Cisco released its 2010 midyear security report, the report shows focus on social media. Get it from here.
Saturday, July 24, 2010
Reports, Cisco Midyear 2010
Cisco released its 2010 midyear security report, the report shows focus on social media. Get it from here.
Friday, July 23, 2010
Reports, BitDefender H1 2010
Bitdefender released 2010 H1 threat report, get it from here.
The report shows that cyber criminals are moving to Web 2.0, focusing on social media like Facebook and Twitter.
Saturday, July 10, 2010
Tuesday, June 29, 2010
Spy Software on Mobile Phones
I just noticed that there are large number of spy software easily available for almost all kind of mobile phones, blackberry, iPhone, windows, Symbian, Android or even old non-smart phones , with price range of $50 to less than $500 per year, depends on vendor and features.
Most of them offer different feature set for different flavors, so here is a summary of the common features I came across during my search:
- Remote live listening to surroundings
- Record surrounding conversation
- Call interception (with rules)
- Call recording
- GSM location tracking
- GPS tracking
- Email logging
- SMS logging
- Deleted SMS logging
- View/log photos, and videos
- Call history logging
- Control phone by SMS
- SIM change notification
- SMS notification for various activities on the phone such as turning it on or off
- Remote phone wipe
The spy software mostly offers web access with online reports.
Some are offering encrypted logs communication over GPRS/3G
installing the software require Data access (GPRS, or 3G), and also require physical access to the target phone for installation.
Detection of these tools might be possible by users if they pay attention to the following factors:
- High or unusual bill (data, SMS, or calls)
- Unusual battery drain
- Unusual flash light on some phones and some tools
Sunday, June 20, 2010
DNS sinkhole ISO image
Guy Bruneau has created a DNS sinkhole ISO image, available for 32-bit and 64-bit.
sinkhole is using 3 public lists for known bad domains (Malware Domain Blocklist, Zeus Tracker, and SRI malware list).
A step-by-step guide is available here.
I will be waiting for other lists to be added, such as Phishtank, GoogleSafeBrowsing, XSSED, and others.
DNS can be used effectively to detect and prevent infection inside a network, such as checking the cached entries on your DNS servers for bad hosts.
I do not know exactly if vendors are implementing such DNS filtering on their products, maybe on the IPS level.
update:
check this clarification on tracking the clients.
Saturday, June 19, 2010
Web Historian, Browser Forensics
Visualize web browsing history, web historian from Mandiant. Supports Firefox 2/3+, Chrome 3+, and Internet Explorer 5 through 8, collects web, cookie, download history, export data sets to XML, HTML or CSV, and many more features ...You may want to check this old comparison about different tools for browsers forensics tools, note the old version of some of these tools including Web Historian.
Monday, June 14, 2010
Subscribe to:
Posts (Atom)