Few days ago, it was discovered that all desktop AntiVirus products are vulnerable to a technique that Malware can use to bypass SSDT (System Service Dispatch Table) Hooking on Windows Kernel Mode Drivers, which are used by all current Antivirus Vendors.
The KHOBE Attack (Kernel HOok Bypassing Engine) has been proven effective and demonstrated against virtualy every AntiVirus product in the market today!
UPDATE (2010/05/08): Trend Micro acknowledged the issue with no time-frame for a future solution, referring it’s customers to the “Trend Micro Threat Management Services” product.
Ever wanted to pull the plug on your social networking accounts? Well the solution is here to erase your account in from Facebook, MySpace, LinkedIn or Twitter in just few minutes instead of wasting time doing it yourself, and it is called “Web 2.0 Suicide Machine“. This might even keep you away from all the SPAM, Drive-by downloads of Malware that comes from social networks!
Happy New Year 2010 everyone! The year of Quantum Computers 🙂 !
Here are some of the Malware predictions for 2010:
- Web 2.0 Sites will become the new target for Crackers (i.e. Facebook, Twitter …)
- More intelligent attacks to distribute Malware (i.e. SQL Injections, PDFs …)
- New and innovative techniques to compromise computers (i.e. Stealth Bot, USB …)
- HTML5 will enable sophisticated web applications (i.e. Video, SaaS …)
- Increased attacks via popular software (i.e. Microsoft Office, Adobe Acrobat Reader …)
- International domain names approved by ICANN will introduce more risks
Be safe by staying alert!
Recently, “Prevx” published a report stating that Microsoft released a Security Patch in November that should LockDown and tighten the security of the Registry, but that had a side effect of falsely locking down valid registry key permissions, to leave the user with a Black Screen after he/she logs into the system.
Update (2009/12/01): Microsoft Security Response Center has analyzed the issue and confirms that the Black Screen bug is not due to any of the November Security/Non-Security Updates. But, in fact it is related to a Malware/Trojan known as “Win32/Daonol“!
So, you probably own an iPhone, and you jailbroke it to support your carrier. You should lock-down your iPhone to keep the recent iPhone-Targeted Worms out of your device and to keep your information safe.
One of these solutions will keep you safe:
- Change your “root” and “mobile” user passwords
- Uninstall “OpenSSH” from Cydia/Icy
An immediate update of “Citrix OnLine Plug-In” is required in order to be safe from the recent Man-In-The-Middle Attack exploiting the newly discovered SSL/TLS Renegotiation Vulnerability.
If you are connecting to a Citrix Gateway, we recommend you update your plug-in as soon as possible from here:
Welcome to SoSecure.Org! Your source for information’s sanity!
