31 Mayıs 2012 Perşembe
Packed:W32/PeCan.A
Behind the 'Flame' malware spying on Mid-East computers (FAQ)
güncel key nod32 full nod32 esed nod32 keyleri esed nod32 key
Major Windows 7 gotcha you should know about that may block you from upgrading
OK, so anyone who knows me expects that I stay up on the bleeding edge when it comes to dev tools and operating systems. Yes, I have been using Windows 7 for almost a year now and have been loving it. However, I never ran it on my production dev environment as I felt I did not what to disrupt our software development workflow until Windows 7 was in final release. With it out to RTM now, I felt it was as good as time as any to migrate, especially since we recently released our latest build of our own product and have a bit of time to do this.
So last week I deployed Windows 7 to both of my production dev systems, as well as the primary QA lab workstations. It was the worst thing I could ever have done, halting all major development and test authoring in our office due to a MAJOR gotcha Microsoft failed to let us know about during the beta and RC.
Ready for this....
You cannot run Virtual PC 7 (beta) in Windows 7 WITHOUT hardware virtualization. OK, I can live with that, since the new XP mode (which is an excellent feature) may very well need it. That didn't concern me. It was my fall back that failed to work that blew my mind...
You cannot run Virtual PC 2007 in Windows 7, as they have a hard block preventing it from being installed on Windows 7 due to compatibility issues. So the same machine that I have been using for development using Vista for a few years has now become a glorified browsing brick. I cannot do any of my kernel mode and system level development or debugging as I am not ALLOWED to install Virtual PC 2007 on the same hardware that worked before. *sigh*
What surprised me is that Ben, the Virtual PC Guy at Microsoft blogged that it was possible to run Virtual PC on Windows 7, and in his own words:
While all the integration aspects of Virtual Machine Additions work (mouse integration, shared folders, etc...) there is no performance tuning for Windows 7 at this stage - so for best performance you should use a system with hardware vitalization support.
That sounds to me like it will still work without hardware virtualization. Seems that is not the case.
Since Windows 7 is already to RTM, if this is a block due to Windows, it isn't going to be fixed anytime soon. So hopefully they can do something in the Virtual PC side of the equation, or they are going to disappoint a lot of unknowing developers.
This just became a MAJOR blocking issue for many dev shops that are using Virtual PC for isolated testing.
If this concerns you, then I recommend you download Intel's Processor Identification Utility so you can check to see if your dev environment is capable of running hardware virtualization.
Failing to do so might get you stuck like I did, now having me decide if I want to degrade back to Windows Vista just to get work done. There goes another day to prep my main systems again. *sigh*
UPDATE: Fellow MVP Bill Grant has provided me a solution to my delimma. It appears the issue is because Virtual PC 7 (beta), a built in component for Windows 7 when installed, is causing the blocking issue. By going into "Turn Windows features on or off" and removing Virtual PC support (and effectively removing XP mode support), Virtual PC 2007 can then be installed on machines that do not have hardware virtualization support.
This isn't the most optimal behaviour, but acceptable. Since without VT support in my CPU I can't use XP mode anyways, removing it does not limit WIndows 7 from functioning. I have reported to Microsoft on this odd behaviour since:
- Virtual PC 7 and XP Mode simply shouldn't be installing if my CPU isn't supported
- When the Customer Experience dialog pops up there is an option to "Check for Solutions Online". This is a PERFECT time where they could explain to uninstall Virtual PC 7 and XP mode support built into Windows 7 so Virtual PC 2007 will not block. Right now it reports that no solution is available.
So if you do NOT have VT support in your CPU, please uninstall Virtual PC 7 support if you installed it. VPC 2007 will then properly install for you.
güncel nod32 keyleri nod32 guncel keyler nod32 guncel key güncel key nod32
Microsoft releases final test version of Windows 8
Exploit:Java/Blackhole
China's Sina Weibo intros code of conduct for social users
nod32 serialleri esed nod32 indir nod32 serial nod32 güncel keyleri
Critical TCP/IP Worm Hole Dings Windows Vista
nod32 keyleri güncel güncel nod32 keyleri nod32 guncel keyler nod32 guncel key
Big Brother
It seems that development of the main module of SpyEye stopped with last autumn’s version 1.3.48 - and this is now
the dominant strain of SpyEye malware.
SpyEye distribution by versions for the period since 1 January 2012* * Others (7%) includes: 1.2.50, 1.2.58, 1.2.71, 1.2.80, 1.2.82, 1.2.93, 1.3.5, 1.3.9, 1.3.25, 1.3.26, 1.3.30, 1.3.32, 1.3.37, 1.3.41, 1.3.44.
