You are currently browsing the monthly archive for March 2009.

Leslie Stahl of 60 Minutes host this segment about Conficker, titled “The Internet is Infected.” You can watch the video below, which at the end of the segment, shows some footage of teen Russian hackers, as young as 14 years old ripping off Americans.

How do you know if your PC is infected with Conficker? If you tried to browse to Microsoft or Symantec and you can’t, that is one symptom that your PC has Conficker.  Joe Stewart came out with a Conficker Eye Chart, which will explain which variant of Conficker may have infected your PC or it’s a false alarm.

This WindowsSecrets article is very comprehensive on removing and preventing Conficker, great write up.

Vodpod videos no longer available.

Michael Howard, Microsoft Sr Security Program Manager

Michael Howard, Microsoft Sr Security Program Manager


Michael Howard recently updated his blog on March 24 that Ken Johnson aka Skywing has joined his group in Microsoft.

Johnson in 2005, together with another hacker, Matt Miller aka Skape published a paper on how to bypass Window’s Data Execution Prevention (DEP).

This news looks like a continuing trend of Microsoft recruiting well known hackers that has proven themselves in the field of circumventing Windows defenses, which is a good thing.

Others who have joined Microsoft recently are:

Matt Miller, August 2008

Crispin Cowan,  January 2008

Adam Shostack, June 2006

One way to make a significant contribution is to join the market leader and make the change from within that organization itself and this is good for Microsoft as it evolves its Windows OS to be more secure over time. And ultimately its the consumers who benefit, a win-win scenerio.

I have yet to come across such thing hapening to Apple, though. And, lately I have been reading tonnes of news how insecure Mac OS X “Leopard” is, it scares me shitless that some still thinks that Linux/Unix or FreeBSD-based OS is inherently secure, which is not really the case anymore.

As Apple gains more market share, more hackers will be targeting it, since it’s going to be easy picking – less secure, less work, easy to exploit, make sense?

Update 29 March: Trend Micro reported that pirated Mac software has been found to be embedded with malware.

While reading a ComputerWorld article on China becoming the world’s malware factory, I came across an interesting reference of a recent attack that occurred in Asia Pacific region but has little coverage on the English media.

Apparently the attacked started in March 06 till March 13 according to Cisco’s Security Center.

What happened is traffic going to, and were redirected to w w w.dachengkeji.c o m. The hacker(s) apparently managed to compromise a switch in Singapore in order to launch this attack. Malicious codes can then be downloaded to unsuspecting surfers.

According to Cisco, “Full details of the attacks are unclear, but they could be a result of a malicious code outbreak, DNS compromise, non-blind TCP spoofing attacks, or another man-in-the-middle style of attack.”

Preventing such attack may be difficult and the risk is rather high, especially if the hacker is running some sniffing tool to pull sensitive details like login names and passwords. Safest bet is never to use the same password credentials on different web sites.

aiaThe Aerospace Industries Association announced that it has teamed with Internet Security Alliance to create the center “to provide information and tools to help identify threats to a company’s information technology infrastructure.”

ISA is a nonprofit forum for data sharing and thought leadership on information security issues. ISA aims to identify and standardize best practices in Internet security and network survivability, while creating a collaborative environment to develop and implement information security solutions.

This is probably one of the response to the incident of how US President’s Marine One blueprint were leaked in the P2P network and have fallen into the hands of countries like Iran and China.

Tipping Point tweeted some amazing development as one hacker after another managed to hack all three browsers that were patched to the tilt with the latest patch there is.

Safari was hacked in seconds by Charlie Miller and a German hacker known only as Nils managed to hack all three browsers, unheard of in the history of Pwn2Own contest.

So with the new bug uncovered, will Microsoft delay the release of Internet Explorer ver 8 RTM supposedly scheduled on Thursday noon, US time?

Update 01: Microsoft officially announced availability of IE8 RTM for download. Typical of Microsoft, security is never a priority over product launch date. If Microsoft is serious of security bug on IE8, it should have delayed the launch, get it properly fixed and announce a new date for the launch. A few days of delay wouldn’t hurt, in fact, it gives Microsoft more credibility that its serious when comes to security.



March 2009
« Feb   Apr »

Blog Stats

  • 1,702 hits