Month: April 2011

ElcomSoft Co. Ltd. researched Nikon’s Image Authentication System, a secure suite validating if an image has been altered since capture, and discovered a major vulnerability in the manner the secure image signing key is being handled. In turn, this allowed the company to extract the original signing key from a Nikon camera. The vulnerability, when exploited, makes it possible to produce manipulated images with a fully valid authentication signature. ElcomSoft was able to successfully extract the original image signing key and produce a set of forged images that successfully pass validation with Nikon Image Authentication Software.

ElcomSoft has notified CERT and Nikon about the issue, and prepared a set of digitally manipulated images passing as originals when verified with Nikon’s secure authentication software. Nikon has provided no response nor expressed any interest in the existence of the issue.

• Press release: ElcomSoft Discovers Vulnerability in Nikon’s Image Authentication System
• A set of forged images that are successfully passing validation
• ElcomSoft Corporate Blog: Some Technical Details; World’s Famous Hoax Photos

This is a Copy of the Notice ElcomSoft posted being cross posted to show an important security issue.

Date: April 27, 2011
Time: Noon – 1 PM ET

I will be presenting Planning for a cyber disaster makes recovering from one much easier. Still, as important as disaster planning is, it’s often overlooked or put off until it is too late. In this webinar, Global Knowledge instructor Jay Ferron will discuss planning for the unexpected, and he’ll teach simple tricks to reduce your company’s downtime before, during, and after a disaster.

Using a fictional company as an example, Jay will walk you through the disaster planning process a security professional should use.

Outline

• What a disaster is
• How to plan
• Techniques to reduce the impact of a disaster
• What BCP is
• Five rules for creating a good disaster plan
• Testing your disaster plan
• Funding the plan
• How and where to get help with your disaster planning process

To attend this session click here

I will be presenting at TechEd  May 15 – 19 in Atlanta.

May 15 10:30am-12:30pm           

WCL271-WRK – Introduction to Testing and Remediating Win32 Apps

In this instructor-led workshop, we enhance your skills at troubleshooting and remediating issues with Windows-based applications. We walk you through the process of surfacing and understanding the problem, troubleshooting the root cause, developing and testing remediation options, and providing recommendations on the potential solution options. The lab exercises are designed to be as real-world as possible (you may be troubleshooting real applications!) to help you to practice and develop your ability to overcome issues related to the migration from Windows XP to Windows 7.

Product/Technology: Windows® 7

Audience: Designer, Web Developer/Designer

May 15 1:00pm-3:00pm               

WCL272-WRK – Introduction to Testing and Remediation Web Apps

In this instructor-led workshop, we enhance your skills at troubleshooting and remediating issues with web-based applications. We take you through the process of surfacing and understanding issues with version checks, rendering, ActiveX controls, and scripting, discuss the options for resolving them, and along the way discover and practice using many of the tools that we use daily in troubleshooting Windows-based applications. The lab exercise are designed to be as real-world as possible, to help you to practice and develop your ability to overcome issues related to the migration from Internet Explorer 6 to Internet Explorer 8.

May 15 3:30pm-5:30pm               

WCL272-WRK-R – Introduction to Testing and Remediation Web Apps

(see above description)

May 17 8:30am-10:15pm             

WCL271-WRK-R – Introduction to Testing and Remediating Win32 Apps

(see above description)

May 17 1:30pm-3:00pm               

WCL272-WRK-R2 – Introduction to Testing and Remediation Web Apps

(see above description)

 

This free study guide covers material in the three Windows Server 2008 R2 Exams:

• 70-640 Windows Server 2008 Active Directory Configuring
• 70-642 Windows Server 2008 Network Infrastructure Configuring
• 70-646 Windows Server 2008 Administrator R2

Windows Server 2008 R2 is the core server platform for companies transitioning to Windows 7 and the cloud. It is designed to capitalize on the move to virtual platforms, providing new web tools, management utilities and scalability enhancements that save organizations of all sizes time and money.

Click here

 

Microsoft is back in the US for another Springboard Series Tour! If you never attended this event and it local you should go. May 2 – Toronto | May 4 – Detroit | May 6 – Chicago | May 9 – Indianapolis | May 11 – Dallas | May 13 – Columbus The Springboard Series Tour is back! This 6 city tour brings the top product teams from Microsoft to you. We understand the questions and issues that IT pros deal with every day. How do I manage end users bringing consumer devices into the office? Should we look to the cloud for key solutions? Should I virtualize? What are the best tools to manage application compatibility and deployment? The Springboard Series Tour brings the experts and the answers. Join us for a full day’s deep dive into the tools, solutions and options to help you do more with less. We will cover managing the flexible workspace, a first look at Windows Intune and Office 365. We’ll also show you some of the new Windows Slates and give you details around Microsoft’s strategy for Slate devices. We will preview  the new tools in the MDOP 2011 suite, a deep dive into managing and deploying Office 2010 and great tips and tricks to help you deploy Windows 7 and move your users from Windows XP with speed and ease. REGISTER NOW and save your seat for this free day of technical demos, Q&A sessions, and real-world guidance from Microsoft experts. www.springboardseriestour.com Technorati Tags: Springboard Series Tour

Here is another example of how 1 small problem can affect many customers.

Late last week, Epsilon detected that customer information of a subset of Epsilon’s email clients had been exposed by an unauthorized entry into its email system. The affected clients represent approximately 2% of Epsilon’s total client base.

The data stolen from Epsilon — names and email addresses — isn’t considered as sensitive as social-security and credit-card numbers. But security experts warn that a cybercriminal could still use the information to commit fraud, especially if they know which email addresses are associated with customers of particular businesses.

The Secret Service is investigating this breach and people who receive spam should report it to phishing-report@us.cert.gov.

The Epsilon computer system was accessed by an unauthorized party. College Board customer first and last names and email addresses may have been obtained. The College Board sent out a warning about opening links and attachments from unknown senders and spam.

UPDATE (4/3/2011): In addition to The College Board, about 50 businesses who were clients of Epsilon at some point have also been affected. Customer names and email addresses from the following businesses were exposed:

Companies that use Epsilon include;

1-800-Flowers

AbeBooks

AIR MILES Reward Program (Canada)

Ameriprise

Barclays Bank of Delaware (Barclay’s L.L. Bean Visa card)

Beachbody

bebe

Best Buy

Best Buy Canada Reward Zone

Benefits Cosmetics

Brookstone

Capital One

Citi

City market

College Board

Dillons

Disney Destinations (The Walt Disney Travel Company)

Eddie Bauer Friends

Eileen Fisher

Ethan Allen

Food 4 Less

Fred Meyer

Fry’s

Hilton Honors

Home Shopping Network (HSN)

Jay C

JPMorgan Chase

King Soopers

Kroger

Lacoste

Marriott Rewards

McKinsey Quarterly

MoneyGram

New York & Company

QFC

Ralphs

Red Roof Inn

Ritz-Carlton Rewards

Robert Half International

Smith Brands

Target

TD Ameritrade

TiVo

US Bank

Visa (Barclays Bank of Delaware/L.L. Bean Visa, BJ’s Visa)

Walgreens

As of 4/4/2011, Epsilon estimates that the breach affected about 2% of its clients.

 

If you are new to PowerShell, I found some good tutorial exercises here.

Addition links for PowerShell tools and scripts and blogs

• Learn PowerShell Live: March 28–April 1, 2011 go here

• 2011 Scripting Games: All Links on One Page can be found here

BLOGS

• Jonathan Medd  blog is Here
• The Windows PowerShell Team blog here
• The Windows PowerShell Script Center here

Additional Docs- Windows Power Shell Owner guide is found here

Neat tool – PowerGUI, a graphical user interface and script editor for Microsoft Windows PowerShell can be found here

Podcasts on PowerShell can be found at;

http://get-scripting.blogspot.com/

Powerscripting Podcast

The 3 sessions that Scott Hanselman did on the subject

A great book Bruce Payette’s ‘Windows PowerShell in Action’