99c.org
Bluetooth Car Whisperer
Posted on 08.01.05 by templeton @ 6:52 pm

If screaming out the window at someone holding up traffic doesnt work, maybe you can hack their bluetooth carkit and express yourself.

This new toool is called The Car Whisperer and allows people equipped with a Linux Laptop and a directional antenna to inject audio to, and record audio from bypassing cars that have an unconnected Bluetooth handsfree unit running. Since many manufacturers use a standard passkey which often is the only authentication that is needed to connect.

This tool allows to interact with other drivers when traveling or maybe used in order to talk to that pushy Audi driver right behind you ;<b>)</b> . It also allows to eavesdrop conversations in the inside of the car by accessing the microphone.

This is the next best thing to having a personal EMP device that gets rid of that bass thumping ricer with its custom need for speed paint job.

For more information and pictures check out:
Introducing the Car Whisperer at What The Hack – trifinite.org


Filed under: Cool and Good Idea and Security
Comments: 1 Comment

Univ. of Southern Calif. has a digtial Open House for “Hackers”
Posted on 07.21.05 by templeton @ 1:13 am

LOS ANGELES (Reuters) – A University of Southern California database containing about 270,000 records of past applicants including their names and Social Security numbers was hacked last month, officials said on Tuesday.

The breach of the university’s online application database exposed “dozens” of records to unauthorized individuals, said Katharine Harrington, USC dean of admissions and financial aid.

She could not be more specific about the number of people whose personal data may have been viewed by the hacker or hackers or what their motivation was for the computer break-in.

There was not a sufficiently precise tracking capability,” Harrington said, but added that the hackers had not been able to access multiple records at once. Records were also only able to be viewed at random, she said.

“We are quite confident that there was no massive downloading of data,” Harrington said.

[ Read more…]


Filed under: Networks and Security
Comments: 1 Comment

Worm Posing as iTunes
Posted on 07.21.05 by templeton @ 1:05 am

The creation of a worm that capitalizes on iTunes’ popularity is another indication that virus and worm writers have been focused more than ever on keeping up with current news and using it for social-engineering tactics, noted Sophos security consultant Carole Theriault.

Circulating online is a new worm purporting to be an iTunes file. The worm is spreading through AOL Latest News about AOL Instant Messenger networks.

Reported by Trend Micro Latest News about Trend Micro, the Opanki.worm poses as a file named iTunes.exe and is designed to lure users into believing it is part of Apple Computer’s Latest News about Apple Computer online music store.

When activated, the worm sends a message to the infected user’s online contacts, reading “this picture never gets old.” The message has a link to a Web page where recipients are instructed to download an image file.

[ Read more…]

Filed under: Computers and Security
Comments: 1 Comment

Microsoft to Acquire E-mail Security Provider
Posted on 07.21.05 by templeton @ 12:54 am

Microsoft plans to acquire FrontBridge Technologies, a provider of secure messaging services, taking its push into the security market a step further.

The software giant will integrate FrontBridge’s corporate messaging protection with its Microsoft Exchange Server e-mail product, Microsoft said in its announcement Wednesday. The Los Angeles-based security company’s services, which include instant message archiving and spam filtering, are designed to safeguard all electronic messages and make sure they are compliant with regulatory requirements such as the Sarbanes-Oxley Act.

“Both companies are focused on solving the same difficult messaging challenge—ensuring customers’ e-mail is compliant, better protected from spam and virus threats, and always available,” Dave Thompson, vice president in Microsoft’s Exchange Server Group, said in a statement.

The terms of the deal were not disclosed, but the transaction is expected to close by the end of the third quarter, a Microsoft representative said.

[ Read more…]

Filed under: Computers and Security
Comments: 1 Comment

Microsoft Security Advisory (904797)
Posted on 07.17.05 by templeton @ 12:41 am

Microsoft is investigating new public reports of a vulnerability in Remote Desktop Services. We have not been made aware of attacks that try to use the reported vulnerability or of customer impact at this time, but we are aggressively investigating the public reports.

Our initial investigation has revealed that a denial of service vulnerability exists that could allow an attacker to send a specially crafted Remote Desktop Protocol (RDP) request to an affected system. Our investigation has determined that this is limited to a denial of service, and therefore an attacker could not use this vulnerability to take complete control of a system. Services that utilize the Remote Desktop Protocol are not enabled by default, however if a service were enabled, an attacker could cause this system to restart.
Note Remote Desktop is enabled by default on Windows XP Media Center Edition.

Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs.

Microsoft continues to encourage responsible disclosure of vulnerabilities. We believe the commonly accepted practice of reporting vulnerabilities directly to a vendor serves everyone’s best interests by helping to ensure that customers receive comprehensive, high-quality updates for security vulnerabilities with no exposure to malicious attackers while a security update is being developed.

Mitigating Factors:
• Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate outside the enterprise perimeter. Best practices recommend that systems that are connected to the Internet have a minimal number of ports exposed.

