NewsBot Centre

NewsBot Centre All other news from around the computer and security community can be seen here. Unique in its own right, our bot imports news from many blogs from the community in different subjects. http://forum.securitycadets.com/index.php Thu, 09 Sep 2010 19:15:59 +0000 10 Nine (9) Microsoft Security Bulletins Next Week http://forum.securitycadets.com/index.php?showtopic=16288
Microsoft Security Bulletin Advance Notification issued: September 9, 2010
Microsoft Security Bulletins to be issued: September 14, 2010

http://www.microsoft.com/technet/security/bulletin/ms10-sep.mspx

This month we will be releasing 9 bulletins addressing 13 vulnerabilities affecting Windows, Internet Information Services (IIS), and Microsoft Office. Four of those bulletins carry a Critical rating, with the rest rated Important.

We recommend as always that customers review the ANS summary page for more information and prepare for the testing and deployment of these bulletins as soon as possible.

Next Wednesday, September 15th, Adrian Stone and Jerry Bryant will host a public webcast during which they'll go into details about the bulletins, and answer questions live on the air. To register for this webcast in advance:

Date: Wednesday, September 15, 2010
Time: 11:00 a.m. PDT (UTC -7)
Registration: https://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?EventID=1032454433

http://blogs.technet.com/b/msrc/archive/2010/09/09/september-2010-bulletin-release-advance-notification. aspx

http://msmvps.com/aggbug.aspx?PostID=1777742

View the full article]]> Thu, 09 Sep 2010 19:15:59 +0000 http://forum.securitycadets.com/index.php?showtopic=16288 <![CDATA[Craigslist urged to ban 'adult services' across all sites]]> http://forum.securitycadets.com/index.php?showtopic=16283 Online auction site Craigslist is being urged to close its 'adult services' section on all of its global sites.

Last month, two -word removed- workers posted an open letter to Craigslist founder Craig Newmark in the Washington Post claiming the site wrecked their lives and accused it "facilitating trafficking" through its adult services section.

As a result, earlier this week the online auction site closed its adult services section, but only on the US version of the website.

However, four organisations that work on ending the -word removed- trafficking of children and young women, are urging the site to roll-out the closure of the section across all of its global sites.

"We thank Craig Newmark and Jim Buckmaster for voluntarily closing the adult services section of Craigslist in the United States. As the largest classified ads site to have an adult services section, Craigslist has become a major marketplace for buying and selling -word removed- with children and young women," said the Polaris Project, Rebecca Project for Human Rights, FAIR Fund and Courtney's House.

http://www.networkworld.com/news/2010/090810-craigslist-urged-to-ban-adult.html

http://msmvps.com/aggbug.aspx?PostID=1777701

View the full article]]> Thu, 09 Sep 2010 05:37:37 +0000 http://forum.securitycadets.com/index.php?showtopic=16283 Adobe Reader zero-day attack – now with stolen certificate http://forum.securitycadets.com/index.php?showtopic=16284 Today Adobe put out an advisory for a previously unknown zero-day in its PDF Reader/Acrobat software. This vulnerability is actively being exploited in the wild.

The exploit is pretty basic. What’s interesting about it is that it makes use of Return Oriented Programming to bypass the ASLR and DEP mitigation technologies in Windows Vista and 7.

More widespread usage of ROP for exploits is something I’ve been expecting for a while. Why? Because Windows 7 is gaining more and more traction in both the consumer and corporate space.

While most malicious PDFs download their payload, this time the PDF has malicious content embedded. The PDF drops an executable into the %temp% directory and tries to execute it.

The file it drops is digitally signed with a valid signature from a US-based Credit Union!

Complete article with screenshots in http://www.securelist.com/en/blog/2287/Adobe_Reader_zero_day_attack_now_with_stolen_certificate

http://msmvps.com/aggbug.aspx?PostID=1777700

View the full article]]> Thu, 09 Sep 2010 05:35:33 +0000 http://forum.securitycadets.com/index.php?showtopic=16284 Android SMS Trojan Now Being Delivered via SEO Techniques http://forum.securitycadets.com/index.php?showtopic=16285 Android users searching for pornography on their smart phones could be in for a costly surprise.

During the course of researching the origin for the first SMS Trojan for Android devices, I found a new Android package masquerading as a -word removed- media player but which instead sends SMS messages to premium rate numbers.

The SMS messages cost $6 each and are sent silently in the background without the user's knowledge.

The latest Android malware (detected as Trojan-SMS.AndroidOS.FakePlayer.

is being distributed via clever search engine optimization (SEO) techniques, a clear sign that cyber-criminals are making every effort to infect mobile devices. The use of SEO is a significant development that confirms our belief that mobile malware - especially on Android devices - is a potentially lucrative business for malicious hackers.

The code in the latest variant is similar to the first version and I'm pretty sure the same person (or group) is involved in creating and distributing this Trojan. It is currently targeting Android users in Russia.

The fake -word removed- player does not have a user interface. Once installed, it simply drops an icon (an adult-themed photograph) on the smart phone's screen and starts sending premium SMS messages without the user's knowledge whenever the app is launched.

http://www.securelist.com/en/blog/2286/Android_SMS_Trojan_Now_Being_Delivered_via_SEO_Techniques

http://msmvps.com/aggbug.aspx?PostID=1777698

View the full article]]> Thu, 09 Sep 2010 05:32:49 +0000 http://forum.securitycadets.com/index.php?showtopic=16285 R.I.P. Waledac: Undoing the damage of a botnet http://forum.securitycadets.com/index.php?showtopic=16286 Earlier this year, we wrote in this blog about Operation b49 – the groundbreaking legal and technical efforts led by Microsoft in cooperation with academic and industry experts around the world to shut down the notorious Waledac botnet, a network of tens of thousands of computers hijacked by bot-herders to spread malware, send spam and commit other forms of cybercrime. Today, I’m pleased to announce that our legal action to permanently shut down the botnet has been successful and we have begun working with Internet Service Providers (ISPs) and CERTS to help customers remove the Waledac infection from their computers.

As you may have seen in today’s edition of USA Today, Magistrate Judge Anderson of the US District Court of Eastern Virginia has indicated he is recommending the court grant Microsoft’s motion for default judgment in the case filed in February and permanently transfer ownership of the 276 domains behind Waledac to Microsoft so they’ll never again be used for cybercrime. In this case, Microsoft presented evidence to the court that although the defendants did not come forward, they were aware of the case and actively tried to retaliate, attempting to launch a distributed denial of service (DDOS) attack against the law firm that filed the suit and even going so far as to threaten one of the researchers involved in the case. Judge Anderson indicated he will be issuing a report and recommendation to the District Court to grant default judgment in Microsoft’s favor. The defendants will have 14 days to object and, if they do not, the District Court ruling will be final. The defendants are highly unlikely to respond, given the nature of the operation and the fact they have not presented a defense in court to date, which means this case has effectively been brought to a successful resolution. [...]

This legal victory is just one part of closing the book on Waledac. This operation has provided us with more visibility into the actual footprint of this notorious botnet so we can see the spread of the infection around the world. The number of unique infected IP addresses is steadily declining and as of August 30th 2010, there were just more than 58,000 unique IP addresses infected with Waledac malware. That’s down from nearly 64,000 addresses during the week of July 23rd, 2010. We’re using the information we’ve gathered on these infected IP addresses to begin working with CERTs and ISPs to contact affected customers in order to remove the Waledac malware from as many computers as possible. To help with that process, Microsoft has created a website – http://support.microsoft.com/botnets – dedicated to help people clean their computers. Although we are in the early stage of the cleanup process, we’re seeing great initial results. Cox Communications, for example, has already helped virtually all the customers they’ve contacted clean their computers.

