Friday, 22 May 2009

Gumblar

US-CERT has warned about multistage malware exploit. Chinesedomain based malware called 'gumblar' at first stage infects website using obfuscated javascript . The websites are infected by using stolen FTP credentials.
Visitors to these infected websites are exploited for unpatched PDF and Flash vulnerabilities.
Users are therefore urged to update their software and stay updated with their Antivirus.

Thursday, 14 May 2009

Two Factor Card Authentication Technology in beta

Two Factor payment card authentication system has been successfully integrated to plastic payment card.
The EMUE developed card has got an 12 button key pad and LCD display.The keypad is used to enter pin, upon which it generates one time pass code used for authentication purposes.
We can also note there was similar system developed by RSA called SecureID.

Thursday, 7 May 2009

Bootkit, will this supersede Rootkit ?

Bootkit (or VBootkit) is kinda of rootkit that can load from boot sector. Indian security researchers released the code for the VBootkit, they claim that it can be used to compromise security on Windows Vista and Windows7. According to this VBootkit can also be potentially misused to develop boot sector viruses.
But Windows say that its not a vulnerability but a design flaw which is exploited by VBootkit and its not threat to the OS(can be circumvented using bitlocker).

Tuesday, 5 May 2009

Critical Vulnerability in Adobe 9.1

According to this post a critical vulnerability has been identified in Adobe Reader and acrobat 9.1 and earlier versions. This vulnerability could allow the attacker to take control of the system.
All users are advised to disable 'javascript' function in their adobe application.
Seeing all the recent vulnerabilities in acrobat , adobe would be wondering if they were right in providing javascript functionality in reader.

When Dot disappeared

This is a good example how small mistakes may lead to security blunders. Microsoft posted some updates related to Vista SP2 . The link in the post actually missed a dot, instead of pointing to technet.microsoft.com it pointed to technetmicrosoft.com. Though this domain was not malicious, it could've been serious damage if the domain was malicious. Microsoft rectified this immediately.