But just because the authors are not developing this platform further, it doesn’t mean that SpyEye is no longer
getting new functions. The core code allows anyone to create and attach their own plugins (DLL libraries). I’ve been
analyzing SpyEye samples since the start of the year, and I’ve counted 35 different plugins. Below you can see a
table with those plugins and the corresponding number of samples in which they were included:
nod32 keyleri güncel güncel nod32 keyleri nod32 guncel keyler nod32 guncel key
Inside Facebook security: defending users from spammers, hackers, and 'likejackers'
If Facebook were a country, it would be the third largest in the world, just behind India and China. And like any country, Facebook has a police force to keep things under control. 300 people have been entrusted with the responsibility of keeping a 900-million-person virtual society from itself and from external forces. How do you look after people who use the same username and password on every website and get "hacked"? What about "likejackers" determined to make people spam themselves over and over again?
Teledyne will acquire BlueView Technologies
esed nod32 download nod32 serialleri esed nod32 indir nod32 serial
EU executive to take Berlin to court over data law
full nod32 esed nod32 keyleri esed nod32 key esed nod32 keys
Trojan:W32/Ransomcrypt
güncel nod32 keyleri nod32 guncel keyler nod32 guncel key güncel key nod32
MTV Movie Awards Go Social With Live Voting, Facebook Tracker and More
More Bad Drivers on the Information Superhighway
Backdoor:W32/Knockex.A
nod32 guncel key güncel key nod32 full nod32 esed nod32 keyleri
NASA refutes Iranian cyberattack claims
NASA, the US space agency, has denied that its website had been hacked and information stolen by a band of Iranian students that called themselves the "Cyber Warriors Team."
The group bragged in a May 16 post on Pastebin that it had hacked a NASA site and stolen the personal information of thousands of NASA researchers. The site allegedly compromised is called the Solicitation and Proposal Integrated Review and Evaluation System.
30 Mayıs 2012 Çarşamba
Carberp: it?s not over yet
On 20 March, Russian law enforcement agencies announced the arrest of a cybercriminal gang involved in stealing money using the Carberp Trojan. This is very good news, but unfortunately does not mark the end of the Carberp story.
Evidently, those arrested were just one of the criminal gangs using the Trojan. At the same time, those who actually developed Carberp are still at large, openly selling the Trojan on cybercriminal forums.
Here is a recent offer for the ‘multifunctional bankbot’, which appeared on 21 March:
güncel key nod32 full nod32 esed nod32 keyleri esed nod32 key
Flame malware: So big, so overlooked
esed nod32 keys est nod32 key esed nod32 serial esed nod32 antivirus
Facebook closes lower once again
Sony considered download only for next-gen Playstation, will keep optical drive
Sony considered removing the optical drive from its next-generation Playstation gaming console, The Wall Street Journal reported. The Japanese electronics maker decided against a download-only model, however, because ?Internet connectivity is too inconsistent around the world.? Removing the optical drive would have also hurt the adoption of�Blu-ray, which Sony heavily pushed with its Playstation 3. The next-generation PlayStation, codename Orbis, is rumored to launch during the holiday season of 2013. It has been reported that the system will feature an AMD x64 CPU and AMD Southern Islands GPU capable of running games at a resolution of 4,096 x 2,160 pixels.� Read
RSA Lays Off Security, Sales Staff
güncel key nod32 full nod32 esed nod32 keyleri esed nod32 key
Inside Facebook security: defending users from spammers, hackers, and 'likejackers'
If Facebook were a country, it would be the third largest in the world, just behind India and China. And like any country, Facebook has a police force to keep things under control. 300 people have been entrusted with the responsibility of keeping a 900-million-person virtual society from itself and from external forces. How do you look after people who use the same username and password on every website and get "hacked"? What about "likejackers" determined to make people spam themselves over and over again?
nod32 güncel keyleri nod32 keyleri güncel güncel nod32 keyleri nod32 guncel keyler
Other:W32/Generic
Google, Samsung unveil new version of Chromebook
Google will try to win more converts to a computer operating system revolving around its popular Chrome Web browser with a new wave of lightweight laptops built by Samsung Electronics.
güncel nod32 keyleri nod32 guncel keyler nod32 guncel key güncel key nod32
Blizzard Admits Accounts With Authenticators Have Been Hacked
So, you know how there was this whole thing about having an official Blizzard authenticator meant you weren't going to get hacked? Well, turns out you can still get hacked even with an authenticator.�
Originally, Blizzard mentioned that accounts they investigated that had been hacked/infiltrated/compromised did not have authenticators attached beforehand. This led many in the forums to post rebuttals that most of the hacking occurring was due to player negligence and that they were not properly protecting themselves.�
Flashfake Removal Tool and online-checking site
After intercepting one of the domain names used by the Flashback/Flashfake Mac Trojan and setting up a special sinkhole server last Friday, we managed to gather stats on the scale and geographic distribution of the related botnet. We published information on this in our previous blog entry.
