Monday, December 21, 2009

Monday 12/21/09

Deconstructing Facebook's New Privacy Settings
Forrester Research analyst Chenxi Wang picks apart Facebook's new privacy settings so the rest of us can figure out how to navigate and even benefit from them.

----------

Check Your Friends! Facebook IMs May Lead To Trouble
Monday December 21, 2009 at 7:27 am CST
I ran into a few strange IMs over the weekend. When I was not shoveling out my driveway from the 15 inches of snow that covered it I was logged into Facebook telling people about it…. It was then that I started receiving some VERY interesting IMs from a friend extolling the virtues of a clean colon (yep – you read that right)...

----------

Cisco Regains Top Spot in IPS Market by Jamey Heary
Cisco Snatches Q3 Security Market Share from its Competitors

----------

Federal Government to streamline online authentication
The Federal Government has moved to streamline the use of authentication tools among departments...

----------

Ford Pushes For Wi-Fi Enabled Vehicles
New SYNC vehicles will take USB 3G modems

----------

Are you ready for 4k sector drives?
Robin Harris: Western Digital has started shipping drives that drop the ancient 512 byte disk sector for a 4096 byte - 4k - sector. What's in it for you? And what will it do to you?

...

Gotchas?
If you are in either of these 2 groups:
  • Windows XP users
  • Windows users who clone disks with software like Norton Ghost
there are a couple of gotchas if you want to use a 4k drive. Since most drives aren’t 4k and won’t be for another year or more, this may not affect you either. Vista and W7 users are cool except for cloning.

1) Windows XP does not automatically align writes on 4k boundaries, which hurts performance. WD has software - the Advanced Format Align Utility for their drives. I assume other vendors will too when they start shipping.
XP users need to run this utility once to use a 4k drive with a clean install, cloning software or a do-it-yourself USB drive. WD-branded 4k USB drives are already aligned so it isn’t needed for those drives.

2) Windows clone software vendors have yet to implement 4k support. If you clone an XP, Vista or W7 drive you should run the align utility. The cloning vendors need to get on board Real Soon Now. Vendors are welcome to comment on their plans.

----------

David Pogue Weighs In On Ebook DRM: Non-DRM'd Ebook Increased His Sales
Pogue relates his own experience in running a test with his publisher (which is O'Reilly) in putting out a non-DRM'd ebook, and he found that sales increased...

----------

Heartland settles with American Express over breach
Dan Kaplan December 18, 2009
Heartland Payment Systems has settled its first lawsuit with a card brand over the 2008 data breach.

----------

Thief steals U.S. Army laptop from employee's home
Angela Moscaritolo December 17, 2009
A laptop containing the personal information of tens of thousands of U.S. Army soldiers, family members and U.S. Department of Defense employees was recently stolen.

----------

Judge grants TJX hacker sentencing delay over health
Angela Moscaritolo December 17, 2009
A psychiatric evaluation has determined that Albert Gonzalez's actions were consistent with the behaviors of someone who suffers from Asperger's syndrome, and his sentencing has been delayed until March.

----------

Facebook sues three over alleged spam, phishing
Dan Kaplan December 17, 2009
Fresh off a $711 million spam judgment in its favor, Facebook this week sued three more individuals that it contends assaulted its members with spam.

----------

Cisco WebEx WRF Player Vulnerabilities
Cisco today released details of a set of buffer overflow vulnerabilities and fixes for their WebEx WRF player. The exploits describe multiple buffer overflows caused by a maliciously crafted WRF file (generally posted on a website), or by attending a WebEx meeting with an attacker attending. The results of the exploit can result in execution of arbitrary code on the target system.

http://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml

----------

Is Netflix "borking" lesbians with subscriber data releases?

2 days ago - by Nate Anderson Posted in: Law & Disorder
An Ohio lesbian doesn't want to be outed by her Netflix recommendations, and she is part of a new class-action lawsuit against the movie rental company.

----------

Suspected NKoreans hack war plan for SKorea AFP – Thu Dec 17, 11:27 pm ET
AFP/File
SEOUL (AFP) - Computer hackers who may be from North Korea have gained access to a secret US-South Korean plan to defend the peninsula in case of war, the defence ministry said Friday.

----------

Cybercrooks Target File-Sharing Networks
Security experts at Kaspersky Labs warn that cybercriminals are shifting their focus from worms and spams to file-sharing services.

----------

Twitter's DNS Provider Denies Hack
Rerouting was managed from within Twitter's own account, says the microblogging site's domain manager.

----------

Italian Police Arrest Hacker Sought for Fraud
Italian police have arrested an alleged hacker who is accused of defrauding banks and mobile phone operators out of several million dollars.

----------

Adobe explains PDF patch delay
Unless users apply one of the workarounds that Adobe's suggested, the decision will leave systems open to attack until Jan. 12, when the patch is released. According to several security firms, the flaw has been in use by criminals since at least Nov. 20. Adobe only found out Monday that the vulnerability in its Reader and Acrobat applications was being actively exploited.

----------

Drone incident serves up data encryption lesson

In a story that's receiving widespread attention, the Wall Street Journal yesterday reported that Iranian-backed groups in Iraq and Afghanistan were tapping into live feeds from Predator drones using a $26 software tool called SkyGrabber from Russian company SkySoftware.

The hitherto largely unknown software product doesn't require Internet connectivity and is designed to intercept music, photos, video and TV satellite programming for free. Insurgents in Iraq, however, were able to use SkyGrabber to grab live video feeds from unmanned Predator drones because the transmissions were being sent unencrypted to ground control stations.

----------

Monday, December 14, 2009

Monday 12/14/09

Rather than patch, Microsoft blocks buggy code
http://www.computerworld.com/s/article/9142140/Rather_than_patch_Microsoft_blocks_buggy_code?taxonomyId=17
Microsoft has decided to disable a 17-year-old video codec in older versions of Windows rather than patch multiple vulnerabilities, according to the company's security team.

----------

Top Five Reasons For Security FAIL
Adi Ruppin admits the Internet security industry has seen every type of product fail. The good news, he says, is that there's much to learn from such failures. Here are five such lessons.

The weakest link
Industry standard vs. proprietary
The right solution to the wrong problem
The human factor
Usability

----------

DHS: Counterfeit Goods Still Rampant in U.S.
Phony products seizures fell slightly, but counterfeiting continues to be big business

----------

Not Security but...
Britain's First 140mph Train Service Begins

----------

Secret Copyright Treaty Timeline Shows Global DMCA
Michael Geist, a leading critic of the ACTA secret copyright treaty, has produced a new interactive timeline that traces its development. The timeline includes links to leaked documents, videos, and public interest group letters that should generate increasing concern with a deal that could lead to a global three-strikes and you're out policy.

