Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

University opens new cyber-security research centre in Canberra

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.

June 17, 2014

Click here to order the best dedicated server and at a great price.

The University of New South Wales said this morning that it has opened a new cyber-security research centre in Canberra.

The university says it's designed to bring together academia, government, defense and business expertise together and in a unified manner.

Instead of having students with an interest in computer security practise on anything they can get a network connection to, the ACCS (Australian Centre for Cyber Security) will have a “practise range” for cyber attacks and this will be outside the classified environment.

The University's press release says that the centre “combines expertise from a range of relevant communities-- political, cyber industry, defence, academic, individual and organizational users and the media.”

The ACCS's research specialities are to include “computer and network security, risk management, international politics, ethics, law and big data analytics for internet security”.

In other words, how to hack, how to prevent hacks, when it's okay to hack, and how to see whether a hack has happened in the first place.

The centre is located at the university's Canberra campus in the Australian Defence Force Academy.

In other internet security news

A scientific researcher from the RSA says he has found an entirely new trojan during his investigations of the criminal underground.

To be sure, Eli Marcus says the "Pandemiya" trojan comprises about 25,000 lines of new code. With most malware based on proven platforms, entirely new code is a rarity in the internet security world.

And Pandemiya is very nasty-- it can steal data from forms, create fake web pages and take screen shots to send back to the botmasters who deploy the malware.

Worse, the virus is modular, very pervasive and unique, thanks to its ability to inject itself into all new processes via the Windows security registry function CreateProcess API.

It even has an upgrade path-- Marcuswrites that a $1,500 version offers basic functions but a $2,000 version allows .dll file plug-ins to enhance its functionality.

A Facebook attack module is also reportedly in the works. "The advent of a freshly coded new trojan malware application is not too common in the underground," Marcus writes, adding that the modular approach means Pandemiya could become more pervasive in the near future.

Pandemiya can also sign off botnet files, a feat Marcus said helped prevent hijacking and analysis by cops and security personnel.

Dynamically encrypted communications help it to dodge network analysers. Like other trojans, Pandemiya is foisted on machines through exploit kits and drive-by infections that target security vulnerabilities in buggy software such as Java, Silverlight and Flash.

Marcus speculated that the trojan was relatively unknown until now due to its high price and new-kid-on-the-block status compared to the likes of Zeus and Citadel.

The good news is that Pandemiya can easily be removed with a little registry-tweaking and command line action.

In other internet security news

Two young Canadian teenagers have made a mockery of bank security by hacking into an automatic teller machine during a lunch break between classes.

The two 14 year olds, identified as Caleb Turon and Matthew Hewlett, broke into a Bank of Montreal ATM during school lunch by following an online manual for accessing the machine's administrator functions.

The security charade continued when the pair, after being asked by the bank's head of security for proof of their hack, simply broke back into the machine and printed off information including transaction data, surcharge profits and the total cash held in the unit.

Turon and Hewlett gained access to that data by guessing the administrator password on their first attempt, indicating the ATM had default settings enabled.

The kids took it upon themselves to perform a civic duty by dropping the surcharge for transactions to one cent and changing the welcome display screen to-- "Go away. This ATM has been hacked".

Hewlett told the Winnipeg Sun they did not expect the hack to work. "We thought it would be fun to try it, but we were not expecting it to work," he told the newspaper.

The kids may have discovered one of a handful of websites that contained very detailed documentation explaining how to access administrative functions of ATMs.

Those forums existed ostensibly to help service people to access a variety of ATM makes and models but could be used by criminals or apparently even children to break into the units.

The bank said that customer information was not compromised and it would review security of its ATMs.

In other internet security news

Microsoft has reportedly left Windows 7 exposed by only applying patches to its newest operating systems, Windows 8.

Internet security researchers discovered the flaws after they scanned 900 Windows libraries and uncovered a variety of security functions that were updated in Windows 8 but not in Windows 7.

They said that the shortcoming could lead to the discovery of zero day security vulnerabilities.

The missing safe functions were part of Microsoft's dedicated libraries intsafe.h and strsafe.h that help developers combat various attacks.

Researcher Moti Joseph speculated that Microsoft had not applied the fixes to Windows 7 to save money.

"Why is it that Microsoft inserted a safe function into Windows 8 but not Windows 7? The answer is money-- Microsoft does not want to waste development time on older operating systems and they want people to move to higher operating systems," Joseph said in a presentation at the Troopers 2014 Conference.

Microsoft has been contacted for comment, and we are still waiting to hear from the company. Together with malware analyst Marion Marschalek, the two researchers developed a capable tool dubbed DiffRay which would compare Windows 8 with 7, and log any safe functions absent in the older platform.

"It was scary simple, Marschalek said, and it was also faster than finding security vulnerabilities by hand," he added.

Security technicians could then probe those functions to identify the vulnerabilities and various exploits that could be done by potential hackers.