We continued to intercept domain names after setting up the sinkhole server and we are currently still monitoring how big the botnet is. We have now recorded a total of 670,000 unique bots. Over the weekend (7-8 April) we saw a significant fall in the number of connected bots:
This doesn’t mean, however, that the botnet is shrinking rapidly - these are merely the numbers for the weekend.
Over the last few days our server has registered all the data sent by bots from the infected computers and recorded their UUIDs in a dedicated database. Based on this information we have set up an online resource where all users of Mac OS X can check if their computer has been infected by Flashback.
To find out if your computer is infected and what to do if it is, visit: flashbackcheck.com
Also users can check if they’re infected with Flashfake by using Kaspersky Lab’s free removal tool.
esed nod32 keys est nod32 key esed nod32 serial esed nod32 antivirus
Backdoor:W32/Spyrat.D
esed nod32 keyleri esed nod32 key esed nod32 keys est nod32 key
A gift from ZeuS for passengers of US Airways
Spam
On 20 March, we detected a spam campaign targeting passengers of US Airways. Almost the entire week cybercriminals were sending users the following email allegedly from US Airways:
There is a brief description of the check-in procedure and a confirmation code is provided for online reservation.
The criminals are obviously banking on any recipients flying on the flight mentioned in the email clicking on the link "Online reservation details".
Different emails contained different links - for example, we noticed the following domains: sulichat.hu, prakash.clanteam.com, panvelkarrealtors.com.
After clicking the link a series of redirects eventually leads to a domain hosting BlackHole Exploit Kit.
full nod32 download est nod32 serial 64 bit nod32 esed nod32 4
Olympus to cut 2,500 jobs, sell equity stake: media
TOKYO (Reuters) - Japan's Olympus Corp, hit by a $1.7 billion fraud scandal, plans to shed 2,500 workers and sell an equity stake to either Sony Corp or Panasonic Corp in a bid to bolster its finances, local media reported Wednesday. Olympus, the world's leading maker of diagnostic endoscopes, is struggling to recover from an accounting fraud uncovered last year by its then CEO, Michael Woodford. It was forced to correct years of accounts, leaving its balance sheet badly weakened. ...
China's Sina Weibo intros code of conduct: No 'evil teachings'
esed nod32 key esed nod32 keys est nod32 key esed nod32 serial
Trojan:Android/DroidKungFu.C
Application:W32/InstallCore
Court says YouTube not obligated to control content
29 Mayıs 2012 Salı
HTC says phones pass U.S. customs review
full nod32 esed nod32 keyleri esed nod32 key esed nod32 keys
Adware:W32/ClickPotato.A
eset nod32 guncel key eset nod32 güncel key indir com nod32 nod32 keyleri
Trojan:W32/Ransomcrypt
Backdoor:OSX/Olyx.C
Think twice before installing Chrome extensions
Since November 2011, according to recent statistics, Google Chrome has become the most popular browser in Brazil (more than 45% of the market share).
The same has is true for Facebook, which now is the most popular social network in Brazil, with a total of 42 million users, displacing Orkut.
These two facts are enough to motivate Brazil’s bad guys to turn their attentions to both platforms. This month we saw a huge wave of attacks targeting Brazilian users of Facebook, based on the distribution of malicious extensions. There are several themes used in these attacks, including “Change the color of your profile” and “Discover who visited your profile” and some bordering on social engineering such as “Learn how to remove the virus from your Facebook profile”:
1) Click on Install app, 2) Click on Allow or Continue, 3) Click on Install now, After doing these steps, close the browser and open again
This last one caught our attention not because it asks the user to install a malicious extension, but because the malicious extension it’s hosted at the official Google's Chrome Web Store. If the user clicks on “Install aplicativo” he will be redirected to the official store. The malicious extension presents itself as “Adobe Flash Player”:
eset nod32 guncel key eset nod32 güncel key indir com nod32 nod32 keyleri
Backdoor:OSX/Imuler.A
güncel nod32 keyleri nod32 guncel keyler nod32 guncel key güncel key nod32
Facebook extends post-IPO slump
Instant View: RIM enlists JPMorgan, RBC in review, warns of loss
nod32 guncel key eset nod32 guncel key eset nod32 güncel key indir com nod32
New cyberweapon discovered; Iranian computers hit
esed nod32 antivirus nod32 turkce nod32 full indir nod32 full download
Update to "DNSChanger - Cleaning Up 4 Million Infected Hosts"
The Fbi's "Operation Ghost Click" announcement in Nov 2011, involving the Rove Digital botnet delayed cleanup efforts that we previously discussed, continues to haunt both the internet networks and the mass media. A Forbes article and a Times article yesterday brought the apparition back to the front, with some claiming that the site offered by the DNSChanger Working Group is a new one, which it is not. The 2011 Operation being described, and the temporarily outsourced DNS server replacements and delayed cleanup, is the same. This phantom is nothing supernatural, so why all the discussion? The federal judge's extension allowing the Fbi to run these replacement DNS servers still cuts off access in early July. When those replacement servers are removed in early July, the infected systems resolving DNS queries at these previously-owned Rove Digital servers will simply not be able to resolve DNS requests. July 9th will arrive soon, and notifications continue to go out related to the hundreds of thousands of systems in the US alone that are still infected.
