Security team shows unfixable Windows 7 hack

At the Hack In The Box (HITB) Security Conference in Dubai on Thursday, security researchers demonstrated how software they developed can already take advantage of a design problem with the upcoming Windows 7 operating system, allowing them to hack into the system. VBootkit 2.0, created by researchers Vipin Kumar and Nitin Kumar, was used to demonstrate how hackers can take control of a Windows 7 computer while it’s booting up. Unlike most exploits, though, the attack is said inherent to Windows 7 and may likely remain with the OS until it’s replaced.

“There’s no fix for this. It cannot be fixed. It’s a design problem,” Vipin said, though the attack cannot be done remotely and requires that hackers have physical access to a PC.

The program is just 3KB big and lets attackers change files that are loaded into system memory during the boot process. Because nothing is changed on the hard disk itself, VBootkit 2.0 is hard to detect, Vipin says. Also, rebooting the computer gets rid of the security issue, as system memory is cleared during the process.

Via the software, hackers can remotely control the targeted computer and change their access level to the highest possible. Passwords can also be removed, letting hackers access a victim’s files. What’s more, the password is restored, so victims are unaware their security was breached.

Source:
http://www.electronista.com/articles/09/04/23/windows.7.hack.program/

Posted in Privacy, Security, Windows | No Comments

Ubuntu 9.04 (Jaunty Jackalope) Released

Ubuntu 9.04 (Jaunty Jackalope) Desktop Edition delivers a range of feature enhancements to improve the user experience. Shorter boot speeds, some as short as 25 seconds, ensure faster access to a full computing environment on most desktop, laptop and netbook models. Enhanced suspend-and-resume features also give users more time between charges along with immediate access after hibernation. Intelligent switching between Wi-Fi and 3G environments has been broadened to support more wireless devices and 3G cards, resulting in a smoother experience for most users.

Ubuntu 9.04 features OpenOffice.org 3.0. This gives users a complete office suite that is entirely compatible with Microsoft Office. This free office software provides an immediate saving of at least $200 for users who need to create presentations, write documents or manage spreadsheets at work or at home.

A new integrated notification system appears in Ubuntu 9.04 for the first time. This system combines the notification methods of various applications and presents that information in a simple, unobtrusive manner. New icons and artwork also appear in this release, part of the continual improvement of the Ubuntu user experience.

Download:
http://www.ubuntu.com/getubuntu

Posted in Linux | No Comments

Firefox 3.0.9 Released

Firefox 3.0.9 fixes several security issues found in Firefox 3.0.8:

• Firefox allows Refresh header to redirect to javascript: URIs
• POST data sent to wrong site when saving web page with embedded frame
• Malicious search plugins can inject code into arbitrary sites
• Same-origin violations in XMLHttpRequest and XPCNativeWrapper.toString
• XSS hazard using third-party stylesheets and XBL bindings
• Same-origin violations when Adobe Flash loaded via view-source: scheme
• jar: scheme ignores the content-disposition: header on the inner URI
• URL spoofing with box drawing character
• Crashes with evidence of memory corruption (rv:1.9.0.9)

Run a Check for Updates from the Help menu, or you can always get the latest version here:

http://en-us.www.mozilla.com/en-US/firefox/all.html

Posted in Internet, Linux, Privacy, Security, Software, Windows | No Comments

SSH server attacks resurface

Security researchers are warning administrators to secure their servers in the wake of new Secure Shell (SSH) attacks.

Researchers at security firm SANS warned that so-called ‘brute force’ attacks were occurring on a “daily” basis. The attacks attempt to guess usernames and passwords in an attempt to compromise the server.

To help guard against the attacks, SANS researcher Daniel Weseman recommended that administrators help guard against the attacks by making both usernames and passwords more difficult for attackers to guess.

“If you are running any SSH server open to the Internet, and your usernames and passwords aren’t at least 8 characters or so, your box is either owned by now, or about to be,” explained Wesemann.

“It doesn’t matter one bit what sort of device it is – those who run these scans have proven to be equally apt at taking over a Cisco router as they are at subverting an iMac.”

In addition to complicating usernames and passwords, Weseman also suggested that administrators use other simple measures such as moving SSH off of port 22 and monitor logs for suspicious activity. While the measures will not prevent an attack, Weseman said that they would at least make compromising a machine for difficult.

Source:
http://www.vnunet.com/vnunet/news/2240614/ssh-server-attacks-resurface

Posted in Internet, Linux, Networking, Privacy, Security | No Comments

Stealthy Rootkit Slides Further Under the Radar

Thousands of Web sites have been rigged to deliver a powerful piece of malicious software that many security products may be unprepared to handle.

The malicious software is a new variant of Mebroot, a program known as a “rootkit” for the stealthy way it hides deep in the Windows operating system, said Jacques Erasmus, director of research for the security company Prevx.

An earlier version of Mebroot, which is what Symantec named it, first appeared around December 2007 and used a well-known technique to stay hidden. It infects a computer’s Master Boot Record (MBR). It’s the first code a computer looks for when booting the operating system after the BIOS runs.

If the MBR is under a hacker’s control, so is the entire computer and any data that’s on it or transmitted via the Internet, Erasmus said.

Since Mebroot appeared, security vendors have refined their software to detect it. But the latest version uses much more sophisticated techniques to stay hidden, Erasmus said.

Mebroot inserts program hooks into various functions of the kernel, or the operating system’s core code. Once Mebroot has taken hold, the malware then makes it appear that the MBR hasn’t been tampered with.

Source:
http://www.pcworld.com/article/163168/stealthy_rootkit_slides_further_under_the_radar.html?tk=rss_news

Posted in Internet, Privacy, Security, Windows | No Comments