College students aren't just concerned with getting good grades and finding the best parties. More than ever, they're using their to navigate life on campus.
30 Haziran 2012 Cumartesi
In a Relationship: College Students and Their Smartphones [INFOGRAPHIC]
The Scienceblogging Weekly (June 29th, 2012)
nod32 güncel key nod32 guncel key eset nod32 guncel key eset nod32 güncel key
Trojan-Downloader:OSX/Flashback.A
eset nod32 guncel key eset nod32 güncel key indir com nod32 nod32 keyleri
Iconic Atari turns 40, tries to stay relevant
A scruffy, young Steve Jobs worked at Atari before he founded Apple. "Pong," one of the world's first video games, was born there, as was "Centipede," a classic from the era of quarter-guzzling arcade machines. "Call of Duty" creator Activision was started by four of Atari's former game developers.
nod32 güncel key nod32 guncel key eset nod32 guncel key eset nod32 güncel key
Nexus Q hacked to run Android games in under 24 hours
Less than 24 hours after its release, Google?s new Nexus Q media player has already been hacked to run ? but not play ? Android games.
The $299 Nexus Q possesses all of the internals it needs to run applications, including a dual-core OMAP4460 processor ? the same processor packed into the Samsung Galaxy Nexus, a PowerVR SGX540 graphics processing unit, and 1GB of RAM. It also has a microUSB port, which means developers can plug it straight into their computers and tinker with it.
Operation High Roller auto-targets bank funds
nod32 turkce nod32 full indir nod32 full download full nod32 download
Come have Coffee and Code in Vancouver with me and Microsoft tomorrow
So John Bristowe, Developer Evangelist for Microsoft Canada will be hosting a Coffee and Code event in Vancouver tomorrow from 9 to 2 at Wicked Cafe. Come join him and fellow Microsoft peers Rodney Buike and Damir Bersinic as they sit and share their knowledge over a cup of joe.
I will be there too, and will be available if anyone wants to talk about secure coding, threat modeling with the SDL TM or if you want to talk about integrating AuthAnvil strong authentication into your own applications or architectures
I do hope to see some of you there. And if I don't... I will be seeing you at #energizeIT right?
What: Coffee and Code in Vancouver
When: April 8th, 2009 from 9am - 2pm
Where: Wicked Cafe - 861 Hornby Street (Vancouver)
esed nod32 antivirus nod32 turkce nod32 full indir nod32 full download
RIMageddon: Three end-game scenarios
A little less than a year ago, ZDNet?s Jason Perlow predicted three outcomes for the BlackBerry maker: independence, assimilation, or oblivion.
The company was given three valid options ? and it still had time on its side ? to pull itself out of the then-quagmire it had found itself in.
Apple's Siri voiceprints raise privacy concerns
Even in an age of vanishing privacy, people using Apple?s digital assistant Siri share a distinct concern. Recordings of their actual voices, asking questions that might be personal, travel over the Internet to a remote Apple server for processing. Then they remain stored there; Apple won?t say for how long.
nod32 guncel key eset nod32 guncel key eset nod32 güncel key indir com nod32
Storm Damage in the US: Did it Affect You?
The mid-Atlantic region of the United States was hit hard by a major storm on Saturday. Washington, D.C. was the center of the damage, but the effects of the storm stretched from Indiana to New Jersey.
full nod32 download est nod32 serial 64 bit nod32 esed nod32 4
Facebook to require privacy policies in mobile apps
full nod32 esed nod32 keyleri esed nod32 key esed nod32 keys
Trojan-Downloader:OSX/Flashback.B
Trojan-Downloader:OSX/Flashback.C
güncel nod32 keyleri nod32 guncel keyler nod32 guncel key güncel key nod32
Major Windows 7 gotcha you should know about that may block you from upgrading
OK, so anyone who knows me expects that I stay up on the bleeding edge when it comes to dev tools and operating systems. Yes, I have been using Windows 7 for almost a year now and have been loving it. However, I never ran it on my production dev environment as I felt I did not what to disrupt our software development workflow until Windows 7 was in final release. With it out to RTM now, I felt it was as good as time as any to migrate, especially since we recently released our latest build of our own product and have a bit of time to do this.
