Microsoft: Sex, Lies……and cybercrime?

Posted on 26-Jun-2011 by .

Microsoft also recently released an eye catching paper aptly named that discusses the validity of security reports.  Far from being broadly-based estimates of losses across the population, the cyber-crime estimates that we have appear to be largely the answers of a handful of people extrapolated to the whole population.

Sex, Lies and Cybercrime Surveys

Posted in microsoft, news | Tagged | Leave a comment

Latest Microsoft Security Report

Posted on 25-Jun-2011 by .

Microsoft’s Security Intelligent Report (SIR) v10 has been released and can be found here.

The key highlights from Microsoft’s own Roger Halbheer:

  • Industry vulnerability disclosure trends continue an overall trend of moderate declines since 2006. This trend is likely because of better development practices and quality control throughout the industry,which result in more secure software and fewer vulnerabilities.
  • Vulnerability disclosures for Microsoft products increased slightly in 2010 but have generally remained stable over the past several periods.

[…]

  • The exploitation of Java vulnerabilities sharply increased in the second quarter of 2010 and surpassed every other exploitation category that the MMPC tracks,including generic HTML/scripting exploits,operating system exploits,and document exploits.
  • The number of Adobe Acrobat and Adobe Reader exploits dropped by more than half after the first quarter,and remained near this reduced level throughout the remainder of the year.

[…]

  • Exploits that affected Adobe Acrobat and Adobe Reader accounted for most document format exploits detected throughout 2010. Almost all of these exploits involved the generic exploit family Win32/Pdfjsc

[…]

  • Microsoft Office file format exploits accounted for between 0.5 and 2.8 percent of the document format exploits that were detected each quarter in 2010.

[…]

  • As in previous periods,infection rates for more recently released Microsoft operating systems and service packs are consistently lower than older ones,for both client and server platforms. Windows 7 and Windows Server 2008 R2,the most recently released Windows client and server versions,respectively,have the lowest infection rates.
  • Infection rates for the 64-bit versions of Windows Vista® and Windows 7 are lower than for the corresponding 32-bit versions of those operating systems. One reason may be that 64-bit versions of Windows still appeal to a more technically savvy audience than their 32-bit counterparts,despite increasing sales of 64-bit Windows versions among the general computing population. Kernel Patch Protection (KPP),a feature of 64-bit versions of Windows that protects the kernel from unauthorized modification,may also contribute to the difference by preventing certain types of malware from operating.

[…]

  • In the first half of 2010,phishers showed signs of targeting online gaming sites with increasing frequency,although this push appeared to have dwindled as social networks came under increased attack. Impressions that targeted gaming sites reached a high of 16.7 percent of all impressions in June before dropping to a more typical 2.1 percent in December.
  • Phishing sites that target social networks routinely receive the highest number of impressions per active phishing site. The percentage of active phishing sites that targeted social networks increased during the final months of the year,but still only accounted for 4.2 percent of active sites in December,despite receiving 84.5 percent of impressions that month. Nevertheless,the number of active sites targeting gaming sites remained relatively high during the second half of the year,which suggests that more campaigns may be coming.

 

Posted in microsoft, news, security | Tagged | Leave a comment

Dumping Dropbox…

Posted on 24-Jun-2011 by .

Dropbox Logo

I’m deleting my Dropbox account in favor of Jungle Disk.  First, the fact that Dropbox is able to view my plaintext data if I don’t encrypt it before uploading (with Truecrypt etc) worries me.

Second there was a local exploit vulnerability with Dropbox.

My third Dropbox tidbit was this article by Frank McClain on the Computer Forensics blog.

Last, and most recently, Dropbox suffered a 4 hour authentication bug where users could have logged into an account without the correct password.  WTF !?

In case you still want to keep your data hosted with DropBox you need to read this: How to Encrypt Your Dropbox Files, at Least until Dropbox Wakes the F* up

How to Encrypt Your Dropbox Files, at Least until Dropbox Wakes the F* up

Posted in news, security | Tagged , , | 1 Comment

Cloud Computing Security Considerations

Posted on 23-Jun-2011 by .

