Security grows a year older, so what!

We wish a happy new year to all the computer users who read this blog and those who do not, *smile*. This year has started off just great: from (1) more sophisticated bank attacks that incorporate altered bank sites that post your details to the Wiley hackers [1], to (2) the latest stealthy Windows virus [2] that loads its self in the MBR (Master Boot Record) and loads rootkit technology to hide its activity, to (3) the great Windows TCP/IP stack vulnerabilities [3] (3 in total), right up to the (4) hacks, tricks, defacements, data loses and many more that have not yet been made public [fill in your own references here]. All very original and innovative; wait a minute, thinking out loud: why don’t we have awards for the most innovative security vulnerabilities?

You could almost say that you love watching ‘security’ grow up. It has become a teenager, in its own right, and it does its best to go out and about creating havoc here and there, like teens do. One must not forget the all mighty parent that tries to implement order [4] in the teenager’s havocy mind. None the less, more and more is being done in the area of security and be that good (i.e., lawful) or bad (i.e., unlawful) it is becoming more of an issue to people who exercise the profession and the ones that just create headaches.

This year we wish good luck to the lawful ones (they are going to need it) and what ever the unlawful do, be aware or not!

P.S. And NO, having Jeremy Clarkson [5] give £500 to a Diabetes UK charity after publishing his bank details claiming that loosing your bank details is nothing serious, is not innovative enough. It surely serves him right, proving that security professionals can be right, now and then at least.

Hoping once again that your bank and other private details stay at home, with you, and not with some third party scammer…

Links Used:

[1] Extremely convincing phishing attack – http://www.net-security.org/secworld.php?id=5720

[2] Warning on stealthy Windows virus – http://news.bbc.co.uk/2/hi/technology/7183008.stm
and Trojans that use a new form of attack with rootkits – http://www.net-security.org/malware_news.php?id=902

[3] Microsoft Patches Three Windows Security Holes –
http://blog.washingtonpost.com/securityfix/2008/01/microsoft_patches_three_window_1.html?nav=rss_blog

[4] UK gov sets rules for hacker tool ban – http://www.theregister.co.uk/2008/01/02/hacker_toll_ban_guidance/

[5] Clarkson stung after bank prank – http://news.bbc.co.uk/1/hi/entertainment/7174760.stm

This entry was posted in Uncategorized. Bookmark the permalink.

2 Responses to Security grows a year older, so what!

  1. Drew says:

    [1] Damn, thats nasty*

    [2] I blame sony

    [3] Better late than never.

    [4] About time too.

    [5] Its his own fault Ha Ha.

    * But does it happen if you type in the URL into the brower directly rather than click on a link? Hmmmm

  2. Konstantinos Xynos says:

    Drew: about [1], the extra code is added in the URL as an argument and is provided usually as a link (maybe in a phishing mail). If you type it in, directly, and it adds it own session id automatically that is ok. Also if you think your bank can not be targeted a new Trojan targets more than 400 banks world wide.

    More at Symantec : http://www.symantec.com/enterprise/security_response/weblog/2008/01/banking_in_silence.html

Leave a Reply

Your email address will not be published. Required fields are marked *