Hacker Source

Australian researcher Silvio Cesare, PhD student at Deakin University has released a tool capable of automatically detecting bugs and vulnerabilities in embedded Linux libraries. Developers may “embed” or “clone” code from 3rd party projects. This can be either statically link against external library or maintaining an internal copy of a library’s source or fork a copy of a library’s source.
The Approach of this tools is that if a source package has the other package’s filenames as a subset, it is embedded, Packages that share files are related. A graph of relationships has related packages as cliques. Graph Theory is used to perform the analysis.

Linux vendors have previously used laborious manual techniques to find holes in libraries. Debian alone manually tracks some 420 embedded packages, Cesare said at Ruxcon 2011. Silvio’s tool also automates identifying if embedded packages have outstanding vulnerabilities that have not been patched. Using this system, over 30 previously unknown vulnerabilities were identified in Linux distributions.

Keep reading

Two weeks ago Researchers at the Laboratory of Cryptography and System Security (CrySyS) in Hungary confirmed the existence of the zero-day vulnerability in the Windows kernel, according to security researchers tracking the Stuxnet-like cyber-surveillance Trojan.

The Laboratory of Cryptography and System Security (CrySyS) has released an open-source toolkit that can find traces of Duqu infections on computer networks.The open-source toolkit, from the Laboratory of Cryptography and System Security (CrySyS), contains signature- and heuristics-based methods that can find traces of Duqu infections where components of the malware are already removed from the system.

They make a release that "The toolkit contains signature and heuristics based methods and it is able to find traces of infections where components of the malware are already removed from the system.The intention behind the tools is to find different types of anomalies (e.g., suspicious files) and known indicators of the presence of Duqu on the analyzed computer. As other anomaly detection tools, it is possible that it generates false positives. Therefore, professional personnel is needed to elaborate the resulting log files of the tool and decide about further steps."

This toolkit contains very simple, easy-to-analyze program source code, thus it may also be used in special environments, e.g. in critical infrastructures, after inspection of the source code (to check that there is no backdoor or malicious code inside) and recompiling.

Download Duqu Detector

TheHackerNews.com

Microsoft issued fixes for Windows Fix Kb Duqu 2639658 from malware attacks.

Malware exploit weaknesses in the Windows system TrueType WIN32K engine. If entered into the computer as there are programs that inadvertently infected Duqu. Dugu malware can change the data, create new accounts with full privileges.

Keep reading and download the malware patch

The obituary Moamar Gadhafi made ​​the arena for distributing malware. Similar to when Osama bin Laden is dead, Internet criminals take a chance with a hot topic for the spread of malicious programs.

Antivirus company Sophos found Moamar obituaries via email inadvertently infiltrated the Internet worm or worm software. The name of the malicious files found with the name Bloody Photos_Gadhafi_Death \ Gadhafi? Rar.scr made ​​as if to is the file containing the image compression.

Fill complete message from the email worm: Keep reading

[ Thatcoin.com ]