Security researchers are warning administrators to secure their servers in the wake of new Secure Shell (SSH) attacks. Researchers at security firm SANS warned that so-called ‘brute force’ attacks were occurring on a "daily" basis.

The attacks attempt to guess usernames and passwords in an attempt to compromise the server. To help guard against the attacks, SANS researcher Daniel Weseman recommended that administrators help guard against the attacks by making both usernames and passwords more difficult for attackers to guess. SSH server attacks resurface - Security - iTnews Australia

Hackers today use a wide variety of tools and techniques to gain entry into networks across the globe, stealing and destroying confidential data, as well as defacing public websites, writing malicious code, and bringing systems and networks to their knees.

These attacks can sometimes cost companies thousands of dollars in downtime, resources, and manpower, not to mention the possibility of having secret data stolen and leaked. The purpose of this paper is to discuss some of the most common tools and techniques hackers use today, and how you and your company can protect your infrastructure from these attacks, as well as broaden your knowledge on hacking as a whole. The true meaning of hacking is to increase the capabilities of an electronic device, and use it beyond the original intentions of the vendor. Hacking began in the 1960’s, when a group of students at MIT were tweaking electric trains to go faster and be more efficient. Then, it wasn’t long before a group of these guys started using their skills in the mainframes at MIT. In the 1970’s a new type of hacker emerged, called a “phreaker”, who could hack telephone systems and make phone calls for free. By the 1980’s, hackers were starting to use computers more and more, and started using Bulletin Board Systems to share stolen computer passwords & credit card numbers, which led to the Computer Fraud and Abuse Act being passed by Congress in 1986. Once the internet had its surge of users in the 90’s, hacking was becoming more main-stream and the number of hackers around the world started growing rapidly (Hackingalert.com). Infosecwriters.com

Many of these bulletins fix vulnerabilities that could allow remote attackers to take over your computers, so you should apply the updates post haste. I would recommend starting with the Excel patch, which finally fixes a zero day vulnerability reported over a month ago.

Attackers have actively exploited this flaw in the wild, so you’ll want to fix it immediately. Next, install the IE cumulative patch. End users tend to get into a lot of trouble with their web browser, so you should keep IE up to date. Many of the Windows flaws also pose a critical risk, so apply those patches quickly as well. Finally, I’d save the ISA Server update for last. I suspect that few administrators even use this product if they use devices like the Firebox from WatchGuard. WatchGuard Wire: RSS Feed | WatchGuard

Researchers are warning that the Conficker worm has been reprogrammed to strengthen its defences and boost its ability to attack more machines.

Conficker takes advantage of a vulnerability in Microsoft’s software, and has infected at least 3 million PCs and possibly as many as 12 million, making it into a huge botnet and one of the most severe computer security problems in recent years. Botnets can be used to send spam and attack other websites, but they need to be able to receive new instructions. Techworld.com - Conficker reprogrammed for new attack run

The bogus security software programs often offer a free scan that falsely says a user’s computer is infected. If installed, the programs are ineffective against malicious software. Security experts have theorized that those behind the programs reap lucrative profits.

Microsoft detected two Trojan horse programs, Win32/FakeXPA and Win32/FakeSecSen, masquerading as security software on more than 3 million computers in the last six months of 2008, according to the company’s Security Intelligence Report, published every six months. Microsoft: Rogue ’security’ software a rising threat - Network World

Using the Software Security Framework (SSF) introduced in October, we interviewed nine executives running top software security programs in order to gather real data from real programs.Our goal is to create the Building Security In Maturity Model (BSIMM) based on these data, and we’re busy going over what we’ve built with the executives who run the nine initiatives.

In the course of analyzing the data we gathered, we unearthed some surprises that we covered in a previous column. In this column we begin to dig into the maturity model itself, starting with a discussion of nine software security activities that all of the programs we studied carry out as part of their initiatives. Software [In]security: Nine Things Everybody Does: Software Security Activities from the BSIMM | threatpost

The economic crisis has affected virtually every facet of society, and information security is no exception. In a new report titled Unsecured Economies: Protecting Vital Information, researchers from Purdue University’s CERIAS security center lay out the fairly bleak view of what the tough times have done to corporate IT security.

The report finds that intellectual property is particulary vulnerable in a down economy, as workers who either fear losing their job or have just been laid off look for any opportunity to profit. How the economy is hurting security | threatpost

In our continuing series on personal computing security, today we’re talking with Dino A. Dai Zovi. Three years ago, the organizers of CanSecWest started a contest titled Pwn2Own. This contest involved the challenge of exploiting fully-patched retail laptops.

Hack the laptop and you’d win the machine as the prize. Dino A. Dai Zovi was the first person to take down a Mac during the first Pwn2Own. Last year and this year, Charlie Miller took the honor of taking down two fully patched Macs. Dino and Charlie are co-authors on the The Mac Hacker’s Handbook. Security Threat Analysis: Interview With Dino A. Dai Zovi : Introduction - Review Tom’s Hardware

This time we are taking a close look about what things could happen with an infected computer when the running bot receives an specific command about to kill the Operating System. Not all type of bots usually have this functionality, but banking Trojans usually have.

