Home Vulnerabilities Exploits Hacking IT Security Malware
Twitter
RSS

Archive for July 20th, 2010

« Older Entries

Siemens: German customer hit by industrial worm

By admin on Tuesday, July 20th, 2010 | No Comments

IDG News Service - Siemens confirmed Tuesday that one of its customers has been hit by a new worm designed to steal secrets from industrial control systems.

To date, the company has been notified of one attack, on a German manufacturer that Siemens declined to identify. “We were informed by one of our system integrators, who developed a project for a customer in process industries,” said Siemens Industry spokesman Wieland Simon in an e-mail message. The company is trying to determine whether the attack caused damage, he said.

The worm, called Stuxnet, was first spotted last month, when it infected systems at an unidentified Iranian organization, according to Sergey Ulasen, the head of the antivirus kernel department at VirusBlokAda, in Minsk, Belarus. The unidentified victim, which does not own the type of SCADA (supervisory control and data acquisition) systems targeted by the worm, “told

Read the rest

Read More...

Dangerous Flash Drives – part 2

By admin on Tuesday, July 20th, 2010 | No Comments

The story
continues. Microsoft released their Security Advisory with workarounds
regarding the „ .lnk vulnerability “ described in our previous blog post.  To help you protect your systems, here are
the two official workarounds, or you can visit the official Microsoft website
to find the whole article:

http://www.microsoft.com/technet/security/advisory/2286198.mspx


Disable the
displaying of icons for shortcuts

Note Using Registry Editor incorrectly
can cause serious problems that may require you to reinstall your operating
system. Microsoft cannot guarantee that problems resulting from the incorrect
use of Registry Editor can be solved. Use Registry Editor at your own risk. For
information about how to edit the registry, view the “Changing Keys And
Values” Help topic in Registry Editor (Regedit.exe) or view the “Add
and Delete Information in the Registry”Read the rest

Read More...

Microsoft may face tough patch job with Windows shortcut bug

By admin on Tuesday, July 20th, 2010 | No Comments

Computerworld - Microsoft may have a tough time fixing the Windows shortcut vulnerability, a security researcher said today.

A noted vulnerability expert, however, disagreed, and said Microsoft could deliver a patch within two weeks.

“The way Windows’ shortcuts are designed is flawed, and I think they will have a very hard time patching this,” said Roel Schouwenberg, an antivirus researcher with Moscow-based Kaspersky Lab.

Schouwenberg based his prediction that a patch may prove elusive on the fact that Microsoft has never faced a security issue with shortcuts, and thus has no security processes in place that it can quickly tweak.

For its part, Microsoft considers the flaw a security vulnerability, and has promised a patch. As of Tuesday, however, it had not set a timeline for a fix.

Microsoft has acknowledged that attackers can use a malicious shortcut file, identified by the “.lnk” extension, to

Read the rest

Read More...

DHS, vendors unveil open source intrusion detection engine

By admin on Tuesday, July 20th, 2010 | No Comments

Computerworld - The Open Information Security Foundation (OISF), a group funded by the U.S Department of Homeland Security (DHS) and several security vendors, this week released an open source engine built to detect and prevent network intrusions.

The somewhat oddly named Suricata 1.0 engine is touted as a replacement for the 12-year-old Snort open source technology that over the years has emerged as a sort of de facto standard for detecting and preventing intrusions.

Snort currently claims close to 300,000 registered users and over 4 million downloads. Nearly 100 vendors currently have added Snort to network security devices. Earlier this month Amazon announced that it has selected Snort to deliver IPS protection for its Web services customers.

OISF president Matt Jonkman said that Suricata is designed to address some limitations in the older Snort tool. For example, Suricata’s multi-threaded architecture can support high performance multi-core

Read the rest

Read More...

iPhone halo effect shores up AT&T

By admin on Tuesday, July 20th, 2010 | No Comments

Computerworld - iPhone owners may grouse about AT&T’s service, but the “halo effect” of Apple’s smartphone significantly boosts the U.S. carrier’s customer satisfaction levels, not just its revenue, an analyst said today.

“Consumers experience services through devices, so if they love the device, they’re going to love your service,” said Carl Howe, director of consumer research with the Yankee Group. “That’s not intuitive.”

And people love the iPhone.

“The iPhone is the first Apple product to provide a halo effect beyond Apple itself,” said Howe, referring to the term that describes tangible and intangible benefits created by a successful product. Apple’s first halo effect came courtesy of the iPod, which analysts contended boosted sales of the company’s Mac computers.

“The iPhone halo effect is interesting, it’s a new phenomenon, and something that other carriers have to take into account,” said Howe.

Yankee mined data

Read the rest

Read More...
« Older Entries