The Register Columnists

Sûnnet Beskerming

Contact Mail Follow RSS feed
The Register breaking news

Olympic ticket scammers still going for gold

In the age of the P-p-p-p-powerbook and the ubiquitous 419 scammer, it comes as no surprise that many people have fallen for a Beijing Olympics ticketing scam that seems to have hit people all across the world. Due to the rarity of tickets for the games, and the particular setup of the scam site (and others), there was a lot of …
homeless man with sign

SQL string in URL exposes sex offender data

Better known for its presentation of stunning examples of how not to develop code, The Daily WTF this week exposed a horrendous case of information loss when it published an article on a critical flaw in the Oklahoma Department of Corrections website. Thanks to developers seeding browser GET requests with the SQL queries …
Warning: biohazard

We know security and usability are orthogonal - do you?

Our recent article about the fine line between security and usability started some very interesting discussions and active criticism, most of which was targeted at us - suggesting that security and usability do not form a one-or-the-other type relationship (or are at least far more independent than dependent on each other). We …
Vogon

When antivirus products (and Internet Explorer) fail you

When Didier Stevens recently took a closer look at some Internet Explorer malware that he had found, something surprised him somewhat. He discovered that the IE-targeted malware had been obfuscated with null-bytes (0x00) and when run against VirusTotal, he found that fewer than half of the products identified the sample as …
Flag China

Chinese internet security response team under attack

A recent post by the team at the Chinese Internet Security Response Team to their English-language site indicates that some of the site visitors are experiencing an attack from the CISRT.org site as a result of an injected IFRAME tag. Injected IFRAME tags are not a new means of using legitimate sites to launch attacks on …

Guessing at compromised host numbers

After much waiting by end users, and a lot of hoping from interested Information Security watchers, Microsoft has finally added detection for the Storm Trojan (Nuwar, Zhelatin, etc) to its Malicious Software Removal Tool. The most recent update, released on September 11th, included detection for this malicious software, and the …
Microsoft

Coming Tuesday: 5 Microsoft patches

Microsoft's Security Response Center has provided advanced notification of the patches that are expected for release next week as part of the September Security Patch Release. Each of the five patches scheduled for release next Tuesday are for a different system component: One Critical patch for Microsoft Windows One …
Identity

The difficulty of validating systems and users

One of the issues plaguing identity management and online authentication systems is how to accurately validate the identity of the system or user connecting to a service. One possible means for identification that has attracted attention recently is finding and identifying a "MachineID", some form of unique identifier that is …
Flag Australia

Australia declares war on net porn

Within the last 24 hours the Australian Commonwealth Government announced that they would be spending AUS$189m (US$162m) on a range of packages and programs designed to protect Australian Internet users against all that the Internet has to offer, under the name Netalert. With increasing increasing coverage by the Australian …
Apple

Worm threat forces Apple to disable software?

When an online identity (group of identities) known as InfoSec Sellout made grand claims of a proof of concept worm, dubbed Rape.osx, that targets OS X, it led to a lot of heated argument and drama - including anonymous death threats and an accidental deletion of their blog. While there has still been no external proof of …
MS Windows Vista logo

New tool enables loading of unsigned drivers in Vista

A new software tool has been released by Linchpin Labs that allows the loading of unsigned and legacy drivers on Windows XP, 2003, and most importantly Vista. One of the system management and control methods that Microsoft implemented with Windows Vista is requiring system drivers to be digitally signed before they will load …
triangular warning sign featuring exclamation mark

Data loss blights US military, Aussie bank, and Fox network

After a spate of data losses traced to the use of Winny filesharing software in various sensitive Japanese environments (military warships, hospitals, police departments), it has been reported that a Japanese police officer has been sacked over a disclosure where several thousand sensitive police records went missing from his …
face mask

LMH and InfoSec Sellout unmasked?

The equivalent of a virtual nuke has just been set off in the field of vulnerability research and disclosure. The identities behind two of the noms de guerre that have elicited some of the most heated vitriol over the last 12 months appear to have been disclosed. In a post to the Fuzzing mailing list, a "Lance M Havok" (LMH) …
channel

Destroying sandboxes

One of the mechanisms used by anti-malware applications is to institute a virtual "sandbox" to isolate suspicious files from the rest of the system while they are quickly analysed for malicious content or behaviour. Creating a sandbox requires the anti-malware software to essentially institute a Virtual Machine - a computer …
The Register breaking news

Aussies face the threat of Robo-Pacinos

If reporting from The Age newspaper is to be believed, the Australian Federal Police (AFP) Commissioner, Mick Keelty, briefed a Parliamentary Inquiry into the future impact of organised crime that Australians would be facing the threat of part-robot humans involved in organised crime in the future. Without access to the …

Time to blacklist blacklists

Blacklists have their place for detecting and identifying malicious content and activity, with the whole signature-based malware detection industry effectively being built around the concept that blacklists are reliable mechanisms. The only problem is that they aren't. They certainly are an important element of security …
Vogon

A glitch in the Matrix, or a hungry exploit?

Sûnnet Beskerming researchers observed an interesting deviation in global network traffic over the last 24 hours, particularly for South American, Asian, and Australian networks. Normally, global Internet traffic (as observed by the Internet Traffic Report) oscillates around nine per cent packet loss, with global response times …

Biting the hand that feeds IT © 1998–2017