It's good to be back from vacation, and onto the news...
AOL Sued for the Names of Bloggers Critical of Memphis Police Leadership
The city of Memphis, Tennessee sued AOL for the names of people contributing to the web blog MPD Enforcer 2.0. The blog is critical of law enforcement leadership and is very popular with Memphis police. The blog is credited with raising public discussion about the use of law enforcement resources.
Police director sues to find identity of blogger critical of MPD, Commercial Appeal, July 22, 2008
Posted by EPIC on July 22, 2008.Permanent link to this item. --> -->
GMail Flaw Exposes Personal Information
Gmail privacy flaw reveals user name provided when the e-mail account was established. When Gmail users share Google Calendar items with each other the first and last name registered by the sender can be viewed by the recipient. This flaw can effect the privacy of Gmail users who use e-mail pseudonyms instead of their actual name.
Gmail Privacy Hole Shows User Names, Information Week, July 16, 2008
Posted by EPIC on July 17, 2008.Permanent link to this item.
Several articles about the recent DNS Cache Poisining attacks:
http://isc.sans.org/diary.html?date=2008-07-25
New DNS exploit now in the wild and having a blast
Write-Once Read-Many Memory Cards
SanDisk has introduced Write-Once Read-Many Memory (WORM) cards for forensic applications.
Anti-Terrorism Stupidity at Yankee Stadium
They're confiscating sunscreen at Yankee Stadium:
RealNetworks RealPlayer Multiple Vulnerabilities - Highly critical - From remote
Issued 3 days ago. Updated 7 hours ago.
Some vulnerabilities have been reported in RealPlayer, which potentially can be exploited by malicious people to disclose certain information or compromise a user's system.
Man Gets 4 Years for ID Theft, Software Piracy
A 23-year-old Oregon man was sentenced this week to four years in federal prison for using computer viruses to steal financial data from dozens of consumers. Investigators say the man used the information to set up multiple eBay and PayPal accounts, which helped him sell more than $1 million worth of pirated software.
Jeremiah Joseph Mondello, of Eugene, Ore., admitted distributing keystroke logging programs via online instant message networks. Investigators say he then used bank account credentials stolen from victims to set up more than 40 online auction accounts in the victims' names.
The judgment is almost unheard of for a non-violent crime committed by an individual with no criminal history: Mondello will serve 48 months in jail, followed by three years of supervised release and 450 hours of community service. Federal investigators also seized computers and $220,000 in cash from Mondello.
The government also is entitled to seize his three-bedroom, 1,130 square foot house and surrounding land -- currently valued at $225,000.
http://blog.washingtonpost.com/securityfix/2008/07/man_gets_4_years_for_id_theft_1.html#more
Report: Small biz weak in cybersecurityNews Brief, 2008-07-25
Most small- and medium-sized companies believe that they operate under cybercriminals' radar, but a study finds that one-in-five firms have been attacked.
E-Gold pleads guilty to money laundering Robert Lemos, 2008-07-23
In a plea agreement with the U.S. government, the company's founders agree to charges of operating an unlicensed money transfer business, but the business aims to continue.
Metasploit releases double-whammy for DNSNews Brief, 2008-07-24
HD Moore and another researcher release two exploits for the high-profile domain-name system flaw under the Metasploit framework.
UPS Spammers Switch to the US Customs
UPS, E-Tickets and MoreJuly 28, 2008The Pushdo botnet has added three more spam themes to distribute malware along with its UPS theme.
Rustock malicious spam updateJuly 24, 2008Malicious spam from the Rustock botnet continues in large numbers.
SF Reveals Usernames And Password To City Network In Accidental Effort To Prove Terry Childs' Case For Him
What Is Undetectable Malware?
OMG, undetectable Trojans are coming to get us! At least that’s what a story in The Register says, referring to Limbo 2.
...
Get Ready For Google Gadget MalwareTechWeb - Fri Jul 25, 3:00 PM ET
InformationWeek - At Black Hat, RSnake is expected to demonstrate a zero-day vulnerability that allows for information theft, spoofing, and authentication issues.
Chinese hackers steal 9 million items of personal information from South Koreans
Google Adwords Advertisers Targeted By Phishing Cyber Criminals From China By Grey McKenzie 07/25/2008
There's still HOPE for hackers by Noah Schiffman
The seventh and last HOPE (Hackers on Planet Earth) conference took place last weekend, bringing the 14 year old biennial...
City Missed Steps to Avoid Network Lockout IT executives and analysts list some steps that San Francisco officials could have taken to prevent a disgruntled employee from locking IT administrators out of the citys fiber backbone network. Read more...
San Francisco DA discloses city's network passwords
Credit card firms investigate fraud at Canadian airport kiosks
Monday, July 28, 2008
Monday, July 14, 2008
Monday News Feed
DNS researcher convinces skeptics that bug is serious
"I broke a huge rule: I didn't bring in anyone else from the research community," said Kaminsky in explaining why he felt he needed to deviate from his plan to withhold technical details until early next month, when he presents at the Black Hat security conference. "I forgot that, no, you don't get to make a whole bunch of noise without some technical details to back it up," Kaminsky said. "[As] security researchers, we need the ability to call 'bullshit' on people."
Essentially, that's what Ptacek, Dai Zovi and others did. After the conference call, however, both Ptacek and Dai Zovi said they were convinced the DNS flaw was as significant as Kaminsky had promised.
"Dan's got the goods," said Ptacek in an entry on the Matasano blog Wednesday.
Former VP at HP faces 10 years for IBM trade-secret theft
Microsoft confirms WSUS patch problem
July 11, 2008 (Computerworld) Microsoft Corp. yesterday acknowledged that it may have to re-release a recent fix for a flaw that stymied some users' ability to grab security patches through Windows Server Update Services (WSUS).
Tennessee's sinking data center gets help
July 11, 2008 (Computerworld) A data center in Tennessee that may be located in the worse spot in America for a data center -- on an unstable landfill, next to a railroad and a river and downstream from a large dam that the U.S. Army Corps of Engineers says has a risk of failing -- is getting relocated, at least partially...
