Silicon Technix

After loosing  Norton AntiVirus Corporate Edition source code in 2006, now Symantec is asking its customer to stop usage of Norton/PcAnywhere which was also leaked on Internet.

The security firm said the theft occurred in 2006, compromising 2006-era version of Norton Antivirus Corporate Edition, Norton Internet Security and Norton SystemWorks and most important "pcAnywhere", which could allow malicious users to gain complete access to systems and data very easily.

Also it is intresting to add that the guy who hacked that code also released source code of Indian Spy software 

“So far we have discovered within the Indian Spy Program source codes of a dozen software companies which have signed agreements with Indian TANCS programme and CBI”

What does that mean? Indian agencies are doing signed agreements for spying using Symantec/Norton products and others???? must be those agreements are not in favor of Pakistan 🙂

"The headline is very embarrassing to Symantec,"

Anup Ghosh, founder and CEO of Virginian security firm Invincea, told FoxNews.com at the time.

"But this has now become the normal in securities. Every single corporation is susceptible to threats."

hahahah, very funny!!!!

“Symantec recommends disabling the product until Symantec releases a final set of software updates that resolve currently known vulnerability risks,” the company wrote in an online statement about the hacking.

The “The Lords of Dharmaraja”, the hacking group who authored the Pastebin note, has released the code online(last week).

Some security tips from (Ira Victor, a security expert in Nevada):-

1. Do not use a "suite" of security protection from any one firm. A mixture of best of breed security is more secure.

2. Usernames and passwords alone are not enough protection for remote access. A single-use password system makes unauthorized remote access exponentially harder for cyber criminals.

3. Do not run computers in "Administrator" mode. Run systems in "User mode" so that malware does not install automatically.

4. Businesses should deploy application "whitelisting." This will prevent unauthorized malware from running on computers.

Microsoft launched a website today designed to give users a detailed look at how secure their browser is. The site, called Your Browser Matters, automatically detects the visitor's browser and returns a browser security score on a scale of four points.

When you visit the site, called Your Browser Matters, it allows you to see a score for the browser you’re using. Well, if you’re using IE, Chrome, or Firefox—other browsers are excluded. Not surprisingly, Microsoft’s latest release, Internet Explorer 9, gets a perfect 4 out of 4

Link: Your Browser Matters

Firefox 7 isn't just about speed, there's also a long list of security patches. Surprisingly, a fix for the SSL BEAST attack is not one of them.

Mozilla is patching it's Firefox Web browser for at least 10 vulnerabilities, seven of which are rated as being "critical." Firefox 7 was released on Tuesday offering users the promised of improved performance and better memory usage.

On the security front, the Firefox 7 release provides a critical fix for what Mozilla describes as, "Miscellaneous memory safety hazards."

"Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products,"
Mozilla stated in its advisory. "Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of  these could be exploited to run arbitrary code."

There is also a critical fix for an interesting flaw that could have been triggered by having a user hold down the 'Enter' key. By holding
down the key, code could potentially be installed without a user's knowledge.

"Mariusz Mlynski reported that if you could convince a user to hold down the Enter key — as part of a game or test, perhaps — a malicious
page could pop up a download dialog where the held key would then activate the default Open action," Mozilla warned.

Other critical flaws that are fixed in Firefox 7 include potentially exploitable crashes in WebGL graphics and the YARR regular expression
library. Firefox 7 also provides a fix for a high impact flaw where cross-site scripting (XSS) could have been enabled via plugins.

There is also a fix in Firefox 7 for a flaw rated as "moderate" that is triggered by the motion of a device. Mozilla's advisory noted that a recent research paper detailed how it would be possible to inferring keystrokes from device motion data on mobile devices.

"Web pages can now receive data similar to the apps studied in that paper and likely present a similar risk," Mozilla warned. "We have decided to limit motion data events to the currently-active tab to prevent the possibility of background tabs attempting to decipher
keystrokes the user is entering into the foreground tab."

SSL BEAST

While Firefox 7 addresses multiple security issues, it is not taking specific aim at the recent disclosure of potential SSL vulnerabilities. Overall, Mozilla has publicly noted that they do not believe Firefox to currently be at risk from the SSL BEAST attack

Comodo is one of the largest SSL and Code Signing Certificate provider, some Comodo certificates were hacked earlier this year and now ComodoHacker  claimed hacking DigiNotar a Dutch Code Signing/SSL provider company.

