BackTrack 3 Beta - 14-12-2007

BackTrack is the most Top rated linux live distribution focused on penetration testing. With no installation whatsoever, the analysis platform is started directly from the CD-Rom and is fully accessible within minutes.
It's evolved from the merge of the two wide spread distributions - Whax and Auditor Security Collection. By joining forces and replacing these distributions, BackTrack has gained massive popularity and was voted in 2006 as the #1 Security Live Distribution by insecure.org. Security professionals as well as new comers are using BackTrack as their favorite toolset all over the globe.
BackTrack has a long history and was based on many different linux distributions until it is now based on a Slackware linux distribution and the corresponding live-CD scripts by Tomas M. (www.slax.org) . Every package, kernel configuration and script is optimized to be used by security penetration testers. Patches and automation have been added, applied or developed to provide a neat and ready-to-go environment.
After coming into a stable development procedure during the last releases and consolidating feedbacks and addition, the team was focused to support more and newer hardware as well as provide more flexibility and modularity by restructuring the build and maintenance processes. With the current version, most applications are built as individual modules which help to speed up the maintenance releases and fixes.
Because Metasploit is one of the key tools for most analysts it is tightly integrated into BackTrack and both projects collaborate together to always provide an on-the-edge implementation of Metasploit within the BackTrack CD-Rom images or the upcoming remote-exploit.org distributed and maintained virtualization images (like VMWare images appliances).
Being superior while staying easy to use is key to a good security live cd. We took things a step further and aligned BackTrack to penetration testing methodologies and assessment frameworks (ISSAF and OSSTMM). This will help our professional users during their daily reporting nightmares.
Currently BackTrack consists of more than 300 different up-to-date tools which are logically structured according to the work flow of security professionals. This structure allows even newcomers to find the related tools to a certain task to be accomplished. New technologies and testing techniques are merged into BackTrack as soon as possible to keep it up-to-date.
No other commercial or freely available analysis platform offers an equivalent level of usability with automatic configuration and focus on penetration testing.

Download - Screenshots - Documentation - Developers Log

Hackers Launch Cyberattack on Federal Labs

A "sophisticated cyberattack" has been detected at Oak Ridge National Laboratory over the last several weeks, and authorities suspect the hackers are based in China.
The breach might have compromised the personal information of thousands of visitors to the lab, according to a communiqué sent to employees.

Investigators have not been able to determine whether the attacks came from government or private entities in China.

Microsoft - IE Browser More Secure Than Firefox

It's hardly surprising that a study commissioned by Microsoft has revealed that its own Internet Explorer (IE) website browser is more secure than free open-source rival Firefox (Mozilla).

The security strategy director of Microsoft's Trustworthy Computing Group, Jeff Jones, claims that Mozilla has fixed more flaws in its browser than Microsoft during equivalent periods. That is apparently seen as evidence that Firefox is more vulnerable than IE:

"Since the release of Firefox 1.0 in November 2004, Mozilla has fixed 199 vulnerabilities in supported Firefox products — 75 high severity; 100 medium severity; and 24 low severity. In the same timeframe, Microsoft has fixed 87 total vulnerabilities affecting all supported versions of Internet Explorer — 54 high severity, 28 medium severity; and five low severity," said Jones.

Russian translation is here.

Jaak Aaviksoo, Minister of Defense, Republic of Estonia

CSIS hosted a discussion with His Excellency Jaak Aaviksoo, the Minister of Defense of the Republic of Estonia. This was on "Cyberspace: A New Security Dimension at Our Fingertips". The introduction was by Stephen Flanagan CSIS Senior Vice President and the Director, International Security Program. The moderator was James Lewis the Director of CSIS's Technology and Public Policy Program.

VIDEO (wmv, 01:07:43) AUDIO (01:07:43 mp3) TRANSCRIPT

Estonian Defense Minister Comments

PHP Inside #20

This is a new version "PHP Inside" - PHP Developer's Russian Journal. Information about it.

Download.

Hacker gets 110 years for threats on MySpace

A 33-year-old North Carolina man sentenced Friday to 110 years in prison used "tools of terror" to hack into the computers of Brevard County girls and extort nude pictures from them, an assistant U.S. attorney said.

Ivory Dickerson, a civil engineer, gained remote access to their computers, giving him the ability to type words onto their screens. He was arrested last December after girls at Rockledge High School told authorities their MySpace profiles had been hacked into and the person on the other end was demanding revealing and pornographic images.
He threatened to harm their family members, post nude pictures of them on the Web and, in one case, make a 17-year-old "the most well known girl at school" if they didn't do what he said, according to court records.

Russian translation is here.

Hackers Broke Into The Rolls-Royce Network

It has happened before, but this time, hackers bit the dust as they didn't manage to access valuable data stored on the computers. Rolls-Royce, a famous company based on the production of luxury vehicles and airplane engines, was the victim of a Chinese hack attack targeting the private data stored on the firm's computers, "TerraNet" reported citing "The Times". According to the same website, some anonymous sources told the online publication that hackers attempted to break into the computers, but they didn't manage to reach the valuable information before being disconnected.

