segunda-feira, 31 de março de 2008

PF revela planos de rede especializada para combater crimes na internet

sábado, 29 de março de 2008

CanSecWest - Windows Vista compromised

Now, Windows Bista was compromised through a vulnerability in Adobe Flash read more 

terça-feira, 25 de março de 2008

Layers of Security

Vejam este artigo muito interessante publicado no blog da TSA (Transportation security Administration):

quarta-feira, 19 de março de 2008

Censura: saiba como funciona o 'escudo dourado' do governo chinês na web

Não vamos levar em consideração nossa visão política (a favor ou contra), mas analisar um método de monitoramento que pode ser útil no ambiente emnpresarial:

terça-feira, 18 de março de 2008

Apple updates Safari browser, busts 13 bugs

A utilização de telefones celulares no check-in de companhias aéreas

Uma nova fronteira começõu para a segurança, tanto da informação quanto da segurança física. Companhias aéreas nos Estados Unidos começaram a utilizar telefones celulares e PDAs para a realização de check-in nos aeroportos. Ou seja, nada mais de papéis para o embarque, apenas um código de barras que será armazenado e verificado. E como será a segurança desse sistema contra clonagem e/ou fraudes?

Segurança é problema para uso corporativo do iPhone 2.0


quarta-feira, 12 de março de 2008

Blog da TSA - Transportation Security Administration

Hoje, descobri o blog da TSA - Transportation Security Administration ( Além de ser um fonte de informações interessante, tem um artigo sobre o caso do Macbook Air "barrado" em um checkpoint, a versão da TSA e a dita versão da pessoa que divulgou o fato (nada é o que parece...)

segunda-feira, 10 de março de 2008

Ex-chief of anti-virus firm charged with distributing bogus security software

Parece tática já conhecida...

Symantec lança Norton dual protection - Mac e Windows

Veja a notícia completa em:

Karpersky prepara anti-vírus para Mac OS X

A Karpersky já tem no forno um versão de anti-vírus e outros malwares para quando eles começarem a aparecer na plataforma Mac OS X.

Segundo o seu representante na CeBIT,  Timur Tsoriev, o produto final poderia estar disponível em dias.

Isto parece uma excelente estratégia de marketing, anuncia o produto mas não libera o mesmo. Assim, não fica desgastando a imagem, em um momento em que a plataforma Mac OS X se apresenta virtualmente imune a malwares (apesar deles existeirem, os usuários não compram a idéia), ao contrário de Symantec e Mcafee, que ficam batalhando a compra pelos usuários.

E por enquanto, o ClamXav atende muito bem!

sexta-feira, 7 de março de 2008

NIST Releases 3 Publications

2 Special Publications and 1 Draft (2nd release)

Document #1:
SP 800-61 Revision 1, Computer Security Incident Handling Guide
, seeks to assist organizations in mitigating the risks from computer security incidents by providing practical guidelines on responding to incidents effectively and efficiently. The publication includes guidelines on establishing an effective incident response program, but the primary focus of the document is detecting, analyzing, prioritizing, and handling incidents. SP 800-61 Revision 1 updates the original publication, which was released in 2004.


Document #2:
SP 800-28 Version 2, Guidelines on Active Content and Mobile Code, provides an overview of active content and mobile code technologies in use today and offers insights for making informed IT security decisions on their application and treatment. Active content refers to electronic documents that contain embedded software components, including mobile code; examples of mobile code are JavaScript, VBScript, Java applets, and ActiveX controls. The publication gives details about the active content and mobile code threats, technology risks, and safeguards for end user systems. SP 800-28 Version 2 is a new version of SP 800-28, which was released in 2001.


Document #3:
NIST has posted a second Draft of SP 800-73-2 Interfaces for Personal Identity Verification for public comments. This draft incorporates some comments and suggestions that were received after the first public comment period had closed (see 3). The changes since the first draft include: 1) relaxation of the Global PIN security status limitations, 2) incorporation of an optional Global and PIV PIN discovery object, 3) addition of a discovery object for the PIV card application, 4) elimination of the previously proposed optional U-CHUID data object, and 5) resolutions of the first draft public comments. Please go to the DRAFTS page to view the Second Public Draft and to learn more about this draft along with where to forward comments to. A comment template form is also provided. Comments period closes on April 4th 2008.


Pat O'Reilly
List Administrator
Computer Security Division

Chinese hackers: No site is safe

Chinese hackers: No site is safe

By John Vause

ZHOUSHAN, China (CNN) -- They operate from a bare apartment on a Chinese island. They are intelligent 20-somethings who seem harmless. But they are hard-core hackers who claim to have gained access to the world's most sensitive sites, including the Pentagon.

In fact, they say they are sometimes paid secretly by the Chinese government -- a claim the Beijing government denies.

"No Web site is one hundred percent safe. There are Web sites with high-level security, but there is always a weakness," says Xiao Chen, the leader of this group.

"Xiao Chen" is his online name. Along with his two colleagues, he does not want to reveal his true identity. The three belong to what some Western experts say is a civilian cyber militia in China, launching attacks on government and private Web sites around the world. VideoWatch hackers' clandestine Chinese operation »

If there is a profile of a cyber hacker, these three are straight from central casting -- young and thin, with skin pale from spending too many long nights in front of a computer.

One hacker says he is a former computer operator in the People's Liberation Army; another is a marketing graduate; and Xiao Chen says he is a self-taught programmer.

"First, you must know about the Web site you want to attack. You must know what program it is written with," says Xiao Chen. "There is a saying, 'Know about both yourself and the enemy, and you will be invincible.'"

CNN decided to withhold the address of these hackers' Web site, but Xiao Chen says it has been operating for more than three years, with 10,000 registered users. The site offers tools, articles, news and flash tutorials about hacking.

Private computer experts in the United States from iDefense Security Intelligence, which provides cybersecurity advice to governments and Fortune 500 companies, say the group's site "appears to be an important site in the broader Chinese hacking community."

Arranging a meeting with the hackers took weeks of on-again, off-again e-mail exchanges. When they finally agreed, CNN was told to meet them on the island of Zhoushan, just south of Shanghai and a major port for China's navy.

The apartment has cement floors and almost no furniture. What they do have are three of the latest computers. They are cautious when it comes to naming the Web sites they have hacked.

But eventually Xiao Chen claims two of his colleagues -- not the ones with him in the room -- have hacked into the Pentagon and downloaded information, although he wouldn't specify what was gleaned. CNN has no way to confirm if his claim is true.

"They would not publicize this," he says of someone who hacks the U.S. Defense Department. "It is very sensitive."

This week, the Pentagon said computer networks in the United States, Germany, Britain and France were hit last year by what they call "multiple intrusions," many of them originating from China.

At a congressional hearing in Washington last week, administration officials testified that the government's cyber initiative has fallen far short of what is required. Most alarming, the officials said, there has never been a full damage assessment of federal agency networks. VideoWatch Pentagon bans Google from bases »

"We are here today because we must do more," said Robert Jamison, a top official in the U.S. Department of Homeland Security. "Defending the federal system in its current configuration is a significant challenge."

U.S. officials have been cautious not to directly accuse the Chinese military or its government of hacking into its network.

But David Sedney, the deputy assistant secretary of defense for East Asia, says, "The way these intrusions are conducted are certainly consistent with what you would need if you were going to actually carry out cyber warfare."

Beijing hit back at that, denying such an allegation and calling on the United States to provide proof. "If they have any evidence, I hope they would provide it. Then, we can cooperate on this issue," Qin Gang, a spokesman for the Chinese Foreign Ministry, said during a regular press briefing this week.

But Xiao Chen says after the alleged Pentagon attack, his colleagues were paid by the Chinese government. Again, CNN has no way to independently confirm if that is true.

His allegations brought strenuous denials from Beijing. "I am telling you honestly, the Chinese government does not do such a thing," Qin said.

But if Xiao Chen is telling the truth, it appears his colleagues launched a freelance attack -- not initiated by Beijing, but paid for after the fact. "These hacker groups in my opinion are not agents of the Chinese state," says James Mulvenon from the Center for Intelligence Research and Analysis, which works with the U.S. intelligence community.

"They are sort of useful idiots for the Beijing regime."

He adds, "These young hackers are tolerated by the regime provided that they do not conduct attacks inside of China."

One of the biggest problems experts say is trying to prove where a cyber attack originates from, and that they say allows hackers like Xiao Chen to operate in a virtual world of deniability.

And across China, there could be thousands just like him, all trying to prove themselves against some of the most secure Web sites in the world.

All AboutComputer SecurityComputer CrimeHackersChina

The information in the email is confidential, and intended solely for the addressee.  Access to this email by anyone else is unauthorized.  Any copying or further distribution beyond the original recipient is not intended, and may be unlawful.  The opinions enclosed are those of the sender, and do not necessarily reflect those of any employer and/or partner.