Chip maker sues to quash research on RFID smart card security flaws
NXP Semiconductors filed suit in Court Arnhem in The Netherlands against Radboud University Nijmegen. The company is pushing the courts to keep university researchers from publishing a paper about reported security flaws in the MiFare Classic, an RFID chip manufactured by NXP Semiconductors.
The paper is slated to be presented at the Esorics security conference in Malaga, Spain, this October, according to Karsten Nohl, a graduate student who was part of a research group that originally broke the encryption last year. Nohl told Computerworld on Thursday that he gave his research to the Dutch university so it could build on what he had done, and he has been closely following its progress.
Criminal prosecutions eyed for passport snoopers
Developer fixes 33-year-old Unix bug
Texas Bank Dumps Antivirus for Whitelisting - 7/11/2008 1:10:00 PM Tired of AV and malware, First National Bank of Bosque County adopts application whitelisting instead
Chinese Cyber Attacks
The popular media conception is that there is a coordinated attempt by the Chinese government to hack into U.S. computers -- military, government corporate -- and steal secrets. The truth is a lot more complicated.
http://www.schneier.com/blog/
Posted at 03:20 PM ET, 07/11/2008
A Baker's Dozen of Security Updates for iPhone 2.0
As expected, the 2.0 version of iPhone released today includes a number of security updates, patching more than a dozen holes in the slimmed-down OS X operating system that powers the devices.
That means for those who already own Apple's mobile device, it's time to update.
http://blog.washingtonpost.com/securityfix/2008/07/a_bakers_dozen_security_update.html
NY attorney general gets more ISPs to block alt.* newsgroups
New York's Attorney General has turned his initial efforts against online sharing of child porn into a campaign, complete with its own website and a form letter to send to ISPs. The site's announcement coincides with AOL and AT&T reaching an agreement to block newsgroups where such porn appears.
July 11, 2008 - 02:28PM CT - by John Timmer
Kaspersky to Simulate Successful Hacking Attack on Intel CPUKris Kaspersky, co-founder of the security software company Kaspersky Lab, will demon... [read >>]
Berlin subway ticket machines go down
Michael Krigsman: Ticket dispensers in the Berlin subway system stopped working on July 1 after a faulty update from central HQ.
Turns Out Viacom Is Really Interested In What Google Employees Are Uploading/Viewing On YouTube
Lawyer's Lack of Brevity Not an Aberration
By MATTHEW HELLER
A Vancouver, Wash., attorney who was ordered last month to rewrite a 465-page complaint has a history of incurring judicial displeasure by filing lengthy pleadings. more
New trojan in the wild targeting multimedia files
Negar Salek July 14, 2008
A new trojan in the wild is infecting multimedia files on a victim's hard disk.
http://blogs.technet.com/swi/:
You should always set up your SQL server with best security practices as outlined in http://technet.microsoft.com/en-us/library/ms144228.aspx and http://www.microsoft.com/technet/prodtechnol/sql/2005/sql2005secbestpract.mspx
More-Searchable Flash
By Kate Greene 07/03/2008 0 Comments
Information from millions of Web pages that use the animation software is now available to search engines.
NY: 50 Percent of Sequoia Voting Machines Flawed
Trojans Over 60% Of New Malware Infections Says Panda Labs By Grey McKenzie 07/11/2008
"I broke a huge rule: I didn't bring in anyone else from the research community," said Kaminsky in explaining why he felt he needed to deviate from his plan to withhold technical details until early next month, when he presents at the Black Hat security conference. "I forgot that, no, you don't get to make a whole bunch of noise without some technical details to back it up," Kaminsky said. "[As] security researchers, we need the ability to call 'bullshit' on people."
Essentially, that's what Ptacek, Dai Zovi and others did. After the conference call, however, both Ptacek and Dai Zovi said they were convinced the DNS flaw was as significant as Kaminsky had promised.
"Dan's got the goods," said Ptacek in an entry on the Matasano blog Wednesday.
Former VP at HP faces 10 years for IBM trade-secret theft
Microsoft confirms WSUS patch problem
July 11, 2008 (Computerworld) Microsoft Corp. yesterday acknowledged that it may have to re-release a recent fix for a flaw that stymied some users' ability to grab security patches through Windows Server Update Services (WSUS).
Tennessee's sinking data center gets help
July 11, 2008 (Computerworld) A data center in Tennessee that may be located in the worse spot in America for a data center -- on an unstable landfill, next to a railroad and a river and downstream from a large dam that the U.S. Army Corps of Engineers says has a risk of failing -- is getting relocated, at least partially...
Chip maker sues to quash research on RFID smart card security flaws
NXP Semiconductors filed suit in Court Arnhem in The Netherlands against Radboud University Nijmegen. The company is pushing the courts to keep university researchers from publishing a paper about reported security flaws in the MiFare Classic, an RFID chip manufactured by NXP Semiconductors.
The paper is slated to be presented at the Esorics security conference in Malaga, Spain, this October, according to Karsten Nohl, a graduate student who was part of a research group that originally broke the encryption last year. Nohl told Computerworld on Thursday that he gave his research to the Dutch university so it could build on what he had done, and he has been closely following its progress.
Criminal prosecutions eyed for passport snoopers
Developer fixes 33-year-old Unix bug
Texas Bank Dumps Antivirus for Whitelisting - 7/11/2008 1:10:00 PM Tired of AV and malware, First National Bank of Bosque County adopts application whitelisting instead
Chinese Cyber Attacks
The popular media conception is that there is a coordinated attempt by the Chinese government to hack into U.S. computers -- military, government corporate -- and steal secrets. The truth is a lot more complicated.
http://www.schneier.com/blog/
Posted at 03:20 PM ET, 07/11/2008
A Baker's Dozen of Security Updates for iPhone 2.0
As expected, the 2.0 version of iPhone released today includes a number of security updates, patching more than a dozen holes in the slimmed-down OS X operating system that powers the devices.
