正當反明星組織的種種網路攻擊行動引起各方爭議時,昨日記者獲悉,變臉大師、劉德華的師父彭登懷也于近日遭受到了黑客攻 擊。他的兩個電子郵箱被黑客盜走密碼,與劉德華的多封私人郵件被盜並被貼于網路論壇上『示眾』。彭登懷昨日義憤填膺地譴責這種不道德行為,同時,不少網友 也認為,『反明星』黑客的這種行為,涉及到網路安全問題,因此容易引發爭議。
劉德華給彭登懷的賀卡
WOW!map 生活地圖被植入惡意連結,此惡意程式為 TSPY_MARAN 或 TR/PSW.OnLineGames 變種,最近有瀏覽這個網頁的網友,應該要盡速檢查自己的電腦,請各位暫時不要瀏覽這個網站,以免中毒 (此惡意程式應該會偷帳號與密碼)。
詳文請按 rogerspeaking.blogspot.com/2007/08/wowmap.html每 一個網絡都有其薄弱之處。網絡技術飛速發展,因此很難從總體上根除網絡的薄弱之處。在很多情況下,我們可以想到的最好的方法就是將薄弱之處最小化。網絡往 往由於內部的和外部的因素造成性能下降。就內部而言,網絡可能會受到過度擴張、瓶頸、外部威脅、DoS/DdoS攻擊、網絡數據截獲的影響。隨意執行命令 會導致系統功能異常、性能下降甚至系統癱瘓。實際上,最大的威脅來自於管理員對可能存在的漏洞的不正確的理解。
內部的網絡薄弱之處來自於帶寬的過度擴增(用戶需要超過了總體的資源)和瓶頸(用 戶需要超過了特定網絡部分的資源)。這些問題可以通過特定的網絡管理系統和實用程序(如traceroute)來解決,這些工具允許管理員查明網絡性能下 降的位置。網絡通信可以在網絡架構的範圍內重新進行路由選擇,以增加速度並強化功能。
外部的網絡薄弱之處
面對層出不窮的瀏覽器漏洞以及針對這些漏洞開發的各種基於Web的惡意攻擊,正在波士頓召開的Usenix安全研討會對這一問題進行了廣泛討論,與會安全專家就此提出了一種新的基於執行的惡意軟件檢測技術。
畢業於華盛頓大學的Alexander Moshchuk領導了一個研究小組,對這種技術進行了證明,並開發了一個檢測工具來過濾惡意程序。專家認為「虛擬沙盒」是一種非常有效的檢測Web應用可疑行為的檢測方法,能夠在危險降臨用戶終端瀏覽器之前將其發現。
隨著各種黑客攻擊、0-day威脅的增長,以及攻擊複雜性的加強,專家們已經不太看 好基於特徵的反病毒檢測技術,認為其不足以應付各種各樣的網絡攻擊。因此,出現了一些新的終端防護技術,以免用戶終端遭受未知漏洞攻擊。虛擬技術是被許多 專家看好的解決這一問題的技術,Moshchuk利用該技術在華盛頓大學研發了一個檢測工具,名叫SpyProxy。其有如一台虛擬機一樣坐落在用戶終端 瀏覽器和Web站點之間,下載並檢測用戶訪問的Web應用,以防禦潛在的攻擊。專家稱在秒量級時間內,SpyProxy就可以有效地對各種類型的網頁或應 用進行檢測分析,來確定該網頁是否包含各種威脅。Moshchuk是這樣說的:「SpyProxy還有一些不足之處,但毫無疑問,它是互聯網安全武器庫中 的一個有效的新武器,其以低廉花費解決了現實存在的0-day問題,並實實在在地讓Web瀏覽更加安全。」
中華數位科技及ASRC垃圾訊息研究中心發現,另一種新型態垃圾郵件:FDF SPAM正在擴散蔓延中。
ASRC研究中心高銘鍾主任表示:「FDF(Forms Data Format,Adobe Acrobat表單文檔文件) SPAM是最新竄起(2007/08/10開始爆發)。這種格式的文件雖然較PDF少用,但其格式一樣能被Adobe Acrobat Reader打開,所以文件有其通用性,而被垃圾郵件發送者運用於發送技術中,其宣傳的內容仍以股票為最大宗。」
目前世界上廣泛流傳的文件附檔SPAM有四種:PDF、DOC、XLS、FDF。文件式的SPAM會竄起,是因為其容易被開啟閱讀,又能流通於各平台中,故易於被垃圾郵件發送者廣泛應用。
HONDA 汽車台灣網站被植入惡意連結,此惡意程式為 Onlineage 變種,最近有瀏覽這個網頁的網友,應該要盡速檢查自己的電腦,請各位暫時不要瀏覽這個網站,以免中毒 (此惡意程式應該會偷帳號與密碼)。
詳文按此 rogerspeaking.blogspot.com/2007/08/honda.html國際網球雜誌中文版網站被植入惡意連結,此惡意程式為 TSPY_MARAN 或 TR/PSW.OnLineGames 變種,最近有瀏覽這個網頁的網友,應該要盡速檢查自己的電腦,請各位暫時不要瀏覽這個網站,以免中毒 (此惡意程式應該會偷帳號與密碼)。
詳文按此 rogerspeaking.blogspot.com/2007/08/blog-post_297.html
Sun Java Web Start には、バッファオーバーフローの脆弱性が存在します。
LAS VEGAS--This year's Black Hat was pretty much summed up in a prescient keynote by Richard Clarke, the nation's former cyber security czar who is now a novelist and chairman of Good Harbor Consulting. Clarke said "we're building more and more of our economy on cyberspace 1.0, yet we have secured very little of cyberspace 1.0." The apparent speed gained in Ajax (Asynchronous JavaScript and XML), which is technology that divides processing tasks between the Web server (Web site) and the Web client (browser), has opened Web 2.0 to some old-school attacks.
