Irish Data Theft Affects 31,500
http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=317778&taxonomyId=17&intsrc=kc_top
DUBLIN — The Bank of Ireland last week admitted that the unencrypted personal details of 31,500 customers — three times as many as it first disclosed — went missing with the theft of four laptops last year.
ISPs, Web sites must tackle piracy, says Viacom chief
Article on "metal theft". Electric companies' wires, cell phone towers, any kind of metal left unattended is being stolen and scrapped for the raw metal recycling cost:
http://www2.csoonline.com/article/221225
Who Killed My Hard Drive? - 5/6/2008 5:45:00 PM University study examines the causes and costs of hard drive failure
New Spam Attack Exploits Edunet Servers - 5/5/2008 5:35:00 PM Exploit demonstrates creativity, but little damage caused so far, BitDefender says
Hackers in the House - 5/5/2008 5:15:00 PM New social network for hackers lets white hats share and job-hunt
U.S. special counsel's office raided
Who watches the watchers, indeed!
Investigators: Missouri Governor Accused of Trying to Destroy Evidence
Independent investigators on Monday alleged that Gov. Matt Blunt or his top aides ordered state computer technicians to destroy copies of e-mail messages that might have been politically damaging. The accusations came in a 26-page lawsuit (pdf) filed in Cole County Circuit Court by Mel Fisher, the former head of the Missouri Highway Patrol, who is leading the investigation into the Blunt administration’s handling of public records.
Investigators accuse Blunt administration of trying to delete backup computer tapes to avoid disclosure of office e-mails, Kansas City Star, May 5, 2008.
Posted by EPIC on May 06, 2008.Permanent link to this item.
digg_url = 'http://isc.sans.org/diary.html?storyid=4397&rss';
More on automated exploit generation
SQL Injection Worm on the Loose (UPDATED x2)
State Department Loses Hundreds of Laptops
Oops:
As many as 400 of the unaccounted for laptops belong to the department’s Anti-Terrorism Assistance Program, according to officials familiar with the findings.
Bet you anything those laptops weren't encrypted.
Posted on May 06, 2008 at 12:21 PM • 27 Comments •
View Blog Reactions
Microsoft today finally released Service Pack 3 for Windows XP users. The update should now be offered via both Windows Update or Automatic Updates. The company was expected to release it last week, but pulled the plug at the last minute due to a compatibility problem with an obscure product they offer.
Senate quizzes gov't on cybersecurity initiativeNews Brief, 2008-05-07In a bipartisan letter to the Department of Homeland Security, a Senate committee asks administration officials to clarify the nature of Bush's cybersecurity initiative.
Study: Security pros look to wireless, biometricsNews Brief, 2008-05-06Companies plan to invest in wireless security and biometric technologies over the next year and increasingly view continuing education as a necessity, a survey finds.
"David Roberson, general manager of Hewlett-Packard's StorageWorks division, predicts that by 2013 the storage industry will be shipping a yottabyte (a billion gigabytes) of storage capacity annually. Roberson made the comment in conjunction with HP introducing a new rack system that clusters together four blade servers and three storage arrays with 820TB of capacity. Many vendors are moving toward this kind of platform, including IBM, with its recent acquisition of Israeli startup XIV, according to Enterprise Strategy Group analyst Mark Peters."
"The first telemarketers charged with transmitting false Caller IDs... to consumers were fined and barred from continuing their schemes by a New Jersey District Court judge.... [T]wo individuals and one corporate defendant have been barred from violating the agency's Telemarketing Sales Rule and its Do Not Call requirements... They were also found liable for $530,000 in damages... [T]he case was the first brought by the Commission alleging the transmission of phony caller ID information or none at all."
Presto Vivace sends news of a server found by security firm Finjin that contained a 1.4-GB cache of stolen data, accumulated over a period of less than a month from compromised PCs around the world. The "crimeserver," as Finjin dubs it, "provided command and control functions for malware attacks in addition to being a drop site for data harvested from compromised computers... The stolen data consisted of 5,388 unique log files including 1,037 from Turkey, 621 from Germany, 571 from the United States, 322 from France, 308 from India and 232 from Britain." Oddly enough, the data was stored in the open, with not even basic auth to protect it. Finjin notes in their press release that this huge trove of data gathered over a short period of time indicates that the crimeware problem is far larger than most observers have been assuming.
"Web servers hosting musician Peter Gabriel's web site have gone missing from their data center. "Our servers were stolen from our ISP's data centre on Sunday night — Monday morning," reads a notice at PeterGabriel.com. The incident is the latest in a series of high-profile equipment thefts in the past year, including armed robberies in data centers in Chicago and London. How secure is your data center?"
VeriSign gets patent for DNS redirect it can't use itself
VeriSign has been awarded a patent that describes a system that would resolve unregistered domains to a parked page related to the domain in question. Unfortunately for VeriSign, it has already agreed not to use the technology back in 2003—but it can use the patent to try and collect royalties from other companies.
May 06, 2008 - 09:49PM CT - by Jacqui Cheng
Yahoo plays catchup with Google with new SearchScan warnings
Yahoo has partnered with McAfee to develop new technology that flags potentially dangerous links before users click on them.
May 06, 2008 - 01:20PM CT - by Joel Hruska
A recap of Microsoft Blue Hat v7
Nate McFeters: I was fortunate enough to be invited to attend Microsoft Blue Hat v 7 to share my findings with Microsoft's product security teams.
Gallery: Microsoft Blue Hat v7
Yet Even More Fake Media Files
Earlier we blogged about Fake MP3s Running Rampant, mostly on P2P networks, such as Limewire. I took some time to create a video clip showing what the infection process looks like. In doing so, hundreds of additional media files were uncovered. Most leading to the aforementioned site, freemp3player.com, but others leads to different sites distributing adware and others still pose as codec installers that when run, display fake error messages and download and silently install tons of files, including many different adware packages, such as:
Adware-BB
Adware-Beginto
Adware-Isearch
Adware-Mirar
Adware-SrchExplorer
Adware-Zeno
Domains linked to from the media files include:
mediaprovider . info
missing-codecs . com
seonomad . com
vidscentral . net
While this demo below shows that user’s must accept a EULA before proceeding, others contain no EULA.
Trojan Adware Hiding in MP3s, McAfee SaysPC World - Tue May 6, 8:10 PM ET
Adware pushers have found a new way to trick you into downloading their annoying products: fake MP3 files.
Cyberwar: PRC vs. India?
Russia Practices Cyber Warfare With A Flurry of Cyber Attacks Against Estonia By Grey McKenzie Today
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment