Site Network: Beskerming.com | Skiifwrald.com | Jongsma & Jongsma

Innovation in Information Security

Coverage of important Information Security and Information Technology news and events from the research team at S?nnet Beskerming.

Username: | Password: Contact us to request an account

Commentary & Insight From S?nnet Beskerming

Covering news on emerging threats, advice on good security practices, analysis, explanation of technical news items, and brief, accurate, non-biased synopsis of security-focussed technology trends, S?nnet Beskerming commentary is many things.

Whether you call it a blog, online journalism, or commentary on events, this is where you can find and search all relevant articles published by S?nnet Beskerming.

All articles will eventually be made available free of charge, however some content is initially only available to paying subscribers.

Available entries
Being Prepared is for More Than Just the Scouts
Posted in: Information Security
The need for a strong disaster recovery plan is one of the topics that has received previous coverage from S?nnet Beskerming and it should be an essential component of any business plan. A recent power outage in San Francisco provides an excellent example of this need, when some of the largest site....
Posted: 29 July 2007 17:58

Loading Unsigned Drivers in Vista
Posted in: Information Security
A new software tool has been released by Linchpin Labs that allows the loading of unsigned and legacy drivers on Windows XP, 2003, and most importantly, Vista.

One of the system management and control methods that Microsoft implemented with Windows Vista is requiring system drivers to be digitall....
Posted: 28 July 2007 00:29

Storm Worm Employs VM Detection
Posted in: Information Security
The ISC has an interesting report on some of the techniques employed by the Storm worm to detect the presence of virtual machines (VMs) and adjust behaviour accordingly. S?nnet Beskerming has previously covered the discussion of techniques that malware can use to avoid detection (or attack the VM) ....
Posted: 27 July 2007 22:24

iPhone Access Update
Posted in: Information Security
While the Information Security industry awaits the disclosure of an automated iPhone exploit, due for release at Black Hat USA on August 2, other groups have been labouring away in the background to improve the accessibility and functionality of the iPhone.

One of the most prominent teams working....
Posted: 27 July 2007 22:01

Fidelity Data Theft Case Worsens
Posted in: Information Security
One of the biggest cases of insider data theft reported in the last several months, that at Fidelity National (covered here), has worsened based on a filing provided to the Securities and Exchanges Commission earlier this week.

The initial estimate of compromised records was in the region of just....
Posted: 26 July 2007 18:29

InfoSec Sellout Faces more Problems
Posted in: Information Security
After a hectic couple of weeks which saw the announcement of an OS X worm that has yet to leave the lab (Rape.osx), anonymous 'death threats' posted in the comments to the blog, attempted unmaskings, and a bizarre accidental deletion of the historical posts to the blog, the individual or group of in....
Posted: 25 July 2007 23:59

US Military, Aussie Bank, and Fox Network Affected by Further Data Loss
Posted in: Information Security
After a spate of data losses traced to the use of Winny filesharing software in various sensitive Japanese environments (military warships, hospitals, police departments), it has been reported that a Japanese police officer has been sacked over a disclosure where several thousand sensitive police re....
Posted: 25 July 2007 07:58

An Interesting Fortnight Ahead for Information Security
Posted in: Information Security
With the Black Hat Briefings and associated DefCon only a matter of days away, more information is being made available about a number of the presentations that will be taking place during the gatherings in Las Vegas.

Based on the speaker lists that are available, along with the briefed topics fo....
Posted: 25 July 2007 00:28

More Problems Plaguing Anti-Malware
Posted in: Information Security
Over the last few weeks there has been a spate of disclosures related to weaknesses affecting anti-malware software, where a vulnerability in the product could lead to an attacker being able to exploit the underlying system (either through breaking out of a sandbox, or targeting the filtering capabi....
Posted: 23 July 2007 13:23

User-created Applications Running on iPhone
Posted in: Information Security
After a couple of weeks of promising work towards completely opening up the iPhone for arbitrary control by end users, the team behind the majority of work so far (#iphone @ irc.osx86.hu) have released their promised toolchain that allows a user to take control over their iPhone.

This release has....
Posted: 21 July 2007 12:35

Maynor Denies Being LMH
Posted in: Information Security
As a follow up to the recent article about the apparent unmasking of two online pseudonyms that have attracted significant attention over their previous Information Security actions, it appears that the original message referenced in the article may have been a fake.

David Maynor has since commen....
Posted: 20 July 2007 07:40

LMH and InfoSec Sellout Unmasked?
Posted in: Information Security
The equivalent of a virtual nuke has just been set off in the field of vulnerability research and disclosure. The identities behind two of the noms de guerre that have elicited some of the most heated vitriol over the last 12 months appear to have been disclosed.

