How to exploit Mozilla Firefox
November 24, 2006
Are you one of those people who lets Firefox save your passwords so you don’t have to type them in again?
CHapin Information Services(CIS) has discovered a new flaw in Mozilla Firefox web browser that exposes saved passwords using a Reverse Cross-Site Request (RCSR) vulnerability.
The vulnerability exposes saved passwords and could affect anyone visiting a weblog or forum website that allows user-contributed HTML codes to be added.
“RCSR attacks are also actively targeting Microsoft Internet Explorer, however a flaw in Firefox makes the attack much more likely to succeed,” says Chapin on his site.
“The Password Manager component of FireFox can be exploited to send a username and password combination to an attacker’s computer without the user’s knowledge. Users of both Firefox and Internet Explorer need to be aware that their information can be stolen in this way when visiting blog and forum websites at trusted addresses.
“A recent large-scale attack using RCSR targeted MySpace.com users and was first reported by Netcraft 10/27/2006. That incident involved fake login forms on the MySpace website inviting users to type in their username and password.”
A recent large-scale RCSR attack targeting MySpace.com involved fake login forms on the MySpace website inviting users to type in their username and password.
Chapin says worsening the problem is the fact forms can be completely hidden from view.
After saving a website password in Firefox, it’s possible for that password to be transmitted to another website by unwittingly clicking on an invisible image link, he says, adding:
“Mozilla confirmed this as bug number 360493, and said they are already working on a fix for version 2.0.0.1 or 2.0.0.2.”
A proof-of-concept demonstration is available here.
Chapin recently reported on a MySpace vulnerability which allowed music files to be downloaded anonymously and identified a gaping hole in Yahoo’s music sales site.
If you liked this article, click here to buy me a beer!Dear visitor, thanks for dropping by. If you enjoyed reading this post, you may want to subscribe to my RSS feed. It could could win you some great prizes this month. Thanks for visiting!
How a Paypal phishing email looks like and how to detect it
November 13, 2006
In computing, phishing is a criminal activity using social engineering techniques. Phishers attempt to fraudulently acquire sensitive information, such as passwords and credit card details, by masquerading as a trustworthy person or business in an electronic communication. Phishing is typically carried out using email or an instant message, although phone contact has been used as well. Attempts to deal with the growing number of reported phishing incidents include legislation, user training, and technical measures.
The first recorded mention of phishing is on the alt.online-service.america-online Usenet newsgroup on January 2, 1996, although the term may have appeared even earlier in the print edition of the hacker magazine 2600. The term phishing is a variant of fishing, probably influenced by phreaking, and alludes to the use of increasingly sophisticated lures to “fish” for users’ financial information and passwords. The word may also be linked to leetspeak, in which ph is a common substitution for f.
Shown below is a sample email message I received from PayPal
If you dissect this email digging into its header and the content code, you will see two things jump out
If you liked this article, click here to buy me a beer!Dubya Death Email-aware Worm Spreading
November 9, 2006
Security Firm Sophos is warning computer users of a new email-aware worm that poses as a number of false breaking news stories—including the outbreak of nuclear war and the death of George W Bush and Vladimir Putin—in an attempt by hackers to infect computers and steal information.
The W32/Dref-N worm may arrive in an email message with the following characteristics:
Subject line: chosen from
White house news!
READ AND RESEND ASAP!
NEWS!
ATTN TO EVERYBODY!
Incredible news!
ATTN
URGENT NEWS!
URG
Message text: chosen from
3rd Glogal War Just Started!!! Read more in file!
Nuclear War in Russia! Read news in file!
President Bush DEAD! Read attached file!
Putin and Bush starts NUCLEAR WAR! Check the file!
Nuclear WAR in USA! Read attached file!
GLOBAL NUCLEAR WAR JUST STARTED! News in file.
President Putin dead! Read more in attached file!
Attached file: chosen from
truth.exe, last.exe, lasest news.exe, never.exe, war.exe, about me.exe, a.exe, read me.exe, or open.exe.
Opening the attached file disables the Windows firewall, and allows external hackers to gain access to the system.
“Users may think that they are receiving these emails from their friends, family and colleagues, but in fact it is a worm that has infected the sender’s computer and distributed the message,” said Graham Cluley, senior technology consultant at Sophos. “While many of these news hooks may sound totally implausible, it’s amazing how many users still allow temptation to get the better of them, and click on the infected file. The simple advice is that if you suspect there’s a breaking news story, turn on the TV or visit your favourite news website to see if it has any basis in truth.”
