11 in China sentenced for software piracy A court in Shenzhen, China, sentenced 11 members of a software counterfeiting operation Wednesday, with the defendants getting between one and a half and six and half years in prison, according to Microsoft. Read more...
Security vendors ready fix for 'Curse of Silence' SMS attack
December 31, 2008 (IDG News Service) A single malformed text message can prevent some Nokia Corp. smart phones from receiving further messages via Short Messaging Service (SMS) -- and the offending message can be sent from almost any Nokia phone, even non-smart-phone models, a German security researcher demonstrated Tuesday.
Top 9 Network Security Threats in 2009
Perimeter e-Security's Kevin Prince offers his predictions on the new year's threat landscape.
Read more
Microsoft: MD5 hack poses no major threats to users
Information on Microsoft Security Advisory 961509
Posted Tuesday, December 30, 2008 10:08 AM by MSRCTEAM
Hi everyone. This is Maarten Van Horenbeeck. I just joined the Microsoft Security Response Center a few months ago, and am the program manager working on the issue described in Microsoft Security Advisory (961509), which we just released.
This is not a vulnerability in our products, it is in fact an issue that affects the industry as a whole.
Researchers hack VeriSign's SSL scheme for securing Web sites
"a group of hackers announced that they'd beaten SSL, using a cluster of 200 PS3s. By exploiting a flaw in the MD5 cryptographic algorithm (used in certain digital signatures and certificates), the group managed to create a rogue Certification Authority (CA) which allows them to create their own SSL certificates"
Microsoft downplays Windows Media Player bug
Legal firms setting up practices devoted to video games
Video games are big business, to the tune of roughly $50 billion a year, and lawyers are starting to realize that getting involved could mean a big increase in billable hours.
December 31, 2008 - 06:30AM CT - by Michael Thompson
Fry's Electronics VP faces criminal charges and lawsuit
December 29, 2008 (Computerworld) A vice president at Fry's Electronics Inc. is facing the inside of two different courtrooms for allegedly running a kickback scheme that netted him tens of millions of dollars.
Ausaf Umar Siddiqui, former vice president of merchandising and operations at Fry's, has been charged in U.S. District Court in the Northern District of California with allegedly running a kickback scheme that defrauded the electronics retailer. Also, according to a report in the San Jose Mercury News, the San Jose-based electronics retailer is seeking the return of $10 million that Siddiqu allegedly borrowed and failed to repay. Siddiqui had worked at the company for the past 20 years.
30GB Zune apocalypse arrives as devices enter digital coma (Updated 2x)
Judgment day has arrived for owners of 30GB Zunes. The music player inexplicably entered a worldwide coma last night, and players are completely nonresponsive. Whoops.
December 31, 2008 - 10:05AM CT - by David Chartier
Flash cookies and other techniques:
Watch Out for Hidden Cookies Browser plug-ins can also store individually-identifying data, and your normal privacy settings may have no effect.
MS08-067 Worm on the Loose
Symantec has identified W32.Downadup.B as a new worm that is spreading by taking advantage of the RPC vulnerability from MS08-067.
Surprises in the Windows 7 EULA
Ed Bott: One of the first things I did before installing the leaked Windows 7 build was to read the end user license agreement (EULA), carefully. Most of it was boilerplate, but I found a few surprises hidden within the legalese.
Muslim hackers attack Israeli sites as Gaza strikes continue
Dan Kaplan December 31, 2008
Muslim extremists are targeting Israeli websites, as the conflict in the Gaza Strip rages on, with no end in sight.
1.5 million individuals affected in RBS WorldPay breach
Angela Moscaritolo December 29, 2008
Hackers may have accessed more than a million Social Security numbers being stored by WorldPay, an electronic payment processing service.
Wednesday, December 31, 2008
Monday, December 29, 2008
Monday 12/29/08
https://privnote.com/ lets you send notes that get destroyed after reading. Kind of like Mission Impossible orders.
This story started two weeks ago:
Amazon warns customers of infected digital photo frames Amazon.com has issued a warning to customers that the driver installation CD for a Samsung digital frame sold until earlier this month may contain malware. Read more...
Monday, December 29, 2008 12:40 PM
Windows Media Player crash not exploitable for code execution
On Christmas Day, the MSRC opened a case tracking a Bugtraq-posted POC describing a “malformed WAV,SND,MID file which can lead to a remote integer overflow”. By Saturday evening, we saw reputable internet sources claiming this bug could lead to executing arbitrary code on the system.
We investigated right away and found that this bug cannot be leveraged for arbitrary code execution.
ERIC SAYS: Yeah, right... for now!
Verizon wins $31M judgment in cybersquatting case
Verizon had accused OnlineNIC of registering at least 663 domain names identical or confusingly similar to Verizon trademarks. The domain names listed in the complaint, filed June 6, included Verizon-cellular.com and Buyverizon.net.
Fake Christmas, holiday greetings spread new malware
Georgia man sentenced for bribery in Atlanta Public Schools tech case
In 1998, Scott and other school district employees recommended that Multimedia Communications and related companies be awarded E-Rate contracts. Then, beginning in late 2000 and continuing for about two years, Harris paid M&S Consulting, a business partnership between Scott and his wife, Evelyn Myers Scott, more than $230,000 for favorable treatment in receiving E-Rate and other school district business, the DOJ said.
Microsoft kicks fake security software off 400,000 PCs
Shoplifting on the Rise in Bad Economy
Gunpowder Is Okay to Bring on an Airplane
Putting it in a clear plastic baggie magically makes it safe:
Mind you, I had packed the stuff safely. It was in three separate jars: one of charcoal, one of sulphur, and one of saltpetre (potassium nitrate). Each jar was labeled: Charcoal, Sulphur, Saltpetre. I had also thoroughly wet down each powder with tap water. No ignition was possible. As a good citizen, I had packed the resulting pastes into a quart-sized "3-1-1" plastic bag, along with my shampoo and hand cream. This bag I took out of my messenger bag and put on top of my bin of belongings, turned so that the labels were easy for the TSA inspector to read.
Posted on December 29, 2008 at 7:05 AM
The New York Times reports that the soon-to-be-disbanded Bush / Cheney White House threatens to overload the National Archives with close to 100 Terabytes of data. This includes the Barney Cam and even 'formats not previously dealt with.' By way of comparison, the Clinton White House dumped less than a single terabyte into the archives.
$2-Million Texas Surveillance System Nets 500 Lbs of Pot
A new $2-million citizen surveillance system installed along the Tex-Mex border has yielded just one crime bust after about six weeks in operation -- three suspects who were allegedly caught hauling 540 pounds of marijuana over the border after someone spotted them online, according to the Houston Chronicle.
The expensive system of 13 closed-circuit cameras placed along the Rio Grande -- which is billed as a "virtual stakeout" for "virtual deputies" -- involves images from the cameras that are streamed online. Members of the public are invited to serve as "virtual deputies" by watching the images and reporting any suspicious activity they see.
Chinese schools, search sites host malicious codeNews Brief, 2008-12-29
Two universities and two major search portals in China fall prey to attackers, who compromised the sites to host programs that attack online visitors.
29 December 2008Cracks in the iPhone security architecture at 25C3
Members of the iPhone Dev hacker team offered a glimpse of their ongoing work to get around the SIM lock on Apple's smartphone more…
Researchers Point Out XSS Flaws On American Express SiteDec 22,2008
Flaws could jeopardize users' identities, researchers say
This story started two weeks ago:
Amazon warns customers of infected digital photo frames Amazon.com has issued a warning to customers that the driver installation CD for a Samsung digital frame sold until earlier this month may contain malware. Read more...
Monday, December 29, 2008 12:40 PM
Windows Media Player crash not exploitable for code execution
On Christmas Day, the MSRC opened a case tracking a Bugtraq-posted POC describing a “malformed WAV,SND,MID file which can lead to a remote integer overflow”. By Saturday evening, we saw reputable internet sources claiming this bug could lead to executing arbitrary code on the system.
We investigated right away and found that this bug cannot be leveraged for arbitrary code execution.
ERIC SAYS: Yeah, right... for now!
Verizon wins $31M judgment in cybersquatting case
Verizon had accused OnlineNIC of registering at least 663 domain names identical or confusingly similar to Verizon trademarks. The domain names listed in the complaint, filed June 6, included Verizon-cellular.com and Buyverizon.net.
Fake Christmas, holiday greetings spread new malware
Georgia man sentenced for bribery in Atlanta Public Schools tech case
In 1998, Scott and other school district employees recommended that Multimedia Communications and related companies be awarded E-Rate contracts. Then, beginning in late 2000 and continuing for about two years, Harris paid M&S Consulting, a business partnership between Scott and his wife, Evelyn Myers Scott, more than $230,000 for favorable treatment in receiving E-Rate and other school district business, the DOJ said.
Microsoft kicks fake security software off 400,000 PCs
Shoplifting on the Rise in Bad Economy
Gunpowder Is Okay to Bring on an Airplane
Putting it in a clear plastic baggie magically makes it safe:
Mind you, I had packed the stuff safely. It was in three separate jars: one of charcoal, one of sulphur, and one of saltpetre (potassium nitrate). Each jar was labeled: Charcoal, Sulphur, Saltpetre. I had also thoroughly wet down each powder with tap water. No ignition was possible. As a good citizen, I had packed the resulting pastes into a quart-sized "3-1-1" plastic bag, along with my shampoo and hand cream. This bag I took out of my messenger bag and put on top of my bin of belongings, turned so that the labels were easy for the TSA inspector to read.
Posted on December 29, 2008 at 7:05 AM
The New York Times reports that the soon-to-be-disbanded Bush / Cheney White House threatens to overload the National Archives with close to 100 Terabytes of data. This includes the Barney Cam and even 'formats not previously dealt with.' By way of comparison, the Clinton White House dumped less than a single terabyte into the archives.
$2-Million Texas Surveillance System Nets 500 Lbs of Pot
A new $2-million citizen surveillance system installed along the Tex-Mex border has yielded just one crime bust after about six weeks in operation -- three suspects who were allegedly caught hauling 540 pounds of marijuana over the border after someone spotted them online, according to the Houston Chronicle.
The expensive system of 13 closed-circuit cameras placed along the Rio Grande -- which is billed as a "virtual stakeout" for "virtual deputies" -- involves images from the cameras that are streamed online. Members of the public are invited to serve as "virtual deputies" by watching the images and reporting any suspicious activity they see.
Chinese schools, search sites host malicious codeNews Brief, 2008-12-29
Two universities and two major search portals in China fall prey to attackers, who compromised the sites to host programs that attack online visitors.
29 December 2008Cracks in the iPhone security architecture at 25C3
Members of the iPhone Dev hacker team offered a glimpse of their ongoing work to get around the SIM lock on Apple's smartphone more…
Researchers Point Out XSS Flaws On American Express SiteDec 22,2008
Flaws could jeopardize users' identities, researchers say
Wednesday, December 24, 2008
Wednesday December 24, 2008
In case you've got small kids, make sure to visit: www.noradsanta.org! The USAF tracks Santa's progress across the earth.
Merry Christmas!
Adobe has published a Security Administration Guide for Acrobat. The guide covers the security differences for most of the major releases of the product and is available for download.
Better site for Adobe Security documents: http://www.adobe.com/devnet/acrobat/
December 21, United Press International – (National) Report: EPA allows chemical secrecy.