That means for those who already own Apple's mobile device, it's time to update.
http://blog.washingtonpost.com/securityfix/2008/07/a_bakers_dozen_security_update.html
NY attorney general gets more ISPs to block alt.* newsgroups
New York's Attorney General has turned his initial efforts against online sharing of child porn into a campaign, complete with its own website and a form letter to send to ISPs. The site's announcement coincides with AOL and AT&T reaching an agreement to block newsgroups where such porn appears.
July 11, 2008 - 02:28PM CT - by John Timmer
Kaspersky to Simulate Successful Hacking Attack on Intel CPUKris Kaspersky, co-founder of the security software company Kaspersky Lab, will demon... [read >>]
Berlin subway ticket machines go down
Michael Krigsman: Ticket dispensers in the Berlin subway system stopped working on July 1 after a faulty update from central HQ.
Turns Out Viacom Is Really Interested In What Google Employees Are Uploading/Viewing On YouTube
Lawyer's Lack of Brevity Not an Aberration
By MATTHEW HELLER
A Vancouver, Wash., attorney who was ordered last month to rewrite a 465-page complaint has a history of incurring judicial displeasure by filing lengthy pleadings. more
New trojan in the wild targeting multimedia files
Negar Salek July 14, 2008
A new trojan in the wild is infecting multimedia files on a victim's hard disk.
http://blogs.technet.com/swi/:
You should always set up your SQL server with best security practices as outlined in http://technet.microsoft.com/en-us/library/ms144228.aspx and http://www.microsoft.com/technet/prodtechnol/sql/2005/sql2005secbestpract.mspx
More-Searchable Flash
By Kate Greene 07/03/2008 0 Comments
Information from millions of Web pages that use the animation software is now available to search engines.
NY: 50 Percent of Sequoia Voting Machines Flawed
Trojans Over 60% Of New Malware Infections Says Panda Labs By Grey McKenzie 07/11/2008
Wednesday, July 9, 2008
Wednesday News Feed 7/9/08
Major DNS flaw could disrupt the Internet , 07/08/2008 The discovery of a flaw in Domain Name System protocol that would allow an attacker to remotely disrupt or even take control of the Internet has been discovered by a researcher, leading to a CERT advisory and a multi-vendor DNS patch released today that should be applied on vulnerable ISP and corporate DNS servers.
From ISC.SANS.ORG:
Multiple Vendors DNS Spoofing Vulnerability
The overall issue has been known for a long time, and is a fundamental problem with the way DNS currently works. However, full details about what makes this so special will be revealed at Blackhat.
Adware company refines opt-out, notification technology
It's hoping to reassure critics who claim NebuAd's targeted advertising spies on users
Senate Scrutinizes Privacy Issues of ISP User Tracking
Microsoft confirms active Word attacks
Microsoft Word Unspecified Code Execution Vulnerability - Extremely critical - From remoteIssued 8 hours ago. A vulnerability has been reported in Microsoft Word, which can be exploited by malicious people to compromise a user's system.
Microsoft plugs nine holes in Windows, DNS, SQL
Not patched yet:
Microsoft Access Snapshot Viewer ActiveX Control Vulnerability - Extremely critical - From remoteIssued 2 days ago. A vulnerability has been reported in Snapshot Viewer for Microsoft Access, which can be exploited by malicious people to compromise a user's system.
Don't give Google a free pass on data collection, privacy advocates say after YouTube ruling
French ruling on counterfeit goods could have far-reaching effects for eBay
iDefense Revamps Bucks for Bugs Contest - 7/8/2008 5:55:00 PM Changes aimed at making vulnerability research 'sexy' again, iDefense says
Washington Post: Justice Breyer among victims in data breach
MSRC Blog: Microsoft Security Advisory 953635
Posted Tuesday, July 08, 2008 6:55 PM by MSRCTEAM
Hello, Bill here,
I wanted to let you know that we have just posted Microsoft Security Advisory (953635).
This advisory contains information regarding a new public report of a possible vulnerability within Microsoft Office Word which could allow for remote code execution. Our investigation thus far has shown that this vulnerability affects Microsoft Office Word 2002 Service Pack 3 only.
How to Not Get Hacked Like Sony The U.S. Sony Playstation Web site is the latest high-profile victim of a hacker attack on business sites that's spreading...
The U.S. Sony Playstation Web site is the latest high-profile victim of a hacker attack on business sites that's spreading malware at breakneck pace, says a security vendor.
Sophos PLC reported that Sony had suffered an SQL injection attack last week. Malicious code was planted on pages of two popular Playstation games -- SingStar Pop and God of War.
Breaking the law: one-third of US residents rip DVDs
A third of consumers have made copies of DVDs in the last six months, according to new survey results from the US and UK. This number is up from a year ago, but a majority of these users say they only copy their own DVDs for personal use.
July 08, 2008 - 07:20PM CT - by Jacqui Cheng
Spiraling bandwidth demands spur undersea cable deployment
Food and fuel costs may be skyrocketing, but there's no sign yet that either expense is limiting worldwide demand for bandwidth, which is on track to grow by 50 percent or so between 2007 and 2008. International telecoms continue to lay cable across the globe, but if things continue as they are, demand may outstrip supply.
July 08, 2008 - 05:10PM CT - by Joel Hruska
Malicious Spam Using Dramatic Subjects to Lure Users
July 7, 2008
Storm Worm says the U.S have invaded Iran
Dancho Danchev: Right after the U.S Independence Day fireworks, Storm Worm latest campaign says the U.S have invaded Iran--attempting to once again exploit client-side vulnerabilities.
Microsoft to deliver SQL Server 2008 in August
Record $46M Awarded for Manager's Firing
By MATTHEW HELLER
Evidence including a "smoking e-mail" has helped persuade a Cleveland jury to award a record $46.6 million to a former trash company manager who was fired after he refused to dismiss three employees, all of whom were about 60 years of age. more
Survey says: Government employees enjoy wireless internet
Sue Marquette Poremba July 08, 2008
Nearly half of all federal government employees use wireless internet that allows them to work outside the office, according to a new survey.
