Authors of computer viruses and threats -including phishing scams- are looking for direct financial profit from cybercrime. For this reason, they are using more innovative and diversified techniques to, above all, steal users’ identities or obtain bank details to commit fraud.

http://www.linuxsecurity.com/content/view/123992

Hashing has long been used as a means to verify data elements. Parity bits were originally used to confirm that a data transmission was received correctly and helped to detect any single-bit errors. However, parity didn’t add any value if multiple bits in the data had errors. As a result, a second trend then came about called CRC – Cyclic Redundancy Checks. These CRCs, based on polynomials, were used to detect errors in the data elements via a hash. Although this approach is more robust than parity bits, weaknesses in this algorithm also came to pass. A user could modify a file and easily sculpt the file’s contents to create the same CRC as the original file [5]. As such, we needed another way to verify our data files.

http://www.linuxsecurity.com/content/view/123981

In 2003 and 2004, Jeff Schroeder served in the Iraq war, flying a tiny remote control spy plane and servicing Unix and Linux systems on the battlefield. Schroeder learned a lot of technology in the desert, and now that his time in the Army is over, he's busy working as a Web administrator for Comair Airlines, and writing utility scripts for Ubuntu, his favorite distribution. He believes Linux is going to "take over the world."

http://www.linuxsecurity.com/content/view/124458

IT people love to complain about their end users. They tell funny stories about boneheaded employees who leave their passwords stuck to their computers. They grit their teeth when users click on email attachments from strangers. End users, they say, are too damn trusting, not to mention forgetful. Up until now, I've always felt that this righteous indignation was justified. I mean, IT people are smart about security, and they don't trust anybody, right? But this week, I wrote a story that burst my bubble.

http://www.linuxsecurity.com/content/view/124476

I’ve been reading a lot about undetectable malware—“rootkits” and the like—recently. Without a doubt, these attack tools have been iteratively improving over the years. Like most such security “nasties,” however, a bit of safe computing goes a long way. Let’s explore a bit.

http://www.linuxsecurity.com/content/view/123988

Log Error writes: XOFTspy Portable Anti-spyware is the first portable anti-spyware product operating directly from U3 smart drives. Built on its popular anti-spyware application XoftSpySE, the portable product is licensed for use on multiple computers and is built to protect roaming users accessing any PC they touch.

http://www.linuxsecurity.com/content/view/124457

Enterprise security executives need to make practices such as safe USB use and discreet handling of patient or customer data as commonplace as not accepting luggage from strangers in airports or wearing a seat belt when driving.

http://www.linuxsecurity.com/content/view/123969

Virtual Private Networks, or VPNs, extend the reach of local-area networks without requiring owned or leased private lines. Businesses can use VPNs to give remote and mobile users network access, connect geographically separated branches into a unified network and enable the remote use of applications that rely on internal servers.

VPNs can use one or both of two mechanisms. One is to use private circuits leased from a trusted communications provider: alone, this is called a trusted VPN. The other is to send encrypted traffic over the public Internet: alone, this is called a secure VPN. Using a secure VPN over a trusted VPN is called a hybrid VPN. Combining two kinds of secure VPN into one gateway, for instance IPsec and SSL, is also called a hybrid VPN.

http://www.linuxsecurity.com/content/view/124007

With an ever increasing amount of information in hospitals transmitted electronically, it is important that security be considered in every phase of network design and maintenance. Although much emphasis has been placed on such things as wireless networks and remote access, it is imperative that the core network not be overlooked. Because the wired network is the “nervous system” of a hospital’s Information Systems, great care must be taken to properly secure it. Also, with legislation such as the Health Insurance Portability and Accountability Act (HIPAA) requiring security measures in healthcare environments, securing the network infrastructure has become mandatory to ensure compliance.

http://www.linuxsecurity.com/content/view/124471

If you're using MySQL, there are some easy things you can do to secure your systems and significantly reduce the risk of unauthorised access to your sensitive data. The most valuable asset for technology-based organisations is usually the customer or product information in their databases. And so, a critical part of database administration in such organisations consists of securing these databases against outside attack and hardware/software failures.