So last week I deployed Windows 7 to both of my production dev systems, as well as the primary QA lab workstations. It was the worst thing I could ever have done, halting all major development and test authoring in our office due to a MAJOR gotcha Microsoft failed to let us know about during the beta and RC.
Ready for this....
You cannot run Virtual PC 7 (beta) in Windows 7 WITHOUT hardware virtualization. OK, I can live with that, since the new XP mode (which is an excellent feature) may very well need it. That didn't concern me. It was my fall back that failed to work that blew my mind...
You cannot run Virtual PC 2007 in Windows 7, as they have a hard block preventing it from being installed on Windows 7 due to compatibility issues. So the same machine that I have been using for development using Vista for a few years has now become a glorified browsing brick. I cannot do any of my kernel mode and system level development or debugging as I am not ALLOWED to install Virtual PC 2007 on the same hardware that worked before. *sigh*
What surprised me is that Ben, the Virtual PC Guy at Microsoft blogged that it was possible to run Virtual PC on Windows 7, and in his own words:
While all the integration aspects of Virtual Machine Additions work (mouse integration, shared folders, etc...) there is no performance tuning for Windows 7 at this stage - so for best performance you should use a system with hardware vitalization support.
That sounds to me like it will still work without hardware virtualization. Seems that is not the case.
Since Windows 7 is already to RTM, if this is a block due to Windows, it isn't going to be fixed anytime soon. So hopefully they can do something in the Virtual PC side of the equation, or they are going to disappoint a lot of unknowing developers.
This just became a MAJOR blocking issue for many dev shops that are using Virtual PC for isolated testing.
If this concerns you, then I recommend you download Intel's Processor Identification Utility so you can check to see if your dev environment is capable of running hardware virtualization.
Failing to do so might get you stuck like I did, now having me decide if I want to degrade back to Windows Vista just to get work done. There goes another day to prep my main systems again. *sigh*
UPDATE: Fellow MVP Bill Grant has provided me a solution to my delimma. It appears the issue is because Virtual PC 7 (beta), a built in component for Windows 7 when installed, is causing the blocking issue. By going into "Turn Windows features on or off" and removing Virtual PC support (and effectively removing XP mode support), Virtual PC 2007 can then be installed on machines that do not have hardware virtualization support.
This isn't the most optimal behaviour, but acceptable. Since without VT support in my CPU I can't use XP mode anyways, removing it does not limit WIndows 7 from functioning. I have reported to Microsoft on this odd behaviour since:
- Virtual PC 7 and XP Mode simply shouldn't be installing if my CPU isn't supported
- When the Customer Experience dialog pops up there is an option to "Check for Solutions Online". This is a PERFECT time where they could explain to uninstall Virtual PC 7 and XP mode support built into Windows 7 so Virtual PC 2007 will not block. Right now it reports that no solution is available.
So if you do NOT have VT support in your CPU, please uninstall Virtual PC 7 support if you installed it. VPC 2007 will then properly install for you.
nod32 keyleri güncel güncel nod32 keyleri nod32 guncel keyler nod32 guncel key
Bitdefender builds a safer browser
nod32 güncel key nod32 guncel key eset nod32 guncel key eset nod32 güncel key
Facebook to require privacy policies in mobile apps
Two hackers plead guilty to LulzSec attacks on Web sites
nod32 keyleri güncel güncel nod32 keyleri nod32 guncel keyler nod32 guncel key
Virus:W32/Ramnit.N
Is Twittering safe?
So Susan has been on my case about Twitter for some time now. In a recent round table we were recording she "beat me up" about it, and tonight on IM we had a good discussion about the REAL vs PERCEIVED risks in Twitter.
Susan's biggest complaint is that security minded individuals shouldn't be blindly recommending the use of Twitter without educating the user on 'safe-twittering'. I would say that same logic exists for setting up web pages, blogs and the use of social networking sites like Facebook.
She stepped that up a bit tonight when she blogged her discomfort in the fact the RSA Conference was recommending Twitter as well.
So in an effort to stop spreading the FUD about Twitter insecurity, I wanted to share some of my thoughts through a quick set of safe twittering rules.
@DanaEpp's 5 Rules of Safer Twittering
- Never share information in a tweet that you wouldn't share with the world. You can never expect to take it back once it's on the Internet. Even though you can delete a tweet, 3rd party clients may still have it archived. If you feel you want to share private thoughts through Twitter, consider using a "Private Account" and limited it to only people you trust and want to share with. Of course, remember nothing prevents your friends from sharing your tweets with the world. So never share private information on Twitter. Ever. it's just easier that way.
