Archive for August, 2006
Security Engineering Book (FREE)

I haven’t read it yet, but I’m definitely going to check it out.
http://www.cl.cam.ac.uk/~rja14/book.html 

Bruce Schneier‘s says it is a must read so I’ve gotta put it on my book hit list.

This is Ross Anderson.  This

AT&T Hack Exposes 19,000 Identities

“Hackers broke into one of AT&T’s computer systems and accessed personal data on thousands of customers who used the carriers online store.”

Attention all AT&T Customers: Get new service. Vonage is really good. Keep in mind nothing is completely hack proof but it would be nice to have a phone service without being raped on price AND privacy.

read more | digg story

task manager disabled

task manager disabled
I get this from malware from time to time. One of the best ways to find and destroy some of the weaker virus, trojans and worms is to Ctrl+Alt+Del to get to Task Manager. Malware writers know this so they write a script to disable the Task Manager.

Here is how to enable task manager

Disable Task Manager and possible Malware:

First step to system restore

The easiest way to enable the Task Manager and get rid of most malware is to perform a  Windows System Restore.  Please note that this does not get rid of really ugly malware such as Rootkits and some trojans, but it will work on most lame malware.

Get to System Restore (via Safe Mode):

1)  Reboot in Safe mode: Restart system, hit F8, select “Safe Mode”

2)  Proceed in Safemode: When prompted (as in the picture above) Select “NO”

3)  Restore Wizard: Select a date prior to when you recieved the malware (system restore does not delete newly downloaded files, only new changes in the registry… including “task manager disable”)

Restoring to a past restore point

  • Click Start.
  • Select All Programs.
  • Select Accessories.
  • Select System Tools.
  • Select System Restore.
  • Select Restore my computer to an earlier time.
  • Click the Next button.
  • Select a Restore point from the calendar by clicking a bold date and then selecting a Restore point.
  • Click the Next button.
  • Confirm the Restore point and click the Next button.

 

xtra has a good page on how to restoring the registry on Window 95, Windows ME, Windows 2000, Windows XP. 

 

other methods:

http://windowsxp.mvps.org/Taskmanager_error.htm

Enable Task Manager

http://support.microsoft.com/kb/555480/en-us

               

         

    

  

 

 

 

 

*** SCAM CONFIDENTIAL/E-BANKING TRANSACTION SCAM**

The latest scam.. ATTN:
CONFIDENTIAL/E-BANKING TRANSACTION.
I am Mr David Peterson , The Manager OF Bills and Exchange at the Foreign Remittance Department of Citi Bank Plc. I am writing this letter to ask for your support and cooperation to carry out this business opportunity in my departments. We discovered an abandoned sum of US$38.5 Million (Thirthy Eight Million, Five Hundred Thousand United States Dollars only) in an Account that belongs to one of our foreign customer who died along with his entire family of a wife and two children in November 2002 in Afghanistan.  Since we heard of his eath, we have been expecting his next-of-kin to come over and put claimsfor his money as the heir, because we cannot release the fund from his Account unless someone applies for claim as the next-of-kin to the deceased as indicated in our Banking guidelines.
Unfortunately, neither their family member nor distant relative has
ever appeared to claim the said fund. Upon this discovery, I and other
officials in my department have agreed to make business with you and release the Total amount into your Account as the beneficiary of the fund,since no one came for it or discovered he maintained Account with our Bank, otherwise the fund will be returned to the Banks treasury as unclaimed fund.
We have agreed that our ratio of sharing will be as stated thus: 30% for you as a foreign partner, 60% for us the officials in my department and 10% for the settlement of all local and foreign expenses incurred by us and you during the cours of This business. Upon the successful completion of this transfer, I and one of my colleagues will come to your Country and mind our share. It is from our 60% we intend to invest in (estate) as a way of recycling the fund.
To commence this transaction, we require you to immediately indicate
your interest by a return E-mail and enclose your private contact telephone number, fax number including you mobile number, full name and address and your designated Bank coordinates to enable us file letter of claim to the appropriate departments for necessary approvals before the transfer can made.
Note also, this transaction must be kept STRICTLY CONFIDENTIAL because of its nature. I look forward to receiving your prompt response.

Yours Faithfully,

DAVID PETERSON.
ACCOUNTING GENERAL
CITI BANK LONDON.
accountant@onlinecitibanking.com
www.CITIBANK.CO.UK

Chinese seek military ID info

Cyberthreat:

Maj. Gen. William Lord, Chief Information Officer, today told an audience of civilian Air Force personnel attending the Air Force IT Conference that “China has downloaded 10 to 20 terabytes of data from the NIPRNet. They’re looking for your identity, so they can get into the network as you.”

This is really old news. But it is so powerful coming from General Lord.

read more | digg story

Certified Ethical Hacker (CEH) Scam?

A year or so ago I attended the coolest and most fun Bootcamp I’ve ever been to.  It was the Certified Ethical Hacker course.  

