Microsoft Malaysia Security Advisor Page e·van·gel·ist: Computers and Internet

Malaysian Prime Minister Official Website Defaced

Thu, 05 Jun 2008 06:03:45 GMT

So the goverment finally decided to raise the petrol price for Malaysians. Apart from causing massive traffic jams around the nation, the decision has also drawn protest from the undeground world. The Malaysian's PM Official website has just been defaced. I did save the print screen. Here's the link.

PMO Defaced

Europe asks ISPs to help battle cybercrime

Fri, 04 Apr 2008 07:17:46 GMT

It's only fair that ISP took the responsibility of securing the pipe instead of hand-off approach and allow just about anything to travel through thier infrastructure.

The Council of Europe have unanimously agreed to get ISP's to commit to a certain security guidelines. The attack on Estonia, although many parties have played it down, is a very clear example of how a cyber attack can cause a total shutdown of an entire nation.

Here in Malaysia, the regulatory bodies have yet to even propose such rulings. Perhap the lax approach is due to the fact, the chances of what happen to Estonia is 1 in a 1,000,000. That is a very dangerous thought, however, at the pace the regulators are moving, one cannot help to assume the above reason.

Security Focus.

Europe asks ISPs to help battle cybercrime
Published: 2008-04-02

The Council of Europe plans to vote this week on drafted guidelines that call for more cooperation from Internet service providers (ISPs) in combatting online attacks.

During the Council of Europe's Octopus 2008 Conference on Cybercrime -- which is taking place in Strasbourg, France -- participants will be asked to adopt a set of guidelines to speed response to cyberattacks and share more information, especially between Internet service providers and government agencies. The guidelines have been proposed by Estonia and other nations following the attacks on the northern European country last spring.

"The draft guidelines build upon the existing Council of Europe Convention on Cybercrime -- to which many countries in Europe and beyond have acceded -- and call for formal partnerships between Internet service providers (ISPs) and law enforcement," the Council of Europe said in a statement published about the conference.

In late April and early May 2007, massive denial-of-service attacks hobbled online communications in Estonia, a nation that depends on the Internet for much of its commerce and access to government. The attacks began on April 28, following violent clashes between the Estonian police and ethnic Russians in the country over the removal of a Red Army monument that symbolizes the defeat of Nazi Germany by the Soviet Union during World War II, but is also a reminder to Estonians of the more than four decades that the Soviets occupied the nation. Following the incident, the North Atlantic Treaty Organization (NATO) -- of which Estonia is a member -- began evaluating whether such attacks should trigger the treaty's clause for common defense, Article 5.

The latest guidelines, and the request for ISPs to share data with government, worries many privacy experts, according to a report on the issue by the International Herald Tribune. More information on the conference is available from the Council or Europe's Web site.

If you have tips or insights on this topic, please contact SecurityFocus.

Search Engine for Microsoft Bug

Thu, 03 Apr 2008 09:28:30 GMT

I recently found this google-like search engine for Microsoft Bug.

http://www.bugs.ms/

Have a go!

Defeating Full Disk Encryption

Wed, 26 Mar 2008 02:35:42 GMT

Just when most individuals and organization recognize Full Disk Encryption as 'the' protection for storage, researchers at Princeton has already found a way aroud to crack FDE. However, in order for this hacking to work, one must have physical access to the laptop and the laptop is ON,wheter in sleep mode or hibernation. Every single Disk Encryption solution are vunerable from TrueCrypt, Checkpoint PointSec and Microsoft's Bitlocker.

So, it's back to the drawing board for storage security. No security measure are absolute, it's only time delaying.

U.K agency loses sensitive data on 25m people - FDE could have help.

Fri, 23 Nov 2007 07:48:26 GMT

Full Disk Encryption is fast becoming a common security standard for organization. A few storage maker have also encroporated the feature in thier hardware not to mention companies like Microsoft which includes FDE in the new Vista. By deploying FDE, it reduces the risk of data leak from stolen storage or laptop tremendously.

U.K. agency loses sensitive data on 25m people
Published: 2007-11-20

The head of HM Revenue & Customs, the United Kingdom's tax agency, resigned on Tuesday, taking responsibility for a massive data leak that potentially put the sensitive personal details of 25 million people at risk.

The resignation was announced the same day that the agency acknowledged that a disk with the personal details of 25 million people failed to arrive at its destination on October 18, after it was sent through internal government mail. The information on the disk -- the financial details of nearly 25 million adults and children that received government benefits -- was not encrypted but protected by a simple password, according to an article in the Times Online.

In resigning, Chairman Paul Gray took responsibility for the lapse in security and a number of similar incidents where sensitive information was sent through the mail.

"Ensuring that our customers and stakeholders can trust how we handle sensitive information is one of our most important responsibilities," Gray said in a statement. "Given my overall accountability for the way the Department operates I have concluded that, as a result of the recent failings, it is right for me to decide to stand down."

The news of the data breach comes more than a year after a similar incident in the United States. In May 2006, the U.S. Department of Veterans Affairs announced that a stolen laptop had put sensitive information about 26.5 million U.S. veterans and their families at risk. Authorities found the laptop about two months later and stressed their believe that the data was not compromised. The Secretary of Veterans Affairs Jim Nicholson did not resign at the time, but gave notice a year later citing plans to join the private sector. The data lost by HM Revenue & Customs included the parents' and children’s names and dates of birth, the family's address, their National Insurance number and, in some cases, financial details regarding payments for Child Benefits, the agency stated. Britain's Independent Police Complaints Commission (IPCC) has begun to investigate the missing disks.

Half-million database servers at risk, survey says

Mon, 19 Nov 2007 04:20:40 GMT

Nearly a half million Oracle and Microsoft SQL database servers could be vulnerable to attack because they are not protected by a firewall and the majority do not have the most recent patches, security researcher David Litchfield told reporters this week.

The estimate is based on a survey of 1,160,000 Internet addresses that extrapolated the results to the Internet at large, according to the ZDNet Zero Day blog. The survey found that 157 Microsoft SQL servers and 53 Oracle servers were not protected by firewalls and used estimates of the Internet's size to calculate that some 368,000 Microsoft SQL servers and 124,000 Oracle servers are open to remote attack, according to an article in PC World.

At least 82 percent of the Microsoft SQL servers were running an older version of the operating system, while 13 percent of the Oracle servers were versions no longer supported by the software maker, the study found.

"I think it's terrible," Litchfield told PCWorld. "We all run around like headless chickens following these data breach headlines (but) organizations out there really don't care."

Both Microsoft and Oracle databases have been targeted in the past by flaw finders, including Litchfield. In 2003, the Slammer worm, which attacked Microsoft SQL Server software, compromised hundreds of thousands of systems, including computers at the Davis-Besse nuclear plant in Ohio. Litchfield and other researchers have criticized Oracle for its perceived slow pace of patching. In 2006, plans for a month dedicated to disclosing Oracle bugs was scuttled.

In 2005, Litchfield published a survey that found approximately 140,000 unprotected Oracle servers and 210,000 unprotected Microsoft servers. Litchfield plans to release the latest study on his Web site on Monday.