Presidential campaigns clueless about Net threats
Attacks begin against critical Patch Tuesday bug
Report: E-voting firms in hostile-takeover tussle
Using lasers to trigger lightning strikes
eurekalert.org — A team of European scientists has deliberately triggered electrical activity in thunderclouds for the first time. At the top of South Baldy Peak in New Mexico during two passing thunderstorms, the researchers used laser pulses to create plasma filaments that could conduct electricity akin to Benjamin Franklin's silk kite string.More… (Environment)
http://www.theagitator.com/2008/04/13/so-about-that-tree-of-liberty/
Tonight, a group of about 20 D.C.-area libertarians headed down to the Thomas Jefferson Memorial for some flash mob fun. The prank was harmless revelry: To ring in Jefferson’s birthday, we would meet on the steps of the memorial at 11:55pm, wearing iPods, then dance for about 10 minutes, capture the whole thing on video, and leave.
Courtney and I were about 10 minutes late, but by the time we arrived it was already over. The National Park Police broke the whole thing up just a few minutes in, punctuating their lack of a sense of humor by arresting one of the dancers (we’re keeping her name private at least until she’s released later this morning). She was cuffed, taken out to a paddy wagon, then booked and held at a Park Police station. Everyone I spoke with says there was no noise, there were no threats, and no laws broken (the park police I spoke with–including the arresting officer (who, oddly enough, denied to me that he was the arresting officer)–declined to say why she had been arrested).
The police refused to answer any questions, referring all calls to the communication number of the Park Police, which at this hour is closed. They also refused to give their badge numbers.
It appears that Symantec has raised the Threatcon to Level 2 this afternoon.
www.symantec.com/security_response/threatcon/index.jsp
It seems that their honeypots have sniffed out "In-the-Wild Exploit attempts" targeting the vulnerability identified in MS08-021 which allows remote code execution in GDI if a user opens a specially crafted EMF or WMF image file. Microsoft announced this in their latest super Tuesday release.
www.microsoft.com/technet/security/Bulletin/MS08-021.mspx
If you haven't already patched do so now and don't forget to remind your users not to open image files.
People and Security Rules
In this article analyzing a security failure resulting in live nuclear warheads being flown over the U.S., there's an interesting commentary on people and security rules:
Indeed, the gaff [sic] that allowed six nukes out over three major American cities (Omaha, Neb., Kansas City, Mo., and Little Rock, Ark.) could have been avoided if the Air Force personnel had followed procedure.
"Let's not forget that the existing rules were pretty tight," says Hans Kristensen, director of the Nuclear Information Project for the Federation of American Scientists. "Much of what went wrong occurred because people didn't follow these tight rules. You can have all sorts of rules and regulations, but they still won't do any good if the people don't follow them."
Procedures are a tough balancing act. If they're too lax, there will be security problems. If they're too tight, people will get around them and there will be security problems.
Posted on April 14, 2008 at 06:47 AM • 3 Comments •
View Blog Reactions
ClamAV Upack Processing Buffer Overflow Vulnerability
- Highly critical - From remote
Issued 5 hours ago.
Secunia Research has discovered a vulnerability in ClamAV, which can be exploited by malicious people to compromise a vulnerable system.
HP OpenView Network Node Manager Multiple Vulnerabilities - Less critical - From local networkIssued 3 hours ago. Some vulnerabilities have been reported in HP OpenView Network Node Manager, which can be exploited by malicious people to disclose certain information or cause a DoS (Denial of Service).
EMC DiskXtender Multiple Vulnerabilities - Moderately critical - From local networkIssued 3 days ago. Some vulnerabilities have been reported in EMC DiskXtender, which can be exploited by malicious people to bypass certain security restrictions or by malicious users to compromise a vulnerable system.
U.S. gov't pushes cybersecurity at con Robert Lemos, 2008-04-12 Top Bush Administration officials descend on the RSA Security Conference laying out their plans for protecting critical networks and giving a small taste of the latest national cyber exercise, Cyber Storm II.
"Undersea telecom cable operator Reliance Globalcom was able to use satellite images to identify two ships that dropped anchor in the wrong place, damaging submarine cables and knocking Middle East nations offline in early February. The company used satellite images to study the movements of the two ships, and shared the information with officials in Dubai, who impounded the two vessels. The NANOG list has a discussion of where Reliance might have obtained satellite images to provide that level of detail. Google News links more coverage of the developments."
Earlier this week, NASA made a course adjustment for its Phoenix Mars Lander which puts it on a path to land in "Green Valley" on the Red Planet late next month. The site was chosen for being a broad, flat expanse that is relatively free of rocks capable of damaging the lander when it sets down. The location will be confirmed pending further reconnaissance from an orbiting satellite. The probe's mission, which we've previously discussed, is to investigate subsurface ice. "The landing area is an ellipse about 62 miles by about 12 miles (100 kilometers by 20 kilometers). Researchers have mapped more than five million rocks in and around that ellipse, each big enough to end the mission if hit by the spacecraft during landing. Knowing where to avoid the rockier areas, the team has selected a scientifically exciting target that also offers the best chances for the spacecraft to set itself down safely onto the Martian surface."
Judge: law protects Comcast's "Good Samaritan" spam filters
A federal judge has dismissed serial spammer e360insight’s lawsuit against Comcast, saying that the ISP’s use of spam filters to block its unwanted missives was covered by the “Good Samaritan” provision of the sometimes-controversial Communications Decency Act.
April 13, 2008 - 05:45PM CT - by John Timmer
Private Information of 71,000 Patients Accidentally Exposed on WebSensitive details of approximately 71,000 Georgia patients were published on the web,... [read >>]
SAN FRANCISCO -- Malicious hackers beware: Computer security expert Joel Eriksson might already own your box.
Eriksson, a researcher at the Swedish security firm Bitsec, uses reverse-engineering tools to find remotely exploitable security holes in hacking software. In particular, he targets the client-side applications intruders use to control Trojan horses from afar, finding vulnerabilities that would let him upload his own rogue software to intruders' machines.
He demoed the technique publicly for the first time at the RSA conference Friday.
http://blog.wired.com/27bstroke6/
http://www.crime-research.org/news/14.04.2008/3309/
The closest thing the world of computer forensics has to the Ten Commandments is the guidance set down in the Association of Chief Police Officers' Good Practice Guide for Computer-Based Electronic Evidence. These guidelines, built around four main principles, are used as the basis for all criminal computer investigations. They are quite broad in scope, making recommendations regarding the correct handling of forensic data.
First, no action taken by law enforcement agencies or their agents should change data held on a computer or storage media which may subsequently be relied upon in court.
Second, in circumstances where a person finds it necessary to access original data held on a computer or storage media, that individual must be competent to do so and be able to give evidence explaining the relevance and the implications of their actions.
Third, an audit trail or other record of all processes applied to computer-based electronic evidence is essential. An independent third party should be able to examine those processes and achieve the same result.
Finally, there should be someone in charge of the investigation with overall responsibility for ensuring that the law and these principles are adhered to.
No comments:
Post a Comment