Microsoft offers a free e-book “Writing Secure Code for Windows Vista”. Check out here. Dear developers, don’t forget that security aspects must be taken into account at the early stage of software development!
Category: Software
Zero Wine Malware Analysis Tool
Seen on Full Disclosure, Zero Wine is a brand new project to help in malware analyzis. Based on QEMU and Wine, it provides a safe environment to launch suspicious Windows executable and analyze their behavior. Using the Wine debugging features, all the APIs calls are logged for further reporting. Project
Rogue/Hacked DHCP Server Detection Using Nagios
Beginning of this month, the Internet Storm Center published a diary about a new malware (called Trojan.Flush.M) detected by Symantec: Rogue DHCP servers. The malicious code was analyzed by Symantec. Once the machine infected, it sends fake DHCP offer packets using UDP ports 67 and 68 when another computer on
OpenVAS 2.0.0. is out
OpenVAS just announced the availability of its license-free scanner. The new release (2.0.0) comes with a lot of bugfixes and improvement. The most interesting are: Support of OVAL OIDs support (prefix: 1.3.6.1.4.1.25623) to identify all the vulnerabilities checks. The new support of OVAL (“Open Vulnerability and Assessment Language“) is a
Simple DLP with Ngrep
DLP stands for “Data Loss Prevention” or sometimes, “Data Leak Protection“. Companies primary goal is to make business. And their activities rely on their data (customers, databases, research results, statistics, source code, …). DLP is a security process which takes care of: monitoring, identify and protection of the data. The
Password Protected .exe Files
This is not a bullet-proof solution but it can be helpful from time to time… Empathy is a small tool to protect your Windows executable files with a password. To run the program, a dialog box will ask you the password. It can prevent children or unauthorized person to start
Laptop Face Recognition Vulnerability
This following issue has been reported by Bkis: Vulnerability in Face Recognition Authentication Mechanism of Lenovo-Asus-Toshiba Laptops. Modern laptops have often a small built in camera on top of the screen. Some vendors developed software’s to perform face recognition authentication. Theoretically, the principle is very attractive: the computer recognizes the
Firefox CPU Usage? Fail!
What’s the difference between this CPU usage: and this one: Only a website! After some investigations, the sites used “<marquee>” tags. It seems they are still not properly supported by Firefox! WTH!
Number of the Day: 1.91%
According to Secunia which grab nice data from its PSI application, only 1.91% of PC’s are fully patched: Read the report here.
Malicious Firefox Add-on Steals Passwords
It was reported by the French version of The Inquirer: it seems that a new malware is spread over the Internet presented like a false Firefox add-on! Discovered by BitDefender, the anti-virus editor, the malware was named Trojan.PWS.ChromeInject.A. It does not spread by itself and his installed in the local