In most cases, hardware and software failures are handled through a data backup regimen. Most databases come with built-in tools to automate the entire process, making this aspect of the job relatively painless and error-free. What's not so simple, however, is the second half of the puzzle: making sure that outside hackers can't get into the system and either steal or damage the information contained therein. And unfortunately, there usually isn't an automated way to solve this problem; rather, it requires you, the administrator, to manually put in place roadblocks and obstacles to trip up would-be hackers and to ensure that your company's data stays secure.

http://www.linuxsecurity.com/content/view/123979

This is the first in a series of newsletters, where we talk with Linux experts who will be speaking at the LinuxWorld Conference and Expo, which runs Aug. 14-17 at the Moscone Convention Center in San Francisco. PHP, PERL and other languages are useful and easy to learn tools that can be used to build some pretty functional Web-based applications. They can also be the bane of a system administrator's existence, especially when slapped together and used to publish Web apps accessible to the outside world.

http://www.linuxsecurity.com/content/view/124435

As recent lapses have shown, sending critical backup data to a storage facility isn't as simple as placing a package on a truck. Here are four points to consider when you're securing the chain of custody for your backup data. When Bank of America disclosed in February that its courier service had lost backup tapes containing data on about 1.2 million federal employees—including names and Social Security numbers—consumers, senators and even some industry peers asked how there could have been such a lapse in security. No escort for the air transport? No encryption of the tapes?

http://www.linuxsecurity.com/content/view/124445

Attackers are using increasingly sophisticated methods to stay ahead of security incident response teams, says Kevin Mandia, security consultancy. In the never-ending cat-and-mouse game between hackers and those charged with stopping them, it's pretty clear who's winning--and it's not the cat. Speaking at the Black Hat conference in Las Vegas last week, Kevin Mandia, president of Mandiant, an Alexandria, Va.-based security consultancy, said attackers are using increasingly sophisticated methods to evade detection and make life difficult for security incident response teams.

http://www.linuxsecurity.com/content/view/124470

Log Error writes: Following the launch of Ubuntu 6.06 LTS earlier this month, Canonical made Panda Software DesktopSecure for Linux available to all users of Ubuntu 6.06. Combining the security and manageability of Panda's latest security suite and Ubuntu's easy to use interface gives all users the opportunity to safely and easily browse, shop and interact over the web.

http://www.linuxsecurity.com/content/view/124012

... technology is available that would allow "laptop" and "security" to be spoken in the same breath without triggering gales of cynical laughter. Such systems generally depend on either Internet tracking, "kill switches," or encryption - or, more commonly, a combination of the

http://www.linuxsecurity.com/content/view/124454

Google Inc. has begun alerting users whenever they click on a search result that may take them to a dangerous Web site.

http://www.linuxsecurity.com/content/view/123984

Want to protect your SOHO machine or LAN from rootkits and malware, but want something a little more real-time than simply running Chkrootkit or another rootkit detector after the fact? Consider OSSEC-HIDS, an open source host intrusion detection system.

http://www.linuxsecurity.com/content/view/123986

A core component of any curriculum in modern information security is the security of the operating systems that reside on the workstations and servers of a network. Effective information security depends on addressing all facets of how information is stored, moved, and modified. Since the operating system of a computer is the primary means of implementing the security of the information on that computer, it must be configured to minimize the risks of losing or compromising the data being processed.

http://www.linuxsecurity.com/content/view/124449

"Linux Netwosix was originally created with the goal of providing a security environment for building and creating new security-related solutions. With the passing of time I realized that the project has failed to achieve its goals within 3 years of hard work. This, among many reasons, is the most important because I never received help from anyone. Regardless of the fact that Netwosix has been downloaded by more than 60,000 users all around the world, I'm here to announce the shutting down of my dear project. Day after day I understand that I can't create a 'valid security-oriented product' alone..."

http://www.linuxsecurity.com/content/view/124466

LogError writes: By designing the solution, regardless of the storage vendor, IT managers can resume control over their SAN, break the storage vendor lock-in and save a large part of their budget. Using the available storage management services can therefore provide excellent solutions for painful problems.

http://www.linuxsecurity.com/content/view/123985

Well-funded groups in China are gathering sensitive information by breaking into U.S. government networks. The extent of these intrusions and the natureof data exposed are not fully known, and are raising national security concerns. Atthe same time, well-organized criminals are targeting credit card numbers and other sensitive data via the Internet, creating major security and privacy concerns. For instance, in 2005, intruders gained unauthorized access to 40 million credit card numbers from CardSystems. The increase in organized criminals, foreign governments, and non-state actors1 breaking into computer systems is raising the stakes of computer crime, and is compelling organizations to treat security breaches more seriously.