----------

Building a Global Cyber Police Force
One of the biggest obstacles to fighting hackers and cyber-criminals is that many operate in the safe harbors of their home countries, insulated from prosecution by authorities in foreign countries where their targets reside. As Larry Walsh writes in his blog, several security vendors and a growing number of countries are now beginning to consider the creation of a global police force that would have trans-border jurisdiction to investigate and arrest suspected hackers.

----------

Supreme Court Takes Texting Case
http://www.nytimes.com/2009/12/15/us/15scotus.html?_r=1&hp
WASHINGTON — The Supreme Court agreed on Monday to decide whether a police department violated the constitutional privacy rights of an employee when it inspected personal text messages sent and received on a government pager.

The case opens “a new frontier in Fourth Amendment jurisprudence,” according to a three-judge panel of an appeals court that ruled in favor of the employee, a police sergeant on the Ontario, Calif., SWAT team.

----------

National data breach notification bill passed in U.S. House
Angela Moscaritolo December 10, 2009
The Data Accountability and Trust Act would require any organization that experiences a breach of electronic data containing personal information to notify all affected U.S. residents.

----------

Report finds enterprises failing to protect sensitive data
Angela Moscaritolo December 09, 2009
Just 40 percent of respondents in a recent survey said all of their organizations sensitive data is adequately secured.

----------

The Machine SID Duplication Myth
by Mark Russinovich

----------

Plastic Surgery Allows Exploit of Biometric ID System
Now what you are born with may not be as secure as biometric ID systems are purported to be. Lin Rong is accused by Japanese authorities of having her fingerprints surgically altered to enter the country illegally. She is reported to have had surgery to switch the finger tips of her right and left hand. The ruse was discovered by Japanese authorities after she was arrest for an unrelated offense.
'Fake fingerprint' Chinese woman fools Japan controls , BBC, December 7, 2009

----------

Full Disk Encryption: What It Can And Can't Do For Your Data
Dec 14,2009
Protection depends on how implementation -- and user know-how
Warning: disk is unlocked when it is on (duh!)

----------

FBI: Rogue Antivirus Scammers Have Made $150M
PC World – Fri Dec 11, 2:50 pm ET
They're the scourge of the Internet right now and the U.S. Federal Bureau of Investigation says they've also raked in more than US$150 million for scammers. Security experts call them rogue antivirus programs.

----------

Amazon's data center outage reads like a thriller

----------

Monday, December 7, 2009

Monday 12/07/09

December 2009 Bulletin Release Advance Notification
"we will be addressing the vulnerability discussed in Security Advisory 977981 in the IE bulletin on Tuesday" - Not the SSL/TLS bug!

----------

Great research paper on security and user education:
http://research.microsoft.com/en-us/um/people/cormac/papers/2009/SoLongAndNoThanks.pdf

----------

Louisiana firm sues Capital One after losing thousands in online bank fraud

An electronics testing firm in Louisiana is suing its bank, Capital One, alleging that the financial institution was negligent when it failed to stop hackers from transferring nearly $100,000 out of its account earlier this year.

In August, Security Fix wrote about the plight of Baton Rouge-based JM Test Systems, an electronics testing firm that in February lost more than $97,000 from two separate unauthorized bank transfers a week apart.

According to JM Test, Capital One has denied any responsibility for the losses. On Friday, JM Test filed suit in a Louisiana district court, alleging breach of contract and negligence by the bank. The firm says it is still out a total of $89,000, and that it has spent roughly $70,00
0 investigating and responding to the breaches.

"Capital One was not willing to make good on our losses or attempt any type of settlement," said Happy McKnight, JM Test's controller. "The banks are clearly taking a 'Hey, don't look at me!' stance. It is so sad to wonder how many business failures this type of fraud has caused."
Permalink

----------

Sprint Provides U.S. Law Enforcement with Cell Phone Customer Location Data
Feds ‘Pinged’ Sprint GPS Data 8 Million Times Over a Year

----------

Phishing losses add up
Although the number of banking customers who fall victim to phishing attacks is small, it all adds up to a lucrative business for cyber criminals. It's estimated that every US banking institute loses more than $9 million per million customers more…

----------

Wall Street Journal Website Hacked
A Romanian grey hat hacker has disclosed a serious SQL injection vulnerability on the Wa...

----------

Dell releases BIOS updates
Adrian Kingsley-Hughes: "Throttlegate": Some owners of Dell notebooks were experiencing severe underperformance and overthrottling, so much so that performance was being cut to a fraction of what it should be.

----------

Can You Copyright An SQL Query?
... the district had contracted out the process to a guy who charged them $500 per year, to basically write and then run an SQL query that exported the data. Each year, all he had to do was change the date, but he still charged them $500.

----------

Former Partner Blasts Seyfarth Shaw
By TIM HULL
LOS ANGELES (CN) - An attorney with Seyfarth Shaw says the firm's managing partners forced him to take the fall for Tae Boe creator Billy Blanks' $30 million legal malpractice suit, and turned the office into a place where "the pursuit and collection of money" from clients - referred to as "bozos on the bus" - became "the primary directive" for attorneys and "the chief preoccupation" of the managers.

----------

NASA sites hacked via SQL injection
Angela Moscaritolo December 07, 2009
Two of NASA's sites were accessed by an individual, apparently claiming to demonstrate they were susceptible to SQL injection.

----------

Adobe plans Flash update, investigates Illustrator flaw
Dan Kaplan December 04, 2009
An Adobe Flash Player update is due out on Tuesday to close a number of security holes.

----------

Microsoft slates six fixes for year's final Patch Tuesday
Dan Kaplan December 03, 2009
Microsoft's planned patches for Tuesday include a fix for a null pointer reference vulnerability in Internet Explorer, for which proof-of-concept code has been published.

----------

TSA Leaks Sensitive Airport Screening Manual
Government workers preparing the release of a Transportation Security Administration manual that details airport screening procedures badly bungled their redaction of the .pdf file. Result: The full text of a document considered “sensitive security information” was inadvertently leaked.

Anyone who’s interested can read about which passengers are more likely to be targeted for secondary screening, who is exempt from screening, TSA procedures for screening foreign dignitaries and CIA-escorted passengers, and extensive instructions for calibrating Siemens walk-through metal detectors.

The 93-page document also includes sample images of DHS, CIA (see above) and congressional identification cards, with instructions on what to look for to verify an authentic pass.

----------

Ex-KGB Officers May Be Behind the Hacked Climate Emails
treehugger.comThe computer hack, said a senior member of the Inter-governmental Panel on Climate Change, was not an amateur job, but a highly sophisticated, politically motivated operation. And others went further. The guiding hand behind the leaks, the allegation went, was that of the Russian secret services.

----------

The Fruit of the Poisoned Tree
Should we hire criminal hackers as security experts? This is the second of a two-part attack on the idea from a 1995 debate in which I participated.

