Archives for: July 2008
Storm Worm leverages FBI and Facebook in new attack
07/30/08 09:49 , Categories: The ThreatTrix - IT Security Alerts and Advisories Link: http://www.scmagazineus.com/Storm-Worm-leverages-FBI-and-Facebook-in-new-attack/PrintArticle/113071/
Storm Worm leverages FBI and Facebook in new attack
Sue Marquette Poremba July 29 2008
A new malware campaign uses the FBI and Facebook as a ruse to trick users into downloading the Storm Worm trojan, US-CERT warned on Tuesday.
The emails arrive with headings such as "FBI may strike Facebook" or "The FBI has a new way of tracking Facebook," according to US-CERT.
According to a Sophos blog post, the email uses both domains and the IP addresses as links that point to the malware executable fbi_facebook.exe.
Overall, this latest Storm attack is similar to others, but with one major distinction, Graham Cluley, senior technology consultant at Sophos, told SCMagazineUS.com on Tuesday.
The websites to which the attackers attempt to lead the victims are constantly changing, so the user isn’t sure if the email is malicious or real, he said. Once there, the sites attempt to load a bogus news story, which is actually a trojan.
And with this particular campaign, the spammers are feeding on the privacy concerns of Facebook users, said Matt Sergeant, senior anti-spam technologist at MessageLabs.
“By picking a particularly sensitive area of U.S. policy and combining it with the enormous popularity of Facebook, the spammers have a likelihood of greater success in getting people to open their malicious emails,” he told SCMagazineUS.com. “Storm has recently suffered a large decrease in the size of the botnet, and has been overtaken by Cutwail and Srizbi, which have now been crowned the largest botnets, and so it’s not surprising to see these extreme tactics by the owners of Storm.”
TITSSN launches our annual IT Security "Community Outreach Program" “COP” on August 1st and is looking for participating members. Are you ready to give back to your community, are you ready to join the initiative and make a difference, join us.
Link: http://titssn.net/cop
Good day to you,
Every year we, TITSSN, a network of IT professionals, consultants, VARs, business executives and technologists, tries to give back to our communities by becoming a valuable avenue/resource of guidance, counsel and support for those in need of assistance in and with their IT issues. This program is geared towards the development of more education and awareness around IT and securing that user experience while online and offline.
Every day we’re faced with the challenges of new and emerging risks through various forms of technology we use and so we host this yearly program to help foster more awareness and education about these risks and how to secure against them in our local communities. Our members covers many areas and are available as a point of contact/resource and some provide many services and support that will be of benefit and value to you.
So what do we need from you to join this initiative?
1. Join TITSSN’s initiatives for the fostering further education and awareness of and about IT Security in your community.
2. Help to spread the message of IT Security and the need for us to secure our infrastructure in a unified manner by becoming and advocate, resource, point of contact, advisor, technologist in your community and make known that you’re supporting this for the greater good. Identify your community and share what you’re doing there.
3. (optional) Host/sponsor an event in your community that’s geared towards something IT security related.
The requirements are simple but the cause is great. We need your help and support in making this happen and so if you’re willing to be all that you can be, join our Community Outreach Program and do what you can for it. I wish to personally network with every participating member of the program on LinkedIn so please send me an invite if you decide to participate. My LinkedIn profile is http://www.linkedin.com/in/titssn
The program’s website is located at http://titssn.net/cop and will go live on August 1st at 12.01am
Thank you and I look forward to your support.
~Brett A. Scudder~
President/Chairman
~TITSSN~
Pittsburgh cancer center warns of cell phone risks
Link: http://news.yahoo.com/s/ap/20080724/ap_on_he_me/cell_phone_warning
Pittsburgh cancer center warns of cell phone risks
by JENNIFER C. YATES and SETH BORENSTEIN, Associated Press WritersThu Jul 24, 7:13 AM ET
The head of a prominent cancer research institute issued an unprecedented warning to his faculty and staff Wednesday: Limit cell phone use because of the possible risk of cancer.
The warning from Dr. Ronald B. Herberman, director of the University of Pittsburgh Cancer Institute, is contrary to numerous studies that don’t find a link between cancer and cell phone use, and a public lack of worry by the U.S. Food and Drug Administration.
Herberman is basing his alarm on early unpublished data. He says it takes too long to get answers from science and he believes people should take action now — especially when it comes to children.
“Really at the heart of my concern is that we shouldn’t wait for a definitive study to come out, but err on the side of being safe rather than sorry later,” Herberman said.
No other major academic cancer research institutions have sounded such an alarm about cell phone use. But Herberman’s advice is sure to raise concern among many cell phone users and especially parents.
In the memo he sent to about 3,000 faculty and staff Wednesday, he says children should use cell phones only for emergencies because their brains are still developing.
Adults should keep the phone away from the head and use the speakerphone or a wireless headset, he says. He even warns against using cell phones in public places like a bus because it exposes others to the phone’s electromagnetic fields.
The issue that concerns some scientists — though nowhere near a consensus — is electromagnetic radiation, especially its possible effects on children. It is not a major topic in conferences of brain specialists.
A 2008 University of Utah analysis looked at nine studies — including some Herberman cites — with thousands of brain tumor patients and concludes “we found no overall increased risk of brain tumors among cellular phone users. The potential elevated risk of brain tumors after long-term cellular phone use awaits confirmation by future studies.”
Studies last year in France and Norway concluded the same thing.
“If there is a risk from these products — and at this point we do not know that there is — it is probably very small,” the Food and Drug Administration says on an agency Web site.
Still, Herberman cites a “growing body of literature linking long-term cell phone use to possible adverse health effects including cancer.”
“Although the evidence is still controversial, I am convinced that there are sufficient data to warrant issuing an advisory to share some precautionary advice on cell phone use,” he wrote in his memo.
A driving force behind the memo was Devra Lee Davis, the director of the university’s center for environmental oncology.
“The question is do you want to play Russian roulette with your brain,” she said in an interview from her cell phone while using the hands-free speaker phone as recommended. “I don’t know that cell phones are dangerous. But I don’t know that they are safe.”
Of concern are the still unknown effects of more than a decade of cell phone use, with some studies raising alarms, said Davis, a former health adviser in the Clinton Administration.
She said 20 different groups have endorsed the advice the Pittsburgh cancer institute gave, and authorities in England, France and India have cautioned children’s use of cell phones.
Herberman and Davis point to a massive ongoing research project known as Interphone, involving scientists in 13 nations, mostly in Europe. Results already published in peer-reviewed journals from this project aren’t so alarming, but Herberman is citing work not yet published.
The published research focuses on more than 5,000 cases of brain tumors. The National Research Council in the U.S., which isn’t participating in the Interphone project, reported in January that the brain tumor research had “selection bias.” That means it relied on people with cancer to remember how often they used cell phones. It is not considered the most accurate research approach.
The largest published study, which appeared in the Journal of the National Cancer Institute in 2006, tracked 420,000 Danish cell phone users, including thousands that had used the phones for more than 10 years. It found no increased risk of cancer among those using cell phones.
A French study based on Interphone research and published in 2007 concluded that regular cell phone users had “no significant increased risk” for three major types of nervous system tumors. It did note, however, that there was “the possibility of an increased risk among the heaviest users” for one type of brain tumor, but that needs to be verified in future research.
Earlier research also has found no connection.
Joshua E. Muscat of Penn State University, who has studied cancer and cell phones in other research projects partly funded by the cell phone industry, said there are at least a dozen studies that have found no cancer-cell phone link. He said a Swedish study cited by Herberman as support for his warning was biased and flawed.
“We certainly don’t know of any mechanism by which radiofrequency exposure would cause a cancerous effect in cells. We just don’t know this might possibly occur,” Muscat said.
Cell phones emit radiofrequency energy, a type of radiation that is a form of electromagnetic radiation, according to the National Cancer Institute. Though studies are being done to see if there is a link between it and tumors of the brain and central nervous system, there is no definitive link between the two, the institute says on its Web site.
“By all means, if a person feels compelled that they should take precautions in reducing the amount of electromagnetic radio waves through their bodies, by all means they should do so,” said Dan Catena, a spokesman for the American Cancer Society. “But at the same time, we have to remember there’s no conclusive evidence that links cell phones to cancer, whether it’s brain tumors or other forms of cancer.”
