[JP] Internet and Computer Security

Hackers target unpatched Adobe Reader, Acrobat flaw

2010-02-21T12:30:00.001+07:00

Adobe Systems Inc. said Monday it is investigating reports that attackers are exploiting a previously unidentified security hole in its Acrobat and PDF Reader software to break into vulnerable computers.

The acknowledgment coincided with an alert published by the Shadowserver Foundation, a nonprofit group that tracks the spread of malicious programs that criminals use to control infected systems remotely. Shadowserver member Steven Adair said the flaw is present in the most recent versions of Adobe Acrobat and Reader.

Adair warned that security experts have observed cyber crooks using the vulnerability in targeted attacks since at least Dec. 11, but that more widespread attacks are likely to emerge over the next few weeks. In addition, few anti-virus vendors currently detect malicious PDF files harboring this exploit.

At the moment, there is no patch available for this flaw, and Adobe's brief advisory offers little in the way of mitigation advice.

However, Internet users can protect themselves from this attack in a couple of ways. First, this exploit doesn't work unless users have Javascript enabled in Adobe Acrobat/Reader.To disable Javascript, click "Edit," then "Preferences" and then "Javascript," and uncheck "Enable Acrobat Javascript."

As an alternative to Adobe, I generally recommend the free and lightweight Foxit Reader. But there are other free PDF readers, including Sumatra PDF and PDF-XChange Viewer.

http://voices.washingtonpost.com/securityfix/2009/12/hackers_target_unpatched_adobe.html?wprss=securityfix

TJX Hacker Indicted in Heartland, Hannaford Breaches

2009-08-24T11:54:00.000+07:00

A federal grand jury has indicted three individuals for allegedly hacking into credit and debit card payment processing giant Heartland Payment Systems last year, as part of an investigation the Justice Department is calling the largest identity theft case ever prosecuted.

According to indictments returned Monday in a New Jersey federal court, the government believes the same individuals were involved in a string of high-profile data breaches between October 2006 and May 2008, including intrusions at Hannaford Brothers Co., and 7-Eleven, Inc.

In total, the government alleges the hackers stole data on more than 130 million credit and debit cards from Princeton, NJ-based Heartland.

Read the full story, at this link here. A copy of the indictment is available here.

http://voices.washingtonpost.com/securityfix/2009/08/heartland_payment_systems_hack.html?wprss=securityfix

Security Patch Catchup: Java, Safari & OS X

2009-08-24T10:11:00.003+07:00

Security Fix took a mini-vacation last week, but that's all it takes to fall behind in important software security updates. Here's a quick pointer to some recent updates that have recently happened.
The last time I wrote about Java updates was at Update 13, but as several readers have pointed out, the latest version is now Update 16. Near as I could tell, Updates 14 and 16 did not include security updates. Indeed, Java maker Sun Microsystems says users who have Java SE 6 Update 15 have the latest security fixes and do not need to upgrade to version 16 to be current on security fixes.

However, Update 15 shipped fixes for a number of serious security holes, so if you've got an earlier version of this program installed, take a few minutes to update. Don't know whether you have Java or what version you may have? Visit this link.

Unfortunately, Sun still hasn't made the process of updating Java as easy as it should be. When I tried to update one of my Vista machines from Update 13 using the Windows Control panel (by clicking the Java icon, then the Update tab, and then the "Update Now" button), the updater told me I had the latest version installed.

To grab the latest version, I have to download and run a full installer from Java.com. The installer by default tries to install one of several programs the company has a deal with (mine offered the Yahoo! toolbar), so if you don't want the extra software be sure to deselect that option.

Apple also recently released several important updates. Among them was an update for the Safari Web browser that fixes at least six security holes. This patch brings Safari to version 4.0.3. Updates are available for Mac and Windows versions. Mac users can grab the update from Apple Downloads or Software Update, while Windows Safari users will need to use the bundled Apple Software Update tool.

