Archive for the 'General News' Category
New Bot Attack begins today…..Heads up: http://isc.sans.org
Anticipated Storm-Bot Attack Begins
Published: 2007-12-24,
Last Updated: 2007-12-24 03:41:39 UTC
by Kevin Liston (Version: 2)
Overview and Blocking Information
Shortly after 0000 GMT 24-DEC-2007 reports came in indicating that the Storm Botnet was sending out another wave of attempts to enlist new members. This version is a Christmas-themed stripshow directing victims to merrychristmasdude.com.
The message comes in with a number of subjects:
Subject: I love this Carol!
Subject: Santa Said, HO HO HO
Subject: Christmas Email
Subject: The Perfect Christmas
Subject: Find Some Christmas Tail
Subject: Time for a little Christmas Cheer
The body is something similar to:
do you have a min? This Christmas, we want to show you something you will really enjoy. Forget all the stress for two min and feast your eyes on these.No commentshttp://merry christmasdude.com/
Antivirus protection worse than a year ago
Repost From: http://www.heise-security.co.uk/news/100900
The effectiveness of antivirus software has fallen off, and more and more pests can now slip past these barriers. This is the sobering conclusion the german computer magazine c’t comes to in issue 1/08 with a test on 17 antivirus solutions. For the first time, c’t also tested the behavioural blocking system they use.
In standard tests, the virus scanners have to recognize known malware. When tested by c’t with more than a million pests that have appeared over the last six months, Avira Antivir and Gdata Antivirus 2008 identified over 99 per cent by their signatures, but Avast, AVG Anti Malware and BitDefender also achieved very good results.
For real protection, however, in view of the flood of new malware, the way these programs cope with new and completely unfamiliar attacks is more important. And that’s where almost all of the products performed significantly worse than just a year ago. The typical recognition rates of their heuristics fell from approximately 40-50 per cent in the last test - at the beginning of 2007 - to a pitiful 20-30 per cent. Only NOD32, with 68 per cent, still delivered a good result, while BitDefender, with 41%, could be called satisfactory.
One reason why almost all of the scanners did worse in these heuristics tests than a year ago is certainly the professionalization of the malware scene: more time and energy are being invested in slipping this stuff past protective software. What is worrying, however, is the fact that recognition rates of virus variants created experimentally by c’t also fell significantly. Virtually all of the scanners missed variants of viruses they had identified a year earlier.
Finally, and for the first time, c’t also systematically tested the protective function based on behavioural blocking. To do this, they ran twelve handpicked pests on systems with antivirus software installed and subsequently analysed them for any residues. Such tests require enormous effort as they cannot be automated, and a suitable virtual environment has to be created for each example, in which it could, for example, reload further components.
Only F-Secure was able to perform convincingly in the behavioural blocking test, fending off all the pests. Kaspersky and Bitdefender showed promising approaches, but only in individual cases were they able to prevent infection. Gdata, Norton, Microsoft and Trend Micro did at least monitor particular system resources, but only in exceptional cases was that enough to keep the system really clean. More than half of the virus detectors were overtaxed in this respect and had nothing with which to counter an infection of the system.
Other worrying test results are the longer latency times caused by the antivirus guards in comparison with the previous year, and the markedly higher false-alarm rate. The full test is only available in German at the moment, in print form, in c’t 1/08. The article Antivirus software as a malware gateway discusses the underestimated danger of protective software mutating into a gateway for pests.
See also:
- Antivirus software as a malware gateway article on heise Security
- Thou shalt not create new viruses comment on heise Security
- Antivirus service pages of heise Security
Secunia PSI - New Release
Purpose of the Secunia PSI
The Secunia PSI is an invaluable tool for you to use when assessing the security patch state of software installed on your system. It constantly monitors your system for insecure software installations, notifies you when an insecure application is installed, and even provides you with detailed instructions for updating the application when available.
It is NOT the purpose of the Secunia PSI to detect whether your system has already been compromised or if local changes, settings, or missing requirements could cause the Secunia PSI to report incorrect results. The Secunia PSI relies on the meta-data of executables and library files. The Secunia PSI does NOT conduct an integrity check of the individual files, rather, it checks whether a specific program is vulnerable according to the reported version numbers and not whether the files have been compromised or replaced by other users or programs.
The Secunia PSI is not a replacement for other security measures such anti-virus or personal firewalls, the Secunia PSI is a great supplement to other security measures such as anti-virus and personal firewalls as it helps preventing exploitation of often overlooked exposures.
Additionally, it is important to understand that the process of identifying insecure software installations on any system involves many different factors and, in rare cases, may result in incorrect detections. Should you encounter such a situation, please send us your feedback and all relevant information at support@secunia.com.
How does the Secunia PSI work
The Secunia PSI works by examining files on your computer (primarily .exe, .dll, and .ocx files). These files contain non-specific meta information provided by the software vendor only. This data is the same for all users, and originates from the installed programs on your computer - never from their configuration. Please read the privacy statement available at the bottom of this page and through the Secunia PSI application for more details about how information from your computer is used by Secunia.
After examining all the files on your local hard drive(s), the collected data is sent to Secunia’s servers, which match the data against the Secunia File Signatures engine (https://psi.secunia.com/) to determine the exact applications installed on your system.
