Microsoft Network Monitor 3.3 Overview

-Summey

According to a recent report, malicious PDF files now account for 80% of all exploits in 2009.   There are many blogs that will be able to analyze it ever which way for you; but I wanted to keep it short and sweet and focus on what does this mean for you and I?   The obvious answer is we need to keep your software up to date.   The not so obvious answer…  How about switching to an open source software such as Foxit Reader that doesn’t have these issues?   That’s what my company has chosen to do.

Foxit won’t help any with the Flash problems, but it will with the PDF exploits, as well as some good ‘ol common sense.  Don’t open a PDF from someone you don’t know, or a website that isn’t trusted, or that just doesn’t look right.

-Andrew

Numerous outlets reported that Googles Gmail and 30 other companies were hacked by the Chinese. Ars Technica reports many say the hack was targeted against Chinese dissidents.

The cyber-assault came to light on Tuesday when Google disclosed to the public that the Gmail Web service was targeted in a highly-organized attack in late December. Google said that the intrusion attempt originated from China and was executed with the goal of obtaining information about political dissidents, but the company declined to speculate about the identity of the perpetrator.

McAfee reported evidence that a vulnerability in Internet Explorer was exploited in the attack.

Google Enterprise president Dave Girouard blogged to inform Google App clients their data was safe. “This incident was particularly notable for its high degree of sophistication. This attack may understandably raise some questions.” Girouad stated “We believe our customer cloud-based data remains secure.”

Many have reported the most successful technique of Chinese hackers involves phishing and social engineering. These hackers determine their targets, then send a spear phish targeted email to a specific employee posing as someone from the company or a vendor. Once the target clicks a link they may download a remote control or malicious software completing the attack. On a broader scale they may send a blast to everyone in the company and ultimately hook a few employees giving them access to company accounts.

This all means that it’s not just sweaty skeevy money making criminal hackers involved in the penetration of your networks. There is a strong possibility that hacking is being sponsored by foreign governments who have a much bigger agenda.

All the more reason to beware and alert in regards to your security.

1. Never click on links in the body of an email. NEVER!
2. Always be suspect of any external or internal communications. You could be a target of a phish.
3. Before you go divulging usernames and passwords to anyone in response to an email, pick up the phone to verify the need
4. Make sure your PC is fully and automatically updated with its critical security patches.
5. Anti-virus must be run automatically and fully up to date.
6. Its not enough to just run anti-virus. Run a program that immunizes your PC against keyloggers
7. Get a credit freeze. Go to ConsumersUnion.org and follow the steps for your particular state. This is an absolutely necessary tool to secure your credit. In most cases, it prevents new accounts from being opened in your name. This makes your Social Security number useless to a potential identity thief.
8. Invest in Intelius identity theft protection and prevention. Not all forms of identity theft can be prevented, but identity theft protection services can dramatically reduce your risk. (Disclosures)

Robert Siciliano Identity Theft Speaker discussing being an imposter and social engineering invasions on the Montel Williams Show

This toolbar will help you in testing sql injections, XSS holes and site security. It is NOT a tool for executing standard exploits and it will NOT learn you how to hack a site. Its main purpose is to help a developer do security audits on his code. If you know what your doing, this toolbar will help you do it faster. If you want to learn to find security holes, you can also use this toolbar, but you will probably also need a book, and a lot of google.

-summey

http://www.hakin9.org/en

Check out this hakin9 its an awesome mag!

* The Real World Clickjacking by Marco Lisci
* Metasploit Alternate Uses for a Penetration Test by Stephen Argent
* Backdooring Frameworks by Antonio Fanelli
* Analyzing Malware by Jason Carpenter
* How Does Your Benchmark of Physical Security Affect Your Environment? by Mary Ellen Kennel
* iPhone Forensics by Tam Hanna
* and …

Hakin9 CD covers EnGarde Secure Linux 3.0.22.

Want to know more … Click …

-Summey

Analysis of conficker C

http://mtc.sri.com/Conficker/addendumC/

 

-Summey

You can get the iso here md5sum and sha512sum

And the VMWare image here md5sum and sha512sum

-Summey

It’s that time again: Patch Tuesday falls on February 10th, and Microsoft’s early Valentine’s Day gift to users consists of four security updates. Two are critical, and they affect Windows XP and IE 7, along with several other products. Read about it here:
http://www.wxpnews.com/AJB4NJ/090210-Security-Patches

opendns

-Summey