- There is no assurance that a Twitter account is the person you believe it is. Deal with it. Anyone can register an account if it doesn't already exist. As a real world example, for some time @cnnbrk was NOT an official CNN account, even though most of the Twitter world thought it was. It wasn't until recently that CNN bought the account from James Cox (the account holder) for an undisclosed amount of money. Another example is the fact that one of Susan's Twitter accounts was actually created by a fellow SBS MVP, and not actually her. :-)
- Never click on links in a tweet, unless you trust the URL. If unsure, don't click! The worms that were used to attack Twitter came from people getting users to go to profile pages etc that they had control over for some interesting script attacks. With only 140 chars, its common to "shorten" the URL. Which means you might be clicking on a link blind. That's fine. But only trust shortened URLs that can be previewed BEFORE you go to it. As an example, my recommendation is to use something like TinyURL. However, here is the trick. When you create a TinyURL, use the preview mode. As an example, if you want to send someone to my blog you can use http://tinyurl.com/silverstr to go directly. However, if you use http://preview.tinyurl.com/silverstr it will stop at TinyURL.com and let the user SEE the link before they actually get to it. That is much safer. If using TweetDeck, select TinyURL as the provider, and when it creates the shortened url, simply add "preview." in front of "tinyurl.com".
- Use a 3rd party Twitter client instead of using the Twitter.com website directly. I am a fan of TweetDeck and Twitterfon, but there are tons of different clients out there. Why? It is the lesser of two security evils as it relates to web based attacks in Twitter. Most clients have ways to reduce or turn off linking, prevents the script attacks in profile viewing and generally is just an easier environment to stay protected in. Are these clients free of attack? Of course not. But its another layer of defense. Of course... you need to have trust in your client. But that's a story for another day ;-)
- You never know who is following you. Remember that. As you use Twitter more and more, you never know who might be watching. I recently had someone who has been trying to get an interview with me who follows me on Twitter, knew where I was having coffee one day because of a tweet I wrote (and it's geotag) and ended up coming down to confront me with his resume. Which was inappropriate in my books. But my own fault. I wasn't too concerned.. but it definitely gave me pause when considering my daughter uses Twitter and could be as easily found. Nothing like the potential of being stalked. GeoTagging makes it way to easy to find you. Remember that.
Look, Twitter is addictive. Simple. Short. Fast. A great way to see the thoughts of others you might care about. Ultimately though... like any other Internet based technology it has the potential to be abused... and put you at risk. No different than websites or blogs.
So be careful. Follow these rules and enjoy the conversation!
est nod32 key esed nod32 serial esed nod32 antivirus nod32 turkce
29 Haziran 2012 Cuma
WhiteHat Finds Website Security Has Drastically Improved
An examination of thousands of websites across a dozen industries has found a major reduction in the number of serious vulnerabilities exposing the properties to hackers.
The average number of serious vulnerabilities found in 2011 on the 7,000 websites monitored by WhiteHat Security fell 66 percent to 79 from 230 in 2010, according to the vendor's annual report, released Wednesday. The decline in security flaws has been falling steadily since 2007, when the number was 1,111.
Facebook's stock ends week lower
est nod32 key esed nod32 serial esed nod32 antivirus nod32 turkce
Foxconn moves to secure Apple HDTV orders, industry exec says
Recent moves by Foxconn were made with the sole intention of securing a deal to manufacture Apple?s upcoming high-definition television, an industry executive recently claimed.�Ho Chao-yang, former head of display panel supplier Chimei Innolux and current chairman of Chi Mei Materials Technology, told Digitimes on Friday that Foxconn?s recent investment in Sharp was aimed squarely at ensuring the manufacturing giant lands the deal to build the much-rumored ?iTV.? Ho?s comments join a laundry list of reports from numerous industry insiders who claim that Apple is working on its own HDTV�that will utilize Sharp display panels. The device will reportedly employ Siri voice controls, the iOS operating system and possibly even a unique new content distribution model.�Launch speculation ranges from the
nod32 key esed nod32 download nod32 serialleri esed nod32 indir
Phishing at the Top Level
esed nod32 antivirus nod32 turkce nod32 full indir nod32 full download
Patch Tuesday April 2012 - Patching Multiple Web Based Client Side and Spearphishing Exposures
This month's patch Tuesday fixes a small set of critical vulnerabilities in a variety of client side software and one "important" server side Forefront UAG data leakage/information disclosure issue. Six bulletins have been created to address eleven exploitable flaws. Three of the six bulletins are top priority and should be addressed ASAP. These are the MS12-023 bulletin, patching a set of five Internet Explorer vulnerabilities leading to remote code execution, and the MS12-027 bulletin, patching the MSCOMCTL ActiveX Control currently receiving some attention as a part of very limited targeted attacks. If they must prioritize deployment, administrators should start their work here. Most folks should have automatic updates enabled and will silently receive the patches, or they can simply navigate their start menu and manually begin the Windows update process.
