Obfuscation: The Art of Creating Undetectable Malware

Do not expect that your system would start misbehaving once it is infected by a malware. Malwares can perform their functions without showing any symptoms for days, months or years. New malwares are capable of hiding themselves even from powerful Antivirus scan engines. They can also perform their jobs without affecting the normal functionalities of the system.

Obfuscation helps malware writers to hide the malicious code on their programs. There are different types of obfuscation techniques like polymorphism, runtime packing, junk code injection etc. Obfuscation can also be as simple as code transposition or renaming the variable.

Obfuscation makes it time-consuming for an Antivirus program to analyze a malware program and when obfuscation is combined with encryption, it makes the malware more resistant to analysis. And it would be difficult for an Antivirus program to detect malicious code in an obfuscated program.

Source:
http://blog.isc2.org/isc2_blog/2009/01/obfuscation-the-art-of-creating-invisible-malware.html

Posted in Coding, Internet, Security | No Comments

Google’s Browser Security Handbook

This document is meant to provide web application developers, browser engineers, and information security researchers with a one-stop reference to key security properties of contemporary web browsers. Insufficient understanding of these often poorly-documented characteristics is a major contributing factor to the prevalence of several classes of security vulnerabilities.

Although all browsers implement roughly the same set of baseline features, there is relatively little standardization – or conformance to standards – when it comes to many of the less apparent implementation details. Furthermore, vendors routinely introduce proprietary tweaks or improvements that may interfere with existing features in non-obvious ways, and seldom provide a detailed discussion of potential problems.

Source:
http://code.google.com/p/browsersec/wiki/Main

Posted in Coding, Internet, Security | No Comments

MetaSploit Now Scans For MD5-signed SSL Certificates

Efrain Torres just committed an improvement to the Metasploit source tree that allows the framework to be used as a SSL certificate scanner. This provides a simple way to identify SSL certificates in use that were signed with the MD5 algorithm and need to re-issued. To use the new module, update to the latest version of the development framework (3.3-dev) and follow the steps below.

msf > use auxiliary/scanner/http/wmap_ssl

msf auxiliary(wmap_ssl) > set RHOSTS admin.censored.bad
msf auxiliary(wmap_ssl) > set RPORT 443
msf auxiliary(wmap_ssl) > set SSL true
msf auxiliary(wmap_ssl) > run

Source:
http://blog.metasploit.com/2009/01/scanning-for-md5-signed-ssl.html

Posted in Internet, Privacy, Security | No Comments

Twitter phishing scam

There’s a scam spreading through Twitter. Direct messages (DMs) are showing up in Twitter accounts with appealing come-ons to visit a site on blogspot.com. The text is, “hey! check out this funny blog about you…” The URL in the message then redirects to a page that looks like the Twitter login page, but is actually not on Twitter — it’s a site, twitter.access-logins.com, that masquerades as Twitter to steal your login credentials instead.

If you need to log in to Twitter, do it on Twitter.com itself. And to play it safe, double-check your browser address bar to make sure that’s where you are.

The phishing site in question also appears to support the theft of Facebook IDs.

Source:
http://news.cnet.com/8301-17939_109-10130566-2.html?part=rss&subj=news&tag=2547-1_3-0-5

Posted in Internet, Privacy, Security | No Comments

Facebook “Reset Password” XSS Flaw

DaiMon has once more discovered a new critical cross-site scripting vulnerability which affects the Facebook “Reset Password” page.  Malicious users can inject code to phish credentials and other sensitive personal information from millions of Facebook members.

We hope that this serious flaw gets fixed quickly as is usually the case with security flaws in Facebook.

Source:
http://www.xssed.com/news/81/Facebooks_Reset_Password_page_suffers_major_XSS_flaw/

Posted in Coding, Internet, Privacy, Security | 3 Comments