Anyone who tells you that your IT network is ‘100% secure’ is either a fool, or greatly mistaken. Security is a moving target, and unfortunately, this target is being manipulated by the bad guys. With 2007 behind us, I reflect on the struggle enterprises and governments face in cyber security.
Protecting Your Systems
January 4th, 2008 · Comments Off
Using leak tests to evaluate firewall effectiveness
December 29th, 2007 · Comments Off
One function of today’s integrated security systems is enabling the user to control network traffic, i.e. data sent and received over the network by applications that are running on the user’s computer. A component that offers such control is called a firewall. There are software and hardware firewalls
ARP spoofing HTTP infection malware
December 29th, 2007 · Comments Off
This year, we’ve seen many ARP spoofing viruses, also known as ARP cache-poisoning viruses. This type of malware comes in many variants and is widely spread in China. Recently, we uncovered an ARP spoofing virus that exhibits several new features. The new ARP spoofing virus inserts a malicious URL into the session of an HTTP [...]
Flash Player update available to address security vulnerabilities
December 29th, 2007 · Comments Off
Critical vulnerabilities have been identified in Adobe Flash Player that could allow an attacker who successfully exploits these potential vulnerabilities to take control of the affected system. A malicious SWF must be loaded in Flash Player by the user for an attacker to exploit these potential vulnerabilities.
Hacking a New DNS Attack
December 29th, 2007 · Comments Off
New findings by researchers at the Georgia Institute of Technology and Google on a malicious DNS-related attack have stirred some debate over whether open recursive DNS servers are inherently insecure. DNS servers basically translate domain names, like darkreading.com, into IP addresses so that computers can find one another. Recursive DNS servers respond to DNS lookup [...]
Peering Inside the IRC Botnet
December 18th, 2007 · Comments Off
The average life span of a command and control server in an Internet Relay Chat (IRC)-based botnet is less than two months. And these machines and their drones that make up a botnet are typically scattered around the world, a new study on IRC botnets reveals.
Cybercrime: How online crooks put us all at risk
December 18th, 2007 · Comments Off
Somewhere in St. Petersburg, Russia’s second largest city, a tiny startup has struck Internet gold. Its dozen-odd employees are barely old enough to recall the demise of the Soviet Union, but industry analysts believe they’re raking in well over $100 million a year from the world’s largest banks, including Wells Fargo and Washington Mutual.
Battle of the SSH Protocols: SSHv1 v SSHv2
December 18th, 2007 · Comments Off
Telnet has been eclipsed by two feature-laden Secure Shell protocols. But which one is best? Many network administrators have stopped using Telnet for switch management in favor of the more secure Secure Shell (SSH) protocol. But there are two versions of SSH.
The Worlds Biggest Botnets
December 18th, 2007 · Comments Off
You know about the Storm Trojan, which is spread by the world’s largest botnet. But what you may not know is there’s now a new peer-to-peer based botnet emerging that could blow Storm away. "We’re investigating a new peer-to-peer botnet that may wind up rivaling Storm in size and sophistication," says Tripp Cox, vice president [...]
Troubleshooting Remote Desktop
December 18th, 2007 · Comments Off
Some reasons why it is sometimes difficult to establish a Remote Desktop session with a remote computer, and some workarounds to these various issues. Ever since the release of Windows XP, one of my favorite features as always been Remote Desktop. In case you’re not familiar with Remote Desktop, it is a built-in Windows feature [...]