http://www.linuxsecurity.com/content/view/123994

BM Corp. today unveiled a new radio frequency identification (RFID) system today designed to stamp out counterfeit products from the national supply of pharmaceutical drugs.

http://www.linuxsecurity.com/content/view/124000

More than 270 years ago, Carolus Linnaeus in his book Systema Naturae, attempted to categorize all biology on the Earth into a series of kingdoms. Web application security vendor Fortify thinks that the same kingdom approach can be taken to classify Web vulnerabilities.

http://www.linuxsecurity.com/content/view/124004

Business continuity plans should be part of a wider security strategy that is closely aligned with business needs and accounts for everyday threats as well as major disasters. The Buncefield oil depot blast last year sounded a very loud warning to us all. Disasters do occur and IT directors need to establish a business continuity strategy to ensure access to business critical systems are maintained.

And it is not just the big bang events that we need to prepare for. Every day, businesses are under attack from viruses, worms and hacking attempts. And end-users and IT staff are making decisions that could inadvertently cause the corporate network to fail.

http://www.linuxsecurity.com/content/view/124008

Log Error writes: The proliferation of laptops, PDAs, smartphones and USB sticks means that corporate data is no longer confined to the office. Without a joined-up policy on mobile security, protecting and keeping track of it becomes impossible. Without the necessary procedures and technical restrictions in place, companies can easily lose track of their sensitive data. Just how many files have been copied in this way? Where are they all now?

http://www.linuxsecurity.com/content/view/124440

Some years back, the place I worked went through significant changes that caused great upheaval and stress throughout the workforce. Most people accepted the changes and dealt with them professionally. A few people didn’t have the necessary coping skills, and they acted out. One way of acting out came in the form of anonymous letters sent to the board of directors, executive management and a few senior people in some of our sales offices. The letters were not complimentary of the corporate leadership, and a disruptive buzz began around the company.

Management wanted to locate the source and choke it off, and that was where I came in. I was asked to do some sleuthing and figure out who was behind the letters.

http://www.linuxsecurity.com/content/view/124444

Security professionals have questioned reports of a 'serious flaw' in HSBC's online banking system. Researchers at Cardiff University claim to have discovered the flaw which, according to The Guardian, over two years left 3.1 million customers exposed due to a defect in how people access their online accounts.

http://www.linuxsecurity.com/content/view/124465

Public exposure of private data is becoming a regular occurrence, but the majority of these incidents can be prevented if companies implement the proper security best practices, according to Gartner, whose analysts have identified the top 5 steps to prevent data loss and information leaks.

http://www.linuxsecurity.com/content/view/124472

AOL's publication of the search histories of more than 650,000 of its users should reinforce an important point: What you type in online may not be as private as you think. Search engines place a multibillion-dollar infrastructure at the hands of any random user who stops by their Web site. The price you pay, however, is that the company may hold on to your search queries--which can provide a glimpse into your life--forever. To offer some suggestions about preserving your privacy while using search engines, CNET News.com has prepared the following list of frequently asked questions.

http://www.linuxsecurity.com/content/view/124450

Where does your bank's responsibility to protect you and your online transactions end? Apparently the HSBC bank of Great Britain knew for 2 years that they had a vulnerability and did nothing about it. There are very few details about the vulnerability, but one thing is known -- an attacker would already have to have a key logger on the customer's system to take advantage of the vulnerability. Maybe I'm being naive, but if an attacker has a key logger on the system, I figure your online banking credentials being stolen is just the start of your worries.

http://www.linuxsecurity.com/content/view/124473

A fifth of secondhand PCs finding their way onto the resale market still contain sensitive data on their hard discs. Research by BT, the University of Glamorgan in Wales and Edith Cowan University in Australia, has found that while 41% of the disks were unreadable, 20% contained sufficient information to identify individuals. The research, based on the acquisition of 300 PCs from auctions, computer fairs and on-line purchases, also found that 5% of the machines held commercial information on organisations, and that 5% held “illicit data”.