Joe Farren, a spokesman for the CTIA-The Wireless Association, a trade group for the wireless industry, said the group believes there is a risk of misinforming the public if science isn’t used as the ultimate guide on the issue.
“When you look at the overwhelming majority of studies that have been peer reviewed and published in scientific journals around the world, you’ll find no relationship between wireless usage and adverse health affects,” Farren said.
Frank Barnes, who chaired the January report from the National Research Council, said Wednesday that “the jury is out” on how hazardous long-term cell phone use might be.
Speaking from his cell phone, the professor of electrical and computer engineering at the University of Colorado at Boulder said he takes no special precautions in his own phone use. And he offered no specific advice to people worried about the matter.
It’s up to each individual to decide what if anything to do. If people use a cell phone instead of having a land line, “that may very well be reasonable for them,” he said.
Susan Juffe, a 58-year-old Pittsburgh special education teacher, heard about Herberman’s cell phone advice on the radio earlier in the day.
“Now, I’m worried. It’s scary,” she said.
She says she’ll think twice about allowing her 10-year-old daughter Jayne to use the cell phone.
“I don’t want to get it (brain cancer) and I certainly don’t want you to get it,” she explained to her daughter.
Sara Loughran, a 24-year-old doctoral student at the University of Pittsburgh, sat in a bus stop Wednesday chatting on her cell phone with her mother. She also had heard the news earlier in the day, but was not as concerned.
“I think if they gave me specific numbers and specific information and it was scary enough, I would be concerned,” Loughran said, planning to call her mother again in a matter of minutes. “Without specific numbers, it’s too vague to get me worked up.”
___
Jennifer Yates reported from Pittsburgh. Science Writer Seth Borenstein reported from Washington. Reporter Ramit Plushnick-Masti contributed from Pittsburgh and Science Writer Malcolm Ritter contributed from New York.
___
On the Net:
Advice from the University of Pittsburgh Cancer Institute:
http://www.environmentaloncology.org/node/201
Food and Drug Administration on cell phones:
http://www.fda.gov/cellphones/qa.html
TITSSN's IT Security Community Outreach Program 'COP' info for August 2008
07/24/08 15:51 , Categories: IT Security Community Outreach Program ~COP~ | TITSSN’s Community Outreach Program ‘COP’ Giving back to our communities as advisors, support, subject matter experts and service providers. |
Hi all, It’s coming to that time of the year again and we’re putting the program settings into effect. We anticipate a very feature rich program this year filled with lots of goodies for all. We’re welcoming new members and affiliates who are interested in joining this initiative and contributing to their communities. The program goes into effect on August 1st and the website and details will be posted shortly. Thank you, ~TITSSN~ |
|
|
| The IT Security Suite Network ~TITSSN~ |
A joint TITSSN and the NAISG meeting in Washington DC on July 30th 2008
07/24/08 11:07 , Categories: DCITSUG - Washington DC IT Security Users Group Link: http://dc.naisg.org/meetings
WELCOME FROM THE WASHINGTON, DC CHAPTER OF NAISG
NAISG is a national, information security association that provides presentations, education and networking opportunities at no cost to the general public. The quality of its meetings and members and its TechTips email list have attained international recognition. You can visit the main Web site at http://www.naisg.org or the Washington DC chapter site at http://dc.naisg.org.
*******************************************************************************************
National Information Security Group (NAISG) – Washington, DC Chapter
*******************************************************************************************
In this newsletter:
1. July and August meeting topic
2. Meetings count for CISSP recertification credits
3. Network with other NAISG members on LinkedIn
4. Online resources
5. TechTips email list - Post your security questions/answers here
*******************************************************************************************
1. JULY MEETING (7/30, 6:30 PM)
Add the meeting to your calendar! All meeting notices are available in ICS format so that you can easily add them to your Outlook or other ICS-compliant calendar system. Access the ICS file at http://dc.naisg.org/meetings.