In a post to the Fuzzing mailing....
Posted: 19 July 2007 17:22

Firefox 2.0.0.5 Released
Posted in: Information Security
After a week of final testing for the Release Candidate, version 2.0.0.5 of the popular Firefox web browser has been released. In amongst the almost 100 issues fixed in this update are a number of key security related updates, including security issues previously covered by S?nnet Beskerming, and l....
Posted: 19 July 2007 01:00

When is RSA Ransomware not RSA Ransomware? (When it is RC4)
Posted in: Information Security
Last weekend saw the first series of detections of a new version of an odd piece of malware (Gpcode) that encrypts user data before demanding a ransom for the keys needed to recover the original data. S?nnet Beskerming have previously covered this class of malware, known as Ransomware - Advisory #1....
Posted: 19 July 2007 00:50

A Worm for Your Apple
Posted in: Information Security
A small controversy is brewing over claims that an independent researcher going by the moniker Information Security Sellout (or InfoSec Sellout) has developed the framework of a worm that targets a currently undisclosed vulnerability affecting the Intel versions of OS X. The worm is expected to ext....
Posted: 18 July 2007 02:54

Expanded Commentary on Destroying Sandboxes
Posted in: Information Security
Following the explosion in popularity of the article on Destroying Sandboxes, it seemed that a number of readers were still curious about what it was that was being reported on.

Firstly, to clear up any misconceptions:
*Yes, S?nnet Beskerming researchers are fully aware of hypervisor rootk....
Posted: 18 July 2007 01:15

Microsoft's Forgotten Mac Patch (MS07-036)
Posted in: Information Security
Forgotten amongst the patches issued last week by Microsoft were the Macintosh versions of Excel. Windows versions of Excel were patched by MS07-036, which addressed some remote code execution vulnerabilities affecting the spreadsheet software.

According to ComputerWorld, MS07-036 was silently r....
Posted: 15 July 2007 20:08

Destroying Sandboxes
Posted in: Information Security
One of the mechanisms used by anti-malware applications is to institute a virtual 'sandbox' to isolate suspicious files from the rest of the system while they are quickly analysed for malicious content or behaviour. Creating a sandbox requires the anti-malware software to essentially institute a Vi....
Posted: 15 July 2007 18:42

Software Updates From the Major Vendors
Posted in: Information Security
Over the last week, there have been security and functionality updates released by Microsoft and Apple, as part of their scheduled patching cycle and patch management processes, respectively. Towards the end of the week Oracle joined the fray, pre-announcing that they would be shipping 46 security ....
Posted: 14 July 2007 23:57

Significant Data Loss Events Reported in the Last Month
Posted in: Information Security
After a relatively quiet period of record loss disclosures, several significant losses have been reported over the last couple of weeks. In Japan, Resona Bank reported that they lost records on more than 950,000 bank clients, in an incident affecting 27 branches - including one located in the Diet ....
Posted: 14 July 2007 10:13

Aussies face the threat of Robo-Pacinos
Posted in: Information Security
If reporting from The Age newspaper is to be believed, the Australian Federal Police (AFP) Commissioner, Mick Keelty, briefed a Parliamentary Inquiry into the future impact of organised crime that Australians would be facing the threat of part-robot humans involved in organised crime in the future.Posted: 13 July 2007 00:14

A Present for our Readers
Posted in: Information Security
Here at S?nnet Beskerming we like any excuse for a celebration, and what better way to celebrate than to give out presents (yes, we know you should be giving us the presents, but we're feeling happy and generous).

For the month of July, all site visitors, RSS readers, or anybody who decides to lo....
Posted: 12 July 2007 01:09

Microsoft July Security Patch Release
Posted in: Information Security
Microsoft have released six patches with the July 2007 Security Patch Release. As per the pre-release information that was provided last week, Microsoft released three Critical patches, two Important patches, and one Moderate patch.

Although there are no known exploits for most of the issues (th....
Posted: 11 July 2007 09:54

It's Official, the iPhone has been Hacked
Posted in: Information Security
Less than two weeks from the release of the iPhone, the researchers (#iphone @ irc.osx86.hu) who have been rapidly progressing towards controlling the iPhone have finally succeeded. Even though their most promising approach, via the bootloader, was cut short when it was discovered that they could n....
Posted: 10 July 2007 23:42

Stumbling Block for iPhone Researchers
Posted in: Information Security
Promising steps from iPhone researchers last week that provided them with a serial interface to controlling and operating the bootloader for the iPhone have come to essentially nothing.

In an update posted in the early hours of yesterday, the researchers disclosed that they have been unsuccessful....
Posted: 10 July 2007 07:37

A Matter of Numbers
Posted in: Information Security
Over the last couple of weeks traffic to S?nnet Beskerming has skyrocketed, largely as the result of introducing our new online delivery formats for security news and commentary. Since the start of July, S?nnet Beskerming content has appeared on many websites, attracting many thousands of new and e....
Posted: 9 July 2007 23:57

Antivirus Vendors Head to Court
Posted in: Information Security
A growing dispute between Kaspersky Lab and Rising Tech in China is now headed to court after Kaspersky sued Rising Tech for anticompetitive business practices.

