Adobe confirms PDF zero-day, urges users to kill JavaScript Adobe Systems late Tuesday acknowledged that all versions of its popular PDF software, including editions for Windows, the Mac and Linux, contain at least one, and maybe two, critical vulnerabilities. Read more...
----------
Verizon expands cloud backup service to global market
It charges about $3.80 per gigabyte of data stored
----------
New cybersecurity bill for electric grid readied
Senator questions wisdom of White House control over cybersecurity
The Critical Electric Infrastructure Protection Act is scheduled to be introduced on Thursday by Sen. Joseph Lieberman (I-Conn.), chairman of the U.S. Senate Committee on Homeland Security and Governmental Affairs, and Rep. Bennie Thompson (D-Miss.), chairman of the U.S. House Committee on Homeland Security.
A brief statement issued by the house committee today described the proposed legislation as one that would primarily empower the Federal Energy Regulatory Commission, an independent agency that regulates the interstate transmission of gas, oil and electricity, to issue "emergency rules or orders" if a cyberthreat is imminent.
----------
Laid-off sysadmin admits blackmailing mutual fund company
Had threatened to hack firm's systems if they didn't give him money, job references
----------
Verizon pursues illegal autodialers
April 28, 2009 (Computerworld)
Verizon Wireless said today it that has settled a lawsuit against two companies that used autodialing systems to call its wireless customers to pitch extended vehicle warranties. It also announced a separate lawsuit to stop three other companies from similar acts.
----------
ERIC SAYS: MUCH OF THIS MAY HAVE TO DO WITH PIRATED COPIES OF WINDOWS THAT CAN'T APPLY PATCHES
Companies still dragging their feet with patches
The latest data was collected throughout 2008, said Wolfgang Kandek, Qualys' CTO. Qualys scanned 80 million IP (Internet Protocol) addresses using 200 scanners that looked at Internet-facing PCs and 5,000 internal scanners behind firewalls on company intranets.
Kandek said 680 million vulnerabilities were found, with 72 million constituting critical ones, meaning the software problem could allow a hacker to take control of a computer remotely and install malicious software.
Qualys has created its own measurement, called "half life," for how fast companies patch. The measurement is the number of days it takes a companies in a certain industry to patch 50% of the vulnerabilities that have been publicly released.
The figures have barely changed since Qualys released its last study in 2004. Then, it took an average of 30 days to hit the half-patched mark. For 2008, that figure has only moved up to 29.5 days, Kandek said.
----------
PGP Complaint Forces ElcomSoft to Change Booth DecorPC World - Wed Apr 29, 7:00 AM ET
It isn't the best marketing proposition to sell encryption products next door to a fellow exhibitor who promises they can crack them.
Wallpaper on ElcomSoft's stand reading "The Only Way to Break PGP" was ripped down by Infosec conference organizers after complaints from PGP's marketing team just before the show opened.
----------
SANS: Newest WLAN Hacks Come From Afar
Apr 24,2009
Expert warns of deadly combination of long-distance remote and wireless hacking to get inside an organization
----------
Security Suffers Cuts In Recession, But Fares Better Than The Rest Of ITApr 27,2009 Layoffs, cutbacks aren't as painful in security, but they are happening, studies say
----------
Microsoft is turning off Auto-Run!
Yesterday morning Microsoft through their MSRC announced that they were going to further protection of Windows customers by disabling the Auto-Run "feature" in Windows for everything *except* optical media. (Because CD-ROM's can't be written to, according to them. I see nothing about CD-R and CD-RW specifically.)
I feel this is a good idea. There have always been virus/malware that liked to attach itself to things like thumbdrives and removable media like diskettes. (Does anyone use those anymore? ;) All the Windows environments that I've ever functioned in my whole career have always had Auto-Run disabled, so this is just good security practice by now.
For more details check out Microsoft's articles on the subject here and here.
----------
Internet Explorer 8, now being offered via Software Update
----------
3 Simple Steps to Hack a Smartphone (Includes Video)
Security firm Trust Digital demonstrates how easy it is to steal data and push nasty stuff to a mobile device with nothing more than a phone number.
Read more
----------
UPDATED: Pandemic Preparedness Primer
With the possibility of a swine flu pandemic in mind, CSOonline has put this collection of preparedness articles together to help companies review their own plans (with updated links to helpful government and health organization sites).
Read more
----------
Take That! Hackers Target Pirate Bay Prosecution Law Firm
tomshardware.com — Today brings more news of hacking at the hands of Pirate Bay fans endeavoring to show support and solidarity. Is anyone surprised?More…
While last week brought news of DDoS attacks on the main website of the International Federation of the Phonographic Industry, ifpi.org, which rendered the site sluggish and slow for most of Monday, there was no mention of similar attacks directed at lawyers representing the music, movie and game industries. It seemed the lawyers on the prosecuting side of the Pirate Bay case had made it away unscathed, but not so.
According to TorrentFreak, this past weekend brought similar troubles for Monique Wadsted, a lawyer who represented several major movie studios and called for a “very significant” prison sentence for the defendants during the Pirate Bay Trial. The movie industry lawyer’s site, MAQS, was targeted and yesterday the site displayed a notice informing visitors it was under attack.
“Our website is currently under attack and we have therefore decided to shut it down until the attack ceases. For further information call Monique Wadsted.”
While it was never specified that these attacks were launched by Pirate Bay fans, it's not exactly a huge leap to make and we're curious to hear what you guys think. It’s safe to say the majority of you disagree with the verdict reached in court, but do you think it’s out of line for people to be taking matters into their own hands in an attempt to get back at the opposition? The four men found guilty (along with their lawyers) have said they will appeal the verdict and remain adamant that the war is far from over, so are these vigilantes jumping the gun a bit? Or are you of the opinion that TPB fans should be causing the judge, jury and lawyers involved (as well as music, movie and game industries) as many headaches as possible?
----------
Congressman Seeks End of Whole Body Imaging at Airports
Congressman Jason Chaffetz has introduced legislation seeking a ban on Whole-Body Imaging machines installed by the Transportation Security Administration in various airports across America. Describing the method as unnecessary to securing an airplane, Congressman Chaffetz stated that the new law was to "balance the dual virtues of safety and privacy." The TSA recently announced plans to make the scanners, which capture a detailed picture of travelers stripped naked, the default screening device at all airport security checkpoints. Whole Body imaging (Backscatter X-Ray) technology was introduced as a tool for screening some air travelers.
Chaffetz will seek to limit airport body scans
----------
A family member called last night, upset and embarrassed that his yahoo.com account was used to blast out spam to all of his contacts. A quick examination of the message headers indicated the spam was indeed sent through his yahoo.com account, and that someone had hijacked his Webmail account password.
Upon closer inspection, I noticed that whoever had sent the message had also done the following: deleted the last 30 days worth of messages in the "Sent" folder; added the same message they had spammed out to his e-mail signature, so that the message would be tacked onto each subsequent e-mail he sent; and the perpetrators even signed his first name at the bottom of the message.
An Internet search for the domain advertised in the spam -- easylifeing.com -- shows that spammers have advertised this site by hijacking accounts at other free Web mail providers as well, including Hotmail and Gmail.
Permalink
----------
"No-Fly" Also Means "No-Flyover"
I've previously written about the piece of counterterrorism silliness known as the no-fly list:
Imagine a list of suspected terrorists so dangerous that we can't ever let them fly, yet so innocent that we can't arrest them -- even under the draconian provisions of the Patriot Act.
Turns out these people are so dangerous that they can't be allowed to fly over United States territory, even on a flight from Paris to Mexico.
What makes the whole incident even more interesting is that Air France had only sent its passenger manifest to the Mexicans, but now it is clear that Mexico shares this information with the United States.
----------
How to Spot a Fake Census Worker
This apparently non-ironic video warns that people might impersonate census workers in an effort to rob you. But while you shouldn't trust the ID of a stranger, you should trust that same stranger to give you a phone number where you can verify that ID. This, of course, makes no sense.
Preventing impersonation is hard.
----------
29 April 2009
Service Pack 2 for Windows Vista and Server 2008 is finished
Delivery is to begin some time in this quarter. To install SP2 Vista requires previous installation of SP1 more…
----------
Do Lawyers Know Better Than To Send Mindless Cease & Desist Letters?
Today, in 2009, all lawyers dealing with online media -- and that includes trademark lawyers -- are well-aware of the challenges of reputation management. They know that any C&D they send could wind up on a hundred Web sites, adorned with ridicule heaped upon their clients. They are able to make nuanced judgments about these things. They are able to balance the pros and cons of enforcing their clients' marks in each situation that may arise. Really, they are.
----------
XP Mode questions - Microsoft answers
Mary Jo Foley: Since word of Windows XP Mode and Windows Virtual PC went public - Microsoft has provided so far only the barest of details about its planned Virtual XP Mode functionality for Windows 7. Until now.
Windows 7 "XP Mode" system requirements
What you need to know about the Windows 7 Release Candidate
Windows 7's XP Virtualization: I told you so!
----------
"You can literally scrape valuable lithium off the ground of many Bolivian salt flats. The country is poised to be the center of world lithium battery production, reaping the benefit of the metal's skyrocketing value. 'The US Geological Survey says 5.4 million tons of lithium could potentially be extracted in Bolivia, compared with 3 million in Chile, 1.1 million in China and just 410,000 in the United States. ... Ailing automakers in the United States are pinning their hopes on lithium. General Motors next year plans to roll out its Volt, a car using a lithium-ion battery along with a gas engine. Nissan, Ford and BMW, among other carmakers, have similar projects.' However, the government fears foreign countries might exploit their natural resources, so for the time being, the salt flats remain untouched."
----------
Wednesday, April 29, 2009
Wednesday, April 22, 2009
Wednesday 04/22/09
EMC, Symantec kick-off security barrage With the RSA Conference cranking up, EMC’s security division RSA and Symantec rolled out security product releases Tuesday. Read more...
----------
RSA chief calls for 'inventive collaboration' among security vendors
Two years after suggesting that independent security vendors were headed for extinction, Art Coviello, president of RSA, is calling for "inventive collaboration" among vendors for dealing with the expanding range of threats facing business and government.
Delivering the opening address at the RSA Conference here today, Coviello said factors such as the sagging economy, the proliferation of new technologies and the growth of organized crime are driving the need for vendors to work with one another on key security practices.
Coviello's was a sentiment shared by multiple industry representatives at the conference, who said that the threat facing private and government networks calls for a more unified response from all cybersecurity stakeholders.
----------
NSA chief doesn't want to do cyber security solo
We don't want to run U.S. cybersecurity efforts, NSA chief says
The director of the National Security Agency (NSA) today downplayed widespread concerns about his agency's growing role in national cybersecurity affairs.
Speaking at the security-oriented RSA Conference 2009 being held here this week, Lt. Gen. Keith Alexander stressed that the NSA has no desire to run cybersecurity for the federal government. Instead, the NSA wants to team up with the U.S. Department of Homeland Security in developing and enforcing cyberdefenses for government and military networks.
----------
eBay execs call e-fencing bills unfair
EBay Inc. executives yesterday said that they oppose three bills filed in the U.S. Congress that attempt to crack down on sales of stolen goods online.
The three bills, introduced in February, could force "online marketplaces" such as eBay to provide private seller information to retailers who believe that stolen goods are being sold on such sites. They could also allow retailers to sue online marketplaces for failing to adequately investigate complaints about sales of stolen goods.
----------
Notorious adware vendor Zango shuts its doors
----------
Digital trail led investigators to alleged Craigslist murderer
Investigators say digital forensics work was key to tracking down the suspect, according to Jake Wark, press secretary for the Suffolk County, Mass., district attorney's office.
