MAC Spoofer 2006 MAC Addresses Changer Our Rating: (Good) MAC Spoofer 2006 enables you to change (spoof) the MAC address of your network card, regardless of whether the manufactures allow this option or not. The program comes as standalone executable, no install needed. Just run it, change your MAC address and restore it to the original when you're done with testing. Freeware

As the April 15th tax filing deadline approaches, cyber fraudsters are planning their attack on online tax filers to steal confidential information. Websense, Inc. (NASDAQ:WBSN) , a global leader in web security and web filtering productivity software, today announced that Websense(R) Security Labs(TM) has seen a rise in phishing attacks via fraudulent emails and websites that spoof the Internal Revenue Service (IRS). Since December 2005, Websense Security Labs has been working together with the IRS and other organizations to investigate the rise of tax scams and better protect consumers and employee computing environments from increasingly sophisticated and dangerous internet security threats.
   
   Websense Security Labs has discovered tax attacks targeting the U.S. in several countries outside of the U.S. hosted on compromised web servers. For example, one of the largest IRS phishing campaigns claims that the taxpayer is eligible for a refund and needs to log on to a website to verify their information. Users receive one of a variety of email messages with a link to a fraudulent website. Upon accessing the spoofed tax website, the user is then forwarded to a fraudulent site that requests credit card information and other personal identifiers. The intent of these attacks is to dupe users into revealing confidential information which can be used for withdrawing funds.
   
   Phishing can present a serious security risk for consumers and organizations. Phishers are becoming more sophisticated in their deception techniques to lure employees to spoofed websites, as most employees cannot determine which is a genuine site and which is a fake. However, employees don't have to "fall for the phish" and actually enter confidential information on a phishing website to be compromised. For example, recent trends indicate that by just visiting a website, many types of phishing URLs can install spyware, such as a malicious keylogger, which has the ability to capture data including network passwords or social security numbers without their knowledge. It only takes one employee to click on a phishing site and accidentally give out confidential corporate data, customer records, network passwords, or trade secrets, to jeopardize an entire organizations' intellectual property.  Full Article

Industry’s First Ultra High-End 1GB Workstation Graphics Accelerator
Introducing the ATI FireGL V7350 with Avivo™ Technology – the ultimate graphics accelerator designed for the most complicated 3D models, the largest data sets, and highest definition textures. The FireGL V7350 delivers industry leading features and performance for the most demanding workstation users running OpenGL and DirectX based applications. ATI Technologies said Monday that it had begun shipping a workstation graphics card with a gigabyte of onboard memory.

Two versions of the card, the FireGL V7xxx series, are now shipping. In addition to the more prosaic V7300, which includes 512 Mbytes of on-board RAM for a suggested price of $1,599, is the FireGL V7350, which includes the full gigabyte for a suggested price of $1,999.

As the prices indicate, the cards are designed for high-end graphics workstations, where the additional frame-buffer memory will be used to facilitate graphics rendering for CAD and other applications.

For those with extra pocket change, however, the cards will offer the ability to drive multiple HD displays, creating images over 5,000 pixels wide, ATI said, using multiple monitors that can accept up to 16 bits of information per RGB component.

"The high clock rates of these new graphics cards, combined with full 128-bit precision and extremely high levels of parallel processing, result in floating point processing power that exceeds a 3GHz Pentium processor by a staggering seven times," ATI said.

Wavesat, developer of WiMAX chipset and software, and Sanmina-SCI, a leading global electronics manufacturing services company, announced an agreement for production and cost optimization of the WiMAX Mini-PCI. The low-cost, small-form factor WiMAX 3.5 GHz Mini-PCI modules are now available for volume delivery anywhere in the world.

The WiMAX Mini-PCI modules are based on Wavesat's recently launched WiMAX 3.5 GHz Mini-PCI reference design, and incorporates Wavesat's Evolutive DM256 chipset and MAC coprocessor. Plus, the WiMAX Mini-PCI modules are fully compliant with the IEEE 802.16-2004 standard, offer easy upgradeability to 802.16e-2005 for basic mobility applications, and support TDD and HFDD, 3.5 and 7.0 MHz bandwidths and modulation up to 64-QAM.

"We are excited to be working with a WiMAX pacesetter such as Wavesat," said David Dutkowsky, EVP for Sanmina-SCI's Communications Infrastructure Division. "Wavesat's unique WiMAX expertise and strategic positioning, in conjunction with our manufacturing capability and international presence, will result in tangible benefits for the WiMAX industry worldwide."

Recently announced in Red Herring.com, Clearwire - a so called 'start-up' - is looking to invest about $1 billion in funds to build its own WiMAX network, and plans to offer wireless broadband service over wide areas. Specifically, Clearwire is anxious to acquire spectrum and build new markets, Chief Strategy Officer Ben Wolff told RedHerring.com.

Clearwire is definitely a new firm, but with a solid history. Clearwire was founded in October 2003 by Craig McCaw, the cellular phone pioneer who sold McCaw Cellular Communications to AT&T in 1994 for more than $11 billion.

With the new capital available, Clearwire may start to compete with incumbents like Comcast and AT&T in the growing high-speed broadband Internet market. More specifically, the company could partner with satellite-TV companies who want to offer a bundle of video, voice, and data in their quest to compete with the cable and telephone companies.

Speculation on the potential pairing grew earlier this year after News Corp. Chairman Rupert Murdoch said his DirecTV company was looking for a way to enter the wireless broadband market. Clearwire was considered a leading candidate to help.

“What we like about our business plan and technology is there are a number of parties we could partner with,” said Mr. Wolff, declining to say whether the company is negotiating with DirecTV. Clearwire could even partner with wired and wireless phone companies as well, he mused.

"Building up a network like ours is very similar to building up a cellular network,” said Mr. Wolff, who is also co-president. Clearwire currently offers service in more than 200 cities and towns in the United States, Ireland, Belgium, Denmark, and Mexico. In the U.S. the company operates under the licensed 2.5 GHz band in places like Jacksonville, Florida; Modesto; California; and Bellingham, Washington.

Clearwire deploys an early, nonstandard version of WiMAX. The equipment for its network comes from its wholly owned subsidiary NextNet Wireless.

The service is considered fixed because phones or other mobile devices that work with the technology are not yet available. Nevertheless, Clearwire’s service can transmit voice and data at speeds comparable to DSL and cable. And because it is wireless, there is no need for fiber-optic cables or copper wires.

Currently the speed of the connection is up to 1.5 Mbit/second. The company charges $30 to $37 a month for the service and $5 for the modem, to a rather small number of customers.

Affordable and packed with productivity for wherever business takes you.

Wherever your life is going, this is the perfect handheld to take along for the ride. The sleek, stylishly designed Tungsten™ E2 handheld from palmOne brings your entire world to life. Your calendar, contacts, documents, presentations, photos and videos look sharper and more colorful. But just as important, its new flash memory keeps all that information safe—even if you don’t have time to recharge.

Of course, it wouldn’t be a palmOne handheld if we didn’t push the boundaries of what a handheld can do. That’s why we included Bluetooth® wireless technology for wireless connectivity. Now working and communicating will be that much easier. Taking work to go? View and even edit spreadsheets and word processing documents right on your handheld. Plus you can sync your calendar and contacts from Outlook1. And don’t forget to grab your MP3 tunes. You’re going places.

Features:

• Brighter, richer color display
  See your information clearly indoors and out. Brighter display, better color saturation brings photos and videos to life.
• Non-volatile, flash memory
  There’s more than enough room to hold your calendar, contacts, applications, photos, and even your spreadsheets or presentations. And because it’s flash memory, the information on your handheld is protected—even if you’re on the go and don’t have time to recharge.
• Built-In Bluetooth®
  Stay connected. With built-in Bluetooth® wireless technology, you can synchronize with your desktop without wires getting in the way. Use your Tungsten™ E2 handheld with a compatible phone to send email and text messages, or to check news headlines on the Web.
• Documents To Go®
  Productivity in your pocket. The Tungsten™ E2 comes with Documents To Go, which lets you carry Word, Excel, and PowerPoint files-so you can be more productive wherever you are. And with a simple conversion step, you can even view Acrobat PDFs.

Hollywood, Interrupted reports that sources inside Paramount and South Park studios say  the scheduled repeat of one of my fave South Park episodes, "Trapped in the Closet" - the one that satirizes Scientology and has R. Kelly singing to  Tom Cruise to "come out of the closet" - was pulled due to Cruise threatening parent company Viacom. Cruise reportedly threatened to pull advertising for his upcoming film, Mission: Impossible: 3  if the South Park episode was aired. 

In their long history with Comedy Central, Trey Parker and Matt Stone have never been censored, not even for their infamous "Bloody Mary episode", but Cruise throws his weight around and suddenly the boys have their mouths duct-taped? Following the news that Scientologist Isaac Hayes, who voiced The Chef on the show, quit because he was offended by the Scientology spoof, this story, if it proves to be true, doesn't really serve to make Hollywood Scientologists look like good sports, eh?

South Park has poked fun at every single religon on the planet in their bits. Did Hayes and Cruise get their panties in a twist over any of those episodes? Nope. But when Parker and Stone turn their lens to an examination of the foundations of Scientology and put Tom Cruise and John Travolta in a closet together, Cruise suddenly brings on the threats? The irony is that you can view the funnier parts of the episode on Comedy Central's website anyhow or in flash here. Parker and Stone are rumored to have been muzzled by the big dogs on the truth around the episode being pulled, but knowing those two, I wouldn't expect them to just take this sitting down. I smell a South Park episode with Cruise as a Scientology terrorist coming around the bend...

