Apple forgets to fix iPhone passcode bug
Apple confirms iPhone security bug, promises patch
iPhone passcode lock rendered useless
Ryan Naraine: The feature, which lets users set a four-digit pincode to limit access to the device, can be easily bypassed with a few finger taps on the iPhone to give an intruder access to sensitive information.
Trade body to hear Microsoft complaint against Taiwan company
European court won't stop U.K. hacker's extradition to U.S.
Terror threat system crippled by technical flaws, says Congress
Cisco Security Advisory: Vulnerability in Cisco WebEx Meeting Manager ActiveX Control
Identifying and Mitigating Exploitation of the Vulnerability in Cisco WebEx Meeting Manager ActiveX Control
Report: Email Address Dictates Spam Volume - 8/28/2008 5:23:00 PM The first letter of your email address is one factor in your spam risk, a researcher says
"... alice@company.com typically gets a higher volume of spam than quincy@company.com, or zach@company.com. He says that’s simply because there are more combinations of names that begin with “A” than with “Q” or “Z.” "
Report: Popular Web Attacks Go Stealth - 8/27/2008 5:45:00 PM Attackers are increasingly using encoding to sneak their SQL injection, cross-site scripting attacks past Web security
Microsoft Offers Details on Privacy Features in IE8 - 8/27/2008 4:46:00 PM New browser will allow user to better control access to surfing history, cookies
PCI: Kiss WEP Goodbye
Kevin Mitnick Tells All in Upcoming Book
blog.wired.com — Kevin Mitnick Tells All in Upcoming Book -- Promises No Whining Now that the statute of limitations has lifted on many of his crimes -- as well as a seven-year court ban prohibiting him from writing about them (the ban ended midnight on January 28, 2007) -- former hacker Kevin Mitnick is telling his story in a book to be published next year.More… (Security)
A British Bank Bans a Man's Password
Weird story.
Mr Jetley said he first realised his security password had been changed when a call centre staff member told him his code word did not match with the one on the computer.
"I thought it was actually quite a funny response," he said.
"But what really incensed me was when I was told I could not change it back to 'Lloyds is pants' because they said it was not appropriate.
[...]
"The rules seemed to change, and they told me it had to be one word, so I tried 'censorship', but they didn't like that, and then said it had to be no more than six letters long."
Lloyd's claims that they fired the employee responsible for this, but what I want to know is how the employee got a copy of the man's password in the first place. Why isn't it stored only in encrypted form on the bank's computers?
How secure can the bank's computer systems be if employees are allowed to look at and change customer passwords at whim?
FBI Warns of Hit Man Scam Resurgence
The FBI is warning people not to be disturbed by an e-mail scam that threatens your life and orders you to pay up to avoid being the target of a hired hit man.
The FBI said its Internet Crime Complaint Center continues to receive thousands of reports concerning the hit man e-mail scheme. The FBI notes that while the content of the missive has evolved since similar hit man scams first surfaced in late 2006, the message remains the same, claiming the sender has been hired to kill the recipient.
U.S. to deploy DNS Security in two yearsNews Brief, 2008-08-28
The government issues a memo calling for all major agencies to adopt DNSSEC by December 2009, at which point the top-level .gov domain will transition as well.
States seek workarounds for e-voting systems
"According to a thread on the bind-users mailing list, there is nothing inherent in the DNS protocol that would cause the massive vulnerability discussed at length here and elsewhere. As it turns out, it appears to be a simple off-by-one error in BIND, which favors new NS records over cached ones (even if the cached TTL is not yet expired). The patch changes this in favor of still-valid cached records, removing the attacker's ability to successfully poison the cache outside the small window of opportunity afforded by an expiring TTL, which is the way things used to be before the Kaminsky debacle. Source port randomization is nice, but removing the root cause of the attack's effectiveness is better."
"In a bid to deter people from using pirate versions of Windows XP, Microsoft is now updating its Windows Genuine Advantage (WGA) tool to introduce a few uncomfortable niggles for users of pirated versions of Windows. These include replacing the desktop wallpaper with a black screen every 60 minutes, although you can still replace it with your wallpaper of choice in the intervening period. As well as this, copies of Windows deemed to not be genuine will also have a translucent watermark above the system tray, which Microsoft calls a 'persistent desktop notification.'"
It's official: Comcast starts 250GB bandwidth caps October 1
Comcast has finally announced that it will introduce 250GB per month bandwidth caps for all residential customers this fall. It insists that this is the same policy it always had, but with clearer limits.
August 28, 2008 - 04:16PM CT - by Jacqui Cheng
Steve Jobs death has been greatly exaggerated
Mobile Phones Being Used To Bring Fairer Elections To Africa
from the good-news dept
We report on so many stories where technology is used in bad or oppressive ways, that it's important to note when it's being used in positive ways as well. Technology, itself, is just a tool that can be used in both good and bad ways (not to mention neutral ways), but somehow the good ways don't always get as much attention. CNN has an article detailing how the rise of mobile phones throughout Africa is helping in making elections that are more fair. It's certainly not perfect yet, but the ability to communicate has allowed citizens to report abuses of the election process and get the word out when they see any kind of cheating happening.
Virtual worlds, real attacks
When I see my son playing online computer games I am worried!
I am worried not because he spends too much time in front of a computer - it is the abundance of security issues that surround contemporary online gaming that makes me uneasy. I just had to do something about that.
So what I have tried to do is list the security problems related to online games and humbly suggest some possible solutions. The result is a research white paper that has just been posted on our Web site:
http://www.mcafee.com/us/local_content/white_papers/threat_center/wp_online_gaming.pdf.
If you are interested in topics like game-related money-laundering, virtual terrorist attacks, stolen virtual identities, game-related malware, virtual viral outbreaks - I dare you NOT to click the link!
Spammers bypass filters with SWF file redirects
August 28, 2008
Spammers are stepping up their use of Shockwave Flash file redirects to avoid detection.
Watch Out! Firing IT Workers Can Cost You
When IT employees are dismissed, watch out! A new survey by Cyber-Ark Software, a provider of...
August 29, 2008 Hacker gets into FEMA phone system
http://www.crime-research.org/news/29.08.2008/3544/
August 29, 2008 Hackers attack Iraq's vulnerable computers
http://www.crime-research.org/news/29.08.2008/3543/
Friday, August 29, 2008
Wednesday, August 27, 2008
Wednesday News Feed 8/27/08
Computer viruses make it to orbit
http://news.bbc.co.uk/2/hi/technology/7583805.stm
A computer virus is alive and well on the International Space Station (ISS).
Nasa has confirmed that laptops carried to the ISS in July were infected with a virus known as Gammima.AG.
The worm was first detected on earth in August 2007 and lurks on infected machines waiting to steal login names for popular online games.
Nasa said it was not the first time computer viruses had travelled into space and it was investigating how the machines were infected.
Microsoft readies new Windows XP Pro antipiracy nag
Microsoft has decided to beef up the antipiracy software in Windows XP Professional to make nagging more prominent for those running bogus copies of the operating system. Read more...
Best Western says data breach even smaller than first thought
Date: August 25, 2008
Source: economictimes.indiatimes.com
LONDON: An investigation by Scotland's Sunday Herald newspaper has discovered that late on Thursday night a previously unknown Indian hacker successfully breached the IT defences of UK's Best Western Hotel group's online booking system and sold details of how to access it through an underground network operated by the Russian mafia. Original article
Privacy group: U.S. border-crossing database raises concerns
Google, Microsoft, Yahoo & Others Nearing Completion of Online Human Rights Code - 8/20/2008 6:00:00 PM Document is designed to set IT standards for users' rights to privacy, freedom of speech
Rival Botnets Share a Common Bond, Researchers Find - 8/20/2008 5:42:00 PM But world's biggest botnets Rustock and Srizbi remain autonomous
The Seven Deadliest Social Networking Hacks - 8/26/2008 7:40:00 PM
Think you know who your real online friends are? You could be just a few hops away from a cybercriminal in today's social networks
Separation of Duties and IT Security
Muddied responsibilities create unwanted risk. Kevin Coleman says auditors may start labeling poorly defined IT duties as a material deficiency.
Read more
When to Worry About Security Holes--and When Not To
Annoyed by all the computerese that litters security stories? Here's your guide.
DOJ Announces Plan to Weaken Privacy Rule on Databases
The Department of Justice (DOJ) announced a plan to weaken the 28 Code of Federal Regulation (CFR) Part 23 that governs federal law enforcement access to the criminal databases operated by state and local governments. The 28 CFR Part 23 is cited in the National Criminal Intelligence Sharing Plan as the rule that allegedly provide "privacy protection for data subjects. The regulation addresses the management of inter-, and multi jurisdictional criminal intelligence sharing systems operated by local and state law enforcement or on their behalf. The Federal Privacy Act, which requires data accuracy, provides much better protection for how personal information stored in databases should be managed. In 2003, the DOJ opted to not require that the FBI comply with accuracy requirements for information held by the National Crime Information Center database. The DOJ and Department of Homeland Security fund a number of local and state law enforcement domestic surveillance programs.
U.S. May Ease Police Spy Rules, Washington Post, August 16, 2008
Posted by EPIC on August 16, 2008.Permanent link to this item.
Active attacks using stolen SSH keys
Published: 2008-08-26,Last Updated: 2008-08-26 21:52:26 UTCby John Bambenek (Version: 1)
The US-CERT is reporting that there is active attacks against Linux environments using stolen SSH keys. There is a new rootkit out, Phalanx2 which is dropped by attackers which, among the usual rootkit tasks, steal any SSH key on a system. The attackers then, presumably, use those stolen keys (the ones without passwords/passphrases at least) to get into other machines.
Web Fraud 2.0: Thwarting Anti-Spam Defenses
http://blogs.washingtonpost.com/securityfix/
Spammers have made great strides this past year in defeating CAPTCHAs, the distorted text used as a security test to ensure a person and not a machine is behind a computer screen. But automated programs that spammers use to thwart CAPTCHAs still aren't nearly as successful as the practice of hiring thousands of people to do nothing but remotely solve the puzzles for clients.
This is the business model behind anti-captcha.com, a subscription service that offers spammers a cheap way to solve CAPTCHAs, or "Completely Automated Public Turing test to tell Computers and Humans Apart." Google, Yahoo and other e-mail and Web service providers employ CAPTCHAs to stop spammers and other bad guys from using automated processes to create hundreds or thousands of fake accounts.
...
They charge $1 for every 1,000 CAPTCHAs you send. But the site also features an à la carte menu, selling new and used Gmail and Yahoo Web mail accounts in bulk. Currently offered are packages for 1,000, 10,000 and even 100,000 accounts at a time. Anti-captcha.com is selling 1,000 new Gmail accounts for $8, 10,000 Gmail accounts for $64, and 50,000 pristine Gmail inboxes for $280. Some 100,000 used Yahoo! mail accounts can be had for $150 to $200.
Search hacker exposes Olympic age scandalNews Brief, 2008-08-25
A dedicated security blogger finds evidence on the Internet, allegedly showing that two Chinese gold-medal gymnasts were too young to compete. The International Olympic Committee opens, and then promptly closes, an investigation.