In the simplest terms, connectivity will not be severed for DNSChanger-infected systems, but internet communications will not function for infected systems that have not been cleaned up. In the US, government agencies, home users, and other organizations still infected with the malware will have systems that effectively can't get online, can't send email, etc. It will look like they are connected to their network, but they just won't communicate with anything.
At the same time, there seems to be issues with some existing identification efforts. Yesterday, I infected a system with DNSChanger and visited dns-ok.us. Results here:
Regarding the dns-ok site visit, my ISP's support team isn't aware of any "DNS redirections" that would cause the test to fail, and I will update this post with any update from our network admin that they are redirecting my system's dns queries. But that piece is highly doubtful. My point here is that infected system owners may be confused by this check. And the ip address was within the Fbi-provided ranges run by Rove Digital - perhaps a reader knows differently?
UPDATE (1:40 p.m. MST) - I received some details from my local ISP network admin. They are not redirecting any related DNS queries. However, one of their large upstream providers is redirecting DNS requests to another DNS server of their own. The other upstream link to the net does not seem to be re-routing DNS requests. So my infected client's traffic must be favoring routes through the larger upstream provider, and poof, the green/clean response banner appears. Any way you look at it, the response from the site can be inconsistent - sometimes red, sometimes green. Unfortunately, this sort of situation is going to confuse cleanup efforts. So, here we are again. To the potentially millions of folks running DNSChanger infected systems and are listening to the cacophony of incident responder consultants tossing out cheap cynicism that "AV is dead!", go ahead and download an "AV product" to scan your system. Of course, I like recommending our scanners (just visit http://www.kaspersky.com) because I have cleaned up DNSChanger infected systems with it (and the products have fully functional trial periods), along with our TDSSKiller rootkit removal tool to clean up especially complex DNSChanger infections.
nod32 keyleri güncel güncel nod32 keyleri nod32 guncel keyler nod32 guncel key
Trojan:Android/BaseBridge.A
Facebook stock pounded, hovers around $30
nod32 keyleri güncel güncel nod32 keyleri nod32 guncel keyler nod32 guncel key
Samsung Galaxy S3 Now Available in Europe
Backdoor:W32/Knockex.A
nod32 güncel keyleri nod32 keyleri güncel güncel nod32 keyleri nod32 guncel keyler
Trojan:SymbOS/ZeusMitmo.A
Is Network Solutions Snatching Domain Names?
Massive targeted cyber-attack in Middle East uncovered
Public points of data loss
- Access via OWA to a corporate email of a Latin American bank.
- Medical files from Spanish hospitals.
- Commercial offers with personal banking information of a service provider.
- Personal traveller information with full names, IDs, frequent flyer number and the destination of the flight.
- Audit control released by a Latin American government to local companies.
esed nod32 serial esed nod32 antivirus nod32 turkce nod32 full indir
28 Mayıs 2012 Pazartesi
Clueful scans your iOS apps for privacy behavior
Worm:W32/Downadup.AL
nod32 turkce nod32 full indir nod32 full download full nod32 download
Powerful "Flame" cyber weapon found in Iran
BOSTON (Reuters) - Security experts said on Monday a highly sophisticated computer virus is infecting computers in Iran and other Middle East countries and may have been deployed at least five years ago to engage in state-sponsored cyber espionage. Evidence suggest that the virus, dubbed Flame, may have been built on behalf of the same nation or nations that commissioned the Stuxnet worm that attacked Iran's nuclear program in 2010, according to Kaspersky Lab, the Russian cyber security software maker that took credit for discovering the infections. ...
nod32 full indir nod32 full download full nod32 download est nod32 serial
Microsoft SDL bans mempcy()... next it will be zeros!!!!
So recently Microsoft banned memcpy() from their SDL process, which got several of us talking about perf hits and the likes when using the replacement memcpy_s, especially since it has SAL mapped to it. For those that don't know, SAL is the "Standard Annotation Language" that allows programmers to explicitly state the contracts between params that are implicit in C/C++ code. I have to admit its sometimes hard to read SAL annotations, but it works extremely well to be able to help compilers know when things won't play nice. It is great for static code analysis of args in functions, which is why it works so sweet for things like memcpy_s()... as it will enforce checks for length between buffers.
Anyways, during the discussion Michael Howard said something that had me fall off my chair laughing. And I just had to share it with everyone, because I think it would make a great tshirt in the midst of this debate:
Oh, I'm thinking of banning zero's next - so we can no longer have DIV/0 bugs! Waddya think?
OK.. so its a Friday and that is funny to only a few of us. Still great fun though.
Have a great long weekend! (For you Canadian folks that is)
nod32 guncel keyler nod32 guncel key güncel key nod32 full nod32
Critical TCP/IP Worm Hole Dings Windows Vista
nod32 keyleri güncel güncel nod32 keyleri nod32 guncel keyler nod32 guncel key
Trojan:W32/Ransomcrypt
esed nod32 indir nod32 serial nod32 güncel keyleri nod32 keyleri güncel
Backdoor:W32/Bohu.A
esed nod32 serial esed nod32 antivirus nod32 turkce nod32 full indir
Worm:W32/Downadup.A
nod32 güncel keyleri nod32 keyleri güncel güncel nod32 keyleri nod32 guncel keyler
Time to party! Windows 7 is here!
It's only a few days away. The official launch of Windows 7 is here!
And of course, that means its time to party!!! You may have heard about the Windows 7 House Parties that are being thrown all around the world. Basically thousands of small groups of people are getting together to see what Windows 7 can do.
Personally, I thought we needed to do more. So fellow MVP and friend Charlie Russel and I decided we would throw our own party. But focused on IT pros and not the consumer angle. We plan to have a lot of fun, showing the cool features of Windows 7 for IT pros like BitLocker, AppLocker and DirectAccess. We plan to bring a bunch of laptops and show new shell extensions, Powershell, new multitouch features and basically sit around and enjoy hours of Q&A for those that haven't tried it yet. We are even planning on installing Windows 7 on a guest's Macbook to show how well it does using Bootcamp on Apple hardware and even on small netbooks.
I also wanted to send a message out to the Vancouver IT community to clear up some misconceptions. This is a party hosted by Charlie and myself. This is NOT a Microsoft event. Microsoft was gracious enough to let us use their facility and even sprung for some of the cost for pizza. However, they never planned this out. Nor did the local VanTUG and VanSBS groups.
Our party is an INVITATION ONLY event. Because we are limited in our own budget and constrained in where we could have the party... we only have enough room for 75 people. So we could only allow a certain number of our friends to come. Charlie and I decided the best way to handle this would be to simply invite who we wanted, and then open it to our friends at the local user groups on a first come, first served basis. This is why there is a cap on the registration on the event, and why it booked up so quickly.
I am hearing through the grapeline that there is a LOT of descent in the Vancouver IT community who feel that Microsoft, VanTUG and VanSBS did a poor job organizing this. >LET ME BE CLEAR. This is a personal party that Charlie and I organized. If you were lucky enough to get an invitation and registered, great. But if you didn't, don't take it out on Microsoft, the local usergroups or their leaders. It's not their fault!!!
We are using our own money and time to throw this party. Please be considerate and respect that we couldn't invite all of you. I am happy to see there is so much excitement about Windows 7 and that you wanted to party with us. And I am sorry if you feel it isn't fair that you didn't get invited. Please feel free to share your own Windows 7 experience, and host your own party. We may be the only IT pro party during the Windows 7 launch, but nothing says you can't have your own!
So party on. Welcome to a new world. Welcome to Windows 7!
nod32 güncel key nod32 guncel key eset nod32 guncel key eset nod32 güncel key
Backdoor:OSX/Olyx.B
Absinthe Used To Jailbreak 1.2 Million Devices On iOS 5.1.1 Over The Weekend
Kaspersky to cut phisher lines before they hook you
esed nod32 indir nod32 serial nod32 güncel keyleri nod32 keyleri güncel
Trojan-Downloader:OSX/Flashback.C
esed nod32 key esed nod32 keys est nod32 key esed nod32 serial
Backdoor security flaw found in ZTE Score M
Morgan Stanley may refund some Facebook investors
full nod32 download est nod32 serial 64 bit nod32 esed nod32 4
RSA Lays Off Security, Sales Staff
Google seals buyout of Motorola Mobility by axing CEO
Google sealed its $12.5bn purchase of Motorola Mobility on Tuesday, marking the company's biggest ever acquisition with a change at the top.�
Google CEO Larry Page said in a post on Google's official blog earlier that the deal was closed with Motorola Mobility CEO, Sanjay Jha, stepping down and being replaced by president of Google's Americas region, Dennis Woodside.
esed nod32 key esed nod32 keys est nod32 key esed nod32 serial
27 Mayıs 2012 Pazar
Trojan:Android/DroidKungFu.C
Is this the world?s most epic marriage proposal?