RCE attacks abusing these six IE and ActiveX vulnerabilities would look like web browser redirections to malicious sites hosting web pages attacking Internet Explorer and emails carrying malicious attachments constructed to appear familiar to the targeted victim. These are currently significant vectors of attack for both consumer/home and corporate Microsoft product users.
Microsoft also is recommending that administrators prioritize the Authenticode flaw and rated it critical, which could be used as a part of targeted attacks. And ActiveX controls can be delivered leveraging this vulnerability, so some distribution vectors may become enhanced. But this flaw allows for additions and modifications to existing code that in turn won't invalidate the existing signature.
A vulnerability exists in the .Net framework, allowing for XBAP applications to be run from the Internet Zone with a prompt. But anytime a decision like that is left to a user, it seems that we have a 50/50 chance of successful exploitation. The remaining vulnerabilty in the Office converter is significant and may result in RCE, but is much less likely to be attacked.
Dangerous, but manageable.
nod32 keyleri güncel güncel nod32 keyleri nod32 guncel keyler nod32 guncel key
Trojan:Android/DroidKungFu.C
Android Security Suite Premium = New ZitMo
On the 4th of June 2012 we found 3 APK files of ~207 kb in size each heuristically detected by our engine as HEUR:Trojan-Spy.AndroidOS.Zitmo.a. All these applications are malicious and were created to steal incoming SMS messages from infected devices. SMS messages will be uploaded to a remote server whose URL is encrypted and stored inside the body of the Trojan. We found 3 more APK files with exactly the same functionality on 8th, 13th and 14th of June. So there are at least 6 files which pretend to be ‘Android Security Suite Premium’ but in fact were created only for stealing incoming SMS messages.
After the infection there is a blue shield icon in the menu with the name ‘Android Security Suite Premium’:
If the application is launched it will show a generated ‘activation code’:
esed nod32 key esed nod32 keys est nod32 key esed nod32 serial
The Day The Stuxnet Died
Latest hacker dump looks like Comcast, AT&T data
A group of hackers has posted to the Web today data that appears to include Comcast employee names, ages and salaries, as well as e-mails and passwords associated with AT&T VoIP service accounts.
Proclaiming the kickoff of "#WikiBoatWednesday...when all the members from @TheWikiBoat fight corruption, leak data, and bring down websites," the hackers released the data in two different posts to the Pastebin Web site. One of the Twitter handles used by the group is @AnonymousWiki but the connection to the larger, decentralized collective known as "Anonymous" is unclear.
eset nod32 güncel key indir com nod32 nod32 keyleri nod32 keyler
Virus:W32/Ramnit.N
indir nod32 nod32 güncel key nod32 guncel key eset nod32 guncel key
Microsoft explains reason for ditching Start button in Windows 8
Microsoft shocked the world when it decided to remove the Start button from Windows 8. The removal of the button, which has been featured in the operating system for more than 15 years, puzzled many early adopters. In an interview with PCPro, however, Microsoft revealed that consumers had actually stopped using the button in favor of the taskbar. ?When we evolved the taskbar [in Windows 7] we saw awesome adoption of pinning [applications] on the taskbar,? said Chaitanya Sareen, principal program manager at Microsoft. ?We are seeing people pin like crazy. And so we saw the Start menu usage dramatically dropping, and that gave us an option. We?re saying ?look, Start menu usage is dropping, what can we do about
Kevin Mitnick to Kim DotCom: 'I hope you win'
The Roof Is on Fire: Tackling Flame?s C&C Servers
On Sunday, May 27 2012, the Iranian MAHER CERT posted a note announcing the discovery of a new targeted attack dubbed “Flamer”. On Monday 28 May 2012 aat 9am EST, after an investigation prompted and supported by the International Telecommunication Union, Kaspersky Lab and CrySyS Lab from Hungary announced the discovery of Flame (aka Skywiper), a sophisticated cyber-espionage toolkit primarily targeting Windows computers in the Middle East.
