Fake MSN Messenger 8 !!

December 30, 2005 @ 10:47 pm

From F Secure….

There is no MSN Messenger 8 yet. Not in public beta anyway. However, there’s a new virus going around pretending to be “MSN Messenger 8 Working BETA
There’s two ways to catch it. First, by downloading it from a fake site where it has been supposedly “‘eaked’:If you download and run BETA8WEBINSTALL.EXE from that site, you won’t get a new chat client. Instead, your existing MSN Messenger will start to send download links to everyone in your contact list. It also connects your machine to a botnet server. The download link always contains the recipients’ email address. For example, if you’d have a friend with email address huuhaa@foobar.com, he would get a download link like msgrbeta8.com/im.php?msn=huuhaa@foobar.com.

Category News | No Comments

Zero-Day Exploit Warning

@ 10:43 pm

Inernet Explorer on all Windows operating systems can currently be affected by what’s known as a zero-day exploit — there is no patch. Basically it uses a security hole in WMF (Windows Metafile) images which are displayed by the Windows Picture and Fax Viewer. If you go to a website that displays a WMF file, it can use the hole to download a file to your PC. So far it is being used to distribute Trojan-Downloader.Win32.Agent.abs, Trojan-Dropper.Win32.Small.zp, Trojan.Win32.Small.ga and Trojan.Win32.Small.ev.

The exploit also affects other browsers such as Firefox, except that recent versions don’t decode WMF files automatically.

The the F-Secure security blog inform that..

In our tests (under XP SP2) older versions of Firefox (1.0.4) defaulted to open WMF files with “Windows Picture and Fax Viewer”, which is vulnerable. Newer versions (1.5) defaulted to open them with Windows Media Player, which is not vulnerable… but then again, Windows Media Player is not able to show WMF files at all so this might be a bug in Firefox. Opera 8.51 defaults to open WMF files with “Windows Picture and Fax Viewer” too. However, all versions of Firefox and Opera prompt the user first.

More from F Secure

Category News | No Comments

Wiretaps “Easily Defeatable” !

December 2, 2005 @ 5:59 pm

Using commonly found off the shelf equipment a group of researchers (Micah Sherr, Eric Cronin, Sandy Clark, and Matt Blaze of University of Pennsylvania say that the most widely used analog wiretaps can be stopped entirely by simply pressing a button at home. This remote shut-off feature, which signals the government recording devices the parties have ended their calls, has been found to work even on the FBI’s new high tech “Calea” digital system.

Although the Bureau doesn’t seem too worried about it publicly, there are reports of unexplained “gaps” in surveillance tapes, suggesting that at least some citizens have been onto Big Brother’s weakness for a while now.

Need to know how it’s done?
Download here the PDF file

Actual Experiment Result :

Observed Version Here
This audio stream as captured and recorded by a Recall Technologies NGNR-2000 law enforcement loop extender wiretap system connected to Alice’s line. Note the C-tone burst at the end of the recording (which ordinarily indicates that the tapped party has hung up and which causes recording to terminate). To the law enforcement agency, this appears to be a normal recording of a brief call.

Unobserved Version Here
The full conversation between Alice and Bob, as captured by an inexpensive, consumer-grade telephone recorder interface (sold by Radio Shack) connected to Alice’s line.

Note :
For those in the Philadelphia area, these results will be presented at the Penn Computer Science Research Seminar on Thursday, December 1st, at 3pm in the Levine Hall auditorium (on the Penn campus at 3330 Walnut Street)

Category News | No Comments

Illegal Alien Busted by Googling !!

@ 1:00 am

An Iranian born guy who has been living in New York Illegally who happens to be a citizen of Canada had been updating his blog while he was an illegal alien in US. Well seems this individual went to Toronto for a few days and when he returned he was stopped at the border and the guards actually did a Google search for him. Finding his blog revealed he was violating immigration laws, he was ultimately turned away and cannot re-enter the United States for six months.

Wondering how’s he now? Why don’t you pay him a blog visit here

Category News | No Comments