The U.S. Environmental Protection Agency (EPA) has kept data about potentially dangerous chemicals secret, the Milwaukee Journal Sentinel says. The newspaper said its analysis of more than 2,000 EPA dangerous chemical filings during the last three years found that the U.S. department allowed chemicals’ names to remain undisclosed in more than half those cases. The Journal Sentinel said the secretive EPA entries appear to be in opposition to a federal law that requires EPA officials to publicly report any new data regarding potentially dangerous chemicals. Under the related EPA regulations, the federal department can only agree to retain confidentiality for a company or product under rare circumstances. A University of Texas-Austin law professor said the newspaper’s findings appear to indicate the agency has violated Toxic Substances Control Act rules. Source: http://www.upi.com/Science_News/2008/12/21/Report_EPA_allows_chemical_secrecy/UPI-26121229888569/
FBI uses triage to shift from terror to Madoff, subprime probes. The Federal Bureau of Investigation has engaged in "triage," taking agents off terror and other crimes to respond to a cascade of financial frauds, the head of the bureau’s New York criminal division said. The FBI was forced to reallocate its manpower in New York to deal with recent frauds involving subprime mortgages, auction-rate securities, and a well-known stock broker, who prosecutors said confessed this month to bilking investors out of $50 billion. "We have to work those cases which we think pose the greatest threat," he said. "In this case, it is a threat to the financial system and Wall Street."
Source: http://www.bloomberg.com/apps/news?pid=20601087&sid=aVHDu98R3s6s&refer=home
Survey: Workers facing layoffs could be security threat. Fifty-eight percent of Wall Street office workers surveyed say they would take valuable company data with them if faced with a layoff, if they knew they could get away with it. The survey on the recession and its effects on work ethics were conducted among 226 office workers on New York City’s Wall Street by IT security firm Cyber-Ark. The survey found that many office workers are downloading sensitive company secrets right now under their bosses’ noses in anticipation they could lose their jobs.
Among the survey’s findings were more than half the workers surveyed who admitted to already downloading competitive corporate data said they would use it as a negotiating tool to secure their next post because they know the information will be useful to future employers.
The top-of-list of desirable information being extracted from employers is customer and contact databases. Plans and proposals, product information, and access and password codes are also popular choices. HR records and legal documents were the least favored data employees were interested in taking. Finally, 62 percent of workers admitted it was easy to sneak company information out of the office.
Source: http://www.bizjournals.com/nashville/stories/2008/12/22/daily3.html
If Avian Flu hits us we are toast:
Hospitals under stress. Torrance Memorial Medical Center is the region’s busiest emergency room. Its front entrance is guarded by metal detectors, and the line to get in sometimes stretches into the parking lot. The average wait is about eight hours, the result of an overburdened hospital network with capacity stretched thin.
The recent domino effect of hospital closures and bed reductions — four have closed in the South Bay, 10 emergency rooms in the county have shut down, and at least two other hospitals have reduced bed capacity — has left many worried that the increasingly fragile network will not be able to cope with an event resulting in mass injury, such as a natural disaster, terrorist attack, freeway pile-up, pandemic flu or plane crash.
"If Southern California’s hospitals can’t handle patient inflow even during the course of a normal day, I have grave doubts about how the region would do in a disaster scenario," said the executive director of the Hospital Association of Southern California, a trade group. "Any increase in demand would stretch the system beyond what it could handle." Los Angeles County as a whole has a meager 1,500 excess beds on any given day, according to a 2007 study by PriceWaterhouseCoopers, a consulting firm. More than half of all hospitals are on diversion — meaning they turn away ambulances due to crowding — at least 20 percent of the time.
Source: http://toplistings.dailybreeze.com/ci_11281522
U.S. not ready for cyber attack.
The United States is unprepared for a major hostile attack against vital computer networks, government and industry officials said on December 18 after participating in a two-day "cyberwar" simulation. The game involved 230 representatives of government defense and security agencies, private companies, and civil groups. It revealed flaws in leadership, planning, communications, and other issues, participants said. "There isn’t a response or a game plan," said senior vice president of the Booz Allen Hamilton consulting service, which ran the simulation. "There isn’t really anybody in charge," he told reporters afterward. Officials cited attacks by Russia sympathizers on Estonia and Georgia as examples of modern cyberwarfare, and said U.S. businesses and government offices have faced intrusions and attacks. Source: http://uk.reuters.com/article/technologyNewsMolt/idUKTRE4BI00520081219?sp=true
Microsoft confirms it's been working on SQL Server bug since April
Microsoft warns of critical bug in SQL Server
More information about the SQL stored procedure vulnerability
From the Security Advisory (961040);What systems are primarily at risk from the vulnerability?"Clients and applications that utilize MSDE 2000 or SQL Server 2005 Express are at risk of remote attack if they have modified the default installation to accept remote connections, if they allow untrusted users access to MSDE 2000 or SQL Server 2005 Express, or if an application that uses MSDE 2000 or SQL Server 2005 Express has a SQL Injection vulnerability.
Microsoft warns of SQL Server vulnerability
Dan Kaplan December 23, 2008
Exploit code has been published for a new vulnerability in Microsoft SQL Server.
Chinese hackers to face up to seven years in jail: report AFP - Tue Dec 23, 12:23 PM ET
BEIJING (AFP) - Hackers in China could face up to seven years in jail according to a draft law, as the country moves to fight rampant computer data theft, state media said Tuesday.
The Big Security Threat of Small Laptops
Ultraportables forgo size, weight, power -- and security.
Description of someone dealing with the virus named "AntiVirus 2009":
I'm sure you are all too familiar with the Antivirus 2009 virus? Well, I'd never heard of it until last Saturday and wished I hadn't. It blew right by my firewalls and install of McAfee, trashed IE, imbedded itself in the taskbar, Documents and Settings, Windows\system32 and other crannies. It wiped system restore and spawned processes that were impossible to kill. A scan with McAfee didn't find anything. Kapersky's online scan found 6 infected files and showed me their locations but didn't provide any hints on how to get rid of them. All the files were attached to running processes, so it wouldn't let me delete them + wouldn't let me kill the processes.
The next morning, after quite an exhaustive search with Google, I came across Avira's free rescue CD:http://www.avira.com/en/support/support_downloads.html
I powered up another Windows PC that we don't normally use, made sure it was current on patches, downloaded and burned the Avira image. Then, I booted the infected PC off the CD, waited for it to detect my Internet connection and update it's signatures. After that, I had it run it's scan and in a short time, it finished saying it had detected 13 infected files. It said it couldn't delete them but renamed them, placing a .XXX at the end. I was then able to boot the PC, perform a search for those files using *.XXX and delete them. After that, I performed a scan with F-Secure's Blacklight rootkit detection and elimination tool: http://www.f-secure.com/security_center/, which found no malware.
Mobile data is vulnerable data:
Global notebook shipments finally overtake desktops
Notebooks recently overtook desktop PCs in the US, and a new report says the trend went global in Q3 as well, thanks to the rise of the netbook.
December 23, 2008 - 09:35PM CT - by David Chartier
From an article on Symantec:
"According to McAfee, malicious software that steals personal data has risen tenfold from 130,000 samples last year to 1.3 million this year. "
On ABC:
Every day the men and women of the Department of Homeland Security patrol more than 100,000 miles of America's borders. This territory includes airports, seaports, land borders, international mail centers, the open seas, mountains, deserts and even cyberspace. Now viewers will get an unprecedented look at the work of these men and women while they use the newest technology to safeguard our country and enforce our laws, in "Homeland Security USA," which debuts with the episode "This is Your Car on Drugs," TUESDAY, JANUARY 6 (8:00-9:00 p.m., ET) on ABC.
Sure it's propaganda, but the agency can use the image boost.
Wait, You Mean Homeland Security Isn't Already Scanning Blogs & Forums For Terrorists?
from the uh,-yikes? dept
USA Today is reporting that Homeland Security is looking to start scanning blogs, forums and message boards to try to track terrorists and terrorist activity. My first reaction to this, honestly, was shock. Shouldn't they have been doing this already? As in, for many, many years? To be fair, the article suggests that the real difference here is that in the past Homeland Security has done static searches that they check on every so often -- and now they're hoping for a more real-time solution. Even so, it strikes me as odd that Homeland Security didn't already have something that was at least close to real-time in alerting them to certain things online. For all the talk of sophisticated monitoring on internet activities, could it be that we're really that far behind in internet terrorist monitoring?
A New spam circulating fake wire transfer statements
Wednesday December 24, 2008 at 9:33 am CST
Posted by Shinsuke Honjo
Digital picture frame viruses back for ChristmasNews Brief, 2008-12-24
Samsung warns consumers that a virus managed to hitch a ride on at least one model of its digital picture frames.
Merry Christmas!
Adobe has published a Security Administration Guide for Acrobat. The guide covers the security differences for most of the major releases of the product and is available for download.
Better site for Adobe Security documents: http://www.adobe.com/devnet/acrobat/
December 21, United Press International – (National) Report: EPA allows chemical secrecy.
The U.S. Environmental Protection Agency (EPA) has kept data about potentially dangerous chemicals secret, the Milwaukee Journal Sentinel says. The newspaper said its analysis of more than 2,000 EPA dangerous chemical filings during the last three years found that the U.S. department allowed chemicals’ names to remain undisclosed in more than half those cases. The Journal Sentinel said the secretive EPA entries appear to be in opposition to a federal law that requires EPA officials to publicly report any new data regarding potentially dangerous chemicals. Under the related EPA regulations, the federal department can only agree to retain confidentiality for a company or product under rare circumstances. A University of Texas-Austin law professor said the newspaper’s findings appear to indicate the agency has violated Toxic Substances Control Act rules. Source: http://www.upi.com/Science_News/2008/12/21/Report_EPA_allows_chemical_secrecy/UPI-26121229888569/
FBI uses triage to shift from terror to Madoff, subprime probes. The Federal Bureau of Investigation has engaged in "triage," taking agents off terror and other crimes to respond to a cascade of financial frauds, the head of the bureau’s New York criminal division said. The FBI was forced to reallocate its manpower in New York to deal with recent frauds involving subprime mortgages, auction-rate securities, and a well-known stock broker, who prosecutors said confessed this month to bilking investors out of $50 billion. "We have to work those cases which we think pose the greatest threat," he said. "In this case, it is a threat to the financial system and Wall Street."
Source: http://www.bloomberg.com/apps/news?pid=20601087&sid=aVHDu98R3s6s&refer=home
Survey: Workers facing layoffs could be security threat. Fifty-eight percent of Wall Street office workers surveyed say they would take valuable company data with them if faced with a layoff, if they knew they could get away with it. The survey on the recession and its effects on work ethics were conducted among 226 office workers on New York City’s Wall Street by IT security firm Cyber-Ark. The survey found that many office workers are downloading sensitive company secrets right now under their bosses’ noses in anticipation they could lose their jobs.
Among the survey’s findings were more than half the workers surveyed who admitted to already downloading competitive corporate data said they would use it as a negotiating tool to secure their next post because they know the information will be useful to future employers.
The top-of-list of desirable information being extracted from employers is customer and contact databases. Plans and proposals, product information, and access and password codes are also popular choices. HR records and legal documents were the least favored data employees were interested in taking. Finally, 62 percent of workers admitted it was easy to sneak company information out of the office.
Source: http://www.bizjournals.com/nashville/stories/2008/12/22/daily3.html
If Avian Flu hits us we are toast:
Hospitals under stress. Torrance Memorial Medical Center is the region’s busiest emergency room. Its front entrance is guarded by metal detectors, and the line to get in sometimes stretches into the parking lot. The average wait is about eight hours, the result of an overburdened hospital network with capacity stretched thin.
