12/31/2005

New IM Worm Exploiting WMF Vulnerability

Filed under: — Aviran Mordo

It was only a matter of time, the first IM-Worm exploiting the wmf vulnerability has been spotted.

There are multiple reports from the Netherlands about an IM-Worm which spreads via MSN using a link to “http://[snip]/xmas-2006 FUNNY.jpg”.
This may well turn out to become a local epidemic(in NL), however so far it has not become big.(Not even 1000 bots at this moment)

The jpg is actually an HTML page with a (link to a) malicious wmf file.

This wmf will download and execute a .vbs file which is detected as Trojan-Downloader.VBS.Psyme.br which in turn will download an Sdbot. The IRCBot is detected as Backdoor.Win32.SdBot.gen by KAV.

At the time of writing this SdBot is instructed to download an IM-Worm.Win32.Kelvir variant. As you will know Kelvir is responsible for spreading across MSN.

Looking at this IRCBot it’s extremely likely that it has been made for cyber criminals.

Dial MMS for Marijuana

Filed under: — Aviran Mordo

A teenage drug-dealing network that promoted its wares using MMS messages has been busted after a mother found incriminating messages on her child’s mobile. Massachusetts police arrested six local teenagers last week following a tip-off for a parent of one of the gang’s intended marijuana customers, according to local reports.

Police reckon the hi-tech dope dealers called prospective customers to arrange sales prior to sending picture messages of the merchandise. “They had a lot of proprietary enthusiasm,” Sgt. Daniel Devine told The New Britain Herald. “They would email a picture of the drugs and a message to kids in town on their cell phone, and then the kids in Farmington would send the photo and message to all their friends to notify them of the upcoming sale.”

The scheme was exposed after a parent spotted a picture advertising a sale on her child’s phone. She notified the police who busted the teens during a morning sale in a raid that netted “less than a pound of marijuana”, several hundred dollars, drug paraphernalia and mobile phones seized from a car.

Source: The Register

Apple iPod designer named in Queen’s honour list

Filed under: — Aviran Mordo

The chief designer of Apple Computer Inc.’s phenomenally popular iPod digital music player was named on Friday in the Queen’s Honours List.

London-born Jonathan Ive, 38, Apple’s senior vice president of design, on Friday was awarded the title of Commander of the Most Excellent Order of the British Empire (CBE) by Queen Elizabeth.

The title recognizes Ive’s achievements in industrial design as leader of the team that produced not only the iPod but also the iMac, iBook and Powerbook computer lines in his nearly 13-year career at Cupertino, California-based Apple.

Source: Reuters

Hackers Rebel Against Spy Cams

Filed under: — Aviran Mordo

When the Austrian government passed a law this year allowing police to install closed-circuit surveillance cameras in public spaces without a court order, the Austrian civil liberties group Quintessenz vowed to watch the watchers.

Members of the organization worked out a way to intercept the camera images with an inexpensive, 1-GHz satellite receiver. The signal could then be descrambled using hardware designed to enhance copy-protected video as it’s transferred from DVD to VHS tape.

The Quintessenz activists then began figuring out how to blind the cameras with balloons, lasers and infrared devices.

And, just for fun, the group created an anonymous surveillance system that uses face-recognition software to place a black stripe over the eyes of people whose images are recorded.

Source: wired

12/30/2005

Anti-Virus Protection for WMF Flaw Still Inconsistent

Filed under: — Aviran Mordo

Days after the revelation of a flaw in Windows’ handling of WMF graphics files, dozens of exploits are being spread from thousands of adware sites. But good protection is available.

At the same time, further testing confirms that a workaround issued by third parties and endorsed by Microsoft Corp. is effective in most regards, and in the most important circumstances, but not in all. Also, the workaround has side effects that could prove troublesome.

AV-Test, which tests anti-malware products, has been tracking the situation closely and has, so far, analyzed 73 variants of malicious WMF files. Products from the following companies have identified all 73:

  • Alwil Software (Avast)
  • Softwin (BitDefender)
  • ClamAV
  • F-Secure Inc.
  • Fortinet Inc.
  • McAfee Inc.
  • ESET (Nod32)
  • Panda Software
  • Sophos Plc
  • Symantec Corp.
  • Trend Micro Inc.
  • VirusBuster

These products detected fewer variants:

  • 62 — eTrust-VET
  • 62 — QuickHeal
  • 61 — AntiVir
  • 61 — Dr Web
  • 61 — Kaspersky
  • 60 — AVG
  • 19 — Command
  • 19 — F-Prot
  • 11 — Ewido
  • 7 — eSafe
  • 7 — eTrust-INO
  • 6 — Ikarus
  • 6 — VBA32
  • 0 — Norman

The difference for the more effective products is likely to be heuristic detection, tracking the threat by identifying the basic techniques of the exploit, rather than looking for specific patterns for specific exploits.

Source: eweek

Times Square New Year’s Eve Ball to Use LEDs in 2006

Filed under: — Aviran Mordo

Since 1907 Times Square New Year’s Eve Ball has been rolling down to mark the arrival of a new year. The Royal Philips Electronic will mark the switch from traditional lighting to solid-state LEDs with a charity auction of 100 of the light bulbs used in this year’s ball.

One-hundred percent of the winning bid on the auction will benefit the American Red Cross Disaster Relief Fund. The charity auction, part of the company’s “Next Year is brought to you by Philips” advertising campaign, will take place from 30 December 2005 to 6 January 2006.

From 2006 the Times Square New Year’s Eve Ball will use an advanced, environmentally responsible solid-state lighting (SSL) LEDs.

Source: geekzone

Google AdSense Trojan Discovered

Filed under: — Aviran Mordo

Hackers have developed a Trojan horse program that produces fake Google ads posing as the real thing. The as-yet unnamed Trojan replaces legitimate ads served via Google AdSense with promos for penis pills, porn sites and the like.