http://blogs.technet.com/b/microsoft_blog/archive/2010/09/08/r-i-p-waledac-undoing-the-damage-of-a- botnet.aspx

http://msmvps.com/aggbug.aspx?PostID=1777697

View the full article]]> Thu, 09 Sep 2010 05:30:12 +0000 http://forum.securitycadets.com/index.php?showtopic=16286 Security Advisory for Adobe Reader and Acrobat released (APSA10-02) http://forum.securitycadets.com/index.php?showtopic=16287 Release date: September 8, 2010
Vulnerability identifier: APSA10-02
CVE number: CVE-2010-2883
Platform: All

Summary
A critical vulnerability exists in Adobe Reader 9.3.4 and earlier versions for Windows, Macintosh and UNIX, and Adobe Acrobat 9.3.4 and earlier versions for Windows and Macintosh. This vulnerability (CVE-2010-2883) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild.

Adobe is in the process of evaluating the schedule for an update to resolve this vulnerability.

Affected software versions
Adobe Reader 9.3.4 and earlier versions for Windows, Macintosh and UNIX, and Adobe Acrobat 9.3.4 and earlier versions for Windows and Macintosh.

Severity rating
Adobe categorizes this as a critical issue.

Details
A critical vulnerability exists in Adobe Reader 9.3.4 and earlier versions for Windows, Macintosh and UNIX, and Adobe Acrobat 9.3.4 and earlier versions for Windows and Macintosh. This vulnerability (CVE-2010-2883) could cause a crash and potentially allow an attacker to take control of the affected system. Adobe is aware of public exploit code for this vulnerability.

Adobe is in the process of evaluating the schedule for an update to resolve this vulnerability.

Adobe actively shares information about this and other vulnerabilities with partners in the security community to enable them to quickly develop detection and quarantine methods to protect users until a patch is available. As always, Adobe recommends that users follow security best practices by keeping their anti-malware software and definitions up to date.

Users may monitor the latest information on the Adobe Product Security Incident Response Team blog at the following URL: http://blogs.adobe.com/psirt or by subscribing to the RSS feed here: http://blogs.adobe.com/psirt/atom.xml.

http://www.adobe.com/support/security/advisories/apsa10-02.html

A Security Advisory has been posted in regards to a new Adobe Reader and Acrobat issue (CVE-2010-2883). A critical vulnerability exists in Adobe Reader 9.3.4 and earlier versions for Windows, Macintosh and UNIX, and Adobe Acrobat 9.3.4 and earlier versions for Windows and Macintosh. This vulnerability could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild.

http://blogs.adobe.com/psirt/2010/09/security-advisory-for-adobe-reader-and-acrobat.html

http://msmvps.com/aggbug.aspx?PostID=1777696

View the full article]]> Thu, 09 Sep 2010 05:08:13 +0000 http://forum.securitycadets.com/index.php?showtopic=16287 Portalization of Google, Redux http://forum.securitycadets.com/index.php?showtopic=16282
View the full article]]> Wed, 08 Sep 2010 17:45:10 +0000 http://forum.securitycadets.com/index.php?showtopic=16282 Hacking Apple (Interview with Charles Miller) http://forum.securitycadets.com/index.php?showtopic=16272 One thing is certain: You don't want Charles Miller's hands on your Mac.

For those of us who believe our Macs are safe from hackers, Miller, a Principal Analyst at Independent Security Evaluators (ISE) and world-renowned hacker, says think again.

Miller, an avid Mac user himself, has made a career out of exposing security bugs in computer operating systems and software, including those produced by Apple.

For example, at a security conference this March, Miller won a $10,000 prize for exposing vulnerabilities in Mac OS X Snow Leopard and Safari, among other software. According to Forbes.com, over the last four years, Miller has become one of the world's most famed Mac hackers.

So, why do an interview with a Mac hacker? Aren't hackers the enemies?

