Archive for March, 2011

Protect yourself from closed source SSH

Posted in IT Security on March 30, 2011 by cobra

http://www.zdnetasia.com – A basic understanding of the practical realities of privacy technologies should include an understanding of why encryption that doesn’t trust the user isn’t trustworthy. There are times, however, that we must make do with less than ideal choices for security software.

One such example is that of performing secure file transfers on a wireless network with an Android smartphone. Because the Android OS does not offer users an instance of OpenSSH as part of the standard system, and because there is not an open source SSH-based file transfer client or server application in the Android Market, the common choices are to either use a closed source tool or not use SSH on an Android device for file transfers at all.

The problem is not limited to SSH software. Any closed source software involved in the process can be a problem, from the operating system on which the SSH software is running, through password managers and any special “multimedia key” management applications for keyboards, all the way to the encryption software itself. As long as such closed source software ties into key parts of the trusted chain of operations, there is little that can be done to ensure that what should be private remains private.

Of course, open source software provides no 100 percent guarantees. Its benefits merely revolve around a much greater chance that any data leaks or malicious software designs are more likely to be caught, especially given that–unlike the case of closed source software–open source development is not typically performed by a set of employees operating under nondisclosure agreements. A community of people with equal access to the source code, many of them operating independently and some even with strong motivations to discover and publicly reveal vulnerabilities, makes for a very difficult place to hide malicious security compromises in your code.

Click here to read the full article

Dozens of exploits released for popular SCADA programs

Posted in IT Security on March 24, 2011 by cobra

[www.theregister.co.uk] The security of software used to control hardware at nuclear plants, gas refineries and other industrial settings is coming under renewed scrutiny as researchers released attack code exploiting dozens of serious vulnerabilities in widely used programs.

The flaws, which reside in programs sold by Siemens, Iconics, 7-Technologies, Datac, and Control Microsystems, in many cases make it possible for attackers to remotely execute code when the so-called supervisory control and data acquisition software is installed on machines connected to the internet. Attack code was released by researchers from two separate security camps over the past week.

Click here to read the full article
This is a serious issue ladies and Gentlemen and requires your full Attention

Hackers fake SSL certificates for web services

Posted in IT Security on March 24, 2011 by cobra

A major issuer of secure socket layer (SSL) certificates acknowledged on Wednesday that it had issued 9 fraudulent SSL certificates to seven Web domains, including those for Google.com, Yahoo.com and Skype.com following a security compromise at an affiliate firm. The attack originated from an IP address in Iran, according to a statement from Comodo Inc.

Comodo, of Jersey City, New Jersey, said, in a statement on its Web page, that an attacker was able to obtain the user name and password of a Comodo Registration Authority (RA) based in Southern Europe and issue the fraudulent certificates. The company said the hack did not extend to its root keys or intermediate certificate authorities, but did constitute a serious security incident that warranted attention.

SSL Certificates are the Internet equivalent of drivers’ licenses, said Paul Turner, the vice president of products and customer solutions at Venafi, an Enterprise Key and Certificate Management firm. The bogus certificates could be used in phishing or man in the middle attacks against organizations that haven’t updated their certificate revocation lists, he said. They could also be used to sign applications and plug ins, he said.

Click here to read the full article on this matter which requires full attention.

Hackers breach RSA IT systems

Posted in IT Security on March 24, 2011 by cobra

According to http://www.securecomputing.net.au, the article mentions security vendor RSA has admitted that hackers breached its systems, extracting undisclosed product information on its widely-used SecurID two-factor authentication tokens. Australian RSA customers included Telstra’s directories business Sensis, insurer Allianz Australia and Virgin Blue.

Botnets: Measurement, Detection, Disinfection and Defence

Posted in IT Security on March 12, 2011 by cobra

As per www.h-online.com online article, The European Network and Information Security Agency (ENISA) has released a report on the methods for detecting, measuring and fighting botnets. Entitled “Botnets: Measurement, Detection, Disinfection and Defence” (PDF), the report describes various methods in the individual disciplines; among its findings is that the size of a botnet isn’t a measure of the threat it represents.

Individual risks need to be evaluated for different groups of stakeholders, for instance in terms of a botnet’s damage potential for an individual group, said the report. The detection of botnets is generally said to be difficult because, as an example, bots behind a gateway in a corporate network may only appear as a single IP address.

In its report, ENISA also makes recommendations on what needs to change on an organisational and policy level, beyond the mostly already solved technical issues, in order to enhance the capabilities for combating botnets. For example, ENISA said that ISPs should be given financial incentives for supporting their customers in the fight against malware. Another recommendation is to tackle the value-creation schemes of botnet operators to minimise the profitability of their botnets.

The successful mitigation of botnets is also reportedly hindered by unclear or inconsistent legislation across Europe. For instance, there is apparently no unified ruling on whether an IP address is to be treated as personal data. The exchange of information among EU member states should also be improved, said the report.

If the above link does not work, please click here to access ENISA’s web page to download the report

I advice everyone to read this report, it is a great source of information for all people who’d like to educate themselves on Botnet threats.

The Definitive Facebook Lockdown Guide – Securing your profile page

Posted in IT Security on March 6, 2011 by cobra

Personally I’ve deactivated from Facebook since quite a while because of various security issues. For those of you who have been wondering How to use Facebook securely without letting security concerns get in your way of enjoying Facebook’s various functionalities and features, I’ve come across an online article that mentions all the information you need to secure your Facebook account (Profile page, Private settings, Account settings etc..)

I hope you find it useful 😀