This information can then be used to provide you with a detailed report of the missing security related updates for your system.
"Insufficient System Resources Exist to Complete the API"
Have you seen this before when trying to shutdown or hibernate/standby - especially if you have a laptop with more than one gig of RAM then this could be your solution.
Mine was so bad I would throw it in my bag and it would bounce between on and off states then basically overheat in the bag when it was trying to keep everything running.
Install this update to fix a situation where the computer does not hibernate and you receive an "Insufficient System Resources Exist to Complete the API" error message. After you install this item, you may have to restart your computer.
No commentsIs this the way to start a day at work?
The Number of the Spam Devil!
I have to say for a day that started with the above it ended up being just a normal day….
No more days like this in the future thou as all my servers are now updated with the latest spam assassin and vipul razor now and everyone is much happier.
No commentsThe Dawn of the supersonic business jet……
In the near future, it will be possible to take off from Paris at 8 a.m. for a breakfast
meeting in Manhattan. And to fly from the East Coast of North America to Asia in just nine and a half hours.
It will be possible to traverse the United States at .98 Mach, with operating costs equivalent to today’s large business jets. And to access all the airports where most business jets operate now, while meeting applicable noise and emissions regulations.
A new approach to supersonic design makes it possible. It is like nothing that has come before, but may well herald the shape of business travel for decades into the future.
It is the Aerion supersonic business jet. Welcome aboard.
What might a flight in the Aerion supersonic business jet be like? Let’s consider a trip from Chicago to London.
Eight passengers board for a 12 noon departure. Minutes later the plane is lined up on Midway’s 6,500-foot runway 4R. Twin Pratt & Whitney JT8D-219 engines provide a prodigious kick in the pants and the nose wheel lifts off at 147 knots. You are up and away.
Fifteen minutes later, somewhere over Lake Huron and about 150 miles down range, you level at 45,000 feet. Speed builds quickly to .98 Mach, which is maintained until crossing into Labrador, Canada. And here comes the fun part. The throttles go forward and you are suddenly through Mach 1 and accelerating to Mach 1.5 over the next 167 nautical miles. Passengers can marvel at the bulkhead flight data display as the speed builds, or gather around a conference table for a meeting. Or perhaps trade e-mails with the home office.
Once at cruise speed, the pilots climb to the final altitude of Flight Level 510 for a quick Atlantic crossing (about two hours). A working lunch is served.
Approaching Ireland, the pilots throttle back to just shy of Mach 1 and prepare for the approach into Farnborough. In the back, passengers finish up calls stateside, where the work day is just concluding. Landing time is about 10:45 p.m. local (five hours and 42 minutes after takeoff). Still time for a night cap in the hotel lounge and a good night’s rest before a busy day. The worst effects of jet lag have been avoided by not flying through the night and a productive day has been preserved.
Firefox 3 Beta 1 now available for download
Firefox 3 Beta 1 now available for download
Please note: We do not recommend that anyone other than developers and testers download the Firefox 3 Beta 1 milestone release. It is intended for testing purposes only.
Firefox 3 Beta 1 is now available for download. This is the ninth developer milestone focused on testing the core functionality provided by many new features and changes to the platform scheduled for Firefox 3. Ongoing planning for Firefox 3 can be followed at the Firefox 3 Planning Center, as well as in mozilla.dev.planning and on irc.mozilla.org in #granparadiso.
New features and changes in this milestone that require feedback include:
- Improved security features such as: better presentation of website identity and security, malware protection, stricter SSL error pages, anti-virus integration in the download manager, and version checking for insecure plugins.
- Improved ease of use through: better password management, easier add-on installation, new download manager with resumable downloading, full page zoom, animated tab strip, and better integration with Windows Vista and Mac OS X.
- Richer personalization through: one-click bookmarking, smart search bookmark folders, direct typing in location bar searches your history and bookmarks for URLs and page titles, ability to register web applications as protocol handlers, and better customization of download actions for file types.
- Improved platform features such as: new graphics and font rendering architecture, major changes to the HTML rendering engine to provide better CSS, float-, and table layout support, native web page form controls, colour profile management, and offline application support.
- Performance improvements such as: better data reliability for user profiles, architectural improvements to speed up page rendering, over 300 memory leak fixes, and a new XPCOM cycle collector to reduce entire classes of leaks.
(You can find out more about all of these features in the “What’s New” section of the release notes.)
Testers can download Firefox 3 Beta 1 builds for Windows, Mac OS X and Linux in over 20 different languages. Please be sure to read the full release notes before using this preview release. Developers should look at the Firefox 3 for Developers article on the Mozilla Developer Center.
No commentsHushmail Passing PGP Keys to the US Government
Hushmail Passing PGP Keys to the US Government
from Slashdot by Zonk
teknopurge writes "Apparently Hushmail has been providing information to law enforcement behind the backs of their clients. Billed as secure email because of their use of PGP, Hushmail has been turning over private keys of users to the authorities on request. ‘DEA agents received three CDs which contained decrypted emails for the targets of the investigation that had been decrypted as part of a mutual legal assistance treaty between the United States and Canada. The news will be embarrassing to the company, which has made much of its ability to ensure that emails are not read by the authorities, including the FBI’s Carnivore email monitoring software.’"
Read more of this story at Slashdot.
No comments