According to a release on Wednesday from the State Department, law enforcement officials and private parties may soon be able to request personal passport details. Currently, only State Department staffers who have undergone "background security investigation" handle such requests. The change to the State Department's system of records notice, or SORN, affects records dating as far back to 1925 and addresses amendments introduced in 2007 to the Privacy and Security Act of 1974.
Within the last week, two large-scale releases of malicious code have included exploits for a vulnerability that Microsoft patched in April 2006. The weekend's defacement of more than 70,000 Web sites and the installation of an MBR rootkit both require exploitation of the number of older vulnerabilities, including MS06-014. Why bother?
The original security bulletin for MS06-014 was posted back in April 2006. It concerned a flaw within the Microsoft Data Access Components (MDAC), specifically within the RDS.Dataspace ActiveX control, that is part of the ActiveX Data Objects (ADO) distributed in MDAC. Shortly after the patch was … Read more
Security experts warned on Wednesday of a new rootkit aimed at users of the Windows operating system.
The rootkit hides in the Master Boot Record (MBR), or Sector 0 of the hard disk drive where the primary partition entries in its partition table are stored. According to Verisign's iDefense research unit, the rootkit overwrites the existing MBR, making discovery very difficult. A rootkit is a program or group of programs designed to take root or administrator control of a computer without the user knowing.
Security researcher Aaron Weaver claims visiting a random Web site could send unwanted print requests to your nearest office printer.
In a paper published in November (PDF), and cited on Wednesday in a blog by Jeremiah Grossman of White Hat Security, Weaver demonstrates the code necessary for sending a formatted page to a remote network printer, and, in an another example, to an intranet addressable fax machine. Since most network printers are behind the corporate firewall and therefore don't have security enabled, Weaver says that a simple iframe added to an Internet Web site could cause an internal network … Read more
A number of phishing sites have cropped up within the last day using domains previously attributed to the Storm worm botnet. Last fall, Storm was used in a series of pump-and-dump stock spam blasts, including a unique MP3-based spam blast, but researchers at F-Secure don't think the original authors of Storm are necessarily trying something new. F-Secure said Tuesday that "October brought evidence of Storm variations using unique security keys. The unique keys...allow the botnet to be segmented allowing 'space for rent.'" They think phishers are leasing parts of the larger botnet.
F-Secure cites a Halifax … Read more
Joining Yoggie's cool Gatekeeper Pico, a security suite on a USB stick, is the new Firestick Pico, a firewall-only version of the same thing.
As covered previously on Crave, Yoggie's products are essentially security coprocessors. Computers unto themselves, they intercept all Internet traffic going in and out of your computer and scan it for threats. The Gatekeeper products scan for viruses, spam, and other threats, as well as running a bidirectional firewall. The new Firestick is a firewall only.
The benefit to these products is that they free up your computer's processor from running the security processes … Read more
On Wednesday, the SANS Internet Storm Center and others published details about the massive SQL-based Web attack that occurred over the weekend. The attack, says SANS, is similar to a smaller SQL-injection attack seen in November. At least 70,000 sites were compromised in a short period of time, leading some to speculate this was an automated attack.
Yesterday's "big" news was that some major open-source projects have security holes. At least, that's the news that the media reported. Undoubtedly, Microsoft and others will use these results in their competitive documents to suggest that open source is less secure than its proprietary brethren.
This, of course, would be the exact inverse of the lesson to take from the report.
The big news is that we even know. With a proprietary product, no one knows there are gaping security holes...until someone exploits them. Open source makes no attempts to obfuscate its strengths (and weaknesses), letting both the bad guys and the good guys discover the problems, with the latter fixing them more quickly (on average - it depends on the project) than proprietary vendors.
Indeed, of its results Coverity noted:… Read more
StopBadware.org said Tuesday it has labeled the Sears and Kmart community software known as My SHC Community as "badware," or spyware.
The nonprofit organization run by Harvard Law School, Oxford University, and Consumer Reports WebWatch said it cited the Sears Holding Corporation community in particular "because of inadequate disclosure of extensive tracking and data collection and because the application does not identify itself while running."
In response to several accusations that it collects personal information without proper disclosure, My SHC Community has dramatically revised its Web site since last week. It has, among other changes, … Read more
In the realm of companies I wouldn't expect to release an online game, Symantec is right up at the top of the list.
But that's just what the security software firm has done with its Cyber Smackdown online quiz, a Web-based game that tasks players with answering questions related to cyber security.
It's a good idea, and if Symantec had bothered to come up with some difficult questions or even a few dozen different questions, it would have also been a nice manifestation.
Unfortunately, it seems--from my multiple tests of the game on both Safari and Firefox, … Read more