Presentation: "IT Security Threat Landscape" Brett A. Scudder, President of The IT Security Suite Network, will be presenting a workshop focusing on Information Technology Security. Mr. Scudder has worked in the security threat landscape for 10 years covering a range of topics from viruses, worms, hacking, denial of service attacks and patching. He has worked with some the industry’s finest vendors, professionals, executives and consumers which allow him to have a holistic approach to resolution and addressing the IT Security Threat Landscape.
During the workshop Mr. Scudder will address the current IT Security Threat Landscape, how companies currently secure and protect its users and data, and the types of issues that you should be aware of going forward. He will also be available for a Q&A session to answer any questions that you may have regarding the IT Security Threats Landscape.
If you have not yet done so, please send a courtesy e-mail to Meetings-DC@naisg.org indicating that you plan to attend the meeting so that we can orderthe correct quantity of pizza.
AND SPEAKING OF PIZZA…Does your company want to sponsor pizza for an upcoming meeting? We need organizations to provide the pizza sponsorship. If interested, please see http://www.naisg.org/Sponsors for costs and benefits and then let us know.
The meeting will be on Wednesday, July 30, at 6:30 PM. It will be held at the CSIS headquarters. [Directions are on our Web site at http://dc.naisg.org.] The meeting will start with a general introduction to the group, followed by an open Q&A period and then the presentation.
THERE WILL BE NO AUGUST MEETING - SEE YOU IN SEPTEMBER
2. MEETINGS COUNT TOWARD YOUR CISSP RECERTIFICATION
During the three year recertification period, each CISSP must earn 120 continuing professional education (CPE) credits. Your attendance at NAISG meetings is valid toward these credits. If you are a CISSP, please print a copy of the form at http://dc.naisg.org/Meetings and bring it to the meeting. Give it to the meeting moderator to sign, after which you can submit it to (ISC)2 as needed. Details on the recertification requirements are at https://www.isc2.org/cgi-bin/content.cgi?category=24.
3. NETWORK WITH OTHER NAISG MEMBERS ON LINKEDIN
Feel free to join more than 650 other NAISG members on LinkedIn at http://www.linkedin.com/e/gis/43269/7DC2303017E0.
4. ONLINE RESOURCES
NAISG maintains an increasingly-popular Resources page that includes an Internet bandwidth test utility as one additional tool available to our membership. This tool is hosted on our own server and provides accurate readings of upload and download speeds. Just click the Start button on the page to initiate the test. Bookmark this page and tell your friends about. http://www.naisg.org/Resources.
5. "TechTips" E-Mail List
NAISG maintains an email list server for subscribers to post their security-related questions and answers as well as occasional special interest announcements. This is a great forum for members to get quick answers for their day-to-day or out-of-the-blue questions, and includes individuals from all over the world. If not already subscribed, you can do so at http://www.naisg.org/Lists.
HTC's Sprint Mogul 6800 and Touch Windows Mobile v.6.1 Upgrade - My review and screenshots
Link: http://www.htc.com/us/FAQ_Detail.aspx?p_id=75&act=sd
HTC’s Sprint Mogul 6800 and Touch Windows Mobile v.6.1 Upgrade
So HTC finally released the highly anticipated WM v.6.1 upgrade for the Mogul on Monday July 21st and I couldn’t wait to install it. I was still a little worried about it so I installed it on my primary test Mogul and boy was a happy with it until, until, UNTIL, I saw how much it ate up the battery.
Some of the new features that were added are not of value to me but hey, it’s still good to have as others will benefit from them. I’m not into the TV stuff but it was a nice added compliment. I checked out a few stations and was quite pleased with the reception and service. I tried playing with the GPS but had some issues because I may need to setup an account or something.
One thing is for sure, it is the fastest loading Windows Mobile OS i’ve seen to date. Wow, I was very impressed with the speed of loading up even after I loaded up all my apps and utils on it. Restarting the device took under 30 seconds, WOW. It’s much faster and I no longer had that glitch when creating or responding to new emails where the screen only showed one side of the page.
I love the new text messaging features. It’s like an IM session that runs over the course of the conversation with the same person. It makes it so much easier to track back to previous IMs but I fear the "loading messages" part consumes memory. I do over 4000 (and counting) txt messages per month so managing my txt and txt’g for is critical for me. Yes, but of course I have an unlimited txt messaging plan.
