U.S. sees six 'disruptive technologies' by 2025
September 10, 2008 (Computerworld) WASHINGTON -- In December, the president-elect will get a report detailing threats to the U.S. that will most likely include a list of emerging technologies that will have a major impact on the U.S. and the world. This report, called Global Trends 2025, is a forecast prepared by U.S. intelligence agencies.
The report will be a grim assessment, with warnings about economic challenges, an aging work force, climate change and U.S. adversaries, according to emerging details, which most recently surfaced in a speech by Thomas Fingar, deputy director of the Office of the Director of National Intelligence, the body that oversees all U.S intelligence agencies. Fingar spoke this month before a gathering of intelligence analysts at a conference in Orlando.
Get ready for mobile social networks CTIA participants see advantages in having social networking capability on a smart phone or other wireless device, but say issues over profitability and privacy remain. Read more...
Mozilla adds privacy mode to Firefox 3.1 plans
After a frustrating year in Congress, tech groups plan merger
ITAA, AeA are in talks to consolidate
San Francisco hunts for mystery device on city network
September 11, 2008 (IDG News Service) With costs related to an alleged rogue network administrator's hijacking of the city's network now estimated at $1 million, San Francisco officials say they are searching for a mysterious networking device hidden somewhere on the network.
The device, referred to as a "terminal server" in court documents, appears to be a router that was installed to provide remote access to the city's Fiber WAN network, which connects municipal computer and telecommunication systems throughout the city. City officials haven't been able to log into the device, however, because they do not have the username and password. In fact, the city's Department of Telecommunications and Information Services (DTIS) isn't even certain where the device is located, according to court filings.
iTunes 8 takes down Vista with 'blue screen of death'
Tribune blames Googlebot for United Air Lines stock crash
Irate Ark. man posts county e-mail records in privacy fight
Cisco Security Advisory: Multiple Cisco Products Vulnerable to DNS Cache Poisoning Attacks
Update: September 9th, 2008
http://www.cisco.com/en/US/products/products_security_advisory09186a00809c2168.shtml
September 10, 2008 Google, police take cyber crime lessons to schools
http://www.crime-research.org/news/10.09.2008/3566/
With youngsters becoming Internet savvy in the rapidly emerging world of computer technology, cyber crimes and misuse of Internet have also taken an upward curve.
To help put a check on this, Google India, as a part of their BeNetSmart awareness initiative, carried out an awareness campaign in nine schools in Kolkata on Tuesday.
“We decided to start a campaign to help students know how to avoid misuse of the internet and inculcate in them the best cyber practices,” said Rishi S Jaitly, policy analyst, Google India Pvt Ltd. The team interacted with 5,000 students in the city, added Jaitly.
The nationwide programme first took off from Mumbai and Chennai after which it came to Kolkata. In this campaign, Kolkata Police assisted Google India in educating school students about proper internet usage.
Enterprises Struggle to Identify Sources of Risk - 9/11/2008 5:45:00 PM Security remains top priority, but businesses wrestle with business case, BT study says
New 'On/Off Switch' Protects RFID Cards From Hacks - 9/11/2008 5:20:00 PM Technology would let cardholders activate RFID transmission only when card goes through a reader
'Password Recovery' Services May Be Hackers for Hire - 9/10/2008 4:40:00 PM Services that promise to help you find your lost passwords may make their living by cracking the passwords of others, IBM researcher says
Report: In-Depth Analysis Finds More Severe Web Flaws - 9/10/2008 4:30:00 PM Web Application Security Consortium (WASC) report suggests automated scanning alone isn't as thorough when it comes to serious bugs
Data Breaches Spark Hard Drive Shredding Boom
This is a great time to be in the hard-drive shredding business, as companies scramble to destroy data before the bad guys have a chance to steal it. A look inside the belly of the beast (includes video).
Read more
Dog Calls: Company Trains K-9s to Sniff Out Contraband Cell Phones
A California company has developed a niche training dogs to detect illicit cell phones in correctional facilities.(So what does a cell phone smell like, you ask?)
Read more
September 2008 Monthly Bulletin Release
Posted Tuesday, September 09, 2008 9:50 AM by MSRCTEAM
I'm Simon, Release Manager in the MSRC. The September 2008 release contains 4 new bulletins, all with maximum severities of "Critical".
MS08-052 Vulnerabilities in GDI+ Could Allow Remote Code Execution (954593)
MS08-053 Vulnerability in Windows Media Encoder 9 Could Allow Remote Code Execution (954156)
MS08-054 Vulnerability in Windows Media Player Could Allow Remote Code Execution (954154)
MS08-055 Vulnerability in Microsoft Office Could Allow Remote Code Execution (955047)
For a technical deep-dive regarding these bulletins, please visit our Security Vulnerability Research and Defence blog.
Sep 10, 12:20 am
Computer Threat for Industrial Systems Now More Serious
A security researcher has released easy-to-use attack code that targets industrial SCADA systems.
Sep 11, 11:22 am
Why Can't I Open Vista's Cookies Folder?
Lamar Redmon wants to know why he can't access Vista's Cookies folder typing "cookies" and selecting it.