We will take three examples (InfoStealer, Zeus/Zbot and Nethell/Ambler), these are the most common Trojans where we’ve definitely found in their binaries the malicious code that is responsible for the Execution of Windows. S21sec Blog. Seguridad digital.: When a Bot master goes mad - Kill the OS

The FBI’s Internet Crime Complaint Center (IC3) says complaints of online crime hit a record high in 2008, driven mostly by non-delivery of goods and service and those pesky 419 (Nigerian) e-mail scams.

Accordign to a new report (PDF from ic3.gov), the center received a a total of 275,284 complaints, a 33.1% increase over the previous year. The total dollar loss linked to online fraud was $265 million, about $25 million more than in 2007. Online crime complaints hit record high in 2008 | threatpost

After scanning 2 million computers over the past 24 hours, IBM’s Internet Security Systems (ISS) division said Thursday that it had spotted the worm on 4% of the IP addresses it monitored.

Although Conficker is clearly the worst worm outbreak in years, the results came as a surprise, according to Holly Stewart, a threat response manager with ISS. "It is higher than what we expected; I thought we’d see 1% to 2%," Stewart said. IBM sees Conficker hitting 4% of PCs - Network World

Even though April 1st is now history, you would be foolish to think the Conficker worm is no longer a problem. It’s still out there, still causing a nuisance, and could be instructed to activate a payload whenever the hackers choose.

So what you want is a quick and easy way to tell if you might be infected, right? Well, the good news is that besides the myriad of free Conficker removal tools that antivirus companies have come up with, a guy named Joe has come up with something beautiful, simple, and neat that doesn’t involve you installing any software at all! A Quick And Easy Way To Tell If You’re Infected With Conficker - Sophos Labs Insights Blog - Dark Reading

Whether the Conficker worm booms or fizzles, take it as a reminder to keep your networks safe. You could spend money on a security consultant–which isn’t such a bad investment if helpful–but here are three free tricks to increase your network’s security.

Use OpenDNS Internet traffic gets routed through IP addresses; the text you type as a URL only sits on top of those numbers. Normally, when you type "pcworld.com," it gets referenced in a domain name server directory, which then routes you to the actual IP address. 3 Free, Easy Ways To Protect Your Network - Network World

These mini-botnets range in size from tens to thousands versus the hundreds of thousands, or even millions, of bots that the biggest botnets deploy. They are typically specialized and built to target an organization or person, stealing corporate and personal information, often without a trace.

They don’t attract the attention of the big spamming botnets that cast a wide net and generate lots of traffic; instead they strike quietly, under the radar. "There’s definitely specialization [in botnets] these days," says Joe Stewart, senior director of malware research for SecureWorks. "There are botnets designed for fraud, and they have been around for a while and don’t seem to cross over [with the bigger spamming botnets]," he says. Attack Of The Mini-Botnets - DarkReading

The OpenSSL Project has released new versions of its popular implementation of the SSL v2/v3 and TLS protocols to fix three security vulnerabilities.

According to an advisory from the open-source group, the toolkit update fixes three security flaws that carry “moderate severity” ratings. The raw details:
* ASN1 printing crash: The function ASN1_STRING_print_ex() when used to print a BMPString or UniversalString will crash with an invalid memory access if the encoded length of the string is illegal. (CVE-2009-0590. OpenSSL patches three security holes | Zero Day | ZDNet.com

DroneBL a distributed DNS Blacklist service, says in a recent blog post that a botnet named Psybot gained control of approximately one hundred thousand routers and that it became a victim of a distributed denial-of-service (DDoS) attack that was carried out by this botnet.

A botnet consisting primarily of routers is actually rather unusual. Usually Windows PCs are enslaved to act like zombies in a botnet. Psybot seems to have specialised in attacking small home network routers that run an embedded Linux for MIPS CPUs. Botnet based on home network routers - News - The H Security: News and features

Security researchers are sounding the alarm about what they say is a serious and long-known flaw in x86 processors that could prove embarrassing not just for its existence — but for the lack of action taken to address it so far.

Joanna Rutkowska and Rafal Wojtczuk today published a research paper describing a proof-of-concept rootkit that a hacker can install on a system through a vulnerability in Intel CPUs’ caching memory. Researchers Warn on Security Flaw in x86 Chips - InternetNews.com

Aiming to better identify bugs that could lead to security issues, Microsoft announced on Wednesday that it planned to release a tool to help developers classify and assess program crashes.

The tool, known as !exploitable and pronounced "bang exploitable," is a plugin for the Windows debugger that categorizes crash information using two hashes, members of Microsoft’s Security Science group told SecurityFocus in a briefing. Microsoft to release exploitability tool

Landlords, Property owners and Tenants are being urged to secure their windows and doors during the recession. With more properties being vacant and more people out of work, recession related crimes are more likely to be a probability that a possibility.

“We have noticed a larger portion of our call-outs have been related to recession related crime recently. Examples of our recent jobs would include opportunist and planned break-ins, theft of data, theft of equipment” says Jerry from Lockaid, a national security company dealing with emergencies and preventative works. Secure your business from recession related crimes - Security Park news

Online fraud continued to rise last year, driven by the continued uptake of chip and Pin technology on the high street, and the increasing popularity of the channel with consumers, according to the latest annual fraud figures from UK payments association Apacs.

Card not present (CNP) fraud, which represents roughly half of all online fraud, grew by 13 per cent year on year to reach £328.4m in 2008, or 54 per cent of all card fraud losses. Online fraud up, but rate of growth slows - vnunet.com