Several hours later, around 4PM GMT, the Flame command-and-control infrastructure, which had been operating for years, went dark.
For the past weeks, Kaspersky Lab has been closely monitoring the C&C infrastructure of Flame. In collaboration with GoDaddy and OpenDNS, we succeeded in sinkholing most of the malicious domains used by Flame for C&C and gain a unique perspective into the operation.
Before going further, Kaspersky Lab would like to thank the “GoDaddy Network Abuse Department” and to William MacArthur for their fast reaction and exceptional support of this investigation. The OpenDNS security research team also offered invaluable assistance during the course of this investigation.
Our findings from analysing the infrastructure can be found below.
Introduction
Since both Flame and Duqu appear to be targeting similar geographical regions and have been created with similar goals in mind, we will provide an analysis from the point of view of comparing the Flame C&C infrastructure with the Duqu infrastructure.
In the past, Kaspersky Lab analyzed the Duqu C&C infrastructure and found several important details, such as the attackers’ preference for CentOS, the use of SharpSSH to control the proxy servers and the huge number of hacked proxies used to hide the true identity of the attackers.
In the case of Flame, we performed a similar analysis. First of all, it’s interesting to point out a big difference from Duqu: while all the Duqu C&C proxies were CentOS Linux hosts, all of the known Flame C&C are running Ubuntu.
Additionally, while Duqu used the super stealthy way of hiding the true IP of the mothership using SSH port forwarding, Flame’s scripts are simply running on the respective servers. The reason is simple - on Monday May 28, all control scripts started returning 403/404 errors. In the case of Duqu, the real malware scripts were on a remote server and were never found.
From this point of view, we can state that the Duqu attackers were a lot more careful about hiding their activities compared to the Flame operators.
Here’s a comparison of the Duqu and Flame C&C infrastructure:
Duqu | Flame | |
Server OS | CentOS Linux | Ubuntu Linux |
Control scripts | Running on remote server, shielded through SSH port forwarding | Running on servers |
Number of victims per server | 2-3 | 50+ |
Encryption of connections to server | SSL + proprietary AES-based encryption | SSL |
Compression of connections | No | Yes, Zlib and modified PPMD |
Number of known C&C’s domains | n/a | 80+ |
Number of known C&C IPs | 5 | 15+ |
Number of proxies used to hide identity | 10+ | Unknown |
Time zone of C&C operator | GMT+2 / GMT+3 | Unknown |
Infrastructure programming | .NET | Unknown |
Locations of servers | India, Vietnam, Belgium, UK, Netherlands, Switzerland, Korea, etc... | Germany, Netherlands, UK, Switzerland, Hong Kong, Turkey, etc... |
Number of built-in C&C IPs/domain in malware | 1 | 5, can update list |
SSL certificate | self-signed | self-signed |
Servers status | Most likely hacked | Most likely bought |
SSH connections | no | yes |
nod32 guncel key güncel key nod32 full nod32 esed nod32 keyleri
Backdoor:W32/Bohu.A
Announcing Elevation of Privilege: The Threat Modeling Game
I have had the pleasure over the past few months to spend some time playing with an early rendition of " Elevation of Privilege: The Threat Modeling Game". According to Adam, "Elevation of Privilege is the easiest way to get started threat modeling". I couldn't agree more. If you have a team that is new to the whole process of threat modeling, you will want to check it out. If you are at RSA this week, drop by the Microsoft booth and pick the game up for free. If you aren't, you can download it here.
EoP is a card game for 3-6 players. The deck contains 74 playing cards in 6 suits: one suit for each of the STRIDE threats (Spoofing, Tampering, Repudiation, Information disclosure, Denial of Service and Elevation of Privilege). Each card has a more specific threat on it. You can see a short video on how to play and some more information about the game by checking our Adam's post here. In the end, it is a game that makes it possible to have more fun when thinking about threats. And that's a good thing.