On the contrary: Miller has information Apple users need. As an analyst for ISE, Miller has gained extensive knowledge about security flaws in Macs and other computers, and his opinions are not swayed by loyalty to a particular company. In fact, ISE is an independent security consulting firm whose mission is to provide clients with unbiased information and solutions for improving the security of their products.

Lucky for us, Miller says Mac users need not panic about security threats, though they do exist. He was also willing to share some more of his insider hacker knowledge with us. In an interview with Markin Abras, founder and publisher of MacDirectory, Miller discusses issues related to the security of Macs as well as current trends in the security development industry.

Markin Abras > It is said that "Apple products" are safer than Windows-based products. Is this really true or are hackers too busy hacking PC-based devices?

Charles Miller > Both of your statements are true. They are safer exactly for the reason that not many criminals are looking at them. Most malware is written with the purpose of compromising as many hosts as possible, and that means Windows. There is nothing inherently more secure about Macs, in fact they're probably a little easier to break into, but really they are protected for the moment by their limited market share.

MA > You have successfully exploited Apple products. What makes you the leading and fastest Apple hacker today?

CM > Besides the fact I like and use Apple products, I think a lot of it is I was first to the party. There weren't many researchers interested in Macs when I started looking at them so I got to find all the low hanging fruit. Apple products are way more secure now than three years ago.

Complete interview in http://www.macdirectory.com/component/option,com_exclusive_news/task,viewDetail/news_id,2839/

http://msmvps.com/aggbug.aspx?PostID=1777621

View the full article]]> Wed, 08 Sep 2010 06:06:15 +0000 http://forum.securitycadets.com/index.php?showtopic=16272 Are you safe? FBI combats cyber crime on popular social networking sites http://forum.securitycadets.com/index.php?showtopic=16273 Cyber criminals from around the globe are now targeting popular social networking sites, putting users in harm's way. How safe are you from becoming a victim?

Gordon M. Snow, the FBI's Assistant Director, testified recently before the House Judiciary Subcommittee on Crime, Terrorism, and Homeland Security, on the FBI's efforts to combat cyber crimes on social networking sites.

"The rapid expansion of the Internet has allowed us to learn, to communicate, and to conduct business in ways that were unimaginable 20 years ago," Snow said. "Still, the same technology, to include the surge in the use of social networking sites over the past two years, has given cyber thieves and child predators new, highly effective avenues to take advantage of unsuspecting users."

Snow went on to note that cyber criminals use a variety of schemes to defraud or victimize innocent social networking site users. He focused on, social engineering, fraud schemes, phishing scams and data mining.

http://sdgln.com/news/2010/08/18/823-fbis-efforts-combat-cyber-crime-social-networking-sites

http://msmvps.com/aggbug.aspx?PostID=1777620

View the full article]]> Wed, 08 Sep 2010 06:03:39 +0000 http://forum.securitycadets.com/index.php?showtopic=16273 Commtouch Completes Acquisition of Command Antivirus Division of Authentium http://forum.securitycadets.com/index.php?showtopic=16274 Commtouch announced that it has closed on the purchase of the Command Antivirus® division of Authentium, Inc., a Florida-based company, as of Friday, September 3, 2010.

“With this acquisition, Commtouch is uniquely positioned to provide a comprehensive Internet security suite to vendors and service providers, including messaging, Web security and antivirus technologies,” said Gideon Mantel, Commtouch’s chairman of the board and chief executive officer. “Since announcing the agreement, we have received a great deal of positive feedback from both Commtouch’s and Command’s customer base. This acquisition is an important step forward in Commtouch’s strategy of expanding its leadership in the Internet security solution market.”

