Warning: Creating default object from empty value in /home/ict-forward/www-apps/wp-svn/wp-includes/ms-load.php on line 138
April « 2010 « The FORWARD project blog

Archive for April, 2010

XSS filter – Internet explorer 8

Wednesday, April 28th, 2010

The cross-site scripting enables malicious attackers to inject client-side script into web pages viewed by other users. As The Register reported in November, Internet explorer 8 contains a bug and can be exploited to introduce cross-site scripting. In other words the attacker can figure out a flaw in IE 8 as a result to create a specific string to tranformed into an actual attack on the web page.


Security researcher warns of new clickjacking threat

Tuesday, April 27th, 2010

Clickjacking is a hacking technique first seen in 2008 that fools users in to clicking on elements hidden in a iframe. It seems not to be so dangerous hacking technique as the cross-site scripting and cross-site request forgery but it is expected to extend to a powerfool tool for hacking web applications. For this reason a tool has been introduced at the Black Hat security conference in Barcelona by Context developer Paul Stone which will be helpful to improve clickjacking defences.

Click here for more details

McAfee Faulty Update

Monday, April 26th, 2010

A recent security update for McAfee Antivirus made systems reboot abnormally or loose network access for extended periods of time, causing a lot of damage to hospitals, companies and schools that used this particular anti-virus. The bugged update only affected computers running Windows XP Service Pack 3 and caused them running in a reboot loop or loosing network access. The problem was caused by a virus definition file, which misinterpreted a vital system file (svchost.exe) as a virus and quarantined it, causing the system not to work properly and eventually rebooting. McAfee immediately removed the faulty update file from their servers preventing any further impact.


Mobile network hack reveals sensitive cellphone data

Saturday, April 24th, 2010

Researchers have shown how easy is to find the number of most US-based mobile phone structural cracks in GSM mobile networks and to track practically any GSM-enabled handset through the world.

In the end of 2008 Tobias Engel demonstrated how to find the whereabouts of mobile phones by tapping into mobile network databases. An independent researcher Nick DePetrillo from the Source Conference in Boston Wednesday, and Don Bailey of iSec Partners proved how with related techniques it is possible to find a person’s spot even when his number is unknown and to gather other details which most users assume are undetectable.


Malware threatens victims using copyright laws

Monday, April 19th, 2010

A trojan ,which spreads itself through a peer to peer network called Winni, commonly used by Japanese people, is responsible for gathering personal data from the victims and publish them into the web, according to BBC’s artice.

The Kenzero Trojan is included in a fake adult anime game which is shared through Winni P2P network. When a victim downloads and executes the file, the malware scans victim’s computer for personal information, such us Computer name, browsing history, downloaded files, favourite pages, OS version and clipboard dump while it opens a registration installation window demanding personal information. After gathering all posible information, it publishes them on a public web page and sends an email from a company “Romancing, Inc.” which accuse victims for downloading copyrighted material. The mail includes a law threat to the victims to settle the copyright violation and offers to resolve it for a 1500 yen (~16$) fee. Also, as noted in Trend Micro’s Blog article, it also downloads ,in victim’s computer, 3 copyrighted MP3 files, possibly to extend the threat.

More than 1500 people reported that fell victims of the malware, according to local paper Yomiuri Shimbun, however its unknown how many payed the copyright infringement fee.

That’s the second similar issue this week as earlier was reported, here, a fake ICCP Foundation which demanded 400$ for copyright issues.

iPad Jailbreak accomplished

Saturday, April 17th, 2010

After 24 hours of the iPad’s official release, the “usual suspects” already gained root access to iPad.  Jailbreak is a method of hacking an iPhone, iPod, iPad to install non-Apple-approved programs and run system hacks.


Exploiting PDF files, without a vulnerability

Thursday, April 8th, 2010

Portable Document Format (PDF) files can be used to execute an embedded executable without exploiting any security vulnerabilities. These proof-of-concept PDF files targeting computers running Adobe Acrobat Reader or Foxit Reader PDF software, as Didier Stevens a security researcher warned, runs the embedded executable by launching a command that ultimately runs an executable.


Opening spam e-mails is still in fashion

Friday, April 2nd, 2010

According to Ipsos Messaging Anti-Abuse Working Group (MAAWG), nearly half of a recently surveyed audience opened junk e-mail intentionally, in spite of the fact that many of them(about 44%) consider that they have the basic knowledge on online security. They claimed, that the reasons of opening these kind of messages are complaining to the sender, unsubscribing, interesting in the offered products and services or just curiosity of what is going to happen.