The article is a post from Schneier on Security.  Bruce Schneier, said "This" is great work by Yossi Oren and Adi Shamir:

Abstract (Summary)

We show the first power analysis attack on passive RFID tags. Compared to standard power analysis attacks, this attack is unique in that it requires no physical contact with the device under attack. While the specific attack described here requires the attacker to actually transmit data to the tag under attack, the power analysis part itself requires only a receive antenna. This means that a variant of this attack can be devised such that the attacker is completely passive while it is acquiring the data, making the attack very hard to detect. As a proof of concept, we describe a password extraction attack on Class 1 Generation 1 EPC tags operating in the UHF frequency range. The attack presented below lets an adversary discover the kill password of such a tag and, then, disable it. The attack can be readily adapted to finding the access and kill passwords of Gen 2 tags. The main significance of our attack is in its implications ­ any cryptographic functionality built into tags needs to be designed to be resistant to power analysis, and achieving this resistance is an undertaking which has an effect both on the price and on the read range of tags.

My guess of the industry's response: downplay the results and pretend it's not a problem.

GPG is an open-source version of the PGP e-mail encryption protocol. Recently, a very serious vulnerability< was discovered in the software: given a signed e-mail message, you can modify the message -- specifically, you can prepend or append arbitrary data -- without disturbing the signature verification.

It appears this bug has existed for years without anybody finding it.

Moral: Open source does not necessarily mean "fewer bugs." Bruce Schneier wrote aboutthis back in 1999.

UPDATED TO ADD (3/13): This bug is fixed in Version 1.4.2.2. Users should upgrade immediately.

Schneier on Security

Think that deleting that incriminating e-mail in your G-Mail account will save you from the feds? Think again. In a case that shows Google’s true colours, the leading search company has accepted an order from US Magistrate Judge Elizabeth Laporte to divuldge all deleted e-mails to court from Peter Baker. Every e-mail from this shareholder of Dolphin Development will now be poured over and analyzed by the Federal Trade Commision’s lawyers who are attempting to track down some money that may or may not be in Peter Baker’s possession. These records also include deleted e-mails, stored off-site by Google.

Read more:
C|Net
Elizabeth Laporte

Faster wireless telecoms may be offered to UK firms this summer, as more mobile operators have announced plans to roll out High-speed Download Packet Access (HSDPA) services, sometimes referred to as Super 3G.

Most mobile operators have now revealed their launch plans. The latest to do so is 3, which said its trials based on Nokia and NEC infrastructure are now delivering speeds up to 1.4Mbit/s – over three times faster than current 3G services based on UMTS technology. The company said it currently offers 3G coverage to 88 percent of the UK population.

The growth of HSDPA is likely to limit demand for other wireless broadband technologies such as WiMax, argued Vodafone chief executive Arun Sarin, speaking at this year's 3GSM congress in Barcelona. "I think WiMax will be less interesting after HSDPA launches," he said.

Some pundits believe that WiMax technology will be restricted to a niche role.
A report published by the Organisation for Economic Cooperation and Development (OECD) has concluded that WiMax's main use might be in areas that have poor 3G and Wi-Fi connectivity.

However, even here WiMax systems might require significant subsidies from the government before the technology could be widely used as an access mechanism, it said.

The OECD said its main reason for predicting WiMax will have only a limited role is that in some places governments have been slow to allocate spectrum, and licensees have been slow to develop services.

The report says, "The success of WiMax partially will depend on the availability of spectrum in OECD markets. Initial equipment will work in one of three main frequency ranges, 2.5GHz, 3.5GHz and 5GHz. Existing allocations of spectrum should be examined to see where space could be available for new broadband wireless technologies. Spectrum allocations should be technologically neutral."

In the UK the most likely band for WiMax is at 3.5GHz. Currently only PCCW-owned telecoms provider UK Broadband has rolled out a limited service using this band, in the Thames Valley.

Nearly four out of five online banking customers now ignore emails that purport to be from their bank, according to data commissioned by RSA.

The annual study, conducted by market researchers Infosurv, found that lack of trust in such emails had risen from 70 per cent ion 2004 to 79 per cent. Nearly two thirds of those questioned hadn't seen any drop oin the number of phishing emails they received.

The research also found that people want to have their online banking monitored, with nearly nine out of ten people saying they would be happy to be monitored while online and 59 per cent of respondents feeling that the bank should contact them if it suspects suspicious activity on their accounts.

Consumers seem to feel comfortable with the notion of their financial institution monitoring their online activity and contacting them when something suspicious is detected, just as they have become accustomed to for years in the credit card space.

