ProtectionBar tricks users with security promise

A new adware program that tries to trick users into installing fake security applications on their PC is has been spotted in the wild. The program, called ProtectionBar, tries to trick users by installing false security programs on their computers, according to anti-virus firm Panda Software. These programs inform users that their computer is infected by threats that do not exist or show fictitious errors. Then they threaten users so that they buy the license in order to delete the malware supposedly detected. The aim of this system is to earn a profit for the developers of these programs, who … Continue reading ProtectionBar tricks users with security promise

HP’s Memory Spot presents security risk

Hewlett-Packard’s tiny Memory Spot chip is designed to put digital information on documents and photos. However, the chip’s size and wireless capability can also be used by corporate thieves to copy and steal valuable data. While the Memory Spot presents an added security challenge for companies, the risk can be managed, said James McQuivey, a professor at Boston University’s College of Communication. Full article at http://www.infoworld.com/article/06/07/19/HNhpmemoryspot_1.html

Consumers of Broadband Providers (ISP) may be open to hijack attacks

From SecurityFocus Bugtraq:Some ISP networks do not reset open TCP connections of customers that were either cut-off by the ISP or cut off by self-initiation. While it is responsibility of every person to terminate every open connection before link termination, when the ISP initiates this, it cannot be guaranteed. A customer who happens to resume a recycled dynamic IP can then read the previous persons open sessions. With streaming mp3 radio services that work on a per-pay basis, this can result in substantial monetary losses, not to mention porn streaming. Further unencrypted email can be read and website cookies can … Continue reading Consumers of Broadband Providers (ISP) may be open to hijack attacks

WinRAR LHA Archive Processing Buffer Overflow

Affected Software: WinRAR 3.x Ryan Smith has reported a vulnerability in WinRAR, which can be exploited by malicious people to compromise a user’s system. The vulnerability is caused due to boundary errors in lzh.fmt within the processing of LHA archives. This can be exploited to cause a stack-based buffer overflow when a specially crafted file with an overly long filename is opened. Successful exploitation allows execution of arbitrary code with the user’s privileges. The vulnerability has been reported in versions 3.00 through 3.60 beta 6. Solution: The vulnerability has been fixed in version 3.60 beta 7. http://secunia.com/advisories/21080/

Symantec pcAnywhere CIF Files Privilege Escalation

Affected Software: Symantec pcAnywhere 12.xZee has reported a security issue in Symantec pcAnywhere, which can be exploited by malicious, local users to gain escalated privileges. The problem is caused due to CIF files containing a superuser flag and being stored insecurely by default in “Documents and SettingsAll UsersApplication DataSymantecpcAnywhereHosts” where any user can read the contents of files and create new files. This can be exploited to gain administrative user privileges via pcAnywhere by crafting a new CIF file, setting the superuser flag, and placing the file in the “Hosts” directory. The security issue has been reported in version 12.5. … Continue reading Symantec pcAnywhere CIF Files Privilege Escalation

Rootkits get better at hiding

A new Trojan horse is so good at hiding itself that some security researchers claim a new chapter has begun in their battle against malicious code authors. The new pest, dubbed “Rustock” by Symantec and “Mailbot.AZ” by F-Secure, uses “rootkit” techniques crafted to avoid the detection technology used by security software, Symantec and F-Secure said in recent analyses. http://news.zdnet.com/2100-1009_22-6095762.html

Gartner: Mature organisations can safely reduce security spending

Organizations that have reached a high level of IT security practice maturity can safely reduce spending to between 3 and 4 percent of the IT budget by 2008, according to research firm Gartner. By contrast, organizations that are inefficient or have historically under invested in security may spend upwards of 8 percent of their IT budget on security. This means that many organizations will still be investing aggressively for the next few years. Rich Mogull, research vice president and conference chair of the Gartner IT Security Summit which starts in Sydney today, said that there are now solutions to most … Continue reading Gartner: Mature organisations can safely reduce security spending

Symantec Report: Vista Code Contains Security Loopholes

A new report from Symantec security researchers contends that Microsoft’s much-awaited Vista operating system could harbor a range of vulnerabilities that will make it less secure than previous iterations of Windows. According to research published July 18 by Symantec, in Cupertino, Calif., a number of Vista’s software components, specifically a handful of protocols related to its redesigned networking technologies, could become security loopholes if Microsoft does not fix the problems or ensure that the product is configured appropriately to hide the glitches when it is shipped. The Redmond, Wash., software giant is slated to deliver a final version of Vista … Continue reading Symantec Report: Vista Code Contains Security Loopholes

Microsoft Works Buffer Overflow in Processing Spreadsheet Files May Let Remote Users Execute Arbitrary Code

Affected Version(s): Microsoft Works 8.0 Description:  A vulnerability was reported in Microsoft Works. A remote user may be able to cause arbitrary code to be executed on the target user’s system. A remote user can create a specially crafted Microsoft Works spreadsheet file that, when loaded by the target user, will trigger a buffer overflow and execute arbitrary code on the target system or cause denial of service conditions on the target system. Impact:  A remote user can create a file that, when loaded by the target user, will execute arbitrary code on the target user’s system or cause denial … Continue reading Microsoft Works Buffer Overflow in Processing Spreadsheet Files May Let Remote Users Execute Arbitrary Code

Sun Issues Fix for StarOffice

(Sun Issues Fix for StarOffice) OpenOffice.org Bugs Let Java Scripts Escape the Sandbox, Macro Code Be Executed, or Arbitrary Code Be Executed on the Target System Affected Version(s): StarOffice 6, 7, 8 Several vulnerabilities were reported in OpenOffice.org. A remote user can cause arbitrary code to be executed on the target user’s system. Sun StarOffice is affected. A remote user can create a Java applet that, when loaded by the target user, will escape the Java ‘sandbox’ and gain full access to system resources with the privileges of the target user. A remote user can create a specially crafted document … Continue reading Sun Issues Fix for StarOffice