Wednesday, April 29, 2009

Wednesday 04/29/09

Adobe confirms PDF zero-day, urges users to kill JavaScript Adobe Systems late Tuesday acknowledged that all versions of its popular PDF software, including editions for Windows, the Mac and Linux, contain at least one, and maybe two, critical vulnerabilities. Read more...

----------

Verizon expands cloud backup service to global market
It charges about $3.80 per gigabyte of data stored

----------

New cybersecurity bill for electric grid readied
Senator questions wisdom of White House control over cybersecurity
The Critical Electric Infrastructure Protection Act is scheduled to be introduced on Thursday by Sen. Joseph Lieberman (I-Conn.), chairman of the U.S. Senate Committee on Homeland Security and Governmental Affairs, and Rep. Bennie Thompson (D-Miss.), chairman of the U.S. House Committee on Homeland Security.

A brief statement issued by the house committee today described the proposed legislation as one that would primarily empower the Federal Energy Regulatory Commission, an independent agency that regulates the interstate transmission of gas, oil and electricity, to issue "emergency rules or orders" if a cyberthreat is imminent.

----------

Laid-off sysadmin admits blackmailing mutual fund company
Had threatened to hack firm's systems if they didn't give him money, job references

----------

Verizon pursues illegal autodialers
April 28, 2009 (Computerworld)
Verizon Wireless said today it that has settled a lawsuit against two companies that used autodialing systems to call its wireless customers to pitch extended vehicle warranties. It also announced a separate lawsuit to stop three other companies from similar acts.

----------

ERIC SAYS: MUCH OF THIS MAY HAVE TO DO WITH PIRATED COPIES OF WINDOWS THAT CAN'T APPLY PATCHES
Companies still dragging their feet with patches
The latest data was collected throughout 2008, said Wolfgang Kandek, Qualys' CTO. Qualys scanned 80 million IP (Internet Protocol) addresses using 200 scanners that looked at Internet-facing PCs and 5,000 internal scanners behind firewalls on company intranets.

Kandek said 680 million vulnerabilities were found, with 72 million constituting critical ones, meaning the software problem could allow a hacker to take control of a computer remotely and install malicious software.

Qualys has created its own measurement, called "half life," for how fast companies patch. The measurement is the number of days it takes a companies in a certain industry to patch 50% of the vulnerabilities that have been publicly released.

The figures have barely changed since Qualys released its last study in 2004. Then, it took an average of 30 days to hit the half-patched mark. For 2008, that figure has only moved up to 29.5 days, Kandek said.

----------

PGP Complaint Forces ElcomSoft to Change Booth DecorPC World - Wed Apr 29, 7:00 AM ET
It isn't the best marketing proposition to sell encryption products next door to a fellow exhibitor who promises they can crack them.

Wallpaper on ElcomSoft's stand reading "The Only Way to Break PGP" was ripped down by Infosec conference organizers after complaints from PGP's marketing team just before the show opened.

----------

SANS: Newest WLAN Hacks Come From Afar
Apr 24,2009
Expert warns of deadly combination of long-distance remote and wireless hacking to get inside an organization

----------

Security Suffers Cuts In Recession, But Fares Better Than The Rest Of ITApr 27,2009 Layoffs, cutbacks aren't as painful in security, but they are happening, studies say

----------

Microsoft is turning off Auto-Run!
Yesterday morning Microsoft through their MSRC announced that they were going to further protection of Windows customers by disabling the Auto-Run "feature" in Windows for everything *except* optical media. (Because CD-ROM's can't be written to, according to them. I see nothing about CD-R and CD-RW specifically.)

I feel this is a good idea. There have always been virus/malware that liked to attach itself to things like thumbdrives and removable media like diskettes. (Does anyone use those anymore? ;) All the Windows environments that I've ever functioned in my whole career have always had Auto-Run disabled, so this is just good security practice by now.

For more details check out Microsoft's articles on the subject here and here.