In a demonstration of DiffRay, the researchers found four missing safe functions in Windows 7 that also were present in 8.

"If we get one zero-day from this project, it's worth it," Joseph said. Future work will extend DiffRay's capabilities to find potential security vulnerabilities in Windows 8.1, add intelligence to trace input values for various functions and then incorporate even more intelligent signatures used to find potential security flaws. Duplicates and abundant false positives in the current version would also be ironed out.

In other internet security news

Microsoft said earlier today that it's planning to deliver at least seven security updates June 10 in its scheduled Patch Tuesday update next week.

Microsoft has posted its advance notification for the upcoming security release, which it said will consist of two critical security bulletins and five others rated as important.

According to the software giant, the critical update will address a pair of remote code execution flaws and will be considered a top deployment priority for Windows, Windows Server, Internet Explorer, Office, and Lync.

The first bulletin addresses critical security issues in Internet Explorer, while the second addresses one or more flaws in Microsoft Office and Lync (excluding Lync Server).

As is usually the case, Microsoft does not post specific details on the security vulnerabilities until after the patches have been released.

All currently supported versions of both client-side Windows and Windows Server will receive at least one bulletin rated as critical, although the Internet Explorer bulletin is considered a lower priority on Server systems where the browser is less likely to be accessible to an attacker.

Users and system administrators running Windows Vista, Windows 7, 8, 8.1, and Windows RT should consider both bulletins critical fixes and top priorities for testing and deployment.

As usual, both patches will require a reboot after their installation. The five remaining bulletins will include security bug fixes for one or more remote code execution vulnerabilities in Office, an information disclosure flaw in Windows, information disclosure issues in Lync Server, a denial of service fix for Windows, and finally, what Microsoft described as a "tampering" vulnerability in Windows.

Microsoft said that it will post the June security updates on Tuesday, June 10 at approximately 10:00 PDT. Users who have automatic updates enabled will receive the security releases directly.

However, not listed in the update is Windows XP. Microsoft has ended security update support for that version of the OS, despite it's still running on more than 27.5 percent of all PCs.

While users in Germany have come with an expensive registry hack to keep XP systems receiving updates, most users would probably be better served updating their systems and getting the additional security protections of Windows 7, which has been around since October 2009.

In other internet security news, a website that supposedly holds the cryptocurrency Dogecoin in conditions of optimal security, has gone offline.

The site now publishes the following message-- ``Notice: We apologise for the downtime, a press release will be posted here within 24 hours. Please do not transfer any funds to Dogevault addresses while our investigation is under way. Email for any enquiries.``

Then, at 8.27 AM EST the following message was posted-- ``Announcement: On May 11, 2014, the Doge Vault online wallet service was compromised by attackers, resulting in a service disruption and tampering with wallet funds. As soon as the administrator of Doge Vault was alerted, the service was halted.``

``The attackers had already accessed and destroyed all data on the hosted virtual machines. We are currently in the process of identifying the extent of the attack and potential impact on user's funds.``

``This involves salvaging existing wallet data from an off-site backup. We will also closely be investigating potential attack vectors, and determining the security breach which enabled the attacker's to compromise the service in the first place.``

``Please do not transfer any funds to Doge Vault addresses while our investigation is under way. Thank you for your patience-- we will issue an additional statement including our findings and plan of action within the next 24-48 hours. Email for any enquiries. Doge Vault.``

After Bitcoin's Mt. Gox went bankrupt not so long ago, now some observers are wondering if the same fate could happen to Dogecoin. And you can't blame them for thinking along those lines.

Speculation is rife in posts like a Reddit missive that the site was hacked, taking with it at least 950,000 Dogecoins. Another report suggests up to 111 million Dogecoins seem to have mysteriously appeared in a “mega wallet” linked to Dogevault.

With the Dogecoin to the US dollar exchange rate running at about 1000:$0.46, that's about $51,000 hardly the millions suspected to have evaporated from Bitcoin exchange Mt Gox but still a nasty lot of cryptocash to lose, nevertheless.

If Dogevault has indeed been fatally compromised it will make it harder to sustain cryptocurrency enthusiasm. Whatever the upsides of the concept, security of some participants clearly needs to be tightened, and in a very big way.

Microsoft's security department said yesterday it will release no less than eight security updates next Patch Tuesday to stop remote-code execution bugs in Windows and Internet Explorer, among other various security bugs.

Meanwhile, Adobe will issue new versions of Acrobat and Reader for this month's Patch Tuesday as well, so May 13 will be a busy day for system admins and IT departments everywhere.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.

Source: The University of New South Wales.

Click here to order the best dedicated server and at a great price.

Save Internet's URL to the list of your favorite web sites in your Web browser by clicking here.

You can link to the Internet Security web site as much as you like.

Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact
Copyright © Internet    Terms of use    Privacy agreement    Legal disclaimer

Click here to order our special clearance dedicated servers.

Get your Linux or Windows dedicated server today.

Click here to order our special clearance dedicated servers.