Although the banking community has been making noises about introducing stronger identity management systems early progress has been slow and the survey shows little support for some products.

Less than half of those questioned felt comfortable using a hardware token to access their accounts, although nearly three quarters want some form of stronger security.

Consumers will soon be able to make their choice in the battle for the high-definition DVD format as players for the two main competing formats finally get release dates.

Toshiba has announced a March launch for its HD DVD format player, making it first to market in the new format. However, this date may be put back to April coincide with the first films to appear on HD DVD.

Warner Home Video said it will release three HD DVD films on April 18th: Million Dollar Baby, The Last Samurai and The Phantom of the Opera. Warner will follow those up with 17 other titles, including Batman Begins, Constantine, Training Day and The Matrix.

The rival Blu-ray format is set to have its first working DVD player in the shops in April. Samsung will launch its player that month, although Sony won't have its first model available until July. Sony said its BDP-S1 Blu-ray player will cost around $1,000 (£570).

However, the launch of the Blu-ray players may also be delayed until content for that platform is available. The earliest Blu-ray titles won't be released until May 23rd. In a move that will please consumers not wanting to back a doomed format, LG is creating a player that handles discs from both systems. The company has told its dealers to expect delivery of the dual-format player in autumn.

LG joins fellow original Blu-ray backer Hewlett-Packard in deciding to support both Blu-Ray and HD DVD.

The Wireless-G VPN Broadband Router is the advanced, complete networking solution for your small business, incorporating four essential networking functions in one high-powered box. First, there's the Wireless Access Point, which lets you connect Wireless-G (802.11g) or Wireless-B (802.11b) devices to the network. There's also a built-in 4-port full-duplex 10/100 Switch to connect your wired-Ethernet devices. Connect four PCs directly, or daisy-chain out to more hubs and switches to create as big a network as you need.

Third, the Router function ties it all together and lets your whole network share a high-speed cable or DSL Internet connection. And finally, the Virtual Private Network (VPN) function creates encrypted ""tunnels"" through the Internet so up to 50 remote or traveling users can securely connect to your office network from off-site, or users in your branch office can connect to a corporate network.

To protect your data and privacy, the Wireless-G VPN Broadband Router can encrypt all wireless transmissions with 128-bit WEP encryption, and also supports the industrial-strength wireless security of 802.1x authentication and authorization. The Router can serve as a DHCP Server, and has a powerful SPI firewall to protect your PCs against intruders and most known Internet attacks. It can be configured to filter internal users' access to the Internet, and has MAC or IP address filtering so you can specify exactly who has access to your network. Configuration is a snap with the web browser-based configuration utility.

As the center point of your office network, the Linksys Wireless-G VPN Broadband Router gives you the flexibility, speed, and security you need!

Features:

An Internet connection-sharing Router, Switch, and Access Point with built-in VPN endpoint capability and advanced security features

Jump start your small business network by connecting both Wireless-G (802.11g) PCs, and local wired PCs

Securely connect up to 50 remote or traveling users to your office network via VPN

Advanced Security: Wireless data encryption (WEP), 802.1X authentication and authorization support, SPI Firewall and Internet Access filtering

Technical Information:

Standards: IEEE 802.11b, 802.11g, 802.3

Ports: Internet, Ethernet (1, 2, 3, 4), Power Buttons Power, Reset

Cabling Type: UTP CAT 5

LEDs: Power, Internet, LAN (1, 2, 3, 4), Wireless-G, DMZ

Transmit Power: 19 dBm

UPnP able/cert: Able

Security Features: WEP, 802.1x Authentication

WEP Key Bits: 64, 128

Warranty: Three Year Limited

Dimensions: 7.32" x 6.89" x 1.89"

W x H x D: (186 mm x 175 mm x 48 mm)

Unit Weight: 20.11 oz. (0.57 kg)

Power: 5V, 2.5A

Certifications: FCC, IC-03

Operating Temp: 32ºF to 104ºF (0ºC to 40ºC)

Storage Temp: -4ºF to 158ºF (-20ºC to 70ºC)

Operating Humidity: 10% to 85%, Non-Condensing

Storage Humidity: 5% to 90%, Non-Condensing

The number of victims in the world's largest identity theft case could surpass one million, authorities in South Korea have reported.

Police announced this week that the number of victims of ID theft connected to the online game Lineage is between 980,000 and 1.22 million, according to the Korea Herald. 

The game's developer, NCsoft, said that, as of Sunday, it has received confirmation from over 175,000 people in South Korea that their national identity numbers have been used without their knowledge to register accounts in its Lineage series of multiplayer online role-playing games. 

As reported on vnunet., the bogus accounts were apparently used by China-based groups to generate virtual items in the game world which were then sold to gamers in exchange for real world cash.

Police now report that they have traced email addresses to China. Approximately 1,500 different IP addresses were used to connect to the illegal accounts.

New account registrations which provided a free trial period of several days could previously be obtained simply by entering an ID number into an online form. NCsoft said that it has since tightened up its registration procedures.

Previous reports estimated the number of active, legitimate Lineage accounts at between three and four million.

Despite the surprising addition of about one million new accounts in only four months, the company was slow to take action, according to local press reports. News of the unprecedented ID theft did not become public until February.

Police have suggested that the huge number of stolen Korean ID numbers could have been handed over during a legitimate business deal between Korean online shopping websites and their Chinese subcontractors.

Earlier reports blamed hackers for stealing the ID numbers from Korean websites' databases.

In a case in which damage claims could theoretically exceed $1bn, Korean lawyers are planning to sue NCsoft for $1,000 per ID theft victim in a class action lawsuit. Reports late last month said that 3,500 potential plaintiffs had joined the action so far.

The furore generated by the case has reportedly led the Korean government to strengthen ID theft penalties with a new three-year jail sentence for offenders.

The US Department of Justice and the Toronto Police have busted a major child pornography network, leading to the arrest of 27 individuals in England, the US, Canada and Australia.

US Attorney General Alberto Gonzales said at a press conference that undercover investigators had infiltrated an internet chat room being used to trade images of child pornography.

The content included live streaming video of adults sexually molesting children and infants.

"The behavior in these chat rooms, and the images many of these defendants sent around the world through P2P file sharing programs and private IM services, are the worst imaginable forms of child pornography," said Gonzales.

"This investigation is an example of how American law enforcement can and will work side-by-side with our international law enforcement partners to shut down these rings and protect young, vulnerable victims from the horrors of sexual abuse."

Gonzales added that those arrested had not yet been convicted, but that the department intended to prosecute them and others engaged in similar practices " to the fullest extent of the law".

Seven of the abused children have been identified and rescued, one as young as 18 months old. One chat room member who called himself 'Acidburn' had streamed live abuse over the internet.

The US hosts 40 per cent of the world's child pornography, according to figures released last week by the Internet Watch Foundation (IWF). Russia was the second most used country, hosting over a quarter of such images. 

Peter Robbins, chief executive of the IWF, praised US internet providers for reacting promptly when notified and taking down sites and message boards hosting such content.

He added that so much content is posted in the US because of the country's freedom of information laws.

"It is difficult to see abusing children as freedom of speech," he said. " Most US ISPs will take content down, but there's a huge amount of work to do in Russia."

Adobe is urging users of its document and graphics server equipment to harden their systems after the discovery of a critical flaw.

Danish vulnerability testing firm Secunia first reported the flaw, which it describes as 'moderately critical', in July 2005 but it has taken until now for Adobe to fix the problem. Adobe has issued an advisory on its website. 

The problem is caused when the 'saveContent' and 'saveOptimized' Adobe Document Server commands are used. This may save files anywhere on the system, including those areas with full access privileges.

"This can be exploited by sending a specially crafted Soap request to the web service to write a graphics file containing malicious JavaScript as metadata to e.g. the server's 'All Users' start-up folder," warned Secunia.

"The request can be constructed to save this graphics file with an HTA extension causing the file to be executed the next time any user logs in.

"A request containing 'loadContent' can also be sent to retrieve arbitrary graphics or PDF files from the server, potentially exposing sensitive information."

Adobe recommends adapting local access controls to mitigate against the problem, and officially thanked Secunia for bringing the issue to its attention.

The Anti-Phishing Working Group (APWG) has reported a sharp rise in the number of phishing attacks, combined with an increased sophistication among attackers.

In its monthly report (PDF) for November 2005 the APWG said that reported attacks grew to 16,882 from 15,820, the third month of growth after a slowdown over the summer.

The UK and Europe were particularly hard hit as phishers looked for new targets outside the US.

The bulk of targets are still financial companies at nearly 95 per cent of attacks in November, up from 86 per cent in October.

There is also evidence that phishers are refining their targets lists, since the number of brands attacked has fallen despite the overall increase in activity.

Almost a third of all phishing sites are hosted in the US. South Korea is the second most popular host at 11.34 per cent, reflecting the country's high levels of broadband penetration.

There is also worrying evidence that attacks are getting smarter. The APWG noted an increased in legitimate sites being cracked and used to spread malware.

"A good example of this scheme was exhibited by an attack on the ShangHai Huizhong Automotive Manufacturing Company, one of the largest car manufacturers in China," the report said.

"Crackers programmed the site to deliver key-loggers to the PCs of consumers visiting the ShangHai Huizhong site, installing a system that attempted to load and run malicious code on the visitors' PCs." 

The APWG also found a much higher percentage of domain name server redirections using Trojan software.