• By default, services that utilize the Remote Desktop Protocol (RDP) are not enabled.
Note Remote Desktop is enabled by default on Windows XP Media Center Edition.

For more information visit Microsofts website here: http://www.microsoft.com/technet/security/advisory/904797.mspx


Filed under: Security
Comments: None

More Bad News About Computer Security
Posted on 07.16.05 by templeton @ 6:01 am

NEW YORK - Don’t let your antivirus software and your firewall lull you into a false sense of security.

A new report on the state of malware, the insidious software designed to ruin computers and steal data, has identified two disturbing trends: new social engineering tricks that exploit current events, and the fast proliferation, via spamming, of viruses that would otherwise spread slowly.

The report, by Sunnyvale, Calif.-based Fortinet, a provider of security software, listed the most frequently detected virus threats from June 1 through 24. While mass-mailer worms accounted for 68% of total global activity, Fortinet expressed alarm at the rise in Trojans and backdoor viruses, which made up 5% of the global virus activity in June.

“It marks a more than 100% increase on last month’s Trojan activity due to a new trend in virus propagation strategies,” says Guillaume Lovet, team leader for the Threat Response Team at Fortinet.

Lovet says the inclusion of Trojans, a type of virus that doesn’t replicate or spread on their own, in the top 20 threats for the month was surprising. By spamming Trojans, mass-mailers are spreading the program faster and compromising more computers than in the past.

In May, Fortinet noted that e-mails about FIFA World Cup soccer tickets had virus-laden attachments. The trend continued in June, with mass-mailers and scamsters using current news events to trick users into clicking on an attachment. One spam e-mail announced the capture of Osama Bin Laden and promised pictures of the capture in the attachment. By clicking on the attachment, the users unwittingly installed a Trojan, a program that opens a backdoor to a user’s machine allowing more viruses to creep in.

The problem could become pronounced as more Internet users sign up for automated news alerts and RSS feeds, since they wouldn’t think anything strange about receiving this seemingly permissible information in their e-mail inbox.

Another spam announced a suicide attempt by Michael Jackson and directed curious readers to a link to read the article, but the link actually pointed to a Web page loaded with browser exploits to install software that seriously compromises the security of a computer.

Variants of the worm Mytob were detected most frequently in June, accounting for about 40% of total virus activity. Unlike a Trojan, worms self-replicate by attaching themselves to outgoing e-mail messages. Fortinet called June a “Mytob Month,” noting that over 150 distinct variants of the worm were detected, compared to only 30 in May.

The report called the Mytob infections a “literal storm” to gain control of other computers on the Internet. Each computer infected by a Mytob variant becomes a “zombie,” that is, ready to be sold to someone who wants to use the machine for shady activities, including mass-mailing spam, phishing messages or launching other viruses.

Lovet says spyware authors buy or rent already-compromised machines to “plant” their own malware products.

Fortinet predicted an increased number of focused attacks. At the start of June, a Trojan was discovered that stole thousands of confidential documents and data through a backdoor in a company in Israel. It had no particularly revolutionary features, other than it had been created to target that single company. Many antivirus products would have caught the Trojan, but precautions failed in this instance because the program was written specifically to attack the particular company.


Filed under: Security
Comments: 1 Comment

« newer posts
Shorten URL

Main Menu
Home
Applications
Bad Idea
Books
Computers
Cool
Games
General
Good Idea
Linux
Mac
Music
Networks
Programming
Code
Security
VOIP


99c.org

Search


Syndication
RSS 2.0
Comments RSS 2.0
 Engadget

 Privacy


 Open Source

Archives
January 2009
December 2008
November 2008
October 2008
September 2008
August 2008
July 2008
June 2008
May 2008
April 2008
February 2008
January 2008
December 2007
November 2007
October 2007
September 2007
August 2007
July 2007
June 2007
May 2007
April 2007
March 2007
February 2007
January 2007
December 2006
November 2006
October 2006
September 2006
August 2006
July 2006
June 2006
April 2006
March 2006
February 2006
January 2006
December 2005
November 2005
September 2005
August 2005
July 2005

Recent Stories
» Apple cuts copy protection and prices on iTunes (AP)
» Apple disappoints: No Jobs or big news at Macworld (Reuters)
» Social Security unveils new online application (AP)
» Apple Unveils New MacBook Pro, Drops DRM for iTunes (NewsFactor)
» Apple disappoints--no Jobs or big news at Macworld (Reuters)
» Curl bolsters RIA data access (InfoWorld)
» Model wants Google to identify anonymous commenter (AP)
» Best Buy Offers Refurbished IPhones (PC World)
» Fake celeb LinkedIn profiles lead to malware (CNET)
» Truphone adds Skype, Twitter to iPhone client (CNET)
» Apple cuts copy protection and prices on iTunes (AP)
» Even in recession, CES to have stuff worth seeing (AP)
» Apple's Jobs has hormone imbalance, will stay CEO (AP)
» Logitech to cut salaried staff by 15 percent (AP)
» Fake celeb LinkedIn profiles lead to malware (CNET)