Hackers looking to bite the Apple in Computer Security
November 8, 2006
The Apple community has, since the beginning of time or well… atleast since its inception, has largely been immunie to attacks that regularly plague the internet community. Remember Nimda, Blaster, Slammer… yup. While you spend your time cursing Microsoft or your not so smart Anti Virus solution so prone to failure from zero day attacks, the Apple fanboys respond — they don’t have to worry about such nonsense. Apple’s general lack of concern towards viruses and malware was based on solid grounds. Their core kernel, based on secure Unix components for its underlying Operating System foundation, in itself makes the mac less vulnerable to malicious code. The other significant factor was that the Apple base wasn’t simply big enough for hackers to devote their attention to. Hackers crave attention … they want headlines also if possible bring in some moolah through their efforts among other things. The Apple community comprised of less that 5% of the overall PC market,so why not spend as much time, maybe even less creating something that will affect the remaining 95%.
However that is all changing. The iPod craze is translating into more customers for Apple. According to Apple’s most recent earning statement, Apple sold a bit north of 830,000 Macs in their last quarter, up 6% from their previous quarter. Apple’s market share is still in the single digits, but I can say for a fact that Apple is back. Thus, the slow but steady growth in the number of Mac users, is starting to make it an attractive target for malicious hackers.
And, we are starting to see this happen. This interest is translating into the discovery of more system vulnerabilities. Security vendor Internet Security Systems found that there were three times as many vulnerabilities found for the Macintosh in May of this year as there. Security supplier McAfee found that the number of vulnerabilities for the Macintosh went up 228 percent, compared to a 78 percent increase for Microsoft Windows, from 2003 to 2005.
In February 2006, the first worm designed for Mac OS X appeared. Named “OSX/Leap.A,” it is an instant messaging worm capable of infecting Mac applications. In addition, a handful of other attacks, focusing on items such as the Apple’s Safari browser and the Mac’s Bluetooth connectivity, have taken place.
In November 06, we see the release of a new worm for Apple named ‘Opener’. As first reported on The Mac Observer October 25, security experts discovered the virus entitled ‘Opener’, or ‘Renepo’ (opener spelled backwards), disguising itself as a shell script.
If you liked this article, click here to buy me a beer!Top phishing targets are Ebay and PayPal followed by Banks
November 7, 2006
PhishTank, a free community site operated by the people from OpenDNS allows anyone to submit, verify,track and share phishing data. The guys are PhishTank are highly reputed and focus on phish and phishing leaving other bad areas such as viruses, malware, spam, botnets to other communities, like Project Honey Pot(anti spam) for instance.
One of the main goals of PhishTank is to provide the community with timely phishing statistics. The following world map depicts their phishing statistics for the month of October which show that a quarter of the phishing websites are located in the US while South Korea and India finish up the top three slots.
So, what is phishing?
Phishing is a fraudulent attempt, usually made through email, to steal your personal information. Phishing emails usually appear to come from a well-known organization and ask for your personal information - such as a credit card number, social security number, account number or password. In order for Internet criminals to successfully “phish” your personal information, they must get you to go from an email to a website. Phishing emails will almost always tell you to click a link that takes you to a site where your personal information is requested. Legitimate organizations would never request this information of you via email.
From the report(phishing Ebay PayPal) we see that PayPal is the top target with 1493 valid phishes with Ebay a close second with 1210 valid phishes. Banks round up the remaning of the top ten.
If you wish to read more about Phishing and how to protect yourself from phishing by learning how to recognize a phish, check out the excellent walk through example from the folks of PhishTank.
If you liked this article, click here to buy me a beer!How to secure your corporation’s data and assets
October 31, 2006
Information Security, privacy and ensuring that a company’s confidential data remains top secret and its protection are of pivotal importance in any business. The present day corporation employs multiple layers of security, deploying firewalls, IDS, IPS, HIPS etc. However, we all have chinks in our armor and corporations are no different. Leakages tend to occur at the seams of an organization. These days, we do not hear about cases of a lonely hacker toiling away to gain access to a company’s crown jewels whether it is a coca cola recipie or sensitive code or data, there are much more easier ways to gain access to a company’s data and assets. Read on for a detailed look at the information security hazards often found at a typical office workspace. [Read more]
If you liked this article, click here to buy me a beer!Sinkholes in Network security: 5 easy steps to deploy a darknet
October 24, 2006
When system and network admins talk about plugging all the holes and securing their network of denial -of -service attacks, one of the least talked about but one of the most effective network security technique is sinkholing. So what exactly is this ’sinkholing’? This article is part 1 of a two series each expanding an implementing a different kind of sinkhole.
A sinkhole is defined as a method in which we redirect specific IP network traffic for different security reasons including analysis, diversion of attacks and detection of anomalous activities. It has long been deployed by Tier-1 ISP’s globally usually to protect their downstream customers. However, for the network administrators, sinkholes are generally deployed to provide valuable intelligence regarding the security threats their networks are facing. Read on below for more information on sinkholes and the two kinds of sinkhole implementation — darknets and honeynets and how you can use them to obtain valuable information regarding threats and misconfigurations in your network.
If you liked this article, click here to buy me a beer!
Recent Comments