http://www.linuxsecurity.com/content/view/124474

The Web site offered to sell stolen credit card information for US$100, but it was the title of the poster that caught FBI agent Thomas X Grasso Jr.'s attention. The cybercriminal identified himself as a "Capo di capo" -- a boss of bosses, in Mafia parlance. As money has become the driving force behind online threats, cyber criminals have been taking a page from organized crime, adopting the same kind of organizational structures as these older crime groups, Grasso told an audience Friday at the Defcon hacker conference. Defcon immediately follows Black Hat, its sister show.

http://www.linuxsecurity.com/content/view/123980

The U.S. Senate Friday ratified an international treaty designed to ease investigation of cybercrime, but U.S. civil liberties groups say that signing the pact is a big mistake. The Council of Europe's Convention on Cybercrime, which began circulating in 2001, has been adopted by 41 other countries, including most of Europe as well as Canada and Japan. It is designed to harmonize laws on computer crime, which differ from country to country. Countries that sign the treaty agree to establish some common laws against criminal behavior online, such as attacks on computer networks, terrorist tactics, and exploitation of children. The language of the treaty is very broad and doesn't require the U.S. to write any new cybercrime laws.

http://www.linuxsecurity.com/content/view/123997

Despite improvements, the Homeland Security Department continues to display significant information security weaknesses that jeopardize the integrity and privacy of department IT programs, according to a new report released by DHS Inspector General Richard Skinner.

http://www.linuxsecurity.com/content/view/124005

he Transportation Security Administration (TSA) needs to address security and privacy concerns before rolling out its Secure Flight program, according to the Government Accountability Office (GAO)

http://www.linuxsecurity.com/content/view/124443

Businesses who switch over to internet telephony systems in a bid to slash telephony costs have been warned to guard against hacking attacks. The latest VoIP security threats and countermeasures were outlined at a presentation at the Black Hat security conference in Las Vegas on Wednesday. The talk, by security experts from SecureLogix and 3Com's Tipping Point security appliance division, was accompanied by the release of 13 new security tools.

http://www.linuxsecurity.com/content/view/123970

Your browser's cache may be helping hackers to help themselves to your information. During a Black Hat conference discussion on the topic, Corey Benninger, a senior consultant at McAfee's Foundstone division, described cached browser information as a ticket for instant hacker gratification.

http://www.linuxsecurity.com/content/view/123987

More than 6,000 hackers and other attendees gathered in Las Vegas this weekend to party and compete at Defcon, the world's largest hacker convention.

Here, teams battle it out in the confab's Capture the Flag game, organized by a group called Kenshoto. In this computer security war game, the goal is to attack rivals' networks while simultaneously defending one's own.

To participate, would-be entrants must score well in a prequalifying round by answering questions ranging from hacker trivia to computer forensics to Web server administration.

http://www.linuxsecurity.com/content/view/123993

You've probably heard of full disclosure, the security philosophy that calls for making public all details of vulnerabilities. It has been the subject of debates among researchers, vendors, and security firms. But the story that grabbed most of the headlines at the Black Hat Briefings in Las Vegas last week was based on a different type of disclosure. For lack of a better name, I'll call it faux disclosure. Here's why.

http://www.linuxsecurity.com/content/view/124006

In the annals of computer "(in)security," few groups are as well known as the Cult of the Dead Cow (cDc). They are now adding a new chapter to their infamous history with the release of a new malware search engine that enables researchers to analyze over 31,000 "hostile" files. It's all part of an effort the cDc calls "offensive computing." Originally founded in 1984, cDc and its members are well known for a number of their efforts over the past 22 years.

http://www.linuxsecurity.com/content/view/124442

Imagine for a moment that our central defense against bank robbers was a technology that recognized criminals based largely upon their physical appearance. Now imagine that the bad guys had figured out a way to rapidly and automatically change not only their facial structure, but their height, weight, clothing and method of attack. The net result those attacks would ultimately be more successful and profitable bank robberies, encouraging the bad guys to step up the frequency and brazenness of their attacks.

http://www.linuxsecurity.com/content/view/124468

Some of the underlying 802.11 security issues revealed at the recent Black Hat security show have led some experts to recommend that users turn off their WiFi radios when not in use.

http://www.linuxsecurity.com/content/view/124475