Posts Tagged ‘security’

1. Dont assume anything. Make some time to learn about securing your system.

2. Acquire and use a reliable antivirus program. Select an antivirus that has a consistent track record. Checkmark, AV-Test.org and TuV are among the most respected independent testers of antivirus software.

3. Acquire and use a reliable firewall solution. Again, independent reviewers are your best bet for reasonable choices. Some operating systems come with a firewall which only filters incoming traffic. Use a firewall that can control both incoming and outgoing Internet traffic.

4. Do not open e-mails coming from unknown or distrusted sources. Many viruses spread via e-mail messages so please ask for a confirmation from the sender if you are in any doubt.

5. Do not open the attachments of messages with a suspicious or unexpected subject. If you want to open them, first save them to your hard disk and scan them with an updated antivirus program.

6. Delete any chain e-mails or unwanted messages. Do not forward them or reply to their senders. This kind of messages is considered spam, because it is undesired and unsolicited and it overloads the Internet traffic.

7. Avoid installing services and applications which are not needed in day-by-day operations in a desktop role, such as file transfer and file sharing servers, remote desktop servers and the like. Such programs are potential hazards, and should not be installed if not absolutely necessary.

8. Update your system and applications as often as possible. Some operating systems and applications can be set to update automatically. Make full use of this facility. Failure to patch your system often enough may leave it vulnerable to threats for which fixes already exist.

9. Do not copy any file if you don’t know or don’t trust its source. Check the source (provenance) of files you download and make sure that an antivirus program has already verified the files at their source.

10. Make backups of important personal files (correspondence, documents, pictures and such) on a regular basis. Store these copies on removable media such as CD or DVD. Keep your archive in a different location than the one your computer is in.

Advertisements

Mozilla on Thursday boosted bug bounty payments six-fold by increasing the standard cash award to $3,000.

The new bounty for vulnerabilities in Firefox, Firefox Mobile and Thunderbird is also six times the normal payment by Google for flaws in its Chrome browser, and more than double the maximum $1,337 that Google pays for the most severe bugs. Mozilla and Google are the only browser makers that pay security researchers for reporting vulnerabilities in their products.

“A lot has changed in the six years since the Mozilla program was announced, and we believe that one of the best ways to keep our users safe is to make it economically sustainable for security researchers to do the right thing when disclosing information,” said Lucas Adamski, director of security engineering. Mozilla kicked off its bounty program in August 2004 .

Only bugs that Mozilla ranks “crucial” or “high” — its top two ratings — are eligible for payment. In Mozilla’s hierarchy, critical vulnerabilities are those that allow remote code execution; in other words, ones that when exploited give the attacker full control of the machine. High vulnerabilities are those that expose “high-value” personal information, such as usernames, passwords and credit card numbers. Denial-of-service flaws are not eligible for a bounty, Mozilla said.

Netsparker is a Web Application Security Scanner that claims to be False-Positive Free. The developers thought that if you need to investigate every single identified issue manually what’s the point of having an automated scanner? So they developed a new technology which can confirm vulnerabilities on demand which allowed us to develop the first false positive free web application security scanner.

When Netsparker identifies an SQL Injection, it can identify how to exploit it automatically and extract the version information from the application. When the version is successfully extracted Netsparker will report the issue as confirmed so that you can make sure that the issue is not a false-positive.

Same applies to other vulnerabilities such as XSS (Cross-site Scripting) where Netsparker loads the injection in an actual browser and observes the execution of JavaScript to confirm that the injection will actually get executed in the browser.

Thanks to its comprehensive and powerful JavaScript engine it’s possible to simulate a real attacker successfully. This means it can successfully analyse websites that rely on AJAX and JavaScript.

You don’t need to be a security expert, get training or read a long manual to start. Since the user interface is easy to use and can confirm and show you the impact, you can just fire it up and start using it.

Netsparker - Community Edition

You can download Netsparker – Community Edition here:

NetSparkerCommunityEditionSetup.exe

Or read more here.

Alman hackerlar grubu, GSM hatlarında konuşmaların başkalarınca dinlenmesini engelleyen son derece gizli şifreleme sistemini çözmeyi başardı. Sistemin kodlarını kamuoyuna da açan grup, GSM Association’ın şimşeklerini üstüne çekti.
Bilgisayar uzmanı Karsten Nohl liderliğindeki ekip, GSM şebekelerinin dinlemeye karşı iddia edildiği kadar güvenli olmadığını gösterme iddiasıyla beş ay önce çalışmaya başladı ve Nohl’un önceden verdiği tarihte tüm güvenlik kodlarını kırarak torrent dosyası halinde internette yayımladı.
Nohl, daha önce beyaz yakalı hackerların katıldığı bir konferansta GSM şifreleme sistemini beş ayda çözeceğini duyurmuştu.
Yaklaşık iki düzine usta bilgisayar yazılımcısı ve mühendisin yardımıyla kırılabilen A5/1 algoritması, 22 yıldır GSM şebekelerinde kullanılıyor. Cep telefonuyla yapılan görüşmelerin elektronik yolla dinlenmesini önleme amacıyla geliştirilen şifreleme sistemi, 80 kanal arasında sürekli frekans değiştirerek çalışıyor.
Firmanın 2007’de devreye soktuğu ‘daha güvenilir’ A5/3 anahtarıysa henüz pek çok GSM operatörü tarafından kullanılmıyor.
Kullanılan bilgisayar ağıyla tüm güvenlik şifresi kombinasyonlarını bir araya toplayan Nohl, güçlü bir masaüstü bilgisayar, ihtiyaca uygun olarak modifiye edilmiş bir ‘paralel hat’ yazılımı ve 30 bin dolarlık ek teçhizatla artık tüm GSM konuşmalarının dinlenebileceğini belirtti.
Algoritmayı geliştiren, uygulama standartlarını belirleyen ve kodları saklayan GSM Association, Nohl’un şifreleri kırarak kamuoyuna açıklaması karşısında küplere bindi. Kurumdan yapılan açıklamada Nohl’un eylemi “çok ciddi bir suç” olarak nitelendirildi ve İngiltere dahil pek çok ülkede ağır şekiklde cezalandırıldığı vurgulandı. GSMA, konuyu soruşturduktan sonra Nohl ve arkadaşları hakkında suç duyurusunda bulunabilecek.
Nohl ise eylemin gerekçelerini şöyle açıkladı: “GSM şebekelerindeki güvenlik şifrelemesi hiç de söylendiği kadar güvenilir değil. Biz de bunu kanıtladık. Umarım müşteriler konuşmalarının dinlenmesini önleyebilecek daha güvenilir bir sistem için seslerini yükseltir”.
GSM hatlarındaki görüşmelerin dinlenmesi teknik olarak daha önce de mümkündü ancak bunun için milyonlarca dolarlık bir sistem kurmak gerekiyordu. BBC’ye konuşan Cellcrypt çalışanı Ian Melkin, “Endişe verici bir gelişme. Artık küçük suç örgütlerinin de cep telefonlarını dinleyebileceği ortaya çıktı” dedi.
Dünyada yaklaşık 4 milyar GSM kullanıcısı bulunuyor.
GSM Encryption needs to be shown insecure

Anubis is sponsored by Secure Business Austria and developed by the International Secure Systems Lab. We are a small team of enthusiastic security professionals doing research in the field of computer security and malware analysis. Our goal is to provide interested and advanced computer users with a tool that helps in combatting malware. This is why we provide this service free of charge.

 

Anubis is a tool for analyzing the behavior of Windows PE-executables with special focus on the analysis of malware. Execution of Anubis results in the generation of a report file that contains enough information to give a human user a very good impression about the purpose and the actions of the analyzed binary. The generated report includes detailed data about modifications made to the Windows registry or the file system, about interactions with the Windows Service Manager or other processes and of course it logs all generated network traffic. The analysis is based on running the binary in an emulated environment and watching i.e. analyzing its execution. The analysis focuses on the security-relevant aspects of a program’s actions, which makes the analysis process easier and because the domain is more fine-grained it allows for more precise results. It is the ideal tool for the malware and virus interested person to get a quick understanding of the purpose of an unknown binary.

Anubis is the result of more than three years of programming and research. We have designed Anubis to be an open framework for malware analysis that allows the easy integration of other tools and research artifacts. This will allow us to integrate new research prototypes produced by our group into Anubis as soon their code base is stable enough.

http://analysis.iseclab.org/

Microsoft has developed a new security offering called HELLOSECUREWORLD.COM. It is a program to engage developers in a fun and exciting way to build knowledge around security in application development. In addition, developers can share information about secure coding for today’s internet-based computing environment. The program features an array of online and offline customer activities ranging from MSDN events, to security virtual labs, to video presentations on a new website.

Includes:

* XSS (Cross Site Scripting)
* SQLi (SQL Injection)
* Canonicalization Attack
* CSRF (Cross Site Request Forgery)
* Integer Overflow/Underflow
* Etc…

To access the labs go to: HelloSecureWorld