The recent domino effect of hospital closures and bed reductions — four have closed in the South Bay, 10 emergency rooms in the county have shut down, and at least two other hospitals have reduced bed capacity — has left many worried that the increasingly fragile network will not be able to cope with an event resulting in mass injury, such as a natural disaster, terrorist attack, freeway pile-up, pandemic flu or plane crash.
"If Southern California’s hospitals can’t handle patient inflow even during the course of a normal day, I have grave doubts about how the region would do in a disaster scenario," said the executive director of the Hospital Association of Southern California, a trade group. "Any increase in demand would stretch the system beyond what it could handle." Los Angeles County as a whole has a meager 1,500 excess beds on any given day, according to a 2007 study by PriceWaterhouseCoopers, a consulting firm. More than half of all hospitals are on diversion — meaning they turn away ambulances due to crowding — at least 20 percent of the time.
Source: http://toplistings.dailybreeze.com/ci_11281522
U.S. not ready for cyber attack.
The United States is unprepared for a major hostile attack against vital computer networks, government and industry officials said on December 18 after participating in a two-day "cyberwar" simulation. The game involved 230 representatives of government defense and security agencies, private companies, and civil groups. It revealed flaws in leadership, planning, communications, and other issues, participants said. "There isn’t a response or a game plan," said senior vice president of the Booz Allen Hamilton consulting service, which ran the simulation. "There isn’t really anybody in charge," he told reporters afterward. Officials cited attacks by Russia sympathizers on Estonia and Georgia as examples of modern cyberwarfare, and said U.S. businesses and government offices have faced intrusions and attacks. Source: http://uk.reuters.com/article/technologyNewsMolt/idUKTRE4BI00520081219?sp=true
Microsoft confirms it's been working on SQL Server bug since April
Microsoft warns of critical bug in SQL Server
More information about the SQL stored procedure vulnerability
From the Security Advisory (961040);What systems are primarily at risk from the vulnerability?"Clients and applications that utilize MSDE 2000 or SQL Server 2005 Express are at risk of remote attack if they have modified the default installation to accept remote connections, if they allow untrusted users access to MSDE 2000 or SQL Server 2005 Express, or if an application that uses MSDE 2000 or SQL Server 2005 Express has a SQL Injection vulnerability.
Microsoft warns of SQL Server vulnerability
Dan Kaplan December 23, 2008
Exploit code has been published for a new vulnerability in Microsoft SQL Server.
Chinese hackers to face up to seven years in jail: report AFP - Tue Dec 23, 12:23 PM ET
BEIJING (AFP) - Hackers in China could face up to seven years in jail according to a draft law, as the country moves to fight rampant computer data theft, state media said Tuesday.
The Big Security Threat of Small Laptops
Ultraportables forgo size, weight, power -- and security.
Description of someone dealing with the virus named "AntiVirus 2009":
I'm sure you are all too familiar with the Antivirus 2009 virus? Well, I'd never heard of it until last Saturday and wished I hadn't. It blew right by my firewalls and install of McAfee, trashed IE, imbedded itself in the taskbar, Documents and Settings, Windows\system32 and other crannies. It wiped system restore and spawned processes that were impossible to kill. A scan with McAfee didn't find anything. Kapersky's online scan found 6 infected files and showed me their locations but didn't provide any hints on how to get rid of them. All the files were attached to running processes, so it wouldn't let me delete them + wouldn't let me kill the processes.
The next morning, after quite an exhaustive search with Google, I came across Avira's free rescue CD:http://www.avira.com/en/support/support_downloads.html
I powered up another Windows PC that we don't normally use, made sure it was current on patches, downloaded and burned the Avira image. Then, I booted the infected PC off the CD, waited for it to detect my Internet connection and update it's signatures. After that, I had it run it's scan and in a short time, it finished saying it had detected 13 infected files. It said it couldn't delete them but renamed them, placing a .XXX at the end. I was then able to boot the PC, perform a search for those files using *.XXX and delete them. After that, I performed a scan with F-Secure's Blacklight rootkit detection and elimination tool: http://www.f-secure.com/security_center/, which found no malware.
Mobile data is vulnerable data:
Global notebook shipments finally overtake desktops
Notebooks recently overtook desktop PCs in the US, and a new report says the trend went global in Q3 as well, thanks to the rise of the netbook.
December 23, 2008 - 09:35PM CT - by David Chartier
From an article on Symantec:
"According to McAfee, malicious software that steals personal data has risen tenfold from 130,000 samples last year to 1.3 million this year. "
On ABC:
Every day the men and women of the Department of Homeland Security patrol more than 100,000 miles of America's borders. This territory includes airports, seaports, land borders, international mail centers, the open seas, mountains, deserts and even cyberspace. Now viewers will get an unprecedented look at the work of these men and women while they use the newest technology to safeguard our country and enforce our laws, in "Homeland Security USA," which debuts with the episode "This is Your Car on Drugs," TUESDAY, JANUARY 6 (8:00-9:00 p.m., ET) on ABC.
Sure it's propaganda, but the agency can use the image boost.
Wait, You Mean Homeland Security Isn't Already Scanning Blogs & Forums For Terrorists?
from the uh,-yikes? dept
USA Today is reporting that Homeland Security is looking to start scanning blogs, forums and message boards to try to track terrorists and terrorist activity. My first reaction to this, honestly, was shock. Shouldn't they have been doing this already? As in, for many, many years? To be fair, the article suggests that the real difference here is that in the past Homeland Security has done static searches that they check on every so often -- and now they're hoping for a more real-time solution. Even so, it strikes me as odd that Homeland Security didn't already have something that was at least close to real-time in alerting them to certain things online. For all the talk of sophisticated monitoring on internet activities, could it be that we're really that far behind in internet terrorist monitoring?
A New spam circulating fake wire transfer statements
Wednesday December 24, 2008 at 9:33 am CST
Posted by Shinsuke Honjo
Digital picture frame viruses back for ChristmasNews Brief, 2008-12-24
Samsung warns consumers that a virus managed to hitch a ride on at least one model of its digital picture frames.
Monday, December 22, 2008
Monday 12/22/08
Microsoft explains how it missed critical IE bug Microsoft developers missed a critical bug in Internet Explorer because they weren't properly trained and didn't have the right testing tools, the company's secure code expert says. Read more...
Researchers sound alarm about bug in free antivirus scanner
A bug in Trend Micro Inc.'s free online virus scanning service can be used by hackers to hijack Windows PCs running Internet Explorer, security researchers warned.
... A reader said "Security awareness training and a million dollars here or there is a good investment to preserve the funding pipeline and organizational reputation. To the executives it's less about ROI than protecting image, funding, and cost avoidance with respect to reporting breaches."
Undersea robot searches for severed cables
Bardin: The 12 Days of Audit
Four material misstatements, three acts of fraud, two worthless controls, and an operational deficiency!
Read more
Don't like speed cameras? Use them to punk your enemies
There are few citizens who are fans of red-light and speed cameras, but high school students are beginning to use these controversial cameras to their advantage. With the help of a printer, some glossy photo paper, and a license plate template, these students have learned that they can trick speed cameras into sending tickets to their peers.
December 22, 2008 - 10:49AM CT - by Jacqui Cheng
Target of RIAA lawsuit says music piracy case has been an ordeal
... Tenenbaum's run-in with the RIAA began in September 2005, when he was an undergrad at Goucher College in Baltimore. His parents, who live in Providence, R.I., received a pre-litigation notice from Sony BMG, Warner Bros. and other recording companies directing them to contact an RIAA "settlement hotline" and pony up $5,250 for alleged online music piracy involving a computer in their home.
There was little opportunity to dispute the amount or to even question the validity of the allegations made in the letter...
US to ICANN: plan to sell new gTLDs is a real stinker
The US government isn't any happier with ICANNs plan to open 200-800 gTLDs for sale to the highest bidder than anyone else. The federal response to the proposal falls just short of recommending ICANN throw it out altogether.
December 22, 2008 - 01:34PM CT - by Joel Hruska
RIAA Caught Lying About Stopping Lawsuits
...
However, there was a bit of surprising news that came out of the press barrage after the announcement about giving up on the mass lawsuits: the RIAA claimed that it had stopped filing lawsuits months earlier. That certainly didn't fit with the story we had just seen earlier in the week of new lawsuits, and now Ray Beckerman has put together a list of recently filed lawsuits by the RIAA and its major record label members in the last few weeks.
Having Cellmate Means Woman Loses Alimony
By MATTHEW HELLER
In a very literal reading of a divorce agreement, a Florida appeals court has ruled that a woman can no longer receive alimony from her ex-husband because of her "cohabitation" with another person in a prison cell. more
Check Point to purchase Nokia's security appliance business
Small laptops pose big threat
They're highly portable, inexpensive, very popular -- and a potential security nightmare. Running...
Researchers sound alarm about bug in free antivirus scanner
A bug in Trend Micro Inc.'s free online virus scanning service can be used by hackers to hijack Windows PCs running Internet Explorer, security researchers warned.
... A reader said "Security awareness training and a million dollars here or there is a good investment to preserve the funding pipeline and organizational reputation. To the executives it's less about ROI than protecting image, funding, and cost avoidance with respect to reporting breaches."
Undersea robot searches for severed cables
Bardin: The 12 Days of Audit
Four material misstatements, three acts of fraud, two worthless controls, and an operational deficiency!
Read more
Don't like speed cameras? Use them to punk your enemies
There are few citizens who are fans of red-light and speed cameras, but high school students are beginning to use these controversial cameras to their advantage. With the help of a printer, some glossy photo paper, and a license plate template, these students have learned that they can trick speed cameras into sending tickets to their peers.
December 22, 2008 - 10:49AM CT - by Jacqui Cheng
Target of RIAA lawsuit says music piracy case has been an ordeal
... Tenenbaum's run-in with the RIAA began in September 2005, when he was an undergrad at Goucher College in Baltimore. His parents, who live in Providence, R.I., received a pre-litigation notice from Sony BMG, Warner Bros. and other recording companies directing them to contact an RIAA "settlement hotline" and pony up $5,250 for alleged online music piracy involving a computer in their home.
There was little opportunity to dispute the amount or to even question the validity of the allegations made in the letter...
US to ICANN: plan to sell new gTLDs is a real stinker
The US government isn't any happier with ICANNs plan to open 200-800 gTLDs for sale to the highest bidder than anyone else. The federal response to the proposal falls just short of recommending ICANN throw it out altogether.
December 22, 2008 - 01:34PM CT - by Joel Hruska
RIAA Caught Lying About Stopping Lawsuits
...
However, there was a bit of surprising news that came out of the press barrage after the announcement about giving up on the mass lawsuits: the RIAA claimed that it had stopped filing lawsuits months earlier. That certainly didn't fit with the story we had just seen earlier in the week of new lawsuits, and now Ray Beckerman has put together a list of recently filed lawsuits by the RIAA and its major record label members in the last few weeks.
Having Cellmate Means Woman Loses Alimony
By MATTHEW HELLER
In a very literal reading of a divorce agreement, a Florida appeals court has ruled that a woman can no longer receive alimony from her ex-husband because of her "cohabitation" with another person in a prison cell. more
Check Point to purchase Nokia's security appliance business
Small laptops pose big threat
They're highly portable, inexpensive, very popular -- and a potential security nightmare. Running...
Friday, December 19, 2008
Friday 12/19/08
RIAA shifts gears on music piracy, says it won't file more suits
The Recording Industry Association of America said it will stop filing lawsuits against suspected music pirates and start working with ISPs to identify and try to stop alleged copyright infringers. Read more...