...
Soon after Walker, who blogs under the name Stryder Hax, found each document, the evidence quickly disappeared. The lesson, he said, is that -- while it is difficult to delete documents from the Internet -- an entity with the power and reach of China seems to be able to make information about He Kexin disappear quickly.
IT Professionals Fear Job Loss Caused by Security Breaches
A recent survey performed by market research firm Opine Consulting showed that 86% of the respondents, all IT professi...[ more >> ]
XP Genuine 'nagware' gets a makeover
A (Microsoft) Codename a day: Geneva
Mary Jo Foley: Best guess on what it is: An identity metasystem including a new security token service and Active Directory Federation Services (ADFS) version 2.0.
An E-Card From SrizbiAugust 27, 2008
Srizbi's latest malicious spam campaign is greeting e-cards that have links to malware.
Srizbi, Rustock and the Big FourAugust 26, 2008
Srizbi, Rustock and other major spamming botnets may have close links.
Localized 0-day Once Again: Exploit-TaroDrop.e
One of the issues that we’ve been highlighting at our recent conference presentations and blogs was the emergence of major localized threats around Asia. McAfee Avert Labs discovered yet another unidentified vulnerability in the Japanese word processor , Ichitaro, last Friday.
This Japanese application have been known to be under the targeted attacks for several years and a few 0-day vulnerabilities were discovered and exploited in the past. Other than Ichitaro, other popular and localized applications are often targeted by 0-day exploits. We also frequently observe exploits targeting vulnerabilities, even months after they have already been patched by the vendor.
Data breaches already surpass 2007 total
Sue Marquette Poremba August 26, 2008
The number of reported data breaches has already surpassed last year's total, according to a report from Identity Theft Resource Center.
More on BGP Attacks -- Updated
Taiwan breaks up hacking ring
6 Ways To Test Your Online Banking Website To See How Secure It Really Is By Grey McKenzie 08/15/2008
Locked iPhones can be unlocked without a password
Private information stored in Apple's iPhone and protected by a lock code can be accessed by anyone...
http://news.bbc.co.uk/2/hi/technology/7583805.stm
A computer virus is alive and well on the International Space Station (ISS).
Nasa has confirmed that laptops carried to the ISS in July were infected with a virus known as Gammima.AG.
The worm was first detected on earth in August 2007 and lurks on infected machines waiting to steal login names for popular online games.
Nasa said it was not the first time computer viruses had travelled into space and it was investigating how the machines were infected.
Microsoft readies new Windows XP Pro antipiracy nag
Microsoft has decided to beef up the antipiracy software in Windows XP Professional to make nagging more prominent for those running bogus copies of the operating system. Read more...
Best Western says data breach even smaller than first thought
Date: August 25, 2008
Source: economictimes.indiatimes.com
LONDON: An investigation by Scotland's Sunday Herald newspaper has discovered that late on Thursday night a previously unknown Indian hacker successfully breached the IT defences of UK's Best Western Hotel group's online booking system and sold details of how to access it through an underground network operated by the Russian mafia. Original article
Privacy group: U.S. border-crossing database raises concerns
Google, Microsoft, Yahoo & Others Nearing Completion of Online Human Rights Code - 8/20/2008 6:00:00 PM Document is designed to set IT standards for users' rights to privacy, freedom of speech
Rival Botnets Share a Common Bond, Researchers Find - 8/20/2008 5:42:00 PM But world's biggest botnets Rustock and Srizbi remain autonomous
The Seven Deadliest Social Networking Hacks - 8/26/2008 7:40:00 PM
Think you know who your real online friends are? You could be just a few hops away from a cybercriminal in today's social networks
Separation of Duties and IT Security
Muddied responsibilities create unwanted risk. Kevin Coleman says auditors may start labeling poorly defined IT duties as a material deficiency.
Read more
When to Worry About Security Holes--and When Not To
Annoyed by all the computerese that litters security stories? Here's your guide.
DOJ Announces Plan to Weaken Privacy Rule on Databases
The Department of Justice (DOJ) announced a plan to weaken the 28 Code of Federal Regulation (CFR) Part 23 that governs federal law enforcement access to the criminal databases operated by state and local governments. The 28 CFR Part 23 is cited in the National Criminal Intelligence Sharing Plan as the rule that allegedly provide "privacy protection for data subjects. The regulation addresses the management of inter-, and multi jurisdictional criminal intelligence sharing systems operated by local and state law enforcement or on their behalf. The Federal Privacy Act, which requires data accuracy, provides much better protection for how personal information stored in databases should be managed. In 2003, the DOJ opted to not require that the FBI comply with accuracy requirements for information held by the National Crime Information Center database. The DOJ and Department of Homeland Security fund a number of local and state law enforcement domestic surveillance programs.
U.S. May Ease Police Spy Rules, Washington Post, August 16, 2008
Posted by EPIC on August 16, 2008.Permanent link to this item.
Active attacks using stolen SSH keys
Published: 2008-08-26,Last Updated: 2008-08-26 21:52:26 UTCby John Bambenek (Version: 1)
The US-CERT is reporting that there is active attacks against Linux environments using stolen SSH keys. There is a new rootkit out, Phalanx2 which is dropped by attackers which, among the usual rootkit tasks, steal any SSH key on a system. The attackers then, presumably, use those stolen keys (the ones without passwords/passphrases at least) to get into other machines.
Web Fraud 2.0: Thwarting Anti-Spam Defenses
http://blogs.washingtonpost.com/securityfix/
Spammers have made great strides this past year in defeating CAPTCHAs, the distorted text used as a security test to ensure a person and not a machine is behind a computer screen. But automated programs that spammers use to thwart CAPTCHAs still aren't nearly as successful as the practice of hiring thousands of people to do nothing but remotely solve the puzzles for clients.
This is the business model behind anti-captcha.com, a subscription service that offers spammers a cheap way to solve CAPTCHAs, or "Completely Automated Public Turing test to tell Computers and Humans Apart." Google, Yahoo and other e-mail and Web service providers employ CAPTCHAs to stop spammers and other bad guys from using automated processes to create hundreds or thousands of fake accounts.
...
They charge $1 for every 1,000 CAPTCHAs you send. But the site also features an à la carte menu, selling new and used Gmail and Yahoo Web mail accounts in bulk. Currently offered are packages for 1,000, 10,000 and even 100,000 accounts at a time. Anti-captcha.com is selling 1,000 new Gmail accounts for $8, 10,000 Gmail accounts for $64, and 50,000 pristine Gmail inboxes for $280. Some 100,000 used Yahoo! mail accounts can be had for $150 to $200.
Search hacker exposes Olympic age scandalNews Brief, 2008-08-25
A dedicated security blogger finds evidence on the Internet, allegedly showing that two Chinese gold-medal gymnasts were too young to compete. The International Olympic Committee opens, and then promptly closes, an investigation.
...
Soon after Walker, who blogs under the name Stryder Hax, found each document, the evidence quickly disappeared. The lesson, he said, is that -- while it is difficult to delete documents from the Internet -- an entity with the power and reach of China seems to be able to make information about He Kexin disappear quickly.
IT Professionals Fear Job Loss Caused by Security Breaches
A recent survey performed by market research firm Opine Consulting showed that 86% of the respondents, all IT professi...[ more >> ]
XP Genuine 'nagware' gets a makeover
A (Microsoft) Codename a day: Geneva
Mary Jo Foley: Best guess on what it is: An identity metasystem including a new security token service and Active Directory Federation Services (ADFS) version 2.0.
An E-Card From SrizbiAugust 27, 2008
Srizbi's latest malicious spam campaign is greeting e-cards that have links to malware.
Srizbi, Rustock and the Big FourAugust 26, 2008
Srizbi, Rustock and other major spamming botnets may have close links.
Localized 0-day Once Again: Exploit-TaroDrop.e
One of the issues that we’ve been highlighting at our recent conference presentations and blogs was the emergence of major localized threats around Asia. McAfee Avert Labs discovered yet another unidentified vulnerability in the Japanese word processor , Ichitaro, last Friday.
This Japanese application have been known to be under the targeted attacks for several years and a few 0-day vulnerabilities were discovered and exploited in the past. Other than Ichitaro, other popular and localized applications are often targeted by 0-day exploits. We also frequently observe exploits targeting vulnerabilities, even months after they have already been patched by the vendor.
Data breaches already surpass 2007 total
Sue Marquette Poremba August 26, 2008
The number of reported data breaches has already surpassed last year's total, according to a report from Identity Theft Resource Center.
More on BGP Attacks -- Updated
Taiwan breaks up hacking ring
6 Ways To Test Your Online Banking Website To See How Secure It Really Is By Grey McKenzie 08/15/2008
Locked iPhones can be unlocked without a password
Private information stored in Apple's iPhone and protected by a lock code can be accessed by anyone...