For someone who is not familiar with security, hacking, pentesting tools this class is an incredible introduction.  For real hackers and pentesters, this class is either a refresher course or total garbage.  I’d say the course material is beginer to intermediate.

Fresh from the Defcon, I must admit that even the hackers that might be considered mediocre (by Defcon standards) probably see this cert as more of a “script kiddie” industry scam, since it barely scratches the surface of their “elite black world”.  Some of those good Defcon hackers wrote the tools talked about in the CEH course material.

My oppinion is that the CEH is a great start for wanna be hackers and pentesters.  Everyone has to start somewhere.  Whether you start with SANS Track 4, Hacker Techniques, Exploits and Incident Handling or The EC Counsil’s Certified Ethical Hacker course, you have to start somewhere.

Whether the EC Council is some sort of shadow organization created to deceive the world, I can not say.  It seems as legit as the ISC2, creators and maintainers of the CISSP.  All I know is that the industry has fully excepted the EC Council and its many certifications.      

Here is what one of my readers wrote me after all my cheerleading for the CEH:

I don’t know if you’ve been reading newsgroups lately, but it seems that the CEH, sold by the “EC-Council”, is somewhat of an elaborate hoax which many are seeing for what it is. A summary: ECCcouncil is a company started in Malaysia by a marketing guy called Sanjay Bavisi.

Trying to get on the security bandwagon, he invented the CEH and made them appear to be “A New York based” council of members. The fact is that they are Kuala Lumpur based company that people have been taken in by and most of the “council members” don’t even know that they are on it. The people writing the courses are NOT pen testers or ethical hackers and the the course content is written in terrible English and a lot of stuff seems copied and pasted straight from the web.

Look at this review of their book on amazon:
********
“Ethical Hacking” is really just a hotch-potch of descriptions of tools that can be found anywhere on the Net. The English is so anguished as to be scarcely recognizable in places – almost as if it’s been translated into Lithuanian by Google, and then back into English again. The peculiar typesetting makes it even more difficult to read.

I just gave up trying to read this book. My advice is not to waste your money in the first place.
*********

Do a search for “scam” and “ceh” and you will see that this bunch are slowly but surely being exposed for what they are. There are legitimate penetration testing qualifications out there, but this one is looking dubious to say the least. Wouldn’t touch it with a barge pole.

I think they were reading this forum.  Like I said, all I know is that the EC-Councils certifications are well respected.  One pentester/hacker/forensics bad ass I met at the FISC has a bunch of EC-Council certs and he is doing very well with the government.

I always hear people crying about how certs are scams or how people who gets certs don’t have real technical skills.  Some say the same about a college degree.  It floors me.  Regardless of what anyone says or believes, these pieces of paper can help you focus your skill set and make you MORE MONEY. 

When you enter the job market, you are competing with hundreds of others who may have the exact same skills; Certs, degrees, licenses will give you the edge you need to destroy those competitors.

I don’t think the CEH is a scam but even if it was the majority of organizations recognize and respect it so that is irrelevant.

Crypto/Security Genius Bruce Schneier’s

Yesterday Geekz.co.uk had and explosive responce to their jokes about Bruce Schneir’s legendary crypto brilliance.  For those who don’t know, Bruce Schneier is the creater of an AES Crypto called Two Fish (which was almost made into an crypto standard).  Bruce has also written a few security books that have made him the “top dog” among crytpo geeks.

Here is Bruce’s response the “Facts on Bruce Schneier

My favorite are the new “facts” created by Bruce’s readers and fans

Free Security Tools

Need a proxy for surfing anonymously? Need email privacy?
How about a free firewall?

Here are a bunch of free security tools you can use.

The Internet is full of legitamate free tools created by people who don’t care about making money or make money with donations and endorsements. Majorgeeks is my favorite place to get anti malware, anti spam, anti spyware tools. You don’t want to go to just ANY site and start downloading software. Not all sites can be trusted. One of the main ways that malicious hackers get in your system is by putting out free stuff loaded with malware. Malware can be put in pictures, music, movies, and of course software.

Make sure you only download from trusted locations.

Phishermen are Impersonating the FDIC

“The Phishermen love to use government agencies to lure victims into their web of deceit.
The FBI, IRS, Interpol and now the FDIC – who will they use next?”

Here is the FDIC alert:

The FDIC is aware of a phishing e-mail that has the appearance of being sent from the FDIC. The name “Federal Deposit Insurance Corporation” appears on the “From” line and the subject is, “IMPORTANT: Notification of Federal Deposit Insurance Corporation.”

read more | digg story

Massive cyberprotest by an international hackers coalition against UN/Leb..

A massive cyberprotest by hackers from Chile, Argentina, Mexico, Turkey, Germany, Dominican Republic, Peru, Spain, Venezuela and for the first time ever by Cuban hackers (YES!!! CUBAN HACKERS!!!) against the United Nations resolution for Lebanon is taking place and according to reports, it has taken a lot of high-profile victims (UN,Sony,Gov sites)

read more | digg story