headers
Daniel Otis | 22 May 22:40
Gravatar

malicious binaries

Many moons ago I ran a site to share malware binaries amongst the people 
on this list.  I'm always looking for a new source of data so I am 
wondering if there is a current free source for sharing malicious 
binaries for analysis.  Thanks!  Also, I wouldn't mind running such a 
service again, the only problem was I was the only one sharing ;)

Daniel

--

-- 
MooSoft Development LLC
http://www.moosoft.com
Permalink | Reply | 0 comments |
headers
Rob, grandpa of Ryan, Trevor, Devon & Hannah | 21 May 20:47
Picon
Favicon

Rotten AV proves "free market" false?

(Or lousy OS situation, or pitiful software security in general ...)

http://www.businessinsider.com/when-competition-easy-entry-and-no-government-
produces-lousy-results-a-quick-look-at-the-anti-virus-and-anti-malware-market-
2012-5

or

http://is.gd/yfQXMG

(I do recall some research that indicates "low cost of entry" actually promotes 
monoculture ...)

======================  (quote inserted randomly by Pegasus Mailer)
rslade <at> vcn.bc.ca     slade <at> victoria.tc.ca     rslade <at> computercrime.org
Harold Crick: I'm glad I caught you. I wanted to give you these
Ana Pascal (the baker): What are they?
Harold Crick: Flours.
Ana Pascal: What?
Harold Crick: I brought you flours.
- `Stranger Than Fiction' http://www.imdb.com/title/tt0420223/quotes
victoria.tc.ca/techrev/rms.htm http://www.infosecbc.org/links
http://blogs.securiteam.com/index.php/archives/author/p1/
http://twitter.com/rslade
Permalink | Reply | 1 comment |
headers
Rob, grandpa of Ryan, Trevor, Devon & Hannah | 16 May 00:50
Picon
Favicon

(Redundant) Backup is good

An example:
http://www.youtube.com/watch?v=EL_g0tyaIeE

======================  (quote inserted randomly by Pegasus Mailer)
rslade <at> vcn.bc.ca     slade <at> victoria.tc.ca     rslade <at> computercrime.org
         The client interface is the boundary of trustworthiness.
                                             - Tony Buckland, UBC
victoria.tc.ca/techrev/rms.htm http://www.infosecbc.org/links
http://blogs.securiteam.com/index.php/archives/author/p1/
http://twitter.com/rslade
Permalink | Reply | 0 comments |
headers
Juha-Matti Laurio | 13 May 11:43
Picon
Favicon

Error in Finnish e-prescription software randomly added characters when Return was used

Finnish Medical Journal (in Finnish):
http://www.laakarilehti.fi/uutinen.html?opcode=show/news_id=12029/type=1

Google translation:
http://translate.google.com/translate?hl=en?sl=fi&tl=en&u=http%3A//www.laakarilehti.fi/uutinen.html%3Fopcode%3Dshow/news_id%3D12029/type%3D1

It is reported that using Return key in Effica e-prescription software randomly caused the program to add
or destroy characters typed by the doctor.
According to the article The National Institute for Health and Welfare ("THL") denied the use of Return key
when writing dosage instructions.
Technically the error in the software developed by Tieto company was associated to the message transmission.

Juha-Matti
Permalink | Reply | 0 comments |
headers
Drsolly | 12 May 20:28

PCI DSS and BEAST

I just spent two effortful days getting my Secure Server to pass the PCI
DSS. The big problem is the BEAST vulnerability. And it's a corker. What
you have to do to get your certification, is disable most of the strong
crypto that you accept, and only accept some of the weaker ones (a bit of
research on the web will give you that info).

Having done that, and gotten my certification renewed, my QA told me that
some of the big banks haven't passed the PCI DSS tests.

So, naturally, I did my own test. The site I tested (and it's a biggie) 
seems to be vulnerable to MITM attacks.

So here's a freebie to any journos reading this list. Choose a few banks, 
give their Secure Server domain name to a PCI DSS testing facility, and 
see if they pass the standard test.

But only do that if it's legal to do so in the place where you live.
Permalink | Reply | 0 comments |
headers
Ben April | 12 May 03:23
Picon

.secure TLD

http://www.darkreading.com/authentication/167901072/security/security-management/240000187/new-i-secure-i-internet-domain-on-tap.html

If they really wanted to be secure they would require the
implementation of RFC 3514

--

-- 
Benjamin D. April
Permalink | Reply | 3 comments |
headers
Robert Slade | 11 May 19:49
Picon
Favicon

Terrorist toddlers (Toddler terrorists?)

http://www.vancouversun.com/travel/toddler+JetBlue+employees+pull+month+from+flight+over+list/6606185/story.html
Permalink | Reply | 0 comments |
headers
Rob, grandpa of Ryan, Trevor, Devon & Hannah | 11 May 00:03
Picon
Favicon

As you were ...

Apparently the Mayan's were as bad as anyone else changing their minds on the 
date of the end of the world ...

http://www.sciencedaily.com/releases/2012/05/120510141905.htm

======================  (quote inserted randomly by Pegasus Mailer)
rslade <at> vcn.bc.ca     slade <at> victoria.tc.ca     rslade <at> computercrime.org
The evening news is where they begin with 'Good evening,' and
then proceed to tell you why it isn't.
            - http://twitter.com/judybishop/status/25012495785664512
victoria.tc.ca/techrev/rms.htm http://www.infosecbc.org/links
http://blogs.securiteam.com/index.php/archives/author/p1/
http://twitter.com/rslade
Permalink | Reply | 1 comment |
headers
Juha-Matti Laurio | 10 May 17:19
Picon
Favicon

7 Ways Oracle Puts Database Customers At Risk

A very good coverage:

http://www.darkreading.com/database-security/167901020/security/news/232901381/7-ways-oracle-puts-database-customers-at-risk.html

Juha-Matti
Permalink | Reply | 0 comments |
headers
Rob, grandpa of Ryan, Trevor, Devon & Hannah | 5 May 21:36
Picon
Favicon

Cost/benefit?

http://www.cbc.ca/news/world/story/2012/05/05/japan-nuclear-power-shut-off.html

Boy, this came as a bit of a shocker.  Yeah, I know people are afraid of nukes (and 
power companies are often more careless than they should be.  Even so, you would 
think that some people would realize the huge risks and (invisible) costs of coal 
and oil.

======================  (quote inserted randomly by Pegasus Mailer)
rslade <at> vcn.bc.ca     slade <at> victoria.tc.ca     rslade <at> computercrime.org
A lot of good arguments are spoiled by some fool who knows what
he is talking about.                             - Miguel de Unamuno
victoria.tc.ca/techrev/rms.htm http://www.infosecbc.org/links
http://blogs.securiteam.com/index.php/archives/author/p1/
http://twitter.com/rslade
Permalink | Reply | 0 comments |
headers
Jeffrey Walton | 5 May 21:18
Picon

Seriously?

Seriously? The "new threat of user-initiated drive by downloads"?

===============================================

Don’t Install Android Security Updates While Browsing the Web,
http://www.gottabemobile.com/2012/05/04/dont-install-android-security-updates-while-browsing-the-web/

Surfing the web on Android is relatively safe, but a new threat tricks
users into installing a trojan that calls itself a security update.

Symantec discovered the Android.Notcompatible threat this week,
calling attention to the new threat of user-initiated drive by
downloads.

Malware is a problem on Android smartphones, but it is typically
reserved for infected fake games and apps found on third-party
marketplaces. This new attack can happen on any infected webpage, and
relies on tricking the user into installing the malware.
...
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Permalink | Reply | 11 comments |

Gmane