Archive for December, 2007
New Bot Attack begins today…..Heads up: http://isc.sans.org
Anticipated Storm-Bot Attack Begins
Published: 2007-12-24,
Last Updated: 2007-12-24 03:41:39 UTC
by Kevin Liston (Version: 2)
Overview and Blocking Information
Shortly after 0000 GMT 24-DEC-2007 reports came in indicating that the Storm Botnet was sending out another wave of attempts to enlist new members. This version is a Christmas-themed stripshow directing victims to merrychristmasdude.com.
The message comes in with a number of subjects:
Subject: I love this Carol!
Subject: Santa Said, HO HO HO
Subject: Christmas Email
Subject: The Perfect Christmas
Subject: Find Some Christmas Tail
Subject: Time for a little Christmas Cheer
The body is something similar to:
do you have a min? This Christmas, we want to show you something you will really enjoy. Forget all the stress for two min and feast your eyes on these.No commentshttp://merry christmasdude.com/
Antivirus protection worse than a year ago
Repost From: http://www.heise-security.co.uk/news/100900
The effectiveness of antivirus software has fallen off, and more and more pests can now slip past these barriers. This is the sobering conclusion the german computer magazine c’t comes to in issue 1/08 with a test on 17 antivirus solutions. For the first time, c’t also tested the behavioural blocking system they use.
In standard tests, the virus scanners have to recognize known malware. When tested by c’t with more than a million pests that have appeared over the last six months, Avira Antivir and Gdata Antivirus 2008 identified over 99 per cent by their signatures, but Avast, AVG Anti Malware and BitDefender also achieved very good results.
For real protection, however, in view of the flood of new malware, the way these programs cope with new and completely unfamiliar attacks is more important. And that’s where almost all of the products performed significantly worse than just a year ago. The typical recognition rates of their heuristics fell from approximately 40-50 per cent in the last test - at the beginning of 2007 - to a pitiful 20-30 per cent. Only NOD32, with 68 per cent, still delivered a good result, while BitDefender, with 41%, could be called satisfactory.
One reason why almost all of the scanners did worse in these heuristics tests than a year ago is certainly the professionalization of the malware scene: more time and energy are being invested in slipping this stuff past protective software. What is worrying, however, is the fact that recognition rates of virus variants created experimentally by c’t also fell significantly. Virtually all of the scanners missed variants of viruses they had identified a year earlier.
Finally, and for the first time, c’t also systematically tested the protective function based on behavioural blocking. To do this, they ran twelve handpicked pests on systems with antivirus software installed and subsequently analysed them for any residues. Such tests require enormous effort as they cannot be automated, and a suitable virtual environment has to be created for each example, in which it could, for example, reload further components.
Only F-Secure was able to perform convincingly in the behavioural blocking test, fending off all the pests. Kaspersky and Bitdefender showed promising approaches, but only in individual cases were they able to prevent infection. Gdata, Norton, Microsoft and Trend Micro did at least monitor particular system resources, but only in exceptional cases was that enough to keep the system really clean. More than half of the virus detectors were overtaxed in this respect and had nothing with which to counter an infection of the system.
Other worrying test results are the longer latency times caused by the antivirus guards in comparison with the previous year, and the markedly higher false-alarm rate. The full test is only available in German at the moment, in print form, in c’t 1/08. The article Antivirus software as a malware gateway discusses the underestimated danger of protective software mutating into a gateway for pests.
See also:
- Antivirus software as a malware gateway article on heise Security
- Thou shalt not create new viruses comment on heise Security
- Antivirus service pages of heise Security
Secunia PSI - New Release
Purpose of the Secunia PSI
The Secunia PSI is an invaluable tool for you to use when assessing the security patch state of software installed on your system. It constantly monitors your system for insecure software installations, notifies you when an insecure application is installed, and even provides you with detailed instructions for updating the application when available.
It is NOT the purpose of the Secunia PSI to detect whether your system has already been compromised or if local changes, settings, or missing requirements could cause the Secunia PSI to report incorrect results. The Secunia PSI relies on the meta-data of executables and library files. The Secunia PSI does NOT conduct an integrity check of the individual files, rather, it checks whether a specific program is vulnerable according to the reported version numbers and not whether the files have been compromised or replaced by other users or programs.
The Secunia PSI is not a replacement for other security measures such anti-virus or personal firewalls, the Secunia PSI is a great supplement to other security measures such as anti-virus and personal firewalls as it helps preventing exploitation of often overlooked exposures.
Additionally, it is important to understand that the process of identifying insecure software installations on any system involves many different factors and, in rare cases, may result in incorrect detections. Should you encounter such a situation, please send us your feedback and all relevant information at support@secunia.com.
How does the Secunia PSI work
The Secunia PSI works by examining files on your computer (primarily .exe, .dll, and .ocx files). These files contain non-specific meta information provided by the software vendor only. This data is the same for all users, and originates from the installed programs on your computer - never from their configuration. Please read the privacy statement available at the bottom of this page and through the Secunia PSI application for more details about how information from your computer is used by Secunia.
After examining all the files on your local hard drive(s), the collected data is sent to Secunia’s servers, which match the data against the Secunia File Signatures engine (https://psi.secunia.com/) to determine the exact applications installed on your system.
This information can then be used to provide you with a detailed report of the missing security related updates for your system.
