Hackers turn Google into vulnerability scanner...

February 2008

The hacking group Cult of the Dead Cow (CDC) this week released a tool that turns Google into an automated vulnerability scanner, scouring Web sites for sensitive information such as passwords or server vulnerabilities. CDC first achieved notoriety 10 years ago with its backdoor Back Orifice, which demonstrated in a highly public way just how easy it was to take unauthorized control of a Windows PC. The new tool, called Goolag Scan, is equally provocative, making it easy for unskilled users to track down vulnerabilities and sensitive information on specific Web sites or broad Web domains. This capability should serve as a wake-up call for system administrators to run the tool on their own sites before attackers get around to it, according to CDC. “We’ve seen some pretty scary holes through random tests with the scanner in North America, Europe, and the Middle East. If I were a government, a large corporation, or anyone with a large website, I’d be downloading this beast and aiming it at my site yesterday,” said a CDC representative. The tool is a stand-alone Windows .Net application, licensed under the open source GNU General Public License, which provides about 1,500 customized searches under categories such as “vulnerable servers,” “sensitive online shopping information,” and “files containing juicy information.”

Hackers ramp up Facebook, MySpace attacks...

February 2008

Hackers are actively exploiting an Internet Explorer plug-in that’s widely used by Facebook Inc. and MySpace.com members with a multi-attack kit, a security company warned Friday. The exploit directed at Aurigma Inc.’s Image Uploader, an ActiveX control used by Facebook, MySpace and other social networking sites to allow members to upload photos to their profiles, is just one of five in a new hacker tool kit being used by several Chinese attack sites, said Symantec Corp. Attacks begin when users receive spam or an instant message with an embedded link, said the Symantec analyst who authored the advisory. The link takes users to a bogus MySpace log-in page, which tries to steal members’ credentials as it also silently probes the their computers for vulnerabilities in Uploader, Apple Inc.’s QuickTime, Windows and Yahoo Music Jukebox. Although the Windows and QuickTime bugs were patched eight and 13 months ago, respectively, the Uploader and Yahoo vulnerabilities were made public and fixed only within the past few weeks. The Symnatec analyst noted the hackers’ fast reaction times. “[This demonstrates] how quickly attackers are leveraging new vulnerabilities,” he said. “It is unlikely that attackers will stop trying to leverage this vulnerability any time soon.” Symantec urged users to update the Image Uploader ActiveX control to Version 4.5.57.1.

Critical VMware...

February 2008

A critical vulnerability in VMware Inc.’s virtualization software for Windows lets attackers escape the “guest” operating system and modify or add files to the underlying “host” operating system, the company has acknowledged. As of Sunday, there was no patch available for the flaw, which affects VMware’s Windows client virtualization programs, including Workstation, Player and ACE. The company’s virtual machine software for Windows servers and for Mac- and Linux-based hosts are not at risk. The bug was reported by Core Security Technologies, makers of the penetration-testing framework CORE IMPACT, said VMware in a security alert issued last Friday. “Exploitation of this vulnerability allows attackers to break out of an isolated guest system to compromise the underlying host system that controls it,” claimed Core Security. According to VMware, the bug is in the shared-folder feature of its Windows client-based virtualization software. Shared folders let users access certain files – typically documents and other application-generated files – from the host operating system and any virtual machine on that physical system. “On Windows hosts, if you have configured a VMware host-to-guest shared folder, it is possible for a program running in the guest to gain access to the host’s complete file system and create or modify executable files in sensitive locations,” confirmed VMware. VMware has not posted a fix, but it instead told users to disable shared folders.

Hacker breaks iTunes / iPod link...

February 2008

A notorious Norwegian hacker known as DVD Jon is preparing for another run-in with the music industry after he released software that lets iPod owners copy music and videos bought from iTunes and play it on other devices.

The program allows people to drag and drop songs from iTunes into a folder on their desktop, which in turn copies the files to other devices such as mobile phones and games consoles via the web.

In doing so, the software breaks the copy protection - known as 'digital rights management' or DRM - that is built into all music that is bought from iTunes. Music bought from iTunes can be played only on the iPod.

DoubleTwist, DVD Jon's company, maintains that its service is legal, but lawyers said that Apple would almost certainly seek to shut it down because the law now specifically targeted technologies which attempted to circumvent measures such as DRM.

The hacker has previously enabled iPod owners to play music bought from websites other than iTunes.

DoubleTwist's new software will initially enable files to be copied to Nokia N-series mobile phones, Sony Ericsson's Walkman and Cybershot handsets, as well as any smartphone powered by Microsoft's Windows Mobile operating system.

The program gets around Apple's DRM software by replaying a song in fast-forward and taking a copy of the audio track, using a process similar to that by which a CD is 'ripped' - or copied - to a computer.

About a hundred songs can be converted in half an hour, doubleTwist said, although there is a 5 per cent loss of sound quality - about the same as when a CD is copied.

A spokesman for the San Fransisco-based company said that its software was legal, because it only allowed a user who has already purchased music to copy it. "All we are facilitating are friends sending things to one another," Monique Farantzos, doubleTwists's chief executive and co-founder, told Reuters.

Lawyers today cast doubt on Ms Farantzos's claims, however, saying that the law had taken steps to protect Apple's efforts to control the way its music could be played, and that anyone circumventing measures such as DRM risked being found guilty of copyright infringement.

"I would be astonished if doubleTwist doesn't get a call from Apple," Paul Jones, a partner in intellectual property law at the London-based firm Harbottle & Lewis, said.

DVD Jon, whose real name is Jon Lech Johansen, has been an arch-enemy of the music and film indutries ever since he released software which broke the copy protection on Hollywood films, aged 16.

In 2003, Mr Johansen, now 24, developed the first of several programs which attempted to bypass the system developed by Apple for synchronising its iTunes store with iPods, leading to one of a series of run-ins with the firm.

Thanks J. Richards & Times Online

Watch The Hack!!!

February 2008

We've been alerted to some phishing attacks and one has been observed on the state network. The malicious email appears to be from the IRS with the subject line “IRS : Tax Refund” and informs the recipient that they are eligible for a tax refund.



Similar phishing emails have appeared to be from the Federal Bureau of Investigation, the Department of Justice, and the Federal Trade Commission. Some are “personalized” by associating the recipient with their workplace. Please remind your employees that if they get a suspicious email to not take any action through the email by clicking on a link. If the recipient believes the email to be authentic, they should verify with the sending organization that the email is valid. These emails typically attempt to steal personal or corporate information.

New Cyber Ideas...

February 2008

Cybercrooks come up with new ideas. Cyber-criminals are apparently coming up with more crafty and sophisticated ways to hack data now that owners are installing firewalls and virus checkers. According to USA Today, the latest technique is to attack home network routers instead of PC hard-drives. Another uses hacked PCs to click on Internet adverts to generate ad payments. A senior researcher at security firm ScanSafe said that attacks were becoming more frequent and continue to grow increasingly more sophisticated in 2008. The router hack seems to be the brain child of one particular gang which has successfully used it to get money out of a Mexican bank. This involves sending out tainted e-mail greeting card that, when opened, give the intruders control of the recipient’s router. It only worked on one router model, but fortunately for the crooks it just happened to be one run by the bank. A Symantec spokesman said that the attack was so successful it was almost certain to be copied by others who would use other router brands.