"The technology involved was absolutely crucial in identifying the suspect," said Wark in an interview with Computerworld. "The investigation led to the recovery of an abundance of cellular, wireless and other electronic evidence."
He added that investigators from the Boston police homicide unit were able to link the IP address that was used to send an e-mail setting up the April 14 date with the murder victim to Markoff's home address.
----------
Nokia: We Don't Know Why Criminals Want Our Old Phones
PC World - Tue Apr 21, 11:20 AM ET
The mystery why cybercriminals want a discontinued Nokia phone isn't getting any clearer.
----------
Is the FBI Behind Spyware?
In the pursuit of cybercrooks, the FBI is casting itself as an ethical hacker.
----------
Secunia Pushes For Standard That Updates Consumer Apps
Apr 21,2009
Danish security firm asks software vendors to help build common application that handles all third-party application updates and patching
----------
Low-Tech Impersonation
Sometimes the basic tricks work best:
Police say a man posing as a waiter collected $186 in cash from diners at two restaurants in New Jersey and walked out with the money in his pocket.
----------
Botnet of 1.9 million infected PCs found
A 1.9 million strong botnet of infected Windows PCs has been spotted by Finjan. The botnet reaches into government agencies and businesses more…
----------
----------
RSA chief calls for 'inventive collaboration' among security vendors
Two years after suggesting that independent security vendors were headed for extinction, Art Coviello, president of RSA, is calling for "inventive collaboration" among vendors for dealing with the expanding range of threats facing business and government.
Delivering the opening address at the RSA Conference here today, Coviello said factors such as the sagging economy, the proliferation of new technologies and the growth of organized crime are driving the need for vendors to work with one another on key security practices.
Coviello's was a sentiment shared by multiple industry representatives at the conference, who said that the threat facing private and government networks calls for a more unified response from all cybersecurity stakeholders.
----------
NSA chief doesn't want to do cyber security solo
We don't want to run U.S. cybersecurity efforts, NSA chief says
The director of the National Security Agency (NSA) today downplayed widespread concerns about his agency's growing role in national cybersecurity affairs.
Speaking at the security-oriented RSA Conference 2009 being held here this week, Lt. Gen. Keith Alexander stressed that the NSA has no desire to run cybersecurity for the federal government. Instead, the NSA wants to team up with the U.S. Department of Homeland Security in developing and enforcing cyberdefenses for government and military networks.
----------
eBay execs call e-fencing bills unfair
EBay Inc. executives yesterday said that they oppose three bills filed in the U.S. Congress that attempt to crack down on sales of stolen goods online.
The three bills, introduced in February, could force "online marketplaces" such as eBay to provide private seller information to retailers who believe that stolen goods are being sold on such sites. They could also allow retailers to sue online marketplaces for failing to adequately investigate complaints about sales of stolen goods.
----------
Notorious adware vendor Zango shuts its doors
----------
Digital trail led investigators to alleged Craigslist murderer
Investigators say digital forensics work was key to tracking down the suspect, according to Jake Wark, press secretary for the Suffolk County, Mass., district attorney's office.
"The technology involved was absolutely crucial in identifying the suspect," said Wark in an interview with Computerworld. "The investigation led to the recovery of an abundance of cellular, wireless and other electronic evidence."
He added that investigators from the Boston police homicide unit were able to link the IP address that was used to send an e-mail setting up the April 14 date with the murder victim to Markoff's home address.
----------
Nokia: We Don't Know Why Criminals Want Our Old Phones
PC World - Tue Apr 21, 11:20 AM ET
The mystery why cybercriminals want a discontinued Nokia phone isn't getting any clearer.
----------
Is the FBI Behind Spyware?
In the pursuit of cybercrooks, the FBI is casting itself as an ethical hacker.
----------
Secunia Pushes For Standard That Updates Consumer Apps
Apr 21,2009
Danish security firm asks software vendors to help build common application that handles all third-party application updates and patching
----------
Low-Tech Impersonation
Sometimes the basic tricks work best:
Police say a man posing as a waiter collected $186 in cash from diners at two restaurants in New Jersey and walked out with the money in his pocket.
----------
Botnet of 1.9 million infected PCs found
A 1.9 million strong botnet of infected Windows PCs has been spotted by Finjan. The botnet reaches into government agencies and businesses more…
----------
Tuesday, April 21, 2009
Tuesday 04/21/2009
Report: Hackers break into Pentagon's fighter jet project
They downloaded terabytes of data on a $300B stealth fighter
http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=9131881&taxonomyId=17&intsrc=kc_top
April 21, 2009 (IDG News Service)
Hackers broke into U.S. Department of Defense computers and downloaded terabytes of data containing design information about the Joint Strike Fighter, a $300 billion stealth fighter currently under development, according to The Wall Street Journal.
The stolen files all relate to the design of the Joint Strike Fighter and its electronic systems, the Journal reported, saying they could be used to help defend against the jet.
However, the most sensitive files were not compromised because they are stored on computers that are not connected to the Internet, the report said.
The reported attack raised more questions than it answered.
For example, the report did not say how attackers managed to download terabytes of data before being discovered. A single terabyte can take up to several weeks to download over a relatively fast data connection, such as a Digital Subscriber Line or cable modem.
The report also suggested that China could be behind the stolen data, noting that investigators believe the attack originated in China. However, it said the exact identities of the people behind the attack had not been established.
They downloaded terabytes of data on a $300B stealth fighter
http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=9131881&taxonomyId=17&intsrc=kc_top
April 21, 2009 (IDG News Service)
Hackers broke into U.S. Department of Defense computers and downloaded terabytes of data containing design information about the Joint Strike Fighter, a $300 billion stealth fighter currently under development, according to The Wall Street Journal.
The stolen files all relate to the design of the Joint Strike Fighter and its electronic systems, the Journal reported, saying they could be used to help defend against the jet.
However, the most sensitive files were not compromised because they are stored on computers that are not connected to the Internet, the report said.
The reported attack raised more questions than it answered.
For example, the report did not say how attackers managed to download terabytes of data before being discovered. A single terabyte can take up to several weeks to download over a relatively fast data connection, such as a Digital Subscriber Line or cable modem.
The report also suggested that China could be behind the stolen data, noting that investigators believe the attack originated in China. However, it said the exact identities of the people behind the attack had not been established.
Monday, April 20, 2009
Monday 04/20/09
Criminals pay top money for hackable Nokia phone Criminals are willing to pay thousands of euros for a discontinued Nokia mobile phone with a software problem that can be exploited to hack into online bank accounts, according to a fraud investigator in the Netherlands. Read more...
----------
New Symantec CEO Says Security Sells in Hard Times
Enrique Salem, who took the reins of Symantec Corp. as president and CEO this month, sat down with Computerworld's Scot Finnie and Lucas Mearian at the Storage Networking World conference here to talk about how his company is dealing with the recession and his vision of the future of Symantec and the technology business.
----------
FBI used spyware to catch cable-cutting extortionist
The FBI used spyware to catch a Massachusetts man who tried to extort money from Verizon Communications Inc. and Comcast Corp. by cutting 18 cables carrying voice and data in 2005, documents obtained under the Freedom of Information Act by Wired.com revealed yesterday.
Although the man's name was redacted in the documents provided to the Web site, their description of the case matches that of Danny M. Kelly, an unemployed engineer who at the time lived in Chelmsford, Mass. According to federal court records, Kelly was accused of cutting a total of 18 above-ground communications cables between November 2004 and February 2005 as part of a plot to extort money from Verizon and Comcast.
...
----------
New Twitter worm targets celebrities
A worm referencing celebrities such as Ashton Kutcher and Oprah Winfrey is rapidly spreading across Twitter Inc.'s microblogging site, security firm Sophos PLC said on Friday.
The worm hacks into Twitter profiles and automatically sends unauthorized Twitter status updates to contacts from the hacked accounts. Users who look at infected profiles are then automatically infected, and unauthorized posts are automatically sent to their contacts.
...
----------
Va. man pleads guilty to selling $1M worth of counterfeit software
A Virginia man has pleaded guilty to charges related to selling counterfeit software with a retail value of about $1 million on eBay, the U.S. Department of Justice said.
Gregory William Fair, 46, of Falls Church, Va., pleaded guilty on Thursday to one count of criminal copyright infringement and one count of mail fraud in U.S. District Court for the District of Columbia.
Between 2001 and February 2008, Fair sold a "large volume" of counterfeit Adobe Systems software on eBay using multiple user IDs, the DOJ said in a news release. Fair has agreed to forfeit the proceeds of the software sales, including $144,000 seized from a safety deposit box and residence; one BMW 525i; one Hummer H2; one Mercedes CL600; and one 1969 Pontiac GTO, the agency said.
Fair is scheduled to be sentenced on July 8. He faces up to five years in prison on the criminal copyright infringement count and up to 20 years in prison on the mail fraud count. He also faces a maximum fine of $250,000 on each charge.
----------
Microsoft's RSA Message: Internet Needs Trust to Grow
Software vendor will update its End-to-End Trust vision at RSA this week.
Read more
----------
Study: Mistakes, Not Malicious Insiders, to Blame for Most Breaches
285 million records breached, most attacks came from external sources, according to Verizon study.
Read more
----------
Wanted: Computer hackers ... to help government AP - Sun Apr 19, 12:53 AM ET
WASHINGTON - Wanted: Computer hackers.
General Dynamics Information Technology put out an ad last month on behalf of the Homeland Security Department seeking someone who could "think like the bad guy." Applicants, it said, must understand hackers' tools and tactics and be able to analyze Internet traffic and identify vulnerabilities in the federal systems.
In the Pentagon's budget request submitted last week, Defense Secretary Robert Gates said the Pentagon will increase the number of cyberexperts it can train each year from 80 to 250 by 2011.
----------
10 Technologies That Survive Budget Cuts
Here are the recession-resistant needs of a well-equipped enterprise (run by a smart CIO).
Even in the midst of a recession, IT leaders realize they can't neglect certain technologies, according to Robert Half Technology, which recently polled 1,400 CIOs to learn in which areas they plan to invest 2009 budget dollars. Seventy-percent said their companies will invest in IT initiatives in the next 12 months, with 43% indicating that information security projects would be a top priority. Twenty-eight percent plan investments in virtualization and 27% will be looking to make their data centers more efficient with technology buys.
----------
Study: Green IT less important during recession
The prolonged global recession appears to be taking some of the steam out of IT spending on ecologically sensitive initiatives. According to a new study by Gartner, most firms still consider green important, but many -- including a third of the U.S.-based respondents to the study -- said cost-cutting has become the top priority since the economic slowdown began. PCWorld/Computerworld UK (4/19)
----------
Adobe's Flash comes to TVs, set-top boxes
Adobe creates a new version of its Flash multimedia player that can be embedded in TVs and set-top boxes. Sun, Apr 19 22:23:00 PDT 2009 Read full story
----------
Demigod publisher Stardock ran into a very unexpected problem when the game launched: around 100,000 more online players than expected. The number of legit connections? 18,000.
http://arstechnica.com/gaming/news/2009/04/demigod-hit-by-massive-piracy-review-scores-take-beating.ars
----------
HP, Microsoft, VMware to expand desktop virtualization
Dana Gardner: As the sour economy pushes more companies into the arms of virtual desktop infrastructure (VDI) for cost cutting, the vendor community is eagerly wiping out obstacles to adoption by broadening the appeal of desktops as a service.
