Beware of Repackaged HijackThis Downloads

June 10, 2009 – 4:55 AM

HijackThis is one of the well-known free utilities of Trend Micro that quickly scans a user’s Windows computer to find settings that may have been changed by spyware, malware, or other unwanted programs. By itself, it does not determine what is good or bad but it lists registry keys and files system of the scanned system where unwanted programs potentially could reside.

Only experienced users and IT experts with outstanding practice in HijackThis could use the initial text information without the community help. Almost all users of this tool rely on the online evaluation and analysis of the report, provided by several HijackThis communities.

Edgardo Diaz, Jr., Escalation Engineer in TrendLabs, found a certain executable program (Loaris Trojan Remover) that contained the HijackThis program repackaged using Delphi-based packager InnoSetup. Upon extraction, the user interface (UI) gives the user the option of running HijackThis from an external source.

The application really does install HijackThis on the user’s computer. Unlike the real version, however, Loaris’ repackaged version sells its own antivirus solution using HijackThis as a come-on.

Users who are really interested in using HijackThis, may thus be tricked into buying the antivirus by accepting the end-user license agreement (EULA) below that comes with the installer.

Beware, Trend Micro does NOT sell nor intend to sell HijackThis. Trend Micro supports its communities by providing information and updates to registry keys, validity of system or BHO (Browser Helper Object) files.

Source:
http://blog.trendmicro.com/beware-of-repackaged-hijackthis-downloads/

Posted in Internet, Privacy, Security, Software, Windows | No Comments

Six Steps to Stop SQL Injections

June 8, 2009 – 5:49 PM

According to IBM ISS X-Force findings, SQL injections last year became the most common Web-based attack technique. Hackers are successful with these attacks largely due to poor coding practices. The following are six ways organizations can start to mitigate the risk from SQL injections.

Slideshow:
http://www.baselinemag.com/c/a/IT-Management/Six-Steps-to-Stop-SQL-Injections-129263/

Posted in Internet, Security | No Comments

Ophcrack 3.3.0 and Ophcrack LiveCD 2.3.0 Released

June 8, 2009 – 4:55 AM

Ophcrack is a Windows password cracker based on a time-memory trade-off using rainbow tables. This is a new variant of Hellman’s original trade-off, with better performance. It recovers 99.9% of alphanumeric passwords in seconds.

Ophcrack version 3.3.0 includes support for our new tables vista_seven. These tables crack 99% of passwords of length 7 composed of almost any character including special characters. This table set will be included in our professional tables bundle.

New features have been added like the table size verification in order to warn the user if the tables have not been fully downloaded for example. It is also possible to tune how the preloading should be done.

Download:
http://ophcrack.sourceforge.net/download.php

Posted in Internet, Privacy, Security, Windows | No Comments

Nessus v4.0.1 Released

June 7, 2009 – 8:51 PM

The Nessus vulnerability scanner, is the world-leader in active scanners, featuring high speed discovery, configuration auditing, asset profiling, sensitive data discovery and vulnerability analysis of your security posture. Nessus scanners can be distributed throughout an entire enterprise, inside DMZs, and across physically separate networks.

Fixes:

  • Fixed memory & register leaks in NASL
  • nessus-fetch now supports Basic, Digest, and NTLM proxy authentication schemes
  • The timeout for NessusClient TCP socket was too low and has been increased
  • The ’nessus’ cmd line tool would sometimes leave temporary files on the filesystem
  • Improved performance for reverse DNS lookups
  • Knowledge Base files would sometimes not be created for targets where the user specified a hostname
  • Pinging a remote host would sometimes fail if the ARP address of the gateway was not in the local cache
  • On some configurations registration would not complete
  • Manage users’ would not change the users passwords
  • NessusClient would sometimes close a modified report without asking to save first
  • The Nessus server now runs on Windows 7. However, Windows 7 is not officially supported at this time. Features such as packet forgery are not yet functioning
  • In some cases Nessus would not work on Mac OS X 10.4
  • NessusClient would display the IP addresses of the target in reverse order on Mac OS X PPC
  • On Linux 64-bit versions, Nessus would generate error messages in dmesg

Download:
http://www.nessus.org/download/

Posted in Internet, Linux, Networking, Privacy, Security, Software, Windows | No Comments

NetworkMiner 0.88 Released

June 7, 2009 – 8:42 PM

NetworkMiner is a Network Forensic Analysis Tool (NFAT) for Windows that can detect the OS, hostname and open ports of network hosts through packet sniffing or by parsing a PCAP file. NetworkMiner can also extract transmitted files from network traffic.

New functionalities in the v 0.88 release are:

  • Support for the Cisco HDLC (cHDLC) layer 2 protocol
  • Support for Linux cooked captures (a layer 2 packet format often generated by tcpdump)
  • Support for IPv6
  • Parsing of SSH (only to extract SSH version and application banner to “host details”, I’m not trying to bruteforce the SSH encryption key or Diffie-Hellman handshake)
  • Parsing of the Spotify authentication protocol to extract the Spotify username (displayed under “credentials”)
  • Parsing of the SIP protocol (used in VoIP) to extract the SIP username (often an email address) and display it under “host details”

Download:
http://sourceforge.net/project/showfiles.php?group_id=189429

Posted in Internet, Networking, Privacy, Security, Software, Windows | No Comments

Copyright 2008-2024 PC Sympathy - Entries (RSS) - Sitemap