Undersea cable cuts disrupt Internet access
December 19, 2008 (IDG News Service) Internet and telephone traffic between Europe, the Middle East and Asia was hampered today after three major underwater data lines were cut, according to France Telecom.
The cuts occurred between 07:28 and 08:06 Coordinated Universal Time (UTC) (2:28 a.m. and 03:06 a.m. Eastern) on lines in the Mediterranean Sea that connect Sicily to Tunisia and Egypt, the telecommunications company said.
The cuts were to the Sea Me We 4 and Sea Me We 3 lines, which connect countries between Singapore and France as well as the Flag Telecom cable route, which stretches from the U.K. to Japan, according to a France Telecom spokeswoman who asked not to be named.
France Telecom isn't sure what caused the cut, she said. "We have two assumptions. The first is that it could be an underwater earthquake," she said. "Or it could be simply a ship in the area which has cut the cable."
State Department worker gets probation for passport snooping
Mozilla plugs 13 holes in Firefox, retires older 2.0 browser
Thousands of legitimate sites SQL injected to serve IE exploit
Dancho Danchev: During the past few days, Chinese hackers have launched massive SQL injection attacks affecting over 100,000 web sites.
iPhone 3G successfully unlocked by hackers Macworld.com - Tue Dec 16, 11:13 AM ET
Five months after the release of the iPhone 3G last July, a team of hackers has finally figured out a way to alter the device’s software so that it can be unlocked for use on networks other than AT&T’s. That team is, of course, the infamous iPhone Dev-Team, most recently seen hacking the iPhone to run Linux.
As Phishing Evolves, Criminals Switch to Malware PC World - Thu Dec 18, 12:50 PM ET
The scammers began to see serious problems with their phishing scams sometime around April.
About 90 percent of all email is spam: Cisco
Researchers Hone In On 'Dropzones' For Stolen CredentialsDec 18,2008
One-third of "impersonation attack" victims from the U.S. and Russia, research finds
Greetings from Amazon.com.
We have recently learned that Samsung has issued an alert affecting its SPF-85H 8-Inch Digital Photo Frame. Our records indicate that you have purchased one of the digital photo frames through the Amazon.com website and are therefore affected by this alert.
The alert involves the SPF-85H 8-Inch Digital Photo Frames w/1GB Internal Memory, designed to work with Windows-based PCs via a USB connector. They were sold between October and December 2008 for about $150.The alert concerns discovery of the W32.Sality.
AE worm on the installation disc SAMSUNG FRAME MANAGER XP VERSION 1.08, which is needed for using the SPF-85H as a USB monitor. If you are using Vista or a different version of Frame Manager, this issue does not affect you.
...
Yahoo Adopts New Search Engine Retention Policy
Yahoo announced that, after 90 days, it will obscure some elements in the records that it keeps about all Internet users who use the company's services. The search company will continue to keep modified record locators, time/date stamps, web pages viewed, and a persistent user identifier, known as a "cookie" for an indefinite period. Yahoo is also retaining much of the IP address, which typically identifies a user's device, such as a laptop or a mobile phone. Privacy rules classify IP addresses as "personal data." Experts have criticized the partial deletion of IP address data as insufficient to protect search engine consumers, and called for complete deletion.
Yahool Limits Retention of Personal Data, New York Times, December 18, 2008
Hundreds of Stolen Data Dumps Found
http://blogs.washingtonpost.com/securityfix/
A comprehensive new study that peers into huge troves of financial data stolen by cyber thieves confirms what experts have surmised from looking at much smaller, isolated caches of digital loot: That criminals can make hundreds, even thousands, of dollars a day selling data stolen with the help of widely available software toolkits.
Recent reports by security firms Finjan, RSA, SecureWorks and Symantec have shown that stolen identities, bank accounts and credit card numbers are sold in bulk every day in shadowy online forums, often for pennies on the dollar. In its analysis, Symantec found in 2007 that the going rate for the keys to assuming someone else's identity was between $14 and $18 per victim.
Those reports either presented conclusions based on examining a single cache of stolen data, or by observations based on watching transactions between cyber thieves. But a report released today by researchers at the University of Mannheim, Germany, offers a disturbing glimpse at the sheer abundance of this stolen data.
Security Cartoon: Overly Specific Countermeasures
At President Bush's press conferences.
A Canadian business man is on the hook for a $52,000 phone bill after someone hacked into his voice mail system and found a way to dial out. The hacker racked up the charges with calls to Bulgaria. The business owner noticed an odd message coming up on his call display (Feature 36), and alerted his provider, Manitoba Telecom Services. They referred him to their fraud department, who discovered the breach. MTS said that they would reverse the charges if the hacked equipment was theirs, but in this case it was customer owned. The ironic part is that the victim's company, HUB Computer Solutions is in the business of computer and network security. They even offer to sell, configure and secure Cisco VoIP systems. Looks as though they even couldn't manage to secure their own system, which doesn't bode well for their customers.
Social Networking MalwareDecember 17, 2008
The bad guys are currently using social networking sites like Facebook and MySpace to distribute malware.
How Many More Ways Can Axl Rose Piss Off Fans?
from the keep-trying dept
Axl Rose of Guns N' Roses has a funny way of trying to sell his album: his strategy seems to basically revolve around pissing off fans who want to interact with the music. There's been plenty of coverage over the arrest and subsequent guilty plea of a blogger who was actually doing a fantastic job of promoting the new album by leaking it online. Since then, Rose has apparently been unwilling to do much to actually promote the album, other than putting angry rants on various websites. The latest is that he's apparently threatening legal action against Activision for including some GNR songs in Guitar Hero. Apparently no one pointed out to Rose that having songs in Guitar Hero tends to help sell more albums. And, that would be useful for Rose right now, as reports are that his long-awaited album has been a tremendous flop. So, once again, it's worth pointing out that the last thing any musician wants to do these days is appear to be anti-fan.
Public and private sectors join in cyberattack simulation
Angela Moscaritolo December 19, 2008
A simulation this week demonstrated the need for better collaboration among public and private security groups.
...
The event, called Cyber Strategic Inquiry (CSI'08), was a war game simulating simultaneous cyberattacks targeting the financial sector and critical infrastructures, and was hosted by Booz Allen Hamilton and the nonprofit Business Executives for National Security (BENS).
Some 230 participants, including government defense and security agency members, private companies and civic groups brainstormed ways to mitigate the attacks.
No more landlines, only cell phones:
17.5% of Households Wireless Only
China Aggressively Pursuing Cyber Warfare Says 2008 U.S.-China Economic & Security Review Commission
FBI warns of holiday cyber scams
The Recording Industry Association of America said it will stop filing lawsuits against suspected music pirates and start working with ISPs to identify and try to stop alleged copyright infringers. Read more...
Undersea cable cuts disrupt Internet access
December 19, 2008 (IDG News Service) Internet and telephone traffic between Europe, the Middle East and Asia was hampered today after three major underwater data lines were cut, according to France Telecom.
The cuts occurred between 07:28 and 08:06 Coordinated Universal Time (UTC) (2:28 a.m. and 03:06 a.m. Eastern) on lines in the Mediterranean Sea that connect Sicily to Tunisia and Egypt, the telecommunications company said.
The cuts were to the Sea Me We 4 and Sea Me We 3 lines, which connect countries between Singapore and France as well as the Flag Telecom cable route, which stretches from the U.K. to Japan, according to a France Telecom spokeswoman who asked not to be named.
France Telecom isn't sure what caused the cut, she said. "We have two assumptions. The first is that it could be an underwater earthquake," she said. "Or it could be simply a ship in the area which has cut the cable."
State Department worker gets probation for passport snooping
Mozilla plugs 13 holes in Firefox, retires older 2.0 browser
Thousands of legitimate sites SQL injected to serve IE exploit
Dancho Danchev: During the past few days, Chinese hackers have launched massive SQL injection attacks affecting over 100,000 web sites.
iPhone 3G successfully unlocked by hackers Macworld.com - Tue Dec 16, 11:13 AM ET
Five months after the release of the iPhone 3G last July, a team of hackers has finally figured out a way to alter the device’s software so that it can be unlocked for use on networks other than AT&T’s. That team is, of course, the infamous iPhone Dev-Team, most recently seen hacking the iPhone to run Linux.
As Phishing Evolves, Criminals Switch to Malware PC World - Thu Dec 18, 12:50 PM ET
The scammers began to see serious problems with their phishing scams sometime around April.
About 90 percent of all email is spam: Cisco
Researchers Hone In On 'Dropzones' For Stolen CredentialsDec 18,2008
One-third of "impersonation attack" victims from the U.S. and Russia, research finds
Greetings from Amazon.com.
We have recently learned that Samsung has issued an alert affecting its SPF-85H 8-Inch Digital Photo Frame. Our records indicate that you have purchased one of the digital photo frames through the Amazon.com website and are therefore affected by this alert.
The alert involves the SPF-85H 8-Inch Digital Photo Frames w/1GB Internal Memory, designed to work with Windows-based PCs via a USB connector. They were sold between October and December 2008 for about $150.The alert concerns discovery of the W32.Sality.
AE worm on the installation disc SAMSUNG FRAME MANAGER XP VERSION 1.08, which is needed for using the SPF-85H as a USB monitor. If you are using Vista or a different version of Frame Manager, this issue does not affect you.
...
Yahoo Adopts New Search Engine Retention Policy
Yahoo announced that, after 90 days, it will obscure some elements in the records that it keeps about all Internet users who use the company's services. The search company will continue to keep modified record locators, time/date stamps, web pages viewed, and a persistent user identifier, known as a "cookie" for an indefinite period. Yahoo is also retaining much of the IP address, which typically identifies a user's device, such as a laptop or a mobile phone. Privacy rules classify IP addresses as "personal data." Experts have criticized the partial deletion of IP address data as insufficient to protect search engine consumers, and called for complete deletion.
Yahool Limits Retention of Personal Data, New York Times, December 18, 2008
Hundreds of Stolen Data Dumps Found
http://blogs.washingtonpost.com/securityfix/
A comprehensive new study that peers into huge troves of financial data stolen by cyber thieves confirms what experts have surmised from looking at much smaller, isolated caches of digital loot: That criminals can make hundreds, even thousands, of dollars a day selling data stolen with the help of widely available software toolkits.
Recent reports by security firms Finjan, RSA, SecureWorks and Symantec have shown that stolen identities, bank accounts and credit card numbers are sold in bulk every day in shadowy online forums, often for pennies on the dollar. In its analysis, Symantec found in 2007 that the going rate for the keys to assuming someone else's identity was between $14 and $18 per victim.
Those reports either presented conclusions based on examining a single cache of stolen data, or by observations based on watching transactions between cyber thieves. But a report released today by researchers at the University of Mannheim, Germany, offers a disturbing glimpse at the sheer abundance of this stolen data.
Security Cartoon: Overly Specific Countermeasures
At President Bush's press conferences.
A Canadian business man is on the hook for a $52,000 phone bill after someone hacked into his voice mail system and found a way to dial out. The hacker racked up the charges with calls to Bulgaria. The business owner noticed an odd message coming up on his call display (Feature 36), and alerted his provider, Manitoba Telecom Services. They referred him to their fraud department, who discovered the breach. MTS said that they would reverse the charges if the hacked equipment was theirs, but in this case it was customer owned. The ironic part is that the victim's company, HUB Computer Solutions is in the business of computer and network security. They even offer to sell, configure and secure Cisco VoIP systems. Looks as though they even couldn't manage to secure their own system, which doesn't bode well for their customers.
Social Networking MalwareDecember 17, 2008
The bad guys are currently using social networking sites like Facebook and MySpace to distribute malware.
