News - The fastest news on the net

Google Offers Free Tool To Sniff Out Rats

no_email@example.com (aaly)

Google has released its free Ratproxy security tool to those wanting to test the security of their Web-based apps, including for cross-site scripting attacks. Google security ace Michal Zalewski wrote on the company’s security blog that Google’s information security engineering team developed the open-source Ratproxy to “transparently analyze legitimate, browser-driven interactions with a tested Web property and automatically pinpoint, annotate, and prioritize potential flaws or areas of concern.” Ratproxy is licensed under Apache 2.0, though “the proxy is designed solely to highlight interesting patterns in Web applications.” Meaning, you’re suggested to have your own people interpret the results. See code.google.com/p/ratproxy /wiki/RatproxyDoc for more.

Adobe Reader Gets Flashy

no_email@example.com (aaly)

With its early June release of Adobe Reader 9, Adobe announced the app now natively supports Flash, meaning PDFs can now hold Flash video and other multimedia goodness. Additionally, Reader 9 boasts faster launch times; 256-bit AES encryption; new digital signature ability; and PDF Portfolios, which Adobe says build upon the Packages introduced in Reader 8 to help organize multiple PDFs and different media types. With Reader 9 Adobe also detailed Acrobat.com, an online beta experiment where you can create up to five PDFs; author, store, and share documents; upload files; host Web conferences; and use AIR to tap into Acrobat.com from the Desktop.

Dial-Up Users OK With Being Slow

no_email@example.com (aaly)

A study that the Pew Internet & American Life Project conducted in the spring of about 2,250 U.S. adults, including nearly 1,555 Internet users, turned up some interesting discoveries, including that about 55% of Americans now have broadband in the home. Of the 10% of Americans still using dial-up, 35% say broadband connections are still too expensive to make the shift. Only 14%, however, stated feeling stuck with dial-up, and a surprising 19% said nothing could convince them to leave dial-up. Vint Cerf reportedly wondered subsequently how many dial-up users would still be on dial-up if they knew what they were missing. Our thought exactly.

Mozilla Hits The Record Book

no_email@example.com (aaly)

Mark it down. Mozilla is now a proud member of the Guinness World Records family. Guinness bestowed the distinction upon Mozilla after more than 8 million people reportedly downloaded Firefox 3.0 during a 24-hour stretch in July—an event not hurt in the least by Mozilla’s steady stream of publicity leading up to the new browser’s download day. Self-promotion aside, Mozilla reportedly now owns a 19% share of the world browser market and could have a 20% or more stake as you read this. Microsoft, meanwhile, detailed new security features of the upcoming IE8 in early July, including a SmartScreen Filter antimalware tool. Look for IE8 Beta 2 in August.

Facebook Malware

no_email@example.com (aaly)

1800 Facebook profiles have been affected by a recent malware according to a blog entry by Graham Cluley.

Sophos notes that this new worm is supposedly spreading through messages. Their article included a URL of what the address of the malware look like.

Fraser Howard, the author of the blog entry at Sophos, notes that although it looks like it is a google link, it does not actually go to a google page. When users clicks on the URL of the message, they will receive a malware with a filename of picture_dl.exe. It is a Trojan downloader and it will download another Trojan if a user runs the file.

Source: Sophos

CNN Malware

no_email@example.com (aaly)

Sophos has added a new blog entry a few days ago about a video malware campaign that targets CNN breaking news service subscribers.

The email shows the top 10 stories and the top 10 videos, divided by a vertical line. If a user clicks on a link, the email will redirect him or her to a a compromised website. The website will ask the user to update their flash player. When a user agree to do this, he or she will receive a trojan called Mal/EncPK-DA.

The blog entry includes a screen shot of the email and an embedded Youtube video that demonstrates the campaign.

Source: Sophos

Repair Tool of the Week: USBDeview

no_email@example.com (aaly)

USBDeview is a portable, freeware tool designed to show you the currently connected USB devices with a good amount of detail. It can also show you a history of devices that are not currently connected but have been at some point in the past. You can also output this information to a HTML/TXT file.
You can change how devices connected behave such as disabling/enabling them or making a file run when a particular device is plugged in (for example, a bat script that dumps the contents of a USB thumb drive when it is plugged in).

This application also has the ability to gather this information from a remote computer or even mutliple computers at one time and initiate commands such as disabling a device.All the commands and features can be found in the “More Information” link below.

Screenshots:

Downloads: Download from Official Site

More Information

Malware on Up-to-date Softwares

no_email@example.com (aaly)

There are still malware on up-to-date anti-virus softwares according to a study from Panda Security. They said that their result shows 72 per cent of firms still had malware on their networks despite having an up-to-date list on the latest malware.
“The situation is getting out of control,” said PandaLabs technologies manager, Luis Corrons.
After Panda Security found out this fact, they are planning on changing its malware detection architecture. They also launched a new website which offers free security assessments to users and businesses.

Source: Channel Register

GDI Bugs

no_email@example.com (aaly)

There is bug in the Windows GDI (Graphics Device Interface) that hackers are taking advantage of according to Symantec’s DeepSight threat service.

The bug was patched by Microsoft recently on April Patch Tuesday. Those who are using Windows XP with the third service pack are safe.

Symantec added in their report that initial attempts of the hackers were not successful. However, users should still apply the recent patch that Microsoft released to be secure from this flaw.

The flaw is accessible either through a malformed Windows Metafile or Enhanced Metafile image.

Source: NetworkWorld

Windows 7 in 2009 - Denied

no_email@example.com (aaly)

Microsoft has denied rumors that the next Windows operating system will be released next year. The rumors started from a seminar which included Bill Gates. He said it would be released “sometime in the next year or so”.

A Microsoft representative sent an email to Information Week which says, “We are currently in the planning stages for Windows 7 and development is scoped to three years from Windows Vista Consumer.”

“As is standard with the release of a new product, we will be releasing early builds of Windows 7 prior to its general availability as a means to gain tester feedback,” the spokesman added.

Source: Tech Radar