 |
 |
(Source: Sunbelt Software) The volume of spam e-mails sent has increased exponentially during recent years, and so has the cost of dealing with that spam. This paper will examine the ways in which spam can impact an organization’s profits and outline the criteria to consider when choosing an anti-spam solution.
Source: Computer World
Malware authors will often have their files display something to the user so that they actually believe the file is legitimate. Many of us have experienced such tricks, including fake errors stating that a specific file could not be found or that the application failed to load properly. Today we will look at one of these seemingly innocent files and find that its doing much more than just showing you an “interesting” video.
Part I – The Initial Executable
The executable was packed with tElock, which is a free compressor/protector made by TMG. After unpacking it, we found that the malware was coded in Visual Basic and hence would allow us to use a decompiler such as VB Decompiler by GPcH Soft.
CAPTCHAs are becoming both ubiquitous and useless. When you visit many web sites, you have to decipher some tough-to-read text and enter it in a box before you can leave a comment or send an email. But hackers are getting better and better at developing automated systems to crack CAPTCHAs, which means that you have to squint at the screen for nothing.
But some researchers at Penn State University have developed a next generation CAPTCHA system that asks users to actually use their noggin a bit. There are two tests. The first requires you to click the center of a composite image, while the second presents you with a list of ten words and asks you to pick the right one to describe a randomly generated image.
The test is difficult for computers to solve because the images have a bunch of random colors, textures, and other features designed to confuse an automated program. But human being should have no problem deciphering the visual information in the images.
The test page is partially down today thanks to a Slashdot mention, but you can still see screenshots of the tests.
Source: Download Squad
The automatic patch-based exploit generation problem is: given a program P and a patched version of the program P’, automatically generate an exploit for the potentially unknown vulnerability present in P but fixed in P’. In this paper, we propose techniques for automatic patch-based exploit generation, and show that our techniques can automatically generate exploits for vulnerable programs based upon patches provided via Windows Update.
In many cases we are able to automatically generate exploits within minutes or less. Although our techniques may not work in all cases, a fundamental tenet of security is to conservatively estimate the capabilities of attackers. Thus, our results indicate that automatic patch-based exploit generation should be considered practical. One important security implication of our results is that current patch distribution schemes which stagger patch distribution over long time periods, such as Windows Update, may allow attackers who receive the patch first to compromise the significant fraction of vulnerable hosts who have not yet received the patch. Thus, we conclude update schemes, such as Windows Update as currently implemented, can detract from overall security, and should be redesigned.
What does this mean?
Attackers can simply wait for a patch to be released, use these techniques, and with reasonable chance, produce a working exploit within seconds. Coupled with a worm, all vulnerable hosts could be compromised before most are even aware a patch is available, let alone download it. Thus, Microsoft should redesign Windows Update. We propose solutions which prevent several possible schemes, some of which could be done with existing technology.
Read the full paper: PDF
The number of online threats will have grown tenfold by the end of 2007, according to researchers at anti-malware firm Kaspersky.
Kaspersky analysts said at Infosec Europe 2008 that new malicious programs recorded on the internet, including viruses, worms and Trojans, amounted to 2.2 million in 2007, representing a fourfold increase on the 535,131 recorded in 2006.
David Emm, senior technology consultant at Kaspersky Labs, predicted that the year-end results for 2008 will demonstrate a very different trend.
The overall volume of detected malware reached 354GB in 2007, and many leading antivirus experts called for urgent measures this huge increase in malware with the utmost urgency.
“In addition to the quantity, the quality of malicious programs is also improving,” said Emm.
“New and more complex samples such as the notorious Storm worm are emerging that demonstrate a wide range of hostile behaviour and distribution methods.”