----------
Congress Ponders Cybersecurity Power Grab
There was a lot of attention paid last week to a new "cybersecurity" bill that would drastically expand the government's power over the Internet. The two provisions that have probably attracted the most attention are the parts that would allow the president to "declare a cybersecurity emergency" and then seize control of "any compromised Federal government or United States critical infrastructure information system or network." Perhaps even more troubling, the EFF notes a section that states that the government "shall have access to all relevant data concerning (critical infrastructure) networks without regard to any provision of law, regulation, rule, or policy restricting such access." Read literally, this language would seem to give the government the power to override the privacy protections in such laws as the Electronic Communications Privacy Act and the Foreign Intelligence Surveillance Act. Thankfully, Congress can't override the Fourth Amendment by statute, but this language poses a real threat to Fourth Amendment rights.
...
----------
Regarding using TigerDirect as a vendor:
Dell Uses the Whip on Tiger Direct
MANHATTAN (CN) - Tiger Direct falsely claims that its goods are covered by a Dell warrant, and falsely claims to sell new Dell equipment obtained directly from the computer maker, "when in fact they are old, out of date, obtained from resellers and not from Dell, used and/or refurbished," Dell claims in Federal Court.
----------
DEPT. OF IRONY.
I offer for your amusement, the following words and one phrase: "impuissant," "perscrutation," "sockdolager," and "free-floating bubble of discretion." Pretty cool, huh? The nifty language comes from a U. S. Court of Appeals for the First Circuit ruling by Judge Bruce Selyer called In Re Sony BMG Music Entertainment in which the court said that a civil trial over allegedly illegal file-sharing of music on the Internet could not be webcast live on the Internet. The music company doesn't want to share its trial for free either. The logical next step: trial pirates illegally sharing court hearing downloads. The Internet is so much fun.
----------
Obama appoints federal CTO, industry applauds choice
Angela Moscaritolo April 20, 2009
President Obama appointed the first-ever federal chief technology officer during the weekend.
----------
Like Postini?
Microsoft Forefront now in the clouds
Angela Moscaritolo April 16, 2009
Microsoft has extended its Forefront brand and is now putting messaging security into the cloud.
----------
DoJ Nixed Investigation of Congresswoman to Get Support for NSA Wiretapping
Those who have long felt there was a suspicious backstory behind Congress's support of the Bush Administration's warrantless wiretapping may feel their suspicions are closer to being confirmed this week.
Congressional Quarterly's Jeff Stein has an explosive story about how the Justice Department thwarted a criminal investigation of Representative Jane Harman (D - California) in order to guarantee her support for the NSA's warrantless wiretapping program.
According to CQ, in 2004, Harman had helped lobby the New York Times to kill its NSA warrantless wiretapping story, which the newspaper had originally intended to publish on the eve of the 2004 elections.
The story was published a year later in December 2005...
----------
FoxNews.com Serving Up Infected Ads?
Banner ads hoisting bogus AV scamware on users...
10:07AM Monday Apr 20 2009 by Karl Bode
Users in our security forum have discovered that advertisements delivered via the FoxNews.com website have been using popup malware to force-deliver artificial anti-virus malware onto the PCs of unsuspecting visitors (of which Fox has countless millions). One of our more skilled scambusters and "malvertising" gurus has further dissected (with photos) the exact scumware delivery mechanism at work here -- and notes that users don't even need to click on an ad banner at the website in order to get infected. The vsm_free_setup.exe forced download the ads are instituting originates from Russia or the Ukraine, and appears to involve a keylogger.
----------
StealthMBR gets a makeover
Sunday April 19, 2009 at 6:22 pm CST
New variants of the StealthMBR trojan aka Mebroot rootkit have recently been spotted in-the-wild. These new variants are significantly different from earlier ones.
StealthMBR has arguably been dubbed as the stealthiest rootkit ever seen. The new variants are using even ‘deeper’ techniques to evade detection. Broadly speaking, they are hijacking kernel objects (device object) to filter out access to the master boot record and prevent detection and repair. As opposed to earlier variants, which installed lower level hooks on the IRP table of \driver\disk, these new variants are able to hook the IRP table of an even lower driver. And these hooks too are not present all the time but only installed on an on-demand basis. The hijacked disk device object is used to facilitate this. Detection is not the only problem; this threat also poses cleaning challenges by installing watching mechanisms to re-infect the machine.
----------
Lastly, today is Adolf Hitler's Birthday, which makes it a target day for nutjobs and kooks. Keep a watch out.
----------
New Symantec CEO Says Security Sells in Hard Times
Enrique Salem, who took the reins of Symantec Corp. as president and CEO this month, sat down with Computerworld's Scot Finnie and Lucas Mearian at the Storage Networking World conference here to talk about how his company is dealing with the recession and his vision of the future of Symantec and the technology business.
----------
FBI used spyware to catch cable-cutting extortionist
The FBI used spyware to catch a Massachusetts man who tried to extort money from Verizon Communications Inc. and Comcast Corp. by cutting 18 cables carrying voice and data in 2005, documents obtained under the Freedom of Information Act by Wired.com revealed yesterday.
Although the man's name was redacted in the documents provided to the Web site, their description of the case matches that of Danny M. Kelly, an unemployed engineer who at the time lived in Chelmsford, Mass. According to federal court records, Kelly was accused of cutting a total of 18 above-ground communications cables between November 2004 and February 2005 as part of a plot to extort money from Verizon and Comcast.
...
----------
New Twitter worm targets celebrities
A worm referencing celebrities such as Ashton Kutcher and Oprah Winfrey is rapidly spreading across Twitter Inc.'s microblogging site, security firm Sophos PLC said on Friday.
The worm hacks into Twitter profiles and automatically sends unauthorized Twitter status updates to contacts from the hacked accounts. Users who look at infected profiles are then automatically infected, and unauthorized posts are automatically sent to their contacts.
...
----------
Va. man pleads guilty to selling $1M worth of counterfeit software
A Virginia man has pleaded guilty to charges related to selling counterfeit software with a retail value of about $1 million on eBay, the U.S. Department of Justice said.
Gregory William Fair, 46, of Falls Church, Va., pleaded guilty on Thursday to one count of criminal copyright infringement and one count of mail fraud in U.S. District Court for the District of Columbia.
Between 2001 and February 2008, Fair sold a "large volume" of counterfeit Adobe Systems software on eBay using multiple user IDs, the DOJ said in a news release. Fair has agreed to forfeit the proceeds of the software sales, including $144,000 seized from a safety deposit box and residence; one BMW 525i; one Hummer H2; one Mercedes CL600; and one 1969 Pontiac GTO, the agency said.
Fair is scheduled to be sentenced on July 8. He faces up to five years in prison on the criminal copyright infringement count and up to 20 years in prison on the mail fraud count. He also faces a maximum fine of $250,000 on each charge.
----------
Microsoft's RSA Message: Internet Needs Trust to Grow
Software vendor will update its End-to-End Trust vision at RSA this week.
Read more
----------
Study: Mistakes, Not Malicious Insiders, to Blame for Most Breaches
285 million records breached, most attacks came from external sources, according to Verizon study.
Read more
----------
Wanted: Computer hackers ... to help government AP - Sun Apr 19, 12:53 AM ET
WASHINGTON - Wanted: Computer hackers.
General Dynamics Information Technology put out an ad last month on behalf of the Homeland Security Department seeking someone who could "think like the bad guy." Applicants, it said, must understand hackers' tools and tactics and be able to analyze Internet traffic and identify vulnerabilities in the federal systems.
In the Pentagon's budget request submitted last week, Defense Secretary Robert Gates said the Pentagon will increase the number of cyberexperts it can train each year from 80 to 250 by 2011.
----------
10 Technologies That Survive Budget Cuts
Here are the recession-resistant needs of a well-equipped enterprise (run by a smart CIO).
Even in the midst of a recession, IT leaders realize they can't neglect certain technologies, according to Robert Half Technology, which recently polled 1,400 CIOs to learn in which areas they plan to invest 2009 budget dollars. Seventy-percent said their companies will invest in IT initiatives in the next 12 months, with 43% indicating that information security projects would be a top priority. Twenty-eight percent plan investments in virtualization and 27% will be looking to make their data centers more efficient with technology buys.
----------
Study: Green IT less important during recession
The prolonged global recession appears to be taking some of the steam out of IT spending on ecologically sensitive initiatives. According to a new study by Gartner, most firms still consider green important, but many -- including a third of the U.S.-based respondents to the study -- said cost-cutting has become the top priority since the economic slowdown began. PCWorld/Computerworld UK (4/19)
----------
Adobe's Flash comes to TVs, set-top boxes
Adobe creates a new version of its Flash multimedia player that can be embedded in TVs and set-top boxes. Sun, Apr 19 22:23:00 PDT 2009 Read full story
----------
Demigod publisher Stardock ran into a very unexpected problem when the game launched: around 100,000 more online players than expected. The number of legit connections? 18,000.
http://arstechnica.com/gaming/news/2009/04/demigod-hit-by-massive-piracy-review-scores-take-beating.ars
----------
HP, Microsoft, VMware to expand desktop virtualization
Dana Gardner: As the sour economy pushes more companies into the arms of virtual desktop infrastructure (VDI) for cost cutting, the vendor community is eagerly wiping out obstacles to adoption by broadening the appeal of desktops as a service.
----------
Congress Ponders Cybersecurity Power Grab
There was a lot of attention paid last week to a new "cybersecurity" bill that would drastically expand the government's power over the Internet. The two provisions that have probably attracted the most attention are the parts that would allow the president to "declare a cybersecurity emergency" and then seize control of "any compromised Federal government or United States critical infrastructure information system or network." Perhaps even more troubling, the EFF notes a section that states that the government "shall have access to all relevant data concerning (critical infrastructure) networks without regard to any provision of law, regulation, rule, or policy restricting such access." Read literally, this language would seem to give the government the power to override the privacy protections in such laws as the Electronic Communications Privacy Act and the Foreign Intelligence Surveillance Act. Thankfully, Congress can't override the Fourth Amendment by statute, but this language poses a real threat to Fourth Amendment rights.
...
----------
Regarding using TigerDirect as a vendor:
Dell Uses the Whip on Tiger Direct
MANHATTAN (CN) - Tiger Direct falsely claims that its goods are covered by a Dell warrant, and falsely claims to sell new Dell equipment obtained directly from the computer maker, "when in fact they are old, out of date, obtained from resellers and not from Dell, used and/or refurbished," Dell claims in Federal Court.
----------
DEPT. OF IRONY.
I offer for your amusement, the following words and one phrase: "impuissant," "perscrutation," "sockdolager," and "free-floating bubble of discretion." Pretty cool, huh? The nifty language comes from a U. S. Court of Appeals for the First Circuit ruling by Judge Bruce Selyer called In Re Sony BMG Music Entertainment in which the court said that a civil trial over allegedly illegal file-sharing of music on the Internet could not be webcast live on the Internet. The music company doesn't want to share its trial for free either. The logical next step: trial pirates illegally sharing court hearing downloads. The Internet is so much fun.
----------
Obama appoints federal CTO, industry applauds choice
Angela Moscaritolo April 20, 2009
President Obama appointed the first-ever federal chief technology officer during the weekend.
----------
Like Postini?
Microsoft Forefront now in the clouds
Angela Moscaritolo April 16, 2009
Microsoft has extended its Forefront brand and is now putting messaging security into the cloud.
----------
DoJ Nixed Investigation of Congresswoman to Get Support for NSA Wiretapping
Those who have long felt there was a suspicious backstory behind Congress's support of the Bush Administration's warrantless wiretapping may feel their suspicions are closer to being confirmed this week.
