 |
 |
Access-Me allows users to test their web applications for authentication vulnerabilities. With this first release the user will be able to:
Access-Me 0.1 is available here.
Goosh.org hosts an unofficial Google interface which “behaves similar to a unix-shell,” as the author Stefan Grothkopp explains. For instance, entering n disney will result in a Google News search for the keyword “disney”. Type help to see some of the other available commands, like lucky (an “I’m feeling lucky” search), wiki (a Wikipedia search), blogs, or video.
Note this project is not the first try at a Google command line utility, though one previous such site I know of seems to be down now.
Source: Google Blogoscoped
Trend Micro Monday announced a line of desktop and server security products intended for small to midsize businesses.
Worry-Free Business Security 5.0 represents a re-branding of Trend’s SMB client/server messaging security product line plus upgrades that integrate features such as behavior-based antimalware monitoring and an option for in-the-cloud Web security services to protect firms from malicious code, says Jon Clay, Trend Micro’s product marketing manager.
Trend Micro’s standard version of Worry-Free Business Security 5.0 provides e-mail messaging and Web security for Microsoft-based PCs and servers, while the advanced version also offers a way for the business to redirect mail to Trend’s in-the-cloud, antispam service.
In addition, there’s an option for using Trend’s Web Reputation Services that provide warning to users — with a green for go and red for stop warning — about visiting specific Web sites.
Also, for the first time Trend Micro has designed its security software to provide a security threat-protection mechanism for a third-party software product on the desktop, in this case Intuit’s Quickbooks financial and accounting package used by SMBs.
Most malware tends to store stolen credentials and information in make-shift text files, which are then forwarded to the author via email or another protocol. However, the use of scalable and robust solutions is becoming more popular in the malware community. In fact, it is becoming increasingly popular for malware to parse remote text files to determine the locations of additional malicious modules to download. This gives the author some dynamic flexibility versus the typical approach of hardcoding executable locations. Today we will look at an example that has additional scalability in mind, as it actually uses a remote MySQL database to store its stolen information and retrieve additional malicious modules and script code.
The MySQL Database
The malware constructs a MySQL statement, INSERT INTO pakote.infect (tudo) VALUES (‘PCNAME’) that, when executed, stores your computer name into a table titled ‘infect’. This statement is issued to and executed by a remote MySQL database, which is actually provided freely by a hosting service called db4free. Not surprisingly, the ability for the malware to make database-driven calls was made possible with the use of an already existing library called Zeoslib, a popular Delphi component that allows for communication with a variety of databases such as MySQL, MS SQL, and Sybase.
Microsoft has further extended the life of Windows XP so that computer makers can include the operating system on low-cost desktop PCs, the company announced at the Computex trade show on Tuesday.
Microsoft has been under pressure from computer makers to provide a version of its OS for an emerging class of very low-cost laptops and desktops. Its new Windows Vista OS is widely seen as too resource-hungry for those machines.
In April Microsoft extended its deadline for selling Windows XP licenses for low-cost laptops like the Asus Eee PC. It had originally planned to stop selling most XP licenses on June 30.
At Computex on Tuesday it said it has now also extended the deadline for low-cost desktops. PC makers can now include Windows XP in those systems until 2010, the same as the deadline for low-cost laptops, said Rob Young, a senior director with Microsoft’s OEM group.
In a statement, Microsoft said the extension applies to “nettops,” a term coined by Intel to refer to low-cost desktops that have limited system configurations and are intended for simple tasks like surfing the Internet and sending email. Examples include the upcoming Asus Eee Box, which is on show here at Computex.
It was unclear what limitations Microsoft may put on PC makers to prevent them from installing Windows XP on more capable machines. Young said Microsoft and PC vendors are in general agreement over what constitutes a nettop and suggested that Microsoft won’t specify the hardware configurations that vendors can use with XP.