How Many More Ways Can Axl Rose Piss Off Fans?
from the keep-trying dept
Axl Rose of Guns N' Roses has a funny way of trying to sell his album: his strategy seems to basically revolve around pissing off fans who want to interact with the music. There's been plenty of coverage over the arrest and subsequent guilty plea of a blogger who was actually doing a fantastic job of promoting the new album by leaking it online. Since then, Rose has apparently been unwilling to do much to actually promote the album, other than putting angry rants on various websites. The latest is that he's apparently threatening legal action against Activision for including some GNR songs in Guitar Hero. Apparently no one pointed out to Rose that having songs in Guitar Hero tends to help sell more albums. And, that would be useful for Rose right now, as reports are that his long-awaited album has been a tremendous flop. So, once again, it's worth pointing out that the last thing any musician wants to do these days is appear to be anti-fan.
Public and private sectors join in cyberattack simulation
Angela Moscaritolo December 19, 2008
A simulation this week demonstrated the need for better collaboration among public and private security groups.
...
The event, called Cyber Strategic Inquiry (CSI'08), was a war game simulating simultaneous cyberattacks targeting the financial sector and critical infrastructures, and was hosted by Booz Allen Hamilton and the nonprofit Business Executives for National Security (BENS).
Some 230 participants, including government defense and security agency members, private companies and civic groups brainstormed ways to mitigate the attacks.
No more landlines, only cell phones:
17.5% of Households Wireless Only
China Aggressively Pursuing Cyber Warfare Says 2008 U.S.-China Economic & Security Review Commission
FBI warns of holiday cyber scams
Wednesday, December 17, 2008
Wednesday 12/17/08
The biggest story is the Microsoft out-of-cycle patch released today. More can be read here: http://www.microsoft.com/technet/security/advisory/961051.mspx or here MS08-078 Released or here http://blogs.technet.com/swi/
Multiple stories having to do with company reputation:
Yahoo to Scrub Personal Data After Three Months
Yahoo said Wednesday it will anonymize data it collects on people's Web searches after three months.
Dec 16, 2:40 pmArm Yourself Against Social Networking Malware
Take note of these easy tips before hanging with your peeps online.
Dec 16, 1:40 pmGoogle: A Matter of Trust
Google falls from list of most trusted companies for privacy.
And the most trusted company is ... a bank?
Dec 17, 3:40 am
Firefox Issues Eight Patches for Web Browser
Mozilla has issued eight patches for its Firefox browser, three of which fix critical problems.
Researcher: Poor SSL Implementations Leave Many Sites At RiskDec 16,2008
Major sites continue to operate with expired or misconfigured SSL certificates, according to a researcher at Canola & Jones
Researcher Releases Free DoS Hacking Tool Dec 16,2008
'LetDown' can take down a Website, find DoS weaknesses
5 ways to secure your BlackBerry
Imation Introduces Dual-Layer 50 GB Blu-ray Discs in India
Cybercrime: The 2009 megathreat
Related Articles
Why Cybercrime is Thriving
Cybercrime '09: Too Late to Save Facebook?
Symantec Threat Report: Three Ways Internet Crime Has Changed
5 Must-Do Cyber Security Steps for Obama
Firm sniffs out credit card, Social Security numbers with firewall
For small businesses that can't afford data-loss prevention software, Palo Alto Networks has added a slice of DLP technology to its application-aware firewall.
Brazilian Logging Firms Hire Hackers to Modify Logging Limits
Interesting:
Some Brazilian states used a computerised allocation system to levy how much timber can be logged in each area. However, logging firms attempted to subvert these controls by hiring hackers to break systems and increase the companies' allocations.
Greenpeace reckons these types of computer swindles were responsible for the excess export of 1.7 million cubic metres of timber (or enough for 780 Olympic-sized swimming pools, as the group helpfully points out) before police broke up the scam last year. Brazilian authorities are suing logging firms for 2 billion reais (US$833m).
Posted on December 17, 2008 at 11:52 AM
With Olympics Over, China Re-Censors Internet
Comcast to debut 50Mbps Internet
Andrew Nusca: Comcast says it will debut its new ultra-high-speed Internet service in the Chicago, Baltimore, Atlanta, and Fort Wayne, Ind. markets.
Data Protection May Not Apply to 'Rich List' Alerts
(CN) - A company that sends text messages disclosing the incomes of Finland's wealthiest citizens might be exempt from European data-protection laws through an exception for "journalistic activities," Europe's highest court ruled.
Multiple stories having to do with company reputation:
Yahoo to Scrub Personal Data After Three Months
Yahoo said Wednesday it will anonymize data it collects on people's Web searches after three months.
Dec 16, 2:40 pmArm Yourself Against Social Networking Malware
Take note of these easy tips before hanging with your peeps online.
Dec 16, 1:40 pmGoogle: A Matter of Trust
Google falls from list of most trusted companies for privacy.
And the most trusted company is ... a bank?
Dec 17, 3:40 am
Firefox Issues Eight Patches for Web Browser
Mozilla has issued eight patches for its Firefox browser, three of which fix critical problems.
Researcher: Poor SSL Implementations Leave Many Sites At RiskDec 16,2008
Major sites continue to operate with expired or misconfigured SSL certificates, according to a researcher at Canola & Jones
Researcher Releases Free DoS Hacking Tool Dec 16,2008
'LetDown' can take down a Website, find DoS weaknesses
5 ways to secure your BlackBerry
Imation Introduces Dual-Layer 50 GB Blu-ray Discs in India
Cybercrime: The 2009 megathreat
Related Articles
Why Cybercrime is Thriving
Cybercrime '09: Too Late to Save Facebook?
Symantec Threat Report: Three Ways Internet Crime Has Changed
5 Must-Do Cyber Security Steps for Obama
Firm sniffs out credit card, Social Security numbers with firewall
For small businesses that can't afford data-loss prevention software, Palo Alto Networks has added a slice of DLP technology to its application-aware firewall.
Brazilian Logging Firms Hire Hackers to Modify Logging Limits
Interesting:
Some Brazilian states used a computerised allocation system to levy how much timber can be logged in each area. However, logging firms attempted to subvert these controls by hiring hackers to break systems and increase the companies' allocations.
Greenpeace reckons these types of computer swindles were responsible for the excess export of 1.7 million cubic metres of timber (or enough for 780 Olympic-sized swimming pools, as the group helpfully points out) before police broke up the scam last year. Brazilian authorities are suing logging firms for 2 billion reais (US$833m).
Posted on December 17, 2008 at 11:52 AM
With Olympics Over, China Re-Censors Internet
Comcast to debut 50Mbps Internet
Andrew Nusca: Comcast says it will debut its new ultra-high-speed Internet service in the Chicago, Baltimore, Atlanta, and Fort Wayne, Ind. markets.
Data Protection May Not Apply to 'Rich List' Alerts
(CN) - A company that sends text messages disclosing the incomes of Finland's wealthiest citizens might be exempt from European data-protection laws through an exception for "journalistic activities," Europe's highest court ruled.
Monday, December 15, 2008
Security News Feed Monday 12/15/08
The big news surrounds the zero-day exploit that was revealed just after last week's Microsoft patches were released. Exploits combine SQL Injection attacks to infect web servers combined with zero-day code to infect IE7 users. Older and newer versions of IE are apparently vulnerable, but no one is bothering to attack them.
The zero-day (un-patched) IE exploit is now reportedly attacking IE7 on all OS versions including VistaSP1, and other versions of IE both older and newer are “potentially vulnerable”. Microsoft discusses this problem here: http://www.microsoft.com/technet/security/advisory/961051.mspx.
http://www.virustotal.com/analisis/244ae03fed5b32d999c50b614fddde6a shows that 20/38 of virus scanners are currently catching this exploit, and McAfee and Symantec are NOT among them. Microsoft lists “Disable XML Island functionality” as a workaround. Check the advisory for how (but not why) to do that.
There is a list of domains that are compromised (http://www.shadowserver.net/wiki/) that could be used for a manual block list.
Cisco: Cybercriminals Hiding Behind Legitimate Websites, Email Accounts Dec 15,2008
New annual security threat report from Cisco highlights a 'rough year' for computing in 2008
http://newsroom.cisco.com/dlls/2008/prod_121508.html?POSITION=LINK&COUNTRY_SITE=us&CAMPAIGN=NewsAtCiscoLatestNewsfromCDCHP&CREATIVE=LINK1&REFERRING_SITE=CISCO.COMHOMEPAGE
The Annual Cisco Security Report: Notable Trends
Friday update for Microsoft Security Advisory 961051Posted Friday, December 12, 2008 4:58 PM by MSRCTEAM
Hi this is Christopher Budd,
I wanted to give you a quick update on a couple of new things today related to Microsoft Security Advisory 961051.
We’ve made another revision to the advisory today. Our research teams are working around the clock to help identify better, more effective workarounds to give customers more options to evaluate and we’ve updated the advisory with the latest information from their research.
We’ve also posted some additional details and information on the Security Vulnerability Research and Defense blog. This includes a Vista-specific workaround as well as additional information to help your analysis of the different workaround options.
Clarification on the various workarounds from the recent IE advisory
Businesses 'fail to learn' from HMRC data loss disaster
McCain Campaign BlackBerry Yields Sensitive Data
Critics to ICANN: Top-level domain sale dangerous, costly
Spam levels rise again after McColo fallout fades
Microsoft update leaves some bugs unpatched
Va. seeks reinstatement of anti-spam law AP - Thu Dec 11, 4:48 PM ET
RICHMOND, Va. - Virginia's attorney general asked the nation's highest court Thursday to revive a state anti-spam law struck down by a lower court as unconstitutionally overbroad.
Sony BMG to Pay US$1 Million to FTC for COPPA Violations
PC World - Thu Dec 11, 1:30 PM ET
Sony BMG Music Entertainment will pay US$1 million to the U.S. Federal Trade Commission for collecting data on at least 30,000 children under the age of 13 without their parents' consent, behavior that violates the U.S. Children's Online Privacy Protection Act (COPPA).
Dec 13, 3:35 pm
Internet Black Market Thrives
The online underground economy is booming, and the cybercrooks can't do it without you, Symantec warns.
New MS SQL Server vulnerability
Published: 2008-12-15,Last Updated: 2008-12-15 18:03:47 UTCby Toby Kohlenberg (Version: 1)
A slightly belated entry to make sure everyone is aware that last week we saw a new vulnerability announced for MS SQL Server 2000, 2005 & 2005 Express Edition by Bernhard Mueller from SEC Consult. Here is the original announcement: http://www.sec-consult.com/files/20081209_mssql-sp_replwritetovarbin_memwrite.txt
The above link does include a simple test script (not a full PoC) for the vulnerability.
There is a mitigation available - you can remove the vulnerable stored procedure. Microsoft hasn't provided a patch yet and hasn't provided a timeframe for delivery either.
British Telecom To Expand Phorm UseCarrier could eventually land in the States01:46PM Monday Dec 15 2008 by Karl Bode
British Telecom's early trials of Phorm behavioral advertising technology ended in controversy, when it was leaked that the trials were conducted without informing consumers their browsing histories were being sold. BT's third, and more transparent trial of the technology is nearing completion, Phorm saying they expect BT to fully deploy the technology shortly. story continues..
Chinese hackers are targeting French Embassy websites all around the world to protest President Nicolas Sarkozy’s visit with the Dalai Lama.
