Microsoft Journal (MSJ) Scam

Stephen Toub at Microsoft warns about a scam where people have been getting mailings (not emails) offering them MSJ - this a scam as MSJ is not published anymore! Don’t send them your hard earned money. 

January 7, 2006 · 1 min · Amit Bahree

Santa Instant Message Worm!

Beware, there is a new IM worm that promises a picture of Santa, but instead delivers a rootkit! The initial message will appear to come from someone on your IM list and will include “|” DONT click on that link! The worm is called IM.GiftCom.All. Read more here.

December 21, 2005 · 1 min · Amit Bahree

Combating rootkit with rootkit

While I totally agree with the concept of combacting rootkit with rootkit when it comes to the new generation of spyware, etc. (remember Sony’s need for control fiasco), but my concern is there are many lazy programmers (yours truly included) out there and most companies are in a hurry to ship a product out the door without testing as thoroughly as one should, which means when dealing at the Kernel level for most end-users it could be a experience of more BSOD’s....

December 20, 2005 · 1 min · Amit Bahree

More DOS Pings

Here are a few more DOS pings from last night, I think these are poor souls who don’t know they have infected machines (or lets hope so). There is one ( from China belonging to someone called Ming Chen in Chongqing, might have to drop his/her ISP an email. inetnum: - netname: CQ-CHONGQINGYIDONG country: CN descr: Chong Qing Yi Dong IDC Yong HU descr: 40-43 Duan Qi Yong...

December 20, 2005 · 3 min · Amit Bahree

Sony Rootkit DRM Saga Gets Messy

From PCMag, Sony’s incredible gaffe - creating a DRM applet that loads prior to the operating system - has caused an incredible furor. Sony agreed to suspend the program, but that’s not all. Now the rest of the world is piling on. Microsoft now says it will delete the rootkit directly with its anti-spyware program, and it’ll be included in the December version of the Malicious Software Removal Tool. And it looks like the Macintosh, which is also affected by the rootkit, might still be at risk....

November 16, 2005 · 1 min · Amit Bahree

Exploit code chases two Firefox flaws

Two vulnerabilities in the popular Firefox browser have been rated “extremely critical” because exploit code is now available to take advantage of them. The cross-site scripting and remote system access flaws were discovered in Firefox version 1.0.3, but other versions may also be affected, said security company Secunia, which issued the ratings Sunday. One flaw involves “IFRAME” JavaScript URLs, which are not properly protected from being executed in the context of another URL in the history list....

May 10, 2005 · 1 min · Amit Bahree

Identity theft - done *legally* by cops...

Got this via internal communities at Avanade. Seems like in Ohio it is legal for cops to steal someone else’s identity as long as it is part of an investigation without your consent - quite scary I think.

April 14, 2005 · 1 min · Amit Bahree

WEP Dead Again?

SecurityFocus has two part article that looks at the new generation of WEP cracking tools for WiFi networks, which offer dramatically faster speeds for penetration testers over the previous generation of tools. In many cases, a WEP key can be determined in seconds or minutes. Part one, compares the latest KoreK based tools that perform passive statistical analysis and brute-force cracking on a sample of collected WEP traffic. Part two, looks at active attack vectors, including a method to dramatically increase the rate of packet collection to make statistical attacks even more potent....

April 14, 2005 · 2 min · Amit Bahree