Rodney Campbell's Blog

Phishing Sites exploded on the Web

Think the new built-in phishing filters in Internet Explorer 7 and Firefox 2 will protect your private data? Think again. The number of sites devoted to phishing skyrocketed last year, and the number people taken in by phishing schemes has nearly doubled.

HD Moore’s Presentation from FOSDEM on Metasploit (pdf)

Vista Review: Bugs and Confusion

The Register’s Thomas C. Greene offers an entertaining review of Windows Vista, noting price differences in Europe, driver compatibility issues, and security and user interface issues that affect the Vista experience.

Browser vulnerabilities and attacks will continue to mount

Even as software makers add more sophisticated security features to their browsers and rush to patch documented flaws more quickly, experts maintain that holes in the programs will continue to allow for widespread malware attacks.

Bots and DDoS attacks – a primer

Knowing the inner workings of botnets and their attack styles can help you formulate a defense — or outlast an attack.

The first AACS device key has leaked

The intense effort by the fair-use community to circumvent AACS (the content protection protocol of HD DVD and Blu-Ray) has produced yet another stunning result: The AACS Device Key of the WinDVD 8 has been found, allowing any movie playable by it to be decrypted. This new discovery by ATARI Vampire of the Doom9 forum is based on the previous research of two other forum members, muslix64 (who found a way to locate the Title Keys of single movies) and arnezami (who extracted the Processing Key of an unspecified software player) – now we  wait to see the revocation mechanism in action.

Wireless Forensics: Part One; Wireless Forensics: Part Two

The huge adoption of wireless technologies over recent years has placed wireless data (or Wi-Fi) networks, based on the 802.11 specifications, as one of the major attack vectors for organizations nowadays. This two-part series looks at the issues associated with collecting and analyzing network traffic from wireless networks in an accurate and comprehensive way; a discipline known as wireless forensics.

AACS: A tale of three keys

This week brings further developments in the gradual meltdown of AACS (the encryption scheme used for HD-DVD and Blu-Ray discs). Last Sunday, a member of the Doom9 forum, writing under the pseudonym Arnezami, managed to extract a “processing key” from an HD-DVD player application. Arnezami says that this processing key can be used to decrypt all existing HD-DVD and Blu-Ray discs. Though currently this attack is more powerful than previous breaks, which focused on a different kind of key, its usefulness will probably diminish as AACS implementers adapt.

Hackers have found a really simple solution to delivering malware

Many RSS and Atom-based feed readers and aggregators simply pull in the content from the source without first checking to see whether it might contain malicious code.

Breaking into a VPN

Sloppy configurations make for unsecured VPNs.

Yet Another Microsoft Word Zero-day

On the heels of Microsoft’s February patch release, another new zero-day attack on Word 2000/XP has been discovered.

(In)Secure Magazine Issue 1.10 (pdf)

Hack lets intruders sneak into home routers

Attackers could change the configuration of home routers using JavaScript code, security researchers at Indiana University and Symantec have discovered. They found that it is possible to change the DNS, or Domain Name System, settings of a router if the owner uses a connected PC to view a Web page with the JavaScript code. This DNS change lets the attacker divert all the Net traffic going through the router. For example, if the victim types in "www.mybank.com," the request could be sent to a similar-looking fake page created to steal sensitive data.

Translation of Macrovision CEO Fred Amoroso’s response to Steve Job’s ‘Thoughts on Music’

Funny translation From PR-Speak to English of Selected Portions of Macrovision CEO Fred Amoroso’s Response to Steve Jobs’s ‘Thoughts on Music’ – WARNING – contains adult language and drug references.

Half of pirated Vista is malware

Anyone stealing software less likely to fuss about getting 0wned.

DNS attack puts Web security in perspective

With more business apps running online, it’s time to shore up DoS prevention measures.

Javascript decoding round-up

In the recent past, we’ve shown several methods on how to unravel obstinate JavaScript codes used to convey exploits. Here’s a brief round-up of the methods we commonly use. All four methods require that you get a copy of the hostile page, preferably by use of a text-only HTML tool like wget, curl or similar (since you cannot easily download a Javascript exploit with a browser that speaks Javascript without also running the Javascript code at the same time).

5 Things the Boss Should Know About Spam Fighting

The battle for your users’ e-mail inboxes probably will never end, but it’s not a failure of technology. Experienced e-mail and system administrators share the key points they really, really wish you understood.

VMware converter – Convert Physical Machines to Virtual Machines – Free!

Use the intuitive wizard-driven interface of VMware Converter to convert your physical machines to virtual machines. VMware Converter quickly converts Microsoft Windows based physical machines and third party image formats to VMware virtual machines. It also converts virtual machines between VMware platforms. Automate and simplify physical to virtual machine conversions as well as conversions between virtual machine formats with VMware Converter.

Microsoft Security Bulletin Summary for February, 2007

Microsoft released a dozen security bulletins, including "critical" ones for its own anti-spyware and other security products. The bulletins, part of its monthly patch cycle, will provide fixes for an undisclosed number of security vulnerabilities, Microsoft said in a note on its Web site Thursday.