Archive for May, 2006
McAfee Reveals 'OneCare' Competitor, Falcon

McAfee announced today an all-in-one security subscription service codenamed Falcon. Falcon will contain all major security suite components as well as PC backup and tune-up tools. It's essentially a competitor to Microsoft's Windows OneCare, expected soon, and Symantec's Genesis (also a codename), due out this fall.

Symantec has a lawsuit against Microsoft based on allegde “misappropiation of intellectual property.”

<sarcasm>

It seems so uncharacteristic to steal ideas from other companies:    Netscape Navigator
Eudora Pro
Stacker (as mentioned above)
Quarterdeck QEMM and Max386

</sarcasm>

What blows my mind is how Microsoft continues to get away with this. 

Microsoft Innovator's Copy & Conquer

read more | digg story

Delete Search Results: Cover your tracks

Ever search for something questionable on someone else system and go into a hyperventilation panic when you notice that their computer is retaining the keywords you typed into their search engine?  

 

You typed in “boobies” on your mom's computer and now the word pops up everytime you type a “B”!!

 

Perhaps it was your spouses system and your were searching for evidence of pornography.

Maybe it was your kids computer and you want to make sure they are o.k. mentally.

Maybe your Internet connection has been down for a while and you’ve had to use your friends system or a public system.

Whatever the case maybe it is none of my business.  And you don’t want it to be the business of the other who will use the system after you.

 

Here are two simple techniques to get rid of those bad keywords.

 

For Window XP “Recently Opened Documents”:

To delete “my Recent Documents”

Right – Click on the “Start” button

Select “Properties”

On the Start Menu Tab, Select “Customize”

Select the “Advance Tab”

Select the “Clear List” button at the bottom.  Don’t worry, it will NOT delete the files.  (Deselect the checkbox if you don’t want the system to track previously opened files)

 

 

For Windows XP, Internet Explorer:

In IE, Select “Tools”

Go to “Internet Option” at the bottom of the Tools list

Under Temporary Internet Files select “Delete Cookies” and “Delete Files”

To delete the history of the websites you searched select “Clear History”

Review: Certified Ethical Hacker (CEH) via Self Study

In his latest column for EH-Net, wireless hacking guru, Dan Hoffman, offers up his experience of attaining the CEH credential. Great read with fantastic advice for all you budding ethical hackers out there.

read more | digg story

First mobile phone virus nears 2nd birthday

The first real mobile phone virus, which was found in the wild and could replicate on its own, was discovered almost two years ago. F-Secure's chief research officer Mikko Hyppnen reports that although there are now over 200 mobile phone viruses — many of which are variants of Cabir — the problem is unlikely to get as bad as it has with PCs.

read more | digg story

China preparing information warfare army

The Chinese People's Liberation Army (PLA) is developing information warfare reserve and militia units. Also, China is developing the ability to launch pre-emptive attacks against enemy computer networks in a crisis, according to the document, “Annual Report to Congress: Military Power of the People's Republic of China 2006.”

I wonder if this is a response to the US release of information about that Elite Hacker Unit last year.  I guess the threats are turning Cyber.

read more | digg story

Certified Ethical Hacker Cert and Certified Pen Testing Expert

I'm going to go for the Certified Ethical Hacker Cert and eventually the Certified Pen Testing Expert Certification.  That is the direction that I'd like to go with my Information Security Career. 

As of right now, I have a CISSP.  I do a lot of Security Testing Evaluations and Authorization Agreement, Security Policy type work.  It pays well but I think Pen Testing would be more fun.  After getting the CISSP, I seriously considered going after the ISSEP, Information System Security Engineering Professional cert, which I heard was harder than the CISSP… I don't see how that is possible.

The CEH is a 125 question test that I've heard mixed reviews about.  I've taken the bootcamp and I love the material.  Its all hardcore hacking.  Not simply how to use Cane & Abel or NMap but how to code malware with notepad, methods of SQL injection, and firewall attacks.  I learned a lot.  It also scared the piss out of me.  If your already a hacker or hardcore pent tester than the class would be nothing more than a refresher.  Intermediates with pentesting will have a real treat.  Beginers will be decapitated.

