web security

Hackers hide behind Olympics

Mon, 28 Apr 2008 06:59:59 -0400

CIO's beware. The latest security threat may be coming: emails using the Olympics as a cover to hide malicious Trojans that elude most antivirus programs. These email attacks mostly originate from Asia, in some cases claiming to be to be from the International Olympic Committee, and are highly destructive. Security experts at MessageLabs, a company that scans email messages for hostile content and provides Web security, have found more than a dozen Olympic-themed attacks over the past six months. They have targeted different industries with Trojan attachments that could allow the attacker to conduct corporate espionage.

Mark Sunner, chief security analyst at MessageLabs, said the attacks have shifted from Microsoft Word documents to new types of Microsoft files where the intrusions are much less likely to be detected by traditional antivirus engines. "The emerging targeted attacks are more unseen" and antivirus programs are likely to be insufficient, he said.

For more on hackers masquerading behind Olympics:
- See this CIO Today article

Hackers may target your printer

Thu, 31 Jan 2008 06:59:58 -0500

Spam has a new target, and it's your printer. By using a little-known capability found in most Web browsers, Aaron Weaver, a security manager from Pennsylvania, figured out how to hack into a printer. In a research paper published Tuesday on the Ha.ckers.org Web site, Weaver described how he launched the attack successfully with both the Internet Explorer and Firefox browsers. And he has found a way out, too. Because the attack works only on network printers, a printer plugged directly into a PC would not be vulnerable.

The attack is possible because most browsers can connect to the networking port used by most printers to look for new print jobs. So, by using the browser as a stepping stone, attackers are able to connect with something they should never be able to reach: a printer on the local area network. While this type of hack attack hasn't gotten any attention and there are no reports that it's infecting computer sites, Weaver's research uses cross-site scripting attacks and vulnerabilities in the way browsers handle the Internet Protocol.

"There is no precedent for [this hack]," said Robert Hansen, CEO of Web security consultancy SecTheory and owner of the Ha.ckers.org Web site. "But...what he did was marry two different concepts that we've been talking about for a long time." This could be the first step in another bad scenario because if hackers figure out how to send information about their print jobs to the Internet, Weaver's experiment could have far greater security implications. So maybe it's a good idea to turn your printers off for the night or when you are out of the office--because one never knows what might happen if they remain on.

For information on hacking printers:
- Check out this ComputerWorld article

Tips for avoiding Web hacks

Mon, 08 Oct 2007 06:59:58 -0400

Over the past 18 months or so, websites have replaced email as the main source of risk for being attacked by a hacker. Websites are rich targets for bad guys because most organizations have taken significant steps to "harden" only internal applications. Very little thought, however, is being put into web-development initiatives from a security standpoint while these apps are being built. Security is typically an afterthought that is bolted on after the Web application has been built. The biggest problem is designers aren't building walls within Web applications to partition and validate data moving between parts of the system. Khalid Kark, senior analyst at Forrester, tells InfoWorld, that as a result, most websites can be easily hacked. It is an issue that is being taken on at the Open Web Application Security Project (OWASP). The organization has released a report entitled "The Ten Most Critical Web Application Security Vulnerabilities."

Read about their findings:
- in the article in Infoworld

Google's CIO Discusses Security

Wed, 06 Jun 2007 20:01:39 -0400

Google has historically been quiet about its security efforts, but for the first time, the company is opening up about some of its initiatives. Google researchers recently presented a paper on Web security at a technical conference in Cambridge, MA, discussing the results of the company's ongoing effort to "identify all Web pages on the Internet that could potentially be malicious." The company even started its first-ever security blog, giving the world an inside look at Google's 100-person security team. IDG News Service recently had the opportunity to sit down with Douglas Merrill, Google's vice president of engineering and chief information officer. In the interview he says that Google security is something that could be turned into a product some day, but for now the company is fundamentally focused on search. He also offers his thoughts on the increasing integration of consumer technology into the enterprise space. "We obviously believe in this idea of the Web 2.0, where you're collecting different kinds of applications together to meet consumer needs. The firewall is one line of defense, and it's still useful, just like locks on front doors are still useful. But you need other kinds of defenses as well," he said.

For more on Google's ongoing security research:
- Read the full interview in CIO Magazine

Cyber criminals to take mob approach

Mon, 18 Dec 2006 19:01:37 -0500

A new report predicts that cyber criminals may start joining forces with traditional crime mobs in their quest to grab valuable data. Websense, a Web security vendor, reports that cyber malcontents and today's current organized crime families will form "cooperatives" to sell, buy and trade cyber attack toolkits and exploits. The firm claims that security attacks will be much more organized in the future and there will be greater threats to Web 2.0 sites such as MySpace.com and Wikipedia. More importantly for today's IT leaders, it seems that business networks will also become a favored target for the hackers.

For more on future security threats:
- check out the article at InformationWeek

Trojan features new cloaking aspect

Tue, 08 Aug 2006 20:01:38 -0400

A Web security firm has discovered the existence of a new Trojan that infects PCs and then grabs stolen data using the Internet Control Message Protocol channel. It hides itself within an Internet Explorer browser object, waits until a user accesses a banking or financial account site and then logs keystrokes. The fact that the malware hides the activity within ICMP pings makes the Trojan activity very hard to detect, say experts, and is another indication of how malware writers are getting smarter and sneakier every day.

For more on the latest Trojan approach:
-read this article at NetworkWorld

Hacker's court case to set Web security precedent

Tue, 09 May 2006 20:01:37 -0400

A legal proceeding against a hacker who claims his intentions were only good could end up setting a Web security precedent in the arena of online criminal rulings. Experts say that the court decision regarding Eric McCarty, a San Diego resident who allegedly hacked into the University of Southern California's computer system, will greatly impact the current state of security research as the case crosses so many ethical, legal and technical issues.

For more on the legal issues in prosecuting "good" hackers:
- read this article at InformationWeek