Even more impressive is that they have released the game under Creative Commons Attribution license which gives you freedom to share, adapt and remix the game. So you if you feel you can improve up this, step up and let everyone know!!
Congratulations to the SDL team at Microsoft for creating an innovative way to approach the concept of threat modeling.
eset nod32 güncel key indir com nod32 nod32 keyleri nod32 keyler
Trojan:W32/Ransomcrypt
28 Haziran 2012 Perşembe
Google releases Chrome browser for iPhone, iPad
indir nod32 nod32 güncel key nod32 guncel key eset nod32 guncel key
RIMageddon: Three end-game scenarios
A little less than a year ago, ZDNet?s Jason Perlow predicted three outcomes for the BlackBerry maker: independence, assimilation, or oblivion.
The company was given three valid options ? and it still had time on its side ? to pull itself out of the then-quagmire it had found itself in.
Carolina Dieckmann, Brazilian cybercrime legislation and la ?Viveza criolla?
nod32 serialleri esed nod32 indir nod32 serial nod32 güncel keyleri
Rogue:OSX/FakeMacDef.A
nod32 güncel keyleri nod32 keyleri güncel güncel nod32 keyleri nod32 guncel keyler
Automated robbery: how card skimmers (still) steal millions from banks
In January 2011, a pair of Bulgarian-born Canadians named Nikolai Ivanov and Dimitar Stamatov took a road trip from their home in Quebec to New York City. Their five-day visit to Manhattan?s East Village and Astor Place wasn?t your typical tourist trek, though; instead of Statue of Liberty souvenirs, the pair collected the card data and personal identification numbers for over 1,100 ATM cards. Ivanov and Stamatov were "skimmers."
est nod32 key esed nod32 serial esed nod32 antivirus nod32 turkce
More Bad Drivers on the Information Superhighway
Packed:W32/PeCan.A
nod32 full download full nod32 download est nod32 serial 64 bit nod32
Trojan-Downloader:OSX/Flashback.K
eset nod32 guncel key eset nod32 güncel key indir com nod32 nod32 keyleri
Patch Tuesday June 2012 - IE Client Side and RDP Exposures, 24 Other Vulnerabilities
Microsoft released a set of seven bulletins, patching 26 total software vulnerabilities. Multiple remote code execution holes are being patched, but the two most urgent are the Internet Explorer and Remote Desktop Protocol updates. Almost half of the 26 vulnerabilities being patched this month are maintained in versions 6, 7, 8, and 9 of Internet Explorer code, all patched with Security Bulletin MS12-037.
RDP is not enabled by default on Windows systems, but exposure to this month's remote code execution vulnerability is a problem for many businesses around the world, as the recent activity from the Morto worm demonstrated. Many businesses need to use Remote Desktop functionality and enable it, but don't understand how to or just don't bother hiding the port behind a firewall and limiting access or requiring VPN access only. Past pre-authentication vulnerabilities in RDP should have improvded the situation by now, and folks need to understand that this service should be better isolated. We'll see if this one is taken advantage of in coming weeks. Updating systems with MS12-036 is a priority - including Windows 2003 installs and up to the Server Core installation of Windows Server 2008 R2 for x64-based Systems Service Pack 1. It's rated critical, and most versions of Windows server OS are vulnerable not only to DoS attacks, but remote code execution.
For most folks, properly licensed Windows systems with Windows Updates enabled will update the software automatically over the next day or so. People can also find "Windows Updates" in their start menu and open it, then click on "Check for Updates".
SabPub Mac OS X Backdoor: Java Exploits, Targeted Attacks and Possible APT link
1. Remove the Flashback malware about which we have already written
2. Automatically deactivate the Java browser plugin and Java Web Start, effectively disabling java applets in browsers
Particularly, the second step shows the severity of the CVE-2012-0507 vulnerability exploited by Flashback to infect almost 700,000 users via drive-by malware downloads.
Actually, it was the right decision because we can confirm yet another Mac malware in the wild - Backdoor.OSX.SabPub.a being spread through Java exploits.
