploit code, Firefox, Hackers, Mobile (In)Security, Mozilla, Passwords, Patch Watch, Punditocracy, Responsible disclosure, iPhone

Tags: Black Hat, SSL, SMS, Rootkits, BIOS, Text Messaging/SMS/MMS, Podcasts, Ssl/Tls, Authentication/Encryption, Telephony

In this podcast, I chat with Threatpost.com co-editor Dennis Fisher about the big news coming out of the Black Hat security conference.  We discuss the attacks using SMS and MMS, rootkits in keyboards and BIOSes, vulnerabilities in SSL and the response from vendors to these problems. Listen here [mp3].

July 27th, 2009

A Good Year for Security Collaboration

Posted by Ryan Naraine @ 5:58 am

Categories: Adobe, Arbitrary Code Execution, Black Hat, Browsers, Complex Attacks, Data theft, Exploit code, Microsoft, Patch Watch, Punditocracy, Research, Responsible disclosure, Vulnerability research, Zero-day attacks

Tags: Microsoft Corp., Conficker Working Group, Security, Ryan Naraine

Guest Editorial by  George Stathakopoulos

It seems like just yesterday when I was at Black Hat.  Now as I get ready to fly to Las Vegas again, I look forward to seeing a lot of security researchers, hearing their latest exploits and how they fared over the last 352 days.  At the same time, it is a great opportunity to look back at the past year in security and ask myself, “was it a good year or a bad year?”

What comes immediately to mind when I think of the past year?  The rise of rogue security software, Conficker, two out-of-band security updates (thanks to the MSRC for the great work!) and of course the fact that cyber security has garnered national attention fueling the search for a cyber czar.   Security researchers and analysts have said that security investments like the security development lifecycle (SDL) are making products harder to crack.   More people are interested in secure development, as seen by the uptick in downloads of Microsoft !exploitable and Threat Modeling tools.  More companies – Adobe comes to mind – are clearly demonstrating their commitment to protecting customers through security fundamentals.  And really, the collaborative spirit was obvious across the industry over the past year.   Read the rest of this entry »

May 26th, 2009

Twitter API ripe for abuse by web worms

Posted by Ryan Naraine @ 12:39 pm

Categories: Anti Virus, Browsers, Data theft, Exploit code, Hirings and firings, Malware, Passwords, Pen testing, Phishing, Punditocracy, Responsible disclosure, Social Networking Applications, Spam and Phishing, Viruses and Worms, Vulnerability research, Web 2.0, Web Applications

Tags: Web, API, Worm, Twitter, Twitpic, Cyberthreats, Viruses And Worms, Security, Ryan Naraine

A security researcher is warning that the Twitter API can be trivially abused by hackers to launch worm attacks.

The red-hot social networking/microblogging service has been scrambling to plug cross-site scripting and other Web site vulnerabilities to thwart worm attacks but, as researcher Aviv Raff points out, it’s much easier to misuse the Twitter API as a “weak link” to send worms squirming through Twitter.

Read the rest of this entry »