MRA Consultants has been trading for over 20 years, during this time I have built up a reputation for service, reliability and value for money. A small sample of local business I serve include  Maryport Bodyworks Centre, ABI Motor body Repairs, Taylors Joinery And Plastics, West Cumbria domestic Violence, Distington Community Centre, Macs Removals Ltd .Engineering Pipework Services Ltd, Distington club for young people, Ewanrigg Community Centre, CMS, Robin Dargavel Ltd, Lake District Coast Aquarium as well as countless numbers of individuals. Over 99% of my business comes from referrals. I was the first in the area to pioneer no fix no fee and no call out charges.

Virus Bulletin news

VB2014 preview: keynote and closing panel

Vulnerability disclosure one of the hottest issues in security.

In the proceedings of the 24th Virus Bulletin conference, the words 'vulnerabilty' and 'vulnerabilities' occur more than 200 times. I think there is no better way to demonstrate how important a topic this is.

Some approach vulnerabilities from a purely defensive point of view: how do we make sure our software detects exploits of vulnerabilities? Or even at a meta level: how do we test such software?

Others are worried about vulnerabilities in the software they develop, while yet another group of people spend their time trying to find such vulnerabilities. To bring these latter two groups together, bug bounties have become an increasingly common way to reward responsible disclosure.

Few know more about bug bounties than Katie Moussouris ( @k8em0). While working for Microsoft, she was instrumental in introducing the company's bug bounty programme. In her current role, as Chief Policy Officer at HackerOne, she helps other companies deal with vulnerability response and set up bug bounty programmes, most recently Twitter .

Read more (6 paragraphs)

VB2014 preview: Apple without a shell - iOS under targeted attack

FireEye researchers show a large attack vector for Apple's mobile operating system.

In the weeks running up to VB2014 (the 24th Virus Bulletin International Conference), we are looking at some of the research that will be presented at the event. Today, we look at the paper ' Apple without a shell - iOS under targeted attack', by FireEye researchers Tao Wei, Min Zheng, Hui Xue and Dawn Song.

Whether you believe its success is because of superior products or merely superior marketing campaigns, Apple has once again made the headlines with the announcement of a new product. The Apple Watch is a wearable device that will be running the latest version of the company's mobile operating system, iOS.

Apple's millions of devoted fans regularly cite the company's security track record. In a recent conference preview we looked at various ways malware can persist on OS X, but the track record of iOS is stronger, with very few known malware cases. True, we recently published a paper on 'AdThief', which infected 75,000 iOS devices, but these were all jailbroken.

However, in their paper, the FireEye researchers look at how Apple's enterprise program provides a surprisingly large attack vector.

Read more (11 paragraphs)

DNS cache poisoning used to steal emails

Call to use end-to-end encryption and to deploy DNSSEC.

DNS is sometimes called 'the phone book of the Internet'. If true, then it is a phone book that makes it relatively easy to be tricked into calling someone else.

Whether it is through using social engineering to hijack a DNS account at a gullible registrar, or through DNS cache poisoning, occasionally someone loads a website that wasn't the one they asked for. This is embarrassing and potentially costly for the website owner. It can also lead to malware being served.

But DNS doesn't only tell web browsers where to go. It is used for many other Internet protocols, including email. Being able to modify DNS responses means you can control where mail is sent.

When an email is sent over the Internet, the sender's mail server needs to find the recipient's mail server. This takes two DNS lookups: first, the MX record for the recipient's domain is requested, which returns one or more domains of the inbound mail server. The A record of one of these domains is then requested to find the corresponding IP address.

Read more (12 paragraphs)

Paper: Prosecting the Citadel botnet - revealing the dominance of the Zeus descendent: part two

Aditya K. Sood and Rohit Bansal study the malware's behaviour when ran on a physical machine.

Last week, we published the first part of the paper 'Prosecting the Citadel botnet - revealing the dominance of the Zeus descendent'. In it, researchers Aditya K. Sood and Rohit Bansal looked at the design and implementation of the infamous Citadel botnet, as well as the admin panel used by Citadel's botheders.

Today, we publish the second part of the paper. In it, Aditya and Rohit analyse a new sample of the malware. Obtaining suh as sample wasn't trivial, as the malware targets only certain countries and regions and they had to try various VPN servers in different locations before they were successful.

Then they allowed the malware to install, initially in a virtual environment. However, this failed: rather than connecting to the real command and control server, Citadel made various bogus DNS requests in an attempt to confuse researchers. This behaviour is common in today's malware; we wrote about it in much detail a few weeks ago, when we previewed James Wyke's VB2014 paper.

Bogus DNS traffic sent when the botnet detects it is running inside a virtual environment.

Read more (4 paragraphs)

Left-to-right override makes a return in spam

Trick shows that spammers still try to beat content-based filters.

A decade ago, when spam had become a serious issue, most spam filters tried to block the unwanted emails based on their content. This resulted in a cat-and-mouse game between spammers and spam filters, with the former constantly looking for new ways to obfuscate the content of their messages.

To help those developing spam filters, anti-spam researcher John-Graham Cumming (now Programmer at CloudFlare, and a member of VB's advisory board) put together the Spammers' Compendium: an overview of tricks used by spammers to confuse filters. Since 2008, Virus Bulletin has hosted the Spammers' Compendium.

These days, spam filters look at far more than just the content of the email and not without success: as we have regularly pointed out in our vbspam tests, spam filters have become pretty good at filtering spam.

However, content filtering is still taking place and spammers are still using obfuscation techniques. Brian Bebeau, a researcher at Trustwave spotted a spam that used left-to-right override (LTRO) to obfuscate the text in a phishing email.

Read more (5 paragraphs)

Telephone 01900516363
Visitors to this page : 6,739

Digital Solutions  for Cumbria

 

 

Mobile 07944982166