InfoSec Philippines

Information Security, Technology News and Opinions

Posts Tagged ‘Physical Security’

Turn your Netbook into a Security Cam

Posted by Daniel Tumalad on November 9, 2009

“Pugad Lawin” (Hawk’s Nest) is a simple application that turns your winxp netbook (or any box with a webcam) into a security camera. You can watch your home or your office while you’re not there.

Click here to download (source included)

[Note: the executable file is only 25 kilobytes because it was coded in masm32 and it opens a port (80-HTTP) for its web interface. It does not contain any trojan or malware]

screenshot

screenshot

Quick setup:
1. Run PL.EXE
2. Choose a password
3. Choose unblock when prompted by your firewall
4. Access your webcam by opening a browser->http://your.ip.adress.here/ (It would be easier if you have DDNS)

*Requires a little config if you are behind a router/fw.

You can do plenty of “fun” stuff with this (e.g., wireless cctv, baby monitor+iphone). It’s up to the limits of your imagination, but do remember to behave. 😀

Thanks to alex, x.solis and the stare (blackberry test) for their feedbacks. This is my first time to code again in a very long time, please report if you find any bugs. 😀

[Alpha 0.2: Fixed auth-bypass bug found by sujiru]

Posted in Home Grown Apps | Tagged: , | 4 Comments »

InfoSec News, March 11, 2009

Posted by Jaime Raphael Licauco, CISSP, GSEC on March 11, 2009

Browser Security
(SC Magazine US) Firefox 3.07 update addresses multiple security issues
(H-online) Firefox: most vulnerabilities, but quickly patched
(Security Focus) Mozilla, Opera plug security holes


Malware
(SC Magazine US) Conficker worm variant kills security processes
(H-online) Conficker modified for more mayhem


Cyberwarfare
(ZDNet.com) Russia kinda-sorta owns up to Estonia cyberwar
(The Register) Russian politician: ‘My assistant started Estonian cyberwar’


Patches
(The Register) Critical kernel fix stars in Patch Tuesday updates
(Computerworld) Microsoft patches ‘evil’ Windows kernel bug
(Computerworld) Microsoft patches Windows DNS, kernel flaws
(The Register) The long road to Adobe Reader and Flash security Nirvana
(Computerworld) Adobe patches zero-day PDF bug, mum on details
(Computerworld) Bad Symantec update leads to trouble
(H-online) Norton causes alarm and despondency


Social Networking
(H-online) Twitter closes SMS spoofing hole – Updated
(H-online) Spam from compromised Twitter accounts


Other InfoSec News
(SC Magazine US) Gartner: Data breaches hit 7.5 percent of all U.S. adults
(H-online) Version 3 of Microsoft’s Threat Modeling Tool released
(Computerworld) Gmail down; outage could last 36 hours for some
(H-online) Windows Defender: False alarm triggered by hosts file
(The Register) Court rules airline secret security list is stupid
(Techworld) Security needs to be ‘baked in’ say experts
(GCN) Securing cyberspace requires a new attitude
(Stuff.co.nz) Student wiped data worth thousands
(The Register) Feds file new felonies against alleged Palin hacker


Tips
(Computerworld) Biometrics: three tips for success


Webcasts
(LogLogic) Unleashing your log power to do more with less
Date: Wednesday, March 18, 2009
Time: 2:00 p.m. EST/11:00 a.m. PST


Whitepapers
(HID) Username and Password: A Dying Security Model
(Computerworld) Social Elements of Security Policy and Messaging


Posted in Change Management, News, Security Policy, Social Networking, Webinars | Tagged: , , , , , , , , , , , , , , | Leave a Comment »

Info Sec News: Nov 18, 2008

Posted by Jaime Raphael Licauco, CISSP, GSEC on November 18, 2008

BBC Click on Biometrics

A few weeks ago BBC News Click published How biometrics could change security. The week after, they then published, “The pitfalls of biometric systems“.

Since its somewhat related to physical security, A UK fingerprint developer can read a letter from its envelope.

More news about the keyboard electromagnetic sniffing that was making the news last month:

  • From The Register Swiss boffins sniff passwords from (wired) keyboards 65 feet away
  • From BBC Keyboard sniffers to steal data
  • Video on keyboard sniffing from the very people that did the experiment can be found at COMPROMISING ELECTROMAGNETIC EMANATIONS OF WIRED KEYBOARDS.

  • The Register gives a tutorial on encrypting e-mails in, “Still sending naked email? Get your protection here“.


    Pretty sad that a UK Anti-Fraud site has crashed due to DDOS attack.

    The popular and free AVG Anti-virus has once again identified a trojan that isn’t one.

    A Vulnerability has also been discovered in the SSH Specification.

    The New York Times reports that Privacy Laws Trip Up Google’s Expansion in Parts of Europe

    The Federation of American Scientists (FAS) Secrecy blog, reports that terrorists can presumably use twitter, instant messaging, etc. The article Spy Fears: Twitter Terrorists, Cell Phone Jihadists by Noah Shachtman on Wired talks about it more.

    If you’re interested on the pdf exploit (also see below in other news), Didier Steven’s Blog, talks about Shoulder Surfing a Malicious PDF Author.

    Other News:

  • Email ruse uses Federal Reserve Bank name to drop PDF exploit
  • Cybercrime expected to ramp during holiday season
  • New attack targeting Windows Mobile phones
  • Apple issues 11 security updates for Safari browser
  • How Outsourced Call Centers Are Costing Millions In Identity Theft
  • Although somewhat unrelated, InfoSec Professionals might also be interested in this article on airport security, The Things He Carried

  • White paper on Designing and implementing malicious hardware presented at the LEET ’08

    White Hat World Webinar on 10 Reasons your Existing SIEM Sucks! This will be held on Thursday, November 20, 2008 4:00 am Philippine time.

    Posted in ISMS, News | Tagged: , , , , , , , , , , , , , , , , , | Leave a Comment »