Friday, August 15, 2008
Friday News Feed 8/15/08
August 14, USA Today – (National) TSA screener testing labeled ‘a waste’. A government program to find gaps in airport screening is "a waste of money" because it does not follow up on why screeners failed to spot guns, knives and bombs on undercover agents, the head of the House Homeland Security Committee says. A Government Accountability Office report obtained by USA Today says Transportation Security Administration inspectors posing as passengers do not record why individual screeners failed to spot weapons. The TSA ran 20,000 covert tests at the USA’s 450 commercial airports from 2002 to 2007, and the results ought to be used to improve screening, the report says. The TSA disputed the report and said it has adopted many new screening practices and technologies to close holes revealed by testing. Results of the covert tests are classified, but recent reports made public have alarmed lawmakers. A November GAO report said investigators repeatedly smuggled liquid explosives and detonators past airport checkpoints in 2006. An internal TSA report said screeners in Los Angeles and Chicago airports missed fake bombs on agents in more than 60 percent of tests in 2006. Source: http://www.usatoday.com/travel/flights/2008-08-13-tsatests_N.htm
August 14, VNUNet – (International) Malware heats up in July. Spammed malware activity boomed during the month of July, according to Google. The company’s Postini security branch recorded a major spike in malicious spam traffic over the month, peaking at 10 million messages logged on 24 July. The numbers are the highest recorded all year. Previous spikes logged by the company in March and April had only reached numbers of approximately four million. One of the prime offenders cited for the spike was an attack centered on fake UPS invoices. The user was asked to download malware disguised as software to track the supposed parcel. Also cited was the wave of attacks touting phony news articles. Attackers sent out spam messages containing links to supposed news sites. When the user visited the fake site and attempted to watch a movie file, the malware was installed. Source: http://www.vnunet.com/vnunet/news/2223897/malware-heats-july
August 14, VNUNet – (International) Dutch police smash Shadow botnet. The Dutch High Tech Crime Unit has arrested two people and shut down the Shadow botnet, which is thought to contain over 100,000 compromised computers. A 19-year-old Dutch national is accused of running the botnet and police also arrested a Brazilian man who was trying to buy the use of it. The police have now asked security software vendor Kaspersky Labs to help shut the botnet down. The Dutch police are asking anyone who finds that they were part of the Shadow botnet to contact them and register a complaint. Kaspersky Labs have set up a web page detailing how to remove the Shadow malware. The Federal Bureau of Investigation is also reported to have taken part in the case, as the organization is mounting a major campaign against criminal use of botnets. Previous successes have included the arrest of a teenager in New Zealand who was writing botnet code. Source: http://www.vnunet.com/vnunet/news/2223909/dutch-police-smash-shadowbotnet
Former Countrywide Homeloan Employee, Second Man Arrested for Downleading and Selling Identities of Countrywide Homeloan Customers: Two men were arrested today on charges related to the illegal access of computers containing personal identification information of Countrywide Home Loan customers and the illegal sale of the data, announced Salvador Hernandez, Assistant Director in Charge of the FBI in Los Angeles, and United States Attorney Thomas P. O’Brien. The complaint alleges that Rebollo was employed as a senior financial analyst for Countrywide Home Loan's subprime mortgage division, Full Spectrum Lending in Pasadena. In his position, he had access to Countrywide computer databases, many of which contained sensitive information of Countrywide clients. Countrywide terminated Rebollo’s employment in July 2008. Rebollo said he obtained the information from Countrywide computers at his workspace and saved the reports to personally owned flash drives, according to the complaint. After Rebollo saved the Countrywide Home Loan data on the flash drives, he left the Countrywide Home Loan premises with the intent to sell the data. Rebollo opened a personal bank account specifically for the purpose of depositing and holding the illegal proceeds of the Countrywide data sales, and he estimated that he profited approximately $50,000 to $70,000 from the sale of the Countrywide-owned data, according to the complaint. http://losangeles.fbi.gov/pressrel/2008/la080108.htm
Motorcade Map Found at House Of Bomb Suspect: Police found a map of Camp David marked with a presidential motorcade route inside the Bethesda home of the teenager at the center of a bombmaking probe, along with a document that appears to describe how to kill someone at a distance of 200 meters, a Montgomery County prosecutor said yesterday at a court hearing. Collin McKenzie-Gude, 18, also had two forms of fake identification: one portraying him as a Central Intelligence Agency employee, and the other in the name of a federal contractor purportedly protected by the Geneva Conventions, authorities said. Until recently, the student worked as an intern at a Montgomery County police district station, where authorities said he stole police letterhead stationery that was used to obtain items restricted to law enforcement personnel. http://www.washingtonpost.com/wp-dyn/content/story/2008/08/05/ST2008080500131.html?sid=ST2008080500131&pos=list
DHS Keeps Mum on Cybersecurity Contract Work: The Homeland Security Department has released additional details about its role in the Bush administration’s Comprehensive National Cybersecurity Initiative (CNCI) to Congress, but it is being less forthcoming in public releases. In particular, DHS redacted almost all of its responses to questions about the use of contractors to support its cybersecurity efforts in the public version of its response to questions from the Senate Homeland Security and Governmental Affairs Committee. Sen. Joseph Lieberman (I-Conn.), chairman of the committee, and Sen. Susan Collins (R-Maine), the ranking member, said the public release of the information on July 31 was important to improve awareness about the program. “It is my hope that the release of this information will assist in improving security in both the public and private sectors,” Collins said. http://www.fcw.com/online/news/153375-1.html
S.D. Agents Help Bust Massive ID-theft Ring: For three years, San Diego-based Secret Service agents used the Internet to communicate with thieves, part of an investigation that has led to the prosecution of what federal officials call the largest identity-theft ring ever busted. “The investigation started here in San Diego,” local U.S. Attorney Karen Hewitt said yesterday. “It spread across the country and around the world.” Three of those charged are U.S. citizens. The others are from Estonia, Ukraine, Belarus and China. Officials say the full breadth of the conspiracy is staggering – more than 40 million credit and debit card numbers stolen from some of the nation's most popular retail chains. The thieves hacked into wireless networks of retailers, including BJ's Wholesale Club, OfficeMax, Boston Market, Barnes & Noble, Sports Authority, Forever 21 and DSW, as well as TJX Cos., owners of Marshalls and T.J. Maxx, authorities said. Losses to banks, retailers and consumers are “impossible to quantify at this point,” Attorney General Michael Mukasey said yesterday at a news conference in Boston. http://www.signonsandiego.com/news/metro/20080806-9999-1n6hacked.html
-- Top Government Official To Lay Out New Strategy For Protecting Systems That Control Power and Oil & Gas and Other Critical Industries (August 15, 2008) In his keynote presentation at the European SCADA Security Summit, Roger Cumming, Deputy Director of the UK's Centre for the Protection of. National Infrastructure, will outline a five-part strategy by which government and industry can move to protect the critical infrastructures on which all industrial societies depend for survival.
The new strategy ranges from how vulnerabilities will be disclosed and mitigated to how top executives of power and other critical industries will be engaged in the process. The meeting will also show how these systems are being penetrated, how to prioritize defenses, and how to buy control systems with security baked-in. A large number of corporate users will be there along with leaders from other nations to discuss the new strategies. The meeting is open to all IT security and control systems managers from critical industries, government officials responsible for critical infrastructure protection, and service providers who can help secure these systems. The full agenda will be published early next week. In the mean time, registration information can be found at http://www.sans.org/euscada08_summit/
--Judge Lets Gag Order Stand Against MIT Students (August 14, 2008) US District Judge George O'Toole Jr. has let stand a temporary restraining order that prevented three Massachusetts Institute of Technology (MIT) students from revealing their research on the security of payment cards used by the Massachusetts Bay Transit Authority (MBTA). The MBTA sought the order to allow it time to address the vulnerabilities before the specifics of the flaws
are disclosed. A hearing has been scheduled for Tuesday, when the
temporary order expires; at that time, a decision will be made as to whether the order will be lifted altogether or amended to cover only "nonpublic" information. Some of the information has been available on the Internet for a while and some was made available to conference goers prior to the scheduled presentation.
http://www.usatoday.com/tech/news/computersecurity/hacking/2008-08-14-subway-mit-subways_N.htm?csp=34
http://news.cnet.com/8301-1009_3-10017438-83.html?part=rss&subj=news&tag=2547-1009_3-0-20
http://www.theregister.co.uk/2008/08/14/mbta_gag_order_remains/print.html
--Man Hopes to Fund Start-up by Charging for Vulnerability Details (August 11, 12 & 13, 2008) A man who claims to have found a number of vulnerabilities in the Java technology used on some Nokia handsets wants Nokia and Sun Microsystems to pay 20,000 euros (US $29,597) for a report that details the specifics of the flaws and includes two proof-of-concept exploits. Adam Gowdiak rejects the notion that he is blackmailing the companies, instead viewing his decision to charge for the information a means of gathering money to fund his start-up security research company. Gowdiak has briefed both companies about the vulnerabilities, so they are aware of the nature of the flaws.
http://www.informationweek.com/news/security/vulnerabilities/showArticle.jhtml?articleID=210002897
http://www.theregister.co.uk/2008/08/11/s40_security_issues/print.html
http://www.zdnetasia.com/news/security/0,39044215,62044807,00.htm
--AOL Spammer Draws Seven-Year Sentence (August 13 & 14, 2008) Michael Dolan has received a seven year prison sentence for his role in a phishing scheme that targeted AOL members. Dolan and his cohorts used tools to harvest AOL screen names from chat rooms; those names were then targeted with phishing emails that appeared to be online greeting cards, but actually contained malware that ultimately led users to a site run by Dolan and others where the users were asked to provide information that included credit card and Social Security numbers (SSNs). Users were also directed to the site with emails that claimed to be from AOL's billing office. The scheme ran for more than four years, during which time prosecutors estimate the gang stole US $400,000 from 250 victims. Dolan pleaded guilty to fraud and aggravated identity theft last year.
http://www.theregister.co.uk/2008/08/14/aol_phisher_jailed/print.html
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9112579&source=rss_topic17
IT managers opting for solid-state drives over hard disks http://cwflyris.computerworld.com/t/3460499/6339517/133277/2/
August 14, VNUNet – (International) Malware heats up in July. Spammed malware activity boomed during the month of July, according to Google. The company’s Postini security branch recorded a major spike in malicious spam traffic over the month, peaking at 10 million messages logged on 24 July. The numbers are the highest recorded all year. Previous spikes logged by the company in March and April had only reached numbers of approximately four million. One of the prime offenders cited for the spike was an attack centered on fake UPS invoices. The user was asked to download malware disguised as software to track the supposed parcel. Also cited was the wave of attacks touting phony news articles. Attackers sent out spam messages containing links to supposed news sites. When the user visited the fake site and attempted to watch a movie file, the malware was installed. Source: http://www.vnunet.com/vnunet/news/2223897/malware-heats-july
August 14, VNUNet – (International) Dutch police smash Shadow botnet. The Dutch High Tech Crime Unit has arrested two people and shut down the Shadow botnet, which is thought to contain over 100,000 compromised computers. A 19-year-old Dutch national is accused of running the botnet and police also arrested a Brazilian man who was trying to buy the use of it. The police have now asked security software vendor Kaspersky Labs to help shut the botnet down. The Dutch police are asking anyone who finds that they were part of the Shadow botnet to contact them and register a complaint. Kaspersky Labs have set up a web page detailing how to remove the Shadow malware. The Federal Bureau of Investigation is also reported to have taken part in the case, as the organization is mounting a major campaign against criminal use of botnets. Previous successes have included the arrest of a teenager in New Zealand who was writing botnet code. Source: http://www.vnunet.com/vnunet/news/2223909/dutch-police-smash-shadowbotnet
Former Countrywide Homeloan Employee, Second Man Arrested for Downleading and Selling Identities of Countrywide Homeloan Customers: Two men were arrested today on charges related to the illegal access of computers containing personal identification information of Countrywide Home Loan customers and the illegal sale of the data, announced Salvador Hernandez, Assistant Director in Charge of the FBI in Los Angeles, and United States Attorney Thomas P. O’Brien. The complaint alleges that Rebollo was employed as a senior financial analyst for Countrywide Home Loan's subprime mortgage division, Full Spectrum Lending in Pasadena. In his position, he had access to Countrywide computer databases, many of which contained sensitive information of Countrywide clients. Countrywide terminated Rebollo’s employment in July 2008. Rebollo said he obtained the information from Countrywide computers at his workspace and saved the reports to personally owned flash drives, according to the complaint. After Rebollo saved the Countrywide Home Loan data on the flash drives, he left the Countrywide Home Loan premises with the intent to sell the data. Rebollo opened a personal bank account specifically for the purpose of depositing and holding the illegal proceeds of the Countrywide data sales, and he estimated that he profited approximately $50,000 to $70,000 from the sale of the Countrywide-owned data, according to the complaint. http://losangeles.fbi.gov/pressrel/2008/la080108.htm
Motorcade Map Found at House Of Bomb Suspect: Police found a map of Camp David marked with a presidential motorcade route inside the Bethesda home of the teenager at the center of a bombmaking probe, along with a document that appears to describe how to kill someone at a distance of 200 meters, a Montgomery County prosecutor said yesterday at a court hearing. Collin McKenzie-Gude, 18, also had two forms of fake identification: one portraying him as a Central Intelligence Agency employee, and the other in the name of a federal contractor purportedly protected by the Geneva Conventions, authorities said. Until recently, the student worked as an intern at a Montgomery County police district station, where authorities said he stole police letterhead stationery that was used to obtain items restricted to law enforcement personnel. http://www.washingtonpost.com/wp-dyn/content/story/2008/08/05/ST2008080500131.html?sid=ST2008080500131&pos=list
DHS Keeps Mum on Cybersecurity Contract Work: The Homeland Security Department has released additional details about its role in the Bush administration’s Comprehensive National Cybersecurity Initiative (CNCI) to Congress, but it is being less forthcoming in public releases. In particular, DHS redacted almost all of its responses to questions about the use of contractors to support its cybersecurity efforts in the public version of its response to questions from the Senate Homeland Security and Governmental Affairs Committee. Sen. Joseph Lieberman (I-Conn.), chairman of the committee, and Sen. Susan Collins (R-Maine), the ranking member, said the public release of the information on July 31 was important to improve awareness about the program. “It is my hope that the release of this information will assist in improving security in both the public and private sectors,” Collins said. http://www.fcw.com/online/news/153375-1.html
S.D. Agents Help Bust Massive ID-theft Ring: For three years, San Diego-based Secret Service agents used the Internet to communicate with thieves, part of an investigation that has led to the prosecution of what federal officials call the largest identity-theft ring ever busted. “The investigation started here in San Diego,” local U.S. Attorney Karen Hewitt said yesterday. “It spread across the country and around the world.” Three of those charged are U.S. citizens. The others are from Estonia, Ukraine, Belarus and China. Officials say the full breadth of the conspiracy is staggering – more than 40 million credit and debit card numbers stolen from some of the nation's most popular retail chains. The thieves hacked into wireless networks of retailers, including BJ's Wholesale Club, OfficeMax, Boston Market, Barnes & Noble, Sports Authority, Forever 21 and DSW, as well as TJX Cos., owners of Marshalls and T.J. Maxx, authorities said. Losses to banks, retailers and consumers are “impossible to quantify at this point,” Attorney General Michael Mukasey said yesterday at a news conference in Boston. http://www.signonsandiego.com/news/metro/20080806-9999-1n6hacked.html
-- Top Government Official To Lay Out New Strategy For Protecting Systems That Control Power and Oil & Gas and Other Critical Industries (August 15, 2008) In his keynote presentation at the European SCADA Security Summit, Roger Cumming, Deputy Director of the UK's Centre for the Protection of. National Infrastructure, will outline a five-part strategy by which government and industry can move to protect the critical infrastructures on which all industrial societies depend for survival.