IMF chief sparks Facebook war by Greeks
Greek web users waged Facebook war against IMF head Christine Lagarde on Sunday after she accused their countrymen of dodging taxes.
güncel key nod32 full nod32 esed nod32 keyleri esed nod32 key
10 Simple Tips for Boosting The Security Of Your Mac
Here’s our recommendation on 10 simple tips to boost the security of your Mac:
Trojan-Downloader:OSX/Flashback.C
This Adorable 'Lip-Dub' Marriage Proposal Is Worth Watching Now [VIRAL VIDEO]
esed nod32 download nod32 serialleri esed nod32 indir nod32 serial
Fake or hijacked Facebook accounts used in scams to steal money are on the rise
Sweden recently experienced a large banking scam where over 1.2 million Swedish kronor (about $177,800) were stolen by infecting the computers of multiple victims. The attackers used a Trojan which was sent to the victims and, once installed, allowed the attackers to gain access to the infected computers. Luckily these guys were caught and sentenced to time in jail, but it took a while to investigate since over 10 people were involved in this scam.
It's possible that these attacks are no longer as successful as the bad guys would like, because we are now seeing them use other methods to find and exploit new victims. For quite some time now we have seen how hijacked Facebook accounts have been used to lure the friends of whose account has been hijacked to do everything from click on malicious links to transfer money to the cybercriminals’ bank accounts.
Please note that this is not a new scam - it has been out there for quite some time. But what we are now seeing is the use of stolen/hijacked accounts, or fake accounts, becoming very common on Facebook. So common, in fact, that there are companies creating fake accounts and then selling access to them to other cybercriminals. As you might expect, the more friends these accounts have, the more expensive they are, because they can be used to reach more people.
The problem here is not just technical - it’s primarily a social problem. We use Facebook to expand our circle of friends. We can easily have several hundred friends on Facebook, while we in real life we may only have 50. This could be a problem because some of the security and privacy settings in Facebook only apply in your interactions with people who you are not friends with. Your friends, on the other hand, have full access to all the information about you.
nod32 turkce nod32 full indir nod32 full download full nod32 download
Trojan:Android/GinMaster.A
Trojan:Android/BaseBridge.A
esed nod32 keys est nod32 key esed nod32 serial esed nod32 antivirus
Web series touts funky concept snowboards
iOS Jailbreak Dream Team Releases Absinthe 2.0 - iOS 5.1.1 Jailbreak at #HITB2012AMS
AMSTERDAM, THE NETHERLANDS - 25th May 2012�? Today @pod2g and the @ChronicDevTeam announced the highly anticipated release of Absinthe 2.0 at #HITB2012AMS held at the Okura Hotel in Amsterdam.
nod32 serial nod32 güncel keyleri nod32 keyleri güncel güncel nod32 keyleri
The mystery of Duqu: Part Ten
At the end of the last year the authors of Duqu and Stuxnet tried to eliminate all traces of their activity. They wiped all servers that they used since 2009 or even earlier. The cleanup happened on October 20.
There were virtually no traces of Duqu since then. But several days ago our colleagues in Symantec announced that they found a new "in-the-wild" driver that is very similar to known Duqu drivers. Previous modifications of Duqu drivers were compiled on Nov 3 2010 and Oct 17 2011, and the new driver was compiled on Feb 23 2012.
So, the authors of Duqu are back after a 4 months break.
Duqu is back
The newly discovered driver does not contain any new functionality compared to its previous versions. The code contains only minor modifications, and they were most likely done to evade detection from antivirus programs and detection tools such as the CrySyS Duqu Toolkit. Here’s a list of changes compared to older versions:
- The code was compiled with different optimization settings and/or inline attributes of functions.
- The size of the EXE stub that is injected with the PNF DLL was increased by 32 bytes.
- The LoadImageNotifyRoutine routine now compares the module name with “KERNEL32.DLL” using hash checksums instead of simple string comparison.
- The size of the encrypted configuration block was increased from 428 to 574 bytes. There are no new fields in in the block, but the size of the registry value name (“FILTER”) field was increased. This makes the registry value name easily modifiable - probably for future use.
- The algorithm of the two subroutines that decrypt the encrypted config block, registry value and PNF DLL has been changed. This is the third known algorithm used in the Duqu encryption subroutines.