The zero-day (un-patched) IE exploit is now reportedly attacking IE7 on all OS versions including VistaSP1, and other versions of IE both older and newer are “potentially vulnerable”. Microsoft discusses this problem here: http://www.microsoft.com/technet/security/advisory/961051.mspx.
http://www.virustotal.com/analisis/244ae03fed5b32d999c50b614fddde6a shows that 20/38 of virus scanners are currently catching this exploit, and McAfee and Symantec are NOT among them. Microsoft lists “Disable XML Island functionality” as a workaround. Check the advisory for how (but not why) to do that.
There is a list of domains that are compromised (http://www.shadowserver.net/wiki/) that could be used for a manual block list.
Cisco: Cybercriminals Hiding Behind Legitimate Websites, Email Accounts Dec 15,2008
New annual security threat report from Cisco highlights a 'rough year' for computing in 2008
http://newsroom.cisco.com/dlls/2008/prod_121508.html?POSITION=LINK&COUNTRY_SITE=us&CAMPAIGN=NewsAtCiscoLatestNewsfromCDCHP&CREATIVE=LINK1&REFERRING_SITE=CISCO.COMHOMEPAGE
The Annual Cisco Security Report: Notable Trends
- The overall number of disclosed vulnerabilities grew by 11.5 percent over 2007.
- Vulnerabilities in virtualization technology nearly tripled from 35 to 103 year over year.
Attacks are becoming increasingly blended, cross-vector and targeted. - Cisco researchers saw a 90 percent growth in threats originating from legitimate domains, nearly double what was seen in 2007.
- The volume of malware successfully propagated via e-mail attachments is declining. Over the past two years (2007-2008), the number of attachment-based attacks decreased by 50 percent from the previous two years (2005-2006).
Friday update for Microsoft Security Advisory 961051Posted Friday, December 12, 2008 4:58 PM by MSRCTEAM
Hi this is Christopher Budd,
I wanted to give you a quick update on a couple of new things today related to Microsoft Security Advisory 961051.
We’ve made another revision to the advisory today. Our research teams are working around the clock to help identify better, more effective workarounds to give customers more options to evaluate and we’ve updated the advisory with the latest information from their research.
We’ve also posted some additional details and information on the Security Vulnerability Research and Defense blog. This includes a Vista-specific workaround as well as additional information to help your analysis of the different workaround options.
Clarification on the various workarounds from the recent IE advisory
Businesses 'fail to learn' from HMRC data loss disaster
McCain Campaign BlackBerry Yields Sensitive Data
Critics to ICANN: Top-level domain sale dangerous, costly
Spam levels rise again after McColo fallout fades
Microsoft update leaves some bugs unpatched
Va. seeks reinstatement of anti-spam law AP - Thu Dec 11, 4:48 PM ET
RICHMOND, Va. - Virginia's attorney general asked the nation's highest court Thursday to revive a state anti-spam law struck down by a lower court as unconstitutionally overbroad.
Sony BMG to Pay US$1 Million to FTC for COPPA Violations
PC World - Thu Dec 11, 1:30 PM ET
Sony BMG Music Entertainment will pay US$1 million to the U.S. Federal Trade Commission for collecting data on at least 30,000 children under the age of 13 without their parents' consent, behavior that violates the U.S. Children's Online Privacy Protection Act (COPPA).
Dec 13, 3:35 pm
Internet Black Market Thrives
The online underground economy is booming, and the cybercrooks can't do it without you, Symantec warns.
New MS SQL Server vulnerability
Published: 2008-12-15,Last Updated: 2008-12-15 18:03:47 UTCby Toby Kohlenberg (Version: 1)
A slightly belated entry to make sure everyone is aware that last week we saw a new vulnerability announced for MS SQL Server 2000, 2005 & 2005 Express Edition by Bernhard Mueller from SEC Consult. Here is the original announcement: http://www.sec-consult.com/files/20081209_mssql-sp_replwritetovarbin_memwrite.txt
The above link does include a simple test script (not a full PoC) for the vulnerability.
There is a mitigation available - you can remove the vulnerable stored procedure. Microsoft hasn't provided a patch yet and hasn't provided a timeframe for delivery either.
British Telecom To Expand Phorm UseCarrier could eventually land in the States01:46PM Monday Dec 15 2008 by Karl Bode
British Telecom's early trials of Phorm behavioral advertising technology ended in controversy, when it was leaked that the trials were conducted without informing consumers their browsing histories were being sold. BT's third, and more transparent trial of the technology is nearing completion, Phorm saying they expect BT to fully deploy the technology shortly. story continues..
Chinese hackers are targeting French Embassy websites all around the world to protest President Nicolas Sarkozy’s visit with the Dalai Lama.
Wednesday, December 10, 2008
Security News Feed Wednesday 12/10/08
December 2008 Monthly Bulletin Release
Posted Tuesday, December 09, 2008 10:44 AM by MSRCTEAM
Hi,
This is Christopher Budd. I wanted to let you know that we’ve just released our security bulletins for December. The new bulletins for this month are:
· MS08-070: Vulnerabilities in Visual Basic 6.0 Runtime Extended Files (ActiveX Controls) Could Allow Remote Code Execution (932349) which is rated “Critical”
· MS08-071: Vulnerabilities in GDI Could Allow Remote Code Execution (956802) which is rated “Critical”
· MS08-072: Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (957173) which is rated “Critical”
· MS08-073: Cumulative Security Update for Internet Explorer (958215) which is rated “Critical”
· MS08-074: Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (959070) which is rated “Critical”
· MS08-075: Vulnerabilities in Windows Search Could Allow Remote Code Execution (959349) which is rated “Critical”
· MS08-076: Vulnerabilities in Windows Media Components Could Allow Remote Code Execution (959807) which is rated “Important”
· MS08-077: Vulnerability in Microsoft Office SharePoint Server Could Cause Elevation of Privilege (957175) which is rated “Important”
In addition, today we’ve published Microsoft Security Advisory 960906 regarding new reports of a vulnerability in the Wordpad Converter for Word 97 files affecting Windows 2000 SP4, Windows XP SP2 and Windows Server 2003 SP1 and SP2. We are aware of very limited and targeted attacks seeking to exploit this vulnerability. The advisory details workarounds that you can evaluate while we develop a security update for this issue.
As we do each month, our colleagues over at the Security Vulnerability Research and Defense blog have more information and details on today’s security updates including MS08-076 that addresses a vulnerability similar to what we addressed with MS08-068. In my posting last month about MS08-068 I noted how we’ve been doing a lot of work to address the difficult issues around the SMBRelay attack. This new bulletin is borne out of that same ongoing effort andthat work is still going on: there are other related issues we’re still working on. You can expect to see more updates in the future out of this ongoing project.
This month the Windows Malicious Software Removal Tool is adding detection for two new families: Win32/FakeXPA and Win32/Yektel. Our colleagues over at the Microsoft Malware Protection Center (MMPC) have posted information on these new families on their blog.
Google Flu Trends spreads privacy concern Google's new Flu Trends tool, which collects and analyzes search queries to predict flu outbreaks around the country, is raising concern with privacy groups. Read more...
Microsoft issues mammoth security update, biggest in five years
Another Microsoft Bug Revealed on Huge Patch Day
Along with its biggest patch release in five years, Microsoft warned on Tuesday of another potentially dangerous vulnerability...
Spam levels climb as criminals replace crippled botnets
Analysis: Obama can't have a BlackBerry. Should your CEO?
Study: Police not prepared for international cybercrime
VeriSign, NeuStar and others team on DNS security
Momentum continues to build for rapid deployment of DNS encryption mechanisms.
Seven leading domain name vendors -- representing more than 112 million domain names or 65% of all registered domain names -- have formed an industry coalition to work together to adopt DNS Security Extensions, known as DNSSEC.
Members of the DNSSEC Industry Coalition include: VeriSign, which operates the .com and .net registries; NeuStar, which operates the .biz and .us registries; .info operator Afilias Limited; .edu operator EDUCAUSE; and The Public Interest Registry, which operates the .org registry.
New Web attack exploits unpatched IE flaw
0-day exploit for Internet Explorer in the wild
Published: 2008-12-10,Last Updated: 2008-12-10 09:38:03 UTC
As reported by some other researchers, there is a 0-day exploit for Internet Explorer circulating in the wild. At this point in time it does not appear to be wildly used, but as the code is publicly available we can expect that this will happen very soon.
This is a brand new exploit that is *not* patched with MS08-073 that was released yesterday. I can confirm that the exploit works in a fully patched Windows XP machine.
Cybercrime '09: Too late to save Facebook?
Security expert warns of continuing threats from the Web
Google tests ActiveX alternative dubbed Native Client
Dec 9, 2:45 pm
Turning a Blind Eye to Cybercrime
Governments are blind to cybercrime, says McAfee.
Current Wireless Devices Lack Real Security
A recent congressionally sponsored report shoots down the notion that anything wireless is secure.
How to Handle Security Patches With Sanity
Guest columnist and network administrator Ed Ziots offers his recipe for a sane and solid patch management program.
Read more
Disguised USB Drive
This is a 2 Gig USB drive disguised as a piece of frayed cable. You'll still want to encrypt it, of course, but it is likely to be missed if your bags are searched at customs, the police raid your house, or your lose it.
Google Notebook SpamDecember 10, 2008
Google Notebook is being used by spammers to host spam content.
Two new zero-day exploits dent Microsoft's Patch Tuesday
Several Windows components, the Windows Vista search feature, Word, Excel, Internet Explorer and Visual Basic are updated, but the updates are overshadowed by two zero-day exploits for IE7 and SQL Server 2000 more…
Security vulnerability found in MS SQL Server 2000
An attacker could exploit a memory leak to remotely execute code in the server and no update is available. The security consultant who discovered the vulnerability recommends removing the stored procedure from SQL Server more…
Posted Tuesday, December 09, 2008 10:44 AM by MSRCTEAM
Hi,
This is Christopher Budd. I wanted to let you know that we’ve just released our security bulletins for December. The new bulletins for this month are:
· MS08-070: Vulnerabilities in Visual Basic 6.0 Runtime Extended Files (ActiveX Controls) Could Allow Remote Code Execution (932349) which is rated “Critical”
· MS08-071: Vulnerabilities in GDI Could Allow Remote Code Execution (956802) which is rated “Critical”
· MS08-072: Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (957173) which is rated “Critical”
· MS08-073: Cumulative Security Update for Internet Explorer (958215) which is rated “Critical”
· MS08-074: Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (959070) which is rated “Critical”
· MS08-075: Vulnerabilities in Windows Search Could Allow Remote Code Execution (959349) which is rated “Critical”
· MS08-076: Vulnerabilities in Windows Media Components Could Allow Remote Code Execution (959807) which is rated “Important”
· MS08-077: Vulnerability in Microsoft Office SharePoint Server Could Cause Elevation of Privilege (957175) which is rated “Important”
In addition, today we’ve published Microsoft Security Advisory 960906 regarding new reports of a vulnerability in the Wordpad Converter for Word 97 files affecting Windows 2000 SP4, Windows XP SP2 and Windows Server 2003 SP1 and SP2. We are aware of very limited and targeted attacks seeking to exploit this vulnerability. The advisory details workarounds that you can evaluate while we develop a security update for this issue.
As we do each month, our colleagues over at the Security Vulnerability Research and Defense blog have more information and details on today’s security updates including MS08-076 that addresses a vulnerability similar to what we addressed with MS08-068. In my posting last month about MS08-068 I noted how we’ve been doing a lot of work to address the difficult issues around the SMBRelay attack. This new bulletin is borne out of that same ongoing effort andthat work is still going on: there are other related issues we’re still working on. You can expect to see more updates in the future out of this ongoing project.