Congressional Quarterly's Jeff Stein has an explosive story about how the Justice Department thwarted a criminal investigation of Representative Jane Harman (D - California) in order to guarantee her support for the NSA's warrantless wiretapping program.
According to CQ, in 2004, Harman had helped lobby the New York Times to kill its NSA warrantless wiretapping story, which the newspaper had originally intended to publish on the eve of the 2004 elections.
The story was published a year later in December 2005...
----------
FoxNews.com Serving Up Infected Ads?
Banner ads hoisting bogus AV scamware on users...
10:07AM Monday Apr 20 2009 by Karl Bode
Users in our security forum have discovered that advertisements delivered via the FoxNews.com website have been using popup malware to force-deliver artificial anti-virus malware onto the PCs of unsuspecting visitors (of which Fox has countless millions). One of our more skilled scambusters and "malvertising" gurus has further dissected (with photos) the exact scumware delivery mechanism at work here -- and notes that users don't even need to click on an ad banner at the website in order to get infected. The vsm_free_setup.exe forced download the ads are instituting originates from Russia or the Ukraine, and appears to involve a keylogger.
----------
StealthMBR gets a makeover
Sunday April 19, 2009 at 6:22 pm CST
New variants of the StealthMBR trojan aka Mebroot rootkit have recently been spotted in-the-wild. These new variants are significantly different from earlier ones.
StealthMBR has arguably been dubbed as the stealthiest rootkit ever seen. The new variants are using even ‘deeper’ techniques to evade detection. Broadly speaking, they are hijacking kernel objects (device object) to filter out access to the master boot record and prevent detection and repair. As opposed to earlier variants, which installed lower level hooks on the IRP table of \driver\disk, these new variants are able to hook the IRP table of an even lower driver. And these hooks too are not present all the time but only installed on an on-demand basis. The hijacked disk device object is used to facilitate this. Detection is not the only problem; this threat also poses cleaning challenges by installing watching mechanisms to re-infect the machine.
----------
Lastly, today is Adolf Hitler's Birthday, which makes it a target day for nutjobs and kooks. Keep a watch out.
Friday, April 17, 2009
Friday 04/17/09
For Bob:
Obama Unveils High-Speed Rail Plan
nytimes.com — President Barack Obama on Thursday highlighted his ambition for the development of high-speed passenger rail lines in at least 10 regions.More…
----------
Botnets: 4 Reasons It's Getting Harder to Find and Fight Them
Researchers say vulnerable Web 2.0 applications and peer-to-peer architecture are making it easy for hackers to maintain armies of hijacked computers.
Read more
----------
The Pirate Bay verdict: guilty, with jail time
A Swedish district court has ended The Pirate Bay's "spectrial" with a guilty verdict. The defendants split a 30 million kronor fine and will each spend a year in jail, though one already says he would rather burn all the money he owns than pay up.
----------
DOJ wants Microsoft antitrust oversight extended into 2011
----------
A warning against premature adoption of cloud computing
about 5 hours ago - by Ryan Paul Posted in: Uptime
A new report on cloud computing indicates that building and operating a data center is still more cost-effective than adopting cloud computing services like EC2 for many large companies.
Read more
----------
They're gone! After outcry, Time Warner uncaps the tubes
about 23 hours ago - by Nate Anderson Posted in: Law & Disorder
After a public outcry and the attention of several members of Congress, Time Warner Cable has stopped its trial of Internet data caps, but not before making "metered billing" a tough sell for all other American ISPs.
Read more
----------
Apple growth turns negative as worldwide PC shipments plunge
----------
Online proxy users won't get stiffer sentences after all
a day ago - by John Timmer Posted in: Law & Disorder
A proposal that would have directed judges to consider the use of proxy servers when sentencing those convicted of online crimes has been dropped at the urging of technology advocates.
Read more
----------
Microsoft April 2009 patches:
April 2009 Monthly Bulletin Release
----------
Token Kidnapping
Posted Tuesday, April 14, 2009 10:36 AM by MSRCTEAM
Hello everyone,
As you can see from the April 2009 release summary, we addressed the Token Kidnapping issue with bulletin MS09-012. This issue allowed an attacker to gain full control of a server if the attacker can first run malicious code on the server as a lesser privileged user.
----------
EPIC Demands Disclosure on DHS "Virtual Strip Search" at Airports
Today, EPIC filed a Freedom of Information Act request demanding disclosure of records detailing airport scanners that take naked pictures of American travelers. Security experts describe the "whole body imaging" scanners as virtual strip searches. The Transportation Security Administration plans to make the scans mandatory at all airport security checkpoints, despite prior assurances that whole body imaging would be optional. EPIC's request seeks documents concerning the agency's ability to store and transmit detailed images of naked U.S. citizens. For more information, see EPIC's Whole Body Imaging page and EPIC's FOIA Litigation Manual (Apr. 14)
EPIC on April 15, 2009 11:04 PMPermanent link to this item.
----------
World's First Mac Botnet? Not Quite.
Permalink
This morning, as I scrolled down the list of security Web sites I normally check via my RSS reader, I noticed several items referencing news about the "world's first Mac botnet." As I read on, it became clear this was neither news nor a first.
...
----------
Vulnerabilities in Linux allow root privileges
According to a number of Linux distributors, a bug in the Linux udev service allows root privileges to be obtained more…
----------
17 April 2009
SQL injection reloaded: access to the operating system
SQL injection lets attackers not only manipulate a database, but immediately take control of a complete server along with the operating system. The sqlmap tool fully automates the process more…
----------
17 April 2009
A new Linux rootkit technique presented
Anthony Lineberry, a Linux expert, has presented a method for incorporating and hiding rootkits via the /dev/mem interface. He has developed a libmemrk library to help do this more…
----------
Researcher Offers Tool to Hide Malware in .Net PC World - Fri Apr 17, 7:20 AM ET
A computer security researcher has released an upgraded tool that can simplify the placement of difficult-to-detect malicious software in Microsoft's .Net framework on Windows computers.
----------
Phishers get more wily as cybercrime grows Reuters - Fri Apr 17, 5:46 AM ET
WASHINGTON (Reuters) - Phishing scams have grown up from the unsophisticated swindles of the past in which fake Nigerian princes e-mailed victims, who would get a big windfall if they just provide their bank account number.
----------
Full disk encryption comes to SSDs for mobile devices, laptops
Dell adds encrypted drives to its Latitude line of laptops
April 16, 2009 (Computerworld)
Samsung Electronics Co. announced today it is shipping its first self-encrypting solid-state disk (SSD) drives. The drives will come in 1.8-in. and 2.5-in. sizes for handheld devices and laptops, respectively.
In tandem with Samsung's announcement, Dell Inc. promptly introduced a suite of mobile data security technologies for its Latitude line of laptops, with native drive encryption expected to be available in the next few months.
----------
Verizon: Organized Crime Caused Spike in Data Breaches
A new study from Verizon Business claims that organized crime is responsible for a large increase in the number of breached corporate electronic records.
----------
11 Percent of PCs Still Unpatched Against Conficker Security experts say PC users should smarten up and patch their PCs against threats such as conficker.
----------
Microsoft Partners With Network Security Vendors For 'Stirling'
Apr 16,2009 Microsoft releases new beta version of next-gen security suite, announces first Forefront security service
----------
Study: Despite Increased Security Spending, Severity Of Breaches Is On The Increase
Apr 14,2009 CompTIA study says human error is the most frequent cause of breaches worldwide
----------
This may alter how we do business:
HP, Microsoft, VMware to expand desktop virtualization
Dana Gardner: As the sour economy pushes more companies into the arms of virtual desktop infrastructure (VDI) for cost cutting, the vendor community is eagerly wiping out obstacles to adoption by broadening the appeal of desktops as a service.
----------
Law Firm Twisting Open Source License Ruling To Mislead About Open Source Software
from the that's-not-what-it-says-at-all dept
When CAFC ruled last summer about the legality of open source licenses and their connection to copyright in the Jacobsen case, we were a little worried that the ruling appeared to conflict with some other copyright rulings, in a way that could eventually cause problems. However, on the whole, it was a good ruling, putting weight behind the core concept behind open source/Creative Commons-style license, which mostly rely on copyright to backstop what those licenses require. However, a law firm has been running around trying to push the idea that the ruling means using any open source software increases your copyright infringement liability. Of course, that's only true if you don't abide by the terms of the license. In other words, the risks are no different than if you're using proprietary code: if you obey the terms of the license, there's no problem. If you don't, there is. All the ruling really stated was that there could be greater damages to those who don't abide by the license. So, really, the law firm's advice seems to be directed entirely to firms who plan to not live up to the requirements of an open source license. That's hardly an increased liability for those who comply.
----------
H-1B visa use cuts U.S. programmer, software engineer wages by up to 6%
http://cwflyris.computerworld.com/t/4834258/6339517/184146/0/
----------
Twitter teen hacker hired by Web app developer
http://cwflyris.computerworld.com/t/4834258/6339517/184147/0/
----------
Va. man pleads guilty to selling $1M worth of counterfeit software
http://cwflyris.computerworld.com/t/4834258/6339517/184153/0/
----------
Hackers prey on Ford Motor Co. searches to boost rankings
http://www.scmagazineus.com/Hackers-prey-on-Ford-Motor-Co-searches-to-boost-rankings/article/130635/
Attackers are using the Ford Motor Co. name to poison search engine results with some 1.2 million malicious links that lead to rogue security software, according to PandaLabs.Attackers use search-engine optimization (SEO) to get their malicious sites to the top of results on Google and other search engines. On Monday night, researchers at PandaLabs started tracking this threat, which is ongoing, Sean-Paul Correll, threat researcher and security evangelist for Panda Security, told SCMagazineUS.com Tuesday.
----------
Stock Jocks Proved Clueless On FiOS$24 billion investment didn't 'doom' Verizon after all...01:01PM Friday Apr 17 2009 by Karl Bode
When Verizon first announced their $24 billion fiber to the home project, there was no shortage of critics in the investment community, many of whom thought the act of future-proofing the carrier's network would somehow "doom" them. In reality, investors just didn't have the patience to wait for returns on the investments, analysts like Sanford Bernsteins's Craig Moffett taking every opportunity to thrash the carrier for actually upgrading from copper.
----------
Obama Unveils High-Speed Rail Plan
nytimes.com — President Barack Obama on Thursday highlighted his ambition for the development of high-speed passenger rail lines in at least 10 regions.More…
----------
Botnets: 4 Reasons It's Getting Harder to Find and Fight Them
Researchers say vulnerable Web 2.0 applications and peer-to-peer architecture are making it easy for hackers to maintain armies of hijacked computers.
Read more
----------
The Pirate Bay verdict: guilty, with jail time
A Swedish district court has ended The Pirate Bay's "spectrial" with a guilty verdict. The defendants split a 30 million kronor fine and will each spend a year in jail, though one already says he would rather burn all the money he owns than pay up.
----------
DOJ wants Microsoft antitrust oversight extended into 2011
----------
A warning against premature adoption of cloud computing
about 5 hours ago - by Ryan Paul Posted in: Uptime
A new report on cloud computing indicates that building and operating a data center is still more cost-effective than adopting cloud computing services like EC2 for many large companies.
Read more
----------
They're gone! After outcry, Time Warner uncaps the tubes
about 23 hours ago - by Nate Anderson Posted in: Law & Disorder
After a public outcry and the attention of several members of Congress, Time Warner Cable has stopped its trial of Internet data caps, but not before making "metered billing" a tough sell for all other American ISPs.
Read more
----------
Apple growth turns negative as worldwide PC shipments plunge
----------
Online proxy users won't get stiffer sentences after all
a day ago - by John Timmer Posted in: Law & Disorder
A proposal that would have directed judges to consider the use of proxy servers when sentencing those convicted of online crimes has been dropped at the urging of technology advocates.
Read more
----------
Microsoft April 2009 patches:
April 2009 Monthly Bulletin Release
----------
Token Kidnapping
Posted Tuesday, April 14, 2009 10:36 AM by MSRCTEAM
Hello everyone,
As you can see from the April 2009 release summary, we addressed the Token Kidnapping issue with bulletin MS09-012. This issue allowed an attacker to gain full control of a server if the attacker can first run malicious code on the server as a lesser privileged user.
----------
EPIC Demands Disclosure on DHS "Virtual Strip Search" at Airports
Today, EPIC filed a Freedom of Information Act request demanding disclosure of records detailing airport scanners that take naked pictures of American travelers. Security experts describe the "whole body imaging" scanners as virtual strip searches. The Transportation Security Administration plans to make the scans mandatory at all airport security checkpoints, despite prior assurances that whole body imaging would be optional. EPIC's request seeks documents concerning the agency's ability to store and transmit detailed images of naked U.S. citizens. For more information, see EPIC's Whole Body Imaging page and EPIC's FOIA Litigation Manual (Apr. 14)
EPIC on April 15, 2009 11:04 PMPermanent link to this item.
----------
World's First Mac Botnet? Not Quite.
Permalink
This morning, as I scrolled down the list of security Web sites I normally check via my RSS reader, I noticed several items referencing news about the "world's first Mac botnet." As I read on, it became clear this was neither news nor a first.
...
----------
Vulnerabilities in Linux allow root privileges
According to a number of Linux distributors, a bug in the Linux udev service allows root privileges to be obtained more…
----------
17 April 2009
SQL injection reloaded: access to the operating system
SQL injection lets attackers not only manipulate a database, but immediately take control of a complete server along with the operating system. The sqlmap tool fully automates the process more…
----------
17 April 2009
A new Linux rootkit technique presented
Anthony Lineberry, a Linux expert, has presented a method for incorporating and hiding rootkits via the /dev/mem interface. He has developed a libmemrk library to help do this more…
----------
Researcher Offers Tool to Hide Malware in .Net PC World - Fri Apr 17, 7:20 AM ET
A computer security researcher has released an upgraded tool that can simplify the placement of difficult-to-detect malicious software in Microsoft's .Net framework on Windows computers.
----------
Phishers get more wily as cybercrime grows Reuters - Fri Apr 17, 5:46 AM ET
WASHINGTON (Reuters) - Phishing scams have grown up from the unsophisticated swindles of the past in which fake Nigerian princes e-mailed victims, who would get a big windfall if they just provide their bank account number.
----------
Full disk encryption comes to SSDs for mobile devices, laptops
Dell adds encrypted drives to its Latitude line of laptops
April 16, 2009 (Computerworld)
Samsung Electronics Co. announced today it is shipping its first self-encrypting solid-state disk (SSD) drives. The drives will come in 1.8-in. and 2.5-in. sizes for handheld devices and laptops, respectively.
In tandem with Samsung's announcement, Dell Inc. promptly introduced a suite of mobile data security technologies for its Latitude line of laptops, with native drive encryption expected to be available in the next few months.
----------
Verizon: Organized Crime Caused Spike in Data Breaches
A new study from Verizon Business claims that organized crime is responsible for a large increase in the number of breached corporate electronic records.
----------
11 Percent of PCs Still Unpatched Against Conficker Security experts say PC users should smarten up and patch their PCs against threats such as conficker.
----------
Microsoft Partners With Network Security Vendors For 'Stirling'
Apr 16,2009 Microsoft releases new beta version of next-gen security suite, announces first Forefront security service
----------
Study: Despite Increased Security Spending, Severity Of Breaches Is On The Increase
Apr 14,2009 CompTIA study says human error is the most frequent cause of breaches worldwide
----------
This may alter how we do business:
HP, Microsoft, VMware to expand desktop virtualization
Dana Gardner: As the sour economy pushes more companies into the arms of virtual desktop infrastructure (VDI) for cost cutting, the vendor community is eagerly wiping out obstacles to adoption by broadening the appeal of desktops as a service.
----------
Law Firm Twisting Open Source License Ruling To Mislead About Open Source Software
from the that's-not-what-it-says-at-all dept
When CAFC ruled last summer about the legality of open source licenses and their connection to copyright in the Jacobsen case, we were a little worried that the ruling appeared to conflict with some other copyright rulings, in a way that could eventually cause problems. However, on the whole, it was a good ruling, putting weight behind the core concept behind open source/Creative Commons-style license, which mostly rely on copyright to backstop what those licenses require. However, a law firm has been running around trying to push the idea that the ruling means using any open source software increases your copyright infringement liability. Of course, that's only true if you don't abide by the terms of the license. In other words, the risks are no different than if you're using proprietary code: if you obey the terms of the license, there's no problem. If you don't, there is. All the ruling really stated was that there could be greater damages to those who don't abide by the license. So, really, the law firm's advice seems to be directed entirely to firms who plan to not live up to the requirements of an open source license. That's hardly an increased liability for those who comply.
----------
H-1B visa use cuts U.S. programmer, software engineer wages by up to 6%
http://cwflyris.computerworld.com/t/4834258/6339517/184146/0/
----------
Twitter teen hacker hired by Web app developer
http://cwflyris.computerworld.com/t/4834258/6339517/184147/0/
----------
Va. man pleads guilty to selling $1M worth of counterfeit software
http://cwflyris.computerworld.com/t/4834258/6339517/184153/0/
----------
Hackers prey on Ford Motor Co. searches to boost rankings
http://www.scmagazineus.com/Hackers-prey-on-Ford-Motor-Co-searches-to-boost-rankings/article/130635/
Attackers are using the Ford Motor Co. name to poison search engine results with some 1.2 million malicious links that lead to rogue security software, according to PandaLabs.Attackers use search-engine optimization (SEO) to get their malicious sites to the top of results on Google and other search engines. On Monday night, researchers at PandaLabs started tracking this threat, which is ongoing, Sean-Paul Correll, threat researcher and security evangelist for Panda Security, told SCMagazineUS.com Tuesday.
----------
Stock Jocks Proved Clueless On FiOS$24 billion investment didn't 'doom' Verizon after all...01:01PM Friday Apr 17 2009 by Karl Bode
When Verizon first announced their $24 billion fiber to the home project, there was no shortage of critics in the investment community, many of whom thought the act of future-proofing the carrier's network would somehow "doom" them. In reality, investors just didn't have the patience to wait for returns on the investments, analysts like Sanford Bernsteins's Craig Moffett taking every opportunity to thrash the carrier for actually upgrading from copper.
----------
Monday, April 13, 2009
Monday 04/13/09
VMware Security Advisories
April 10, 2009 VMSA-2009-0006
VMware Hosted products and patches for ESX and ESXi resolve a critical security vulnerability
[more]
----------
Report: Security Tops IT Budget Priorities
New research from Robert Half International finds companies are still putting money into IT security projects, even when budgets are tight.
Read more
----------
Taking a Lesson in Federal Compliance from the Chemical Industry
Honeywell's Jon Harmon says the industry's response to CFATS provides a model for compliance with stringent federal security requirements
Read more
----------
Microsoft Security On Display at RSA
CSO Senior Editor Bill Brenner talks to Doug Leland, GM of Microsoft's security and identity business group, about what the software giant will roll out at next week's RSA conference.
Read more
----------
Twitter Worm(s)
Twitter worm copycats
...a Twitter worm exploiting an XSS vulnerability in Twitter's profile page. Besides the "original" worm that was supposedly written by a teenager Mike Mooney there are some copycats out.
Twitter wrestles with fourth worm attack Another worm attack early on Monday kept the Twitter micro-blogging Web service chasing down infected accounts and deleting rogue tweets. Read more...
----------
Conficker.E
We’ve seen some activity in the Conficker space in the past two days and this has caused some questions from customers. Specifically, there have been reports of two possible new variants of Conficker. Our colleagues over at the Microsoft Malware Protection Center (MMPC) have done a thorough analysis of both of these and have determined that there’s really only one new variant, which they’re calling Conficker.E. Most importantly, the signatures that protect against Conficker.A are also effective at protecting against Conficker.E. The other possible new variant is only a slightly modified version of Conficker.D and our Conficker.D signatures protect against it. Also, our virus encylopedia entry for Conficker.D has been updated to include information about this slightly modified version.
1 in 5 Windows PCs still hackable by Conficker
----------
The History of the !exploitable Crash Analyzer
At the CanSecWest conference earlier this month we made our first public release of the !exploitable Crash Analyzer. While an upcoming white paper and the CanSecWest slide deck go into detail on the technology involved, we thought it might be useful to explore the history of the tool.
----------
Eight updates for Microsoft's forthcoming April Patch Tuesday
The hole in Excel will probably be fixed, but PowerPoint remains vulnerable. Redmond gives most patches a critical rating more…
----------
Paul McCartney's website hacked to distribute malware
----------
Report: U.S. power grid hit by hackers
Foreign spies have penetrated the U.S. power grid, and left behind malicious software that could be activated at a later date to disrupt the nation's electric system, The Wall Street Journal reported Wednesday.
The intruders, believed to be from China and Russia, likely hacked into the power grid over the course of several years so they could learn more about how the critical infrastructure works, the paper said.
U.S. intelligence officials -- not utility companies connected to the grid -- detected many of the compromises, which did not do any damage. The officials cautioned that there was no immediate threat but that if there was a war, the hackers may try to "turn on" the malware left behind.
----------
Survey: Financial crisis fuels identity theft fears
----------
Cyber spying a threat, and everyone is in on it AP - Thu Apr 9, 11:18 PM ET
Ghost hackers infiltrating the computers of Tibetan exiles and the U.S. electric grid have pulled the curtain back on 21st-century espionage as nefarious as anything from the Cold War — and far more difficult to stop.
----------
April 10, 2009 VMSA-2009-0006
VMware Hosted products and patches for ESX and ESXi resolve a critical security vulnerability
[more]
----------
Report: Security Tops IT Budget Priorities
New research from Robert Half International finds companies are still putting money into IT security projects, even when budgets are tight.
Read more
----------
Taking a Lesson in Federal Compliance from the Chemical Industry
Honeywell's Jon Harmon says the industry's response to CFATS provides a model for compliance with stringent federal security requirements
Read more
----------
Microsoft Security On Display at RSA
CSO Senior Editor Bill Brenner talks to Doug Leland, GM of Microsoft's security and identity business group, about what the software giant will roll out at next week's RSA conference.
Read more
----------
Twitter Worm(s)
Twitter worm copycats
...a Twitter worm exploiting an XSS vulnerability in Twitter's profile page. Besides the "original" worm that was supposedly written by a teenager Mike Mooney there are some copycats out.
Twitter wrestles with fourth worm attack Another worm attack early on Monday kept the Twitter micro-blogging Web service chasing down infected accounts and deleting rogue tweets. Read more...
----------
Conficker.E
We’ve seen some activity in the Conficker space in the past two days and this has caused some questions from customers. Specifically, there have been reports of two possible new variants of Conficker. Our colleagues over at the Microsoft Malware Protection Center (MMPC) have done a thorough analysis of both of these and have determined that there’s really only one new variant, which they’re calling Conficker.E. Most importantly, the signatures that protect against Conficker.A are also effective at protecting against Conficker.E. The other possible new variant is only a slightly modified version of Conficker.D and our Conficker.D signatures protect against it. Also, our virus encylopedia entry for Conficker.D has been updated to include information about this slightly modified version.