Bejtlich on last month’s Cyber Panel
Published by jumper under Hacker Organization, Nationalism
Richard Bejtlich blogged about the AF Cyber Panel last month and provides a plug for the TDV book which he reviewed a while ago. The Cyber Panel had some informal discussion about the cyber-militia:
In the US, our DoD relies upon professional, uniformed military members, government civilians, and an immense contracting force to defend the nation and project its military power. In China, their PLA mixes uniformed military with ordinary civilians, some of whom act at the behest of the military and government, with others acting on their own for “patriotic means.”
The discussion turns into a comparison of the US/PRC capabilities and specifically how the US can recruit and retain qualified cyber warriors. The problem seems to be that the PRC can call up an army of qualified patriotic hackers while the US is having problems recruiting and retaining talent.
http://www.nationalcybersecurity.com/blogs/796/Virus-Scanners-Clear-Attackers-a-Path-To-Your-Computer-With-Approximately-800-Vulnerabilities-Detected.html
"During the past few months, specialists from the n.runs AG, along with other security experts, have discovered approximately 800 vulnerabilities in anti-virus products. The conclusion: contrary to their actual function, the products open the door to attackers, enable them to penetrate company networks and infect them with destructive code. The positioning of anti-virus software in central areas of the company now poses an accordingly high security risk."
Verizon data breach report
Learning from the Verizon Business RISK Team's valuable analysis of four years of data on security breaches among their clients.
Top Ten Worst Uses for Windows by Richard Stiennon
From ISC.SANS.ORG:
Multiple Vendors DNS Spoofing Vulnerability
The overall issue has been known for a long time, and is a fundamental problem with the way DNS currently works. However, full details about what makes this so special will be revealed at Blackhat.
Adware company refines opt-out, notification technology
It's hoping to reassure critics who claim NebuAd's targeted advertising spies on users
Senate Scrutinizes Privacy Issues of ISP User Tracking
Microsoft confirms active Word attacks
Microsoft Word Unspecified Code Execution Vulnerability - Extremely critical - From remoteIssued 8 hours ago. A vulnerability has been reported in Microsoft Word, which can be exploited by malicious people to compromise a user's system.
Microsoft plugs nine holes in Windows, DNS, SQL
Not patched yet:
Microsoft Access Snapshot Viewer ActiveX Control Vulnerability - Extremely critical - From remoteIssued 2 days ago. A vulnerability has been reported in Snapshot Viewer for Microsoft Access, which can be exploited by malicious people to compromise a user's system.
Don't give Google a free pass on data collection, privacy advocates say after YouTube ruling
French ruling on counterfeit goods could have far-reaching effects for eBay
iDefense Revamps Bucks for Bugs Contest - 7/8/2008 5:55:00 PM Changes aimed at making vulnerability research 'sexy' again, iDefense says
Washington Post: Justice Breyer among victims in data breach
MSRC Blog: Microsoft Security Advisory 953635
Posted Tuesday, July 08, 2008 6:55 PM by MSRCTEAM
Hello, Bill here,
I wanted to let you know that we have just posted Microsoft Security Advisory (953635).
This advisory contains information regarding a new public report of a possible vulnerability within Microsoft Office Word which could allow for remote code execution. Our investigation thus far has shown that this vulnerability affects Microsoft Office Word 2002 Service Pack 3 only.
How to Not Get Hacked Like Sony The U.S. Sony Playstation Web site is the latest high-profile victim of a hacker attack on business sites that's spreading...
The U.S. Sony Playstation Web site is the latest high-profile victim of a hacker attack on business sites that's spreading malware at breakneck pace, says a security vendor.
Sophos PLC reported that Sony had suffered an SQL injection attack last week. Malicious code was planted on pages of two popular Playstation games -- SingStar Pop and God of War.
Breaking the law: one-third of US residents rip DVDs
A third of consumers have made copies of DVDs in the last six months, according to new survey results from the US and UK. This number is up from a year ago, but a majority of these users say they only copy their own DVDs for personal use.
July 08, 2008 - 07:20PM CT - by Jacqui Cheng
Spiraling bandwidth demands spur undersea cable deployment
Food and fuel costs may be skyrocketing, but there's no sign yet that either expense is limiting worldwide demand for bandwidth, which is on track to grow by 50 percent or so between 2007 and 2008. International telecoms continue to lay cable across the globe, but if things continue as they are, demand may outstrip supply.
July 08, 2008 - 05:10PM CT - by Joel Hruska
Malicious Spam Using Dramatic Subjects to Lure Users
July 7, 2008
Storm Worm says the U.S have invaded Iran
Dancho Danchev: Right after the U.S Independence Day fireworks, Storm Worm latest campaign says the U.S have invaded Iran--attempting to once again exploit client-side vulnerabilities.
Microsoft to deliver SQL Server 2008 in August
Record $46M Awarded for Manager's Firing
By MATTHEW HELLER
Evidence including a "smoking e-mail" has helped persuade a Cleveland jury to award a record $46.6 million to a former trash company manager who was fired after he refused to dismiss three employees, all of whom were about 60 years of age. more
Survey says: Government employees enjoy wireless internet
Sue Marquette Poremba July 08, 2008
Nearly half of all federal government employees use wireless internet that allows them to work outside the office, according to a new survey.
Bejtlich on last month’s Cyber Panel
Published by jumper under Hacker Organization, Nationalism
Richard Bejtlich blogged about the AF Cyber Panel last month and provides a plug for the TDV book which he reviewed a while ago. The Cyber Panel had some informal discussion about the cyber-militia:
In the US, our DoD relies upon professional, uniformed military members, government civilians, and an immense contracting force to defend the nation and project its military power. In China, their PLA mixes uniformed military with ordinary civilians, some of whom act at the behest of the military and government, with others acting on their own for “patriotic means.”