"The Chinese -- the People's Liberation Army -- have been up to it for a good while, but it has really come to the fore recently. They tried to get inside Rolls-Royce -- their IT systems. They did not get enough inside, but it was a sufficiently big attack to get very worried. They got to the so-called not very important information before being rooted out," the anonymous source told "The Times", according to "TerraNet".

Russian translation is here.

FullCircle Magazine Issue 7

It’s that time again - another new issue!



Issue #7 has:

* Step-by-Step Ubuntu Studio install
* How-To : Simple SSH Install, A Terminal on your Desktop, Easily Convert
from Windows and Learning Scribus pt.7.
* Review : Wubi Installer
* Top 5 - Audio/Video Apps.
* Interview with the Howard County Library.
* News, Letters, Q&A, MyDesktop and more!

Get it while it’s hot!


http://www.fullcirclemagazine.org/issue-7/

Rove investigator erases his PCs - to kill computer virus

A US official overseeing a probe of former Bush aide Karl Rove has been called on the carpet after it was discovered he hired a private computer-help company to erase all the hard drives belonging to him and two deputies.

Special Counsel Scott J. Bloch bypassed his own agency's computer technicians and instead hired an outside firm to perform a seven-level wipe, all but guaranteeing the files could never be restored. Although the official said he contracted the work after suspecting his computer was infected by a virus, a manager with the private firm said a wipe that thorough is an unusual way to treat a malware infection. The receipt for the work performed makes no mention of a virus.
Bloch's office is investigating whether Rove and other White House officials improperly used government agencies to help re-elect Republicans running from Congressional seats. In turn, Bloch has been the subject of a White House-ordered probe into whether he improperly retaliated against whistle-blowers in his own staff and dismissed cases brought to his agency.
Following the revelation of the computer wipes, federal investigators have requested Bloch turn over copies of personal files that he saved to his America Online account before his hard disk was scrubbed. Bloch has refused, saying the data, which included medical information, messages to his personal attorney and pictures from his son's tours of duty in Iraq, don't involve his official work.

Bloch also says no documents relevant to any investigation have been purged. He has denied retaliating against whistle-blowers, characterizing the investigation, which began in 2005, as a "fishing expedition."

Coverage from the Wall Street Journal and The Washington Post is available here and here. ®

By Dan Goodin in San Francisco.

The New WindowSecurity.com White Paper Directory

WindowSecurity.com has just partnered with FindWhitePapers.com to launch a new White Paper directory with hundreds of white papers, focusing on Network and Computer Security and related topics. The new directory contains a number of Security white papers covering issues such as auditing, compliance, vulnerability management, perimeter hardening, and more!
The directory not only contains Security white papers but includes over 265 different categories which are frequently updated with new content. Content is provided by over 250 vendors and also includes podcasts, webcasts, case studies and analyst reports.
Relevant content can be found easily through the right hand side menu which will display related categories and content. Important documents can be saved for later in a personal space and can also be quickly shared with peers. Visitors will also be able to sign up to instant email alerts keeping them informed of all new white papers published on the topics they are interested in.

Visit the new Security White Paper directory today!

(c) WindowsSecurity

California gov site invaded by smut and malware again

Raising troubling questions about the security of America's government websites, more domains ending in .gov have been found hosting links that push porn and malware.

They include the Marin County Transportation Authority, which has has watched its site get hacked at least twice before. In early October the domain forced the shutdown of all California government websites until admins could remove the links. A week after the sites were disinfected, the rogue pointers returned.

On Friday, more than 24 hours after this post from Sunbelt Software first reported the reemergence of the links, the gov site was riddled with at least a dozen pages that, when clicked, redirected users to smut sites. Users then got a messaging saying they had to install a special codec in order to view the content. The codecs contain Trojans that install malware.
By Friday evening in California, the tainted pages were finally removed, and the executive director of the agency apologized for the problem.

The other site actively pushing smut and malware at the time of writing was USAid, a federally operated agency that extends aid to countries recovering from disasters. Perhaps they should attend to their own affairs first.

Over the past several months, the poisoning of search caches belonging to Google and other search engines has emerged as a chief tactic by miscreants in inflating rankings of their malicious websites. At the moment, Google security pros are scrambling to eradicate a flood of malicious links. Problem is, the purveyors of smut and malware are quickly able to taint the cache with a new batch of domains. The whack-a-mole battle finally prompted Google to issue this request for help from its users.

The infections of the gov sites, which are easily documented by these two Google searches (safe to click if you don't mind "porn" in your url), appear to be yet another attempt to boost the rankings of the malicious sites.

Dianne Steinhauser, executive director of the Marin County Transportation Authority, said she thought the problem was fixed in mid September, after her agency dumped its old web host, StartLogic, and contracted with a new one.

"Even though we quit any web hosting with them, they had a publicly accessible web page with our name on it," she told The Register. "They still had a web service under our name, and that was a complete surprise."

Hackers were able to create the porn- and malware-infested pages by infiltrating StartLogic's system, she said. The pages became inaccessible after her office directed the web host to remove the web-accessible service, she said.

"I am exceptionally apologetic for anyone that was contaminated by virtue of our name," she said.

Attempts to reach representatives of StartLogic and USAid were not successful. ®

By Dan Goodin in San Francisco