CookieMonster is coming to Pown (err, Town)
Last month at Defcon, Mike Perry gave a talk about a vulnerability with sites that use SSL to secure the traffic if the site saves a cookie on your machine but does not set a flag indicating it is to be used only with encrypted sessions only. If some one can place themselves so they see your web traffic, they can inject arbitrary content to the data for sites not requiring cookies to set 'Encrypted Sessions Only' and force your browser to provide the saved cookies in a cleartext response. For more information about his tool from last month, see here.
On Tuesday, Mike posted more information including documentation for the tool, a sample configuration file and some code snippets. The tool itself has not yet been made available to the general public.
Turning off Fire Hydrants in the Name of Terrorism
This really pegs the stupid meter:
He explains all the district's hydrants, including those in Alexander Ranch, have had their water turned off since just after 9/11 -- something a trade association spokesman tells us is common practice for rural systems.
"These hydrants need to be cut off in a way to prevent vandalism or any kind of terrorist activity, including something in the water lines," Hodges said.
But Hodges says fire departments know, or should have known, the water valves can be turned back on with a tool.
One, fires are much more common than terrorism -- keeping fire hydrants on makes much more sense than turning them off. Two, what sort of terrorism is possible using working fire hydrants?
Three, if the water valves can be "turned back on with a tool," how does turning them off prevent fire-hydrant-related terrorism?
More and more, it seems as if public officials in this country have simply gone insane.
http://blogs.washingtonpost.com/securityfix/
Fake Antispyware Purveyor Doubles as Domain Registrar
A cyber gang known for aggressively spreading fake anti-spyware programs through hijacked and malicious Web sites has become an authorized reseller of domain names. Security Fix has learned that this gang is using its access as a registrar to ease the process of creating new Web sites used to push their invasive software.
Court protects cell-phone location recordsNews Brief, 2008-09-11
A federal judge rules that information on which base stations a cell-phone customers uses is protecting information requiring a search warrant.
"CareerBuilder's new survey finds: 'Of those hiring managers who have screened job candidates via social networking profiles, one-third (34 percent) reported they found content that caused them to dismiss the candidate from consideration.' Some red flags: content about applicant using drugs or drinking, inappropriate photos and bad-mouthing former bosses."
Hacking POTS lines:
Joseph Vaccarelli, a former Verizon Technician, has been charged with racking up $220,000 in phone-sex calls by tapping into the land lines of nearly 950 customers. Authorities say that he made approximately 5,000 calls, resulting in 45,000 minutes of call time. Verizon estimated that out of a 40-week period, Vaccarelli spent 15 weeks talking on sex lines. How in the world do you have this much phone sex, period, but especially at work, and not have anyone notice?
Microsoft to VMware: You're surrounded
Larry Dignan: The Novell move to offer Microsoft virtualization in mixed source environments is just the latest item this week showing that Microsoft is flexing its distribution muscles.
Mary Jo Foley: Microsoft keeps banging the virtualization drum
Larry Dignan: VMware: CEO Greene out; Revenue light
Sam Diaz: Virtualization software revives dumb terminals, cuts IT costs
Zango's Latest Trick: Pitching Fake Batman MMORPG To Get People To Download Adware
McCain Campaign Ignores Cease-And-Desist; Keeps Playing 'Barracuda'
IP Attorneys Increasingly Getting Their Own Patents And Suing
from the joining-in-the-party dept
A year ago, the story of patent attorney Scott Harris started making headlines. While being an IP attorney at a prestigious law firm, on the side, Harris had been getting his own patents, and then using a shell organization to sue companies for infringing. Some of the companies sued were represented by the firm that Harris worked for. Talk about a conflict of interest, right? Well, reporter Joe Mullin has discovered that these sorts of things are increasingly common. Various IP attorneys involved in patent hoarding lawsuits are seeing how lucrative it can be to just get a patent and sue -- and so they're eagerly jumping into the game themselves. Mullin dug up a bunch of cases of IP lawyers getting their own patents, and then suing over those patents, outside of their day job. Not surprisingly, many of the patents seem highly questionable (a patent on a car entertainment system that has a radio in front with DVD video in back.)
U.S. intellectual property protection goes worldwide
Sue Marquette Poremba September 11, 2008
Legislation has been introduced in the Senate aimed at reducing intellectual property theft around the world.
Researchers uncover new tool for building fake YouTube pages
Dan Kaplan September 11, 2008
A new tool makes it easier for malware spreaders to create bogus YouTube pages.
Health information security standard issued
Sue Marquette Poremba September 10, 2008
A new standard spells out detailed controls for managing health information security.
Senate Committee Expands Justice Department Copyright Enforcement Powers; Biden Doesn't Vote
Cyber crooks set email trap with bogus Obama sex videoAFP - 2 hours, 58 minutes ago
SAN FRANCISCO (AFP) - Cyber crooks are trying to cash in on fascination with the US presidential race by sending trick email promising a sex video starring candidate Barack Obama, according to Sophos computer security firm.
87 MILLION gamers really upset with Chinese hackers
Chinese hackers have long specialized in writing trojans and other malicious software to steal accounts from MMORPGs (massively multi-player online role-playing games). The people over at MapleStory have had enough and are starting to block IP addresses from China:
According to AsiaSoft Online, the game’s publisher and regional distributor, the game has 87 million accounts worldwide, with2 million accounts from Singapore alone.
AsiaSoft marketing director Ng Kok Khwang said the online attacks took place in August. “We were under attack by Chinese hackers from China, and we have since blocked IP addresses from China and are monitoring the situation,” Mr Ng said.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment