Removing SCADA worm could disrupt power plants

• By: Bud Wright
• On: 07/29/2010 13:13:10
• In: Computer Security

Siemens has made a program available for detecting and disinfecting malware attacking its software used to control power grids, gas refineries, and factories but warned customers who use it could disrupt sensitive plant operations.

The Munich-based engineering company on Thursday began distributing Sysclean, a malware scanner made by Trend Micro. It has been updated to remove Stuxnet, a worm that spreads by exploiting two separate vulnerabilities in Siemens's SCADA, or supervisory control and data acquisition, software and every supported version of Microsoft Windows.

Read all of Removing SCADA worm could disrupt power plants

Popular apps don't bother with Windows defences

• By: Bud Wright
• On: 07/04/2010 14:53:22
• In: Computer Security

Many popular software applications have avoided including security protection mechanisms built into the latest versions of Windows. The omission leaves these applications at greater risk of hacker attack, according to a study by security patching and notification firm Secunia.

Two key security mechanisms in Windows - DEP (Data Execution Prevention) and ASLR (Address Space Layout Randomization) - are designed to make it hard for hackers to develop reliable exploits even in cases where security bugs are present in Windows applications. DEP, first added to Windows with XP Service Pack 2 in August 2004, is designed to prevent the execution of writable memory. ASLR, which debuted with Vista, further complicates the process of creating reliable exploits.

Read all of Popular apps don't bother with Windows defences

Ubuntu 'more secure' than Windows, says Dell

• By: Bud Wright
• On: 06/17/2010 13:21:34
• In: Computer Security

Dell reckons Ubuntu offers more protection than Windows online as it convinces consumer PC shoppers they shouldn't be scared of Linux.

In a statement flagged here by TheVarGuy.com, Dell picked on security as one of ten reasons why people should buy PCs running Canonical's Linux rather than Microsoft's operating system.

Read all of Ubuntu 'more secure' than Windows, says Dell

FTC slaps down commercial keylogger firm

• By: Bud Wright
• On: 06/03/2010 10:04:07
• In: Computer Security

CyberSpy Software, which markets the controversial RemoteSpy commercial keylogging application, has agreed to rewrite the software and clean up its business practices to settle a case brought by the US Federal Trade Commission.

Read all of FTC slaps down commercial keylogger firm

Hackers find a new place to hide rootkits

• By: Bud Wright
• On: 05/13/2010 18:04:17
• In: Computer Security

Security researchers have developed a new type of malicious rootkit software that hides itself in an obscure part of a computer's microprocessor, hidden from current antivirus products.

Called an SSM (System Management Mode) rootkit, the software runs in a protected part of a computer's memory that can be locked and rendered invisible to the operating system but which can give attackers a picture of what's happening in a computer's memory.

The SMM rootkit comes with keylogging and communications software and could be used to steal sensitive information from a victim's computer. It was built by Shawn Embleton and Sherri Sparks, who run an Oviedo, Florida, security company called Clear Hat Consulting.

Read all of Hackers find a new place to hide rootkits

The evolving role of the IT security manager

• By: Bud Wright
• On: 05/10/2010 17:53:54
• In: Computer Security

No longer a voice in the wilderness
By Jon Collins, Freeform Dynamics
Posted in Security that Fits, th May GMT

Workshop Poll Results Security has long been the poor cousin of IT. As any security professional knows, the way we have traditionally implemented security is tantamount to a technological afterthought. Through the years we have attempted to block holes, protect the periphery and lock down access rights for running systems, in the knowledge that IT security is all too often too little, too late.

We could of course blame budgeting mechanisms, in that there never seems to be enough money to go around, and IT security often seems to be the first thing to go when specking out new systems. It"s common knowledge in the industry, for example, that fear still drives much of IT spending. You cant beat a good press headline about data leaks, malicious websites and so on to trigger a release of funding for whatever product is in vogue at the time.

Read all of The evolving role of the IT security manager

Stealth installs and adware come to Facebook

• By: Bud Wright
• On: 05/08/2010 10:54:53
• In: Computer Security

Apps secretly added to profiles
By Dan Goodin in San Francisco
Posted in ID, 6th May 2010 19:00 GMT

Updated Already under fire for taking liberties with users' privacy, Facebook was outed on Thursday as a distributor of unwanted applications, some of which install adware or are added to user profiles without permission.

As noted earlier by PC World, the social networking site silently adds apps to profiles whenever a user is logged in and browses to certain sites. Facebook displays no dialogue box or notification window asking permission, and there is no easy way to opt out of the process.

Read all of Stealth installs and adware come to Facebook

New attack bypasses virtually all AV protection

• By: Bud Wright
• On: 05/08/2010 10:28:23
• In: Computer Security

Bait, switch, exploit!
By Dan Goodin in San Francisco
Posted in Security, 7th May 2010 18:17 GMT

Researchers say they've devised a way to bypass protections built in to dozens of the most popular desktop anti-virus products, including those offered by McAfee, Trend Micro, AVG, and BitDefender.

The method, developed by software security researchers at matousec.com, works by exploiting the driver hooks the anti-virus programs bury deep inside the Windows operating system. In essence, it works by sending them a sample of benign code that passes their security checks and then, before it's executed, swaps it out with a malicious payload.

Read all of New attack bypasses virtually all AV protection

Feds use phony MySpace profiles to nab bad guys

• By: Bud Wright
• On: 03/17/2010 13:16:12
• In: Computer Security

Insert ironic comment here
By Dan Goodin in San Francisco
Posted in Crime, 16th March 2010 20:02

Undercover US agents are infiltrating MySpace, Facebook, and other social networking sites with false online profiles in an attempt to nab users under investigation for breaking the law, a Justice Department document reveals.

The revelation exposes the Kafkaesque double standard employed by federal prosecutors, who in 2008 charged a Missouri mother with four felonies for creating a fake MySpace account. The woman, Lori Drew, helped create the profile of a fictitious teenage boy and then sent flirtatious messages to a 13-year-old girl under his name. The girl later hanged herself after receiving a message from the account saying the world would be a better place without her.

Read all of Feds use phony MySpace profiles to nab bad guys

Almost 2,500 firms breached in ongoing hack attack

• By: Bud Wright
• On: 02/18/2010 10:19:52
• In: Computer Security

Criminal hackers have penetrated the networks of almost 2,500 companies and government agencies in a coordinated campaign that began 18 months ago and continues to steal email passwords, login credentials, and other sensitive data to this day, a computer security company said.

The infections by a variant of the Zeus botnet began in late 2008 and have turned more than 74,000 PCs into remote spying platforms that have siphoned highly proprietary information out of at least 10 federal agencies and thousands of companies, according to research from NetWitness, a Herndon, Virginia-based network forensics firm. Many of the victims are Fortune 500 firms in the financial, energy, and high technology industries.

Read all of Almost 2,500 firms breached in ongoing hack attack