Twitter Takes on Security

January 27th, 2012 Mourad Ben Lakhoua

Nearly every Twitter user out there– whether you’re an individual using it to connect with friends or a business trying to network with colleagues or market your company – has probably encountered some form of the prolific Twitter spam that has infiltrated followers, tweets, and direct messages every day. The website has been exposed time and again to all different kinds of scams and spam that have hacked into user’s accounts, and is finally doing its part in taking a stand against it.

The company started to reposition their security stance in November of 2011 when they bought Whisper Systems, an Android-based internet security startup that consisted of two sole employees – Moxie Marlinspike and Stuart Anderson. However buying Whisper Systems was just the beginning of Twitter’s plans to up the ante on their security and filter out the prominent spam base they’ve acquired.

Now Twitter has also acquired the anti-malware startup Dasient, which specializes, among other things, in finding malicious adverts – something that is understandably attractive to a company that revolves around advertising.

Twitter spokeswoman Rachael Horwitz corresponded with Wired regarding the Dasient acquisition, saying, “Their team has an excellent understanding of advertising platform-related security issues and will be a valuable addition to the revenue engineering team.”

Like Whisper Systems, Dasient is now going to focus whole-heartedly on Twitter and close down its other operations, and stated in a company blog post, “By joining Twitter, Dasient will be able to apply its technology and team to the world’s largest real-time information network. As part of this merger, Dasient is winding down its business and is no longer able to accept new customers.”The financial details of the deal with Desient remain undisclosed at this time.

Hopefully through these acquisitions Twitter will finally be able to get a solid grip on the spam floating around the websites, especially as it becomes an increasingly important tool for individuals and businesses alike. The social media platform has continually gained momentum on a professional level and likely will continue to climb the social media ranks, especially if they can eliminate extraneous messages that are harmful to its users.

Author Bio:

This is a guest post from Laura Backes, she enjoys writing about all kinds of subjects and also topics related to internet service providers in my area.  You can reach her at: laurabackes8 @gmail.com.

Share

Several Zero-Days on Latest WordPress CMS

January 26th, 2012 Mourad Ben Lakhoua

WordPress CMS is now open to several vulnerabilities that allow an attacker to conduct SQL injection and run a malicious javascript on visitor’s machine over a cross site scripting bug.

Actually the bug exist during the installation process so in order to take control on the remote webserver there are  condition required which an incomplete installation of the CMS. 

“The WordPress ‘setup-config.php’ installation page allows users to install WordPress in local or remote MySQL databases. This typically requires a user to have valid MySQL credentials to complete.  However, a malicious user can host their own MySQL database server and can successfully complete the WordPress installation without having valid credentials on the target system.

After the successful installation of WordPress, a malicious user can inject malicious PHP code via the WordPress Themes editor.  In addition, with control of the database store, malicious Javascript can be injected into the content of WordPress yielding persistent Cross Site Scripting.”

To protect your WordPress installation you need to have the latest CMS version and plugins, also it is important to apply best practices provided on the main website: http://codex.wordpress.org/Hardening_WordPress

Source : http://www.exploit-db.com/exploits/18417/

Share

Using your Brain as a Multi-Tasking System

January 25th, 2012 Mourad Ben Lakhoua

Tom Stafford one of the authors of Mind Hacks have just published two free e-books that comes as an addition to his work.


Mind Hacks is a popular book that “describes the brain is a fearsomely complex information-processing environment–one that often eludes our ability to understand it. At any given time, the brain is collecting, filtering, and analyzing information and, in response, performing countless intricate processes, some of which are automatic, some voluntary, some conscious, and some unconscious.” (1)

The book include 100 hacks such as “Release Eye Fixations for Faster Reactions , See Movement When All is Still , Feel the Presence and Loss of Attention, Detect Sounds on the Margins of Certainty ,Mold Your Body Schema ,Test Your Handedness ,See a Person in Moving Lights ,Make Events Understandable as Cause-and-Effect ,Boost Memory by Using Context and Understand Detail and the Limits of Attention” (1)

I highly recommend this material as it does not cover technical hacking stuff but it will show you how to use your brain as a tool for making more than just hacking.

“The books are creative commons licensed, which means you download them, copy them, even modify them if you want to produce an improved version, and both are fully referenced so you can check up on any claims made in them. Science is naturally an open-source phenomenon, so it feels good to be doing some open source science writing.” (2)

References:

  1. http://www.amazon.com/Mind-Hacks-Tools-Using-Brain/dp/0596007795
  2. http://mindhacks.com/2012/01/21/a-treasure-hunt-for-the-mysteries-of-mind-and-brain/
Share

How to Improve Your Organization’s Web Security

January 25th, 2012 Mourad Ben Lakhoua

One of the most dangerous and common threats to a company’s web security is unrestricted Internet access. In a well-intentioned but ill-advised attempt to show users they are trusted, or from the false assumption that restricting or monitoring Internet access is bad for morale and too much work, companies frequently prefer to rely on their acceptable usage policy than any sort of effective technical solution. Fortunately, technical solutions that can improve your web security, show your users respect, and not require you to be the “Internet police” exist. By implementing a web monitoring and web filtering solution you can improve your web security in several ways; here are six of them:

1. Categorization and reputation

Web monitoring software can improve web security and protect users with a combination of website category lists and reputation lists. New sites, or sites newly compromised, can be assessed and access permitted, or denied as required based on policy.

2. HTTPS inspection

The best web monitoring solutions boost web security by inspecting HTTPS traffic too, ensuring that encryption cannot be used by malware to get past protections or that users cannot use encryption to bypass policy.

3.    Block phishing sites

One of the biggest threats to web security is from phishing attacks. While your email filtering solution should block phishing emails, web monitoring software adds another layer to your web security by blocking access to phishing sites, just in case a user clicks on the wrong link.

4.    Safe search

Search engines use safe search to minimize the chance search results might contain malicious, objectionable, or mature content. Web monitoring software can improve your web security by enforcing “Safe search” on popular search engines.

5.    Soft blocks and exceptions

To every rule there is an exception, and the ability to provide warnings that will still allow access, or soft blocks, and to add exceptions to categories, helps ensure that your business can function with the web monitoring solution. It’s flexible enough to bend when needed, making it an improvement to web security rather than a hindrance to business.

6.    Logging and compliance

Logging can be as broad as top websites accessed or top websites blocked, or as granular as exactly what a user accessed and when, depending upon the needs of the business. Web monitoring software can support the web security of the business by logging just the level of detail required for internal compliance or external audit, and can generate reports needed to investigate policy issues or prove actions.

Web security doesn’t mean draconian firewall policies, snooping on your users’ actions, and constant upkeep. Implementing a web monitoring solution is an easy way to improve your web security that can provide an immediate return on investment and real results.

This guest post was provided by Casper Manes on behalf of GFI Software Ltd. GFI is a leading software developer that provides a single source for network administrators to address their network security, content security and messaging needs. Learn more on what to include in your web security strategy.

All product and company names herein may be trademarks of their respective owners.

Share

tunCERT Raise the Cyber Threat Level

January 24th, 2012 Mourad Ben Lakhoua

Following latest conditions that exist on the cyber space with expectation of new attacks and threats the Tunisian CERT raised the Alert indicator to the second level. Which mean that there is a moderate risk rating for all cyber users and they need to be more vigilant while using their system.

A list of best practices with several teams are ready to assist users if they feel that they are under suspicious attack on different social network such as Facebook or twitter and a 24/7 phone service are in place. Best practices include the following:

  1. Updating your operating systems to fix any vulnerabilities that may be exploited by hacker.
  2. Update your antivirus solution and if you don’t have an AV than you can check the following link:  http://www.honeynet.tn/node/36
  3. Check different things that may indicate that your computer is infected (popup, slow system, web browser redirection…) if you feel you have such problem than run a full system scan.
  4. Make your full backup
  5. Never install suspicious software, especially with remote access
  6. Avoid browsing suspicious websites
  7. Use a strong password with a regular change
  8. If you still have the problems turn off your PC and bring it to Tunisian CERT for further analysis.

This is for home users and it is also important to monitor all your logs without changing any security measures on your infrastructure.  You can find the full statement in French by following this link: http://tuncert.ansi.tn/publish/content/news.asp?idn=77

Share

ZeuS Botnet with Excellent Customer Care

January 23rd, 2012 Mourad Ben Lakhoua

On some hacking forums user of ZeuS expressed disappointment as they are not finding improvement in the malware program. The problem that they need to update source code to find new bugs allows having more income.