Nothing more clearly demonstrated this than a live hijack of a Gmail account. In a talk originally to have been presented alongside his colleague David Maynor, Errata Security CEO Robert Graham demonstrated for a standing-room-only crowd how he was able to use a tool called Hamster and Ferret to sniff the wireless airwaves for the URLs of Web 2.0 sites. While talking about another matter entirely, Graham ran the tools in the background, sniffing the wireless packets in the conference room, looking for Web 2.0 sessions cookies used by those in the audience for his talk (if, as a speaker, you ever wanted to thwart those who would be checking e-mail during your presentation, this is the tool to use). Grabbing cookies is not new. What is new is that Graham was able to grab these Web 2.0 clear text session cookies out of the thin air and then plunk the captured URL into a new browser. No password is needed; the cookie itself is enough. Toward the end, Graham opened his Hamster tool and found several likely candidates. He chose one Gmail account that had been opened during his talk. The presentation screen lit up with some poor guy's active Gmail account briefly displayed. Everyone applauded before Graham quickly wiped the information from the screen.
Should you avoid Gmail? No. If you simply change the URL in your Gmail bookmark (or any other Google-related bookmark) from http:// to https://, the Errata Security hack is no longer valid. That's not true, however, for Facebook, Hotmail, and several other Web 2.0 accounts. Graham says that while traditional Web 1.0 sites long ago learned to terminate session cookies, the cookies used on Web 2.0 sites don't expire for several years, so you could sniff accounts out of the air at your local Starbucks and months later still have access to that person's account. That's what's really scary about this new kind of man-in-the-middle attack: the victim has no idea that this is happening, and even changing the account password will have no effect. While you as an attacker can send messages, read existing messages, and even alter the look and feel of the Web mail service itself, you can't, however, lock the owner out of the account.
來源:賽迪網 時間:2007-08-06 10:08:33
日前在拉斯維加斯舉行的Black Hat黑帽駭客安全會議上,展出的一系列新軟體工具再次敲響了通過Wi-Fi無線寬頻技術使用互聯網服務的安全警鐘。