This new threat is a custom OS X backdoor, which appears to have been designed for use in targeted attacks. After it is activated on an infected system, it connects to a remote website in typical C&C fashion to fetch instructions. The backdoor contains functionality to make screenshots of the user’s current session and execute commands on the infected machine.
Fresh iPhone Apps for June 28: The Amazing Spider-Man, Squids Wild West, Cthulu Saves the World
nod32 guncel key güncel key nod32 full nod32 esed nod32 keyleri
Is Network Solutions Snatching Domain Names?
nod32 full download full nod32 download est nod32 serial 64 bit nod32
Is your printer spewing gibberish? Could be malware
Indian court overturns Vimeo, Pirate Bay blockade
full nod32 download est nod32 serial 64 bit nod32 esed nod32 4
Google Copies Microsoft, Not Apple, To Fix Android Fragmentation
This is smart, and long overdue. Google said today that it will begin releasing an Android Platform Development Kit (PDK).
This will give Android device makers access to coming versions of Android 2-3 months before its official release. As is well-documented, most Android devices are way behind. 65% today run Android 2.3 Gingerbread which, with the release of 4.1 JellyBean today, now lags 3 versions behind.
nod32 serial nod32 güncel keyleri nod32 keyleri güncel güncel nod32 keyleri
New APT Attack Shows Technical Advance in Exploit Development
Recently, we came by an interesting targeted attack which was evading most antivirus products. This is a recent spearphish targeting various Tibetan and human rights activists. It demonstrates the level of effort put into infiltrating their groups with some unique characteristics, relative to the many other exploits targeting CVE-2012-0158. Here’s how such e-mails appear:
esed nod32 serial esed nod32 antivirus nod32 turkce nod32 full indir
Stratfor to settle class action suit over hack
Feds Smash Global Hacking Group UGNazi
The FBI arrested 24 hackers from across the globe, including the leader and members of the global hacking group UGNazi on Tuesday. The people arrested were all men and ranged from 18 to 25-years old Hackers from the US, Norway, Australia, Japan, Italy and the UK were included in the massive operation. Eleven people were arrested in the United States, the Federal Bureau of Investigation and the Manhattan US Attorney's office said.
esed nod32 keyleri esed nod32 key esed nod32 keys est nod32 key
27 Haziran 2012 Çarşamba
A look at recent tech-industry earnings
est nod32 key esed nod32 serial esed nod32 antivirus nod32 turkce
Foncy is dead. Long live Mania
The story of the Foncy SMS Trojan started during the fall of 2011. This piece of malware was one of the first SMS Trojans targeting users outside Russia and China. Potential victims were from various countries in Europe, North America and Africa. In the middle of January 2012 Foncy was updated: it started to spread together with an IRC bot and a root exploit. But the end of the Foncy story was very close because in February two suspected authors of this malware were arrested in Paris: you can read the story here in French and here in English. Since then we haven’t found any new modifications of this piece of malware.
So, Foncy is dead. And what is Mania? Mania is an SMS Trojan which currently only targets users of Android from France and its code is very similar to the code of the Foncy malware. The first sample of Mania (Trojan-SMS.AndroidOS.Mania) was found approximately at the same time when the Foncy IRC bot was discovered (during the first half of January). After that new variants of Mania appeared in February, March, April and May.
We haven’t found any traces of Mania on Android Market Google Play. It seems that it is spread via file sharing web sites as popular legitimate applications such as PhoneLocator Pro, BlackList Pro, Enhanced SMS and Caller ID, CoPilot Live Europe, Settings Profiles Full, Advanced Call Blocker and Kaspersky Mobile Security.
nod32 güncel key nod32 guncel key eset nod32 guncel key eset nod32 güncel key
FTC sues Wyndham Hotels after three credit card breaches
The Federal Trade Commission is suing a major hotel chain and its subsidiaries for allegedly failing to secure the financial information of its guests, which led to fraudulent charges of more than $10 million and the siphoning out of hundreds of thousands of credit card numbers.
The complaint (PDF), announced Tuesday, centers on the fact that New Jersey-based Wyndham Worldwide Corp. experienced three data breaches in under three years. In each case, the intruders made off with financial information by breaching the company's Phoenix data center.