The discussion turns into a comparison of the US/PRC capabilities and specifically how the US can recruit and retain qualified cyber warriors. The problem seems to be that the PRC can call up an army of qualified patriotic hackers while the US is having problems recruiting and retaining talent.
http://www.nationalcybersecurity.com/blogs/796/Virus-Scanners-Clear-Attackers-a-Path-To-Your-Computer-With-Approximately-800-Vulnerabilities-Detected.html
"During the past few months, specialists from the n.runs AG, along with other security experts, have discovered approximately 800 vulnerabilities in anti-virus products. The conclusion: contrary to their actual function, the products open the door to attackers, enable them to penetrate company networks and infect them with destructive code. The positioning of anti-virus software in central areas of the company now poses an accordingly high security risk."
Verizon data breach report
Learning from the Verizon Business RISK Team's valuable analysis of four years of data on security breaches among their clients.
Top Ten Worst Uses for Windows by Richard Stiennon
Monday, July 7, 2008
Monday News Feed 7/7/08
Trojan Poses as July 4th Video Hackers launched weekend attacks with the Storm botnet disguised as holiday videos but infecting systems instead.
http://blogs.washingtonpost.com/securityfix/
Posted at 12:10 PM ET, 07/ 3/2008
Lithuania Weathers Cyber Attack, Braces for Round 2
Hundreds of Lithuanian government and corporate Web sites were hacked and plastered with Soviet-era symbols and other digital graffiti this week in what appears to be a coordinated cyber attack launched by Russian hacker groups.
A New York Times story reports that Lithuanian officials did not directly accuse Russian hackers of initiating the attacks, but said they had come from foreign computers. However, iDefense, a security intelligence firm, based in Reston, Va., attributed the attacks to nationalistic Russian hacker groups protesting a new Lithuanian law banning the display of Soviet emblems, including honors won during World War II.
According to Lithuanian media reports, the attacks shut down the Web sites of the national ethics body, the securities and exchange commission, the Lithuanian Social Democratic Party, among others.
...
Diary of a Deliberately Spammed Housewife What happened when 'Penelope Retch' answered her spam e-mail.
The Internet Traffic Report monitors the flow of data around the world. It then displays a value between zero and 100. Higher values indicate faster and more reliable connections.
This graph shows the Global Traffic Index for the past 24 hours.
This graph shows the Global Response Time for the past 24 hours.
This graph shows the Global Packet Loss for the past 24 hours.
Malware is Getting Smarter, F-Secure Warns Security vendor F-Secure cautions against new, efficient malware and other pests.
Malware, Spam, and other Net Pests Rev Up Trojans, botnets and other malware are growing faster than ever before, security researchers warn.
Security Firm Reports Trojan Targets Macs A rare Trojan horse program spotted in the wild threatens some Mac OS X systems.
Google Adds a Link to Its Privacy Policy
On the 30th Day following a letter by privacy advocates to Google about the missing link to its privacy policy the company changed the homepage to include the information. A California law requires that operators of commercial web sites must post a link to a privacy policy.
Ending tussle, Google adds privacy link to home page, Los Angeles Times, July 4, 2008
Posted by EPIC on July 7, 2008.Permanent link to this item.
Judge Orders YouTube to Hand Over A List of All Users to Viacom
Judge Louis Stanton of the US District Court of New York ruled in Viacom's favor and against online privacy. Viacom will obtain the logon names and Internet addresses of every person who viewed material on YouTube. The video service is owned by Google who argued against releasing the information to Viacom. Privacy advocates have challenged Google's collection and retention of user information as anti-privacy. The number of YouTube users, who will have their logon and Internet addresses shared, is expected to be in the tens of millions.
Ruling against YouTube worries privacy advocates, Los Angeles Times, July 4, 2008
Posted by EPIC on July 7, 2008.Permanent link to this item.
Encrypting Disks
The UK is learning:
The Scottish Ambulance Service confirmed today that a package containing contact information from its Paisley Emergency Medical Dispatch Centre (EMDC) has been lost by the courier, TNT, while in transit to one of its IT suppliers.
The portable data disk contained a copy of records of 894,629 calls to the ambulance service's Paisley EMDC since February 2006. It was fully encrypted and password protected and includes the addresses of incidents, some phone numbers and some patient names. Given the security measures and the complex structure of the database it would be extremely difficult to gain access to any meaningful information.
News story here.
That's what you want to do. There is no problem if encrypted disks are lost. You can mail them directly to your worst enemy and there's no problem. Well, assuming you've implemented the encryption properly and chosen a good key.
This is much better than what the HM Revenue & Customs office did in November.
I wrote about disk and laptop encryption previously.
Also:
Breach Exposes Info on Pre-'06 Google Hires
A data breach at a California company that administers benefit plans to businesses across the country involved personal information on all Google employees hired prior to Dec. 31, 2005, the search engine giant said.
Google's disclosure came in a letter (PDF) to the New Hampshire Attorney General, which revealed that Google was a victim of a break-in at Colt Express Outsourcing Services Inc.. Last month, Colt warned that the theft of computer equipment from its offices resulted in the loss of the names, birth dates and Social Security numbers of 6,500 CNET Networks employees. Google said that same information from its employees also was included on the missing equipment.
State admits flaws in passport controlNews Brief, 2008-07-07The U.S. State Department acknowledges that weak, or non-existent, controls limiting access to passport files allowed federal workers to peek at celebrity records.
Web surfers, it's time to patch Robert Lemos, 2008-07-02 Nearly 640 million Internet users visit sites with a behind-the-times Web browser, and that's only the tip of the iceberg, researchers say.
It's not just governments that lose private data. Germany's Chaos Computer Club (CCC) reports that market research firm TNS Infratest/Emnid has lost 41,000 private data records of their survey participants. By simply changing the customer ID number in the browser's address bar access could be gained to comprehensive survey results, including names, addresses, dates of birth, email addresses, phone numbers and much more sensitive data. A CCC spokesman described this as 'unprofessional, grossly negligent and above all deeply worrying' and sees this loss as a vindication for its calls for strict regulations for public and private sector data collectors.
FROM MICROSOFT BLOG:
Hello, Bill here.
I wanted to let you know that we just posted our Advance Notification for next week’s bulletin release which will occur on Tuesday, July 8, 2008 around 10 a.m. Pacific Standard Time.
It is important to remember that while the information posted below is intended to help with your planning, because it is preliminary information, it is subject to change.