The new strategy ranges from how vulnerabilities will be disclosed and mitigated to how top executives of power and other critical industries will be engaged in the process. The meeting will also show how these systems are being penetrated, how to prioritize defenses, and how to buy control systems with security baked-in. A large number of corporate users will be there along with leaders from other nations to discuss the new strategies. The meeting is open to all IT security and control systems managers from critical industries, government officials responsible for critical infrastructure protection, and service providers who can help secure these systems. The full agenda will be published early next week. In the mean time, registration information can be found at http://www.sans.org/euscada08_summit/
--Judge Lets Gag Order Stand Against MIT Students (August 14, 2008) US District Judge George O'Toole Jr. has let stand a temporary restraining order that prevented three Massachusetts Institute of Technology (MIT) students from revealing their research on the security of payment cards used by the Massachusetts Bay Transit Authority (MBTA). The MBTA sought the order to allow it time to address the vulnerabilities before the specifics of the flaws
are disclosed. A hearing has been scheduled for Tuesday, when the
temporary order expires; at that time, a decision will be made as to whether the order will be lifted altogether or amended to cover only "nonpublic" information. Some of the information has been available on the Internet for a while and some was made available to conference goers prior to the scheduled presentation.
http://www.usatoday.com/tech/news/computersecurity/hacking/2008-08-14-subway-mit-subways_N.htm?csp=34
http://news.cnet.com/8301-1009_3-10017438-83.html?part=rss&subj=news&tag=2547-1009_3-0-20
http://www.theregister.co.uk/2008/08/14/mbta_gag_order_remains/print.html
--Man Hopes to Fund Start-up by Charging for Vulnerability Details (August 11, 12 & 13, 2008) A man who claims to have found a number of vulnerabilities in the Java technology used on some Nokia handsets wants Nokia and Sun Microsystems to pay 20,000 euros (US $29,597) for a report that details the specifics of the flaws and includes two proof-of-concept exploits. Adam Gowdiak rejects the notion that he is blackmailing the companies, instead viewing his decision to charge for the information a means of gathering money to fund his start-up security research company. Gowdiak has briefed both companies about the vulnerabilities, so they are aware of the nature of the flaws.
http://www.informationweek.com/news/security/vulnerabilities/showArticle.jhtml?articleID=210002897
http://www.theregister.co.uk/2008/08/11/s40_security_issues/print.html
http://www.zdnetasia.com/news/security/0,39044215,62044807,00.htm
--AOL Spammer Draws Seven-Year Sentence (August 13 & 14, 2008) Michael Dolan has received a seven year prison sentence for his role in a phishing scheme that targeted AOL members. Dolan and his cohorts used tools to harvest AOL screen names from chat rooms; those names were then targeted with phishing emails that appeared to be online greeting cards, but actually contained malware that ultimately led users to a site run by Dolan and others where the users were asked to provide information that included credit card and Social Security numbers (SSNs). Users were also directed to the site with emails that claimed to be from AOL's billing office. The scheme ran for more than four years, during which time prosecutors estimate the gang stole US $400,000 from 250 victims. Dolan pleaded guilty to fraud and aggravated identity theft last year.
http://www.theregister.co.uk/2008/08/14/aol_phisher_jailed/print.html
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9112579&source=rss_topic17
IT managers opting for solid-state drives over hard disks http://cwflyris.computerworld.com/t/3460499/6339517/133277/2/
Wednesday, August 13, 2008
Microsoft kills more third-party ActiveX controls
Complaints filed in Michigan over RIAA's piracy investigators
Linux patent pool to push for 'defensive publication'
Microsoft issues massive security update for Windows, Office
European court delays British hacker's extradition to U.S.
Internet fraud: lots of complaints, few repercussions
Russian hacker 'militia' mobilizes to attack Georgia
Update: Estonia, Poland help Georgia fight cyberattacks
VMware licensing bug blacks out virtual servers
Amid Controversy, Outed Steroid Sites Still Online - 8/13/2008 2:45:00 PM Anti-fraud groups, US Internet registrars at odds over takedown of 'roid sites
MIT Presentation on Subway Hack Leaks Out - 8/12/2008 5:56:00 PM In ironic twist, court documents that argue for suppression of Defcon presentation help distribute data about the hack
6 Reasons Today’s Olympic Swimmers are Breaking Records
High-tech doping? Maybe...
TSA Amasses Secret Database on Air Travelers
The Department of Homeland Security's Transportation Security Administration Agency (TSA) disclosed that it amassed a secret database of air travelers who arrived at airports without a drivers license or passport. The database also includes information on the traveler's companions. The TSA reported it routinely shared access to this once secret database with other law enforcement agencies. The TSA now says that it will no longer add the names of travelers who arrive at airports without a drivers license or passport. There is no word on whether those previously added to the database for not having a drivers license or passport will be removed. Privacy requires that there be no secret databases because they can be used to cause real harm to the rights of individuals. Secret databases may also allow abuse and misuse of government resources, while preventing effective oversight of the agency by the public.
Fliers without ID placed on TSA list, USA Today, August 13, 2008
Posted by EPIC on August 13, 2008.
Permanent link to this item.
Microsoft Patches 26 Security Holes
http://blogs.washingtonpost.com/securityfix/
Browser toolbar to check site securityNews Brief, 2008-08-11
Errata Security plans to release an add-on for major browsers that will check the most obvious security shortfalls for Web sites.
Mandiant researchers win Race to ZeroNews Brief, 2008-08-11Consultants with the firm sneak all ten samples of malware past major antivirus engines, urging companies to focus on defense-in-depth strategies.
Windows Live Messenger 9.0 Build M1 in All Its Splendor
Securing your OCS deployment
by Deb Shinder
Articles / Misc Network Security
Taking a look at the security concerns involved with unified communications and how to add security to OCS.
Air Force Halts Cyber Command Program
After months touting its intention to be the front line for defending cyberspace, the Air Force has suspended plans to establish its much hyped Cyber Command program, according to Nextgov.
The program is being halted until new senior Air Force leaders have time to review it and determine a focus and direction.
Complaints filed in Michigan over RIAA's piracy investigators
Linux patent pool to push for 'defensive publication'
Microsoft issues massive security update for Windows, Office
European court delays British hacker's extradition to U.S.
Internet fraud: lots of complaints, few repercussions
Russian hacker 'militia' mobilizes to attack Georgia
Update: Estonia, Poland help Georgia fight cyberattacks
VMware licensing bug blacks out virtual servers
Amid Controversy, Outed Steroid Sites Still Online - 8/13/2008 2:45:00 PM Anti-fraud groups, US Internet registrars at odds over takedown of 'roid sites
MIT Presentation on Subway Hack Leaks Out - 8/12/2008 5:56:00 PM In ironic twist, court documents that argue for suppression of Defcon presentation help distribute data about the hack
6 Reasons Today’s Olympic Swimmers are Breaking Records
High-tech doping? Maybe...
TSA Amasses Secret Database on Air Travelers
The Department of Homeland Security's Transportation Security Administration Agency (TSA) disclosed that it amassed a secret database of air travelers who arrived at airports without a drivers license or passport. The database also includes information on the traveler's companions. The TSA reported it routinely shared access to this once secret database with other law enforcement agencies. The TSA now says that it will no longer add the names of travelers who arrive at airports without a drivers license or passport. There is no word on whether those previously added to the database for not having a drivers license or passport will be removed. Privacy requires that there be no secret databases because they can be used to cause real harm to the rights of individuals. Secret databases may also allow abuse and misuse of government resources, while preventing effective oversight of the agency by the public.
Fliers without ID placed on TSA list, USA Today, August 13, 2008
Posted by EPIC on August 13, 2008.
Permanent link to this item.
Microsoft Patches 26 Security Holes
http://blogs.washingtonpost.com/securityfix/
Browser toolbar to check site securityNews Brief, 2008-08-11
Errata Security plans to release an add-on for major browsers that will check the most obvious security shortfalls for Web sites.
Mandiant researchers win Race to ZeroNews Brief, 2008-08-11Consultants with the firm sneak all ten samples of malware past major antivirus engines, urging companies to focus on defense-in-depth strategies.
Windows Live Messenger 9.0 Build M1 in All Its Splendor
Securing your OCS deployment
by Deb Shinder
Articles / Misc Network Security
Taking a look at the security concerns involved with unified communications and how to add security to OCS.
Air Force Halts Cyber Command Program
After months touting its intention to be the front line for defending cyberspace, the Air Force has suspended plans to establish its much hyped Cyber Command program, according to Nextgov.