Cloud computing offers potential benefits including cost savings and improved business outcomes for government and private industry. However, there are a variety of information security risks that need to be carefully considered.  Risks will vary depending on the sensitivity of the data to be stored or processed.  The Australian Department of Defence has released their initial guidance on cloud computing.

This paper assists agencies to perform a risk assessment to determine the viability of using cloud computing services. This document provides an overview of cloud computing and associated benefits. Most importantly, this document provides a list of thought provoking questions to help agencies understand the risks that need to be considered when using cloud computing.

You can find the document here: Cloud Computing Security Considerations

Posted in news, privacy, security | Tagged | Leave a comment

How Big is Your Haystack?

Posted on 20-Jun-2011 by .

I’m not the world’s biggest fan of Steve Gibson and his Security Now! podcast.  Recently someone notified me of a neat website that Mr. Gibson created.  The website which he calls Haystack is a ‘brute force search space calculator’.

So what IS the “Search Space Calculator” ?

This calculator is designed to help users understand how many passwords can be created from different combinations of character sets (lowercase only, mixed case, with or without digits and special characters, etc.) and password lengths. The calculator then puts the resulting large numbers (with lots of digits or large powers of ten) into a real world context of the time that would be required (assuming differing search speeds) to exhaustively search every password up through that length, assuming the use of the chosen alphabet.

 

Posted in news | Tagged , , , | 2 Comments

Cisco’s 2011 Q1 Threat Report released

Posted on 17-Jun-2011 by .

I won’t bother summarizing the findings as Brian Pennington has a great writeup on it already.

Click here if you want to see the complete Cisco 2011 Q1 Threat Report for yourself.

 

Posted in news | Tagged | Leave a comment

pandaflux’s list o’ recommended browser plugins

Posted on 16-Jun-2011 by .

Firefox

  • googlesharing: encrypts your google traffic and routes it through a proxy where it is combined with many other people.
  • https-everywhere: Automatically enables a secure connection for websites that supports it.
  • better privacy: Among other things, Better Privacy will delete “flash cookies” that are difficult to manage otherwise.

Chrome

  • disconnect: Stop third parties and search engines from tracking the webpages you go to and searches you do.
  • click & clean: Deletes your browsing history, typed URLs, Flash cookies, all traces of your online activity to protect your privacy.
  • KB SSL Enforcer: Automatic security, browse encrypted.
  • NOREF: Suppress Referrer (referer) for Hyperlinks

Posted in google, privacy | Tagged , , | Leave a comment

China’s Blue Team

Posted on 14-Jun-2011 by .

It seems that China finally had their come to Jesus moment.  They realize the value in having a cyber warfare command.  They have formed a blue team composed of 30 technology-savvy officers and soldiers. Does that strike anyone else as odd?  A nation of 1.35B and their central planning government decides to only allocate 30 people to cyber defense.

You can read the full article on China’s new Blue Team here.

Posted in news, security | Tagged | Leave a comment

Virtualization Security Podcast

Posted on 13-Jun-2011 by .

I recently came across an interesting podcast centered on virtualization security.  Personally, I don’t get off on virtualization besides using Vmware for BackTrack and Windows but this may be of some interest to folks out there.  Currently, there’s over 60′s episodes on a variety of topics from PCI to TPM in a virtualized environment.  I’ve never heard of any of the static panelists nor their companies (Catbird, HyTrust, CISecurity) so take that for what you will…

The podcast homepage can be found here.

 

Posted in news, security | Tagged , | Leave a comment

True Cost/Benefit Analysis of Online Privacy

Posted on 23-May-2011 by .

I came across an interesting article regarding online privacy.  It presents surprising research arguing the advantages of online advertising may actually outweigh the costs including identity theft.

Do you think privacy advocates arguments are flawed?  Find out for yourself…. Applications Want to be Free: Privacy Against Information

Posted in news | Tagged | Leave a comment