As part of our regularly scheduled bulletin release, we’re currently planning to release:
· Four Microsoft Security Bulletins rated as Important. These updates may require a restart and will be detectable using the Microsoft Baseline Security Analyzer.
Laptop Losses Total 12,000 Per Week at US Airports - 7/2/2008 6:00:00 PM Nearly 70% are never recovered; many go unreported
July 07, 2008 Legal expert calls on Qatar to implement cybercrime legislation
http://www.crime-research.org/news/07.07.2008/3436/
July 04, 2008 EU cybercrime initiative is going to be expensive for ISPs
http://www.crime-research.org/news/04.07.2008/3435/
http://blogs.washingtonpost.com/securityfix/
Posted at 12:10 PM ET, 07/ 3/2008
Lithuania Weathers Cyber Attack, Braces for Round 2
Hundreds of Lithuanian government and corporate Web sites were hacked and plastered with Soviet-era symbols and other digital graffiti this week in what appears to be a coordinated cyber attack launched by Russian hacker groups.
A New York Times story reports that Lithuanian officials did not directly accuse Russian hackers of initiating the attacks, but said they had come from foreign computers. However, iDefense, a security intelligence firm, based in Reston, Va., attributed the attacks to nationalistic Russian hacker groups protesting a new Lithuanian law banning the display of Soviet emblems, including honors won during World War II.
According to Lithuanian media reports, the attacks shut down the Web sites of the national ethics body, the securities and exchange commission, the Lithuanian Social Democratic Party, among others.
...
Diary of a Deliberately Spammed Housewife What happened when 'Penelope Retch' answered her spam e-mail.
The Internet Traffic Report monitors the flow of data around the world. It then displays a value between zero and 100. Higher values indicate faster and more reliable connections.
This graph shows the Global Traffic Index for the past 24 hours.
This graph shows the Global Response Time for the past 24 hours.
This graph shows the Global Packet Loss for the past 24 hours.
Malware is Getting Smarter, F-Secure Warns Security vendor F-Secure cautions against new, efficient malware and other pests.
Malware, Spam, and other Net Pests Rev Up Trojans, botnets and other malware are growing faster than ever before, security researchers warn.
Security Firm Reports Trojan Targets Macs A rare Trojan horse program spotted in the wild threatens some Mac OS X systems.
Google Adds a Link to Its Privacy Policy
On the 30th Day following a letter by privacy advocates to Google about the missing link to its privacy policy the company changed the homepage to include the information. A California law requires that operators of commercial web sites must post a link to a privacy policy.
Ending tussle, Google adds privacy link to home page, Los Angeles Times, July 4, 2008
Posted by EPIC on July 7, 2008.Permanent link to this item.
Judge Orders YouTube to Hand Over A List of All Users to Viacom
Judge Louis Stanton of the US District Court of New York ruled in Viacom's favor and against online privacy. Viacom will obtain the logon names and Internet addresses of every person who viewed material on YouTube. The video service is owned by Google who argued against releasing the information to Viacom. Privacy advocates have challenged Google's collection and retention of user information as anti-privacy. The number of YouTube users, who will have their logon and Internet addresses shared, is expected to be in the tens of millions.
Ruling against YouTube worries privacy advocates, Los Angeles Times, July 4, 2008
Posted by EPIC on July 7, 2008.Permanent link to this item.
Encrypting Disks
The UK is learning:
The Scottish Ambulance Service confirmed today that a package containing contact information from its Paisley Emergency Medical Dispatch Centre (EMDC) has been lost by the courier, TNT, while in transit to one of its IT suppliers.
The portable data disk contained a copy of records of 894,629 calls to the ambulance service's Paisley EMDC since February 2006. It was fully encrypted and password protected and includes the addresses of incidents, some phone numbers and some patient names. Given the security measures and the complex structure of the database it would be extremely difficult to gain access to any meaningful information.
News story here.
That's what you want to do. There is no problem if encrypted disks are lost. You can mail them directly to your worst enemy and there's no problem. Well, assuming you've implemented the encryption properly and chosen a good key.
This is much better than what the HM Revenue & Customs office did in November.
I wrote about disk and laptop encryption previously.
Also:
Breach Exposes Info on Pre-'06 Google Hires
A data breach at a California company that administers benefit plans to businesses across the country involved personal information on all Google employees hired prior to Dec. 31, 2005, the search engine giant said.
Google's disclosure came in a letter (PDF) to the New Hampshire Attorney General, which revealed that Google was a victim of a break-in at Colt Express Outsourcing Services Inc.. Last month, Colt warned that the theft of computer equipment from its offices resulted in the loss of the names, birth dates and Social Security numbers of 6,500 CNET Networks employees. Google said that same information from its employees also was included on the missing equipment.
State admits flaws in passport controlNews Brief, 2008-07-07The U.S. State Department acknowledges that weak, or non-existent, controls limiting access to passport files allowed federal workers to peek at celebrity records.
Web surfers, it's time to patch Robert Lemos, 2008-07-02 Nearly 640 million Internet users visit sites with a behind-the-times Web browser, and that's only the tip of the iceberg, researchers say.
It's not just governments that lose private data. Germany's Chaos Computer Club (CCC) reports that market research firm TNS Infratest/Emnid has lost 41,000 private data records of their survey participants. By simply changing the customer ID number in the browser's address bar access could be gained to comprehensive survey results, including names, addresses, dates of birth, email addresses, phone numbers and much more sensitive data. A CCC spokesman described this as 'unprofessional, grossly negligent and above all deeply worrying' and sees this loss as a vindication for its calls for strict regulations for public and private sector data collectors.
FROM MICROSOFT BLOG:
Hello, Bill here.
I wanted to let you know that we just posted our Advance Notification for next week’s bulletin release which will occur on Tuesday, July 8, 2008 around 10 a.m. Pacific Standard Time.
It is important to remember that while the information posted below is intended to help with your planning, because it is preliminary information, it is subject to change.
As part of our regularly scheduled bulletin release, we’re currently planning to release:
· Four Microsoft Security Bulletins rated as Important. These updates may require a restart and will be detectable using the Microsoft Baseline Security Analyzer.
