Apparently cybercriminals are getting smarter. Some of the more interesting facts in this story include:
Spam accounts for 90% of e-mail.
There are now businesses in China and India whose employees are tasked with typing in those text picture tests that you have to fill out to open some accounts online.
E-mail attachment attacks have decreased significantly over the years.
It is hard to believe that so much of the world's email is spam, but I suppose we should not be surprised. The majority of e-mail I get on my regular G-Mail account is spam. It should also be disheartening that even the picture tests are not enough to stop spammers from getting new accounts. At least we can be consoled by the fact that there are less attachment attacks, although it is possible they have just been replaced with more sinister types of attacks.
Cisco: Cybercriminals more savvy than ever in 2008
http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci1342560,00.html
Wednesday, December 17, 2008
Tuesday, December 16, 2008
Security Review: Xbox and Playstation.
With the new advancement in gaming systems and numerous uses of the new Xbox or playstation, can these devices be another tool for hackers to use to violate our lives and gain personal information. Within the last two or three years both the Xbox 360 and the Playstation 3 have been hacked into. In January of 2006 “Sources say that a group calling themselves Team Pi have discovered a vulnerability in the Xbox 360, or more specifically in the kiosk CD being used in retailers displays. It seems that though the executable on the disk is signed, the other media on the disk is not signed allowing someone to swap the Project Gotham Racing 3 demo video with a WMV-HD rip of a full length movie. This is far from being a complete hack of the Xbox 360 but it is one little step closer to a full hack.”
This month “PlayStation Home, a 3D social gaming community available on PS3 that allows users to interact communicate and share gaming experiences, launched last Thursday and over the weekend it was hacked multiple times. Hackers found several vulnerabilities that allowed them to run some code to bypass advertisement, replace content originally placed by Sony with the user's own images. Another hack allows uploading files to hack the Home server or deleting any file from the Home server.”
Although these events were both of the minor variety, this leaves a lot to be questioned. On Both consoles people can purchase movies, games, and music by using their online accounts. On these online accounts people provide very sensitive information to be granted access to the following features. Internet access, Movie download center, and music download center. Although not necessary all the features are desired by every user. My question is can these devices, which are operated over the web, be possible hacking opportunities?
Articles : http://news.teamxbox.com/xbox/18394/PlayStation-Home-Hacked-Already/
http://theconsolewars.blogspot.com/2006/01/impossible-to-hack-xbox-360.htmlMonday, December 15, 2008
Adobe PDF and Flash are source of web attacks
"Attackers are finding new ways to stay one step ahead of security, exploiting ubiquitous Adobe Flash applications and PDF files, which many organizations and end users incorrectly assume are safe against compromise." was quoted in an article describing Adobe attacks on December 9th, 2008.
"In its Q4 Web Security Trends Report, Finjan Inc. says its Malicious Code Research Center (MCRC) has found that millions of PCs have been compromised by either Flash- or PDF-borne Web exploits, as crimeware writers widen their attack vectors and find new ways to evade detection and snare user machines." Flash is an application that allows animations in webpages. Flash is a specific type of webpage coding. The Flash exploits rely on basic Adobe ActionScript functionality to exploit browser vulnerabilities. Flash malware can be delivered through malicious banner ads. "Although most networks inspect the ads for security risks, their efforts are often insufficient." Adobe advises uses to set a parameter, "AllowScriptAccess," to "never," but is more typically set to "always." "This allows ActionScript to inject an IFRAME, which can then pull in malicious content and infect the end-user machine."
PDF a mistakenly considered as a safe file format to many. However they can be exploited through a pair of buffer overflow vulnerabilities. Adobe has patches for these flaws, but many machines aren't up to date. Starting with version 1.4, the PDF format includes JavaScript capabilities. The problem grew by the emergence of simply crimeware toolkits, such as Neosploit and Fiesta, which include PDF components that "enable attackers to obfuscate scripts within PDF files to execute Web exploits. Signature-based detection is not generally effective against these attacks, so antimalware engines must rely on real-time detection."
The best way to prevent these attacks seem to be by simply updating these programs since there are patches available. Perhaps Adobe should come up with an automatic software update, like Microsoft uses. This article is interesting to me because I use Flash coding all the time and I always felt like it was safer, even though I had nothing to support this reasoning. I also think this is interesting since we recently learned about web based attacks. It would be interesting to see if these programs are exploited in ways similar to cross-site scripting. I think it is also important that antivirus and spyware detection programs update their software to protect users against these attacks.