If only the battery life was improved, oh the pain, oh the hurt. Anyway, it could have been worse so thank goodness for the new features, enhancements and well needed speeds.
Why update the ROM on your device?
The software upgrade posted below provides several key enhancements for your Mogul:
| 1. | Upgrades the operating system from Windows Mobile® 6.0 Professional to Windows Mobile® 6.1 Professional | |||
| 2. | Adds Sprint TV | |||
| 3. | Includes all enhancements incorporated in previous software upgrades including:
|
Here’s some additional release info for the HTC Touch as well HTC’s Web site.
Here are some screen shots of my Mogul and settings.
The new Task Manager
I love my Mogul, can you tell?
Thank you HTC and keep up the great work, we apprecilove it.
~Brett A. Scudder~
Vulnerability in the PDF distiller of the BlackBerry Attachment Service for the BlackBerry Enterprise Server
Vulnerability in the PDF distiller of the BlackBerry Attachment Service for the BlackBerry Enterprise Server
Doc ID : KB15766
Last
Modified : 2008-07-18
Document Type : Security
Advisory
Environment
BlackBerry® Enterprise Server software version 4.1 Service Pack 3 (4.1.3) through 4.1 Service Pack 5 (4.1.5)
- BlackBerry® Professional Software 4.1 Service Pack 4 (4.1.4)
view
This advisory describes a security issue that the BlackBerry Attachment Service component of the BlackBerry Enterprise Server is susceptible to. The issue relates to a known vulnerability in the PDF distiller component of the BlackBerry Attachment Service that affects how the BlackBerry Attachment Service processes PDF files.
This vulnerability has a Common Vulnerability Scoring System (CVSS) score of 9.0.
Problem
A security vulnerability exists in the PDF distiller of some released versions of the BlackBerry Attachment Service. This vulnerability could enable a malicious individual to send an email message containing a specially crafted PDF file, which when opened for viewing on a BlackBerry smartphone, could cause memory corruption and possibly lead to arbitrary code execution on the computer that the BlackBerry Attachment Service runs on.
Resolution
Upgrade to BlackBerry Enterprise Server software version 4.1 Service Pack 6 (4.1.6).
Research In Motion (RIM) has also issued an interim security software update that resolves this vulnerability in earlier affected versions of the BlackBerry Enterprise Server and BlackBerry Professional Software.
For BlackBerry Enterprise Server
Visit http://www.blackberry.com/go/serverdownloads
to obtain the interim security software update for affected release versions earlier than BlackBerry Enterprise Server software version 4.1.6.
For BlackBerry Professional Software
Visit http://na.blackberry.com/eng/support/downloads/#tab_professional
to obtain the interim security software update for affected BlackBerry Professional Software versions.
Workaround
Note: As a mobile device best practice, RIM recommends that BlackBerry smartphone users open attachments from trusted sources only.
Prevent the BlackBerry Attachment Service from processing PDF files in a BlackBerry Enterprise Server environment
You can prevent the BlackBerry Attachment Service from processing PDF files by editing the list of file format extensions that the BlackBerry Attachment Service opens, and then preventing the PDF attachment distiller from running on the BlackBerry Attachment Service.
To remove the PDF file extension from the list of supported file format extensions, complete the following actions:
From the Windows® Desktop, open the BlackBerry Server Configuration tool.
Click the Attachment Server tab.
In the Format Extensions field, delete
pdf: from the colon–delimited list of extensions.Click Apply.
- Click OK.
attachment distiller from running, the BlackBerry Attachment Service still detects a PDF file with a renamed extension (in other words, its extension is not .pdf) and attempts to process the file automatically. To prevent the PDF attachment distiller from running, complete the following actions:
On the Windows Desktop, open the BlackBerry Server Configuration tool.
Click the Attachment Server tab.
In the Configuration Option drop-down list, select
Attachment Server.In the Distiller Settings section, next to the distiller name Adobe PDF, clear the check box in the Enabled column.
Click Apply.
Click OK.