Laptop Losses Total 12,000 Per Week at US Airports - 7/2/2008 6:00:00 PM Nearly 70% are never recovered; many go unreported
July 07, 2008 Legal expert calls on Qatar to implement cybercrime legislation
http://www.crime-research.org/news/07.07.2008/3436/
July 04, 2008 EU cybercrime initiative is going to be expensive for ISPs
http://www.crime-research.org/news/04.07.2008/3435/
Wednesday, July 2, 2008
Wednesday News Feed 7/2/08
Survey: More than 10,000 laptops lost each week at airports
PCI Standards Expanded to Include Unattended Devices - 7/1/2008 5:40:00 PM New specs respond to emerging threats posed at kiosks, ATM devices
Cracking Physical Identity Theft - 6/30/2008 5:50:00 PM Social engineering expert reveals brick-and-mortar identity theft risks in banks, ISPs, and other firms
Apple patches 25 Mac OS X security vulnerabilities
MySpace users struggle to overcome cybervandalism
Teenage creator of Nugache worm reaches plea agreement
Hackers hijack critical Internet organization sites
Jury convicts Web site operator in P2P case
A former administrator at EliteTorrents.org has been convicted of conspiracy and felony copyright infringement in a Virginia court. It's the first time in the U.S. that a peer-to-peer user has been convicted by a jury of copyright infringement, the Department of Justice said today.
IT Jobs: Too Many or Too Few?
Do we have a shortage of IT jobs in the US or not enough skilled professionals to fill them? Recent articles are sending conflicting messages, and we'd better get our facts straight.
Read more
July 01, 2008 Three strokes of a bamboo cane for Singapore forum 'scammer'
http://www.crime-research.org/news/01.07.2008/3433/
June 30, 2008 Azerbaijan: joining European Convention on Cybercrime
http://www.crime-research.org/news/30.06.2008/3431/
Reagan National Airport's Plans to Peer Under Travelers' Clothes
The airport plans to deploy body imaging devices that use millimeter wave length technology in an effort to virtually disrobe air travelers. The technology allows very detailed scans of persons entering the device and may disclose personal medical devices, surgeries, and medical conditions that are not otherwise apparent. Earlier versions of the technology were known as Backscatter X-ray systems.
Get Ready to Strip At Reagan National, Washington Post, June 22, 2008
More SQL Injection with Fast Flux hosting
Kill Switches and Remote Control
http://www.schneier.com/blog/
It used to be that just the entertainment industries wanted to control your computers -- and televisions and iPods and everything else -- to ensure that you didn't violate any copyright rules. But now everyone else wants to get their hooks into your gear.
OnStar will soon include the ability for the police to shut off your engine remotely. Buses are getting the same capability, in case terrorists want to re-enact the movie Speed. The Pentagon wants a kill switch installed on airplanes, and is worried about potential enemies installing kill switches on their own equipment.
Microsoft is doing some of the most creative thinking along these lines, with something it's calling "Digital Manners Policies." According to its patent application, DMP-enabled devices would accept broadcast "orders" limiting capabilities. Cellphones could be remotely set to vibrate mode in restaurants and concert halls, and be turned off on airplanes and in hospitals. Cameras could be prohibited from taking pictures in locker rooms and museums, and recording equipment could be disabled in theaters. Professors finally could prevent students from texting one another during class.
...
Posted at 01:04 PM ET, 07/ 1/2008
Amazon: Hey Spammers, Get Off My Cloud!
http://blogs.washingtonpost.com/securityfix/
...But the most interesting aspect of this attack (at least to me) was left out of the Websense advisory: All of the spam came from Amazon's Elastic Compute Cloud (EC2) servers, which are marketed to companies -- mainly small to mid-sized businesses -- that want to purchase access to any number of computer applications hosted on the Internet, from data crunching and storage to on-demand computer processing power...
Continue reading this post »»
Feds: Companies need to report cybercrimesNews Brief, 2008-06-30Corporations need to reliably report cybercrime incidents to federal law enforcement to help the government more effectively combat online attackers, officials say.
"Variety reports on a recent study that says TV viewership's median age is outside the 18-49 years demographic: "The broadcast networks have grown older than ever — if they were a person, they wouldn't even be a part of TV's target demo anymore."
These totals exclude DVR users, and apparently the oldest since they started tracking it. Of course you know what the means... TV is for old people! The internet has confirmed it.
Read More...
"In some shocking news out of Texas, PC repair will now require a PI License. Surely this stands to have a substantial impact on small repair shops around the state if upheld. Never fear, however, as the first counter-suit has already been filed."
Read More...
"For Tracy Mooney, a married mother of three in Naperville, Ill., the decision to abandon cyber-sense and invite e-mail spam into her life for a month by participating in a McAfee experiment was a bit of a lark. The idea of the Spammed Persistently All Month (S.P.A.M.) experiment — which fittingly started on April Fool's Day — was to have 50 volunteers from around the world answer every spam message and pop-up ad they got. Mooney was game, especially since McAfee was giving a free PC to all participants. She told her story to Network World."
Read More...
MS to make volume licenses 'evergreen'
European Politicians Discuss 'The Blogger Problem'
Face Scanning Vending Machine Fooled By Photos
from the like-we-couldn't-see-that-coming dept
Last year, we wrote about how cigarette vending machines in Japan were using facial recognition software to make sure the buyer was of an appropriate age. As we noted at the time, it seemed unlikely that such a system would work very well, and, indeed, The Raw Feed lets us know that it's easily fooled by a magazine photo of an older person. Not too surprising, of course, but you would think that someone would have tested for such things before putting the machines into practice. Unless, of course, they really don't care about the age of the buyers.
Class Of Attorneys Sues DOJ Over Job Denials Based on Ideology
The End of Exponential Malware Growth?
Robot Learns to Use Tools
By Kristina GrifantiniTuesday, July 01, 2008
By shoving objects around on a table, UMan figures out how they work.