In addition, Apple has released an update that corrects an important security vulnerability in Mac OS X 10.4 and 10.5 systems. That update is available through the Mac's built-in Apple Software Update feature.

http://voices.washingtonpost.com/securityfix/2009/08/security_patch_catchup.html?wprss=securityfix

Induc Virus Abuses Delphi Compiler

2009-08-24T09:50:00.001+07:00

The W32/Induc virus has been in the wild for at least a year. During this period it has succeeded in infecting a lot of Delphi installations, including manufacturers of some pretty popular software packages.

On a victim’s machine this virus searches for the presence of a specific version (4.0, 5.0, 6.0 and 7.0) of the Delphi compiler. The virus gathers this information using the registry entry below.

Read More ...
http://www.avertlabs.com/research/blog/index.php/2009/08/19/induc-virus-abuses-delphi-compiler/

Scammers Love Your Money

2009-08-24T09:47:00.000+07:00

We generally classify email messages pretending to be from a family member of a (often African) dignitary or from a desperate young woman as scams. In the first case, the sender sometimes explains that following the death of an influential dignitary a large sum of money is blocked in a bank account somewhere. With the recipient’s help and using his or her financial backing for a money transfer, the sender says that it would be possible to release the money. Substantial compensation is offered to whoever agrees. In the second case, the unknown beauty becomes a friend with the victim and suddenly has a terrible money problem.

For some individuals, these swindles, called advance fee fraud (also known as 419 fraud) and romance scam, are a primary source of revenue. They also employ lottery and fake price scams.

Read More ...

http://www.avertlabs.com/research/blog/index.php/2009/08/17/scammers-love-your-money/

Introducing the IEEE Industry Connections Security Group

2009-08-24T09:44:00.000+07:00

Agreement and collaboration have been two of the greatest challenges the security community has faced from the very beginning. In an effort to address this, The Industry Connections Security Group (ICSG), a new offering from the IEEE, allows like-minded companies to come together to solve industry or business problems that center on information security. Industry Connections is a program under the IEEE that allows for a fast start-up toward industry collaboration. It also offers the support and infrastructure of an established and well known brand—the IEEE itself. This effort will allow the group to focus on the work of security standards and problem solving, rather than being slowed down with issues such as incorporation or intellectual property matters. McAfee is proud to be a founding member of this effort.

Read More ...

AVG Internet Security SBS Edition 8.5.322 + Serial

2009-04-25T09:35:00.002+07:00

AVG Internet Security SBS ensure complete security protection against all of the most serious Internet threats, including viruses, worms, trojans, spyware, adware, hackers and spam. AVG Internet Security SBS 8.5, includes the most recent anti-virus, anti-spyware, anti-spam , Anti-Rootkit , Web Shield & LinkScanne and firewall technologies with reliable automatic updates while consuming a low level of computer resources for convenient use.

Download : AVG Internet Security SBS Edition 8.5.322

Serial:

8MEH-RF22Z-ANQGS-QDWMR-2ECTN-BEMBR-ACED

8MEH-RJR4R-7WKJ6-NL3DA-C3DZF-JEMBR-ACED

8MEH-RGHD3-SUAUO-SXPWA-P92GQ-9EMBR-ACED

AVG Anti-Virus SBS Edition 8.5.322 + Serial

2009-04-25T09:29:00.002+07:00

AVG Anti-Virus SBS ensure complete security protection against all of the most serious Internet threats, including viruses, worms, trojans, spyware, adware, and hackers . AVG Anti-Virus SBS 8.5, includes the most recent anti-virus, anti-spyware, Anti-Rootkit , Web Shield & LinkScanne and firewall technologies with reliable automatic updates while consuming a low level of computer resources for convenient use.

Download : AVG Anti-Virus SBS Edition 8.5.322

Serial:

8MEH-RJR4R-7WJJ6-NL3DA-CYVWB-JEMBR-ACED

8MEH-RJXR4-2CBYP-2GB3A-DBLAA-PEMBR-ACED

8MEH-RE6B8-SRJ4Z-A489R-9832J-EEMBR-ACED

Kaspersky Internet Security 2010 v9.0.0.323 Beta

2009-04-25T09:22:00.003+07:00

Kaspersky Anti-Virus 2010 – the backbone of your PC’s security system, offering protection from a range of IT threats. Kaspersky Anti-Virus 2010 provides the basic tools needed to protect your PC.

