security

Norton AntiBot goes into public beta

These days, criminal enterprises don't just want to steal your Outlook contact list, they want to own your computer, and they will download a remote-access Trojan horse at the first available opportunity. Within the last six months, Symantec has seen the number of these "bot" infections increase 29 percent over the previous six months. That's why Symantec is rushing to market a new application they're calling Norton AntiBot.

While most antivirus applications today provide adequate protection against spyware and malware, once these are removed, your machine is vulnerable to new and different variations of the … Read more

Microsoft OneCare did/did not improve in recent AV tests

After finishing dead last in a comparative antivirus test, Microsoft Windows Live OneCare recently garnered some positive press. The latest tests performed by AV-Comparatives.org seem to show an improvement, with OneCare moving up two places. While OneCare is certified by West Coast Labs and ICSA, it is the competitive independent antivirus testing results that mean more in terms of how well a product performs in the real world against real malware. Thus, some might argue that things are looking up for the nascent Redmond antimalware team.

That's until you look closer at the tests. AV-Comparatives performed two different … Read more

Yahoo IM hit with critical security flaws

A number of highly critical security flaws have been found in the latest version of Yahoo Messenger, which could allow attackers to gain remote access to users systems, according to a security advisory issued by eEye Digital Security.

The vulnerabilities affect Yahoo Messenger versions 8.1 and 8.0, running on Windows, eEye stated in its "upcoming advisories."

Although eEye does not disclose extensive details about vulnerabilities until the respective vendor develops a patch, the security researcher did note the Yahoo IM flaws requires little user interaction for an attacker to exploit the vulnerabilities.

"It's the … Read more

Microsoft security nirvana?

It is common knowledge that IT security is made up of isolated security islands that don't talk to each other and must be managed on a one-off basis.

Why is this? Best I can figure is that it is a historical combination of budget and behavior. Security budgets are notoriously tight, so tools tend to be brought in on an as-needed basis. As for behavior, security professionals grew up with a "best of breed" mindset. If security widgets 1 and 2 are deemed to be the best products available, they buy them. Security benefits tend to trump … Read more

Will Osama use Google Earth against us?

In the wrong hands, could Google Earth become a weapon of mass destruction?

That question has been floated in the aftermath of last week's FBI apprehension of four suspects charged with attempting to explode oil pipelines at New York's John F. Kennedy airport.

At a press conference announcing three of the the arrests, FBI officials said one of the plotters, Abdul Kadir, directed his associates to consult Google aerial images of Kennedy Airport as they went about their planning. Inevitably, this raised questions about whether the various online mapping services offered by the likes of Google, Yahoo and … Read more

Google Desktop vulnerable to attack

Security researcher Robert Hansen, aka RSnake, has published details of a new attack on Google Desktop. Basically, Hansen found a man-in-the-middle attack, this time placing an attacker between Google and someone launching a desktop search query. From this position, the attacker is able to manipulate the search results and possibly take control of other programs on the desktop.

The attack scenario plays out like this: a user of Google Desktop makes a search query that is intercepted by an attacker. The attacker then injects Javascript that creates an invisible IFrame on the target URL page as well as makes the … Read more

Evasive Web attacks are on the rise, says Finjan

Criminal hackers are flying well below the radar these days with a new technique that, according to security vendor Finjan, marks a new level of sophistication among criminal hackers. Documenting this trend in its latest Web Security Trends Report, Finjan calls these "evasive attacks" because of their stealth-like quality. First, criminal hackers use a cross-site scripting attack to place an IFrame that calls down malicious code on a popular Web site. That part is not new. What is new is the fact that the end-user is hit with the malicious code only once, making it hard for network … Read more

Report: JFK terror plotters used Google Earth

One of the four terror suspects in an alleged plot to blow up fuel tanks and a gas pipeline at New York City's John F. Kennedy International Airport recommended Google Earth as a way to obtain detailed aerial photographs, according to a court complaint obtained by The Smoking Gun.

The "JFK plot" made headlines on Saturday when U.S. officials announced that they had charged four men, one of whom remains at large, in a nascent plot to target fuel tanks and a gas pipeline at the high-traffic airport. The court document in question describes a May … Read more

New vulnerabilities hit Firefox and Internet Explorer

Security researcher Michal Zalewski has published four new vulnerabilities to the Full Disclosure mailing list for Microsoft Internet Explorer and Mozilla Firefox. There are no patches yet available from either vendor. The most serious is MSIE page update race condition, where users navigating with JavaScript from one page to another page with the same domain experience a window of opportunity for attackers to concurrently execute JavaScript to perform actions with the permissions of the previous page.

The next most severe is Firefox Cross-site IFRAME hijacking where an attack against about:blank frames could allow malicious code execution. Zalewski also published … Read more