InfoSec Philippines

Information Security, Technology News and Opinions

Posts Tagged ‘apple’

Info Sec News, Dec 4, 2008

Posted by Jaime Raphael Licauco, CISSP, GSEC on December 4, 2008

In a series of twists, Apple has pulled out its quietly released Anti-virus technote, stating that it was old. Noted exploit hunter Charlie Miller said that it was much to do about nothing (take note that this is the same guy that won the $10k who hacked the MacBook Air in under two minutes). On the same day that story went out, a new Apple malware was announced in SecurityPark.com. I’ll take the same line as Apple spokesman Bill Evans in saying, “Since no system can be 100% immune from every threat, running anti-virus software may offer additional protection”.

Related Apple Recommends Anti-Virus stories:
Apple anti-virus advice was nothing new
Security Focus
Heise Security
Apple’s antivirus advice ‘big to-do about nothing,’ says researcher
New Apple Mac OS X malware discovered

 


 

CSO Online Interviewed Gary Hinson a few weeks ago on the future of ISO 27000

‘Dumbing down’ the security profession

Bot-wielding hackers crash eBay holiday giveaway

SonicWALL licensing snafu short-circuits protection

Online payment site hijacked by notorious crime gang

Pentagon hacker tries one more time to avoid extradition

Botnet master sees himself as next Bill Gates

U.S. report sees major terror attack by 2013, ignores cyberattack risk

Lenovo arms ThinkPads with Intel’s built-in security

High tech attacks need high tech response


Computer systems are supposedly attacked a few minutes after going online. Here’s just another story about it: IBM in New Zealand did an experiment which resulted in an unprotected system that was rendered useless in around two hours.

Posted in ISMS, News, vulnerability | Tagged: , , , , , , , , , , , , , | Leave a Comment »

Info Sec News, Dec 2, 2008

Posted by Jaime Raphael Licauco, CISSP, GSEC on December 2, 2008

A rootkit was found in an Enterprise Information Security software, reports Heise Security and The Register.

Another vulnerability was found in the popular VLC media player. So if you can, update.

The Chicago Tribune reports that a new round of cyber attacks has the Pentagon worried. They normally get a whole number of attacks per day, however, the magnitude and way the new attacks are being done are apparently designed to specifically attack military networks. Heise also covers the same topic here and here.

The Linux on iPhone project has released the first results of its project.

Anti-virus seems to be ineffective versus new malware that makes zombies out of PCs. Stuart Staniford talks about it in his blog.

WordPress update fixes XSS vulnerability.

Google denies security hole in GMail.

Microsoft adds malware detection to its Webmaster tools. Speaking of Microsoft, a new windows worm builds a massive botnet worth around half a million computers and growing.

For the first time, Apple quietly recommended Anti Virus software in a technote. About.com has Mac Anti-Virus recommendations. iAntivirus and ClamXav are free.

Posted in News, vulnerability | Tagged: , , , , , , , , , , , | Leave a Comment »

Hack in The Box Conference 2008 Materials

Posted by Jaime Raphael Licauco, CISSP, GSEC on December 1, 2008


Amitpal Dhillon – Addressing Identity Management.pdf
3.7M


Dino Dai Zovi – Mac OS Xploitation.pdf
623K


Ero Carrera – Analysis and Visualization of Common Packers.pdf
3.7M

Hernan Ochoa – Pass-The-Hash Toolkit for Windows.pdf 535K


Jim Geovedi – Hacking a Bird in the Sky 2.0.pdf
3.1M


Julian Ho – Moocherhunter.pdf
124K


Peter Silberman – Full Process Reconstitution from Memory.pdf
144K


Alexander Tereshkin – Bluepilling the Xen Hypervisor.pdf
8.3M


Alexander Tereshkin – Bluepilling the Xen Hypervisor Demo (Large File)
142M


Eric Lawrence – IE 8 – Engineering a Trustworthy Browser.pdf
13M


Jonathan Squire – A Fox in the Hen House.pdf
3.5M


Paul Craig – Hacking Internet Kiosks.pdf
1.2M


Roberto Preatoni – Time for a Free Hardware Foundation.pdf
11M


Saumil Shah – Browser Exploits – A New Model for Browser Security.pdf
2.1M


The Grugq – How the Leopard Hides His Spots.pdf
01-Nov-2008 12:39 128K


Mel Mudin and Lee – Advanced Network Forensics Lab Demo (Large File)
29M


Charlie Miller – iPwning the iPhone.pdf
9.8M


Charl van Der Walt – Pushing the Camel Through the Eye of a Needle.pdf
23M


Ilfak Guilfanov – Decompilers and Beyond.pdf
418K


Kris Kaspersky – Remote Code Execution Through Intel CPU Bugs.pdf
1.3M


Petko D Petkov – Client Side Security.pdf
1.0M


AR Samhuri – Next Generation Reverse Shell.pdf
7.7M


Adrian Pastor – Cracking into Embedded Devices and Beyond.pdf
889K


Mary Yeoh – Security Penetration Testing at RTL Level.pdf
4.4M


Matthew Geiger – How to Build Your Own Password Cracker and Disassembler.pdf
471K


Shreeraj Shah – Top 10 Web 2.0 Attacks.pdf
1.1M


Advanced Wireless Lab (Very Large File)
1.2G


Ching Tim Meng – Detecting and Removing Malware without Antivirus Software.pdf
321K


KEYNOTE 1 – Jeremiah Grossman – The Art of Click-Jacking.pdf
2.5M


KEYNOTE 2 – Marcus Ranum – Cyberwar is Bullshit.pdf
54K


KEYNOTE 3 + 4 – The Pirate Bay Dissolving a Billion Dollar Industry as a Hobby.zip
38M

Posted in conferences, News, Whitepapers | Tagged: , , , , , , , , , , , , , | Leave a Comment »

Launching of DefCon Philippines

Posted by Jaime Raphael Licauco, CISSP, GSEC on November 24, 2008

Soft Launching of Defcon Philippines (DC3662) will be on Dec 20, 2008 with a half day event (1-6PM) at Handuraw, 460 Gorordo Avenue, Cebu City.

For more info, check out www.defconph.org.
There’s also great info in their blog section. They will be sponsored by opononline and Empress of Drac.

A couple of Blogs about this event:

  • Beyond the norms
  • cebubloggers
  • Third Wave

  • Since I posted something about Social Networks and the Philippines probably around a week back, you might want to check out the Pinoy Post Blog by Melvin Calimag over at ZDNetAsia who recently wrote an informative article about the same topic.

    Since the author seems to be one of the few writers on IT in the Philippines, I googled him and came upon this interesting article written around the start of this year.


    Other Info Sec News
  • Security update for xt:commerce Shop system
  • Obama’s cell phone records breached
  • Verizon staff break into Obama’s cell phone account
  • US Military’s ban of USB thumb drives highlights security risks
  • Buffer overflow in Vista’s TCP/IP stack
  • Microsoft to offer free security solution, discontinue OneCare. This is also related to,
    Microsoft hopes free security means less malware
  • Key Logger Spyware ordered off the market
  • Brief study shows difficulty in detecting malware
  • Apple plugs a dozen iPhone security holes
  • Computer virus brings London hospital networks to a standstill

  • New Links:

    MASE Consulting – Policies and Procedures
    Software Assurance Forum for Excellence in Code

    Posted in News, Philippines, Social Networking | Tagged: , , , , , , , , , , , , , , | Leave a Comment »