Major Flaw Found In Security Products

“A stealthy and potentially dangerous bug has been discovered in security products from eight different vendors, including Check Point Software, according to an article in Dark Reading. The so-called cross-site request forgery (CSRF) lets an attacker access the user’s network and even conduct transactions on behalf of the user. It could affect over a million installations, but so far, Check Point is the only security vendor to step up and patch it. This vulnerability is found in most everything with a Web-based interface, including printers, firewalls, DSL routers, and IP phones.”

http://it.slashdot.org/article.pl?sid=07/06/28/1427228

Experts challenge claim of undetectable rootkits

Four well-known researchers challenged rootkit guru Joanna Rutkowska on Thursday to prove that a rootkit can be made undetectable.

The four researchers — independent Dino Dai Zovi, Peter Ferrie of Symantec, Nate Lawson of Root Labs (corrected) and Thomas Ptacek of Matasano — stated that any rootkit that runs on the host of a virtual environment, leaves so many telltale signs that it can be detected.

More at http://www.securityfocus.com/brief/537

Also: Researchers: ‘Blue Pill’ Rootkit Detectable

Joanna Rutkowska, the security researcher who one year ago built a working prototype, code-named Blue Pill, of a rootkit capable of creating malware that remains “100 percent undetectable,” has tacitly conceded to a group of security researchers that the detector code they cooked up in the past month will in fact ferret out Blue Pill—at this point in its development, at any rate.

Tom Ptacek, security researcher and founder of New York-based Matasano Security, posted a note on June 27 saying that he, along with his fellow security researchers who had worked on hypervisor rootkit detection, were inviting Rutkowska to a challenge at Black Hat Briefings in Las Vegas sometime on Aug. 1 or 2.

http://www.eweek.com/article2/0,1895,2152137,00.asp

Mini version of Panda’s NanoScan launched

Panda Software has launched the mini, customisable version of NanoScan, the instant virus scanner from Panda Software, designed to detect active malware on a PC in less than one minute. NanoScan is available at: http://www.infectedornot.com

“With this launch, Panda Software is contributing to the rapidly expanding Web 2.0 user community,” says Jeremy Matthews, MD of Panda Software SA. “Portals such as iGoogle, Windows Live, NetVibes or Protopage, already have custom versions of NanoScan, where visitors can benefit from the speed and detection capacity of NanoScan.”

http://www.ictworld.co.za/EditorialEdit.asp?EditorialID=29196

DoJ warns U.S. citizens of phishing attacks

he United States Department of Justice has released information warning the public of a recent surge in fraudulent spam e-mail messages claiming to be from the DOJ. The messages contain a malicious attachment that supposedly contains information regarding complaints filed against them with the DOJ and IRS, but instead launches malware on the user’s system when opened.

More information regarding these messages can be found in the DOJ Justice Department Alerts Public about Fraudulent Spam Email Press Release.

http://www.us-cert.gov/current/index.html#justice_department_warns_public_of

Fake Adobe Shockwave Player download page

http://www.dshield.org/diary.html?storyid=3024

“When visited, the web page in question (a game site related to RuneScape) shows couple of broken icons and all links just point to another web page that conveniently inform the user that his version of Macromedia Flash Player needs to be updated. After this notice, the user is redirected to a web site hosting a complete replica of the Shockwave Player Download Center”

via http://www.dozleng.com/updates/index.php?showtopic=14855