Meanwhile, the fallout from the hack continues. DigiNotar has, in effect, lost its status as a trusted root certificate authority. Its certificates have been blacklisted by Microsoft, Google, Mozilla, and Apple.

With this hack the hacker can intercept all encrypted communications of Windows Update and other microsoft services, Gmail , Mozilla based  and Apple services without user knowledge.

Also Microsoft and Firefox  just released a security update to block all DigiNotar based certificates. (Kindly update your systems now)

ComodoHacker also justifed his attack on the Dutch certificate authority by blaming the Dutch for the murder of 8,000 muslims at Serbian hands in Srebrenica; "It's enough for Dutch government for now, to understand that 1 Muslim soldier worth 10000 Dutch government."

Here is the Interview of the Iranian Hacker who was behind Comodo and DigiNotar hacking.

Hi

I have received around 25 interview requests, I'll give response to all requests, I'll give interviews to all.

Just to make some points which I see around in internet about me and in some interview questions:

a) I'm single person, do not AGAIN try to make an ARMY out of me in Iran. If someone in Iran used certs I have generated, I'm not one who should explain.

b) This attack was really more sophisticated than simple Stuxnet worm. 0-days? I already have discovered similar bugs, trojan? I already wrote most sophisticated undetectable ring0 and ring3 rootkit (works together), signing certificates? huh, man! I have around 300 code signing certificates and a lot of SSL certs with again code signing permission, look at Google's cert, I have code signing privilege! You see? I owned an entire computer network of DigiNotar with 5-6 layer inside which have no ANY connection to internet, I have so much to explain, but later… You have to wait!

c) I still have access to 4 more CAs, I just named one and I re-name it: GlobalSign, StartCom was lucky enough, I already connected to their HSM, got access to their HSM, sent my request, but lucky Eddy (CEO) was sitting behind HSM and was doing manual verification.

d) I'm able to issue windows update, Microsoft's statement about Windows Update and that I can't issue such update is totally false! I already reversed ENTIRE windows update protocol, how it reads XMLs via SSL which includes URL, KB no, SHA-1 hash of file for each update, how it verifies that downloaded file is signed using WinVerifyTrust API, and… Simply I can issue updates via windows update! You see? I'm so smart, sharp, dangerous, powerful, etc. huh?

I'll talk about more stuff later. May I also start a web hacking course for Anonymous and Lulzsec and friends of them, Rootkit development for Stuxnet developers, 0-day vuln. assessment in Windows and Linux environment for Stuxnet developers and other hackers too. huh? What do you think?

Dutch government is paying what they did 16 years ago about Srebrenica, you don't have any more e-Government huh? You turned to age of papers and photocopy machines and hand signatures and seals? Oh, sorry! But have you ever thought about Srebrenica? 8000 for 30? Unforgivable… Never!

I heard also that Dutch government tries to gather documents and make a compliment against Iran, really? Shame on you man! Have you been in court for Srebrenica? Who should file compliment for Srebrenica? You should pay, these are consequences of Srebrenica, just know it! This is consequence of fighting with Islam and Muslims in your parliament.

WOOOOORLLLLDDD! Wait for me, you have so much more SHOCKINGS to see from me! From a person who came to this world just 21 years ago! JUST WAIT!
 

After a decade of abuse, Autorun is finally being retired in older versions of Windows.

Microsoft has finally removed Autorun function from earlier versions of its Windows operating system that has been widely abused by miscreants to surreptitiously install malware on users' computers.

Vista/Windows 7 introduces some new features like UAC and improved AutoPlay (aka Autorun) that disables certain functionality which has been abused by malware (like Conficker). These changes will be backported to down level platforms.

This functionality was made available for Windows XP, Windows Server 2003, Windows Vista and Windows Server 2008 .

Please visit the following KB article for more information and how to download the new updates http://support.microsoft.com/kb/971029 for disabling Autorun abuse.

Previous update http://support.microsoft.com/kb/967715

Want to run a Security Check on your BlackBerry? Click this link in your BlackBerry Browser