http://www.secureworks.com/research/threats Information security threat analysis from the research team at SecureWorks. http://www.secureworks.com/research/blog/index.php/2010/6/23/dedicate-a-separate-computer-for-online-safety Some of the advice regarding the adoption of live CDs targets those who have never used a Live CD and are interested in learning how. That is definitely not the average user. The average user is not going to use a live CD until it's handed to them free of headaches, especially not as long as individual financial liability is as limited as it is or until after their identity is actually ruined. http://www.secureworks.com/research/blog/index.php/2010/6/23/dedicate-a-separate-computer-for-online-safety http://www.secureworks.com/research/threats/big-boss http://www.secureworks.com/research/threats/big-boss http://www.secureworks.com/research/blog/index.php/2010/6/22/space-weathers-role-in-return-to-stone-age-greatly-exaggerated The Space Weather Enterprise Forum was held on June 8, 2010, at the National Press Club in Washington, DC. NASA, The National Aeronautic and Space Administration (NASA) and the National Oceanic and Atmospheric Administration (NOAA) are the two U.S. agencies that track space weather in near-earth space and are the stars of this conference. http://www.secureworks.com/research/blog/index.php/2010/6/22/space-weathers-role-in-return-to-stone-age-greatly-exaggerated http://www.secureworks.com/research/threats/zeus http://www.secureworks.com/research/threats/zeus http://www.secureworks.com/research/blog/index.php/2010/6/18/cyber-security-preparedness-for-the-2010-g-20-summit Canada will soon host the G-20 summit in Toronto, Ontario. The G-20, short for the "Group of Twenty Finance Ministers and Central Bank Governors", meets to discuss policy and issues affecting international financial stability that are larger in scope than any one member country's area of responsibility. http://www.secureworks.com/research/blog/index.php/2010/6/18/cyber-security-preparedness-for-the-2010-g-20-summit http://www.secureworks.com/research/threats/blackenergy2 http://www.secureworks.com/research/threats/blackenergy2 http://www.secureworks.com/research/blog/index.php/2010/6/10/windows-help-center-0-day-arbitrary-command-execution The SecureWorks CTU(SM) is closely monitoring a 0-day vulnerability in multiple Microsoft Windows operating system releases. The vulnerability lies in how Windows handles hcp:// URLs, used to access help documents. An attacker may create a malicious hcp:// URL and distribute it to victims via an HTML web page, e-mail message, document, or a variety of other attack vectors. Successful exploitation of this vulnerability may allow an attacker to execute arbitrary commands, which may result in total system compromise. http://www.secureworks.com/research/blog/index.php/2010/6/10/windows-help-center-0-day-arbitrary-command-execution http://www.secureworks.com/research/threats/opachki http://www.secureworks.com/research/threats/opachki http://www.secureworks.com/research/blog/index.php/2010/5/4/dont-panic-dnssec-isnt-do-or-die Recent rumors that the Internet is doomed are just as overblown as all the rest, except perhaps when AOL started letting its users onto the Internet - a fate from which the Internet never really recovered. The current rumor relates to DNSSEC (also known as Domain Name System Security Extensions), which cryptographically signs DNS results. http://www.secureworks.com/research/blog/index.php/2010/5/4/dont-panic-dnssec-isnt-do-or-die http://www.secureworks.com/research/threats/windows-0day http://www.secureworks.com/research/threats/windows-0day http://www.secureworks.com/research/blog/index.php/2010/4/30/effective-new-techniques-for-identifying-bittorrent-users This week we saw the proceedings of the 3rd USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET '10). Past years had seen the release of plenty of novel and groundbreaking research, so expectations were high. A group of researchers from I.N.R.I.A. in France published an impressive paper on new techniques for identifying and tracking users of the BitTorrent protocol titled, "Spying the World from Your Laptop: Identifying and Profiling Content Providers and Big Downloaders in BitTorrent" http://www.secureworks.com/research/blog/index.php/2010/4/30/effective-new-techniques-for-identifying-bittorrent-users http://www.secureworks.com/research/threats/ppi http://www.secureworks.com/research/threats/ppi http://www.secureworks.com/research/blog/index.php/2010/4/28/your-malware-settings-may-have-changed An overview of a malicious script (Emold downloader trojan) that was delivered to many email addresses Tuesday evening and Wednesday morning. http://www.secureworks.com/research/blog/index.php/2010/4/28/your-malware-settings-may-have-changed http://www.secureworks.com/research/threats/clampi-trojan http://www.secureworks.com/research/threats/clampi-trojan http://www.secureworks.com/research/blog/index.php/2010/4/27/redaction-reminder Last week, embattled former U.S. Governor of Illinois Rod Blagojevich filed a motion to subpoena President Barack Obama. The motion had some of the allegations against the President redacted. The redaction was done simply by superimposing black bars over some of the text. http://www.secureworks.com/research/blog/index.php/2010/4/27/redaction-reminder http://www.secureworks.com/research/threats/ffsearcher http://www.secureworks.com/research/threats/ffsearcher http://www.secureworks.com/research/blog/index.php/2010/4/21/are-your-browser-trusted-cas-considered-critical-vendors Your web browsers by default trust many organizations you're probably not familiar with. Many are located in countries overseas - some in not so friendly areas of the world. But what diligence has your organization done on these companies, if any? This may represent a security hole that doesn't show up in your risk assessments. http://www.secureworks.com/research/blog/index.php/2010/4/21/are-your-browser-trusted-cas-considered-critical-vendors http://www.secureworks.com/research/threats/virut-encryption-analysis http://www.secureworks.com/research/threats/virut-encryption-analysis http://www.secureworks.com/research/blog/index.php/2010/3/31/consumer-electronics-now-arriving-certified-pre-p0wn3d On March 5, 2010, Energizer and US-CERT announced that some consumer Energizer DUO USB battery chargers had shipped with a malicious software trojan. The hardware device is used to charge Nickel Metal Hydride (NiMH) batteries from both a wall outlet and USB connection. http://www.secureworks.com/research/blog/index.php/2010/3/31/consumer-electronics-now-arriving-certified-pre-p0wn3d http://www.secureworks.com/research/threats/dns-amplification http://www.secureworks.com/research/threats/dns-amplification