Sources:
Flash, PDF are growing malware targets
By Neil Roiter, Senior Technology Editor, Information Security magazine09 Dec 2008 SearchSecurity.com
http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci1341749,00.html
"In its Q4 Web Security Trends Report, Finjan Inc. says its Malicious Code Research Center (MCRC) has found that millions of PCs have been compromised by either Flash- or PDF-borne Web exploits, as crimeware writers widen their attack vectors and find new ways to evade detection and snare user machines." Flash is an application that allows animations in webpages. Flash is a specific type of webpage coding. The Flash exploits rely on basic Adobe ActionScript functionality to exploit browser vulnerabilities. Flash malware can be delivered through malicious banner ads. "Although most networks inspect the ads for security risks, their efforts are often insufficient." Adobe advises uses to set a parameter, "AllowScriptAccess," to "never," but is more typically set to "always." "This allows ActionScript to inject an IFRAME, which can then pull in malicious content and infect the end-user machine."
PDF a mistakenly considered as a safe file format to many. However they can be exploited through a pair of buffer overflow vulnerabilities. Adobe has patches for these flaws, but many machines aren't up to date. Starting with version 1.4, the PDF format includes JavaScript capabilities. The problem grew by the emergence of simply crimeware toolkits, such as Neosploit and Fiesta, which include PDF components that "enable attackers to obfuscate scripts within PDF files to execute Web exploits. Signature-based detection is not generally effective against these attacks, so antimalware engines must rely on real-time detection."
The best way to prevent these attacks seem to be by simply updating these programs since there are patches available. Perhaps Adobe should come up with an automatic software update, like Microsoft uses. This article is interesting to me because I use Flash coding all the time and I always felt like it was safer, even though I had nothing to support this reasoning. I also think this is interesting since we recently learned about web based attacks. It would be interesting to see if these programs are exploited in ways similar to cross-site scripting. I think it is also important that antivirus and spyware detection programs update their software to protect users against these attacks.
Sources:
Flash, PDF are growing malware targets
By Neil Roiter, Senior Technology Editor, Information Security magazine09 Dec 2008 SearchSecurity.com
http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci1341749,00.html
Web Security Notes
Someone pointed out that I hadn't posted the web security note) online. Here they are:
Web Security slides
Web Security slides
Sunday, December 14, 2008
Oooops they did it again
Microsoft has made itself the joker of the modern computer world once again. No, I'm not talking about windows vista aka "mojave" I'm referring to a new vulnerability on the Internet Explorer program that runs on all of Microsoft's operating systems. On Friday, Microsoft released a statement about a number of "zero day" attacks that occur as a result of a vulnerability in the way the browser processes XML (a way of writing information to websites). Verisign released an announcement late last week that a group of Chinese security researches discovered an accidentally released the flaw in IE. The main idea of the attacks is to load malicious software onto computer that are vulnerable to the attack. These programs can give the hacker all the normal privileges that the user would have including access to sensitive records and files. Below are links to two articles including one that talks specifically about ACL's and how to block the vulnerability at the server before it enters the network. This does not completely block the threat but it does lower the risk until a patch is made available.
http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci1342278,00.html
http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci1342135,00.html
http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci1342278,00.html
http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci1342135,00.html
Sunday, December 7, 2008
Facebook revisited
As the other posters have mentioned facebook is really in no way secure. First you can setup an account claiming to be someone else. This can cause slanderous things to be posted on someone's facebook page that isn't really theirs. People can also pretend to someone and hit on girls or boys and then in person the person who thinks they are being hit can be extremely hurt because everything is hoax. Facebook needs to develop a system of verification to make sure these things do not happen.
As for the virus attack i am constantly bombared with these phishing attacks. Some of them come as wall posts from friends who have "zombie computers". Recently facebook added a new feature called "facebook chat". This is the faceboook equivalent of instant messaging. Many of the most recent phishing attacks I have receiver have come via facebook chat. Facebook needs to come up with a way to prevent this virys from spreading further. Most of the attacks are extremely obvious such as "click here to reduce your debt". None of my friends would care about debt nor would they advise me on how to lower it. The other attacks about tagging and adding photos etc is much more harmful because it could seem legitimate and could end up being malicious.
As for the virus attack i am constantly bombared with these phishing attacks. Some of them come as wall posts from friends who have "zombie computers". Recently facebook added a new feature called "facebook chat". This is the faceboook equivalent of instant messaging. Many of the most recent phishing attacks I have receiver have come via facebook chat. Facebook needs to come up with a way to prevent this virys from spreading further. Most of the attacks are extremely obvious such as "click here to reduce your debt". None of my friends would care about debt nor would they advise me on how to lower it. The other attacks about tagging and adding photos etc is much more harmful because it could seem legitimate and could end up being malicious.
Saturday, December 6, 2008
Security Review: Off-Campus Housing Door Security
In the dorms on campus, doors play a crucial role in terms of security. A number of security features are intended to keep the dorm and residents safe (ID card scanners, restricted access hours, and PIN keypads). Furthermore, doors to individual rooms make use of locks and keys, and strong physical construction to maintain the security of a room. Unfortunately these measures are not always enough to prevent theft and unauthorized access.