This month the Windows Malicious Software Removal Tool is adding detection for two new families: Win32/FakeXPA and Win32/Yektel. Our colleagues over at the Microsoft Malware Protection Center (MMPC) have posted information on these new families on their blog.
Google Flu Trends spreads privacy concern Google's new Flu Trends tool, which collects and analyzes search queries to predict flu outbreaks around the country, is raising concern with privacy groups. Read more...
Microsoft issues mammoth security update, biggest in five years
Another Microsoft Bug Revealed on Huge Patch Day
Along with its biggest patch release in five years, Microsoft warned on Tuesday of another potentially dangerous vulnerability...
Spam levels climb as criminals replace crippled botnets
Analysis: Obama can't have a BlackBerry. Should your CEO?
Study: Police not prepared for international cybercrime
VeriSign, NeuStar and others team on DNS security
Momentum continues to build for rapid deployment of DNS encryption mechanisms.
Seven leading domain name vendors -- representing more than 112 million domain names or 65% of all registered domain names -- have formed an industry coalition to work together to adopt DNS Security Extensions, known as DNSSEC.
Members of the DNSSEC Industry Coalition include: VeriSign, which operates the .com and .net registries; NeuStar, which operates the .biz and .us registries; .info operator Afilias Limited; .edu operator EDUCAUSE; and The Public Interest Registry, which operates the .org registry.
New Web attack exploits unpatched IE flaw
0-day exploit for Internet Explorer in the wild
Published: 2008-12-10,Last Updated: 2008-12-10 09:38:03 UTC
As reported by some other researchers, there is a 0-day exploit for Internet Explorer circulating in the wild. At this point in time it does not appear to be wildly used, but as the code is publicly available we can expect that this will happen very soon.
This is a brand new exploit that is *not* patched with MS08-073 that was released yesterday. I can confirm that the exploit works in a fully patched Windows XP machine.
Cybercrime '09: Too late to save Facebook?
Security expert warns of continuing threats from the Web
Google tests ActiveX alternative dubbed Native Client
Dec 9, 2:45 pm
Turning a Blind Eye to Cybercrime
Governments are blind to cybercrime, says McAfee.
Current Wireless Devices Lack Real Security
A recent congressionally sponsored report shoots down the notion that anything wireless is secure.
How to Handle Security Patches With Sanity
Guest columnist and network administrator Ed Ziots offers his recipe for a sane and solid patch management program.
Read more
Disguised USB Drive
This is a 2 Gig USB drive disguised as a piece of frayed cable. You'll still want to encrypt it, of course, but it is likely to be missed if your bags are searched at customs, the police raid your house, or your lose it.
Google Notebook SpamDecember 10, 2008
Google Notebook is being used by spammers to host spam content.
Two new zero-day exploits dent Microsoft's Patch Tuesday
Several Windows components, the Windows Vista search feature, Word, Excel, Internet Explorer and Visual Basic are updated, but the updates are overshadowed by two zero-day exploits for IE7 and SQL Server 2000 more…
Security vulnerability found in MS SQL Server 2000
An attacker could exploit a memory leak to remotely execute code in the server and no update is available. The security consultant who discovered the vulnerability recommends removing the stored procedure from SQL Server more…
Monday, December 8, 2008
Security News Feed Monday 12/08/08
December 2008 Advanced NotificationPosted Thursday, December 04, 2008 9:59 AM by MSRCTEAM
Hello, Bill here.
I wanted to let you know that we just posted our Advance Notification for next week’s bulletin release which will occur on Tuesday, Dec. 9, 2008 around 10 a.m. Pacific Standard Time.
It is important to remember that while the information posted below is intended to help with your planning, because it is preliminary information, it is subject to change.
As part of our regularly scheduled bulletin release, we’re currently planning to release eight security bulletins:
· Six Microsoft Security Bulletins rated as Critical and two rated as Important.
Digging Deeper Into the CheckFree Attack
Permalink
The hijacking of the nation's largest e-bill payment system this week offers a glimpse of an attack that experts say is likely to become more common in 2009.
Atlanta based CheckFree acknowledged Wednesday that hackers had, for several hours, redirected visitors to its customer login page to a Web site in Ukraine that tried to install password-stealing software.
While this attack garnered few headlines, there are clues that suggest it may have affected a large number of people. CheckFree claims that more than 24 million people use its services. Avivah Litan, a fraud analyst with Gartner Inc., said CheckFree controls between 70 to 80 percent of the U.S. online bill pay market. Among the 330 kinds of bills consumers can pay through CheckFree are military credit accounts, utility bills, insurance payments, mortgage and loan payments.
A spokeswoman for Network Solutions, the Herndon, Va., domain registrar that CheckFree used to register its Web site name, told Security Fix Wednesday that someone had used the correct credentials needed to access and make changes to CheckFree's Web site records.
Mumbai Terrorists Used Google Earth, Boats, Food
The Mumbai terrorists used Google Earth to help plan their attacks. This is bothering some people...
Think tank panel recommends that feds make major cybersecurity changes A commission set up by a think tank said in a report that the U.S. government should impose sweeping new cybersecurity regulations on businesses and create a centralized cybersecurity office in the White House. Read more...
Vulnerabilities play only a minor role in malware spread, says researcher
Computer users are their own worst enemies, a security company warned today as it released data that showed software bugs were the source of just 5% of the year's infections.
The majority of the attacks carried out by 2008's top 100 pieces of malware were caused by users surfing to malicious sites, then accepting some kind of download, Trend Micro Inc. researchers said today.
From Jan. 1 to Nov. 25, the top 100 attack programs infected 53% of their victims by duping them into downloading something from the Internet. An additional 12% of the infections tracked globally were caused by users opening e-mail attachments.
Just 5% of the infections were related to an exploit of a software vulnerability, said Trend's analysis.
A brief tour of the software pirate underground scene
When people think of software pirates, they usually envision college kids downloading games off BitTorrent, or adults getting too-good-to-be-true bargains on eBay, or street stalls lined with DVDs in Third World cities.
The real pirate scene, however, is much larger and hidden, and yet in plain sight, say experts.
Feds Nab More Members of Alleged Identity Theft Gang
Federal authorities say they have taken another step toward busting a multinational identity-theft ring that allegedly used stolen personal data to withdraw millions of dollars from home equity line-of-credit accounts at U.S. banks.
Four U.S. residents were arrested in late November in connection with the scheme, which netted more than $2.5 million, according to the U.S. attorney's office in New Jersey. Four other men had been arrested between August and October.
Fugitive Danish IT chief surrenders to L.A. police
Stein Bagger, the head of a Danish IT company wanted for fraud by Interpol, surrendered to L.A. police on Saturday.
FAQ: Why Obama may give up his BlackBerry while he's in the White House
Could Barack Obama ever expect to continue using his BlackBerry once he officially becomes president?
According to experts on security, mobile phones and presidential communications, the answer is no.
Facebook Worm Refuses to DiePC World - 1 minute ago
A worm program that has been tricking Facebook users into downloading malicious software since July has resurfaced.
Court Allows Spyware Program to Go Back on Sale PC World - 6 minutes ago
A Florida company that sells a spyware program must change advertising pitches that emphasize the product's clandestine nature, but the company can continue to sell the application, a U.S. federal court has ruled.
China irks US with computer security review rules AP - Mon Dec 8, 10:30 AM ET
BEIJING - The Chinese government is stirring trade tensions with Washington with a plan to require foreign computer security technology to be submitted for government approval, in a move that might require suppliers to disclose business secrets.
Microsoft, RSA Partner To Integrate DLP, Identity ManagementDec 04,2008
Broad adoption of data classification technology could be "game changer" for both DLP and Microsoft
Popular Home DSL Routers At Risk Of CSRF AttackDec 03,2008
Researcher demonstrates ease of hacking home routers with insidious cross-site request forgery (CSRF) attack
Adobe Admits New PDF Password Protection is Weaker
Adobe made a critical change to the algorithm used to password-protect PDF documents in Acrobat 9, making it much easier to recover a password and raising concern over the safety of documents, according to Russian security firm Elcomsoft.
Elcomsoft specializes in making software that can recover the passwords for Adobe documents. The software is used by companies to open documents after employees have forgotten their passwords, and by law enforcement services in their investigations.
For its Reader 9 and Acrobat 9 products, Adobe implemented 256-bit AES (Advanced Encryption Standard) encryption, up from the 128-bit AES encryption used in previous Acrobat products.
The original 128-bit encryption is strong, and in some cases it would take years to test all possible keys to uncover a password, said Dmitry Sklyarov, information security analyst with Elcomsoft.
But Elcomsoft said the change in the underlying algorithm for Acrobat 9 makes cracking a weak password -- especially a short one with only upper and lower case letters -- up to 100 times faster than in Acrobat 8, Sklyarov said. Despite using 256-bit encryption, the change to the algorithm still undermines a document's security.
MySpace gripe about patient sparks federal privacy complaint
Healthcare workers are as prone to kvetching about work as the rest of the human race, but especially in the Internet era, medical privacy statutes mean venting in the wrong venue can have dire consequences. Stephanie Sicilia, an employee at an OB/GYN office in Mc Kees Rocks, Pennsylvania, has discovered that the hard way: A woman who read some trash talk about patients on Sicilia's MySpace page has filed a complaint with the Department of Health and Human Services, alleging that the posts violate the Health Insurance Portability and Accountability Act.
Return of the Mega-D
December 4, 2008
Spam increases again due in no small part to Mega-D.
First Thing We Do Is Automate Away All The Lawyers...
from the paraphrasing-shakespeare dept
Since we write about an awful lot of lawsuits and public policy issues around here, we often can be pretty harsh on lawyers (admittedly, we often fall short of appreciating the good lawyers who protect everyone from the worst abuses). But, one thing that has seemed pretty clear is that, by opening up more legal issues, the pace of technology innovation has increased the demand for more lawyers. But will that always be the case? Apparently, some believe that a business ripe for disintermediation, thanks to the internet, will be the legal profession. The idea is that a lot of basic (high margin) legal work can now be automated. Part of this is probably true. The amount that businesses have to pay for fairly routine processes can be quite ridiculous at times.
However, I doubt that the legal profession is really facing a shift as major as those facing, say, the entertainment industry. It may cut out some margins on the low end of stuff usually handled by paralegals or new associates, but it seems likely that there will be plenty of room for lawyers. Sometimes, in fact, it seems like our elected representatives are really mostly focused on a program of "full employment for lawyers," by passing laws that only require more lawyers.
12 Comments Leave a Comment..
Spore's DRM So Effective It Was The Most Downloaded Game Of The Year
from the nice-work,-EA dept
It never really made sense for EA to be so insistent on having draconian DRM on games. Before the company even launched Spore people made it quite clear the plan would backfire, but EA went forward with it anyway, creating a PR nightmare. And all for what? Turns out (not surprisingly) the DRM didn't do squat to stop unauthorized file sharing. Spore has now been declared the most downloaded video game of the year. And, even though the year's not over, no other game is going to catch up. And, it's worth noting, the game only launched in October, so this is only over a couple of months. In other words, EA's "antipiracy strategy" backfired almost completely. The company got a huge PR blackeye which probably only encouraged more people to download the game via file sharing. Can someone explain, again, why any company thinks DRM works?
Interesting Conflict
By MILT POLICZER
0 comments
Here's an interesting conflict of interest question: Can you accept clients who may want to sue an industry that paid for your education?
Think of it in medical terms. Do you really want to get prescriptions from a doctor that went to Johnson & Johnson University?
Much as I love idle questions, this isn't one because I was astonished to spot a press release the other day that began with this: "Boston College Law School has announced a $3.1 million gift from Liberty Mutual Group to establish the Liberty Mutual Insurance Professorship in property and casualty insurance law."
It's brilliant!
Liberty Mutual just stopped a substantial group of potential Massachusetts lawyers from ever being able to take a case against them. In fact, if you want to get fussy about it, all those BC law students may never be able to sue anyone in the insurance industry.
DNSChanger Trojans v4.0
Earlier today SANS posted an excellent blog on a recent variant of a DNSChanger Trojan. There are some significant implications to this threat, but before I go into those, here’s a brief rundown of the main DNS-changing Trojan tactics used to date:
Modify Windows Hosts file to map specific domain names to specific IP addresses (McAfee classifies these Trojans as QHOSTS Trojans, more of a precursor to DNSChangers
Modify Windows registry settings to reference specific (rogue) DNS servers [DNSChanger.f]
Create a scheduled task under Mac OS X to reference specific (rogue) DNS servers [OSX/Puper]
Exploit cross-site request forgery vulnerabilities in routers to overwrite the DNS server configuration offered to local area network clients [DNSChanger.f]
We’ve now seen a new tactic, which has the potential of impacting most devices on the local network–independent of the operating system or device (Windows, Linux, Internet-capable MP3 players, digital picture frames, refrigerators, you name it). The tactic involves serving the rogue DNS server configuration over DHCP, the protocol responsible for distributing dynamic IP addresses, as well as other information, including DNS settings.
5 Things I bet you didn't know your Cisco ASA FW could do by Jamey Heary
I've compiled 5 very useful ASA features that I find most customers don't know about yet. You've probably heard of one or...
Hello, Bill here.
I wanted to let you know that we just posted our Advance Notification for next week’s bulletin release which will occur on Tuesday, Dec. 9, 2008 around 10 a.m. Pacific Standard Time.
It is important to remember that while the information posted below is intended to help with your planning, because it is preliminary information, it is subject to change.
As part of our regularly scheduled bulletin release, we’re currently planning to release eight security bulletins:
· Six Microsoft Security Bulletins rated as Critical and two rated as Important.
Digging Deeper Into the CheckFree Attack
Permalink
The hijacking of the nation's largest e-bill payment system this week offers a glimpse of an attack that experts say is likely to become more common in 2009.
Atlanta based CheckFree acknowledged Wednesday that hackers had, for several hours, redirected visitors to its customer login page to a Web site in Ukraine that tried to install password-stealing software.
While this attack garnered few headlines, there are clues that suggest it may have affected a large number of people. CheckFree claims that more than 24 million people use its services. Avivah Litan, a fraud analyst with Gartner Inc., said CheckFree controls between 70 to 80 percent of the U.S. online bill pay market. Among the 330 kinds of bills consumers can pay through CheckFree are military credit accounts, utility bills, insurance payments, mortgage and loan payments.
A spokeswoman for Network Solutions, the Herndon, Va., domain registrar that CheckFree used to register its Web site name, told Security Fix Wednesday that someone had used the correct credentials needed to access and make changes to CheckFree's Web site records.
Mumbai Terrorists Used Google Earth, Boats, Food
The Mumbai terrorists used Google Earth to help plan their attacks. This is bothering some people...
Think tank panel recommends that feds make major cybersecurity changes A commission set up by a think tank said in a report that the U.S. government should impose sweeping new cybersecurity regulations on businesses and create a centralized cybersecurity office in the White House. Read more...
Vulnerabilities play only a minor role in malware spread, says researcher
Computer users are their own worst enemies, a security company warned today as it released data that showed software bugs were the source of just 5% of the year's infections.
The majority of the attacks carried out by 2008's top 100 pieces of malware were caused by users surfing to malicious sites, then accepting some kind of download, Trend Micro Inc. researchers said today.
From Jan. 1 to Nov. 25, the top 100 attack programs infected 53% of their victims by duping them into downloading something from the Internet. An additional 12% of the infections tracked globally were caused by users opening e-mail attachments.
Just 5% of the infections were related to an exploit of a software vulnerability, said Trend's analysis.
A brief tour of the software pirate underground scene
When people think of software pirates, they usually envision college kids downloading games off BitTorrent, or adults getting too-good-to-be-true bargains on eBay, or street stalls lined with DVDs in Third World cities.
The real pirate scene, however, is much larger and hidden, and yet in plain sight, say experts.
Feds Nab More Members of Alleged Identity Theft Gang
Federal authorities say they have taken another step toward busting a multinational identity-theft ring that allegedly used stolen personal data to withdraw millions of dollars from home equity line-of-credit accounts at U.S. banks.
Four U.S. residents were arrested in late November in connection with the scheme, which netted more than $2.5 million, according to the U.S. attorney's office in New Jersey. Four other men had been arrested between August and October.
Fugitive Danish IT chief surrenders to L.A. police
Stein Bagger, the head of a Danish IT company wanted for fraud by Interpol, surrendered to L.A. police on Saturday.
FAQ: Why Obama may give up his BlackBerry while he's in the White House
Could Barack Obama ever expect to continue using his BlackBerry once he officially becomes president?
According to experts on security, mobile phones and presidential communications, the answer is no.
Facebook Worm Refuses to DiePC World - 1 minute ago
A worm program that has been tricking Facebook users into downloading malicious software since July has resurfaced.
Court Allows Spyware Program to Go Back on Sale PC World - 6 minutes ago
A Florida company that sells a spyware program must change advertising pitches that emphasize the product's clandestine nature, but the company can continue to sell the application, a U.S. federal court has ruled.
China irks US with computer security review rules AP - Mon Dec 8, 10:30 AM ET
BEIJING - The Chinese government is stirring trade tensions with Washington with a plan to require foreign computer security technology to be submitted for government approval, in a move that might require suppliers to disclose business secrets.
Microsoft, RSA Partner To Integrate DLP, Identity ManagementDec 04,2008
Broad adoption of data classification technology could be "game changer" for both DLP and Microsoft
Popular Home DSL Routers At Risk Of CSRF AttackDec 03,2008
Researcher demonstrates ease of hacking home routers with insidious cross-site request forgery (CSRF) attack
Adobe Admits New PDF Password Protection is Weaker
Adobe made a critical change to the algorithm used to password-protect PDF documents in Acrobat 9, making it much easier to recover a password and raising concern over the safety of documents, according to Russian security firm Elcomsoft.
Elcomsoft specializes in making software that can recover the passwords for Adobe documents. The software is used by companies to open documents after employees have forgotten their passwords, and by law enforcement services in their investigations.
For its Reader 9 and Acrobat 9 products, Adobe implemented 256-bit AES (Advanced Encryption Standard) encryption, up from the 128-bit AES encryption used in previous Acrobat products.
The original 128-bit encryption is strong, and in some cases it would take years to test all possible keys to uncover a password, said Dmitry Sklyarov, information security analyst with Elcomsoft.
But Elcomsoft said the change in the underlying algorithm for Acrobat 9 makes cracking a weak password -- especially a short one with only upper and lower case letters -- up to 100 times faster than in Acrobat 8, Sklyarov said. Despite using 256-bit encryption, the change to the algorithm still undermines a document's security.
MySpace gripe about patient sparks federal privacy complaint
Healthcare workers are as prone to kvetching about work as the rest of the human race, but especially in the Internet era, medical privacy statutes mean venting in the wrong venue can have dire consequences. Stephanie Sicilia, an employee at an OB/GYN office in Mc Kees Rocks, Pennsylvania, has discovered that the hard way: A woman who read some trash talk about patients on Sicilia's MySpace page has filed a complaint with the Department of Health and Human Services, alleging that the posts violate the Health Insurance Portability and Accountability Act.
Return of the Mega-D
December 4, 2008
Spam increases again due in no small part to Mega-D.
First Thing We Do Is Automate Away All The Lawyers...
from the paraphrasing-shakespeare dept
Since we write about an awful lot of lawsuits and public policy issues around here, we often can be pretty harsh on lawyers (admittedly, we often fall short of appreciating the good lawyers who protect everyone from the worst abuses). But, one thing that has seemed pretty clear is that, by opening up more legal issues, the pace of technology innovation has increased the demand for more lawyers. But will that always be the case? Apparently, some believe that a business ripe for disintermediation, thanks to the internet, will be the legal profession. The idea is that a lot of basic (high margin) legal work can now be automated. Part of this is probably true. The amount that businesses have to pay for fairly routine processes can be quite ridiculous at times.
However, I doubt that the legal profession is really facing a shift as major as those facing, say, the entertainment industry. It may cut out some margins on the low end of stuff usually handled by paralegals or new associates, but it seems likely that there will be plenty of room for lawyers. Sometimes, in fact, it seems like our elected representatives are really mostly focused on a program of "full employment for lawyers," by passing laws that only require more lawyers.
12 Comments Leave a Comment..
Spore's DRM So Effective It Was The Most Downloaded Game Of The Year
from the nice-work,-EA dept
It never really made sense for EA to be so insistent on having draconian DRM on games. Before the company even launched Spore people made it quite clear the plan would backfire, but EA went forward with it anyway, creating a PR nightmare. And all for what? Turns out (not surprisingly) the DRM didn't do squat to stop unauthorized file sharing. Spore has now been declared the most downloaded video game of the year. And, even though the year's not over, no other game is going to catch up. And, it's worth noting, the game only launched in October, so this is only over a couple of months. In other words, EA's "antipiracy strategy" backfired almost completely. The company got a huge PR blackeye which probably only encouraged more people to download the game via file sharing. Can someone explain, again, why any company thinks DRM works?
Interesting Conflict
By MILT POLICZER
0 comments
Here's an interesting conflict of interest question: Can you accept clients who may want to sue an industry that paid for your education?
Think of it in medical terms. Do you really want to get prescriptions from a doctor that went to Johnson & Johnson University?
Much as I love idle questions, this isn't one because I was astonished to spot a press release the other day that began with this: "Boston College Law School has announced a $3.1 million gift from Liberty Mutual Group to establish the Liberty Mutual Insurance Professorship in property and casualty insurance law."
It's brilliant!
Liberty Mutual just stopped a substantial group of potential Massachusetts lawyers from ever being able to take a case against them. In fact, if you want to get fussy about it, all those BC law students may never be able to sue anyone in the insurance industry.
DNSChanger Trojans v4.0
Earlier today SANS posted an excellent blog on a recent variant of a DNSChanger Trojan. There are some significant implications to this threat, but before I go into those, here’s a brief rundown of the main DNS-changing Trojan tactics used to date:
Modify Windows Hosts file to map specific domain names to specific IP addresses (McAfee classifies these Trojans as QHOSTS Trojans, more of a precursor to DNSChangers
Modify Windows registry settings to reference specific (rogue) DNS servers [DNSChanger.f]
Create a scheduled task under Mac OS X to reference specific (rogue) DNS servers [OSX/Puper]
Exploit cross-site request forgery vulnerabilities in routers to overwrite the DNS server configuration offered to local area network clients [DNSChanger.f]
We’ve now seen a new tactic, which has the potential of impacting most devices on the local network–independent of the operating system or device (Windows, Linux, Internet-capable MP3 players, digital picture frames, refrigerators, you name it). The tactic involves serving the rogue DNS server configuration over DHCP, the protocol responsible for distributing dynamic IP addresses, as well as other information, including DNS settings.
5 Things I bet you didn't know your Cisco ASA FW could do by Jamey Heary
I've compiled 5 very useful ASA features that I find most customers don't know about yet. You've probably heard of one or...
Subscribe to:
Posts (Atom)