One example occurred when a 'security tool' was emailed out claiming to be from PayPal which, once ex ecuted, automatically redirected any attempt to access PayPal to a phishing site hosted in India.

There is also little sign that website hosting companies are getting any better at shutting down phishing sites once they are discovered. The average time such a site stayed up was 5.5 days, unchanged from October.

Web monitoring firm Netcraft has warned that a web server belonging to a state-operated Chinese bank is hosting phishing sites targeting US banks and financial institutions. 

"This is the first instance we've seen of one bank's infrastructure being used to attack another institution," said Netcraft.

The company revealed that the phishing emails sent over the weekend targeted customers of Chase Bank in the US and eBay, and were directed to sites hosted on IP addresses assigned to the Shanghai branch of the China Construction Bank. 

"The phishing pages are located in hidden directories with the server's main page displaying a configuration error," said Netcraft.

Recipients of the emails were offered the chance to earn $20 by filling out a user survey which presented a series of questions.

This was followed by a request for user ID and password so that the $20 'reward' could be deposited into the proper account.

The form also requested the victim's bankcard number, Pin, card verification number, mother's maiden name and Social Security number. Any data submitted was then sent to a free form processing service on a server in India.

One giveaway was that the URL in the phishing email used an IP address rather than a domain, typically a strong indicator of a phishing site.

Netcraft warned that the same IP address at the China Construction Bank in Shanghai was used over the weekend to host a page spoofing the eBay log-in screen.

Virus hunters have discovered a new Trojan that encrypts files on an infected computer and then demands $300 in ransom for a decryption password.

The Trojan, identified as Cryzip, uses a commercial zip library to store the victim's documents inside a password-protected zip file and leaves step-by-step instructions on how to pay the ransom to retrieve the files.

It is not yet clear how the Trojan is being distributed, but security researchers say it was part of a small e-mail spam run that successfully evaded anti-virus scanners by staying below the radar.

While this type of attack, known as "ransomware," is not entirely new, it points to an increasing level of sophistication among online thieves who use social engineering tactics to trick victims into installing malware, said Shane Coursen, senior technical consultant at Moscow-based anti-virus vendor Kaspersky Lab.

The LURHQ Threat Intelligence Group, based in Chicago, was able to crack the encryption code used in the Cryzip Trojan and determine how the files are encrypted and the payment mechanism that has been set up to collect the $300 ransom.

According to a LURHQ advisory, Cryzip searches an infected hard drive for a wide range of widely used file types, including Word, Excel, PDF and JPG images. Once commandeered, the files are zipped and overwritten the text: "Erased by Zippo! GO OUT!!!"

The Trojan then deletes all the files, leaving only the encrypted file with the original file name, followed by the "_CRYPT.ZIP" extension.

A new directory named "AUTO_ZIP_REPORT.TXT" is created with specific instructions on how to use the E-Gold online currency and payment system to send ransom payments.

The instructions, which are marked by misspellings and poor grammar, contain the following text: Your computer catched our software while browsing illigal porn pages, all your documents, text files, databases was archived with long enought password. You can not guess the password for your archived files - password lenght is more then 10 symbols that makes all password recovery programs fail to bruteforce it (guess password by trying all possible combinations).

The owner of the infected machine is warned not to search for the program that encrypted the data, claiming that it simply doesn't exist on the hard drive. If you really care about documents and information in encrypted files you can pay using electonic currency $300," the note says. Reporting to police about a case will not help you, they do not know password. Reporting somewhere about our E-Gold account will not help you to restore files. This is your only way to get yours files back.

The Trojan author uses scores of E-Gold accounts simultaneously to get around potential shutdowns, according to LURHQ, which published the complete list of E-Gold accounts in the advisory.

Officials from E-Gold, which operates out of the Caribbean island of Nevis, were not available for comment.

"Infection reports are not widespread, so it is not believed this is a mass threat by any means," LURHQ said. However, the company said social engineering malware is typically more successful when it is delivered in low volume to get around anti-virus detections.  "[M]ore attention means the likely closing of the accounts used for the anonymous money transfer," LURHQ said.

If you are anything like me, nothing will put a frown on your face like an automated phone system. This site has the solution for many of these stupid ill thoughtout phone systems that do little but make their customers angry.

Our goal is to improve the quality of customer service and phone support in the US. This free website is run by volunteers and is powered by over one million consumers who demand high quality phone support from the companies that they use.

We will soon publish a list of the best and worst mass-market consumer companies in the US based on how long it takes to get to a human on the phone and on the quality of support received.