1 in 5 Windows PCs still hackable by Conficker
----------
The History of the !exploitable Crash Analyzer
At the CanSecWest conference earlier this month we made our first public release of the !exploitable Crash Analyzer. While an upcoming white paper and the CanSecWest slide deck go into detail on the technology involved, we thought it might be useful to explore the history of the tool.
----------
Eight updates for Microsoft's forthcoming April Patch Tuesday
The hole in Excel will probably be fixed, but PowerPoint remains vulnerable. Redmond gives most patches a critical rating more…
----------
Paul McCartney's website hacked to distribute malware
----------
Report: U.S. power grid hit by hackers
Foreign spies have penetrated the U.S. power grid, and left behind malicious software that could be activated at a later date to disrupt the nation's electric system, The Wall Street Journal reported Wednesday.
The intruders, believed to be from China and Russia, likely hacked into the power grid over the course of several years so they could learn more about how the critical infrastructure works, the paper said.
U.S. intelligence officials -- not utility companies connected to the grid -- detected many of the compromises, which did not do any damage. The officials cautioned that there was no immediate threat but that if there was a war, the hackers may try to "turn on" the malware left behind.
----------
Survey: Financial crisis fuels identity theft fears
----------
Cyber spying a threat, and everyone is in on it AP - Thu Apr 9, 11:18 PM ET
Ghost hackers infiltrating the computers of Tibetan exiles and the U.S. electric grid have pulled the curtain back on 21st-century espionage as nefarious as anything from the Cold War — and far more difficult to stop.
----------
Friday, April 10, 2009
Friday 04/10/09
China denies cyberattacks on U.S. power grid Malware attacks from China and Russia designed to shut down the U.S. electrical grid in a time of war did not occur, China said. Read more...
Power grid hackers probably got inside by attacking PCs, says researcher
The hackers who reportedly planted malware on key parts of the U.S. electrical grid, perhaps with the intent to cripple the country's power infrastructure, most likely gained access like any other cybercriminal -- by exploiting a bug in software such as Windows or Office, a security researcher said today.
----------
Microsoft warns of monster patch day next week
----------
Conficker cashes in, installs spam bots and scareware
The widespread worm finally reveals a money-making strategy and installs a fake security app.
Conficker, the Internet's No. 1 threat, gets an update
The Conficker worm is back in action and stumping security experts once again. One of the most craftily designed pieces of malware recently got an update and is finally starting to behave like other worms.
Conficker.E
We’ve seen some activity in the Conficker space in the past two days and this has caused some questions from customers. Specifically, there have been reports of two possible new variants of Conficker. Our colleagues over at the Microsoft Malware Protection Center (MMPC) have done a thorough analysis of both of these and have determined that there’s really only one new variant, which they’re calling Conficker.E.
----------
As expected, Facebook halts The Pirate Bay links
Facebook has ended its brief e-relationship with The Pirate Bay, the controversial BitTorrent search engine.
The Pirate Bay added a "Share on Facebook" button around two weeks ago to its site that allowed its users to post links to small information files, called torrents, on Facebook. The torrents are used to download audio, video and other content via the BitTorrent peer-to-peer (P2P) file-sharing network.
Facebook is now blocking those so-called bookmarklets as well as any links from The Pirate Bay, said Peter Sunde, of The Pirate Bay. The development was first reported by the file-sharing blog TorrentFreak.
...
----------
Making The Most Of Open Source Forensics Tools
Apr 10,2009
Emerging offerings can turn network forensics into a low-cost, do-it-yourself security project
Network forensic solutions products come in many different shapes, sizes, and price ranges, but it the end, they all have the same goal -- recording activity on the network. As IT budgets tighten with the economy, it might be time for your organization to take a closer look at a do-it-yourself approach to forensics that leverages free and open source tools.
----------
Wireshark 1.0.7 released
In case you hadn't noticed yet, they've updated one of our favorite tools, Wireshark. The new version includes some security fixes in several of the protocol dissectors (including LDAP). For the Mac fans, there is also an experimental package for MacOS X 10.5.5 and above.
----------
April 10, 2009
VMSA-2009-0006
VMware Hosted products and patches for ESX and ESXi resolve a critical security vulnerability
----------
Taliban, terrorists love Great Satan's great servers
about 4 hours ago - by Julian Sanchez Posted in: Law & Disorder
Here's an odd endorsement of US Internet infrastructure: American Web-hosting services are good enough and cheap enough that even the Taliban prefers them.
Read more
----------
Study: frequent IMs with your boss make you more productive
a day ago - by Jacqui Cheng Posted in: The Web
Workers who maintain online connections to their bosses produce more than those who don't, according to new research from MIT and IBM. This could be because those who don't "know" their bosses as well feel directionless, though people should be careful going overboard with those social communications.
Read more
----------
TSA Begins Checking Passengers for Secure Flight
The Transportation Security Administration within the Department of Homeland Security announced that it will now take over the responsibility for checking airline passenger information against government watch list. In October of last year, the Department of Homeland Security announced the Final Regulations for the Secure Flight program. All airlines were required to collect date of birth and gender from customers and provide this information to the TSA for watchlist verification.
TSA's Secure Flight Begins Vetting Passengers, DHS Press Release, March 31, 2009
----------
Sweden's tax authorities are cracking down on unreported webcam stripper income. They estimate that hundreds of Swedish women are dodging the law, resulting in a tax loss of about 40m Swedish kronor (£3.3m) annually. The search involves tax officials examining stripper websites, hours upon hours, for completely legitimate purposes. A slightly disheveled project leader said 200 Swedish strippers had been investigated so far, adding the total could be as much as 500. "They are young girls, we can see from the photos. We think that perhaps they are not well informed about the rules," he said.
Read More...
----------
Want To Get A Sense Of Just How Complex And Confusing Copyright Law Really Is?
Michael Scott points us to an article concerning the Library of Congress issuing a report on how copyright law applies to libraries who possess unpublished audio works recorded prior to 1972. The problem, you see, is that no one was exactly sure whether or not these recordings were actually covered by copyright law. The real problem, though, becomes pretty clear pretty quickly as you read through the article: copyright law is a house of cards. We just keep layering new rules on top of old rules, and figure the courts will sort out the places where they contradict, overlap or confuse. But that leaves a ton of uncertainty in a variety of situations -- including this particular one. It should be a simple question: if a library is in possession of an unpublished sound recording from before 1972, what's the copyright status? But the mess that is copyright law makes it such that it's hardly an easy question at all -- and actually requires an 85-page report from the Library of Congress to go through all of the nuances. And then your everday individual is expected to understand what is "right" and "wrong" in copyright law?
----------
A new report from Microsoft says that 97 percent of all email is spam, reflecting the degree to which email systems worldwide are swamped with the messages.
----------
Survey finds that SMBs often lack basic security
Angela Moscaritolo April 10, 2009
Despite being aware of the importance of security, small-to-medium-size businesses (SMBs) generally are not protecting their networks, according to a survey released Thursday by Symantec.
----------
Fix for Excel zero-day may be coming from Microsoft
Dan Kaplan April 09, 2009
Microsoft is planning to deliver eight patches -- including one that addresses a security threat in Excel -- to users next week.
----------
Microsoft report shows scareware, file-fomat bugs on rise
Dan Kaplan April 08, 2009
So-called scareware programs top the list of internet threats, according to Microsoft's sixth Security Intelligence Report.
----------
Cable Sabotage Cripples Internet for Parts of Silicon Valley
Deliberate sabotage is being blamed for a sizable internet and telephone service outage Thursday in Silicon Valley.
At 1:30 a.m., someone opened a manhole cover on a railroad right-of-way in San Jose, climbed down and cut four AT&T fiber optic cables. A second AT&T cable, and a Sprint cable, were cut in the same manner two hours later, farther north in San Carlos.
Service for Sprint, Verizon and AT&T customers in the southern San Francisco Bay Area has been lost, according to the San Francisco Chronicle. Police departments have put more units on the street, because nobody can call 9-1-1.
A much smaller Comcast outage affecting around 4,500 customers in San Jose began at around 1:00 p.m. Pacific time. Spokesman Andrew Johnson says the company is investigating the cause.
Update: AT&T is offering a $100,000 reward for information leading to the arrest and conviction of the vandal.
----------
Withered Rose…law done come and got him
I’m originally from down south and a local expression suddenly came back to me tonight. We had this crazy guy named George, lived a couple of houses down the road, always doing really strange things. I remember my uncle stopped by the house one day and said, “You know Ole George…law done come and got him.” Not a word, just nods. We all figured it was just a matter of time.
We’ve reported on Withered Rose here and here. Time Magazine has more on him here.
Well, for some reason, Withered Rose decided to start DDoS attacks on his fellow Chinese hackers at Hackbase, HackerXFiles and 3800hk. Speculation points toward website blackmail, which Rose and his gang have been notorious for in the past. Needless to say, the victims didn’t take very kindly to this sort of hacker-on-hacker violence.
What is kind of surprising, is that the hacker organizations he decided to attack turned over all of their evidence to the Public Security Department. According to the report from Hackbase, Withered Rose’s website has been shut down by authorities and he faces 7 1/2 years in jail…
----------
Computer Hackers Make Mega Millions From Mega Churches
http://www.nationalcybersecurity.com/blogs/881/Computer-Hackers-Make-Mega-Millions-From-Mega-Churches.html
...
In August 2008, the professionals at LIGATT Security International discovered a message that was posted by computer hackers in an unidentified hacker chat room referencing a Black Enterprise magazine article that detailed the affluence of African American mega churches and their Bishops. In this chat room, a hacker was quoted saying, “I’ve been hacking churches for years and have never been caught. I have full access to over one hundred churches and sell their members’ names and addresses to illegal Mexican immigrants for their identities at $10 a pop.”
Although the security guards and off duty police officers heavily monitor the physical property of most mega churches, these professionals often focus solely on securing cash donations. Rarely do they consider that once the debit and credit card information is entered into the computer, all a computer hacker must do is open their laptop and attack.
“One of the problems with mega churches is that they trust IT professionals to protect their computer systems, not realizing that they are not computer security professionals”, says Gregory Evans, CEO of LIGATT Security International and Certified Ethical Hacker. “Furthermore, what we have seen at many mega churches are IT professionals that began as volunteers. These individuals were usually computer enthusiasts who volunteered when the church was small and later inherited their position as the church continued to grow. Whatever the case may be, it is important for churches to understand that IT professionals are not equipped to handle computer security”, Evans reveals.
...
----------
Russian President warns of foreign threat to 'Net security
Foreign investors in Internet companies pose a potential threat to national security, Russian...
----------
W32/Winemmem - Know Your Enemy
Thursday April 9, 2009 at 4:25 pm CST
Do you remember what the first goal of file infector distribution is? It is demand. Without demand, infected files may never be downloaded by end users. What is the second goal? To stay undetected by most AV products. A week ago we found a new file infector that fits the bill.
Nowadays, instead of relying on mass mailing, malware authors are specifically attacking individual companies producing popular software. We’ve been contacted by several software development companies with a similar issue - suspected malware on their machines. Somebody noticed that hashes calculated for setup installers and packages distributed to million of customers were different from what they should have originally been.
...
----------
Power grid hackers probably got inside by attacking PCs, says researcher
The hackers who reportedly planted malware on key parts of the U.S. electrical grid, perhaps with the intent to cripple the country's power infrastructure, most likely gained access like any other cybercriminal -- by exploiting a bug in software such as Windows or Office, a security researcher said today.
----------
Microsoft warns of monster patch day next week
----------
Conficker cashes in, installs spam bots and scareware
The widespread worm finally reveals a money-making strategy and installs a fake security app.
Conficker, the Internet's No. 1 threat, gets an update
The Conficker worm is back in action and stumping security experts once again. One of the most craftily designed pieces of malware recently got an update and is finally starting to behave like other worms.
Conficker.E
We’ve seen some activity in the Conficker space in the past two days and this has caused some questions from customers. Specifically, there have been reports of two possible new variants of Conficker. Our colleagues over at the Microsoft Malware Protection Center (MMPC) have done a thorough analysis of both of these and have determined that there’s really only one new variant, which they’re calling Conficker.E.
----------
As expected, Facebook halts The Pirate Bay links
Facebook has ended its brief e-relationship with The Pirate Bay, the controversial BitTorrent search engine.
The Pirate Bay added a "Share on Facebook" button around two weeks ago to its site that allowed its users to post links to small information files, called torrents, on Facebook. The torrents are used to download audio, video and other content via the BitTorrent peer-to-peer (P2P) file-sharing network.
Facebook is now blocking those so-called bookmarklets as well as any links from The Pirate Bay, said Peter Sunde, of The Pirate Bay. The development was first reported by the file-sharing blog TorrentFreak.
...
----------
Making The Most Of Open Source Forensics Tools
Apr 10,2009
Emerging offerings can turn network forensics into a low-cost, do-it-yourself security project
Network forensic solutions products come in many different shapes, sizes, and price ranges, but it the end, they all have the same goal -- recording activity on the network. As IT budgets tighten with the economy, it might be time for your organization to take a closer look at a do-it-yourself approach to forensics that leverages free and open source tools.
----------
Wireshark 1.0.7 released
In case you hadn't noticed yet, they've updated one of our favorite tools, Wireshark. The new version includes some security fixes in several of the protocol dissectors (including LDAP). For the Mac fans, there is also an experimental package for MacOS X 10.5.5 and above.
----------
April 10, 2009
VMSA-2009-0006
VMware Hosted products and patches for ESX and ESXi resolve a critical security vulnerability
----------
Taliban, terrorists love Great Satan's great servers
about 4 hours ago - by Julian Sanchez Posted in: Law & Disorder
Here's an odd endorsement of US Internet infrastructure: American Web-hosting services are good enough and cheap enough that even the Taliban prefers them.
Read more
----------
Study: frequent IMs with your boss make you more productive
a day ago - by Jacqui Cheng Posted in: The Web
Workers who maintain online connections to their bosses produce more than those who don't, according to new research from MIT and IBM. This could be because those who don't "know" their bosses as well feel directionless, though people should be careful going overboard with those social communications.
Read more
----------
TSA Begins Checking Passengers for Secure Flight
The Transportation Security Administration within the Department of Homeland Security announced that it will now take over the responsibility for checking airline passenger information against government watch list. In October of last year, the Department of Homeland Security announced the Final Regulations for the Secure Flight program. All airlines were required to collect date of birth and gender from customers and provide this information to the TSA for watchlist verification.
TSA's Secure Flight Begins Vetting Passengers, DHS Press Release, March 31, 2009
----------
Sweden's tax authorities are cracking down on unreported webcam stripper income. They estimate that hundreds of Swedish women are dodging the law, resulting in a tax loss of about 40m Swedish kronor (£3.3m) annually. The search involves tax officials examining stripper websites, hours upon hours, for completely legitimate purposes. A slightly disheveled project leader said 200 Swedish strippers had been investigated so far, adding the total could be as much as 500. "They are young girls, we can see from the photos. We think that perhaps they are not well informed about the rules," he said.
Read More...
----------
Want To Get A Sense Of Just How Complex And Confusing Copyright Law Really Is?
Michael Scott points us to an article concerning the Library of Congress issuing a report on how copyright law applies to libraries who possess unpublished audio works recorded prior to 1972. The problem, you see, is that no one was exactly sure whether or not these recordings were actually covered by copyright law. The real problem, though, becomes pretty clear pretty quickly as you read through the article: copyright law is a house of cards. We just keep layering new rules on top of old rules, and figure the courts will sort out the places where they contradict, overlap or confuse. But that leaves a ton of uncertainty in a variety of situations -- including this particular one. It should be a simple question: if a library is in possession of an unpublished sound recording from before 1972, what's the copyright status? But the mess that is copyright law makes it such that it's hardly an easy question at all -- and actually requires an 85-page report from the Library of Congress to go through all of the nuances. And then your everday individual is expected to understand what is "right" and "wrong" in copyright law?
----------
A new report from Microsoft says that 97 percent of all email is spam, reflecting the degree to which email systems worldwide are swamped with the messages.
----------
Survey finds that SMBs often lack basic security
Angela Moscaritolo April 10, 2009
Despite being aware of the importance of security, small-to-medium-size businesses (SMBs) generally are not protecting their networks, according to a survey released Thursday by Symantec.
----------
Fix for Excel zero-day may be coming from Microsoft
Dan Kaplan April 09, 2009
Microsoft is planning to deliver eight patches -- including one that addresses a security threat in Excel -- to users next week.
----------
Microsoft report shows scareware, file-fomat bugs on rise
Dan Kaplan April 08, 2009
So-called scareware programs top the list of internet threats, according to Microsoft's sixth Security Intelligence Report.
----------
Cable Sabotage Cripples Internet for Parts of Silicon Valley
Deliberate sabotage is being blamed for a sizable internet and telephone service outage Thursday in Silicon Valley.
At 1:30 a.m., someone opened a manhole cover on a railroad right-of-way in San Jose, climbed down and cut four AT&T fiber optic cables. A second AT&T cable, and a Sprint cable, were cut in the same manner two hours later, farther north in San Carlos.
Service for Sprint, Verizon and AT&T customers in the southern San Francisco Bay Area has been lost, according to the San Francisco Chronicle. Police departments have put more units on the street, because nobody can call 9-1-1.
A much smaller Comcast outage affecting around 4,500 customers in San Jose began at around 1:00 p.m. Pacific time. Spokesman Andrew Johnson says the company is investigating the cause.
Update: AT&T is offering a $100,000 reward for information leading to the arrest and conviction of the vandal.
----------
Withered Rose…law done come and got him
I’m originally from down south and a local expression suddenly came back to me tonight. We had this crazy guy named George, lived a couple of houses down the road, always doing really strange things. I remember my uncle stopped by the house one day and said, “You know Ole George…law done come and got him.” Not a word, just nods. We all figured it was just a matter of time.
We’ve reported on Withered Rose here and here. Time Magazine has more on him here.
Well, for some reason, Withered Rose decided to start DDoS attacks on his fellow Chinese hackers at Hackbase, HackerXFiles and 3800hk. Speculation points toward website blackmail, which Rose and his gang have been notorious for in the past. Needless to say, the victims didn’t take very kindly to this sort of hacker-on-hacker violence.
What is kind of surprising, is that the hacker organizations he decided to attack turned over all of their evidence to the Public Security Department. According to the report from Hackbase, Withered Rose’s website has been shut down by authorities and he faces 7 1/2 years in jail…
----------
Computer Hackers Make Mega Millions From Mega Churches
http://www.nationalcybersecurity.com/blogs/881/Computer-Hackers-Make-Mega-Millions-From-Mega-Churches.html
...
In August 2008, the professionals at LIGATT Security International discovered a message that was posted by computer hackers in an unidentified hacker chat room referencing a Black Enterprise magazine article that detailed the affluence of African American mega churches and their Bishops. In this chat room, a hacker was quoted saying, “I’ve been hacking churches for years and have never been caught. I have full access to over one hundred churches and sell their members’ names and addresses to illegal Mexican immigrants for their identities at $10 a pop.”
Although the security guards and off duty police officers heavily monitor the physical property of most mega churches, these professionals often focus solely on securing cash donations. Rarely do they consider that once the debit and credit card information is entered into the computer, all a computer hacker must do is open their laptop and attack.
“One of the problems with mega churches is that they trust IT professionals to protect their computer systems, not realizing that they are not computer security professionals”, says Gregory Evans, CEO of LIGATT Security International and Certified Ethical Hacker. “Furthermore, what we have seen at many mega churches are IT professionals that began as volunteers. These individuals were usually computer enthusiasts who volunteered when the church was small and later inherited their position as the church continued to grow. Whatever the case may be, it is important for churches to understand that IT professionals are not equipped to handle computer security”, Evans reveals.
...
----------
Russian President warns of foreign threat to 'Net security
Foreign investors in Internet companies pose a potential threat to national security, Russian...
----------
W32/Winemmem - Know Your Enemy
Thursday April 9, 2009 at 4:25 pm CST
Do you remember what the first goal of file infector distribution is? It is demand. Without demand, infected files may never be downloaded by end users. What is the second goal? To stay undetected by most AV products. A week ago we found a new file infector that fits the bill.
Nowadays, instead of relying on mass mailing, malware authors are specifically attacking individual companies producing popular software. We’ve been contacted by several software development companies with a similar issue - suspected malware on their machines. Somebody noticed that hashes calculated for setup installers and packages distributed to million of customers were different from what they should have originally been.
...
----------
Monday, April 6, 2009
Monday 04/06/09
Vendors Deserve Some Conficker Credit
I planned to make this a column about how the security vendors and PR flaks blew things way out of proportion with Conficker. I was ready to take them to task for predicting an Internet meltdown at the hands of what is no doubt the most prolific piece of malware we've seen in some time.
Instead, I feel the need to give them a little credit for showing more restraint than they've shown in the past.
Make no mistake about it: There was plenty of vendor-generated FUD circulating on this one, and my e-mail inbox was flooded with gems that included a pitch on how one vendor will show how easily Conficker can take down a virtual network at the upcoming RSA security conference.
"The virtualized data center presents an especially fertile habitat for Conficker because of the lack of visibility and control present within the virtualized environment," the e-mail pitch warned. "Communication between VMs on an ESX server doesn't touch the physical network, making it invisible to traditional network monitoring tools and unprotected by physical network security devices. As a result, it is easy for worms like Conficker to spread quickly in this environment."
Oh yeah, and don't forget to buy said vendor's virtual firewall. It's the first firewall of its kind, after all.
...
----------
New: Security Tool, Template & Policy Library
Sample policies with expert commentary; templates and checklists for security, business continuity, risk assessment and more. (Contributions and commentary welcome!)
Read more
----------
AP launches campaign against Internet "misappropriation"
about an hour ago - by Julian Sanchez Posted in: Law & Disorder
AP announces an aggressive new initiative to clamp down on "misappropriation" of news content—a concept that goes well beyond copyright.
Read more
----------
Web site host and domain name registrar Register.com has been the target of a sustained attack this week, disrupting service for thousands of customers.
The attacks began on Wednesday, causing a three-hour outage for many Web sites that rely on the company for hosting and/or use the company's domain name system (DNS) servers, said Roni Jacobson, executive vice president at Register.com.
Jacobson declined to say whether Register.com had received any extortion demands.
Permalink
----------
SWOT Matrix for Describing Security Posture
"Be brief, for no discourse can please when too long." Miguel de Cervantes
"When I try to be brief, I become obscure." Quintus Horatius Flaccus
----------
Elevator Pitch for Explaining Security Risks to Executives
... those pitches that catch your attention have a few characteristics in common:
They are brief. The listener has a limited attention span.
They are specific. The issues they bring up are easy to understand and visualize.
They differentiate. The speaker clarifies what his issue different from the rest.
They empathize with the listener. The listener needs to know why he should care.
They have a clear ending point. The speaker clarifies at the end what he wants the listener to do.
