It’s retro day in the world of Internet security, with an Internet worm dubbed “Morto” spreading via the Windows Remote Desktop Protocol (RDP).
F-Secure is reporting that the worm is behind a spike in traffic on Port 3389/TCP. Once it’s entered a network, the worm starts scanning for machines that have RDP enabled. Vulnerable machines get Morto copied to their local drives as a DLL, a.dll, which creates other files detailed in the F-Secure post.
With security constantly in the news lately, you can’t help but feel ill at ease and vulnerable — vulnerable to teams of hackers whose only motivations are to expose and attack their victims. Perhaps you think you’ve done due diligence by keeping your patches updated, installing security fixes, and maintaining a corporate firewall.
Those methods are effective about 50 percent of the time. For the other 50 percent, you need to do more. You need penetration testing, security audits, intrusion prevention and intrusion detection, and you need to plug security holes that only hackers know about by using the tools they use to compromise your systems.
Security is expensive no matter how you slice it but it doesn’t have to be a death knell for your business. This list of 10, in no particular order, security-enhanced Linux distributions can give you peace of mind by beating hackers on their turf.
Source:Serverwatch
Source: pcauthority
Nearly half of IT professionals planning Windows 7 rollouts for their organisations are concerned about migrations issues, specifically those of user profile migration.
This was the main finding of a survey from RES Software which polled over 1,500 IT professionals worldwide from a range of industries. It found 57 per cent were planning the move to Windows 7 this year, mostly down to Microsoft’s scheduled closure of Windows XP support in 2014.
However, 45 per cent were concerned with the migration of user profiles from Windows XP to Windows 7. Of those surveyed, 43 per cent said not only was it an issue establishing what permissions and applications required migration but they had “serious concerns” they were not properly equipped with tools and software to cope with the move
Source: pcworld
Since the vast majority of malware infections start with a Web download or e-mail attachment, the VirusTotal.com Web site offers an invaluable security service. It will scan any Web download, e-mail attachment or other file you send it with 40-odd different antivirus scanners to let you know whether it’s safe for your computer.
The free VirusTotal Uploader utility makes sending a file to the site a breeze by adding a new right-click option for any file.
VirusTotal’s excellent free service, a must-have for your security arsenal.
Source: zdnet.co.uk
Chip-and-PIN readers can be tricked into accepting transactions without a valid personal identification number, opening the door to fraud, researchers have found.
Researchers at Cambridge University have found a fundamental flaw in the EMV — Europay, MasterCard, Visa — protocol that underlies chip-and-PIN validation for debit and credit cards.
As a consequence, a device can be created to modify and intercept communications between a card and a point-of-sale terminal, and fool the terminal into accepting that a PIN verification has succeeded.
The researchers conducted an attack that succeeded in tricking a card reader into authenticating a transaction, even though no valid PIN was entered. In a later test, they managed to authenticate transactions, without the correct PIN, with valid cards from six different card issuers. Those issuers were Barclaycard, Co-operative Bank, Halifax, Bank of Scotland, HSBC and John Lewis.
The central problem with the EMV protocol is that it allows the card and the terminal to generate ambiguous data about the verification process, which the bank will accept as valid.
In particular, the terminal can record that a PIN verification has taken place, while the card itself receives a verification message that does not specify that a PIN has been used. The resultant authorisation by the terminal is accepted by the bank, and the transaction goes ahead.
Source: US-CERT
In addition to taking precautions to protect your portable devices, it is
important to add another layer of security by protecting the data itself.
Why do you need another layer of protection?
Although there are ways to physically protect your laptop, PDA, or other
portable device (see Protecting Portable Devices: Physical Security for more
information), there is no guarantee that it won’t be stolen. After all, as
the name suggests, portable devices are designed to be easily transported.
The theft itself is, at the very least, frustrating, inconvenient, and
unnerving, but the exposure of information on the device could have serious
consequences. Also, remember that any devices that are connected to the
internet, especially if it is a wireless connection, are also susceptible to
network attacks.
What can you do?
* Use passwords correctly – In the process of getting to the information
on your portable device, you probably encounter multiple prompts for
passwords. Take advantage of this security. Don’t choose options that
allow your computer to remember passwords, don’t choose passwords that
thieves could easily guess, use different passwords for different
programs, and take advantage of additional authentication methods
* Consider storing important data separately – There are many forms of storage media, including CDs, DVDs, and removable flash drives (also
known as USB drives or thumb drives). By saving your data on removable
media and keeping it in a different location (e.g., in your suitcase
instead of your laptop bag), you can protect your data even if your
laptop is stolen.
* Encrypt files – By encrypting files, you ensure that unauthorized people
can’t view data even if they can physically access it. You may also want
to consider options for full disk encryption, which prevents a thief
from even starting your laptop without a passphrase. When you use
encryption, it is important to remember your passwords and passphrases;
if you forget or lose them, you may lose your data.
* Install and maintain anti-virus software
* Install and maintain a firewall
* Back up your data