I guess CPTE, Certified Pen Testing Expert is the lastest one.  From what I've read, it looks like it is a step up from the CEH.  Here is some more info on the CPTE.  From what I've read the CPTE is INSANE.  It looks like a practical exam completed in the presents of a pentesting expert.  It includes SQL injections, gathering data, compiling hacker applications, and FRICKING Lockpicking… I AM NOT READY. 

18 Days of Reckless Computing

Someone over at wired gives tests his new Dell to see how many viruses and how much malware it takes to get the Geek Squad to call it a total loss.

read more | digg story

10 Security Suite Reviews : Who's Got Your Back

All-in-One Security

Suites of antivirus, antispyware, and firewall software can provide convenient, solid protection against today's worst threats. Our tests of ten contenders show who's got your back.

read more | digg story

Computer Viruses Monitored via Dynamic Worldmap

You'll be able to view Previous Hour, Previous Day, Previous Month, This Year, and Previous Year. Color Coding has 6 Ranges (No Data, Quiet, Low, Medium, High, and Epidemic)

read more | digg story

fraud – RE: OUTSTANDING PAYMENT:
OUR REF: UBN/435/xo/024

DEAR SIR,

RE: OUTSTANDING PAYMENT:

THIS
BANK HAS BEEN MANDATED BY THE GOVERNING BOARD OF CENTRAL BANK OF
NIGERIA, BANK OF ENGLAND AND IN THE PRESENCE OF DIRECTORS OF
COMMERCIAL
BANKS IN UK, TO VERIFY AND PAY OFF ALL DELAYED GENUINE
CONTRACT
FUNDS/INHERITANCE CLAIMS, LOTTERY WINNINGS E.T.C BEFORE
CENTRAL
BANKS/COMMERCIAL BANKS IN AFRICA AND UK.

I DISCOVERED WITH
DISMAY THAT
YOUR PAYMENT HAS BEEN UNNECESSARILY DELAYED DESPITE
RECEIVING ALL
INTERNATIONAL PAYMENT APPROVALS AND AUTHORIZATIONS FROM
ALL RELEVANT
AUTHORITIES AND THAT YOU HAVE BEEN RIPPED OFF HUGE SUMS
OF MONEY BY
OFFICIALS WHO HAD ACCESS TO YOUR FUNDS AND INFORMATION AS
REGARDS YOUR
PAYMENT PARTICULARS. WE ARE INVESTIGATING THIS CASE AND
MUST SURELY
BRING THE CULPRITS TO BOOK.

AS THE FINAL AUTHORITY ON
THIS PAYMENT, I
WANT TO INFORM YOU THAT YOUR PAYMENT IS READY AND I
ADVOCATE IT SHOULD
BE REMITTED TO YOUR ACCOUNT VIA TELEGRAPHIC
TRANSFER IMMEDIATELY.
THEREFORE, YOU SHOULD CONTACT ME IMMEDIATELY FOR
THE SETTING UP OF YOUR
ACCREDITED PAYMENT ACCESS CODE NUMBER AND
PASSWORD AND TO COLLECT YOUR
PAYMENT RELEASE CODE, PAYMENT SLIP WITH
YOUR ORIGINAL SECURITY CODES
AND THE IRREVOCABLE STANDING PAYMENT
ORDER (ISPO).

YOU WILL SUBMIT THESE DOCUMENTS TO YOUR BANK FOR
IMMEDIATE PAYMENT OF YOUR FUNDS VIA
TELEGRAPHIC TRANSFER AFTER YOU
HAVE SIGNED YOUR SIGNATURE AND AFFIX
YOUR THUMBPRINT AT THE
APPROPRIATE COLUMNS OF THE DOCUMENTS AS THE
BENEFICIARY. PLEASE NOTE
THAT YOU ARE MOT TO MAKE ANY FURTHER PAYMENTS
TO ANY OTHER BANK IN
AFRICA OR IN UK

Here is a fresh new Nigerian money scam:

YOURS SINCERELY,

MR.RICHARD
CHIKE,

(FOREIGN
OPERATIONS)

UNION BANK NIGERIAN plc