Black Hat: Machiavelli – Demo rootkit for Mac OS X

On the last day of the Black Hat security conference, IT security expert Dino Dai Zovi presented his Machiavelli rootkit for Mac OS X. In keeping with the "divide and conquer" principle and disguised as a Remote Procedure Call (RPC) subsystem, Machiavelli smuggles itself into the Mach kernel, the foundation of Mac OS X. It installs a local agent which, while nearly invisible to the user, can be controlled remotely via the network. Installing the rootkit requires admin rights and even Dai Zovi himself doesn’t think that Machiavelli has uncovered a flaw in Mac OS X. Dai Zovi also plans … Continue reading Black Hat: Machiavelli – Demo rootkit for Mac OS X

Windows Anytime Upgrade and Family Pack Pricing

Windows 7 Team announced the pricing of Windows 7 Family Pack and Windows Anytime Upgrade. The Windows 7 Family Pack will be available starting on October 22nd until supplies last here in the US and other select markets. In the US, the price for the Windows 7 Family Pack will be $149.99 for 3 Windows 7 Home Premium licenses Windows Anytime Upgrade Windows 7 Home Premium to Windows 7 Professional: $89.99 Windows 7 Home Premium to Windows 7 Ultimate: $139.99* * You’ll note that we’ve reduced the price of moving from Home Premium to Ultimate 12% in the US as … Continue reading Windows Anytime Upgrade and Family Pack Pricing

Google: Send mail from another address without "on behalf of"

Google announced that Gmail users can send now email using other SMTP servers without ‘on behalf of’ appearing in From header. We heard your request for another option that wouldn’t show the "on behalf of" text loud and clear, and now there’s a new option that does just that. Instead of using Gmail’s servers to send the message, we’ll use the servers where your other email address lives. Since Gmail isn’t the originating domain, we don’t have to include "Sender" info in the header. No more "on behalf of." http://gmailblog.blogspot.com/2009/07/send-mail-from-another-address-without.html

Twitter short URLs: statistics

From Kaspersky blog on Short URLs in Twitter: As we discussed not so long ago, short URL services are becoming more and more popular among social networks. And the recent event when such a service got compromised highlighted the sensitivity of the problem. We decided to take a look at just how popular each of these URL shortening services are on Twitter. So we’ve collected all the URLs from the public timeline and thought it would be nice to share the results with the world. The stats are based on data collected during a 24 hour period. http://www.viruslist.com/en/weblog?weblogid=208187801 I still … Continue reading Twitter short URLs: statistics

Open-source project aims to makes secure DNS easier

A group of developers has released open-source software that gives administrators a hand in making the Internet’s addressing system less vulnerable to hackers. The software, called OpenDNSSEC, automates many tasks associated with implementing DNSSEC (Domain Name System Security Extensions), which is a set a set of protocols that allows DNS (Domain Name System) records to carry a digital signature, said John A. Dickinson, a DNS consultant working on the project. More in http://www.networkworld.com/news/2009/073009-open-source-project-aims-to-makes.html

D-Link adds Phishing protection to routers – but not in the UK

D-Link is offering all Draft-N router owners in the US a free firmware update that will increase broadband reliability and boost security and protect against phishing attacks. The deal will see Best Path Networks’ DNS servers used in all of D-Link’s routers instead of your ISP’s DNS servers. The Domain Name System (DNS) is the telephone directory of the internet, where web addresses, such as www.expertreviews.co.uk, are turned into computer-readable IP addresses. Unfortunately, D-Link doesn’t plan a similar update for UK customers and, according to a D-Link spokesman in the UK, there are currently "no plans for this in Europe", … Continue reading D-Link adds Phishing protection to routers – but not in the UK

Apple to fix iPhone security flaw

Apple is set to release a software patch to address a recently described security flaw in the iPhone, the UK network operator 02 has said. Experts revealed on Thursday that modified SMS messages could result in iPhones being disconnected from the network or hijacked altogether. Phones incorporating the Windows Mobile and Google Android operating systems are also vulnerable, they said. An O2 spokesperson said the patch would be available Saturday through iTunes. http://news.bbc.co.uk/2/hi/technology/8177755.stm

Expiration Notice: Windows 7 Beta

The Windows 7 Beta expires on August 1st. The Release Candidate download ends on August 20th. You will still be able to get a product key beyond that date but, downloads will not be available. So if you have not downloaded the release candidate, please do so soon. http://windowsteamblog.com/blogs/springboard/archive/2009/07/30/windows-7-beta-and-release-candidate-update.aspx

Update Notice for Windows Live OneCare customers

UPDATE: Windows Security Center Not Reporting Correct Protection Status from Windows Live OneCare Starting next week, customers will receive an update to Windows Live OneCare which will correct an issue affecting users of Windows Vista SP1 that causes Security Center to display the following warning: “Windows Live OneCare is on but is reporting its status to Windows Security Center in a format that is no longer supported.”  There is no need for customers to take any action at this time, as this issue does not represent a decreased level of security or protection provided by OneCare. Customers who would like … Continue reading Update Notice for Windows Live OneCare customers

Microsoft’s response on Windows 7 OEM Product Key Leak

Microsoft respond on reports that there is leaked OEM product key for Windows 7: Yesterday we were alerted to reports of a leak of a special product key issued to an OEM partner of ours. The key is for use with Windows 7 Ultimate RTM product that is meant to be pre-installed by the OEM on new PCs to be shipped later this year. As such, the use of this key requires having a PC from the manufacturer it was issued to. We’ve worked with that manufacturer so that customers who purchase genuine copies of Windows 7 from this manufacturer … Continue reading Microsoft’s response on Windows 7 OEM Product Key Leak