The Command Antivirus product includes technology to protect against viruses, spyware, Trojans, and other threats. It boasts strong detection capabilities coupled with high performance and offers flexible deployment options to OEM vendors and service providers looking to provide their customers with protection against malware, either as a standalone solution or as an additional layer of defense.

http://www.commtouch.com/press-releases/commtouch-completes-acquisition-command-antivirus-division- authentium

http://msmvps.com/aggbug.aspx?PostID=1777619

View the full article]]> Wed, 08 Sep 2010 06:02:17 +0000 http://forum.securitycadets.com/index.php?showtopic=16274 String Of Deals Shows Demand for Cloud-Based Authentication http://forum.securitycadets.com/index.php?showtopic=16275 Acquisitions highlight how authentication-as-a-service is now part of identity and access management strategies

The authentication and identity management market for cloud-based architectures has experienced a recent acceleration in consolidation, with two big acquisitions from VMware and CA Technologies, as well as Symantec's recent pick-up of VeriSign's security business, demonstrating how this market is maturing.

Early last week, CA purchased Arcot Systems in a $200 million deal that its executives say will build on its identity and access management play within the cloud. Just a day later, VMware took the wraps off its own cloud identity purchase, this one of TriCipher. Though VMware did not disclose the valuation of the deal, industry scuttlebutt estimates the figure at more than $115 million.

Forrester analyst Andras Cser says the deals are proof-positive that authentication-as-a-service is critical for today's identity and access management strategies and that virtualization isn't viable without identity and access management. [...]

Meanwhile, Forrester's Cser says the VMware purchase of TriCipher is a slightly different story. "Controlling access to resources on a virtual machine or a hypervisor is crucial. Data can be stolen from an unsecured virtual container much easier than from a physical box," he wrote. "Second-factor authentication will arguably make this much more difficult."

The VMware deal is especially interesting to many industry watchers who believe it is an especially big signal that the major platform vendors are on the hunt for authentication and identity management products to embed in their architectures, says Eric Olden, CEO of Symplified, another vendor that has made headway in the space, recently brokering a deal with Amazon to help its cloud customers improve their identity management.

http://www.darkreading.com/authentication/security/client/showArticle.jhtml?articleID=227300302

http://msmvps.com/aggbug.aspx?PostID=1777618

View the full article]]> Wed, 08 Sep 2010 06:00:50 +0000 http://forum.securitycadets.com/index.php?showtopic=16275 Privacy watchdogs challenge laptop seizures at US borders http://forum.securitycadets.com/index.php?showtopic=16276 6,671 travelers searched (so far)

Privacy advocates have sued the Obama administration over its practice of seizing laptops, cell phones, and other devices at US borders and copying their contents even when the owner isn't suspected of wrongdoing.

In a complaint filed in US District Court in New York City on Tuesday, the American Civil Liberties Union and the National Association of Criminal Defense Lawyers argued that digital devices contain such highly personal information that they are protected by the US Constitution's Fourth Amendment guarantee against unreasonable searches and seizures. Because the data often contains unpublished pictures and information collected by journalists and
scholars, the devices are also protected by First Amendment protections ensuring freedom of speech.

The complaint was filed on behalf of a variety of individuals, including Pascal Abidor, a 26-year-old doctoral student, and a dual US-French citizen. In May, he was traveling by train from Montreal to New York when officials from the US Customs and Border Protection searched his laptop. One agent demanded to know why he had downloaded pictures depicting rallies held by the militant Islamist groups Hamas and Hezbollah.

http://www.theregister.co.uk/2010/09/07/laptop_searches/

http://msmvps.com/aggbug.aspx?PostID=1777617

View the full article]]> Wed, 08 Sep 2010 05:59:35 +0000 http://forum.securitycadets.com/index.php?showtopic=16276 Gmail phishing spam making the rounds http://forum.securitycadets.com/index.php?showtopic=16277 Alert blog reader Marco F. sent us this one: Gmail account phishing. The email has all the clean look of Google’s communication style.

Anyone foolish enough to bite on this and click on the attachment will see the following web page. If you check the attachment source code you can see that it sucks genuine Gmail page elements.

