Dec 03
Spam -google-adsi-visible-url-, ads-by-google, Adware, Anti Spam Solution, code, daily, everyone-should, excessive-pop-, filter, filter-programs, filtering, internet, junk, report-spam, search, software, Spam, spammer, Spyware, style
Before I answer the questions on spam filters I’ll give a little background on spam. In summary, spam for the miseducated, is an abuse of any form of digital and electronic systems of messaging, leveraging on established communications network to send out UBE or UCE’s (unsolicited bulk/commercial emails) that have commercial messages attached to them.
See the rest here:
Spam Filter Programs – Do They Work?
Jul 24
Spyware antispyware-com, black, code, copyright, dns, feedback, home, information, internet, metasploit, microsoft, open-source, Phishing, polls, polls-archive, security, Spyware, threat-database, Uncategorized
A hack which takes advantage of a recently disclosed flaw in the Domain Name System (DNS) software used to route messages between computers on the Internet has been released.
It was turned loose by developers of the Metasploit hacking toolkit, says PC World, going on
Internet security experts warn that this code may give criminals a way to launch virtually undetectable phishing attacks against Internet users whose service providers have not installed the latest DNS server patches.
Attackers could also use the code to silently redirect users to fake software update servers in order to install malicious software on their computers, said Zulfikar Ramizan, a technical director with security vendor Symantec. “What makes this whole thing really scary is that from an end-user perspective they may not notice anything,” he said.
IOActive researcher Dan Kaminsky revealed it earlier this month, “but technical details of the flaw were leaked onto the Internet earlier this week, making the Metasploit code possible,” says the story.
“Kaminsky had worked for several months with major providers of DNS software such as Microsoft, Cisco and the Internet Systems Consortium (ISC) to develop a fix for the problem. The corporate users and Internet service providers who are the major users of DNS servers have had since July 8 to patch the flaw, but many have not yet installed the fix on all DNS servers.”
US-CERT on Monday warned: “Technical details regarding this vulnerability have been posted to public Web sites,” says InformationWeek, adding:
“Attackers could use these details to construct exploit code. Users are encouraged to patch vulnerable systems immediately. “This is a very serious situation, and can possibly lead to widespread and targeted attacks which hijack sensitive information by redirecting legitimate traffic to fraudulent Web sites, due to incorrect (fraudulent) information being injected into the vulnerable caching nameserver(s),” Trend Micro security researcher Paul Ferguson said in a blog post.
“Kaminsky has been planning to present details about the DNS vulnerability at the Black Hat security conference in two weeks.”
See the rest here:
Dangerous DNS exploit online
Jul 08
Spyware antispyware-com, code, copyright, feedback, home, infiltration, michigan, microsoft, network, open-source, polls, polls-archive, security, Spyware, spyware-malware, threat-database, Uncategorized, university, virus, vulnerabilities
Tests performed by n.runs, “have indicated that every virus scanner currently on the market immediately revealed up to several highly critical vulnerabilities. These then pave the way for Denial of Service (DoS) attacks and enable the infiltration of destructive code – past the security solution into the network. With that, anti-virus solutions actually allow the very thing they should instead prevent.”
So says ZDNet in a story kicking off with, “the IT/Security consulting firm n.runs AG claims to have discovered approximately 800 vulnerabilities within antivirus products based on exploiting a standard malware scanning process known as ‘parsing’.”
However, in between the, “ongoing efforts put by malware authors to obfuscate their binaries, release as many as possible in the shortest time frame achievable, or ensure that they bypass the most popular personal firewalls before releasing them by applying quality assurance to their malware campaigns, can antivirus products be a security issue themselves?” – wonders the story, answering:
But of course, and the increasing number of vulnerabilities discovered is clearly indicating the increasing interest in proving the point in general.
How did n.runs manage to discover the vulnerabilities they claim they found?
By following the very same logic on which a great deal of theVulnerabilities Antivirus Software Q1 2008 current vulnerabilities are based on, the way in which the scanner parses the file it’s supposed to scan, says ZDNet, which has n.runs stating:
In this context, n.runs was able to make out so-called “parsing” as one of the main causes of this boomerang effect. The principle functions as follows: virus scanners must recognise as many “Malware” applications as possible – and thereby comprehend and process a large number of file formats. In order to be able to interpret the formats, an application must partition the corresponding file into blocks and structures.
This separation of data into analysable individual parts is called “parsing”. Mistaken assumptions in the course of programming the parsing code create constellations which enable the infiltration and subsequent running of programme code. Moreover, the quick reactions time expected by developers (regarding threats) contributes to a decrease in the quality of the code. In short: the more parsing that takes place, the higher the recognition rate and the degree of protection from destructive software, but at the same time, the larger the attack surface – which makes the anti-virus solution itself a target.”
The research cited is based on Secunia’s tracking of advisories affecting antivirus products, as well as research conducted by the University of Michigan emphasizing on the severity of the vulnerabilities on a per product basis, says ZDNet, adding malware authors are, “going to continue researching are ways in which to shut down the antivirus solution silently, prevent it from reaching its hard coded update locations, and most importantly ensure the malware has been pre-tested against the most popular security solutions before it’s released in the wild – precisely what they’ve been doing for last two years”.
.
.
Read more here:
Virus scanners: situation critical
May 07
adminSpyware antispyware-com, code, community, computer, copyright, feedback, home, mcafee-team-up, meet-ocertis, open-source, polls, polls-archive, security, Spam, Spyware, threat-database, Uncategorized, washington, yahoo
Is open source software more secure than proprietary commercial software?
It’s an assumption made by many IT managers, says the Washington Post, going on:
“Anyone who uses open source can examine the original code to spot any lurking vulnerabilities, and potentially even fix the vulnerabilities themselves. With proprietary software, you have to trust the vendor to do it all for you.”
But that takes three things for granted:
1) That someone is actually looking at the code
2) That security vulnerabilities are getting reported and fixed
3) That information about those fixes makes its way to Linux distributors and other software vendors, who apply the fixes to their products.
Now, says the story, oCERTis, a Computer Security Response Team, was put together in March specifically to, “act as a clearinghouse for security information about all kinds of open source software”.
And in keeping with open source tradition (and open source budgets), “oCERT is a volunteer effort, and it provides its services free of charge,” says the Washington Post, continuing:
“The team’s operating costs are underwritten by corporate sponsors – most recently Google, which posted adetailed summaryof why this effort is so important to a blog Monday.
“All in all, oCERT sounds like a worthwhile project that will provide a valuable service to the community of open source vendors and customers. Let’s hope it wins enough support to sustain itself for the long run.”
But, at the story, the name itself, “might be a problem,.
Why?
Because CERT is a trademark of Carnegie Mellon University.
. .
Here is the original:
Meet oCERTis
RSS