On the Windows Desktop, in Administrative Tools, open
Services.Right-click BlackBerry Attachment Service and click
Stop.Right-click BlackBerry Attachment Service and click
Start.- Close Services.
ronments, complete the following additional steps:
On the Windows Desktop, in Administrative Tools, open
Services.Right-click BlackBerry Dispatcher and click
Stop.Right-click BlackBerry Dispatcher and click
Start.- Close Services.
STRONG> Restarting certain BlackBerry Enterprise Server services will delay email message delivery to BlackBerry smartphones. For more information, see KB04789.
In IBM® Lotus® Domino® environments, complete the following additional steps:
Open the IBM Lotus Domino Administrator.
Click the Server tab.
Click the Status tab.
Click Server Console.
In the Domino Command field, type tell BES
quit and press ENTER.In the Domino Command field, type load BES
and press ENTER.- Close the IBM Lotus Domino Administrator.
Additional Information
You can install the BlackBerry Attachment Service on a remote computer and then place that computer on its own network segment to prevent the spread of potential attacks from the BlackBerry Attachment Service to another computer within your organization’s network. In a segmented network, attacks are isolated and contained on a single area of the network. Using segmented network architecture is designed to improve the security and performance of the BlackBerry Attachment Service network segment by filtering out attachment data that is not destined for other network segments. For more information about placing the BlackBerry Enterprise Solution components in a network rchitecture that is segmented to prevent the spread of potential malware attacks, see Placing the BlackBerry Enterprise Solution in a Segmented Network.
Visit www.blackberry.com/security for more information on BlackBerry security.
CVSS is a vendor agnostic, industry open standard designed to convey the severity of vulnerabilities. CVSS scores may be used to determine the urgency for update deployment within an organization. CVSS scores range from 0.0 (no vulnerability) to 10.0 (critical). RIM uses CVSS in vulnerability assessments to present an immutable characterization of security issues. RIM assigns all security relevant issues a non-zero score.
TITSSN's 3rd Anniversary Dinner Meeting Pics on July 10th 2008
Link: http://titssn.net/titssn-anniversary-meeting-2008.htm
Good day to you,
On behalf of TITSSN I would like to say many thanks to all who attended our anniversary dinner meeting and for taking the time to be with us and participating in this another anniversary meeting of thanks. Your presence was well received and I hope you enjoyed the evening’s formalities.
To the new members we say welcome and we’re happy to have you with us. You’re now a part of the network family and as such will benefit from its awesome resources. As we continue to develop and grow so will you and the abundance of resources.
To our existing members, where would we be without you and your continued support?
You’ve been there, done that, had that, seen that and learnt that but the best is still yet to come. We look forward to your continued support going forward and thank you for your patronage.
So here’s to a new year and exciting times for us all as TITSSN. Cheers.
Here are a few images of the dinner meeting. I look forward to your feedback.
The group members (well, those who came out).
Brett doing his preso.
The food and refreshments
Group pics - members
TITSSN extends a warm and hearty thank you to Mr. E. Fred Sher (our professional photographer/member) for his invaluable support in capturing our events and the moments. Even with the poor lighting issues of the room he’s still able to capture the moments in a great way. Thank you Sir and we hope to have your continued eye on capturing these moments.
Thank you and have a great day. We’re looking forward to this new year ‘2009′.
~TITSSN~
Ernie_and_Joel_at_MESS_2008.jpg
07/14/08 15:40 , Categories: General 
Davion_and_Ernie_Hudson_at_MESS_2008.jpg
07/14/08 15:40 , Categories: General 
David_Carlos_and_Ernie_Hudson_at_MESS_2008.jpg
07/14/08 15:40 , Categories: General 
MESS_May_20th_2008_Ernie_preso_6.jpg
07/14/08 14:48 , Categories: General 
MESS_May_20th_2008_Ernie_preso_5.jpg
07/14/08 14:48 , Categories: General 
MESS_May_20th_2008_Ernie_preso_4.jpg
07/14/08 14:48 , Categories: General 
MESS_May_20th_2008_Ernie_preso_3.jpg
07/14/08 14:48 , Categories: General 
:: Next >>
Weather
Feels like: 41°F
Wind: ENE 36 mph
Today's high: 45°F
Today's low: 42°F
Sunrise: 6:12 AM
Sunset: 5:59 PM
More...
XML Feeds