----------
Vulnerabilities in several security products
ClamAV, F-Prot and IBM's Proventia scanning engine are found to be vulnerable to being bypassed or exposed to a denial of service more…
----------
Security vulnerability in PowerPoint
Microsoft has warned of a vulnerability in PowerPoint that can be exploited with a specially crafted presentation file more…
----------
Windows 7 users can downgrade to XP
Mary Jo Foley: Microsoft and its PC partners are going to allow Windows 7 users to downgrade not just to Windows Vista, but also to Windows XP, Microsoft officials are confirming.
----------
IT failure contributes to UK bank collapse
Michael Krigsman: A failed business strategy involving a large IT blunder contributed to the collapse of Scotland's largest customer-owned lender, the Dunfermline Building Society.
New Neeris worm variant imitates spread methods of Conficker
Dan Kaplan April 06, 2009
The Conficker worm has not just infected millions of computers worldwide, but it also is serving as a model for other malware.
----------
I planned to make this a column about how the security vendors and PR flaks blew things way out of proportion with Conficker. I was ready to take them to task for predicting an Internet meltdown at the hands of what is no doubt the most prolific piece of malware we've seen in some time.
Instead, I feel the need to give them a little credit for showing more restraint than they've shown in the past.
Make no mistake about it: There was plenty of vendor-generated FUD circulating on this one, and my e-mail inbox was flooded with gems that included a pitch on how one vendor will show how easily Conficker can take down a virtual network at the upcoming RSA security conference.
"The virtualized data center presents an especially fertile habitat for Conficker because of the lack of visibility and control present within the virtualized environment," the e-mail pitch warned. "Communication between VMs on an ESX server doesn't touch the physical network, making it invisible to traditional network monitoring tools and unprotected by physical network security devices. As a result, it is easy for worms like Conficker to spread quickly in this environment."
Oh yeah, and don't forget to buy said vendor's virtual firewall. It's the first firewall of its kind, after all.
...
----------
New: Security Tool, Template & Policy Library
Sample policies with expert commentary; templates and checklists for security, business continuity, risk assessment and more. (Contributions and commentary welcome!)
Read more
----------
AP launches campaign against Internet "misappropriation"
about an hour ago - by Julian Sanchez Posted in: Law & Disorder
AP announces an aggressive new initiative to clamp down on "misappropriation" of news content—a concept that goes well beyond copyright.
Read more
----------
Web site host and domain name registrar Register.com has been the target of a sustained attack this week, disrupting service for thousands of customers.
The attacks began on Wednesday, causing a three-hour outage for many Web sites that rely on the company for hosting and/or use the company's domain name system (DNS) servers, said Roni Jacobson, executive vice president at Register.com.
Jacobson declined to say whether Register.com had received any extortion demands.
Permalink
----------
SWOT Matrix for Describing Security Posture
"Be brief, for no discourse can please when too long." Miguel de Cervantes
"When I try to be brief, I become obscure." Quintus Horatius Flaccus
----------
Elevator Pitch for Explaining Security Risks to Executives
... those pitches that catch your attention have a few characteristics in common:
They are brief. The listener has a limited attention span.
They are specific. The issues they bring up are easy to understand and visualize.
They differentiate. The speaker clarifies what his issue different from the rest.
They empathize with the listener. The listener needs to know why he should care.
They have a clear ending point. The speaker clarifies at the end what he wants the listener to do.
----------
Vulnerabilities in several security products
ClamAV, F-Prot and IBM's Proventia scanning engine are found to be vulnerable to being bypassed or exposed to a denial of service more…
----------
Security vulnerability in PowerPoint
Microsoft has warned of a vulnerability in PowerPoint that can be exploited with a specially crafted presentation file more…
----------
Windows 7 users can downgrade to XP
Mary Jo Foley: Microsoft and its PC partners are going to allow Windows 7 users to downgrade not just to Windows Vista, but also to Windows XP, Microsoft officials are confirming.
----------
IT failure contributes to UK bank collapse
Michael Krigsman: A failed business strategy involving a large IT blunder contributed to the collapse of Scotland's largest customer-owned lender, the Dunfermline Building Society.
Dunfermline made several key strategic blunders with respect to this project:
- Selecting a software vendor’s unproven product for a mission critical application
- Paying insufficient attention to substantial project risks
- Relying on the promise of customization to backfill functionality gaps in the off-the-shelf software
- Most significantly, becoming distracted away from the organization’s core banking business by attempting to convert itself into a specialized software vendor
New Neeris worm variant imitates spread methods of Conficker
Dan Kaplan April 06, 2009
The Conficker worm has not just infected millions of computers worldwide, but it also is serving as a model for other malware.
----------
Friday, April 3, 2009
Friday 04/03/09
Cybersecurity bill seeks to give president new powers over private-sector networks A cybersecurity bill introduced in the U.S. Senate would enable the president to shut down critical infrastructure networks during security emergencies. But that provision is drawing fire from critics. Read more...
----------
Simple test to see if you are infected from Conficker:
http://www.confickerworkinggroup.org/infection_test/cfeyechart.html
----------
Senators introduce bill to limit mobile spam
----------
Internet traffic plummets in Sweden after antipiracy law takes effect
----------
Attackers exploit critical PowerPoint vulnerability
'We missed this bug,' Microsoft admits, but doesn't commit to a patch
----------
Conficker.c controls 4% of all infected PCs, IBM says
----------
Three Spammers Sentenced in US for Advance Fee Fraud PC World - Fri Apr 3, 8:40 AM ET
Two Nigerians and a Frenchman were sentenced to prison Thursday for swindling people out of more than US$1.2 million in a massive e-mail scam, the U.S. Department of Justice said.
----------
FBI: Internet Fraud Rates Rose 33% Last Year
Internet fraud complaints to the FBI by consumers increased more than 33 percent in 2008 over the previous year, according to figures released this week.
Some 275,284 complaints were filed last year with the Internet Crime Complaint Center (IC3), a partnership between the FBI and the National White Collar Crime Center. In 2007, the IC3 received 206,844 complaints.
The report shows that the nation's capital appears to be home to the largest concentration of online con artists in the country. The District of Columbia ranks #1, just ahead of Nevada and Washington State, in terms of online fraud perpetrators per 100,000 residents, the IC3 found.
Permalink
----------
Senate bill would give feds bigger cybersecurity role in private sector
----------
AT&T lobbyist urges more government coordination of cybersecurity efforts
----------
iPhone OS 3.0 beta successfully jailbroken
----------
DNS Providers Under Attack
Register.com issues are causing lots of issues across the web. One reader told us, "We are struggling to keep our websites available. DNS is the problem. We are being told by Register.com that the April 1 issues are affecting them. It sounds like they are being DOS'd and are filtering certain ISPs from querying them." Another reader said, "Register.com's DNS servers have gone offline for the second time in 24 hours. They were down yesterday from about 15:45 - 18:45 and just went down again today at about 14:30 (all times EST)."
----------
Microsoft Security Advisory 969136
This advisory contains information regarding public reports of a vulnerability in Microsoft Office PowerPoint that could allow for remote code execution if a user opens a specially crafted PowerPoint file.
At this time, we are aware only of limited and targeted attacks that attempt to use this vulnerability. If you suspect that you were target for such an attack, you can scan your computer with the Windows Live OneCare safety scanner. The malicious PPT files are detected as Exploit:Win32/Apptom.gen. Microsoft will take the appropriate action to protect our customers, which may include providing a solution through our monthly security update release process, or an out-of-cycle security update, depending on customer needs.
----------
Technology: VLC 0.9.9, The Best Media Player Just Got Better on Friday April 03, @12:23PM
Matt Asay points out a recent update to VLC as they narrow in on a 1.0 release. Already a favorite of many, the open source project has made great strides in recent history towards really solidifying the position as best-in-class. This update, 0.9.9, fixes several display bugs and sees some definite performance improvements.
"If you've yet to try VLC, do so. Whether you just want to play media files or also want to convert them, VLC can handle just about anything you throw at it. When all other media players fail, whether on Windows, Linux, or the Mac, VLC will almost always deliver. You can download VLC media player 0.9.9 here. It's open source, but that's not why you'll want to keep using it. You'll use it because it's better than its proprietary peers — by a long stretch.
Read More...
----------
----------
Simple test to see if you are infected from Conficker:
http://www.confickerworkinggroup.org/infection_test/cfeyechart.html
----------
Senators introduce bill to limit mobile spam
----------
Internet traffic plummets in Sweden after antipiracy law takes effect
----------
Attackers exploit critical PowerPoint vulnerability
'We missed this bug,' Microsoft admits, but doesn't commit to a patch
----------
Conficker.c controls 4% of all infected PCs, IBM says
----------
Three Spammers Sentenced in US for Advance Fee Fraud PC World - Fri Apr 3, 8:40 AM ET
Two Nigerians and a Frenchman were sentenced to prison Thursday for swindling people out of more than US$1.2 million in a massive e-mail scam, the U.S. Department of Justice said.
----------
FBI: Internet Fraud Rates Rose 33% Last Year
Internet fraud complaints to the FBI by consumers increased more than 33 percent in 2008 over the previous year, according to figures released this week.
Some 275,284 complaints were filed last year with the Internet Crime Complaint Center (IC3), a partnership between the FBI and the National White Collar Crime Center. In 2007, the IC3 received 206,844 complaints.
The report shows that the nation's capital appears to be home to the largest concentration of online con artists in the country. The District of Columbia ranks #1, just ahead of Nevada and Washington State, in terms of online fraud perpetrators per 100,000 residents, the IC3 found.
Permalink
----------
Senate bill would give feds bigger cybersecurity role in private sector
----------
AT&T lobbyist urges more government coordination of cybersecurity efforts
----------
iPhone OS 3.0 beta successfully jailbroken
----------
DNS Providers Under Attack
Register.com issues are causing lots of issues across the web. One reader told us, "We are struggling to keep our websites available. DNS is the problem. We are being told by Register.com that the April 1 issues are affecting them. It sounds like they are being DOS'd and are filtering certain ISPs from querying them." Another reader said, "Register.com's DNS servers have gone offline for the second time in 24 hours. They were down yesterday from about 15:45 - 18:45 and just went down again today at about 14:30 (all times EST)."
----------
Microsoft Security Advisory 969136
This advisory contains information regarding public reports of a vulnerability in Microsoft Office PowerPoint that could allow for remote code execution if a user opens a specially crafted PowerPoint file.
At this time, we are aware only of limited and targeted attacks that attempt to use this vulnerability. If you suspect that you were target for such an attack, you can scan your computer with the Windows Live OneCare safety scanner. The malicious PPT files are detected as Exploit:Win32/Apptom.gen. Microsoft will take the appropriate action to protect our customers, which may include providing a solution through our monthly security update release process, or an out-of-cycle security update, depending on customer needs.
----------
Technology: VLC 0.9.9, The Best Media Player Just Got Better on Friday April 03, @12:23PM
Matt Asay points out a recent update to VLC as they narrow in on a 1.0 release. Already a favorite of many, the open source project has made great strides in recent history towards really solidifying the position as best-in-class. This update, 0.9.9, fixes several display bugs and sees some definite performance improvements.
"If you've yet to try VLC, do so. Whether you just want to play media files or also want to convert them, VLC can handle just about anything you throw at it. When all other media players fail, whether on Windows, Linux, or the Mac, VLC will almost always deliver. You can download VLC media player 0.9.9 here. It's open source, but that's not why you'll want to keep using it. You'll use it because it's better than its proprietary peers — by a long stretch.
Read More...
----------
Subscribe to:
Posts (Atom)