Web Security Review

By Lisa Vaas

An attacker could exploit the flaw with a malicious MP4 file to trigger the buffer overflow.

Even as Microsoft prepared to release critical updates for flaws in multimedia frameworks and APIs, proof-of-concept exploit code came out over the weekend that shows how an attacker can target the Winamp multiformat media player, a media player from Nullsoft that runs on Windows and is second only to Windows Media Player in worldwide popularity.

Symantec on Dec. 8 produced a security advisory warning that attackers can take over systems due to a vulnerability in how Winamp processes some MP4 files. Nullsoft has since addressed the issue, which boils down to a buffer overflow problem, in Winamp 5.35. The problem affects Winamp 5.02 through 5.34.

Read more from eweek.com

For readers with a MySpace or Facebook account, please be vigilant and careful when accepting apps or widgets from your friends; they main contain Trojan viruses that steal information from your site and then send it all back to the one who created it. They usually do this by sending Trojans through apps or widgets that your friends sent you. According to researchers at Finjan, cyberattackers are now going to these social networking sites such to get more victims.

“Attacks will become more sophisticated by combining several services in order to heighten infection ratios and decrease the detection rate, while providing more robust and scalable attack frameworks,” Yuval Ben-Itzhak, chief technology officer, Finjan, said in a news release. “The focus will be on trojan technology as it enables maximum flexibility in terms of command and control. This adds another potentially malicious element to the “legitimate” web traffic that needs to be examined by security solutions.”

In short, before installing the app or widget that your friend sent you, confirm if it came from them. If it didn’t, kindly delete it immediately. If it did come from them, research on the app or widget from previous users.

Source

It is apparent that support costs will continue to increase in direct proportion to the concurrent services offered still as carriers look to add more and more services to their portfolios. The number of support calls increases in proportion as the number of services increases. For the communications providers these increased problems come at a time when call centers are trying to increase service levels and first call resolution ratios. Using a web conferencing solution is one simple way to achieve these goals.  Through the use of Web Conferencing, I learned what Motorola is doing to help service providers and call centers of various sizes with the support issues.

According to Websense, there are a lot of reasons for spammers to favor using GMail:

“…that from the spammers’ perspective, there are four main advantages to this approach. First, signing up for an account with Google allows access to its wide portfolio of services. Second, Google’s domains are unlikely to be blacklisted. Third, they are free to sign up. And fourth, it may be hard to keep track of them as millions of users worldwide are using various Google services on a regular basis.”

There are actions made by GMail to fix this problem as they come up with different methods in preventing such scam. GMail has invited certain users to have their closed beta test to intensify their security system

By Ryan Narain

A hacker finds a way to use a booby-trapped Web page to trick Google Toolbar users into adding malicious buttons to the browser.

A dialog spoofing vulnerability in the popular Google Toolbar could be exploited by malicious hackers to execute malicious files or launch identity theft attacks, according to a warning from security researcher Aviv Raff.

Raff, a well-known hacker who regularly finds and reports software vulnerabilities, figured out a way to use a booby-trapped Web page to trick Google Toolbar users into adding malicious buttons to the toolbar.

In an IM interview with eWEEK, Raff said multiple versions of the toolbar allows spoofed information to be presented to the user when adding a new browser toolbar icon/button.

Read more from eweek.com

The US government may be hardening it’s stance against the growing threat from cyber-attacks and guess what they did to make it known? They got a hacker to provide them with an insight to act as adviser to the government, a move that would surely get him on every cyber-hit man’s roster or possible targets. They say he’s only on as an adviser but for the world of Black Hats, this is seen a s treachery, a move that counters all beliefs on which they function, to deny his own people. “Dark Tangent” as he was known during his hacking days, was hired by the new and fortified Cyber-Security command which is to try and bolster the ability of the US government to fend of attacks hopefully armed with his insight on how they work. Continue Reading »

Scareware, or a form of malware that tricks customers with bogus messages that leads users to sites that install fake security software for a fee. These tactics have long been used by hackers to get hard earned cash from people’s pockets for nothing. The software you install in turn asks you to get more and more software till you finally get it that the whole thing was a sham, with your cash long gone and the errors they were reporting. Many of these sites have been targeted by law enforcement in the past few years but there are still some persistent ones that manage to survive the best efforts of law enforcement agents. Continue Reading »

Twitter has received blow after blow in terms of attacks to the micro-blogging site that has been rendered useless on several instances, finally a free plugin from FinJan that protects you from attack when using your favorite micro-blogging site. The free browser plug-in dubbed SecureTwitter allows users to get a message saying if the site they are about to enter contains a malicious URL. This systems works much like the way Google blocks suspected attack sites, displaying a message to state their reason for blocking the site through detailed analysis results. Continue Reading »

A long standing botnet was closed with it’s manager arrested and subsequently charged with cyber-crimes leaving him to deal with a 5 year sentence of which he is to serve 2 in jail and the rest on conditional release. He will be allowed out on the conditions he would have limited access to computers and the internet, seemingly to follow the movie “Hackers”. This victory comes after a hosting firm based in California was ordered shut by the FTC and FBI after it was proven to have hosted malware spreading sites and spamming botnets. He even when as far as selling the services of his botnet, using “bots4sale” as a catch phrase to people he knew were going to use it for spamming of close to half a million computers the world over. Continue Reading »

Data storage is a very costly business considering the fact that one of the biggest network of data centers is owned by Google who has managed to keep them out of the sight of well, everybody. The lack of information regarding the location of Google’s famed data center or data centers might be the thing that has spared it from the many attacks that have been done in the past years. Botnets, Viruses and other malware have been targeting not only the lowly desktop I’m using but the whole internet itself. Imagine managing to disable one of the major data links in and out of a major country Continue Reading »