The Flame: Questions and Answers
Duqu and Stuxnet raised the stakes in the cyber battles being fought in the Middle East - but now we’ve found what might be the most sophisticated cyber weapon yet unleashed. The ‘Flame’ cyber espionage worm came to the attention of our experts at Kaspersky Lab after the UN’s International Telecommunication Union came to us for help in finding an unknown piece of malware which was deleting sensitive information across the Middle East. While searching for that code - nicknamed Wiper - we discovered a new malware codenamed Worm.Win32.Flame.
Flame shares many characteristics with notorious cyber weapons Duqu and Stuxnet: while its features are different, the geography and careful targeting of attacks coupled with the usage of specific software vulnerabilities seems to put it alongside those familiar ‘super-weapons’ currently deployed in the Middle East by unknown perpetrators. Flame can easily be described as one of the most complex threats ever discovered. It’s big and incredibly sophisticated. It pretty much redefines the notion of cyberwar and cyberespionage.
For the full low-down on this advanced threat, read on…
General Questions
What exactly is Flame? A worm? A backdoor? What does it do?
Flame is a sophisticated attack toolkit, which is a lot more complex than Duqu. It is a backdoor, a Trojan, and it has worm-like features, allowing it to replicate in a local network and on removable media if it is commanded so by its master.
The initial point of entry of Flame is unknown - we suspect it is deployed through targeted attacks; however, we haven’t seen the original vector of how it spreads. We have some suspicions about possible use of the MS10-033 vulnerability, but we cannot confirm this now.
Once a system is infected, Flame begins a complex set of operations, including sniffing the network traffic, taking screenshots, recording audio conversations, intercepting the keyboard, and so on. All this data is available to the operators through the link to Flame’s command-and-control servers.
Later, the operators can choose to upload further modules, which expand Flame’s functionality. There are about 20 modules in total and the purpose of most of them is still being investigated.
nod32 guncel key eset nod32 guncel key eset nod32 güncel key indir com nod32
Feds Smash Global Hacking Group UGNazi
The FBI arrested 24 hackers from across the globe, including the leader and members of the global hacking group UGNazi on Tuesday. The people arrested were all men and ranged from 18 to 25-years old Hackers from the US, Norway, Australia, Japan, Italy and the UK were included in the massive operation. Eleven people were arrested in the United States, the Federal Bureau of Investigation and the Manhattan US Attorney's office said.
nod32 keyleri güncel güncel nod32 keyleri nod32 guncel keyler nod32 guncel key
Trojan:Android/AutoSPSubscribe.A
nod32 guncel key eset nod32 guncel key eset nod32 güncel key
Trojan:Android/DroidKungFu.C
nod32 guncel key güncel key nod32 full nod32 esed nod32 keyleri
The site that outs all your stupid Facebook updates
esed nod32 keys est nod32 key esed nod32 serial esed nod32 antivirus
Phishing at the Top Level
Bitdefender builds a safer browser
est nod32 key esed nod32 serial esed nod32 antivirus nod32 turkce
How attacks on social networks work
nod32 serial nod32 güncel keyleri nod32 keyleri güncel güncel nod32 keyleri
Announcing Elevation of Privilege: The Threat Modeling Game
I have had the pleasure over the past few months to spend some time playing with an early rendition of " Elevation of Privilege: The Threat Modeling Game". According to Adam, "Elevation of Privilege is the easiest way to get started threat modeling". I couldn't agree more. If you have a team that is new to the whole process of threat modeling, you will want to check it out. If you are at RSA this week, drop by the Microsoft booth and pick the game up for free. If you aren't, you can download it here.
EoP is a card game for 3-6 players. The deck contains 74 playing cards in 6 suits: one suit for each of the STRIDE threats (Spoofing, Tampering, Repudiation, Information disclosure, Denial of Service and Elevation of Privilege). Each card has a more specific threat on it. You can see a short video on how to play and some more information about the game by checking our Adam's post here. In the end, it is a game that makes it possible to have more fun when thinking about threats. And that's a good thing.
Even more impressive is that they have released the game under Creative Commons Attribution license which gives you freedom to share, adapt and remix the game. So you if you feel you can improve up this, step up and let everyone know!!
Congratulations to the SDL team at Microsoft for creating an innovative way to approach the concept of threat modeling.
Mountain Lion gets daily automatic updates
Mountain Lion gets daily automatic updates
nod32 full download full nod32 download est nod32 serial 64 bit nod32