The growing dispute, tracked by the Chinese Internet Security Response Team, started when an update issued by Kaspersky for their antivi....
Posted: 8 July 2007 14:57

iPhone Researchers Gain a Shell
Posted in: Information Security
A team of researchers (#iphone @ irc.osx86.hu) dedicated to finding means to fully control and interact with the new Apple iPhone claim to have successfully gained an interactive shell on the device. In order to achieve this feat physical access to the phone is required, as it relies on some minor ....
Posted: 7 July 2007 09:38

Big Media Consolidation
Posted in: Information Security
Rumours are flying thick and fast about the push by Rupert Murdoch's News Corporation to take over the Dow Jones media group (owners of the Wall Street Journal and other media assets).

News of the proposed purchase rocked much of the media world when the bid for $60 per share was made in April, t....
Posted: 7 July 2007 09:13

.NET 0-day?
Posted in: Information Security
Just a few hours after Microsoft provided the advance notification of the planned releases in the July Security Update, it appears that a 0-day exploit for the .NET vulnerability (Critical patch expected) has been released at the SyScan '07 conference currently running in Singapore, according to a s....
Posted: 7 July 2007 00:30

July 2007 Microsoft Security Patch Advance Notification
Posted in: Information Security
Microsoft have provided advanced notification about the Security Patch Release scheduled for next Tuesday. Six patches are due for release, with three affecting Windows, two affecting Office, and one affecting the .NET framework.

Although the .NET vulnerability was originality reported as Import....
Posted: 6 July 2007 23:42

Focussing on SAP
Posted in: Information Security
NGS Software, better known for their focus on Oracle products, have released information about a brace of SAP product vulnerabilities that range from low to critical risk for users of the products, who have not updated their products.

With a heavy web-based interface component for SAP, and also f....
Posted: 6 July 2007 23:02

Keeping Information Timely
Posted in: Information Security
One of the pressing problems that has plagued information sources since before the Internet is ensuring the timely dissemination of information, before it becomes stale or out of date. With Information Security news and related online sources, arriving at a news source late could have significant c....
Posted: 6 July 2007 22:03

A Lesson in Why Regulating Online Activity is Difficult
Posted in: Information Security
When the controversial online music distribution site AllofMP3.com went dark recently, it was touted as a victory by various groups responsible for music royalties (who weren't getting a cut from AllofMP3.com) and a positive sign of US-Russian relations due to the intimation that US pressure was use....
Posted: 4 July 2007 23:14

A Quick Update on Global Internet Traffic Observations
Posted in: Information Security
Since so many people have been asking about whether there are any updates to our Glitch in the Matrix post, we've decided to post a quick update based on what our researchers are continuing to observe.

Overall Internet traffic, as observed by The Internet Traffic Report has settled back into norm....
Posted: 4 July 2007 02:25

Why Hack When You Can Buy Your Way to Identity Theft
Posted in: Information Security
Continuing a trend of employees stealing valuable data, an employee at a Fidelity National Information Services subsidiary at some time prior to May 2007 stole more than 2 million records that contained a range of personal, financial account, and credit card data for users of Fidelity services.

I....
Posted: 4 July 2007 01:52

iPhone Bugs Hit the Streets
Posted in: Information Security
The team over at errata security are claiming what could be the first set of vulnerabilities to affect the iPhone, after less than 96 hours of general availability of the device.

At this stage they are claiming the presence of an unidentified Safari bug, and an interesting Denial of Service again....
Posted: 4 July 2007 00:42

Investigating the iPhone
Posted in: Information Security
When Apple's iPhone was released at the end of last week, not only were purchasers lined up to get their hands on the device, but security researchers were keenly awaiting physical access to the device.

It didn't take long, with what appears to be a recovery system image posted to a number of sit....
Posted: 2 July 2007 22:05

Time to Blacklist Blacklists
Posted in: Information Security
Blacklists have their place for detecting and identifying malicious content and activity, with the whole signature-based malware detection industry effectively being built around the concept that blacklists are reliable mechanisms.

The only problem is that they aren't.

They certainly are an im....
Posted: 1 July 2007 17:37

Black Hat Showdown a No Down.
Posted in: Information Security
An eagerly awaited Security showdown at this year's Black Hat briefings in Las Vegas, between the developers of the Blue Pill hypervisor rootkit and a team that claims they can reliably detect it, is no more.

In establishing the ground rules for the face off, the Blue Pill developers requested a ....
Posted: 1 July 2007 16:50

A Glitch in the Matrix, or a Hungry Exploit?
Posted in: Information Security
S?nnet Beskerming researchers observed an interesting deviation in global network traffic over the last 24 hours, particularly for South American, Asian, and Australian networks. Normally, global Internet traffic (as observed by the Internet Traffic Report) oscillates around 9% packet loss, with gl....
Posted: 1 July 2007 00:34

Posts from December, 2024.