Archive for April, 2007
Author: Dave Lewis
April 30, 2007 at 10:57 pm · Filed under Humour, Politics
I was watching Stephen Colbert’s “Colbert Report” this evening when he flashed this article from the Salt Lake Tribune up on the screen. WTF?
A Utah County Republican delegate may not be catching hell for calling illegal immigration a satanic plot, but he isn’t gaining any converts, either.
Utah County GOP Chairwoman Marian Monnahan says District 65 Chairman Don Larsen’s resolution - asserting that illegal immigration is the devil’s plan to destroy the nation by “stealth invasion” - “in no way” is endorsed by the Republican Party. “It’s just free speech,” Monnahan said Thursday. “It’s Don’s right to do that.”
Provo Mayor Lewis Billings, a prominent Utah County Republican, says he understands Larsen’s frustration with the federal government’s slow response to immigration issues, but he doubts “there will be a lot of support for the resolution in its current form.”
Gee, ya think?
…I’ve got nothing…I’m going to bed…g’nite.
Article Link
Tags: Funny, Stephen Colbert, Colbert Report
Author: Dave Lewis
April 30, 2007 at 10:28 pm · Filed under News
The latest version of BIND has been released. Version 9.4.1 contains a fix for a vulnerability in 9.4.0 of BIND.
BIND version 9 is a major rewrite of nearly all aspects of the underlying BIND architecture.
BIND 9.4 is the current release, is supported, and bug fixes and security fixes will be made available as minor releases (9.4.y). No new features.
Some of the important features of BIND 9 are:
* DNS Security
o DNSSEC (signed zones)
o TSIG (signed DNS requests)
* IP version 6
o Answers DNS queries on IPv6 sockets
o IPv6 resource records (A6, DNAME, etc.)
o Experimental IPv6 Resolver Library
* DNS Protocol Enhancements
o IXFR, DDNS, Notify, EDNS0
o Improved standards conformance
* Views
o One server process can provide multiple “views” of the DNS namespace, e.g. an “inside” view to certain clients, and an “outside” view to others.
* Multiprocessor Support
* Improved Portability Architecture
Article Link
Download
Tags: DNS, BIND, 9.4.1
Author: Dave Lewis
April 30, 2007 at 11:18 am · Filed under Apple, Tools
Well, we have seen this type of technology for the Windows platform in the guise of such tools as NT Passwd. If SubRosa would like to send us a demo we would gladly review it for them (no, we’re not in law enforcement).
MacLockPick is not for sale to the general public — it’s been made specifically for law enforcement professionals. Based on a USB flash drive, the software extracts data from the Apple Keychain and system settings. A database of the suspect computer’s information is compiled on the flash drive as well, which can be read by log readers on Macs or other systems.
MacLockPick can extract a user password, passwords for encrypted disk images, Wi-Fi base stations, iTunes Store, iChat, Apple Remote Desktop, login and password details for Web sites, e-mail accounts, peer to peer networks, online services, auction sites and .Mac accounts, AppleShare and more. It can also provide information on files and folders on the target system, instant messaging account information, Web history, recently used applications and hardware preferences.
A handy tool at first glance. Who wants to start a pool on the length of time it will take before this is roaming free in the wilds of the interweb?
Article Link
Tags: Mac, MacLockPick, Password Recovery, Apple Hacking
Author: Dave Lewis
April 30, 2007 at 10:09 am · Filed under Web Security
Press Release:
Ounce Labs, the leader in software security assurance, today announced the appointment of Dinis Cruz to their Advisory Board and as the company’s Director of Advanced Technology. With an extensive career in source code security, penetration testing and security curriculum development, Cruz is one of the world’s foremost consultants on application security. He has also achieved prominence with his role in OWASP , the Open Web Application Security Project, as a board member and their Chief Security Evangelist.
“Ounce Labs understands the pressures placed on security executives and provides the detailed software vulnerability analysis needed to demonstrate positive results,” said Cruz. “In my career, I’ve gained a clear understanding of what the security needs are for some of the world’s largest institutions. It is my pleasure to join Ounce Labs as their Director of Advanced Technology to help identify new avenues of technical growth.”
Cruz has honed his security skills working as a consultant on ABN AMRO’s global security team. He also acts as a senior security consultant and trainer for companies such as Foundstone, Vigilar and Infosys.
“The insight and experience Dinis brings to Ounce Labs is a tremendous asset as we look to expand our technical scope,” said Hugh Scandrett, president and CEO of Ounce Labs. “As an advisor and the Director of Advanced Technology he brings a fantastic breadth of experience in application security, .NET Framework and reverse engineering. His technical expertise is helping us more effectively serve a large number of worldwide customers.”
Good for them.
Article Link
Tags: OWASP, Ounce Labs, Web Security
Author: Dave Lewis
April 30, 2007 at 10:03 am · Filed under Administravia
I would just like to take a moment to say thanks to Security News Portal who have linked back to Liquidmatrix and picked up our RSS feed. I’m quite pleased that they saw fit to add us. And I was rather tickled that they put my feed next to Brian Krebs from the Washington Post.
Thanks again!
