Trojan Poses as July 4th Video Hackers launched weekend attacks with the Storm botnet disguised as holiday videos but infecting systems instead.
http://blogs.washingtonpost.com/securityfix/
Posted at 12:10 PM ET, 07/ 3/2008
Lithuania Weathers Cyber Attack, Braces for Round 2
Hundreds of Lithuanian government and corporate Web sites were hacked and plastered with Soviet-era symbols and other digital graffiti this week in what appears to be a coordinated cyber attack launched by Russian hacker groups.
A New York Times story reports that Lithuanian officials did not directly accuse Russian hackers of initiating the attacks, but said they had come from foreign computers. However, iDefense, a security intelligence firm, based in Reston, Va., attributed the attacks to nationalistic Russian hacker groups protesting a new Lithuanian law banning the display of Soviet emblems, including honors won during World War II.
According to Lithuanian media reports, the attacks shut down the Web sites of the national ethics body, the securities and exchange commission, the Lithuanian Social Democratic Party, among others.
...
Diary of a Deliberately Spammed Housewife What happened when 'Penelope Retch' answered her spam e-mail.
The Internet Traffic Report monitors the flow of data around the world. It then displays a value between zero and 100. Higher values indicate faster and more reliable connections.
This graph shows the Global Traffic Index for the past 24 hours.
This graph shows the Global Response Time for the past 24 hours.
This graph shows the Global Packet Loss for the past 24 hours.
Malware is Getting Smarter, F-Secure Warns Security vendor F-Secure cautions against new, efficient malware and other pests.
Malware, Spam, and other Net Pests Rev Up Trojans, botnets and other malware are growing faster than ever before, security researchers warn.
Security Firm Reports Trojan Targets Macs A rare Trojan horse program spotted in the wild threatens some Mac OS X systems.
Google Adds a Link to Its Privacy Policy
On the 30th Day following a letter by privacy advocates to Google about the missing link to its privacy policy the company changed the homepage to include the information. A California law requires that operators of commercial web sites must post a link to a privacy policy.
Ending tussle, Google adds privacy link to home page, Los Angeles Times, July 4, 2008
Posted by EPIC on July 7, 2008.Permanent link to this item.
Judge Orders YouTube to Hand Over A List of All Users to Viacom
Judge Louis Stanton of the US District Court of New York ruled in Viacom's favor and against online privacy. Viacom will obtain the logon names and Internet addresses of every person who viewed material on YouTube. The video service is owned by Google who argued against releasing the information to Viacom. Privacy advocates have challenged Google's collection and retention of user information as anti-privacy. The number of YouTube users, who will have their logon and Internet addresses shared, is expected to be in the tens of millions.
Ruling against YouTube worries privacy advocates, Los Angeles Times, July 4, 2008
Posted by EPIC on July 7, 2008.Permanent link to this item.
Encrypting Disks
The UK is learning:
The Scottish Ambulance Service confirmed today that a package containing contact information from its Paisley Emergency Medical Dispatch Centre (EMDC) has been lost by the courier, TNT, while in transit to one of its IT suppliers.
The portable data disk contained a copy of records of 894,629 calls to the ambulance service's Paisley EMDC since February 2006. It was fully encrypted and password protected and includes the addresses of incidents, some phone numbers and some patient names. Given the security measures and the complex structure of the database it would be extremely difficult to gain access to any meaningful information.
News story here.
That's what you want to do. There is no problem if encrypted disks are lost. You can mail them directly to your worst enemy and there's no problem. Well, assuming you've implemented the encryption properly and chosen a good key.
This is much better than what the HM Revenue & Customs office did in November.
I wrote about disk and laptop encryption previously.
Also:
Breach Exposes Info on Pre-'06 Google Hires
A data breach at a California company that administers benefit plans to businesses across the country involved personal information on all Google employees hired prior to Dec. 31, 2005, the search engine giant said.
Google's disclosure came in a letter (PDF) to the New Hampshire Attorney General, which revealed that Google was a victim of a break-in at Colt Express Outsourcing Services Inc.. Last month, Colt warned that the theft of computer equipment from its offices resulted in the loss of the names, birth dates and Social Security numbers of 6,500 CNET Networks employees. Google said that same information from its employees also was included on the missing equipment.
State admits flaws in passport controlNews Brief, 2008-07-07The U.S. State Department acknowledges that weak, or non-existent, controls limiting access to passport files allowed federal workers to peek at celebrity records.
Web surfers, it's time to patch Robert Lemos, 2008-07-02 Nearly 640 million Internet users visit sites with a behind-the-times Web browser, and that's only the tip of the iceberg, researchers say.
It's not just governments that lose private data. Germany's Chaos Computer Club (CCC) reports that market research firm TNS Infratest/Emnid has lost 41,000 private data records of their survey participants. By simply changing the customer ID number in the browser's address bar access could be gained to comprehensive survey results, including names, addresses, dates of birth, email addresses, phone numbers and much more sensitive data. A CCC spokesman described this as 'unprofessional, grossly negligent and above all deeply worrying' and sees this loss as a vindication for its calls for strict regulations for public and private sector data collectors.
FROM MICROSOFT BLOG:
Hello, Bill here.
I wanted to let you know that we just posted our Advance Notification for next week’s bulletin release which will occur on Tuesday, July 8, 2008 around 10 a.m. Pacific Standard Time.
It is important to remember that while the information posted below is intended to help with your planning, because it is preliminary information, it is subject to change.
As part of our regularly scheduled bulletin release, we’re currently planning to release:
· Four Microsoft Security Bulletins rated as Important. These updates may require a restart and will be detectable using the Microsoft Baseline Security Analyzer.
Laptop Losses Total 12,000 Per Week at US Airports - 7/2/2008 6:00:00 PM Nearly 70% are never recovered; many go unreported
July 07, 2008 Legal expert calls on Qatar to implement cybercrime legislation
http://www.crime-research.org/news/07.07.2008/3436/
July 04, 2008 EU cybercrime initiative is going to be expensive for ISPs
http://www.crime-research.org/news/04.07.2008/3435/
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment