Features
- Private emails should always be encrypted
- Password Recovery Speeds
- Trojan Horses
- Why do I need security?
- How to change your Windows 98 password
- Password FAQ
- Setting a BIOS Password
- Physical Security
- Guidelines for choosing a good password
Categories
- Censorship
- DRM
- Malware
- Patches/Fixes
- Privacy
- Security News
- Site Information
- Software Vulnerabilities
About
0wning Vista from the boot
From The Register:
“Just after vbootkit takes control, it hijacks the interrupt 13, then searches for Signature for Vista OS. After detecting Vista, it starts patching Vista, meanwhile hiding itself (in smaller chunks at different memory locations). The patches includes bypassing several protections such as checksum, digital signature verification etc, and takes steps to keep itself in control, while boot process continues to phase 2.
Phase 2 includes patching vista kernel, so as vbootkit maintains control over the system till the system reboots. Several protection schemes of Vista were analyzed such as the famous PE header checksum (every Windows EXE contains it), the Digital Signature of files.”
Read the full article at The Register
Russinovich: Malware will thrive, even with Vista’s UAC
From Zero Day:
“Despite all the anti-malware roadblocks built into Windows Vista, a senior Microsoft official is lowering the security expectations, warning that viruses, password-stealing Trojans and rootkits will continue to thrive as malware authors adapt to the new operating system.”
Read the full article at Zero Day
Vista’s UAC Warnings Can’t Be Trusted, Symantec Says
From PC World:
Hackers can trick Windows Vista’s User Account Control to hide malware, researcher found.
The process to spoof a UAC dialog is roundabout, but doable, said Whitehouse. It would start with a user falling for any one of the current hacker tricks. “The most likely scenario is that a user gets compromised by malicious code, from a Trojan [horse] or a vulnerability in a third-party application like Office or a browser,” he said in an interview.
Read the full article at PC World
Security watchers lambast Vista
From The Register:
Windows Vista has only just left the starting blocks but security watchers have wasted no time in challenging claims that it provides improved security defences.
Virus Bulletin, the independent security certification body, has revealed that Microsoft’s own anti-virus product, Live OneCare, is among four anti-virus testing products that failed to reach the standard required for approval.
Read the full article at The Register
Botnet Eavesdropping: Inside the Mocbot (MS06-040) Attack
From eWeek.com:
“The lesson here is once you get infected, you are completely under the control of the botmaster. He can put whatever he wants on your machine, and there’s no way to be 100 percent sure that the machine is clean,”
“The only way to be [completely] sure the system is malware-free is to completely wipe the hard drive and reinstall the operating system,”
Read the full article at eWeek.com
Eighty percent of new malware defeats antivirus
“The most popular antivirus applications on the market are rendered useless by around 80 percent of new malware, according to AusCERT.”
Read the full article at ZDNet Australia
Worm appears as Microsoft antipiracy program
From Computerworld
Security analysts have detected a new piece of malware that appears to run as a Microsoft Corp. program used to detect unlicensed versions of its operating system.
Read the full story at Computerworld
Microsoft Sued Over WGA
From Groklaw
A computer user is suing Microsoft Corp. over the company’s Windows Genuine Advantage anti-piracy tool, alleging that it violates laws against spyware.
The suit by Los Angeles resident Brian Johnson, filed this week in U.S. District Court in Seattle, seeks class-action status for claims that Microsoft didn’t adequately disclose details of the tool when it was delivered to PC users through the company’s Automatic Update system.
Read the full article at Groklaw
Microsoft warns of exploit code for dial-up bug
From Network World
The exploit code targets a vulnerability in the Remote Access Connection Manager (RASMAN) service, used by Windows to create network connections over the telephone. The bug, which was patched June 13, is rated critical by Microsoft, the most severe rating available.
Read the full article at Network World
Windows riddled with Bots
BetaNews has a story about the prevalence of malicious bots on the computers of unsuspecting users of microsoft windows.
Microsoft said in a report that the backdoor trojans “are a significant and tangible threat to Windows users.” However, the bots are not the only threat that Windows users face.
Read the full article at BetaNews