China Inspired Interrogations at Guantánamo
PRC Cyber Space Capabilities
"...I would also point out on this slide that it’s really important to get the lexicon right. In the open source media and other forums, you hear the term “cyber attack” used rather liberally, and you won’t hear anyone in the Department of Defense use that term in the context of cyber reconnaissance or network intrusions. What we are seeing today are network intrusions."
PCI Standards Expanded to Include Unattended Devices - 7/1/2008 5:40:00 PM New specs respond to emerging threats posed at kiosks, ATM devices
Cracking Physical Identity Theft - 6/30/2008 5:50:00 PM Social engineering expert reveals brick-and-mortar identity theft risks in banks, ISPs, and other firms
Apple patches 25 Mac OS X security vulnerabilities
MySpace users struggle to overcome cybervandalism
Teenage creator of Nugache worm reaches plea agreement
Hackers hijack critical Internet organization sites
Jury convicts Web site operator in P2P case
A former administrator at EliteTorrents.org has been convicted of conspiracy and felony copyright infringement in a Virginia court. It's the first time in the U.S. that a peer-to-peer user has been convicted by a jury of copyright infringement, the Department of Justice said today.
IT Jobs: Too Many or Too Few?
Do we have a shortage of IT jobs in the US or not enough skilled professionals to fill them? Recent articles are sending conflicting messages, and we'd better get our facts straight.
Read more
July 01, 2008 Three strokes of a bamboo cane for Singapore forum 'scammer'
http://www.crime-research.org/news/01.07.2008/3433/
June 30, 2008 Azerbaijan: joining European Convention on Cybercrime
http://www.crime-research.org/news/30.06.2008/3431/
Reagan National Airport's Plans to Peer Under Travelers' Clothes
The airport plans to deploy body imaging devices that use millimeter wave length technology in an effort to virtually disrobe air travelers. The technology allows very detailed scans of persons entering the device and may disclose personal medical devices, surgeries, and medical conditions that are not otherwise apparent. Earlier versions of the technology were known as Backscatter X-ray systems.
Get Ready to Strip At Reagan National, Washington Post, June 22, 2008
More SQL Injection with Fast Flux hosting
Kill Switches and Remote Control
http://www.schneier.com/blog/
It used to be that just the entertainment industries wanted to control your computers -- and televisions and iPods and everything else -- to ensure that you didn't violate any copyright rules. But now everyone else wants to get their hooks into your gear.
OnStar will soon include the ability for the police to shut off your engine remotely. Buses are getting the same capability, in case terrorists want to re-enact the movie Speed. The Pentagon wants a kill switch installed on airplanes, and is worried about potential enemies installing kill switches on their own equipment.
Microsoft is doing some of the most creative thinking along these lines, with something it's calling "Digital Manners Policies." According to its patent application, DMP-enabled devices would accept broadcast "orders" limiting capabilities. Cellphones could be remotely set to vibrate mode in restaurants and concert halls, and be turned off on airplanes and in hospitals. Cameras could be prohibited from taking pictures in locker rooms and museums, and recording equipment could be disabled in theaters. Professors finally could prevent students from texting one another during class.
...
Posted at 01:04 PM ET, 07/ 1/2008
Amazon: Hey Spammers, Get Off My Cloud!
http://blogs.washingtonpost.com/securityfix/
...But the most interesting aspect of this attack (at least to me) was left out of the Websense advisory: All of the spam came from Amazon's Elastic Compute Cloud (EC2) servers, which are marketed to companies -- mainly small to mid-sized businesses -- that want to purchase access to any number of computer applications hosted on the Internet, from data crunching and storage to on-demand computer processing power...
Continue reading this post »»
Feds: Companies need to report cybercrimesNews Brief, 2008-06-30Corporations need to reliably report cybercrime incidents to federal law enforcement to help the government more effectively combat online attackers, officials say.
"Variety reports on a recent study that says TV viewership's median age is outside the 18-49 years demographic: "The broadcast networks have grown older than ever — if they were a person, they wouldn't even be a part of TV's target demo anymore."
These totals exclude DVR users, and apparently the oldest since they started tracking it. Of course you know what the means... TV is for old people! The internet has confirmed it.
Read More...
"In some shocking news out of Texas, PC repair will now require a PI License. Surely this stands to have a substantial impact on small repair shops around the state if upheld. Never fear, however, as the first counter-suit has already been filed."
Read More...
"For Tracy Mooney, a married mother of three in Naperville, Ill., the decision to abandon cyber-sense and invite e-mail spam into her life for a month by participating in a McAfee experiment was a bit of a lark. The idea of the Spammed Persistently All Month (S.P.A.M.) experiment — which fittingly started on April Fool's Day — was to have 50 volunteers from around the world answer every spam message and pop-up ad they got. Mooney was game, especially since McAfee was giving a free PC to all participants. She told her story to Network World."
Read More...
MS to make volume licenses 'evergreen'
European Politicians Discuss 'The Blogger Problem'
Face Scanning Vending Machine Fooled By Photos
from the like-we-couldn't-see-that-coming dept
Last year, we wrote about how cigarette vending machines in Japan were using facial recognition software to make sure the buyer was of an appropriate age. As we noted at the time, it seemed unlikely that such a system would work very well, and, indeed, The Raw Feed lets us know that it's easily fooled by a magazine photo of an older person. Not too surprising, of course, but you would think that someone would have tested for such things before putting the machines into practice. Unless, of course, they really don't care about the age of the buyers.
Class Of Attorneys Sues DOJ Over Job Denials Based on Ideology
The End of Exponential Malware Growth?
Robot Learns to Use Tools
By Kristina GrifantiniTuesday, July 01, 2008
By shoving objects around on a table, UMan figures out how they work.
China Inspired Interrogations at Guantánamo
PRC Cyber Space Capabilities
"...I would also point out on this slide that it’s really important to get the lexicon right. In the open source media and other forums, you hear the term “cyber attack” used rather liberally, and you won’t hear anyone in the Department of Defense use that term in the context of cyber reconnaissance or network intrusions. What we are seeing today are network intrusions."
Subscribe to:
Posts (Atom)