Please help us grow our customer support ratings database by taking a moment to rate the quality of support you receive when calling a consumer company you use: "GET A HUMAN"

A8N32-SLI Deluxe motherboard has all the horsepower of other motherboards based on NVIDIA´s original single-chip nForce4 SLI implementation. However, the real sweet spot, as we expected, appears when running the board in high-end gaming applications in multi-GPU SLI configurations, and more specifically SLI-AA modes. A sensible improved heatpipe-cooler, a fully equipped BIOS and a great board-layout, endowed with all connectors which leaves nothing to be desired, turn the ASUS A8N32-SLI Deluxe into a front model.

A8N32-SLI_deluxe FlashPaper (160.88 KB)

  

Overclocking has always been ABIT's forte, and the AW8-MAX is no exception: "In the arena of overclocking, the ABIT AW8-MAX shined as well. With our Corsair 5400C4 Pro DDR2 memory, we were able to bring it up to over 800MHz on the memory bus. With Corsair 8000UL RAM, we were able to run the memory bus stable at 904MHz. Front side bus speeds of 325MHz were easily reached as well. For the Intel overclocker, the AW8-MAX is certainly a board to keep on your short list."

Abit AW8-MAX FlashPaper (179.24 KB)

Carnegie Mellon University plans to incorporate characters and animation from the popular video game "The Sims" in its free educational software that strives to make computer programming more appealing to students.

The university will use the animation to enliven the next version of Alice, a teaching program developed over the past decade and used at more than 60 colleges and universities and about 100 high schools, said Randy Pausch, a computer science professor and director of the Alice Project.

"This is not some little crumb that got tossed. This is the most valuable intellectual property owned by the largest video game maker in the world," Pausch said Friday. "For the intended demographic we're trying to teach, 'The Sims' are more valuable than the Disney library."

The Alice programming language is designed to make abstract concepts concrete for first-time programmers, using three-dimensional images of things such as people or animals that can be controlled by clicking and dragging words with a computer mouse. Those words form a program.

While Alice has proven effective, its characters and animation remain rudimentary, Pausch said. The animation is expected to transform Alice from a crude three-dimensional programming tool into a more compelling programming environment.

The effort to revamp Alice is intended to boost interest in computer programming among students, who have historically found the skill frustrating to learn.

A 2005 University of California, Los Angeles study found there had been a 50 percent drop in computer science majors over the previous four years. The proportion of women who were considering majoring in computer science fell to levels not seen since the early 1970s, according to the study.

Electronic Arts Inc., which publishes "The Sims," wants "more women in computer science, they want more minorities in computer science ... any underrepresented group. "The Sims" is a wildly popular game that lets players control virtual humans from birth until death.

One of the most commonly exploited vulnerabilities is the buffer overflow. Buffer overflows occur when too much information can be written to a predefined memory buffer, causing a program to fail.

There are many tools that let hackers exploit this vulnerability, and knowing them will help you learn how to prevent their successful use on your systems.

One such tool is Digital Monkey's Buffer Syringe, a relatively simple, minimally documented tool that lets hackers exploit buffer overflows. In fact, Buffer Syringe includes several usage examples that make implementation of the tool a snap.

Understanding how Buffer Syringe and tools like it work should give IT managers much more confidence when evaluating, for example, a Windows vulnerability assessment tool or patch management system because it will reveal the ins and outs of how the buffer overflow is constructed.

With this information, IT managers can then exact much more specific and telling information from vendors of commercial vulnerability assessment tools as to how their tools detect such weaknesses. Thus armed, it will be much easier to evaluate, select, implement and use such tools over time.

Early in the methodical stalking of an IT resource, hackers will enumerate and identify systems in a network, looking for something of interest. After identifying an interesting target, smart hackers will gently test to see if any part of a system was left in a default configuration. Such a configuration provides easy back-door entry into what might look from the front like an impregnable fortress.

For Windows systems, start with sysinternals.com, where you'll find a host of useful no-cost and commercial diagnostic tools. -http://sysinternals.com/

Go to nessus.org to become familiar with one of the most widely used vulnerability assessment tools available. Nessus can probe a wide range of server and desktop operating systems and is frequently updated. - http://nessus.org/

Google Inc.'s shares fell to their lowest levels in 4-1/2 months on Friday as analysts bemoaned recent communication miscues and its refusal to be more open about its finances.

Though analysts say they are confident of the growth outlook for Google's search advertising business and its place in the industry, they fear that public perception is turning negative for the company, which once seemingly could do no wrong.

The company has made a series of stumbles that have confused investors over whether the company is suffering from slowing growth. When a company has invested as much as google has in infrastructure as of late, it seems few remember that this type of investment takes some period to even deploy.

Google's stock touched an intraday low of $331.55 on Friday, a new low since its upward momentum was broken in January. It closed down $5.50, or 1.6 percent, at $337.50.

Analysts are forecasting a deceleration of Google's growth rate to still highly respectable levels of 50 to 60 percent for 2006 and around 40 percent in 2007. While this adjustment has many people running it is more like following the cattle. Long term growth is likely on target and in this model there will be oversurges and take the money and run investors.