Knight Rider 2.0 - Popular Mechanics Exclusive
Under the Hood With Knight Rider 2.0: Trans Am vs. Ford Mustang (Featuring Exclusive New KITT Specs—and Classic Hasselhoff!)
http://www.popularmechanics.com/automotive/new_cars/4237588.html
By Chuck Tannert
Photographs Courtesy of NBC
Published on: December 20, 2007
If you were a child of the 1980s, or are just a fan of very-late-night cable television, then you’ve most likely seen Michael Knight (played by a pre-Baywatch David Hasselhoff) and his chatty supercar sidekick, KITT (Knight Industries Two Thousand), do battle with bad guys on the small-screen action-adventure show Knight Rider.
At first glance, KITT appeared to be a sporty 1982 Pontiac Trans Am, fresh off the assembly line. But thanks to a little Hollywood razzle-dazzle, the car transformed into a virtually indestructible machine—possessed with advanced artificial intelligence that allowed it to accept voice control commands, interact with "The Hoff" and make decisions on its own. In fact, the car’s AI was so advanced that KITT formed a kind of personality, which is what has endeared the "car" to millions of auto geeks in a way the Batmobile never could be. But when the show was shelved in 1986, so was KITT.
Last week, NBC unveiled an all-new, controversial KITT, which is set to star in the made-for-TV Knight Rider movie in February. Based on the still-to-be-released Ford Mustang Shelby GT500KR (click here for engine-revving video), this virtual Stang comes tricked out with a supercomputer that can hack almost any system; a very capable weapons system; and a body—thanks to nanotechnology—that’s able to shape-shift and change color at will. Like its predecessor, the 21st century KITT gets AI from digital effects wizards that makes it an ideal crime-fighting partner: logical, precise and infinitely smart.
Designer Harald Belker, who has created the Batmobile for Batman and Robin and a next-gen space shuttle for Armageddon, came onboard to give the new KITT. a unique look. "The goal was to make it look more aggressive without being hokey or garish," Belker says. "Maintaining as much of the original beauty of the Shelby as possible was important—and not just because of the Ford connection. It had to be simple yet believable as a superhero." Once his vision was set, Belker turned to Ted Moser from Picture Car Warehouse to make his drawings come to life. But there was one big hurdle: The GT500KR doesn’t technically exist quite yet. "So we had to finish their design first," Moser says. "Then we brought in a prop maker to create side skirts and spoilers out of wood, smooth them out, and sent them to a fiberglass shop to make molds. Once the parts are formed from those molds, we finish them and attach them to the car."
One of the cooler features of the Mustang KITT is air-ride suspension, which allows its driver to lower the car’s ride height when the vehicle morphs from Hero to Attack mode. "When it goes on the offensive, it gets slammed to the ground," Moser chuckles. Very aggressive, indeed. There will be three models used in filming: Hero (essentially a stock GT500KR); Attack (the tricked-out model); and Remote Control (operated via RC, obviously). "All of the ‘transforming’ will be done through CGI animation like in the Transformers movie," Moser admits. (Click here for behind-the-scenes digital wizardry from this summer’s blockbuster flick.)
For all you Trans Am holdouts, Mustang droolers and Hasselhoff haters, here’s the very first look at all of the new KITT’s gee-whiz specs and functionality, matched up to the original to determine which is better equipped for Hollywood crime-fighting.
KITT vs. KITT Spec Breakdown!
KNIGHT INDUSTRIES TWO THOUSAND: 1982 Pontiac Trans Am
KNIGHT INDUSTRIES THREE THOUSAND: 2008 Ford Mustang Shelby GT500KR
Trans-Am
Vehicle Type: Front engine, rear-wheel drive, two-door coupe
Engine Type: Knight Industries turbojet with modified afterburners
Transmission: Eight-speed microprocessor turbodrive with autopilot
Price New: $11,400,000 (est.)
Acceleration: 0 to 60 mph: 0.2 seconds with power boosters. Standing quarter mile: 4.286 seconds
Braking (70 to 0 mph): 14 ft.
Fuel Economy: Classified, but thought to be 200 mpg
Mustang
Vehicle Type: Front engine, on-demand all-wheel drive, two-door coupe
Engine Type: Aluminum block/titanium heads 5.4-liter V8 internal combustion with Whipple supercharger and Knight Industries liquid air cycle auxiliary turbine engine. 540 hp in Hero mode. Power output can’t be measured in Attack mode.
Transmission: Continuously variable transmission with infinite power band
Price New: $45.6 million, as tested
Acceleration: 0 to 60 mph: 1.77 seconds. Standing quarter mile: 3.87 seconds
Braking (300 to 0 mph): 12 ft.
Fuel Economy: Not testable
SPECIAL FEATURES COMPARISON - Click HERE
No commentsEpisode 68: Globular Clusters
Episode 68: Globular Clusters
Episode 68: Globular Clusters
Security Now 123: JungleDisk - Sponsored by Astaro Corp.
Hosts: Steve Gibson with Leo Laporte
Steve interviews Dave Wright of JungleDisk, a data storage optimization product for Amazon's S3.
For 16kpbs versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Security Now is brought to you by Astaro Internet Security.
Bandwidth for Security Now! is provided by AOL Radio.
Running time: 46:17
No comments