Security Watch

Beware the MSE Spoof

• By Jabulani Leffall
• 10/26/2010

Since the advent of Microsoft Security Essentials, the folks up in Redmond have aimed to convince users that the free security solution is the the safest solution because it was made for Windows products and services.
 
So far that seems to be true. Naturally, hackers are counting on that appeal.
 
Security shop F-Secure issued a warning late last week that a mischievous and malicious spoofing bug has been designed to lure MSE users into clicking on yet another fake security warning. But click on it and you'll have more than a warning:
 
"Not only does this fake tool steal Microsoft's brand, it also features a bizarre matrix display of 32 antivirus products, offering to locate you a tool that would be capable of fixing your machine as 'Microsoft Security Essentials' can't clean the malware it found," F-Secure said.
 
After the user clicks in, a multi-colored display window then lists several alternative security software programs that can clean your new "infection."
 
Among these trusty products are AntiSpySafeguard, Major Defense Kit, Peak Protection, Pest Detector and Red Cross.
 
Except for the last one, which is actually an international aid organization, the rest of these programs have one thing in common: They're faker than a three-dollar coin.
 
F-Secure offers up this comment: "Hopefully Microsoft's lawyers will find the clown behind this one. They would have a field day with him."
 
Firefox in Sheep's Clothing
A new add-on for Firefox from open source collective Mozilla, which has been increasingly competing with Internet Explorer for share in the browser segment, lets "pretty much anyone" scan a wifi network and hijack others' access to Facebook and Twitter.

Created by Eric Butler, an independent Web application developer and security researcher based out of Seattle, the add-on was unveiled, which he calls "Firesheep," this past weekend at the ToorCon Security Conference in San Diego

"This is a widely known problem that has been talked about to death, yet very popular Web sites continue to fail at protecting their users," Butler wrote in his blog, adding that although encrypted user logons are common, traffic isn't encrypted, leaving "the cookies, and the user, vulnerable."

In essence what Firesheep does is exposes unencrypted Web traffic and cookies that anyone can use to eavesdrop on browser sessions used at public wifi hot spots.
 
Firesheep works with Windows and Mac OS X versions.
 
The thinking here is that the proverbial hacker "fox" can be exposed when trying to attack the user "sheep" who are, well, using Firefox.
 
Config Debugger Free Until Halloween
Athena Security, the makers of Athena FirePAC, an enterprise firewall audit and operations tool, announced that it will make the company's Configuration Debugger, a software-based solution that network engineers can use for offline troubleshooting of service availability issues on Cisco, Check Point and Netscreen firewalls, available for a free download until Halloween.
 
Athena believes the product is necessary at a time when network administrators can typically spend many hours troubleshooting a buggy firewall in the typical enterprise IT production environment. If a network has more than one firewall, messy configurations can be a costly and time-consuming quandary to untangle and a security threat, to boot.

"The Athena Configuration Debugger is a far more convenient alternative to Cisco's Packet Tracer for applying virtual packets to troubleshoot dropped services," according to David Hurst, CTO, Athena Security in an e-mailed statement. "Firewall engineers can use this tool to quickly get to the heart of the rules that cause great confusion."

The product is available for free download until Halloween. After that, you'll have to scare up some dough to get it.