But Google's do-no-evil image has come under siege by critics from many directions over the compromises it made to enter the Chinese market and the handling of its communications with Wall Street in the wake of last week's analyst meeting.

Among the missteps was the apparently unintentional disclosure of future product plans and financial targets in a Wall St presentation last week. The company has instructed investors that the financial targets were outdated and reemphasized its policy of not commenting on its outlook. This was exacerbated by hints of slowing growth that Google Chief Financial Officer George Reyes made in late February.

I have had a few requests for a bat file that can rename an zip archive as a scheduled task with the date that it renamed it. Below is the results of my effort since it worked so well I thought I would post it. This method actually does Month, Day, Year, though simply rearranging the three date blocks between the % % will give you what you want.

@E:
@cd "E:\Archive\bak_logs\"
ren Log_archive.zip %DATE:~4,2%-%DATE:~7,2%-%DATE:~10,4%-log.zip

WhoisThisDomain

domain lookup tool

Our Rating: (Good!)

WhoisThisDomain enables you to view owner and registration information for any domain name. It supports generic domains as well as country code domains, and you can look up multiple domain names at once by pasting the domain names or URLs into the input window. The results can be saved to text files or exported as HTML report. Standalone program, no install needed.

Freeware

Makers of new blue laser optical disk technology said this week that they have their sights firmly set on enterprise archiving applications currently handled by magnetic tape and even some nearline disk storage arrays.

But those same vendors are quick to admit that consumers must first warm up to the higher-capacity DVD formats before enterprises will accept them as products with enough longevity for their infrastructures.

Pioneer Electronics plans to release its first Blu-ray Disk in three weeks, Sony Corp. plans to ship its media by the end of this month, and Dell Inc. plans to launch its first Blu-ray-compatible desktop computer by midyear. Pioneer’s Blu-ray DVD disk drive will sell for $995 for a single platter disk with 25GB capacity. 

Sony Europe’s Recording Media and Energy division announced yesterday that its first Blu-ray Disk media will ship in Europe this month. The single-layer BD-RE (Blu-ray Disc Rewritable) media will be available next week and single-layer write-once BD-R (Blu-ray Disc Recordable) media will be available in April. Sony will launch dual-layer discs later this year. The single-layer BD-R and BD-RE discs offer a storage capacity of 25GB.

The new-generation media support 2X speed, which equates to a data transfer rate of 72Mbit/sec., making the discs suitable for video recording as well as data storage and file backup.

Toshiba Corp. also said yesterday that it is planning to launch its first laptop computer with an HD-DVD drive in Europe next month (See "Toshiba plans HD-DVD laptop for April").

HD-DVD and Blu-ray are two formats vying to replace current DVDs for high-definition content such as movies. Today’s DVDs can hold about 4.7GB of data, while Blu-ray Disk has a capacity of 25GB and HD-DVD can hold 15GB.

Microsoft Corp. is launching a revamped Internet search engine it says will help computer users find information faster, view it more easily and organize it better.

Debuting in test form Wednesday, Windows Live Search is Microsoft's latest move in a major strategy shift that has the world's largest software company focusing more heavily on Internet-based software and services.

The goal of the shift, which includes initiatives dubbed Windows Live and Office Live, is to create online products to complement its main cash cows: the Windows operating system and Office business software.

Windows Live Search will power queries on live.com, Microsoft's Windows Live Web site, beginning Wednesday. Once the technology has been fully tested, Windows Live Search will replace the existing search engine that powers MSN.com. MSN spokesman Adam Sohn said the company has not determined how long it will run Windows Live Search as a test.

A key goal with the new search engine will be to give people more control over how they search for information and how they put it to use once they get it, said Yusuf Mehdi, senior vice president of information services at MSN, the division that's working on Windows Live.

"A lot of people think, 'Hey, ... Didn't Google become the popular search engine? And don't they just do a great job? And there's no room for improvement.'" Mehdi said. Once people get a feel for Windows Live Search, Mehdi said, "They're going to say, 'Holy cow, I had no idea that search could get this much better!'"

The new search engine includes features such as support for tabbed Web browsing, which lets people keep several search panes open in a single window. Microsoft said other features will include:

_A search slider bar that offers previews of data in various forms, perhaps just the Internet address of a Web site, or maybe a snippet of text. As the slider is adjusted, more or less information appears.

_A "smart scroll" function that displays all search results at once rather than on separate pages.

_Various ways to view pictures, say, as small "thumbnail" shots or full-sized images, without leaving the search page.

_An ability for users to save their search parameters as macros that can be run to perform the same search in the future. Microsoft said people will also be able to publish their search macros so people with similar interests can use them.