New worm emerged early this week, variously named “Oscarbot-B” and “Doyorg” by antivirus companies, are targeting users of AOL’s instant messaging software, AIM. Something similar to the recent MSN worm, I think.

Quoted:
The Windows-based malware emerged early this week, and has made itself a nuisance for its ability to hijack the list of contacts or “buddies” in an infected user’s IM account. After opening a window to any one of these contacts with the message “Hey check this out“, it invites users to follow an embedded link. Anyone who clicks on this will risk becoming its next victim.

The worm creates a backdoor into Internet Relay Chat (IRC) to download and run files on machines where infection is successful, commanded by the instruction of the attacker, hence, giving remote access to that infected PC.

So, all AIM users, please be aware of all the links your buddies sent you, re-confirm with them before clicking it is always an advisable idea.

[Source]

Well, I need to clarify again because this post is quite serious: I AM NOT AGAINST INTEL !!

I swear to GOD, I DID NOT purposely dig out bad news about Intel !! News happens by itself, I can’t create it.

Ok, here is the detail:-

Colin Percival, from FreeBSD Organization, revealed that Hyper-Threading (HT) is suffering from a serious security flaw. This flaw permits local information disclosure, including allowing an unprivileged user to steal an RSA private key being used on the same machine. In other words, Intel Pentium 4, Mobile Pentium 4, Pentium Extreme Edition and Xeon processors are all victims to this flaw.

However he stated single-user systems (i.e., desktop computers) are not affected. Besides, he strongly advised administrators of multi-user systems to take action to disable Hyper-Threading immediately.

He even wrote a 12-page long article, discussing this flaw and related problems.

In fact, he discovered this flaw back in October 2004. Then tested the suspected flaw and got notified by FreeBSD Security Officer Team in December 2004. In February 2005, vendors including Intel and other security teams contacted him. Finally, he made an official public disclosure that a security flaw exists in Hyper-Threading on May 13, 2005.

Quoted:
I don’t hate Intel — in fact, I think Intel makes great CPUs, and I have an Intel processor in every computer I own. (Not that I have anything against AMD; it just happened to work out this way.) But as someone who works in the field of computer security, I don’t play political games: If I find a vulnerability, I’m going to report it and work with vendors to fix it, regardless of what the problem is or who it affects.

[Source]

Same here, I do not hate Intel, Intel helps the economy of Penang and Malaysia to prosper, and I thank them truly. I just came across this article and thought it would be an interesting topic to publish.

Anyone with a solid explanation to this issue please leave your comment(s) here. Feel free to drop an email to Colin Percival too.
I would rather think this breaking news is false at the moment until further confirmation.

Just a few hours ago written a short article about flaws found in Internet Explorer and Microsost Outlook, now I’ve just read another article regarding vulnerabilities in the Firefox.

According to the article, in the latest incident, a 16-year-old security researcher – who asked only to be identified by his first name, Paul – found three vulnerabilities in the Firefox browser that together could be exploited to run arbitrary code. It seems that now flaw finders are digging up more security holes in Firefox, while vulnerability researchers frequently flogged Microsoft for the number of security holes found in its Internet Explorer browser.

Quoted:
For the last six months of 2004, researchers found more vulnerabilities in Mozilla’s Firefox than Microsoft’s Internet Explorer, according to Symantec’s bi-annual Internet Security Threat Report. The report tallied 21 vulnerabilities for Mozilla Firefox versus 13 for Internet Explorer. However, a smaller percentage of the vulnerabilities found in Firefox were considered a severe security threat, said Symantec’s Oliver Friedrichs, senior manager with the company’s security response team.

Anyway, as compared to the number of critical flaws found, Firefox still is having an edge over Internet Explorer. In other words, quantity of flaws found doesn’t necessary reflect the seriousness of the hole in any browser.

Quoted:
“Severe vulnerabilities in general allow for drive-by installs,” he said. “So just by visiting a website, you could have [anything from] spyware to malware to Trojan horses installed on your system.”

Friedrichs stressed that the number of vulnerabilities found by researchers is not necessarily a good indication of product security. He pointed to the Mozilla Firefox’s relatively young age, the browser’s increasing popularity, and commercial software vendors tendency to silently fix vulnerabilities as factors that could affect the vulnerability count.

To reduce flaws, Microsoft changed more than 50 features of Internet Explorer in WinXP SP2. In total, Microsoft changed more than 428 features in Windows XP, including eliminating two classes of vulnerabilities on which the company did not revealed before.

Those changes have made Internet Explorer a tougher target for vulnerability researchers, said one flaw finder.

This makes me wonder, is reducing the features (not 1, but more than 50) in an application a wise move to eliminate flaws?

Anyway, let’s see what’s the progress of fighting secirity flaws between Firefox and Internet Explorer in coming months.

[Source]

Have you ever wonder what is actually inside Windows Xp Service Pack 2, which was released last year to patch all the security flaws found?

Microsoft security chief just revealed that SP2 for Windows XP changed or eliminated more than 400 significant features in the operating system, also eliminating two previously undiscovered classes of security flaws.

Quoted:
Speaking at the CanSecWest conference in Vancouver, Microsoft security strategist Window Snyder [apparently his real name] said the company changed or removed 428 Windows XP features considered security loopholes. 51 of them were in Internet Explorer and 107 were in Windows XP’s networking functions.

Snyder also said in the report that security firm SecurityFocus also discovered two “entire classes of vulnerabilities” that have never been reported outside the company. Snyder said the vulnerability types had been wiped out and declining to provide details.

[Source]

According to survey released on 2nd May 2005 by SANS regarding the Top20 Internet Security Vulnerabilities during the first quarter of 2005, researches believe that online criminals has turned their attention to antivirus software and media players like Apple Computer Inc.’s.

As more Windows users agreed to receive security upgrades automatically, hackers looked to take advantage of other software programs that might not be patched as frequently, the head of the cybersecurity training and research organization said.

“Operating systems have gotten better at finding and fixing things and auto-updating, so it’s less fertile territory for the hackers,” said SANS Chief Executive Alan Paller.

[Source]

Now, hackers have found ways to take control of a user’s computer by tunneling through Microsoft’s Web browser, media player and instant-messaging software. So, again, I’m here to promote a more secure browser : Firefox. :)

Click the following link to download Firefox.

According to networking guru, George Ou from ZDNet, Sony Play Station Portable (PSP) is bad enough to ruin wireless Local Area Network (LAN) in the home, due to its lack of support to WiFi Protected Access (WPA) security.

Currently, Sony PSP supports only Wired Equivalent Privacy (WEP) encryption security for wireless LAN, but too bad this encryption technology was found to be completely broken five years ago.

The Wi-Fi Alliance in 2003 mandated that all Wi-Fi products comply with the new WPA standard and use the new TKIP encryption algorithm yet Sony somehow feels exempt from this responsibility.

So, for PSP user, they will have to lower their wireless LAN security to only support WEP instead of a more secure WPA, in order to connect using PSP. The following is one of the suggestions from George :

Sony needs to rectify the situation as soon as possible by retrofitting all new PSPs off the factory floor with WPA capability and offer a free upgrade to the PSPs that are already out in the wild.

[Source]