Drupalit weekly

In this interview conducted last month at RSA Conference 2008, security expert, Howard Schmidt says the federal government’s goal to reduce its nearly 2,000 domain access points to 50 by Fall 2008 is too aggressive and questions whether the government will reach its goal. Schmidt also explains how an unstable economy could affect IT security [...]  read more »

Few months ago, I had blogged about Zlob fake codecs being pushed through Google Groups. Now, one more Google service - Google Notebook - is being (mis)used by the Zlob gang. As the name itself indicates, Google Notebook is an online "notebook" where one can upload and share information like images, text and links to other websites.  read more »

Today I decided to give a very brief example on pharming and why it's so easy to pharm surfers with little or no skills. Usually, browser exploit writers give simple examples on how to read the boot files, or launch a calculator. There is so much you can do with Javascript that the best way to describe the toxic mix of browser exploits with Javascript will be an example to launch a pharming attack. The sheer beauty of pharming is that the surfer will almost never know that he has been compromised, because it is very silent.  read more »

Let us not pretend to doubt in philosophy what we do not doubt in our hearts -- Charles Peirce  read more »

 read more »

Verizon Business is issuing a PCI self-assessment questionnaire and support documentation as part of its Partner Security Program (PSP).

If you’ve been dying to get your hands on Microsoft’s NAP (Network Access Protection) technology, but just somehow haven’t gotten around to deploying Vista yet, today is your lucky day. Microsoft released Service Pack 3 for Windows XP today and one of the major components of the massive update is NAP, the company’s network access [...]  read more »

A recent survey shows organizations are worried about risks posed by employees and increasingly interested in training as the network perimeter continues to crumble.

Today I had time for another shot at my new .htaccess, and I can tell you that it got better. I think it's pretty much done now, and I am really happy with it. I also got a couple of questions about how it exactly works. So I post my latest .htaccess here, plus a walkthrough on the various mod_rewrite rules I use.

First off, here is my latest beauty:  read more »

RewriteEngine On
Options +FollowSymLinks
ServerSignature Off

RewriteCond %{REQUEST_METHOD}  ^(HEAD|TRACE|DELETE|TRACK) [NC,OR]
RewriteCond %{THE_REQUEST}     ^.*(\\r|\\n|%0A|%0D).* [NC,OR]

McAfee researchers said they detected the most significant outbreak of the Trojan Downloader-UA h on PCs since 2005.

Every now and then, the discussion on what hacking means flares up. Which is good in a way because it is important to know what hacking means. The best way to understand it is to go way back. Well, actually you don't have to go very far to see the true meaning of hacking.  read more »

Okay, this isn't new but I never got to the point to actually talk about this here. While HTTP source streaming is a very basic concept, I noticed that not everyone noticed it's principle and that some programmers still don't understand security. In certain cases programmers need to stream a file to the screen. The problem arises when programmers are streaming hardcoded files to the screen instead of stored file pointers. The URI is not designed to correlate files, it's meant for the basic scheme and it's optional query string parameters.  read more »

Ah well, pun intended. :)

Looks like Ning.com is vulnerable to XSS, and quite a bit at it. I signed up on PDP's new social network called House of Hackers. It seems that Ning let us edit the stylesheet, obviously they never heard of CSS XSS moz-binding attacks otherwise this would not work. These XSS attacks can be launched from a stylesheet.

http://houseofhackers.ning.com/profile/0x0000000  read more »

Websites suspected of spreading malicious programs or spamming and phishing campaigns will be highlighted in search results.

The trend toward large-scale attacks against Web sites through the use of SQL injection is continuing, as experts at both the SANS Internet Storm Center and Shadowserver Foundation are tracking a newly discovered SQL injection worm that appears to be exploiting a RealPlayer flaw and dropping malware on vulnerable sites. The attacks are focusing on [...]  read more »

If you've been to ToorCon or read The Register lately, you probably learned that Microsoft publicly announced not to prosecute flaw finders, or hackers that find flaws in Microsoft's network. They've been doing this since 2007, but now it's official. I think that is the right step, and a clear sign that it's important to thank hackers for their finds. basically it's a win-win situation, everyone benefits from it. While this made public I reveal a serious flaw I found on the Microsoft domain about a month ago. I took the effort to contact Microsoft, because it's wasn't some trivial XSS hole.  read more »

Alright this is fun and a bit old school, I finally got around to write about this too. What I will be talking about is a trick to fool users in userland to into executing an executable. Which is really one of the most used techniques in trojan or virus writing, and it can be very reliable. The trick is to let the user think that the action he is about to take is legitimate. Like clicking on a JPG, which actually is an executable and will be treated as such. Imagine this simple scenario;  read more »

Users of social networking sites may be irritated to find that an increasing number of invitations to be a friend or contact turn out to be ads.Spammers are turning their attention to social networking sites to hawk their products, according to Cloudmark, a messaging security company. As email antispam technology has improved, spammers have branched [...]  read more »

Researchers are tracking new phishing methods that steal a victim's information and spread a Trojan designed to pilfer even more data.

As application monitoring and troubleshooting becomes more difficult, security professionals are relying on the use of system tools to ease the process. In this tip, contributor Noah Schiffman gives an overview of the new RE:trace framework, and discusses how the tool can be used to discover and exploit application vulnerabilities.

 read more »