According to The Register the conficker worm will have a signature that admins will be able to use to find which machines might have the worm. Up til now the only way was to monitor traffic and with Conficker C that was impossible as it didn’t send any traffic on the network but was waiting for instructions on a certain day.

Tags: IT, security, worm

F-secure has noticed a trend that more malware is being spread though FTP. As most can remember when viruses and other nasties were spread through email attachments, well that’s be fairly well defeated. Then came the drive-by-downloaders which use http to transfer the infectious payload, that’s been slowing down since browsers have evolved. Now though there is a new way to become infected, through trusty old FTP. How this happens is that a user receives a spam email with some links claiming they have an offer which can’t be refused and as we all know most really can’t refuse it. So the unsuspecting user clicks the link and a ftp connection to some bot-net controlled computer is initiated and some infected files downloaded. So now there is one more thing to scan for in your emails.

Tags: computer, IT, malware, spam

Core Security has the full report but if your using VMWare Workstation, Player, or ACE on Windows there is a security exploit in the shared folders feature that allows a traversing of folders not being shared. According to VMWare until a patch is release there is this workaround.

To disable shared folders in the Global settings:

1. From the VMware product’s menu, choose Edit > Preferences.
2. In the Workspace tab, under Virtual Machines, deselect the checkbox for Enable all shared folders by default.

To disable shared folders for the individual virtual machine settings:

1. From the VMware product’s menu, choose VM > Settings.
2. In the Options tab, select Shared Folders and Disable.

Tags: exploit, IT, patch, security, vmware, windows

It appears that the disk encryption schemes used by different operating systems can be easily circumvented. Princeton Researchers have disproved a common misconception of one of the key components of a computer, that the system’s RAM loses all information stored on it as soon as power is cut from the chip. The researchers claim that the contents of the memory remain for seconds after the power is cut, and if cooled to low temperatures that that time can be extended to hours.

Princeton computer science professor Edward W. Felten, states that by using an inverted can of compressed air, a common item in most offices, you can effectively freeze the data on the chip for 10 minutes. In contrast using liquid nitrogen, not so common item in the office unless it’s a cryogenics office, the time can be increased to hours. Then the ram can be used cold boot the machine and the encryption key is still on the memory and can be used to access the encrypted disc contents.

Source: Information Week

Tags: Edward W. Felten, encryption, IT, memory, ram, science

I think this is hilarious.
A group of scammers called Mr Brain provide different phising, scamming tools to would be scammers. The reason the groups scripts are so popular are their ease of implementation, some can be done in as little as a minute. So the little script kiddies can just fill in a few details in the script config file and they think their done. The icing on the cake is these very scammers are themselves being scammed. The scripts also have some other code that is encrpyted that sends all the information gathered, back to the Mr Brain group. So these poor startup scammers just can’t get a break as the big guys already drained all the accounts.

Source: Netcraft

Tags: IT, phising, scammers, script, script kiddies, security, spam, tech