More after the jump »
Author: Dave Lewis
April 30, 2007 at 9:38 am · Filed under Firewalls, Intrusion Detection
In Check Point’s never ending quest to rule the security world, they announced today their IPS solution. Check Point is a world leader in firewall technology. They have recently made a great number of purchases, such as encryption provider PointSec, which I think were brilliant moves on their part.
Today’s announcement heralds the “what-could-have-been” for the failed Sourcefire purchase. I firmly believe that the blocking of this purchase by the Committee on Foreign Investments was political payback for their refusal to open their source code. A sad result.
With this addition to the Check Point arsenal we will see a greater push to the “one vendor to rule them all” approach that was talked about at the RSA Conference 2007 in San Francisco. The solution, a rebranded NFR, extends Check Point into yet another aspect of the security market that they had not really been in prior. I see Check Point as a provider that can deliver a lot of great products. Their firewall is rock solid. Mind you, the SMTP queue on the firewall is for shit. But, by and large this company has itself on a positive path.
Now, if they could just get their licensing models unf*cked.
Article Link
Tags: Check Point, IPS-1, Intrusion Prevention, IDS, NFR
Author: Dave Lewis
April 30, 2007 at 8:22 am · Filed under Freedoms
If you have ever read anything on conspiracy theories, security agencies or the freedom of information then you have probably read Cryptome.org. It appears that they have been given the heave ho by their ISP, Verio.
Here is a excerpt of the termination letter from Cryptome.
[By certified mail, received 28 April 2007.]
(snip)
April 20, 2007
Via Certified Mail
John Young
Cryptome Org
251 West 89th Street
New Yor, NY 10024
RE: www.cryptome.org
Dear Mr. Young,
This letter is to notify you that we are terminating your service for violation of our Acceptable Use Policy, effective Friday May 4, 2007. We are providing you with two week notice to locate another service provider.
Sincerely,
VERIO INC.
an NTT Communications Company
[Signed]
Danna Thompson
Legal Department
(/snip)
This seems odd that they would terminate them with only two weeks notice. Granted this site has had a long history of pushing the buttons of the Bush administration as well as the British government. Now, Cryptome appears to be on the brink of homelessness.
Are there any providers out there that are willing to take them in? They have until May 4th.
Article Link
UPDATE:
Cryptome is now on a new ISP, Network Solutions, another US giant like Verio,
closely linked to the authorities. We’ll see if it can take the heat or cave.
We intend to test all the giants if necessary to see what is up with them and
the censors: if one buckles we’ll sign up with another. And air the results.
Meanwhile the archives are being distributed worldwide by other means.
Tags: Cryptome, Verio, Termination of Service, Freedom of Information
Author: Dave Lewis
April 30, 2007 at 7:14 am · Filed under News
Good morning everyone. I hope you all had a great weekend. I had my share of fun with the blasted tax filing. Today is the due date for Canadian taxes for those of you from overseas.
A note for today is that there was apparently a Microsoft website that was defaced over the weekend. There is a link below for some more information.
And now, the news…
- Microsoft web site compromise and partner security
- Google pulls nefarious sponsored links
- Juniper Peeks Through The Screen With New OS
- How to become an exceptional security manager
- Microsoft explains how the ANI bug got baked into Vista
- Web 2.0 Threats and Risks for Financial Services
- Local employers tighten restrictions on employee Web use
- NAC’s immaturity
Subscribe today!
Tags: News, Daily Links, Security Blog, Morning Coffee, NAC, Google Ads, Web 2.0 Threats, ANI, Microsoft Defaced, Juniper
Author: Dave Lewis
April 30, 2007 at 6:41 am · Filed under Vulnerability
A vulnerability in Adobe’s CS2 and CS3 product offerings has been discovered. The vulnerability was released by “Marsu” and there is exploit code posted over on milw0rm to boot.
From Secunia:
Description:
Marsu has discovered a vulnerability in various Adobe Products, which can be exploited by malicious people to compromise a user’s system.
The vulnerability is caused due to a boundary error within the PNG.8BI Photoshop Format Plugin when handling PNG files. This can be exploited to cause a stack-based buffer overflow via a specially crafted PNG file.
Successful exploitation allows execution of arbitrary code.
The vulnerability is confirmed in Adobe Photoshop CS2 and Adobe Photoshop Elements (Editor) version 5.0 for Windows and reportedly affects Adobe Photoshop CS3.
Article Link
Tags: Adobe, Adobe CS3, Adobe CS2, Buffer Overflow, Exploit Code, Vulnerability
Author: Dave Lewis
April 29, 2007 at 2:03 pm · Filed under Architecture, News
Well, unlike our American brothers to the south we here in Canada have Tax deadline looming for April 30th. Normally we (my house) file earlier but, this year life pushed us back.
Today we sat down and worked our way through our tax return in a few short hours. The QuickTax software is actually quite good and keeps me from mounting a bell tower and picking off the neighbours. Kidding of course but, the software is normally not too bad. That is, until I clicked the final button. I was presented with this:
AUGH!
More after the jump »
Next entries »
Explore
Security Bloggers Network
