From the F-Secure Weblog:
Data Security Summary - January to June 2006: "It's midyear and time for our semiannual data security summary. Mikko's video (13min) was shot on our office roof for this occasion. It was a very fair, sunny day in Helsinki.
The wrap-up is available here, and includes a variety of video formats as well as audio. Download it for your iPod or other media device.
The video's topics include: Twenty Years of Viruses, WMF Exploit, Nyxem, Macintosh Viruses, Rootkits, Mobile Viruses, and Spear Phishing. Mikko looks very earnest in the video, but don't panic, that's probably due to the brightness of the sun."
From the great folks @ SANS ISC:
Field Day Exercise, (Sat, Jun 24th): "Over this weekend, ham radio operators (who aren't at the World Cup) are participating in an annual emergency communications preparations exercise known as Field Day (http://en.wikipedia.org/wiki/Field_day). It emphasizes the use of emergency and alternative power sources. In the spirit of this exercise I'm running on backup power today to determine how long my setup will last and work out the bugs.
It has not been going smoothly today, but that's the point of the exercise I suppose.
How long can your critical systems operate without grid power?"
Sudo For Windows, (Fri, Jun 23rd): "One of my colleagues sent me a URL today of an interesting utility I have been wishing I had for a while in the Windows environment that I thought I would share with you this evening. For those of us that learned Unix systems administration prior to dealing with the Windows environment, sudo was one of those tools that made it much easier to compute more safely. Well, sudo is now available for the Windows operating system as well. This tool is somewhat different from the RunAs command in that you use your own passphrase (with the right configuration) to elevate the privledges while running a particular application. For those Unix geeks out there, RunAs is probably likened to su in some respects. So if you were ever looking for a Sudo for windows, take a look at http://sudowin.sourceforge.net/ ."
Malware propagation information from microsoft., (Thu, Jun 22nd): "Microsoft recently released a report on the statistics they are collecting via MSRT.
If you need to know what kinds of malware is being detected and removed by the Malicious software removal tool this is a great report. It only covers windows of course but that makes sense.
There is a nice executive summary but please read beyond that. One security trade publication clearly misread the summary and posted a misquote (62% of computers infected with backdoor). That is not what the report states. The 62% number is the percentage of machines that had malware removed from them by MSRT AND had a backdoor installed on them. Restated more then of the machines where an infection was detected and removed also had remote control backdoors on them. No surprise there really. Although there are ways for the hackers to use a system without a backdoor tool installed for the most part the hackers want to be able to remotely upgrade and control systems they have compromised.
[Follow link above for full story]
The dangers of shared web hosts, (Tue, Jun 20th): "A reader alerted us today about yet another web server compromise, affecting a large number of domains. In this particular case, the server was hosted with iPowerWeb, a provider of low cost web space on shared servers.
Space on a shared server is ok for personal use. But you should think twice before using it for commercial, in particular business critical use. Your web sites security will depend on a few hundred other users on the same system doing the right thing. A bad php script on one virtual server could lead to a compromisse of all web sites hosted on the same system.
If you have to use a virtual host, try to follow these tips to make things 'as secure as possible':
[Follow link above for full story]
Colophon: Cobbled together with Google Reader & Nvu.