Tuesday, July 29, 2008

Hacking Vista - Video at 11

Every time Microsoft releases a new version of Windows, they bill it as "the most secure Windows Ever!!!" Whatever the truth of the matter, there's no doubt that the Bad Guys are shifting to "poisoned bait" - sending documents that have been made to look important so that the recipient will open them.

Like the PDF email attachment that contains an exploit telling a CEO that his company is being sued. Or the one that targets online banking customers.

It works like this (via Orange County Register). (Video at the link - my embedding-fu is weak)

As if online banking customers didn't have enough trouble.

They Bad Guys are targeting more than just PDF: iTunes, Winzip, and Mac OS X, among others.

So what should you do? First, a personal firewall is your friend - the malware will always try to connect from your computer to the Internet. A message along the lines of "Hey, pwn3r.exe wants to connect to the Internet. OK?" gives you a chance to stop it from phoning home to the Mother Ship. Second, be very suspicious if you click on something and the application you were using crashes. This is bad security juju in general, and really bad security juju if your firewall immediately asks you about pwn3r.exe.

UPDATE 7/30/2008 12:47: Wow - it's a Tam-alanche! Welcome, and take a look around. There's a recent post on how to scrub sensitive data from your hard disk using .50 BMG armor piercing rounds!


GreatBlueWhale said...

I've always preferred hammers. (safety glasses, of course) The little bits flying about were always so much more satisfying that holes. Unless of course one used the shotgun.

Unknown said...

You REALLY want to see itty bitty pieces flying? Take the author's original suggestion and grab the .50. Practically guaranteed to put on a great show! :-)