- The algorithm of the hash function for the APIs has changed. All the hash values were changed correspondingly.
Old hash function, used in previous versions of the Duqu driver:
New hash function:
The fact that the new driver was found in Iran confirms that most of Duqu incidents are related to this country.
Backdoor security flaw found in ZTE Score M
nod32 full indir nod32 full download full nod32 download est nod32 serial
SOURCE Boston Security Conference and Training 2012 Day 2 - Dan Geer Keynote, Android Modding and Cloud Security
Dan Geer's fantastic Keynote Speech kicked off Day 2 of SOURCE Conference Boston this morning. The talk itself was heady and complex, something to keep up with. Notable talks also were Jeremey Westerman's "Covering *aaS - Cloud Security Case Studies for SaaS, PaaS and IaaS", and Dan Rosenberg's "Android Modding for the Security Practitioner".
"The internet will never be as free as it is this morning." Dan Geer is one of the best, sharpest computing/network security speakers around. His talk descended from a high-level, lengthy, example-laden description of most every developed nation's dependency on the internet: "Dependence with respect to the internet is transitive, dependence on television is not...We are at the point where it may no longer be possible to live your life without having a critical dependence on the Internet, even if you live at the end of a dirt road but still occasionally buy nails or gasoline." And, he wound through multiple examples of failures in US systems to provide fallback options. He talked about his little local bank, whom he wrote a letter to close down the auto-created online account he wouldn't use. They, as an exception, closed it down immediately. His 401k account administrator Fidelity Investments, on the other hand, would not accept customer instructions from him in writing. The company continues to send him mailed marketing content of all kinds in writing at the address from which he sends his letters. Their auditors apparently approve of Fidelity's rejection of customer-initiated hand-written delivered communications, instead, accepting email/online chat messaging or instructions over the phone. This discussion made its way through systems design, unified field theory, and fault tolerance, eventually landing on key points that intrusion prevention is agreed not to be a workable model, instead, the elegance of "intrusion tolerance" must be built into systems, and countries and organizations that cannot build tolerance into their systems are not sustainable. Favorite quotes: "forget the banks, it is the internet that is too big to fail", "Is there room for those who choose simply to not participate in the internet?", "HTML5 is Turing complete. HTML4 is not", and "Should we preserve a manual means? Preserving fallback is prudent if not essential."
Jeremy Westerman's "Covering *aaS - Cloud Security Case Studies..." presented several design cases for Universities and other organizations. The single most important point to learn from this talk is that API key management is unfortunately not handled with as much urgency and awareness as private SSL keys for large organizations. This API key, in the context of multiple, popular single sign-on (SSO) solutions in use at large universities, is the key to tens of thousands, if not hundreds of thousands, of email accounts. Similar API key schemes are implemented on IaaS solutions like the Xen supported Amazon EC2 environment and VMWare vCloud Teramark environments. Without appropriate awareness, developers are storing that key in improper locations like the hard drive of the sign-on machine, or the developers themselves are storing keys on their development system hard drives in non-obvious places, emailing/"dropboxing" them around to each other and then simply transferring the API keys to the production environment, instead of re-issuing production API keys. It is practically imperative that these keys are taken out of the hands of developers. These loose handling practices are bad news - viral code like Sality and other viral code and worms previously high in our prevention stats have maintained functionality to steal FTP and web admin account passwords in order to silently host malicious code, encrypted or otherwise, on legitimate web sites without the owner's knowledge. In other words, developers have been effective and weak targets in the past for credential theft, enabling silent site compromise and malicious use. Most schools don't want that - I remember one unfortunate notification at a small Arts college, where the web admin really didn't want to believe that the encrypted blob of data hosted on his school's web server was a viral payload updating other students' infected systems, located there because his credentials were Sality-stolen after trying to run cracked software distributed over a P2P network. Anyway, it happens and it can be planned for and prevented.
Come have Coffee and Code in Vancouver with me and Microsoft tomorrow
So John Bristowe, Developer Evangelist for Microsoft Canada will be hosting a Coffee and Code event in Vancouver tomorrow from 9 to 2 at Wicked Cafe. Come join him and fellow Microsoft peers Rodney Buike and Damir Bersinic as they sit and share their knowledge over a cup of joe.
I will be there too, and will be available if anyone wants to talk about secure coding, threat modeling with the SDL TM or if you want to talk about integrating AuthAnvil strong authentication into your own applications or architectures
I do hope to see some of you there. And if I don't... I will be seeing you at #energizeIT right?