What happens, then, when students live outside of the Notre Dame bubble in the neighborhoods surrounding campus? What measures are used on doors to maintain the security of off campus houses? In this security review, I will assess some common methods of securing the doors and overall safety of an off campus house.
Exterior doors can be equipped with different types of locks (handle locks, single-cylinder deadbolts, double-cylinder deadbolts), construction materials (metal, solid-wood, composites), and sensors (surface door contacts, recessed contacts). Not all methods provide the optimal security condition as the integrity of the physical barrier can be compromised. Ideally for the home owner or resident, the door will of course prohibit unauthorized entry and will not readily expose to view (disclose) the contents of the house. This also addresses the integrity of the house and its residents and associated property. In addition, the door should allow authorized individuals entry.
Would-be attackers would be interested in knowing what methods are used to secure the door. Do the residents make actually use the installed deadbolt lock when leaving? An underutilized deadbolt is pointless in keeping attackers out. Is the deadbolt a single cylinder (key used only on exterior), or a double cylinder (key needed on inside and outside) lock? A single cylinder lock located right next to a large glass window would provide easy entry after breaking the glass (alteration). Is there an associated alarm system that is actually activated? The presence of alarm equipment does not guarantee that residents turn on the system. Furthermore, some alarms are disconnected and only emit a loud noise. While this may scare an intruder away, he or she still has time to grab property before fleeing.
The overall construction of the door is something that most tenants can do little about. This vulnerability of really only a small piece of the puzzle. The quality of door design is null if users fail to adequately lock the door using the deadbolt. Seemingly the largest vulnerability in this case is human action. For instance, even if a door is well protected, there may be other means of entry. An open window (or a closed,yet unlocked window) or secondary door could prove the main door security measures unimportant. It would be like beefing up security on HTTP ports while ignoring the POP3 port in a computer system.
Attempts to secure the door through multiple and sometimes extreme ways must be tempered by sensitivity to the ease of entry by authorized individuals. Ultimately some risk acceptance is inherent in a system that literally opens doors. Nevertheless, the amount of risk can be reduced and transferred. Installing double-cylinder deadbolts (especially when doors are adjacent to windows or glass panels) and always making use of the deadbolt clearly demonstrate good protocol. By making a home doorway harder to breach homeowners can deter would-be attackers. Risk transference can be achieved by obtaining homeowner's or renter's insurance for property potentially lost to burglary.
alarmsystemreviews.com
homesecurityguru.com
What happens, then, when students live outside of the Notre Dame bubble in the neighborhoods surrounding campus? What measures are used on doors to maintain the security of off campus houses? In this security review, I will assess some common methods of securing the doors and overall safety of an off campus house.
Exterior doors can be equipped with different types of locks (handle locks, single-cylinder deadbolts, double-cylinder deadbolts), construction materials (metal, solid-wood, composites), and sensors (surface door contacts, recessed contacts). Not all methods provide the optimal security condition as the integrity of the physical barrier can be compromised. Ideally for the home owner or resident, the door will of course prohibit unauthorized entry and will not readily expose to view (disclose) the contents of the house. This also addresses the integrity of the house and its residents and associated property. In addition, the door should allow authorized individuals entry.
Would-be attackers would be interested in knowing what methods are used to secure the door. Do the residents make actually use the installed deadbolt lock when leaving? An underutilized deadbolt is pointless in keeping attackers out. Is the deadbolt a single cylinder (key used only on exterior), or a double cylinder (key needed on inside and outside) lock? A single cylinder lock located right next to a large glass window would provide easy entry after breaking the glass (alteration). Is there an associated alarm system that is actually activated? The presence of alarm equipment does not guarantee that residents turn on the system. Furthermore, some alarms are disconnected and only emit a loud noise. While this may scare an intruder away, he or she still has time to grab property before fleeing.
The overall construction of the door is something that most tenants can do little about. This vulnerability of really only a small piece of the puzzle. The quality of door design is null if users fail to adequately lock the door using the deadbolt. Seemingly the largest vulnerability in this case is human action. For instance, even if a door is well protected, there may be other means of entry. An open window (or a closed,yet unlocked window) or secondary door could prove the main door security measures unimportant. It would be like beefing up security on HTTP ports while ignoring the POP3 port in a computer system.
Attempts to secure the door through multiple and sometimes extreme ways must be tempered by sensitivity to the ease of entry by authorized individuals. Ultimately some risk acceptance is inherent in a system that literally opens doors. Nevertheless, the amount of risk can be reduced and transferred. Installing double-cylinder deadbolts (especially when doors are adjacent to windows or glass panels) and always making use of the deadbolt clearly demonstrate good protocol. By making a home doorway harder to breach homeowners can deter would-be attackers. Risk transference can be achieved by obtaining homeowner's or renter's insurance for property potentially lost to burglary.
alarmsystemreviews.com
homesecurityguru.com
Subscribe to:
Posts (Atom)
Posts