Read more with screenshots in http://sunbeltblog.blogspot.com/2010/09/gmail-phishing-spam-making-rounds.html

http://msmvps.com/aggbug.aspx?PostID=1777616

View the full article]]> Wed, 08 Sep 2010 05:58:42 +0000 http://forum.securitycadets.com/index.php?showtopic=16277 Fake Flash Update Needs Flash to Work http://forum.securitycadets.com/index.php?showtopic=16278 If you live in the US, you may have played sports, barbequed, or enjoyed the last long weekend of the summer outside doing something fun outdoors. Unfortunately, that wasn’t an option here in Boulder, where a large wildfire generated a thick plume of smoke and ash. So, what’s a malware analyst to do indoors on a beautiful day with toxic smoke outside? Why, spend some quality time with Koobface, of course.

I took a closer look at the worm’s behavior and also noted that, since the Migdal keylogger site went dark for the Koobface crew, they’ve switched to using a new domain as the dead drop for credentials stolen by the Koobface password stealer payload: m24.in, the Web site of some sort of media company based in India. The behavior I saw by the keylogger was virtually identical to that used by the Migdal variant, reported in a previous post. The payload is even named m24.in.exe, just like the Migdal payload was named after the domain where it posted stolen passwords.

It’s been a while since the worm changed its primary method of infection: For nearly its entire existence, Koobface has spread by manipulating the social network accounts of infected users so it appears the user posted a link to a video. Of course, the worm does the posting in the name of the user, and the link points to a page which purports to be some sort of streaming video, but actually pushes the malware on anyone who visits. And, in order to take on the appearance of a real online video, it uses Flash.

The overall look and feel of the fake video has been static for some time, but the content changes periodically, and the current iteration of the page (which appeared this past April), titled “Video posted by … Hidden Camera,” is still in use and hasn’t been updated since then.

On the video page, a user is encouraged to download and install a file the page claims is Flash Player 10.37 — never mind that Adobe only recently updated Flash to version 10.1 — which happens to be the main Koobface installer.

Continue reading (with screenshots) in http://blog.webroot.com/2010/09/07/fake-flash-update-needs-flash-to-work/

http://msmvps.com/aggbug.aspx?PostID=1777615

View the full article]]> Wed, 08 Sep 2010 05:57:53 +0000 http://forum.securitycadets.com/index.php?showtopic=16278 A Web Defacer Turns to $$ Spam Fraud http://forum.securitycadets.com/index.php?showtopic=16279 Cyber-criminals in Brazil and the wider Latin America region almost always use social engineering tricks to launch attacks. Sometimes, they send fake bank e-mails or e-mails from popular Internet services. The e-mail databases of the potential victims are being compiled based on the stolen e-mail addresses from the infected machines and particularly from the addresses stored in e-mail clients.

Once the e-mail addresses are compiled, the fraudsters use several external tools like PHP shells on hacked Web servers. During my daily analysis, I found an interesting shell for mass mailing. The code shows it was developed locally in Brazil.

Continue reading (with screenshots) in http://www.securelist.com/en/blog/2280/A_Web_Defacer_Turns_to_Spam_Fraud

http://msmvps.com/aggbug.aspx?PostID=1777614

View the full article]]> Wed, 08 Sep 2010 05:56:31 +0000 http://forum.securitycadets.com/index.php?showtopic=16279 Firefox and Thunderbird Security Updates http://forum.securitycadets.com/index.php?showtopic=16280 Firefox 3.6.9 and 3.5.12 security updates now available

Release notes:
Firefox 3.6.9 release notes: http://www.mozilla.com/firefox/3.6.9/releasenotes/
Firefox 3.5.12 release notes: http://www.mozilla.com/firefox/3.5.12/releasenotes/

https://developer.mozilla.org/devnews/index.php/2010/09/07/firefox-3-6-9-and-3-5-12-security-updates- now-available/