Kaspersky Internet Security 2010 – the all-in-one security solution that offers a worry-free computing environment for you and your family. Kaspersky Internet Security 2010 has everything you need for a safe and secure Internet experience.

Kaspersky Internet Security 9.0 – is a new line of Kaspersky Labs products, which is designed for the multi-tiered protection of personal computers. This product is based on in-house protection components, which are based on variety of technologies for maximum levels of user protection regardless of technical competencies. This product utilizes several technologies, which were jointly developed by Kaspersky Labs and other companies; part of them is implemented via online-services.

Our products for home and home office are specifically designed to provide hassle-free and quality protection against viruses, worms and other malicious programs, as well as hacker attacks, spam and spyware.

During product preparation several competitor offerings were considered and analyzed - firewalls, security suites systems, which position themselves as proactive in defence and HIPS systems. Combination of in-hosue innovative developments and results from analysis gathered through the industry allowed to jump onto a new level of protection for personal users, whereby offering even more hardened and less annoying computer protection from all types of electronic threats – malicious programs of different types, hacker attacks, spam mailings, program-root kits, phishing emails, advertisement popup windows etc.

Download : Kaspersky Internet Security 2010 v9.0.0.323 Beta

AVG Internet Security 8.0 Build 229a1410

2009-01-11T15:20:00.001+07:00

AVG Internet Security ensure complete security protection against all of the most serious Internet threats, including viruses, worms, trojans, spyware, adware, hackers and spam. AVG Internet Security 7.5, includes the most recent anti-virus, anti-spyware, anti-spam and firewall technologies with reliable automatic updates while consuming a low level of computer resources for convenient use.

Download : AVG Internet Security 8.0 Build 229a1410 (50.1 MB)

Apple deletes Mac antivirus suggestion

2008-12-09T13:12:00.001+07:00

Updated 7:45 p.m. PST with expert comment, at 7:20 p.m. PST with context on previous coverage, and at 7:08 p.m. PST with background.

Apple removed an old item from its support site late Tuesday that urged Mac customers to use multiple antivirus utilities and now says the Mac is safe "out of the box."

"We have removed the KnowledgeBase article because it was old and inaccurate," Apple spokesperson Bill Evans said.

"The Mac is designed with built-in technologies that provide protection against malicious software and security threats right out of the box," he said. "However, since no system can be 100 percent immune from every threat, running antivirus software may offer additional protection."

Apple's previous security message in its KnowledgeBase, which serves as a tutorial for Mac users, was: "Apple encourages the widespread use of multiple antivirus utilities so that virus programmers have more than one application to circumvent, thus making the whole virus writing process more difficult."

Security experts, while pleased that Apple would urge Mac users to install antivirus software, had warned that running multiple antivirus products could cause problems and recommended against it.

Apple's antivirus support note was initially published last year and was updated last month, despite reports that it was a new note.

One Apple expert speculated that Apple was merely removing a poorly worded support note and said it probably wasn't ever Apple's intention to tell Mac users they need antivirus.

"I bet you it was a low-level support note and it hadn't gone through the right approvals," said Rich Mogull, security editor of Apple news site TidBITS. "That's my guess."

To some, Apple's latest move will be seen as back-tracking given that it comes one day after those misleading reports circulated. The motive remains unclear, particularly because Apple didn't replace the previously published suggestion with an updated one.

The message that remains is that Mac users don't really need to take additional steps to protect against viruses and other malware. Telling customers they can run antivirus for "additional protection" could be interpreted as a way to protect against any liability.

There are no known viruses in the wild that exploit a vulnerability in the Mac OS, and Windows continues to be the overwhelming preference for malware writers to target their programs. But malware isn't just taking advantage of operating system weaknesses anymore. In fact, the majority of such threats now come from code that targets weaknesses in browsers and other applications that aren't platform specific.

Mogull said he doesn't recommend that the average Mac user install antivirus software because of the low-level of malicious software seen for Macs at this time.

To me, this new Apple statement poses more questions than it answers.