The program is being halted until new senior Air Force leaders have time to review it and determine a focus and direction.
Monday, August 11, 2008
Monday News Feed 8/11/08
Confirmation: "real" war includes cyber-war.
Cyberattacks knock out Georgia's Internet presence Hackers have attacked and hijacked Web sites belonging to Georgia, the former Soviet republic now in the fourth day of war with Russia, a security researcher claimed on Sunday. Read more...
"...Later on Saturday, Armin added that network administrators in Germany had been able to temporarily reroute some Georgian Internet traffic directly to servers run by Deutsche Telekom AG. Within hours, however, the traffic had been again diverted to Russian servers, this time to ones based in Moscow.
The attacks are reminiscent of other coordinated campaigns against Estonian government Web sites in April and May 2007 and against about 300 Lithuanian sites on July 1. Like Georgia, both countries are former republics in the Soviet Union. "
DOJ Fingers Global Ring in Alleged Data Thefts
IT Security Oversight May Have Enabled Data Breach
A former employee accused of stealing customer data from Countrywide Financial Corp. may have been able to download the information to a thumb drive because of an oversight by the home mortgage lender's IT department.
Rene Rebollo, a former financial analyst at Countrywide, was arrested Aug. 1 in Pasadena, Calif., for allegedly stealing and selling the data, which included names, Social Security numbers and contact information.
Microsoft to Rate Exploit Potential
Microsoft Corp. will soon edge into the crystal-ball business in its security bulletins by predicting how likely it is that software flaws will be exploited.
Starting in October, Microsoft will add an "Exploitability Index" that gives bugs one of three ratings, based on the likelihood that attackers will be able to develop code to take advantage of the flaws.
Microsoft will also give technical info about new vulnerabilities to select security vendors before it issues patches, to give them a head start in crafting exploit-detection signatures.
Covert operation floats network-sniffing balloon
August 10, 2008 (IDG News Service) Rick Hill won't say where he launched his "wardriving" balloon on Friday, but he will tell you that it got a pretty good look at about 370 wireless networks while scanning up and down the Las Vegas Strip.
Hidden in the back of a 22-foot moving truck, Hill and his team of about a dozen volunteers launched the balloon Friday morning, sending it 150 feet into the air for about 20 minutes to use special antennas and scanning software to scope out the Las Vegas skyline for unsecured wireless networks, an activity Hill called "warballooning."
New exploit poisons patched DNS servers, claims researcher
August 10, 2008 (Computerworld)
Patches meant to fix a flaw in the Internet's Domain Name System (DNS) don't completely protect the Web's traffic cop from attack, a Russian research claimed on Friday.
The head of the nonprofit group that maintains the most commonly used DNS software, however, said there was little to worry about.
Update: Fake CNN spam mutates as attacks continue
August 8, 2008 (Computerworld)
The massive attack that has infected PCs by tricking users into clicking links in fake messages from CNN.com shows little sign of ending soon, security researchers said on Friday.
Researcher: Intel fixed two critical flaws in its chips
Kris Kaspersky, an IT consultant and the author of Hacker Disassembling Uncovered and Data Recovery: Tips and Solutions, is booked to make the demo at the Hack In The Box Security Conference in October in Kuala Lumpur, Malaysia. Kaspersky said he can use the flaws in Intel CPUs to launch a remote attack against a computer -- regardless of what software platform it runs.
Cisco Security Advisory: Multiple Cisco Products Vulnerable to DNS Cache Poisoning Attacks
08-July-200818:00 GMT
29-July-200817:00 GMT
DNS Best Practices, Network Protections, and Attack Identification
Researchers: There's Gold in Them Thar Hacks - 8/8/2008 5:45:00 PM
Black Hat presentation shows some simple methods hackers have used to get rich or die trying
New Microsoft Program Helps Fix Third-Party Vulnerabilities - 8/8/2008 10:55:00 AM Microsoft to officially share with Windows third-party app vendors flaws it finds in their software
'Bringing Sexy Back' to Hacking - 8/7/2008 5:30:00 PM
DefCon session will feature iPhones running WiFi scans and sophisticated spear-phishing tricks
Feds: Foreign Attackers 'Knocking on Our Door Every Day' - 8/7/2008 4:30:00 PM
Attacks on US government systems are frequent and serious, top officials say
Does Your Generation Pose an Office Security Risk?
From Baby Boom to Echo Boom: Why your birthday could mean your boss needs to watch out for you.
Read more
August 2008 Advance Notification
Sophos Warns of Facebook Malware Attack Fake Google video link takes Facebook users to a malicious site, infecting computers.
New Tool to Automate Cookie Stealing from Gmail, Others
LAS VEGAS, NEV. -- If you use Gmail and haven't yet taken advantage of a feature Google unveiled last week to prevent hackers from hijacking your inbox, now would be an excellent time to do that.
Permalink
Researchers race to zero in record time Robert Lemos, 2008-08-09
On the first day, three teams of security professional finished the Race to Zero contest, successfully modifying nine well-known viruses and exploits to escape detection by major antivirus engines.
"Engadget reports Apple has readied a blacklisting system which allows the company to remotely disable applications on your device. It seems the new 2.x firmware contains a URL which points to a page containing a list of 'unauthorized' apps — a move which suggests that the device makes occasional contact with Apple's servers to see if anything is amiss on your phone. Jonathan Zdziarski, the man who discovered this, explains, 'This suggests that the iPhone calls home once in a while to find out what applications it should turn off. At the moment, no apps have been blacklisted, but by all appearances, this has been added to disable applications that the user has already downloaded and paid for, if Apple so chooses to shut them down. I discovered this doing a forensic examination of an iPhone 3G. It appears to be tucked away in a configuration file deep inside CoreLocation.'"
Update: 08/11 13:07 GMT by T : Reader gadgetopia writes with a small story at IT Wire, citing an interview in the Wall Street Journal, in which this remote kill-switch is "confirmed by Steve Jobs himself."
Smartphones continue march, BlackBerry boosts market share
Research in Motion is helping to lead the smartphone surge across the US. Sales are up, and so is the competition.
August 11, 2008 - 11:03AM CT - by David Chartier
The sky isn't falling: a look at a new Vista security bypass
Last week, researchers described ways to bypass the buffer-overflow security features in Vista. Some analysts are calling the exploits proof that Vista's security is worthless; we explain why it isn't.
August 11, 2008 - 07:30AM CT - by Peter Bright
Boston Subway System Stops Defcon Talk; But Paints Security Target On Its Back
from the yeah,-that'll-work dept
You would think after years and years of it backfiring every time some scared organization tries to shut down a talk concerning their security vulnerabilities, that people wouldn't even bother any more. But never underestimate the short-sightedness of some execs. The Massachusetts Bay Transportation Authority uses a magnetic strip card system to access the subway system in Boston. That system is not particularly secure, and some enterprising MIT students planned to demonstrate just how weak the security was on the system this weekend at the Defcon conference... until the MBTA convinced a judge to ban the presentation and demand that all copies of the presentation not be released -- which is problematic since all attendees at the conference already obtained CDs with a copy of the presentation. Also, somewhat ironically, a copy of the presentation was entered in as evidence in the case, and that copy is now publicly available as part of the court records system. Oops.
Cyberattacks knock out Georgia's Internet presence Hackers have attacked and hijacked Web sites belonging to Georgia, the former Soviet republic now in the fourth day of war with Russia, a security researcher claimed on Sunday. Read more...
"...Later on Saturday, Armin added that network administrators in Germany had been able to temporarily reroute some Georgian Internet traffic directly to servers run by Deutsche Telekom AG. Within hours, however, the traffic had been again diverted to Russian servers, this time to ones based in Moscow.
The attacks are reminiscent of other coordinated campaigns against Estonian government Web sites in April and May 2007 and against about 300 Lithuanian sites on July 1. Like Georgia, both countries are former republics in the Soviet Union. "
DOJ Fingers Global Ring in Alleged Data Thefts
IT Security Oversight May Have Enabled Data Breach
A former employee accused of stealing customer data from Countrywide Financial Corp. may have been able to download the information to a thumb drive because of an oversight by the home mortgage lender's IT department.
Rene Rebollo, a former financial analyst at Countrywide, was arrested Aug. 1 in Pasadena, Calif., for allegedly stealing and selling the data, which included names, Social Security numbers and contact information.
Microsoft to Rate Exploit Potential
Microsoft Corp. will soon edge into the crystal-ball business in its security bulletins by predicting how likely it is that software flaws will be exploited.
Starting in October, Microsoft will add an "Exploitability Index" that gives bugs one of three ratings, based on the likelihood that attackers will be able to develop code to take advantage of the flaws.
Microsoft will also give technical info about new vulnerabilities to select security vendors before it issues patches, to give them a head start in crafting exploit-detection signatures.
Covert operation floats network-sniffing balloon
August 10, 2008 (IDG News Service) Rick Hill won't say where he launched his "wardriving" balloon on Friday, but he will tell you that it got a pretty good look at about 370 wireless networks while scanning up and down the Las Vegas Strip.
Hidden in the back of a 22-foot moving truck, Hill and his team of about a dozen volunteers launched the balloon Friday morning, sending it 150 feet into the air for about 20 minutes to use special antennas and scanning software to scope out the Las Vegas skyline for unsecured wireless networks, an activity Hill called "warballooning."
New exploit poisons patched DNS servers, claims researcher
August 10, 2008 (Computerworld)
Patches meant to fix a flaw in the Internet's Domain Name System (DNS) don't completely protect the Web's traffic cop from attack, a Russian research claimed on Friday.
The head of the nonprofit group that maintains the most commonly used DNS software, however, said there was little to worry about.
Update: Fake CNN spam mutates as attacks continue
August 8, 2008 (Computerworld)
The massive attack that has infected PCs by tricking users into clicking links in fake messages from CNN.com shows little sign of ending soon, security researchers said on Friday.
Researcher: Intel fixed two critical flaws in its chips
Kris Kaspersky, an IT consultant and the author of Hacker Disassembling Uncovered and Data Recovery: Tips and Solutions, is booked to make the demo at the Hack In The Box Security Conference in October in Kuala Lumpur, Malaysia. Kaspersky said he can use the flaws in Intel CPUs to launch a remote attack against a computer -- regardless of what software platform it runs.
Cisco Security Advisory: Multiple Cisco Products Vulnerable to DNS Cache Poisoning Attacks
08-July-200818:00 GMT
29-July-200817:00 GMT
DNS Best Practices, Network Protections, and Attack Identification
Researchers: There's Gold in Them Thar Hacks - 8/8/2008 5:45:00 PM
Black Hat presentation shows some simple methods hackers have used to get rich or die trying
New Microsoft Program Helps Fix Third-Party Vulnerabilities - 8/8/2008 10:55:00 AM Microsoft to officially share with Windows third-party app vendors flaws it finds in their software
'Bringing Sexy Back' to Hacking - 8/7/2008 5:30:00 PM
DefCon session will feature iPhones running WiFi scans and sophisticated spear-phishing tricks
Feds: Foreign Attackers 'Knocking on Our Door Every Day' - 8/7/2008 4:30:00 PM
Attacks on US government systems are frequent and serious, top officials say
Does Your Generation Pose an Office Security Risk?
From Baby Boom to Echo Boom: Why your birthday could mean your boss needs to watch out for you.
Read more
August 2008 Advance Notification
Sophos Warns of Facebook Malware Attack Fake Google video link takes Facebook users to a malicious site, infecting computers.
New Tool to Automate Cookie Stealing from Gmail, Others
LAS VEGAS, NEV. -- If you use Gmail and haven't yet taken advantage of a feature Google unveiled last week to prevent hackers from hijacking your inbox, now would be an excellent time to do that.
Permalink
Researchers race to zero in record time Robert Lemos, 2008-08-09
On the first day, three teams of security professional finished the Race to Zero contest, successfully modifying nine well-known viruses and exploits to escape detection by major antivirus engines.
"Engadget reports Apple has readied a blacklisting system which allows the company to remotely disable applications on your device. It seems the new 2.x firmware contains a URL which points to a page containing a list of 'unauthorized' apps — a move which suggests that the device makes occasional contact with Apple's servers to see if anything is amiss on your phone. Jonathan Zdziarski, the man who discovered this, explains, 'This suggests that the iPhone calls home once in a while to find out what applications it should turn off. At the moment, no apps have been blacklisted, but by all appearances, this has been added to disable applications that the user has already downloaded and paid for, if Apple so chooses to shut them down. I discovered this doing a forensic examination of an iPhone 3G. It appears to be tucked away in a configuration file deep inside CoreLocation.'"
Update: 08/11 13:07 GMT by T : Reader gadgetopia writes with a small story at IT Wire, citing an interview in the Wall Street Journal, in which this remote kill-switch is "confirmed by Steve Jobs himself."
Smartphones continue march, BlackBerry boosts market share
Research in Motion is helping to lead the smartphone surge across the US. Sales are up, and so is the competition.
August 11, 2008 - 11:03AM CT - by David Chartier
The sky isn't falling: a look at a new Vista security bypass
Last week, researchers described ways to bypass the buffer-overflow security features in Vista. Some analysts are calling the exploits proof that Vista's security is worthless; we explain why it isn't.
August 11, 2008 - 07:30AM CT - by Peter Bright
Boston Subway System Stops Defcon Talk; But Paints Security Target On Its Back
from the yeah,-that'll-work dept
You would think after years and years of it backfiring every time some scared organization tries to shut down a talk concerning their security vulnerabilities, that people wouldn't even bother any more. But never underestimate the short-sightedness of some execs. The Massachusetts Bay Transportation Authority uses a magnetic strip card system to access the subway system in Boston. That system is not particularly secure, and some enterprising MIT students planned to demonstrate just how weak the security was on the system this weekend at the Defcon conference... until the MBTA convinced a judge to ban the presentation and demand that all copies of the presentation not be released -- which is problematic since all attendees at the conference already obtained CDs with a copy of the presentation. Also, somewhat ironically, a copy of the presentation was entered in as evidence in the case, and that copy is now publicly available as part of the court records system. Oops.
Monday, August 4, 2008
Monday News Feed 8/4/08
You gotta love it...
http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=9111581&taxonomyId=17&intsrc=kc_top
August 4, 2008 (IDG News Service) In an attempt to rid its Blogger service from spam blogs (splogs), Google mistakenly flagged a number of legitimate sites last week, prompting the company to scramble to unlock them.
A bug in Google's data processing code caused the problem, leading the detection system to lock Blogger blogs that had otherwise passed the inspection by the company's spam algorithms, Google said on Saturday in an official blog.
Gartner: 'Caveats apply' for enterprise iPhone use
August 4, 2008 (Computerworld) After three weeks of testing and reviewing Apple Inc.'s new iPhone 2.0 firmware and an iPhone 3G for use in large businesses, analyst firm Gartner Inc. said the device can be supported by IT shops — but only for a narrow set of uses such as voice, e-mail, Web browsing and the storage of personal information.
The reason for the restrictions? Security concerns.
The newest iPhone "does not deliver sufficient security for [running] custom applications" commonly used on handhelds in enterprise settings, Gartner analyst Ken Dulaney wrote in a nine-page research note. The report, "iPhone 2.0 Is Ready for the Enterprise, but Caveats Apply," concludes: "Enterprises should approach expanded use of the iPhone slowly and with close examination."
...
IE6 more vulnerable to unpatched Microsoft flaw, Symantec says
Firewall vendors scramble to fix problem with DNS patch
Beijing Braces for Olympic Cyber-War - 8/4/2008 9:10:00 AM Can the world's most futuristic data center protect the Olympics' storage?
Group offers tools to evade China's Web censorship
Reporters covering the Beijing Olympics who are frustrated by Chinese Internet censorship can use... ...1
Microsoft Access Snapshot Viewer ActiveX Control Vulnerability - Extremely critical - From remoteIssued 7 July, 2008. A vulnerability has been reported in Snapshot Viewer for Microsoft Access, which can be exploited by malicious people to compromise a user's system.
Freezing the Cold-Boot Attack - 8/1/2008 3:45:00 PM Researcher reveals new technologies he built to combat attacks that crack disk encryption on machines
Data Breach Fallout: Do CISOs Need Legal Protection?
Since the security executive is on the hot seat after a data breach, some industry experts suggest CISOs get themselves some form of liability protection. The downside is that such protection could shield those who deserve the blame for an incident.
Read more
Google Adwords Advertisers Targeted By Phishing Cyber Criminals From China By Grey McKenzie 07/25/2008
75 Percent Of Banking Websites Vulnerable To Cyber Thieves Study Shows By Grey McKenzie 07/24/2008
For all you number crunchers out there, CNNIC has released its 22nd Statistical Report on Chinese Internet Development. They have posted an English summary on their website, the full report is in Chinese:
With the Largest Amount of both Netizens and ccTLDs in the World, a Big Internet Power Is Taking Shape
By the end of June 2008, the amount of netizens in China had reached 253 million, surpassing that in the United States to be the first place in the world. This is according to a newly released Suvery Repot by China Internet Network Information Center (CNNIC).
This report, the 22nd Statistical Report on the Internet Development in China, also indicates the number of broadband users has reached 214 million, which also tops the world. The CNNIC also announced that, by the time of July 22, the number of CN domain names, which was 12.18 million, had exceeded .de, the country-code Top Level Domain for Germany, thus becoming the largest country code Top-Level Domain names in the world. These three major breakthroughs show a big Internet power is taking shape.
Continue Reading »
How Much Is Antivirus Slowing Down Your PC?PC Magazine - Mon Aug 4, 8:33 AM ET
PC Magazine will be testing the major security suites on how their background tasks affect real-world actions.
InformationWeek - An RSA survey found the e-mail-borne malware and phishing that affected 69% of respondents' companies, may not have led to serious consequences in every instance.
For Ham Radio Operators:
Police Call Publisher Gene Hughes Dead at 80
The southern California man who published the radio scanning bible Police Call has passed away. Under the pen name Gene Hughes, Gene Costin became a household word among geeks in the 1970s when he started cataloging the radio frequencies used by various police and fire departments and other agencies, giving hobbyists something to do with the first generation of programmable scanners then hitting the market. I had the privilege of interviewing him for a profile in 2005, when he made the decision to close down Police Call after 41 years.
Tracking a Shopper's Habits
By Michael FitzgeraldMonday, August 04, 2008
Infosys's sensor network turns stores into mini-Internets.
Countrywide loses personal data in insider scam
Sue Marquette Poremba August 04, 2008
A former Countrywide Home Loans employee was one of two California men charged in a scam to steal and sell personal data of customers.
Attackers ramp up zero-day ActiveX exploits
Dan Kaplan August 04, 2008
Roughly one month after Microsoft disclosed that attackers were exploiting a zero-day Active X vulnerability, the attacks are multiplying; but mostly in China.
Facebook and MySpace attacked by new worms
Joy Persaud August 04, 2008
New worms attacking social networking sites Facebook and MySpace have been uncovered.
McAfee picks up DLP maker Reconnex for $46 million
Dan Kaplan August 01, 2008
McAfee filled out its data-loss prevention (DLP) portfolio on Thursday with the $46 million acquisition of Reconnex.
Porn Star Name Suit Heading for Dismissal?
By MATTHEW HELLER
A Houston woman who alleges an actress in a porn film stole her name has admitted she has no "ownership interest" in the name Syvette Wimberly, perhaps dooming her hopes of winning an unusual privacy case. more
Should The Next President Use A Computer?
Top Botnets Pushing Rogue 'Antivirus' ProgramJuly 30, 2008Four of the top spamming botnets are sending malicious spam in order to install a rogue anti-virus program on victims' machines.
Intel's reveals multi-core 'Larrabee'
Did Apple forget to patch something?
Ryan Naraine: Less than 24 hours after Apple released a patch for the DNS cache poisoning vulnerability, there are reports that the DNS client on the OSX 10.4.11 distribution still has not been patched.
Deploying Service Pack 3 directly on top of a fresh installation of Windows XP Service Pack 2 will kill all subsequent updates from Microsoft's servers. The Redmond giant warned that integrating SP3 into the operating system straight after performing a new installation of XP SP2 via Windows Update will result in the failed implementation of any additional releases from Windows Update, Microsoft Update or through Automatic Updates. In this context, installing the third and last service pack for Windows XP onto a freshly-deployed copy of XP SP2 will virtually cut off the operating system from the life-line represented by the company's updates, served either through WU, MU or AU.
"This problem occurs when the latest Windows Update client has been installed and then you install Windows XP SP3 before restarting the computer. This causes the new Wups2.dll file not to be enabled (registered). When Windows XP SP3 is installed, it does not detect the Wups2.dll file, and it sets the registry to point to the original Wups.dll file version that is included in Windows XP SP2 and Windows XP SP3. Because the registry files that correspond to the Wups2.dll file are missing, update installations are unsuccessful," Microsoft indicated.
ValueClick agrees to $1m settlement fund over adware
Online advertising network ValueClick has agreed to a preliminary settlement in a class-action lawsuit over its business practices when it comes to dealing with adware. The company and its subsidiaries plan to pay $1 million into a settlement fund and its has agreed to an independent audit of its practices.
August 04, 2008 - 12:10PM CT - by Jacqui Cheng
Active Administrator - Voted WindowSecurity.com Readers’ Choice Award Winner - Group Policy Management
by The Editor
Site News
Active Administrator was selected the winner in the Group Policy Management category of the WindowSecurity.com Readers’ Choice Awards. Active GPOAdmin and Special Operations Suite were first runner-up and second runner-up.
Worm builds botnets with MySpace, FacebookNews Brief, 2008-08-04
Two variants of a worm advertise a fake Flash update in an attempt to infect victims' computers with bot software.
Washington State Supreme Court Rules in Support of Privacy
Fifteen teachers accused of sexually abusing students, but cleared of suspicion, sued their school districts to block release of their names to news organizations. The court stated that the names of teachers must be disclosed only in cases where sexual misconduct has been found.