----------

Mapping the Mal Web: McAfee’s 3rd Annual Report
For the first time combining data from McAfee’s SiteAdvisor and TrustedSource, the report is even more comprehensive than last year’s, naming Cameroon (.cm) as the riskiest place to surf with a whopping 36.7 percent of the domains posing a security risk.

----------

Microsoft Warns Of Malware-Laced Counterfeit Software
Dec 07,2009
Complaints about counterfeit software infected with malware doubled in past two weeks

----------


Thanksgiving Webcam Promo Leads to Malware PC World – Thu Dec 3, 8:20 pm ET
The US$10 webcam that Anna Giesman bought her daughter at Office Depot over the Thanksgiving weekend sounds like one of those deals that's too good to be true. And for her, it was.

----------

Update: Judge affirms $675k verdict in RIAA music piracy case

----------

Monday, November 30, 2009

Monday 11/30/09

Transport Layer Security Renegotiation Remote Man-in-the-Middle Attack Vulnerability
Still hot, still waiting for fixes...

----------

Microsoft Internet Explorer Cascading Style Sheets Remote Code Execution Vulnerability

----------

Virgin Media Starts Snooping In User Packets
Using deep packet inspection to measure copyright infringement

UK Cable provider Virgin Media says they're experimenting with a new deep packet inspection solution that will snoop into customer packets to determine if they're trading copyrighted files. The trial will cover 40% of the company's customers, though no action will be taken against users (nor will they be informed of the snooping).

----------

ICANN Slams DNS RedirectionCalls such efforts a 'destabilizing practice'
ICANN (Internet Corporation for Assigned Names and Numbers) on Tuesday condemned the practice of redirecting Internet users to a third-party portal when they mistype, or enter a nonexistent URL. You'll recall that the practice gained international attention when Verisign implemented their heavily-loathed Sitefinder initiative in 2003.

----------

Telecommunications Act changes backed by forensics expert
A call for intercepted data to be destroyed "as soon as it is no longer required" has been...

----------

Profitable 'Pay Us Or We'll Sue You For File Sharing' Scheme About To Send 30,000 More Letters

Remember ACS:Law? The shakedown organization that appears to have taken over where Davenport Lyons left off (including using some of the identical documents), and who has "partnered" with DigiProtect, the company that gleefully admits that it purposely puts files on file sharing networks just to collect the IP addresses of anyone who downloads, is asking for the identifying info on 30,000 UK users. To put that in perspective, in the years long campaign by the RIAA to sue people for file sharing, they apparently requested info on about 35,000 IP addresses. Of course, when spreading such a big net, it's no surprise that tons of innocent people get caught in it. But that's really of little concern, since no real lawsuits have been filed. They're just hoping a bunch of people feel that it's easier to pay up. It's not about stopping piracy or getting people to buy -- it's about shaking people down for as much money as possible.

----------

Credit-Card Scammers Drilled Dentists
MANHATTAN (CN) - A man was sentenced to nearly 10 years in prison for leading a credit-card fraud ring that stole the identities of 176 dentists. Michael A. Roseboro and his crew stole $1.75 million from dentists around the country by claiming to be an investigator with Visa or Bank of America who was looking into potentially fraudulent charges on the dentists' credit cards.

----------

Spam magnate Ralsky sentenced to more than four years
Dan Kaplan November 24, 2009
Alan Ralsky, mastermind of a fraud campaign that delivered tens of thousands of junk mail messages designed to inflate stock prices, was sentenced Monday to 51 months in prison.

----------

iPhone Virus-Writer’s New Job: Building iPhone Apps
An Australian youth who created a worm that attacked iPhone users has been hired by a company that creates applications for the iPhone.

----------

The Psychology of Being Scammed
This is a very interesting paper: Understanding scam victims: seven principles for systems security, by Frank Stajano and Paul Wilson. Paul Wilson produces and stars in the British television show The Real Hustle, which does hidden camera demonstrations of con games.

----------

Ransomware blocks Net access
Ryan Naraine: Security researchers have stumbled upon a new piece of ransomware that blocks an infected computer from accessing the Internet until a fee is paid via text message.
New LoroBot ransomware encrypts files, demands $100 for decryption

----------

I Was Wrong: There Probably Will Be an Electronic Pearl Harbor
Ira Winkler says the emerging smart grid makes doomsayers' unlikely predictions more likely

----------

Checklist: 11 Security Tips for Black Friday, Cyber Monday
This holiday shopping season, IT and physical security practitioners have the tough task of protecting customer data and preventing shoplifting. Here are 11 tips to bring sanity to the process.

----------

I Was Wrong: There Probably Will Be an Electronic Pearl Harbor

New Banking Trojan Horses Gain Polish

Race on Between Hackers, Microsoft Over IE Zero-Day

Hacks of Chinese Temple Were Online Kung Fu, Abbot Says

----------

Monday, November 23, 2009

Monday 11/23/09

http://www.ietf.org/id/draft-ietf-tls-renegotiation-00.txt
http://www.cisco.com/warp/public/707/cisco-sa-20091109-tls.shtml
http://securitytracker.com/id?1023148
http://www.unleashnetworks.com/blog/?p=134
http://extendedsubset.com/

SSL/TLS Renegotiation bug. Many patches coming.

----------

REASON TO UPGRADE TO IE8:

http://www.csoonline.com/article/508525/New_Attack_Fells_Internet_Explorer
The code was posted Friday to the Bugtraq mailing list by an unidentified hacker. According to security vendor Symantec, the code does not always work properly, but it could be used to install unauthorized software on a victim's computer.

"Symantec has conducted further tests and confirmed that it affects Internet Explorer versions 6 and 7," the company wrote on its Web site Saturday. "We expect that a fully-functional reliable exploit will be available in the near future."

Security consultancy Vupen Security has also confirmed that the attack works, saying it worked on a Windows XP Service Pack 3 system running IE 6 or IE7. Neither company was able to confirm that the attack worked on Microsoft's latest browser, IE 8.

----------

Cisco's Free IPhone App Grabs Security Feeds

----------

NSA Helped with Windows 7 Development
The National Security Agency (NSA) worked with Microsoft on the development of Windows 7, an agency official acknowledged yesterday during testimony before Congress.

----------

New Olive Planting Method Prompts California Oil Boom
An oil boom is under way in California's agricultural heartland, as evolving tastes and a trend toward healthy fare have transformed a profession as old as civilization: olive production for the extra virgin market....

----------

Latest jailbroken iPhone worm tries filching bank passwords
41 minutes ago - by Jacqui Cheng Posted in: Infinite Loop
Users who have jailbroken their iPhones just can't catch a break—another malicious worm is making its way around the Internet and tries to steal bank passwords for users in the Netherlands, Portugal, Hungary, and Australia. Users with locked-down iPhones are still safe.