Regardless of the meaning of Apple's latest action, I'm pleased to now have open lines of communication with the company. Over the last few months, I have had an increasingly difficult time getting any response to my e-mails and phone calls. For instance, I got no response to my requests for comment on Monday's article about this topic. However, after talking to several Apple spokespeople on Tuesday about the matter I am confident that the situation has been cleared up.

I also was reminded of how much collective knowledge CNET readers have about Apple and would like to extend an invitation for people to feel free to contact me directly at elinor.mills@cnet.com with any feedback and tips related to Apple security issues.

Ref :: http://news.cnet.com/8301-1009_3-10111958-83.html

Antivirus firms shrug at Microsoft's free security suite

2008-12-09T13:09:00.002+07:00

Updated at 1:15 p.m. PST Wednesday with comment from Symantec and at 11:45 a.m. PST Thursday with comments from McAfee and Kaspersky.

For some security companies, Microsoft's decision to offer a free anti-malware product, code-named Morro, won't result in a dramatic change in how they do business.

Morro will be available in the second half of 2009 and will protect against viruses, spyware, rootkits, and Trojans, according to Microsoft.

"With OneCare's market share of less than 2 percent, we understand Microsoft's decision to shift attention to their core business," Joris Evers, director of worldwide public relations for McAfee, said in an e-mail.

As for confronting a free malware solution from a software giant, Evers said, "With more malware attacks than ever before, we believe our advanced technology, commitment to consumer education, superior protection, dedicated focus on security, and our 20-plus years in this business will provide consumers the confidence to choose McAfee as their trusted adviser and expert in security."

Justin Priestley, senior vice president of consumer sales at Kaspersky Lab's Americas division, also seemed not that concerned at the prospect of facing a free security solution from Microsoft.

"Having entered the U.S. consumer market at the same time as Microsoft, we initially viewed them as a formidable player. They've continued to hold a very low market share in the consumer market, and we don't expect the exit of OneCare to change the playing field drastically," Priestley said. "With the increasing threat malware and Web attacks pose, security is as important as ever, and we believe people will continue to choose antimalware software based on the quality of protection and will choose the highest-level product available."

Rowan Trollope, senior vice president of Symantec's consumer business, characterized the announcement as a "capitulation by Microsoft, and a reinforcement of the notion that it's simply not in Microsoft's DNA to provide high-quality, frequently updated security protection."

Featured Freeware: Laptop Alarm

2008-12-09T13:05:00.003+07:00

This simple program will sound an alarm through your laptop's speakers when certain activities occur, helping to thwart laptop theft. Laptop Alarm's four-check-box interface takes seconds to set. An option pop-up is as easily set to control mouse sensitivity and set a program password.

Operating Laptop Alarm is a snap. Users merely run the executable and set the alarm to sound if the laptop loses power the system is shut down or logged off, if the USB mouse is unplugged, or if the mouse moved. Testers found the program accurate with no false alarms. There's no method to alter the alarm sound, and users aren't given the opportunity to enter the program password before the alarm goes off.

Laptop Alarm performs well and as expected, but it doesn't run in the background and must be reset each time you want to use it. Leaving your computer is not an action we'd recommend, but this freeware may at least hurt the ears of a potential laptop thief.

Ref :: http://www.download.com/8301-2007_4-10101869-12.html

EstDomains: A Sordid History and a Storied CEO

2008-09-09T06:07:00.001+07:00

In this second part to an ongoing investigation into the notorious Web site host and domain name registrar EstDomains Inc., Security Fix examines the company's history, the legacy of its current chief executive, and its future prospects.

The "Est" in EstDomains is a nod to the company's origins: It was founded in Tartu, the second largest city in Estonia (although the corporation is officially registered in Delaware). The chief executive of EstDomains is 27-year-old Vladimir Tsastsin, pictured below.

Tsastsin also is named as the head of Rove Digital, a company that appears to encompass a domain auction service named Bakler.com, and a recently launched Web traffic-shaping service called Zmot.

Read more ...
Brian Krebs on Computer Security. The Washington Post Company.

