If you have looked into "The onion ring", or just "Tor", you have probably wondered if it would be wise to block access from these anonymous servers (or maybe just the exit nodes). I am not gonna talk about how the encrypted Tor network works, as a great deal of info can be found "out there". Main source should be: www.torproject.org - and perhaps WikiPedia.

As a security guy (or ISA administrator maybe), you ask yourself "why do these people want to be anonymous"? In this case "anonymous" means that "they" don’t want targets on the Internet to see the originating IP address (the source). A "target" is typically a web site or some other web service.

The answer? Well, first you gotta ask yourself: "who are they"? And there’s really no good answer to that question I guess - who really knows? All we can do is guess, so let me turn these questions around: if I were to try out a hack, or some new exploit, would I do it directly over my personal WAN IP? Or would I try to "hide" my originating IP? If you look at it in that

…

The recently reported flaws discovered in Reader and Acrobat tools urged Adobe, the developer of the vulnerable solutions, to release patches in order to protect the customers of the company. If you haven’t read the advisories, you should know the holes affected Windows XP users with Internet Explorer 7 installed because the attackers tried to exploit them using malicious PDF files. According to Adobe which confirmed the existence of the flaws, the vulnerabilities affect Adobe Reader 8.1 and earlier, Adobe Reader 7.0.9 and earlier, Adobe Acrobat Professional, 3D and Standard 8.1 and earlier versions, Adobe Acrobat Professional, Standard, 3D and Elements 7.0.9 and earlier.

In order to avoid a successful exploitation of the flaw, you have to update your technologies to version 8.1.1 as Adobe implemented the patches in this latest release. (more…)

adobe, adobe acrobat professional, adobe reader 7, adobe reader 8, attackers, email attachments, email spamming, exploit, flaw, instant messengers, internet explorer 7, mail, pdf, pdf files, professional 3d, reader, Security,

Security company BitDefender rolled out a new virus definition for its antivirus technology in order to discover the malicious files used by attackers to exploit the reported vulnerabilities in Apple’s iPhones. In case you missed the news, it was said that an attacker can use a dangerous TIFF file in order to exploit the flaws from iPhone’s Safari browser. What’s most interesting is that the security holes where then used by the iPhone owners to unlock their devices and remove the restrictions applied by the Cupertino company. This way, they would be able to install any software they want without any limitation.

BitDefender reported that the flaw affects only the version 1.1.1 of the Apple iPhone firmware. Because the consumers would be able to install anything they like, they all need an antivirus technology able to defend their device against viruses and other types of malicious files which might harm their handheld. (more…)

antivirus, antivirus technology, apple, apple iphone, bitdefender, exploit, firmware, iphone, iphones, isp gateways, Mobile, new virus, security company,