Washington Supreme Court says privacy trumps identifying teacher in cases of unsubstantiated sexual misconduct,
Seattle Times, August 1, 2008
Posted by EPIC on August 4, 2008.Permanent link to this item.
New Browsers Fight the Malware Scourge The just-released Firefox 3 and Opera 9.5, and the upcoming IE 8, respond to the growing threat with enhanced blocking features.
http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=9111581&taxonomyId=17&intsrc=kc_top
August 4, 2008 (IDG News Service) In an attempt to rid its Blogger service from spam blogs (splogs), Google mistakenly flagged a number of legitimate sites last week, prompting the company to scramble to unlock them.
A bug in Google's data processing code caused the problem, leading the detection system to lock Blogger blogs that had otherwise passed the inspection by the company's spam algorithms, Google said on Saturday in an official blog.
Gartner: 'Caveats apply' for enterprise iPhone use
August 4, 2008 (Computerworld) After three weeks of testing and reviewing Apple Inc.'s new iPhone 2.0 firmware and an iPhone 3G for use in large businesses, analyst firm Gartner Inc. said the device can be supported by IT shops — but only for a narrow set of uses such as voice, e-mail, Web browsing and the storage of personal information.
The reason for the restrictions? Security concerns.
The newest iPhone "does not deliver sufficient security for [running] custom applications" commonly used on handhelds in enterprise settings, Gartner analyst Ken Dulaney wrote in a nine-page research note. The report, "iPhone 2.0 Is Ready for the Enterprise, but Caveats Apply," concludes: "Enterprises should approach expanded use of the iPhone slowly and with close examination."
...
IE6 more vulnerable to unpatched Microsoft flaw, Symantec says
Firewall vendors scramble to fix problem with DNS patch
Beijing Braces for Olympic Cyber-War - 8/4/2008 9:10:00 AM Can the world's most futuristic data center protect the Olympics' storage?
Group offers tools to evade China's Web censorship
Reporters covering the Beijing Olympics who are frustrated by Chinese Internet censorship can use... ...1
Microsoft Access Snapshot Viewer ActiveX Control Vulnerability - Extremely critical - From remoteIssued 7 July, 2008. A vulnerability has been reported in Snapshot Viewer for Microsoft Access, which can be exploited by malicious people to compromise a user's system.
Freezing the Cold-Boot Attack - 8/1/2008 3:45:00 PM Researcher reveals new technologies he built to combat attacks that crack disk encryption on machines
Data Breach Fallout: Do CISOs Need Legal Protection?
Since the security executive is on the hot seat after a data breach, some industry experts suggest CISOs get themselves some form of liability protection. The downside is that such protection could shield those who deserve the blame for an incident.
Read more
Google Adwords Advertisers Targeted By Phishing Cyber Criminals From China By Grey McKenzie 07/25/2008
75 Percent Of Banking Websites Vulnerable To Cyber Thieves Study Shows By Grey McKenzie 07/24/2008
For all you number crunchers out there, CNNIC has released its 22nd Statistical Report on Chinese Internet Development. They have posted an English summary on their website, the full report is in Chinese:
With the Largest Amount of both Netizens and ccTLDs in the World, a Big Internet Power Is Taking Shape
By the end of June 2008, the amount of netizens in China had reached 253 million, surpassing that in the United States to be the first place in the world. This is according to a newly released Suvery Repot by China Internet Network Information Center (CNNIC).
This report, the 22nd Statistical Report on the Internet Development in China, also indicates the number of broadband users has reached 214 million, which also tops the world. The CNNIC also announced that, by the time of July 22, the number of CN domain names, which was 12.18 million, had exceeded .de, the country-code Top Level Domain for Germany, thus becoming the largest country code Top-Level Domain names in the world. These three major breakthroughs show a big Internet power is taking shape.
Continue Reading »
How Much Is Antivirus Slowing Down Your PC?PC Magazine - Mon Aug 4, 8:33 AM ET
PC Magazine will be testing the major security suites on how their background tasks affect real-world actions.
InformationWeek - An RSA survey found the e-mail-borne malware and phishing that affected 69% of respondents' companies, may not have led to serious consequences in every instance.
For Ham Radio Operators:
Police Call Publisher Gene Hughes Dead at 80
The southern California man who published the radio scanning bible Police Call has passed away. Under the pen name Gene Hughes, Gene Costin became a household word among geeks in the 1970s when he started cataloging the radio frequencies used by various police and fire departments and other agencies, giving hobbyists something to do with the first generation of programmable scanners then hitting the market. I had the privilege of interviewing him for a profile in 2005, when he made the decision to close down Police Call after 41 years.
Tracking a Shopper's Habits
By Michael FitzgeraldMonday, August 04, 2008
Infosys's sensor network turns stores into mini-Internets.
Countrywide loses personal data in insider scam
Sue Marquette Poremba August 04, 2008
A former Countrywide Home Loans employee was one of two California men charged in a scam to steal and sell personal data of customers.
Attackers ramp up zero-day ActiveX exploits
Dan Kaplan August 04, 2008
Roughly one month after Microsoft disclosed that attackers were exploiting a zero-day Active X vulnerability, the attacks are multiplying; but mostly in China.
Facebook and MySpace attacked by new worms
Joy Persaud August 04, 2008
New worms attacking social networking sites Facebook and MySpace have been uncovered.
McAfee picks up DLP maker Reconnex for $46 million
Dan Kaplan August 01, 2008
McAfee filled out its data-loss prevention (DLP) portfolio on Thursday with the $46 million acquisition of Reconnex.
Porn Star Name Suit Heading for Dismissal?
By MATTHEW HELLER
A Houston woman who alleges an actress in a porn film stole her name has admitted she has no "ownership interest" in the name Syvette Wimberly, perhaps dooming her hopes of winning an unusual privacy case. more
Should The Next President Use A Computer?
Top Botnets Pushing Rogue 'Antivirus' ProgramJuly 30, 2008Four of the top spamming botnets are sending malicious spam in order to install a rogue anti-virus program on victims' machines.
Intel's reveals multi-core 'Larrabee'
Did Apple forget to patch something?
Ryan Naraine: Less than 24 hours after Apple released a patch for the DNS cache poisoning vulnerability, there are reports that the DNS client on the OSX 10.4.11 distribution still has not been patched.
Deploying Service Pack 3 directly on top of a fresh installation of Windows XP Service Pack 2 will kill all subsequent updates from Microsoft's servers. The Redmond giant warned that integrating SP3 into the operating system straight after performing a new installation of XP SP2 via Windows Update will result in the failed implementation of any additional releases from Windows Update, Microsoft Update or through Automatic Updates. In this context, installing the third and last service pack for Windows XP onto a freshly-deployed copy of XP SP2 will virtually cut off the operating system from the life-line represented by the company's updates, served either through WU, MU or AU.
"This problem occurs when the latest Windows Update client has been installed and then you install Windows XP SP3 before restarting the computer. This causes the new Wups2.dll file not to be enabled (registered). When Windows XP SP3 is installed, it does not detect the Wups2.dll file, and it sets the registry to point to the original Wups.dll file version that is included in Windows XP SP2 and Windows XP SP3. Because the registry files that correspond to the Wups2.dll file are missing, update installations are unsuccessful," Microsoft indicated.
ValueClick agrees to $1m settlement fund over adware
Online advertising network ValueClick has agreed to a preliminary settlement in a class-action lawsuit over its business practices when it comes to dealing with adware. The company and its subsidiaries plan to pay $1 million into a settlement fund and its has agreed to an independent audit of its practices.
August 04, 2008 - 12:10PM CT - by Jacqui Cheng
Active Administrator - Voted WindowSecurity.com Readers’ Choice Award Winner - Group Policy Management
by The Editor
Site News
Active Administrator was selected the winner in the Group Policy Management category of the WindowSecurity.com Readers’ Choice Awards. Active GPOAdmin and Special Operations Suite were first runner-up and second runner-up.
Worm builds botnets with MySpace, FacebookNews Brief, 2008-08-04
Two variants of a worm advertise a fake Flash update in an attempt to infect victims' computers with bot software.
Washington State Supreme Court Rules in Support of Privacy
Fifteen teachers accused of sexually abusing students, but cleared of suspicion, sued their school districts to block release of their names to news organizations. The court stated that the names of teachers must be disclosed only in cases where sexual misconduct has been found.
Washington Supreme Court says privacy trumps identifying teacher in cases of unsubstantiated sexual misconduct,
Seattle Times, August 1, 2008
Posted by EPIC on August 4, 2008.Permanent link to this item.
New Browsers Fight the Malware Scourge The just-released Firefox 3 and Opera 9.5, and the upcoming IE 8, respond to the growing threat with enhanced blocking features.
Friday, August 1, 2008
Friday News Feed 8/1/08
DHS stays mum on new 'Cyber Security' center
http://news.cnet.com/8301-13578_3-10004266-38.html?tag=nl.e703
The Bush administration's newly created National Cyber Security Center remains shrouded in secrecy, with officials refusing to release information about its budget, what contractors will run it, and how its mission relates to Internet surveillance.
In correspondence with the U.S. Senate posted on Thursday, the Bush administration said it would not provide that information publicly. An 18-page, partially redacted letter from DHS said that disclosure could affect "the conduct of federal programs, or other programs or operations essential to the interests of our nation."
This IT shop isn't worried about bandwidth demands from the Olympics
The 2008 Olympic Games in Beijing are just a week away. Is your IT department ready to handle the impact on your business from employees downloading online video of the opening ceremonies or the latest gymnastic feat?
IOC admits it accepted China Internet censorship
Hackers start DNS attacks, researcher says
FBI warns of new Storm worm attacks
Study: Companies need to address telework security
Some Web sites blocked at China Olympic press center
The Real Dirt on Whitelisting - 7/30/2008 5:50:00 PM The choice for blacklisting versus whitelisting isn’t really black and white
Hacking Without Exploits - 7/29/2008 4:30:00 PM Black Hat researchers will demonstrate how the bad guys are quietly raking in big bucks without ninja hacking skills, tools, or exploit code
New Video Surveillance Technology 'Recognizes' Abnormal Activity - 7/28/2008 10:05:00 AM BRS software can establish 'normal' on-camera activity – and alert security staff when something unusual occurs
Anthrax Scientist Kills Himself
washingtonpost.com — A top U.S. biodefense researcher apparently committed suicide just as the Justice Department was about to file criminal charges against him in the anthrax mailings that traumatized the nation in the weeks following the Sept. 11, 2001, terrorist attacks, according to a published report. More… (World News)
Identity Theft Monitoring Services Called 'Waste' The Privacy Rights Clearinghouse reports that many services are available for free, and that paying for extras doesn't buy much.
Extradition Appeal for British Hacker Dismissed UPDATE: A British hacker who broke into U.S. military computers looks set to be extradited to the U.S. after a British court ruling.
DNS Attack Writer a Victim of His Own Creation One week after releasing attack code, HD Moore has fallen victim to a cache poisoning attack.
Check Your Personal Data Before Your Employer Does Conducting your own preemptive background check can stave off nasty surprises.
AOL Sued for the Names of Bloggers Critical of Memphis Police Leadership
The city of Memphis, Tennessee sued AOL for the names of people contributing to the web blog MPD Enforcer 2.0. The blog is critical of law enforcement leadership and is very popular with Memphis police. The blog is credited with raising public discussion about the use of law enforcement resources.
Police director sues to find identity of blogger critical of MPD
Terrorists Using Open Wireless Networks
Remember when I said that I keep my home wireless network open? Here's a reason not to listen to me:
When Indian police investigating bomb blasts which killed 42 people traced an email claiming responsibility to a Mumbai apartment, they ordered an immediate raid.
But at the address, rather than seizing militants from the Islamist group which said it carried out the attack, they found a group of puzzled American expats.
In a cautionary tale for those still lax with their wireless internet security, police believe the email about the explosions on Saturday in the west Indian city of Ahmedabad was sent after someone hijacked the network belonging to one of the Americans, 48-year-old Kenneth Haywood.
Of course, the terrorists could have sent the e-mail from anywhere. But life is easier if the police don't raid your apartment.
EDITED TO ADD (8/1): My wireless network is still open. But, honestly, the terrorists are more likely to use the open network at the coffee shop up the street and around the corner.
Why You Should Never Talk to the Police
This is an engaging and fascinating video presentation by Professor James Duane of the Regent University School of Law, explaining why -- in a criminal matter -- you should never, ever, ever talk to the police or any other government agent. It doesn't matter if you're guilty or innocent, if you have an alibi or not -- it isn't possible for anything you say to help you, and it's very possible that innocuous things you say will hurt you.
Definitely worth half an hour of your time.
And this is a video of Virginia Beach Police Department Officer George Bruch, who basically says that Duane is right.
Posted on July 31, 2008 at 12:52 PM
3,000 Blank British Passports Stolen
Looks like an inside job.
Posted on July 31, 2008 at 6:08 AM
World War II Deception Story
Great security story from an obituary of former OSS agent Roger Hall:
One of his favorite OSS stories involved a colleague sent to occupied France to destroy a seemingly impenetrable German tank at a key crossroads. The French resistance found that grenades were no use.
The OSS man, fluent in German and dressed like a French peasant, walked up to the tank and yelled, "Mail!"
The lid opened, and in went two grenades.
Hall's book about his OSS days, You're Stepping on My Cloak and Dagger, is a must read.
Posted on July 29, 2008 at 1:50 PM
Poisoned DNS servers pop up as ISPs patch Robert Lemos, 2008-07-30 An online attacker poisons at least one domain-name server at a major Internet service provider to send Google lookups to a pay-per-click ad network.
Federal agencies slow to deploy cryptoNews Brief, 2008-07-29Despite high-profile data breaches, less than a third of U.S. government systems have encrypted sensitive data, states a report to Congress.
Yahoo relents, gives coupons, refunds to music DRM captives
Yahoo announced last week that it would be shutting down its DRM authentication servers in September, leaving Yahoo Music customers out in the cold. Now, the company says it will offer coupons to customers who want to repurchase their music from Rhapsody's DRM-free store, or refunds to those who just want their darn money back.
July 31, 2008 - 09:55AM CT - by Jacqui Cheng
Top Botnets Pushing Rogue 'Antivirus' ProgramJuly 30, 2008
Four of the top spamming botnets are sending malicious spam in order to install a rogue anti-virus program on victims' machines.
UPS, E-Tickets and MoreJuly 28, 2008
The Pushdo botnet has added three more spam themes to distribute malware along with its UPS theme.
The peaceful worm…. not :(
Backdoor scams emerge on phishing kits
Sue Marquette Poremba July 31, 2008
Nearly half of the live phishing kits identified online have backdoors designed to steal from the information thieves using them.
Senate OKs revamped identity theft legislation
Dan Kaplan July 31, 2008
The U.S. Senate on Wednesday passed the latest version of the Identity Theft Enforcement and Restitution Act.
Expert urges China visitors to encrypt dataReuters - Thu Jul 31, 11:30 PM ET
WASHINGTON (Reuters) - China's blocking of Web sites has embarrassed the International Olympic Committee, but a computer security expert said on Thursday that visitors to Beijing also needed to protect their data from prying eyes.
McAfee Expands Into Data Loss Prevention
McAfee agreed to spend $46 million in cash to acquire privately owned Reconnex, maker of data loss prevention solutions.
http://news.cnet.com/8301-13578_3-10004266-38.html?tag=nl.e703
The Bush administration's newly created National Cyber Security Center remains shrouded in secrecy, with officials refusing to release information about its budget, what contractors will run it, and how its mission relates to Internet surveillance.
In correspondence with the U.S. Senate posted on Thursday, the Bush administration said it would not provide that information publicly. An 18-page, partially redacted letter from DHS said that disclosure could affect "the conduct of federal programs, or other programs or operations essential to the interests of our nation."
This IT shop isn't worried about bandwidth demands from the Olympics
The 2008 Olympic Games in Beijing are just a week away. Is your IT department ready to handle the impact on your business from employees downloading online video of the opening ceremonies or the latest gymnastic feat?
IOC admits it accepted China Internet censorship
Hackers start DNS attacks, researcher says
FBI warns of new Storm worm attacks
Study: Companies need to address telework security
Some Web sites blocked at China Olympic press center
The Real Dirt on Whitelisting - 7/30/2008 5:50:00 PM The choice for blacklisting versus whitelisting isn’t really black and white
Hacking Without Exploits - 7/29/2008 4:30:00 PM Black Hat researchers will demonstrate how the bad guys are quietly raking in big bucks without ninja hacking skills, tools, or exploit code
New Video Surveillance Technology 'Recognizes' Abnormal Activity - 7/28/2008 10:05:00 AM BRS software can establish 'normal' on-camera activity – and alert security staff when something unusual occurs
Anthrax Scientist Kills Himself
washingtonpost.com — A top U.S. biodefense researcher apparently committed suicide just as the Justice Department was about to file criminal charges against him in the anthrax mailings that traumatized the nation in the weeks following the Sept. 11, 2001, terrorist attacks, according to a published report. More… (World News)
Identity Theft Monitoring Services Called 'Waste' The Privacy Rights Clearinghouse reports that many services are available for free, and that paying for extras doesn't buy much.
Extradition Appeal for British Hacker Dismissed UPDATE: A British hacker who broke into U.S. military computers looks set to be extradited to the U.S. after a British court ruling.
DNS Attack Writer a Victim of His Own Creation One week after releasing attack code, HD Moore has fallen victim to a cache poisoning attack.
Check Your Personal Data Before Your Employer Does Conducting your own preemptive background check can stave off nasty surprises.
AOL Sued for the Names of Bloggers Critical of Memphis Police Leadership
The city of Memphis, Tennessee sued AOL for the names of people contributing to the web blog MPD Enforcer 2.0. The blog is critical of law enforcement leadership and is very popular with Memphis police. The blog is credited with raising public discussion about the use of law enforcement resources.
Police director sues to find identity of blogger critical of MPD
Terrorists Using Open Wireless Networks
Remember when I said that I keep my home wireless network open? Here's a reason not to listen to me:
When Indian police investigating bomb blasts which killed 42 people traced an email claiming responsibility to a Mumbai apartment, they ordered an immediate raid.
But at the address, rather than seizing militants from the Islamist group which said it carried out the attack, they found a group of puzzled American expats.
In a cautionary tale for those still lax with their wireless internet security, police believe the email about the explosions on Saturday in the west Indian city of Ahmedabad was sent after someone hijacked the network belonging to one of the Americans, 48-year-old Kenneth Haywood.
Of course, the terrorists could have sent the e-mail from anywhere. But life is easier if the police don't raid your apartment.
EDITED TO ADD (8/1): My wireless network is still open. But, honestly, the terrorists are more likely to use the open network at the coffee shop up the street and around the corner.
Why You Should Never Talk to the Police
This is an engaging and fascinating video presentation by Professor James Duane of the Regent University School of Law, explaining why -- in a criminal matter -- you should never, ever, ever talk to the police or any other government agent. It doesn't matter if you're guilty or innocent, if you have an alibi or not -- it isn't possible for anything you say to help you, and it's very possible that innocuous things you say will hurt you.
Definitely worth half an hour of your time.
And this is a video of Virginia Beach Police Department Officer George Bruch, who basically says that Duane is right.
Posted on July 31, 2008 at 12:52 PM
3,000 Blank British Passports Stolen
Looks like an inside job.
Posted on July 31, 2008 at 6:08 AM
World War II Deception Story
Great security story from an obituary of former OSS agent Roger Hall:
One of his favorite OSS stories involved a colleague sent to occupied France to destroy a seemingly impenetrable German tank at a key crossroads. The French resistance found that grenades were no use.
The OSS man, fluent in German and dressed like a French peasant, walked up to the tank and yelled, "Mail!"
The lid opened, and in went two grenades.
Hall's book about his OSS days, You're Stepping on My Cloak and Dagger, is a must read.
Posted on July 29, 2008 at 1:50 PM
Poisoned DNS servers pop up as ISPs patch Robert Lemos, 2008-07-30 An online attacker poisons at least one domain-name server at a major Internet service provider to send Google lookups to a pay-per-click ad network.
Federal agencies slow to deploy cryptoNews Brief, 2008-07-29Despite high-profile data breaches, less than a third of U.S. government systems have encrypted sensitive data, states a report to Congress.
Yahoo relents, gives coupons, refunds to music DRM captives
Yahoo announced last week that it would be shutting down its DRM authentication servers in September, leaving Yahoo Music customers out in the cold. Now, the company says it will offer coupons to customers who want to repurchase their music from Rhapsody's DRM-free store, or refunds to those who just want their darn money back.
July 31, 2008 - 09:55AM CT - by Jacqui Cheng
Top Botnets Pushing Rogue 'Antivirus' ProgramJuly 30, 2008
Four of the top spamming botnets are sending malicious spam in order to install a rogue anti-virus program on victims' machines.
UPS, E-Tickets and MoreJuly 28, 2008
The Pushdo botnet has added three more spam themes to distribute malware along with its UPS theme.
The peaceful worm…. not :(
Backdoor scams emerge on phishing kits
Sue Marquette Poremba July 31, 2008
Nearly half of the live phishing kits identified online have backdoors designed to steal from the information thieves using them.
Senate OKs revamped identity theft legislation
Dan Kaplan July 31, 2008
The U.S. Senate on Wednesday passed the latest version of the Identity Theft Enforcement and Restitution Act.
Expert urges China visitors to encrypt dataReuters - Thu Jul 31, 11:30 PM ET
WASHINGTON (Reuters) - China's blocking of Web sites has embarrassed the International Olympic Committee, but a computer security expert said on Thursday that visitors to Beijing also needed to protect their data from prying eyes.
McAfee Expands Into Data Loss Prevention
McAfee agreed to spend $46 million in cash to acquire privately owned Reconnex, maker of data loss prevention solutions.
Subscribe to:
Posts (Atom)