According to Brian Krebs article malware writer will not just sell you the product but they provide customers with full services like technical support, bug report, social network and tracking activity.

The reported malware is a complete software as a service solution so you can rent the malware with all functionality for certain period and you pay monthly fees, this will make customers more attracted to the solution and not caring about administrating the bot-network.

Regarding ZeuS there is an interesting resource that you can use if you are looking to have more details about Command&Control servers around the world which is https://zeustracker.abuse.ch/ , the current statistics about this crimeware:

  • ZeuS C&C servers tracked: 670
  • ZeuS C&C servers online: 196
  • ZeuS C&C servers with files online: 22
  • ZeuS FakeURLs tracked: 6
  • ZeuS FakeURLs online: 1
  • Average ZeuS binary Antivirus detection rate: 36.4%

Now if you are looking for protecting your machine against this malware, than you need to keep all your system and AV signature updated. Also you can use WinMHR a free virus detector by Team Cymru (http://www.team-cymru.org/Services/MHR/WinMHR/) or check the malware removal guide for windows operating system (http://www.selectrealsecurity.com/malware-removal-guide).

Source

Share

Infosec Weekly Radar, January 16 -22 , 2012

January 22nd, 2012 Mourad Ben Lakhoua

A lot of security breaches have been posted on the news for this week, some are as usual related to Anonymous. So let’s start:

Anonymous Changes DDoS Tactics in Megaupload Retaliation
Anonymous hackactivists group have changed their way for launching DDoS attack, on previous operation we have found that they are using a ready websites that allow any person to start DDoSing their victims by just completing the online form its kind a feel in the blank DDoS. Now they need to make it easier so the new way all what any anon need to do is to click on a web link to launch the DDoS attack.

http://threatpost.com/en_us/blogs/anonymous-changes-ddos-tactics-megaupload-retaliation-012112

F-Secure outline the 2011 Mac malware scene

Many people choose to purchase Mac computer as it is called a virus free machine and they don’t have to care about security, here F-Secure released a report about their finding in term of Mac Malwares on 2011. Report shows 58 malware detected from April to the end of year 2011.

http://www.f-secure.com/weblog/archives/00002300.html

#OpFreePalestine, several Israeli websites hacked, defaced and went down including high profile

Well more incidents that are happening these days on Israelis facilities: “Internet hackers used local computer systems in attacks on Israeli corporate websites, according to the chief executive officer of network-security vendor Check Point Software Technologies Ltd”

http://www.businessweek.com/news/2012-01-18/check-point-ceo-says-hackers-used-israeli-computers-in-attacks.html

Hoping to Teach a Lesson, Researchers Release Exploits for Critical Infrastructure Software

Critical infrastructure softwares are always at risk after Stuxnet and DuQu here is new exploit for them:  “A group of researchers has discovered serious security holes in six top industrial control systems used in critical infrastructure and manufacturing facilities and, thanks to exploit modules they released on Thursday, have also made it easy for hackers to attack the systems before they’re patched or taken offline.”

http://www.wired.com/threatlevel/2012/01/scada-exploits/

Bank of Jordan Phishing Attack

Phishing campaign is targeting Bank of Jordan customers, Nice Tips posted to Protect from phishing scams: “Never click on Hyperlinks within emails, instead, copy and paste them into your browser , Use SPAM Filter Software ,Use Anti-Virus Software ,Use a Personal Firewall , Keep Software Updated (operating systems and web browsers) ,Always look for “https://” and padlock on web sites that require personal information , Keep your computer clean from Spyware , Educate Yourself of fraudulent activity on the Internet , Check & monitor your credit report “

http://www.fraudwatchinternational.com/phishing/individual_alert.php?fa_no=240136

That’s all for this week, if you have more infosec articles and news , feel free to share them with readers.

Share
« Older Entries
Twitter Delicious Facebook Digg Stumbleupon Favorites More
Powered by WordPress | Designed by: Best SUV | Thanks to Toyota SUV, Ford SUV and Best Truck