Thunderbird 3.1.3 and 3.0.7 security updates now available

Release notes:
Thunderbird 3.1.3 release notes: http://www.mozillamessaging.com/en-US/thunderbird/3.1.3/releasenotes/
Thunderbird 3.0.7 release notes: http://www.mozillamessaging.com/en-US/thunderbird/3.0.7/releasenotes/

https://developer.mozilla.org/devnews/index.php/2010/09/07/thunderbird-3-1-3-and-3-0-7-security-updates- now-available/

http://msmvps.com/aggbug.aspx?PostID=1777613

View the full article]]> Wed, 08 Sep 2010 05:55:50 +0000 http://forum.securitycadets.com/index.php?showtopic=16280 Quicktime 0-day actively used in the wild http://forum.securitycadets.com/index.php?showtopic=16271

Following our recent posting of an Apple Quicktime 0-day vulnerability, Websense Security Labs™ ThreatSeeker™ Network has discovered exploitation of this vulerability in the wild.

http://community.websense.com/blogs/securitylabs/archive/2010/09/07/quicktime-0-day-actively-used- in-the-wild.aspx

http://msmvps.com/aggbug.aspx?PostID=1777612

View the full article]]> Wed, 08 Sep 2010 05:54:49 +0000 http://forum.securitycadets.com/index.php?showtopic=16271 Online Ticket Resellers Get Significant 47 USC 230 Win--Milgram v. Orbitz http://forum.securitycadets.com/index.php?showtopic=16281
View the full article]]> Tue, 07 Sep 2010 20:10:50 +0000 http://forum.securitycadets.com/index.php?showtopic=16281 TechCrunch purges Zeus malware attack http://forum.securitycadets.com/index.php?showtopic=16264 TechCrunch Europe has cleaned up its website following the discovery of malicious code that left visiting surfers exposed to infection by a variant of the infamous Zeus banking Trojan.

Malign script on eu.techcrunch.com attempted to serve up a malicious PDF file to readers of the news blog. The problem stemmed from a malicious iFrame in a JavaScript file that was used by the site as part of its WordPress blogging software installation

http://www.theregister.co.uk/2010/09/07/techchrunch_zeus/

http://msmvps.com/aggbug.aspx?PostID=1777443

View the full article]]> Tue, 07 Sep 2010 09:56:19 +0000 http://forum.securitycadets.com/index.php?showtopic=16264 D-Link Doubles Security for its Home Networking Routers to Help Prevent Against Increasing Attacks http://forum.securitycadets.com/index.php?showtopic=16265 New DNSSEC Security Measure, Along with Existing CAPTCHA, Help Defend Computers from Web Hacking, Phishing and Other Growing Security Threats

D-Link Middle East & Africa, the end-to-end networking solutions provider for consumers, businesses, and service providers, today announced it is the first in the industry to enhance its router security to a higher level of protection by incorporating both CAPTCHA and DNSSEC to guard against hacking, worms, viruses and other malicious Web attacks.

DNS Security Extensions (DNSSEC) is a suite of Internet Engineering Task Force (IETF) specifications that adds security to the Internet's Domain Name System (DNS) to provide assurance that the information received from a Domain Name Server is authentic. The security extensions are designed to protect the DNS from man-in-the-middle and cache poisoning attacks, which can occur when hackers corrupt DNS data stored on recursive name servers to redirect queries to malicious sites.

DNSSEC applies digital signatures to DNS data to authenticate the data's origin and verify its integrity as it moves across the Internet and can provide users with effective verification that their applications, such as Web or email, are using the correct addresses for servers they want to reach.

http://www.prnewswire.com/news-releases/d-link-doubles-security-for-its-home-networking-routers-to- help-prevent-against-increasing-attacks-102324774.html

http://msmvps.com/aggbug.aspx?PostID=1777441

View the full article]]> Tue, 07 Sep 2010 09:20:44 +0000 http://forum.securitycadets.com/index.php?showtopic=16265