2011 March 20-36: Articles of Interest

Security, Networking, and Industry Articles of Interest


2011-03-16 - Microsoft malware removal tool takes out Public Enemy No. 4

Microsoft finally used its Malicious Software Removal Tool to remove the fourth-biggest threat in automated program's history dating back to at least 2005.

2011-03-18 - RSA breach leaks data for hacking SecurID tokens

'Extremely sophisicated' attack targets 2-factor auth

2011-03-20 - AT&T acquires T-Mobile USA from Deutsche Telekom for $39bn

There was one GSM network, to rule them all...

2011-03-23 - Mac OS X daddy quits Apple

Bertrand Serlet, Apple’s senior vice president of Mac software engineering and the man who played a lead role in the development of Mac OS X, is leaving the company.

2011-03-23 - 'Iranian' attackers forge Google's Gmail credentials

Skype, Microsoft, Yahoo, Mozilla also targeted.

Extremely sophisticated hackers, possibly from the Iranian government or another state-sponsored actor, broke into the servers of a web authentication authority and counterfeited certificates for Google mail and six other sensitive addresses, the CEO of Comodo said

2011-03-23 - Oracle announced all software development stopped on Intel's Itanium CPU.

Red Hat was the first to pull the plug on Itanium, saying back in December 2009 that its Enterprise Linux 6 operating system, which was released last summer, would not be supported on Itanium processors.

Microsoft followed suit in April 2010, saying that Windows Server 2008 R2 and SQL Server 2008 R2 would be the final releases supported on Itanium.

2011-03-24 - Apple Mac OS X: ten years old today

OS X was the product of Apple's 1996 purchase of NeXT, a move that not only saw the acquisition of a modern operating system, but also the return of its co-founder, Steve Jobs, to the company.

Security: Taret: Linux Network Devices

Security: Target: Linux Network Devices Abstract:
Widespread use of Microsoft operating systems on the desktop and server have been increasingly exploited by malware for dubious uses. The ever growing increased use of Linux on low-end network devices have made an interesting target for malware creators. Most recently, attacks using compromised Microsoft platforms have been targeting low-end Linux network devices.

History:
Malware, which cooperates with one another over the internet have been called Botnets. They have taken over Microsoft PC's and Servers, because of their ubiquitousness, across the globe. They can be very difficult to find and destroyed, as demonstrated by the Kneber botnet. First known activity for Kneber dates back to March 2009.

As the popularity of Linux grew, the movement of malware from Microsoft platforms to Linux platforms began

In January 2008, a DNS attack on DSL modems was discovered in Mexico. The 2Wire DSL modems were targeted, re-directing people from a Mexico bank to a site falsely demonstrating itself to be a bank.

In January 2009, the Psyb0t was discovered, targeting MIPS based Linux devices.

In February 2010, the Chuck Norris Botnet targeted D-Link Linux based devices.

Sometimes, the network devices are merely used to perform distributed denial of service attacks against corporations or entire nations, as what is happening in South Korea during March 2011.

These botnets are dangerous and could be used to infiltrate other devices on a network, which are then used to gather information, for the purpose of theft or other illegal nefarious behavior.

Enter: Elf_Tsunami.R
In March 2010, a new exploit has been discovered. Elf_Tsunami.R was uncovered by TrandLab. The D-Link DWL-900AP+ is vulnerable, as well as other devices. Formerly exploited Microsoft systems infected with malware can attack and infiltrate the Linux network devices on the local area network.

Elf_Tsunami.R leverages Internet Relay Check (IRC) servers as an independent transport, after the Linux network device is infiltrated, meaning PC anti-virus software can not completely clean out your network, after cleaning your PC.

Network Management Connection:
It has long been expected that Linux would remain more secure to attacks, over Microsoft based appliances, desktops, and servers. Linux consumer based devices, however, are widely available and do not necessarily meet the stringent security requirements for Enterprise and Managed Services networking infrastructure.

Caution should be taken when employing Microsoft and Linux platforms in an Enterprise and Managed Services networking infrastructure, because of the increased use of hybrid exploits. The possibility of infecting customer networks through their implementation is not out of the question, as demonstrated by millions of globally exploited systems and devices.