----------

Creepy insurance company pulls coverage due to Facebook pics
about 14 hours ago - by Jacqui Cheng Posted in: The Web
Can people diagnosed with depression go to a party and look like they're having fun? Most of us would say yes, but one insurance company thinks not. A woman in Canada got her sick leave coverage pulled after she posted photos of her birthday party to her private, locked-down Facebook account.

----------

Queen: We sank the Armada, we can sink some P2P pirates!
3 days ago - by Nate Anderson Posted in: Law & Disorder
The Queen opened the UK parliamentary session yesterday and announced that an Internet disconnection bill would be coming soon. But will it actually be legal?

----------

Nation's School Districts are Failing to Protect Children's Privacy
A Fordham Law School study found that state educational databases across the country ignore key privacy protections for the nation’s school children.
.

----------

Al Qaeda Secret Code Broken
I would sure like to know more about this:

Top code-breakers at the Government Communications Headquarters in the United Kingdom have succeeded in breaking the secret language that has allowed imprisoned leaders of al-Qaida to keep in touch with other extremists in U.K. jails as well as 10,000 "sleeper agents" across the islands....
...
The code the terrorists devised consists of words chosen from no fewer than 20 dialects from Afghanistan, Iran, Pakistan, Yemen and Sudan.

----------

Fedora 12 allows users install privilege - Update 2
Fedora 12 has changed its security policy to allow unprivileged users to install software without requiring the root password more…

----------

Report: Cyberattacks against the U.S. "rising sharply"
Angela Moscaritolo November 20, 2009
During just the first half 2009, there were 43, 785 cyberattack incidents against the DoD, a new report states. If this volume is maintained for the rest of the year, it will represent a 60 percent increase over 2008.

----------

Prosecutors Ending Lawsuit Against Lori Drew

----------

Thousands of web sites redirected
Dancho Danchev: Security researchers have detected a massive blackhat SEO campaign consisting of over 200,000 compromised web sites, all redirecting to fake security software.

----------

Microsoft: 'TaterF' Worm Top Malware Threat So Far This Month
Nov 23,2009
Software giant reveals November stats from Malicious Software Removal Tool

----------

Monday, November 9, 2009

Monday 11/09/09

Advisory ID: cisco-sa-20091109-tls
http://www.cisco.com/warp/public/707/cisco-sa-20091109-tls.shtml
Revision 1.0
For Public Release 2009 November 9 1600 UTC (GMT)

An industry-wide vulnerability exists in the Transport Layer Security (TLS) protocol that could impact any Cisco product that uses any version of TLS and SSL. The vulnerability exists in how the protocol handles session renegotiation and exposes users to a potential man-in-the-middle attack.
This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20091109-tls.shtml.

----------

Worm 'Rick Rolls' iPhones
First IPhone Worm Spreads Rick Astley Wallpaper
The first worm written for Apple's iPhone has been unleashed and is infecting phones in Australia.

----------

Gumblar Malware's Home Domain Active Again
ScanSafe researchers are seeing renewed activity regarding Gumblar, a multifunctional piece of malware that spreads by attacking PCs visiting hacked Web pages.

----------

Yahoo Now on China's Porn Offense List
A Chinese government watchdog has ordered Yahoo China to clean pornographic content from a photo-sharing site it hosted, a reminder of the regulatory challenges often faced by foreign Internet companies in China.

----------

CDC Tracking H1N1 in Near Real Time
The Centers for Disease Control have settled on a private, nationwide database with the electronic medical records of 14 million people run by General Electric in order to track potential outbreaks of the H1N1 virus.

----------

Study: Security Certs are IT's Hottest
The survey of more than 1,500 IT workers found that 37 percent intend to pursue a security certification over the next five years. Another 18 percent of IT workers said they will seek ethical hacking certifications during the same time period, while 13 percent identified forensics as their next certification target. The results are included in the CompTIA study 'IT Training and Certification: Insights and Opportunities.'

----------

Bardin: What DLP Companies Don't Tell You
What you are not told during the sales pitch is the Pandora’s Box you not only are about to open but completely unhinge. What you really need to understand is how deep does the business want you to go?

----------

Data breach notifications one step closer to law... again
about 2 hours ago - by Jacqui Cheng Posted in: Law & Disorder
It's frustrating to be a consumer these days, especially knowing that your personal information could be exposed anytime there's a major data breach. Two new Senate bills aim to improve notification to customers when their information is exposed to thieves and, despite their shortfalls, experts are still holding out hope.

----------

The ACTA Internet provisions: DMCA goes worldwide
about 16 hours ago - by Nate Anderson Posted in: Law & Disorder
New details about the Internet section of the Anti-Counterfeiting Trade Agreement (ACTA) have leaked, and critics are already claiming that they mandate "three strikes" policies and will put an end to Flickr and YouTube. The reality is less sensational but just as important: ACTA is really about taking the DMCA global.

----------

Worker Lost Her Job Over Error by FBI's NCIC Database

In July 2009, a woman lost a $58,000 a year accounting job with Corporate Mailing Services of Arbutus after a background check reported a non-existent criminal record. Her employer won a contact with the Social Security Administration (SSA), which required that the company submit all employees to a criminal background check. The FBI's National Crime Information Center database reported in error that the employee had a criminal record. The Social Security Administration reported back to her employer within 2 weeks acknowledging the mistake and stated that the account could in fact work on the project. The company has not reinstated the dismissed worker. There are long running issues regarding the accuracy of NCIC database. In 2003 the DOJ exempted the FBI, which manages the NCIC, from Federal Privacy Act obligations for data accuracy. The administration is moving forward with a plan to require all federal government contractors submit E-verify checks conducted by the Department of Homeland Security to determine whether they can be employed. There are questions about accuracy of this system and the potential for inaccurate reporting. Accuracy requirements for information held in databases is critical to the protection of privacy rights.

Fired due to error in background check, Carroll woman still jobless, Scott Calvert, Baltimore Sun, October 28, 2009

----------

Microsoft to release six updates next Patch Tuesday
Microsoft has announced that it will release four updates for Windows and two updates for Office on the next Patch Tuesday, the 10th of November more…

----------

Microsoft to deliver six patches covering 15 flaws
Dan Kaplan November 05, 2009
November's security update from Microsoft comes with six patches for 15 vulnerabilities -- nearly 20 fewer than last month.

----------

Former Employees Face Five-Year Sentence After Allegedly Hacking Company Database
Nov 05,2009
System access was still possible for almost two years using old passwords, indictment says

----------

New Security Certification On The Horizon For Cloud Services
Nov 04,2009
Cloud security cert would go beyond existing SAS 70, ISO 27001 standards

There's no official security certification for cloud security service providers today: some use the SAS 70 or the ISO 27001 standards as their security certifications, neither of which is sufficient for providing potential cloud customers with assurances that the provider has deployed the proper security or that their data is sufficiently locked down, experts say.