A Superlative Scam and Spam Site Registrar

2008-09-09T05:56:00.002+07:00

Over the past week, a number of the Internet's largest data carriers have ceased providing online connectivity to Atrivo (a.k.a. "Intercage"), an ISP that security experts say is home to a huge number of scammers and spammers. This week, I'm turning the spotlight on EstDomains Inc., Atrivo's most important customer and the single biggest reason so many experts have condemned Atrivo.

According to RegistrarStats.com, EstDomains is the 49th largest domain name registrar, with more than 270,000 domains. Security Fix is still working on cataloging all of those domains, but for the purposes of this analysis we'll examine some 10,000 Web site names that are both registered through EstDomains and using the company's various domain name servers to route traffic to them.

I chose to focus on that particular subset of 10,000 domains mainly so that EstDomains could not simply disavow knowledge of the sites' activities by claiming it serves as nothing more than a registrar for those domains.

Turns out, at least one-third of those domains (.CSV) are currently blacklisted by SURBL.org, which tracks Web site names that are advertised in junk e-mail.

Have a look at the complete list of those 10,000 names -- which I've made available at this link here (.CSV file) -- and it should quickly become evident why so many are blacklisted.

Read more ...
Brian Krebs on Computer Security. The Washington Post Company.

FBI Warns of Hit Man Scam Resurgence

2008-09-09T05:54:00.001+07:00

The FBI is warning people not to be disturbed by an e-mail scam that threatens your life and orders you to pay up to avoid being the target of a hired hit man.

The FBI said its Internet Crime Complaint Center continues to receive thousands of reports concerning the hit man e-mail scheme. The FBI notes that while the content of the missive has evolved since similar hit man scams first surfaced in late 2006, the message remains the same, claiming the sender has been hired to kill the recipient.

In some cases, the use of names, titles, addresses, and telephone numbers of government officials and business executives, and/or the victims' personal information are used in an attempt to make the fraud appear more authentic, the FBI said.

Read more ...
Brian Krebs on Computer Security. The Washington Post Company.

Scammer-Heavy U.S. ISP Grows More Isolated

2008-09-07T14:48:00.000+07:00

Last week, Security Fix published an analysis of Atrivo, a California based Internet service provider, also known as Intercage, that has proven to be a virtual magnet for cyber-criminal operations. Since that time, Atrivo's biggest network backbone provider decided it could no longer support the company, and stopped offering it direct connectivity.

I first got wind of this change while reading a post on the NANOG mailing list, which caters to professionals employed by ISPs and various network providers. Marcus Sachs, director of the SANS Internet Storm Center, had said it looked like Global Crossing had stopped handling long-haul Internet traffic for Atrivo/Intercage within hours after our story was published. I followed up with Marc, but he was unable to produce any conclusive data showing the change.

Fast forward to today, and with the help of Jose Nazario at Arbor Networks, I was able to pull together a view of what happened. Global Crossing has in fact "de-peered" from Atrivo/Intercage, so it is no longer providing direct Internet connectivity.

Read more ...
Brian Krebs on Computer Security. The Washington Post Company.

Number of Bot-Infected PCs Skyrockets

2008-09-07T14:42:00.000+07:00

The number of PCs compromised with software that lets cyber criminals control the machines from afar has more than quadrupled over the last quarter, security experts warn

The estimates come from Shadowserver, a group of volunteers that monitor activity from robot networks or "botnets," large armies of hacked personal computers used for spam, phishing and all kinds of criminal activity. Shadowserver saw a rise from roughly 100,000 botted PCs to about 400,000 over the past three months.

John Bambenek, an incident handler with the SANS Internet Storm Center, which tracks hacking trends, speculates that the spike is probably related to the massive numbers of Web sites that have been hacked by SQL attacks, and seeded with browser exploits.

While those numbers might seem high, they suggest more of a recent upward trend in bot counts rather than an accurate picture of just how many compromised PCs are out there. In fact, numerous other security experts this year have spotted single botnets that include upwards of 350,000 compromised PCs. And by nearly all accounts, there are thousands of distinct botnets out there today under the thumb of criminal groups and individual hackers.

Read more ...
Brian Krebs on Computer Security. The Washington Post Company.

FBI Warns of Hit Man Scam Resurgence

2008-09-01T06:08:00.002+07:00

The FBI is warning people not to be disturbed by an e-mail scam that threatens your life and orders you to pay up to avoid being the target of a hired hit man.

The FBI said its Internet Crime Complaint Center continues to receive thousands of reports concerning the hit man e-mail scheme. The FBI notes that while the content of the missive has evolved since similar hit man scams first surfaced in late 2006, the message remains the same, claiming the sender has been hired to kill the recipient.

In some cases, the use of names, titles, addresses, and telephone numbers of government officials and business executives, and/or the victims' personal information are used in an attempt to make the fraud appear more authentic, the FBI said.

I've heard about these scams before, but never actually seen one of the e-mails until today. Below is a copy of one of the scams making the rounds now.

"Dear Friend,
Goodday to you.
Am very sorry for you my friend, is a pity that this is how your life is going to end as soon as you don't comply. As you can see there is no need of introducing myself to you because I don't have any business with you, my duty as I am mailing you now is just to KILL/ASSASINATE you and I have to do it as I have already been paid for that.
Someone you call a friend wants you Dead by all means, and the person have spent a lot of money on this, the person also came to us and told me that he want you dead and he provided us with your name, picture and other necessary information's we needed about you. So I sent my boys to track you down and they have carried out the necessary investigation needed for the operation on you, and they have done that but I told them not to kill you that I will like to contact you and see if your life is Important to you or not since their findings shows that you are innocent.

Read more ...
Brian Krebs on Computer Security. The Washington Post Company.

Report: Email Address Dictates Spam Volume

2008-09-01T06:01:00.002+07:00

The first letter of your email address is one factor in your spam risk, a researcher says

By Kelly Jackson HigginsSenior Editor, Dark Reading

Everyone knows that some people get more spam than others, but new research shows that it may have something to do with the first letter of your email address.
Richard Clayton, a security researcher at the University of Cambridge in the U.K., says he found evidence that the more common the first letter in your email address is, the more spam you get: in other words, alice@company.com typically gets a higher volume of spam than quincy@company.com, or zach@company.com. He says that’s simply because there are more combinations of names that begin with “A” than with “Q” or “Z.”

Over an eight-week period, Clayton studied around 8.9 million emails at a U.K. ISP and found that the email addresses that began with “A” received 35 percent spam in their inboxes, while “Z’s” got about 20 percent -- after sorting out real emails versus invalid ones that had likely been generated by a spamming tool. Clayton says it’s likely that spammers using dictionary attacks could be the cause of this disproportionate distribution of spam.

Read more ...
Dark Reading.

Report Slams U.S. Host as Major Source of Badware

2008-09-01T05:56:00.001+07:00

Last week, I examined a series of Web services that make profiting from cyber crime a point-and-click exercise that even the most novice hackers can master. Today, I'd like to highlight the activities of Atrivo, a Concord, Calif., based network provider that hosts some of these services.

Several noted security researchers are releasing a report today that stems from many months of investigating malicious activity emanating from Atrivo's customers. Security experts say that Atrivo, also known as "Intercage," has long been a major source of spyware, adware, viruses and fake anti-virus products.

The report is an exhaustive and well-researched analysis of Atrivo and its operations. Some of the statistics on active exploits cited in that report come from data sets I commissioned during my own investigation of Atrivo and later shared with Jart Armin, the principal author of the report and curator of the blog hostexploit.com.

Looking back several years, Atrivo's various networks were used heavily by the Russian Business Network, an ISP formerly based in St. Petersburg, Russia. RBN had gained notoriety for providing Web hosting services catering exclusively to cyber criminals. But after increased media attention, RBN dispersed its operations to other, less conspicuous corners of the Internet.

The portions of Atrivo most heavily used by RBN were Hostfresh -- which provides routing for Atrivo through Hong Kong and China -- and UkrTeleGroup (also known as Inhoster) out of Ukraine. These two networks remain core components of Atrivo's operation, and recent data suggests the company's reputation for supporting online criminals hasn't diminished since the disappearance of the RBN last year. As of last December, Atrivo boasted the largest concentration of malicious activity of any hosting company, according to a report released by security intelligence firm iDefense.

Read more ...
Brian Krebs on Computer Security. The Washington Post Company.

Microsoft Patches 26 Security Holes

2008-09-01T05:52:00.002+07:00

Microsoft today released updates to fix at least 26 security vulnerabilities in its Windows operating systems and other software. At least 17 of those flaws earned Microsoft's "critical" rating, meaning they could be exploited to break into vulnerable systems with little or no help from the victim.

The 26 vulnerabilities are the most Microsoft has addressed since it had 25 in August of 2006, which also included 17 rated as critical, according to anti-virus firm Symantec.

Microsoft patched two holes in that have already been used in targeted attacks against people browsing the Web with Internet Explorer 6 and 7. In addition to those two fixes, one bundle of critical updates plugs five other security holes in Internet Explorer, most of which Microsoft said are present all versions of the browser.

Read more ...
Brian Krebs on Computer Security. The Washington Post Company.

A Baker's Dozen of Security Updates for iPhone 2.0

2008-07-12T09:44:00.002+07:00

As expected, the 2.0 version of iPhone released today includes a number of security updates, patching more than a dozen holes in the slimmed-down OS X operating system that powers the devices.

That means for those who already own Apple's mobile device, it's time to update.

As detailed in a column last week, a number of these patches are updates that Apple shipped earlier this year for Safari and/or the version of OS X designed for Mac desktop and laptop computers. iPhone 2.0 bundles some 13 security updates, five of which address previously undocumented security flaws.

Among the more notable (if not serious) patches: One fix for the gadget's Safari Web browser that was addressed by a number of other software makers (including Mozilla) back in June 2006. Another Safari update plugs a security hole that Apple sealed in its Microsoft Windows version of Safari last month. Another fix corrects a bug in the iPhone's innards that Apple said could allow remote attackers to reset a targeted iPhone by sending it a specially crafted packet. An exploit for this vulnerability has been available online since February.

The new software is available for iPhone 1.0 and iTouch 1.1 devices, through iTunes.

Read more ...
Brian Krebs on Computer Security. The Washington Post Company.

Speeding In Maryland Could Be Hazardous to Your Identity

2008-07-12T09:37:00.000+07:00

If you've ever received a traffic ticket in Maryland, your name, birthday, Social Security number and address may be posted on the Maryland state Web site for anyone to find, Security Fix has learned.

Reader Mark Webster from Annandale, Va., alerted me that the official Maryland court records Web site lists the personal data of countless citizens. The citations listed go back more than 30 years, and include records even for routine traffic stops that were ultimately dismissed.
The records with sensitive data in them appear to be limited to tickets issued to people who currently or at one time lived in a state that previously used the Social Security number as the default driver's license or customer number. [..]

Read more ...
Brian Krebs on Computer Security. The Washington Post Company.

April Fool's Day Warning, And Some Fun - Security Fix

2008-04-03T05:40:00.000+07:00

April Fool's Day Warning, And Some Fun - Security Fix: "April Fool's Day Warning, And Some Fun

This post has been updated. Please read through to the end.

Original post:

The cyber criminal(s) behind the Storm worm want to make an April Fool out of you today.

The Storm worm author(s) likes to use holidays and other notable calendar occasions to launch new attacks. True to form, new versions of the Storm worm were blasted out yesterday as links in an e-mail that included a taunting image of an idiot in a fool's costume wearing a 'kick me' sign. Anyone foolish enough to follow the embedded directions telling recipients to 'click here, if your download doesn't start in 5 seconds,' will hand their PC over to the bad guys.

Image F-Secure.com

The security news on this first day of April isn't all hackers and viruses. In fact, you'd do well not to take anything you read online today too seriously. Below are a few of the more entertaining fake security news stories spotted so far today (hat tip to the SANS Internet Storm Center).

F-Secure: A new Trojan horse program that actually deposits money into your bank account.

Google: Introducing 'Gmail Custom Time.' Didn't send that presentation on time? No problemo! Now you can back-date your G-mail messages.

NASA: Giant Space Station Robot Turns on Crew (image)." [..]

Read more...
Brian Krebs on Computer Security. The Washington Post Company.