What: Coffee and Code in Vancouver
When: April 8th, 2009 from 9am - 2pm
Where: Wicked Cafe - 861 Hornby Street (Vancouver)
nod32 full download full nod32 download est nod32 serial 64 bit nod32
Rogue:OSX/FakeMacDef.A
güncel nod32 keyleri nod32 guncel keyler nod32 guncel key güncel key nod32
26 Mayıs 2012 Cumartesi
SabPub Mac OS X Backdoor: Java Exploits, Targeted Attacks and Possible APT link
1. Remove the Flashback malware about which we have already written
2. Automatically deactivate the Java browser plugin and Java Web Start, effectively disabling java applets in browsers
Particularly, the second step shows the severity of the CVE-2012-0507 vulnerability exploited by Flashback to infect almost 700,000 users via drive-by malware downloads.
Actually, it was the right decision because we can confirm yet another Mac malware in the wild - Backdoor.OSX.SabPub.a being spread through Java exploits.
This new threat is a custom OS X backdoor, which appears to have been designed for use in targeted attacks. After it is activated on an infected system, it connects to a remote website in typical C&C fashion to fetch instructions. The backdoor contains functionality to make screenshots of the user’s current session and execute commands on the infected machine.
Who's Up Late Booking Memorial Day Weekend Hotel Rooms Online? [INFOGRAPHIC]
Microsoft SDL bans mempcy()... next it will be zeros!!!!
So recently Microsoft banned memcpy() from their SDL process, which got several of us talking about perf hits and the likes when using the replacement memcpy_s, especially since it has SAL mapped to it. For those that don't know, SAL is the "Standard Annotation Language" that allows programmers to explicitly state the contracts between params that are implicit in C/C++ code. I have to admit its sometimes hard to read SAL annotations, but it works extremely well to be able to help compilers know when things won't play nice. It is great for static code analysis of args in functions, which is why it works so sweet for things like memcpy_s()... as it will enforce checks for length between buffers.
Anyways, during the discussion Michael Howard said something that had me fall off my chair laughing. And I just had to share it with everyone, because I think it would make a great tshirt in the midst of this debate:
Oh, I'm thinking of banning zero's next - so we can no longer have DIV/0 bugs! Waddya think?
OK.. so its a Friday and that is funny to only a few of us. Still great fun though.
Have a great long weekend! (For you Canadian folks that is)
FAQ: Disabling the new Hlux/Kelihos Botnet
Q: What is the Hlux/Kelihos botnet? A: Kelihos is Microsoft's name for what Kaspersky calls Hlux. Hlux is a peer-to-peer botnet with an architecture similar to the one used for the Waledac botnet. It consists of layers of different kinds of nodes: controllers, routers and workers.
Q: What is a peer-to-peer botnet? A: Unlike a classic botnet, a peer-to-peer botnet doesn't use a centralized command and control-server (C&C). Every member of the network can act as a server and/or client. The advantages from the malicious user’s point of view is the omission of the central C&C as a single-point-of-failure. From our point of view, this makes it a lot harder to take down this kind of botnet. Architecture of traditional botnet vs P2P:
eset nod32 guncel key eset nod32 güncel key indir com nod32 nod32 keyleri
SEC eyes Nasdaq compliance in Facebook debacle
How To Organize A Social Media Day Meetup
Code Testing Tools Could Be Acquisition Targets in '08
nod32 guncel key eset nod32 guncel key eset nod32 güncel key indir com nod32
New Google data show Microsoft's piracy problems
güncel key nod32 full nod32 esed nod32 keyleri esed nod32 key
Backdoor:OSX/DevilRobber.A
esed nod32 indir nod32 serial nod32 güncel keyleri nod32 keyleri güncel
Carolina Dieckmann, Brazilian cybercrime legislation and la ?Viveza criolla?
'True Blood,' 'Twilight' Sink Teeth Into Social Media [INFOGRAPHIC]
esed nod32 keys est nod32 key esed nod32 serial esed nod32 antivirus
Fallout from New Orleans Times-Picayune Announcement of Downsizing
SabPub Mac OS X Backdoor: Java Exploits, Targeted Attacks and Possible APT link
1. Remove the Flashback malware about which we have already written
2. Automatically deactivate the Java browser plugin and Java Web Start, effectively disabling java applets in browsers
Particularly, the second step shows the severity of the CVE-2012-0507 vulnerability exploited by Flashback to infect almost 700,000 users via drive-by malware downloads.
Actually, it was the right decision because we can confirm yet another Mac malware in the wild - Backdoor.OSX.SabPub.a being spread through Java exploits.
This new threat is a custom OS X backdoor, which appears to have been designed for use in targeted attacks. After it is activated on an infected system, it connects to a remote website in typical C&C fashion to fetch instructions. The backdoor contains functionality to make screenshots of the user’s current session and execute commands on the infected machine.
esed nod32 antivirus nod32 turkce nod32 full indir nod32 full download