"There needs to be a certification that is specifically for cloud providers," says Jim Reavis, co-founder and executive director of the Cloud Security Alliance. The Cloud Security Alliance is working with other key players in cloud security and auditing to determine which organizations should provide the certification, as well as what such a certification should include.

"This is going to be a shared thing," he says, noting that the certification is likely to be managed by multiple bodies. He says to expect a statement of direction for a cloud security certification around the first quarter of 2010.

----------

Malware breaks Win 7 UAC defenses
Dancho Danchev: A recently conducted test by malware researchers reveals that eight out of ten malware samples used in the test, successfully bypassed Windows 7's default UAC (user access control) settings.

----------

Lawsuit claims iPhone games stole phone numbers
Browse the App Store for developer Storm8's many popular iPhone games, and you'll encounter the...

----------

AP IMPACT: Framed for child porn — by a PC virus AP – Mon Nov 9, 12:10 am ET
AP
Of all the sinister things that Internet viruses do, this might be the worst: They can make you an unsuspecting collector of child pornography.

----------

Tuesday, November 3, 2009

Monday 11/02/09

Trade talks hone in on Internet abuse, ISP liability
ISPs around the world may be forced to snoop on their subscribers and cut them off if they are found to have shared copyright-protected music on the Internet, under an international agreement being promoted by the U.S.

----------

Catbird tunes security software for virtual environments
Catbird has announced a new version of its security software for virtual environments that is tweaked to perform vulnerability monitoring of resources running in Amazon's EC2 cloud.

----------

Software shields online banking on infected PCs
Cybercriminals are developing increasingly sophisticated software that, in what is known as man-in-the-middle or man-in-the-browser attacks, can intercept online banking transactions while in progress and transfer funds with the user believing nothing is awry.

SafeOnline installs its own kernel-level driver on Windows PCs. During a secure browsing session, all information from the keyboard is routed through that driver, which defeats attempts to record keystrokes or other interference, said Mel Morris, Prevx's CEO and CTO.

----------

Password rules: Change them every 25 years
There are four basic ways for a bad guy to get your password:
(a) Ask for it. So-called "Phishing" and "Social Engineering" attacks still work, and always will
(b) Try dictionary words at the login prompt in the hope to get lucky ("Brute Force")
(c) Obtain the encryped/hashed password somehow, and crack it
(d) Leech the password off your computer with keylogger malware

None of these four scenarios becomes less likely if you change your password every 90 days. If the bad guy can't break the password hash (c) within a couple days, he'll likely just look for an easier target. Attack (b) is also out for quick wins - either it works within the first couple dozen passwords tried, or the bad guy moves on to easier prey. If (b) or (c) are successful, or the attacker already has the password through (a) or (d), 45 days on average is more than enough to empty out your bank account or use your email address for a big spam run.

The concept of password expiry remained the same for the last 25 years or so. Infosec professionals, auditors, PCI, ISO27002, COBIT, etc all keep requiring it, unchanged, even though the threats have changed quite a bit. Forcing a user who had a weak password to change it will just make him pick another weak one. Forcing a user who had a very strong password to change it will eventually annoy the user into using simpler passwords.

So what gives? There is one practical benefit. If someone has your password, and all they want is to read your email and remain undetected, they can do so forever, unless you eventually change your sign-in secret. Thus, regularly changing the password doesn't help much against someone breaking in and making it off with your goods, but it DOES give you a chance to shake off any stalkers or snoopers you might have accessing your account. Yes, this is good. But whether this benefit alone is worth the hassle and mentioned disadvantages of forcing users to change their password every 90 days, I have my doubts.

Infosec risk management is about identifying threats and vulnerabilities, and then picking a countermeasure. But if the chosen countermeasure doesn't in fact make the identified threats less likely, all we do is play security theater, and the countermeasure is one that we don't need.

Unless, of course, "best practice standards" and audits force us to have it.

----------

Nation's School Districts are Failing to Protect Children's Privacy
A Fordham Law School study found that state educational databases across the country ignore key privacy protections for the nation’s school children. The study reports that at least 32% of states warehouse children’s social security numbers; at least 22% of states record student pregnancies; and at least 46% of the states track mental health, illness, and jail sentences as part of the children’s educational records. Some states outsource the data processing without any restrictions on use or confidentiality for children’s information. Access to this information and the disclosure of personal data may occur for decades and follow children well into their adult lives. These findings come as Congress is considering the Student Aid and Financial Responsibility Act, which would expand and integrate the 43 existing state databases without taking into account the critical privacy failures in the states’ electronic warehouses of children’s information. For more information on children’s privacy issues see Children’s Online Privacy Protection Act.

----------

Cable modem hacker busted by feds
According to the U.S. Department of Justice (DOJ), Ryan Harris, 26, ran a San Diego company called TCNISO that sold customizable cable modems and software that could be used to get free Internet service or a speed boost for paying subscribers.

Harris, also known as DerEngel, was charged on Aug. 16, but the grand jury indictment was not unsealed until Monday, several days after his Oct. 23 arrest. He faces a maximum sentence of 20 years in prison and a $250,000 fine, the DOJ said. The six-count indictment charges him with conspiracy, computer intrusion and wire fraud. He was charged in U.S. District Court for the District of Massachusetts.
...

----------

Microsoft links malware rates to pirated Windows
"There is a direct correlation between piracy and the malware infection rate," said Jeff Williams, the principal group program manager for the Microsoft Malware Protection Center. Williams was touting the newest edition of his company's biannual security intelligence report.

----------

Swedish Government Promises Citizens 100MB Broadband

by TechCrunch Europe on November 3, 2009
[Sweden] The Swedish government is following in the footsteps of the Finns (well almost), as their IT-ministry is now promising that 90 percent of all Swedish homes will have access to a 100 mbit/s broadband connection before 2020.

----------

US cyber center opens to battle computer attacks AP – Fri Oct 30, 7:38 pm ET
WASHINGTON - The United States is well behind the curve in the fight against computer criminals, Sen. Joe Lieberman said Friday, as Homeland Security officials opened a $9 million operations center to better coordinate the government's response to cyberattacks.

----------

Researchers Create Hypervisor-Based Tool For Blocking Rootkits Nov 03,2009 New technology 'patches' the operating system kernel, protects it from rootkits

----------

Delayed Again: Red Flags Rule Deadline Now June 1, 2010
Bowing to Congressional pressure, the FTC is delaying enforcement of the Red Flags Rule until June 1, 2010, for financial institutions and creditors. Here, IT security pros weigh in on what the rule means for them.

