Adobe: Beware of fake Flash downloads

Amidst confirmed reports that malicious hackers are starting to use fake Flash Player downloads as social engineering lures for malware, Adobe has issued a call-to-arms for users to validate installers before downloading software updates.

The company’s notice comes on the heels of malware attacks on Facebook, MySpace and Twitter that attempt to trick Windows users into installing a Flash Player update that turns out to be a malicious executable.

Source:
http://blogs.zdnet.com/security/?p=1648

Posted in Coding, Internet, Linux, Security, Windows | No Comments

PuttyHijack – Putty Hijacking Tool

PuttyHijack is a POC tool that injects a dll into the Putty process to hijack an existing, or soon to be created, connection.

This can be useful during penetration tests when a windows box that has been compromised is used to SSH/Telnet into other servers.

The injected DLL installs some hooks and creates a socket for a callback connection that is then used for input/output redirection.
It does not kill the current connection, and will cleanly uninject if the socket or process is stopped.

PuttyHijack was inspired by the work that Metlstorm did on SSHJack but at this release does not create a new SSH tunnel for the connection.

Source:
http://www.securiteam.com/tools/5RP041FP5C.html

Posted in Internet, Security, Software | No Comments

DRAM Prices Expected to Drop Again

Good news: the perpetual price drops in the DRAM industry are back again, according to an alert issued Monday by analyst firm iSuppli.

The report was targeted at OEMs, iSuppli’s clients, but the news actually benefits consumers: after a mild recovery in the second quartr, prices are expected to drop in the third quarter as supplies outstrip demand.

“The average DRAM contract price is expected to decline by more than 10 percent from the current level by the end of the third quarter,” predicted Nam Hyung Kim, director and chief analyst for memory at iSuppli, in a statement. “The inventory level in the channel and among PC OEMs has increased compared to the second quarter. Global economic conditions are adding more uncertainty on the demand side of the equation.”

The reason? Moore’s Law. Although demand has remained somewhat constant — and typically picks up in the second half of the year, as PC OEMs build inventory for the holiday sale season. According to iSuppli, DRAM wafer output will rise by just 10 percent this year. But both Samsung and Hynix, the top memory makers, are moving aggresively to sub-60-nm manufacturing technologies, meaning that more DRAM chips are being manufactured per wafer. That means the available number of DRAM chips in the market is actually incrasing sharply, even if wafer starts are holding relatively steady.

Source:
http://www.pcmag.com/article2/0,2817,2327122,00.asp?kc=PCRSS03069TX1K0001121

Posted in Hardware | No Comments

Social engineering on Twitter

This week it’s Twitter’s turn to host an attack – one that is targeting both Twitter users and the Internet community at large. In this case it’s a malicious Twitter profile twitter.com/[skip]/ with a name that is Portuguese for ‘pretty rabbit’ which has a photo advertising a video with girls posted.

This profile has obviously been created especially for infecting users, as there is no other data except the photo, which contains the link to the video.

If you click on the link, you get a window that shows the progress of an automatic download of a so-called new version of Adobe Flash which is supposedly required to watch the video. You end up with a file labeled Adobe Flash (it’s a fake) on your machine; a technique that is currently very popular.

In reality, this is a Trojan downloader that proceeds to download 10 bankers onto the infected machine, all of which are disguised as MP3 files. We first detected the downloader proactively as Heur.Downloader and then added a signature to detect it also as Trojan-Downloader.Win32.Banload.sco.

Source:
http://www.viruslist.com/en/weblog?weblogid=208187551

Posted in General BS, Internet, Networking, Privacy, Security | No Comments

How Much Is Antivirus Slowing Down Your PC?

Most of the major security suite vendors release their new editions in the fall, but some run ahead or behind the rest of the pack. With the release of Kaspersky Internet Security 2009 the fall flood of security suites has officially begun. I’m working on two other suites right now, and by the time I finish with them the flood will be in full spate. This year I’m adding a new kind of testing to see just how much performance you’re giving up in exchange for security.

I hear tons of complaints about how this-or-that suite slowed the computer to a crawl, added minutes to boot time, or made web surfing unbearably slow. But I can’t rely on anecdotal evidence for reviews – I had to develop some repeatable and quantifiable tests to see just how much a given suite affects performance.

I created and collected a set of batch files and scripts that check the time required to perform certain real-world actions, things that a security suite might affect. One script visits each of a lengthy list of URLs and measures how long it takes to completely load the page (an ActiveX control reports when loading is complete). Parental control, antiphishing, and ad blocking could easily slow this process. Another test copies and moves files of various types. Depending on whether the suite scans files more times than needed and depending on what types of files it scans this might be slowed. To this same purpose another test times how long it takes to zip and unzip a large collection of files.

The process of installing a Windows Installer package involves tons of file and Registry events that must be monitored by the suite. For testing purposes I use commands that run a silent install and silent uninstall of several large packages. Another script records the time required to make some lengthy audio format conversions – if the suite is sucking up CPU resources this time could be affected.

Source:
http://www.pcmag.com/article2/0,2817,2327096,00.asp?kc=PCRSS03069TX1K0001121

Posted in General BS, Hardware, Linux, Software, Windows | No Comments