The ads are incorporated in Google AdSense, the program that lets website owners display ads from Google’s list of advertisers. The Trojan Horse apparently downloads itself onto an unsuspecting computer through a web page and then replaces the original ads with its own set of malicious ads.

Since the Trojan Horse makes the deceptive ads look like normal Google ads, the program was nearly impossible to detect by the general public. However, Raoul Bangera, an Indian web publisher, discovered the bogus program and contacted the Google AdSense team. Bangera emailed the team a number of cases, including various screenshots, log files of an infected computer and system files as proof. The AdSense team validated the news saying, “We can confirm from the screenshots that these are fake Google ads, formatted to look like legitimate ads. We agree that this phenomenon is likely the result of malicious software installed on your computer.?

Source: techshout

Gyroscopes that can detect cancer

Filed under: — Aviran Mordo

Cancer-detecting biosensors developed by a Newcastle University-led consortium have attracted major European funding.

A vibrating disc no bigger than a speck of dust could help to diagnose and monitor common types of cancer and provide specialists with information about the most appropriate therapy.

The European Union has awarded international researchers, led by the University of Newcastle, a 12m euro grant to develop the biosensor technology, which is based on micro-gyroscopes.

The research team aims to produce a hand-held device which would enable samples of blood, smear or biopsy to be tested quickly and accurately, for signs of cancer of the breast, cervix, colon or rectum.

The device would identify ‘cancer specific markers’ - proteins or other molecules produced by cancer cells - which vary according to the type of cancer and are distinct from proteins produced by healthy cells.

The researchers have manufactured discs less than one-tenth of a millimetre in diameter and coated them with special patterns of DNA or proteins which cause the cancer-specific markers to bind to the surface.

Source: 999today

Professor Builds Computer Models for Wine

Filed under: — Aviran Mordo

Distinguishing fine wine from plonk is usually left to connoisseurs and winemakers, who rely on their senses, rough chemical measurements and the whims of nature to produce an exceptional tipple. But a Carnegie Mellon University professor, working with industry scientists in Chile, is hoping that computer models will identify the traits of good wine to help vintners produce more of it.

Lorenz “Larry” Biegler, who teaches chemical engineering at the university, is working on mathematical formulas to automate the fermentation process, adjusting ingredients and conditions to ensure robust flavors and higher yields from grape harvests.

Source: AP

U.S. to Probe Contractor’s Web Tracking

Filed under: — Aviran Mordo

Unbeknown to the Bush administration, an outside contractor has been using Internet tracking technologies that may be prohibited to analyze usage and traffic patterns at the White House’s Web site, an official said Thursday.

David Almacy, the White House’s Internet director, promised an investigation into whether the practice is consistent with a 2003 policy from the White House’s Office of Management and Budget banning the use of most such technologies at government sites.

“No one even knew it was happening,” Almacy said. “We’re going to work with the contractor to ensure that it’s consistent with the OMB policy.”

The acknowledgment came a day after the National Security Agency admitted it had erred in using banned “cookies” at its Web site. Both acknowledgments followed inquiries by The Associated Press.

The White House’s Web site uses what’s known as a Web bug to anonymously keep track of who’s visiting and when. A Web bug is essentially a tiny graphic image - a dot, really - that’s virtually invisible. In this case, the bug is pulled from a server maintained by the contractor, WebTrends Inc., and lets the traffic analytic company know that another person has visited a specific page on the site.

Source: AP

Nanotech in Microchips by 2015

Filed under: — Aviran Mordo

Molecular electronics, a realm once considered science fiction, could be heading for our computers and devices sooner than thought. A new report on the technology roadmap of the chip industry finds a growing confidence in new nanotechnology, and forecasts that the transition to the post-silicon era could happen by 2015. The development of nanoswitches has already reached a point where it will be possible to manufacture them reliably at low cost. Intels goal over the next decade is to build chips that hold more than one trillion switches.

Source: Slashdot

12/29/2005

Intel to Unveil Massive Branding Strategy

Filed under: — Aviran Mordo

Intel New LogoIntel Corp. is launching a new corporate and brand identity that will include a reworked company logo, a change in its ubiquitous “Intel Inside” stickers and a shift away from the Pentium name for its microprocessors.

The changes, which will be formally announced Tuesday, come as the world’s largest chip maker tries to market itself less as a chip outfit and more as a provider of platforms, such as its Centrino technology for notebook computers or its upcoming Viiv for entertainment PCs.

“This evolution will allow Intel to be better recognized for our contributions, establish a stronger emotional connection with our audiences and strengthen our overall position in the marketplace,” said Eric Kim, Intel’s chief marketing officer.

In one move, the company is removing the familiar dropped “e” from its logo, which has been little changed since the company was founded in 1968 by Gordon Moore and Robert Noyce. And like the recently revamped AT&T Inc. logo, the letters that make up “Intel” appear in lower case.

Intel also is simplifying the “Intel Inside” stickers that first appeared on PCs in 1991 under then CEO-Andy Grove. But the marketing program in which Intel subsidizes PC makers who use Intel chips and stickers will continue, Intel spokesman Bill Calder said.

Intel, based in Santa Clara, also is announcing that its next-generation processors for mobile computers will be called “Core” rather than “Pentium M.” Processors with a single computing engine will be known as “Core Solo,” while chips with two engines will be called “Core Duo.”

Eventually, it’s expected Intel will completely retire the Pentium brand that was introduced in 1993.

The company’s logo will also include a tag line, “Leap ahead.” It’s “a simple expression that declares who we are and what we do,” said Kim, who joined Intel last year from Samsung.

Source: AP

Powered by WordPress