The FTC made the announcement Friday, the same day the U.S. District Court for the District of Columbia ruled that the commission can't apply the rule to attorneys.

The Red Flags Rule was instituted under the Fair and Accurate Credit Transactions Act, where Congress ordered the FTC and other agencies to make regulations forcing creditors and financial institutions to address security holes that could lead to identity theft. The rule requires all such entities that have covered accounts to develop and implement written identity theft prevention programs to help identify, detect, and respond to patterns, practices, or specific activities -- known as red flags -- that could indicate identity theft.

----------

Congress locks radio stations, record labels into boardroom
by Nate Anderson Posted in: Law & Disorder
Radio doesn't want to pay more to play music; music labels don't want radio to keep free-riding. How to settle this blood feud? Congress has ordered both sides into a Capitol Hill conference room for two weeks, and it will vote on whatever emerges.

----------

...
But the Wisconsin men won. They won big. They won $1.26 billion dollars.

How did they win? By default judgment. PepsiCo’s lawyers never responded to the complaint, and the judge awarded the Wisconsin plaintiffs a default judgment.

Why did the Pepsi people never respond? Meet PepsiCo legal secretary, Kathy Henry.
Continue reading "Legal Secretary of the Day: Pepsi’s $1.26 Billion Mistake"

----------

Jailbroken iPhones held for $5 ransom
Dancho Danchev: A message popped up on the screens of a large number of automatically exploited Dutch iPhone users, demanding $4.95 for instructions on how to secure their iPhones and remove the message from appearing at startup.

----------

COMPUTER AGE LITIGATION. There may be hope for old forms of communication after all. An extremely odd dispute in Arizona may bring hope to the makers of pen and paper. The tale is told in an Arizona Supreme Court opinion called Lake v. City of Phoenix in which the city insisted that even though it had to turn over a public record, it didn't have to turn over the public record's "metadata." Really. The city's lawyers were arguing that the code showing the history of a document wasn't actually part of the public record even though the document was. And this dispute went all the way to the state supreme court. Apparently no one was too concerned that this really looked like someone was trying to cover something up. The court thought this was silly, ruled against the city, and then offered an out for future coverups that old media lovers should appreciate: "That a public record currently exists in an electronic format, and is subject to disclosure in that format, does not itself determine whether there is a statutory obligation to preserve it electronically." A lot of agencies and companies will be going back to pencils and erasers.

----------

Mossad Hacked Syrian Official’s Computer Before Bombing Mysterious Facility
The intelligence agents planted a Trojan horse on the official’s computer in late 2006 while he was staying at a hotel in the Kensington district of London, the German newspaper reported Monday in an extensive account of the bombing attack.

The official reportedly left his computer in his hotel room when he went out, making it easy for agents to install the malware that siphoned files from the laptop. The files contained construction plans for the Al Kabir complex in eastern Syria — said to be an illicit nuclear facility — as well as letters and hundreds of detailed photos showing the complex at various stages of construction.

----------

First Test for Election Cryptography
By Erica NaoneMonday, November 02, 2009
Novel voting technology will be used in a local government election.

----------

Monday, October 26, 2009

Monday 10/26/09

Swine flu national emergency should spur businesses to action President Obama's declaration of a national swine flu emergency should send up a red flag to businesses that are still unprepared for a pandemic. Read more...

President Barack Obama declared the H1N1 flu outbreak a national emergency this past weekend, giving health-care systems the ability to bypass some federal regulatory requirements in order to quickly implement disaster plans should they become overwhelmed.

Similar to declaring a hurricane emergency as a storm approaches landfall, the national emergency declaration gives authority to health-care facilities to submit waivers to establish alternate care sites, and modified patient triage protocols, patient transfer procedures and other actions that occur when they fully implement disaster operations plans.

----------

Bugs and Fixes: Stymie Malicious Media, Attacks
Essential OS fixes are big this month. And fans of free software need to update their Firefox and OpenOffice copies.

----------

U.S. gov't cybersecurity spending to grow significantly, study says
U.S. government spending on cybersecurity will grow at a compound rate of 8.1 percent a year between 2009 and 2014, outpacing general IT spending, according to the government analyst firm Input.

Spending on vendor-supplied information security products and services will increase from $7.9 billion in 2009 to $11.7 billion in 2014, Input predicted. General IT spending by the U.S. government will increase by 3.5% a year during the same time frame, said Kevin Plexico, Input's senior vice president of research and analysis.

----------

Virginia man to serve prison term for selling counterfeit software
Gregory William Fair, of Falls Church, was sentenced Thursday in U.S. District Court for the District of Columbia. In addition to the prison term, Judge R.W. Roberts ordered Fair to pay $743,098 in restitution.

Fair also forfeited $144,000 seized from a safety deposit box and residence, a BMW 525i, a Hummer H2, a Mercedes CL600 and a 1969 Pontiac GTO. All the cars were purchased using funds from his counterfeit software operation, the DOJ said.

----------

China ready for cyberwar, espionage, report says
Looking to gain the upper hand in any future cyber conflicts, China is probably spying on U.S. companies and government, according to a report commissioned by a Congressional advisory panel monitoring the security implications of trade with China.

The report outlines the state of China's hacking and cyber warfare capabilities, concluding that "China is likely using its maturing computer network exploitation capability to support intelligence collection against the U.S. government and industry by conducting a long term, sophisticated computer network exploitation campaign."

Published Thursday, the report was written by Northrop Grumman analysts commissioned by the U.S.-China Economic and Security Review Commission.

----------

Botnets contributing more than ever to click fraud
For the third quarter of the year, 42.6% of fraudulent clicks came from botnet-infected computers, according to Click Forensics, a company that produces tools to detect and filter out fraudulent clicks. The figure is the highest in four years, when Click Forensics began producing reports. For the same quarter a year ago, botnets accounted for 27.5% of bad clicks.

----------

DHS to get big boost in cybersecurity spending in 2010
The U.S. Senate yesterday passed legislation approving a budget of nearly $43 billion for the DHS for fiscal 2010. Of that, about $397 million is supposed to go toward improving cybersecurity within the agency. That's $84 million, or about 27%, more than the $313 million that was allocated for information security in fiscal 2009.

----------

Swiss foreign ministry hit by computer attack
AFP – 2 hrs 35 mins ago
GENEVA (AFP) - Unidentified hackers have penetrated the Swiss foreign ministry's computer system to seize data, forcing parts of it to be shut down for several days, the ministry revealed Monday.

----------

Nigeria's anti graft police shuts 800 scam websites
AFP – Thu Oct 22, 1:02 pm ET
LAGOS (AFP) - Nigeria's anti-corruption police said Friday they had shut down some 800 scam websites and busted 18 syndicates of email fraudsters in a drive to curb cyber-crime the country is notorious for.

