The latest news in computer security and hacking information from around the web. Windows Security, Hacking Prevention, Government and Enterprise IT http://www.governmentsecurity.org/forum/index.php Sun, 28 Dec 2008 21:19:33 +0000 1 http://www.governmentsecurity.org/forum/index.php?showtopic=31123
Well I’ve been developing this for a while now and still haven’t finished, mainly because I’ve got little time to spare for coding. Previously I wrote about using somekind of ping to see if your computer is still connected to the net. The solution is fun but it will not prevent forensic analysis of your computer. I have expanded upon that previous post and started to write a toolkit which could be used if we assume the following: You want to prevent live-forensic analyses of your computer at all costs. You don’t care about normal forensic analysis because your harddisk is encrypted and you have used a real long password and a keyfile. So with that in mind I started to construct something which frustrates live forensics and at the same time is easy to expand. If you are concerned about normal forensic analysis you can always turn to some of the current anti-forensics projects like the one at metasploit.


read more]]> Sun, 28 Dec 2008 21:19:33 +0000 http://www.governmentsecurity.org/forum/index.php?showtopic=31123 http://www.governmentsecurity.org/forum/index.php?showtopic=31121
Only thing I could not switch of during these ‘holidays’ was my brain. It seems to be twisted since my birth and oh well I learned to live with it. So I had a midnight thought the other day. Nothing to funky nonetheless interesting. It’s all about connect back backdoors. If a connect back backdoor is used you always have the question: To where must it connect back?



read more]]> Sat, 27 Dec 2008 17:09:07 +0000 http://www.governmentsecurity.org/forum/index.php?showtopic=31121 http://www.governmentsecurity.org/forum/index.php?showtopic=31115 Farewell Message]]> Wed, 24 Dec 2008 22:54:00 +0000 http://www.governmentsecurity.org/forum/index.php?showtopic=31115 http://www.governmentsecurity.org/forum/index.php?showtopic=31113
This security update is rated Critical for Internet Explorer 5.01, Internet Explorer 6, Internet Explorer 6 Service Pack 1, and Internet Explorer 7.

It could be critical for previous versions of Internet Explorer too but Microsoft didn't test them because they're no longer supported.

Being a curious type when I saw all the hubbub about a new major critical vulnerability in Internet Explorer I wanted to know just what it was about.

First, the best way to get the fix for your Windows operating system, irrespective of flavour, is Windows Update. Yet, the text accompanying the update is typically brief:

Security Update for Internet Explorer 7 in Windows Vista (KB960714)
Published 18th December 2008
Update type: Important READ MORE]]> Wed, 24 Dec 2008 14:43:42 +0000 http://www.governmentsecurity.org/forum/index.php?showtopic=31113 http://www.governmentsecurity.org/forum/index.php?showtopic=31112
Attacks have increased in sophistication and are often tailored to their specific victim. Trend tracking has shown that in 2008, the Web has become a primary conduit for attack activity. According to Symantec’s Top Internet Security Trends of 2008, attackers have become more difficult to track as they have shifted away from mass distribution of a small family of threats to micro distribution of large numbers of threats.

2008 Trends

Spam and Phishing

This may be the most well known form of computer breaching, and yet it is still the healthiest and fastest growing of attacks. In 2004, Bill Gates predicted that spam would be resolved in another two years. In 2008, we were seeing spam levels at 76 percent until the McColo incident in November 2008, at which time spam levels dropped 65 percent. The battle with spammers has turned into an all out war and spammers are showing no sign of surrendering. READ MORE]]> Wed, 24 Dec 2008 14:42:23 +0000 http://www.governmentsecurity.org/forum/index.php?showtopic=31112 http://www.governmentsecurity.org/forum/index.php?showtopic=31111
Lost in the noise of all of this let us not forget the difference between a "spammer" and a "spam message".

Spammers are people who send nothing but spam 100% of the time. Spammers utilize botnets to conceal the original message sender and utilize networks that they otherwise have no right or license to use.

Compare this to a (accidental) sender of a spam message.

Most ESPs occasionally sign up customers whose intentions are to use the ESPs network to send out email to purchased lists or to people who did not specifically opt-in to receive that mail. Of course, this is unbeknownst to the ESP until the email goes out and the complaints roll in about spamtrap hits, unknown user rates, and users hitting the "This is Spam" buttons in their webmail clients. The good ESPs will shut those folks down immediately and make them go troll their email elsewhere. Does this make these ESPs spammers? No. Are they culpable under this new law? Not sure yet, but those details will certainly come forward. READ MORE]]> Wed, 24 Dec 2008 14:41:27 +0000 http://www.governmentsecurity.org/forum/index.php?showtopic=31111 http://www.governmentsecurity.org/forum/index.php?showtopic=31106
I decided to ask him if he’d heard about the ESP trick, he replied that he had used it quite a few times in the past. When I decided to ask him if he knew how it actually worked he told me that he didn’t know.

I’ve come across a lot of reverse engineers in my time, some experienced, others inexperienced… Roughly 40% of them had heard about and used the ESP trick at one point or another, but none knew how it actually worked.

That said I thought I’d write about the topic, so that next time someone asks me I can link them here. READ MORE]]> Tue, 23 Dec 2008 13:41:07 +0000 http://www.governmentsecurity.org/forum/index.php?showtopic=31106