----------

How Victims Encourage Cybercrime
Security firm Kaspersky notes that anonymity of users can mask cyber threats and make them tougher to prevent.

----------

Cybersecurity Quiz: Know Your Threats
Separate cybersecurity fact from fiction in this survey of the threats posed by cyberattacks.

----------

ERIC TOTALLY DISAGREES:
From Security Perspective, Windows 7 Off To A Rocky Start
Oct 22,2009
Experts express consternation over early vulnerabilities, UAC configuration issues

----------

Major Secure Email Products And Services Miss Spear-Phishing Attack
Oct 22,2009
Experiment successfully slips fake LinkedIn invite from 'Bill Gates' into inboxes

----------

Metasploit Project Sold To Rapid7
Oct 21,2009
Open-source Metasploit penetration testing tool creator HD Moore joins Rapid7, commercial Metasploit products to come

----------

The Internet is set to undergo one of the biggest changes in its four-decade history with the expected approval this week of international domain names — or addresses — that can be written in languages other than English, an official said Monday.

----------

Microsoft to open up Outlook .PST data format

----------

Google Oops! User Voice Mails Disclosed in Search Engine
Reported flaw in Google's voice mail service said to expose users' messages to search engine users. The messages are reported to include the audio file and transcript of the call, but also included the callers name and phone number.
Random users Google Voice mail is searchable by anyone?, Michael Bettiol, Boygeniusreport.com, October 19, 2009

----------

Answers to Windows 7 upgrade questions
Ed Bott: My compatriots in the Windows blogosphere aren't always discriminating in giving out advice. I read a staggering number of rumors, many of them promulgated by people who should have known better.

----------

OFF TOPIC:

Groups Challenge SoCal Desalination Project
By SONYA ANGELICA DIEHN
VISTA, Calif. (CN) - Environmentalists are challenging the City of Carlsbad over a $300 million desalination plant planned for drought-stricken Southern California. Two groups say Carlsbad and Poseidon Resources' enormous project has undergone too many changes for a 2006 environmental impact report to still apply.

----------

BAD NEWS:
LifeLock settles with Experian to not set fraud alerts
Dan Kaplan October 23, 2009
A lawsuit settlement affirms that third parties are not permitted to set fraud alerts with the major credit bureaus.

----------

Blogger: Time Warner Routers Still Hackable Despite Company Assurance
A blogger who stumbled across a vulnerability in more than 65,000 Time Warner Cable customer routers says the routers are still vulnerable to remote attack, despite claims by the company last week that it patched the routers.

Last Tuesday, David Chen, an internet startup-founder, published information about the vulnerability in Time Warner’s SMC8014 series cable modem/Wi-Fi router combo, made by SMC. The problem would allow a hacker to remotely access the device’s administrative menu over the internet and potentially change the settings to intercept traffic, making possible all sorts of nefarious activity.

----------

Monday, October 19, 2009

Monday 10/19/09

Mozilla unblocks one sneaky Microsoft plug-in
... Late on Friday, Mozilla added .Net Framework Assistant and the accompanying Windows Presentation Foundation plug-in to its rarely-used blocking list, which then threw up a warning to users notifying them that the pair was being barred from Firefox.

----------

Microsoft issues first Windows 7 patches
Windows 7 was affected by nine of the 34 vulnerabilities, or 26% of the total.
Windows Vista, meanwhile, was impacted by 19 of the 34 vulnerabilities -- 56% of the total.
Windows XP was affected by the most vulnerabilities of all: 24 out of 34, or 71% of the total.

----------

Phishers Reveal Poor Passwords


----------

Medical Records: Stored in the Cloud, Sold on the Open Market
... unknown to patients, an increasing number of outside vendors that manage electronic health records also have access to that data, and are reselling the information as a commodity.
http://www.patientprivacyrights.org/site/DocServer/Zones_of_Privacy.pdf?docID=881

----------

ASCII Art spam is back
The ASCII art spam is not limited to only non-word characters. It can be numbers, alphabets and combinations of all, which can make things even worse for certain spam filters:

d""b8 88 db 88 88 dP"Y8
dP 88 dPYb 88 88 `bo
Yb 88 dP__Yb 88 88 `Y8b
boodP 88 dP""""Yb 88ood8 88 8bodP'


----------

How hackers find your weak spots
While there are an infinite number of social engineering exploits, typical ones include the...

----------

SECURITY: RISK AND REWARD
New secure password rules
Most companies have some form of policy on passwords. The rules go back more than a decade and are repeated...

----------

Hiring hackers: A rebuttal (part 2)
The original articles on hiring hackers and criminal hackers into IT groups as programmers, network...

----------

38 Oracle security patches coming next week

----------

Scareware earns cybercriminals £850,000 a year
Cybercriminals are earning as much as £858,000 a year out of scareware, says Symantec.

----------

A Guide to Windows 7 Security
Until now, Windows Vista was the most secure version of the Windows operating system. Windows 7...

----------

"Google Voice Mails have been discovered in Google's search engine, providing audio files, names, and phone number as if you were logged in and checking your own voice mail. Some appear to be test messages, while others are clearly not. Google has since disabled indexing of voice mails outside your own website."

----------

Helpful Hint for Fugitives: Don't Update Your Location on Facebook
"Fugitive caught after updating his status on Facebook."

----------

Microsoft's Free AV Got 1.5 Million Downloads in First Week PC World – Fri Oct 16, 3:10 pm ET
Microsoft registered more than 1.5 million downloads of its free antivirus software in the week after it shipped.

----------

Monday, October 12, 2009

Monday 10/12/09

Researchers advise cyber self defense in the cloud

Security researchers are warning that Web-based applications are increasing the risk of identity theft or losing personal data more than ever before.

The best defense against data theft, malware and viruses in the cloud is self defense, researchers at the Hack In The Box (HITB) security conference said. But getting people to change how they use the Internet, such as what personal data they make public, won't be easy.

----------

Expert provides more proof hackers hijacked Hotmail accounts
It's almost certain that hackers obtained the Hotmail passwords that leaked to the Internet through a botnet-based attack, a researcher said today as she provided more proof that Microsoft's explanation was probably off-base. Read more...


----------

Sidekick users livid over Microsoft server failure
On Saturday, Microsoft announced that users' data stored on its servers "almost certainly has been lost as a result of a server failure at Microsoft/Danger," referring to Danger Inc., the Microsoft subsidiary that provides data services for Sidekick phones sold by T-Mobile.

...

"I just spoke to a lawyer and explain[ed] the entire situation," said a user tagged as "Calsmail" last Thursday. "He informed me he would be happy to start a class-action suit against T-Mobile. He said he could not only get us out of our contracts but can more than likely get $50 per contact lost."

----------

UC Berkeley tightens personal data security with data-masking tool


----------

No Facebook at work in most US companies
By News Room Yesterday

----------

What's replacing P2P, BitTorrent as pirate hangouts?

----------

EU High Court Amassing Strength & Reach
By NICK WILSON

As the European Court of Justice continues a dramatic rise in power and volume of cases, a comparison is inevitably made with the U.S. Supreme Court where an initially weak political body grew into an enormously powerful interpreter of the law in a vast region of wealth and population. But there are also key differences between the two high courts, based on the greater power held in the U.S. Constitution and the less competitive relationship between the courts of the European nations and the EU's high court.

----------

Google patches DoS vulnerabilities in Android
Researchers at the Open Source Computer Emergency Response Team (oCERT) disclosed two denial-of-service vulnerabilities in Google Inc.'s Android 1.5 mobile phone platform, both of which have already been patched by the vendor.

----------

Hackers exploit this year's fourth PDF zero-day

The bug in the popular Reader PDF viewer and the Acrobat PDF maker is being exploited in "limited targeted attacks," Adobe said yesterday. That phrasing generally means hackers are sending the rigged PDF documents to a short list of users, oftentimes company executives or others whose PCs contain a treasure trove of confidential information.

Adobe promised to patch the vulnerability on Tuesday, Oct. 13, the same day that Microsoft plans to issue its biggest-ever collection of security updates.

----------


McAfee Labs’ October Spam Report
Monday October 12, 2009 at 8:36 am CSTPosted by David Marcus

Cybercriminals are taking advantage of American concerns about healthcare by flooding the internet with spam. According to our October Spam Report, 70 percent of global spam is now “Canadian” pharmacy spam that takes advantage of fears of Swine Flu and rising costs of Medicare and pharmaceuticals.

Spammers generate more than 150 billion spam messages daily; that’s enough to send everyone in the world more than 30 emails every day (including people without computers). Nearly 19 out of every 20 emails are spam, and cybercriminals are growing more sophisticated with their attacks. No brands seem to be safe, and this month’s report analyzes how spammers are abusing the brands of Monopoly, The Hollywood Reporter and even the Jewish organization Chabad to distribute malware.


The report can be downloaded here.

----------

Posted at 2:00 PM ET, 10/12/2009
Avoid Windows Malware: Bank on a Live CD

http://blogs.washingtonpost.com/securityfix/

The simplest, most cost-effective answer I know of? Don't use Microsoft Windows when accessing your bank account online.

----------

Monday, October 5, 2009

Monday 10/05/09

Let's start today with a bit of 'bright-and-shiny':

Microsoft Demos Prototype Multi-Touch Mice
The other day, I went on a short tour of some of Microsoft’s Labs, where they do everything from rapid prototypes of new products to acoustic testing in anechoic chambers. Most of my time was spent in the Applied Sciences group’s labs, where they are working on some seriously interesting devices.

And they’re not just into mice; in fact, the lab’s specialty seemed to be anything to do with optics and/or input. This lab worked on Project Natal, and also on the pressure-sensitive keyboard I wrote about a while back.

They were kind enough to show me all these crazy multi-touch mice, and, when I was too inept to demo even one of them solo, offered to go through them with me on video.

----------

Malware and standards – is it possible?

I am excited to be involved in the joint industry effort of defining an XML format which will allow for the rapid exchange of information between security companies. This work was done by the “Malware Working Group” operating as part of the “Industry Connections Security Group” (ICSG) and under the umbrella of the IEEE. If you Google for “IEEE” and “ICSG” you should have the link at the top of the list – IEEE ICSG .

There were about 20 people from multiple security companies who contributed to the development of the proposal for the standard and I am very pleased with the results. It is a simple, flexible and powerful format that is already being used by 4 anti-malware companies to transmit meta-data about the prevalence of malware in the field. Wider adoption of this meta-data sharing will replace the trivial malware sample exchange of the past with a real-time exchange of threat intelligence data. Communicating the relationships between malware samples, domains, IPs will open endless possibilities for improving the security of all Internet users.

For example, it will allow us to describe the whole history of domains/IPs that were used by a specific malware writing group, which malware they hosted and even how the malware got installed onto users’ computers. And this can be expressed in an unambiguous way suitable for rapid automated analysis. In a word – it’s powerful!

----------

Testing email with encryption
It can be very useful to be able to talk directly with your SMTP or IMAP server for diagnostic purposes. Things get a bit more complicated when encryption rears its ugly head, but with the right tools, it doesn't have to be a black art more…

----------

Plug-in service to protect Mozilla browser
Mozilla's Plug-in Finder Server checks the versions of installed Firefox plug-ins to warn users of security holes more…

----------

Gmail Login Gets CSRF Protection
Google has silently implemented cross-site request forgery protection for Gmail authentication. The new feature comes in the form of a unique token stored in a browser cookie and checked when the login request is submitted.

----------

Hotmail hacked: Thousands of account details published online
Zack Whittaker: Microsoft admits that several thousand Windows Live Hotmail customers' credentials were exposed on a third-party site due to a phishing scheme.

----------

DRAM error rates: Nightmare on DIMM street
Robin Harris: A two-and-a-half year study of DRAM on 10s of thousands Google servers found DIMM error rates are hundreds to thousands of times higher than thought - a mean of 3,751 correctable errors per DIMM per year.

----------

Attorney Admits to Trading Settlement Money
By NICK MCCANN
(CN) - An Orange County lawyer has agreed to plead guilty to losing virtually all of a multimillion-dollar class-action settlement through high-risk day trading, the Justice Department announced.

----------

Visa creates guidance for merchants wanting to encrypt
Dan Kaplan October 05, 2009
Visa has taken a leading role in establishing best practices for end-to-end encryption implementation.

----------

Credit Card Skimming Survey: What’s Your Magstripe Worth?
Ever wonder how much the data on the back of your credit card is worth to a corrupt food service worker? The answer, it turns out, depends on which restaurants you frequent in Florida.

For some reason, the Sunshine State is a hotbed of federal prosecutions for “skimming”, in which a retail or service worker with a criminal bent swipes your credit card through a pocket-sized magstripe reader when you’re not looking — capturing your name, card number, expiration date and other information.

In the online black market, wholesalers peddle this data to credit card counterfeiters for as much as $50 for a corporate Visa or Mastercard. (Asian and European cards go for even more.) But how much does the poor food service worker get for putting his job on the line in the first place?

----------

Hackers plan to clobber the cloud, spy on Blackberries
A new era of computing is on the rise and viruses, spies and malware developers are tagging along...

----------

60% of Brits store personal data on their phone
Over 60 percent of Brits keep sensitive personal data on their smartphone, says The Carphone...

----------

Cyber Security Awareness Month - Day 5 port 31337
Backdoors and malware and trojans oh my!

----------