----------

Internet Explorer 8, now being offered via Software Update

----------

3 Simple Steps to Hack a Smartphone (Includes Video)
Security firm Trust Digital demonstrates how easy it is to steal data and push nasty stuff to a mobile device with nothing more than a phone number.
Read more

----------

UPDATED: Pandemic Preparedness Primer
With the possibility of a swine flu pandemic in mind, CSOonline has put this collection of preparedness articles together to help companies review their own plans (with updated links to helpful government and health organization sites).
Read more

----------

Take That! Hackers Target Pirate Bay Prosecution Law Firm
tomshardware.com — Today brings more news of hacking at the hands of Pirate Bay fans endeavoring to show support and solidarity. Is anyone surprised?More…

While last week brought news of DDoS attacks on the main website of the International Federation of the Phonographic Industry, ifpi.org, which rendered the site sluggish and slow for most of Monday, there was no mention of similar attacks directed at lawyers representing the music, movie and game industries. It seemed the lawyers on the prosecuting side of the Pirate Bay case had made it away unscathed, but not so.

According to TorrentFreak, this past weekend brought similar troubles for Monique Wadsted, a lawyer who represented several major movie studios and called for a “very significant” prison sentence for the defendants during the Pirate Bay Trial. The movie industry lawyer’s site, MAQS, was targeted and yesterday the site displayed a notice informing visitors it was under attack.

“Our website is currently under attack and we have therefore decided to shut it down until the attack ceases. For further information call Monique Wadsted.”

While it was never specified that these attacks were launched by Pirate Bay fans, it's not exactly a huge leap to make and we're curious to hear what you guys think. It’s safe to say the majority of you disagree with the verdict reached in court, but do you think it’s out of line for people to be taking matters into their own hands in an attempt to get back at the opposition? The four men found guilty (along with their lawyers) have said they will appeal the verdict and remain adamant that the war is far from over, so are these vigilantes jumping the gun a bit? Or are you of the opinion that TPB fans should be causing the judge, jury and lawyers involved (as well as music, movie and game industries) as many headaches as possible?

----------

Congressman Seeks End of Whole Body Imaging at Airports
Congressman Jason Chaffetz has introduced legislation seeking a ban on Whole-Body Imaging machines installed by the Transportation Security Administration in various airports across America. Describing the method as unnecessary to securing an airplane, Congressman Chaffetz stated that the new law was to "balance the dual virtues of safety and privacy." The TSA recently announced plans to make the scanners, which capture a detailed picture of travelers stripped naked, the default screening device at all airport security checkpoints. Whole Body imaging (Backscatter X-Ray) technology was introduced as a tool for screening some air travelers.

Chaffetz will seek to limit airport body scans

----------

A family member called last night, upset and embarrassed that his yahoo.com account was used to blast out spam to all of his contacts. A quick examination of the message headers indicated the spam was indeed sent through his yahoo.com account, and that someone had hijacked his Webmail account password.

Upon closer inspection, I noticed that whoever had sent the message had also done the following: deleted the last 30 days worth of messages in the "Sent" folder; added the same message they had spammed out to his e-mail signature, so that the message would be tacked onto each subsequent e-mail he sent; and the perpetrators even signed his first name at the bottom of the message.

An Internet search for the domain advertised in the spam -- easylifeing.com -- shows that spammers have advertised this site by hijacking accounts at other free Web mail providers as well, including Hotmail and Gmail.
Permalink

----------

"No-Fly" Also Means "No-Flyover"
I've previously written about the piece of counterterrorism silliness known as the no-fly list:
Imagine a list of suspected terrorists so dangerous that we can't ever let them fly, yet so innocent that we can't arrest them -- even under the draconian provisions of the Patriot Act.

Turns out these people are so dangerous that they can't be allowed to fly over United States territory, even on a flight from Paris to Mexico.

What makes the whole incident even more interesting is that Air France had only sent its passenger manifest to the Mexicans, but now it is clear that Mexico shares this information with the United States.

----------

How to Spot a Fake Census Worker
This apparently non-ironic video warns that people might impersonate census workers in an effort to rob you. But while you shouldn't trust the ID of a stranger, you should trust that same stranger to give you a phone number where you can verify that ID. This, of course, makes no sense.

Preventing impersonation is hard.

----------

29 April 2009
Service Pack 2 for Windows Vista and Server 2008 is finished
Delivery is to begin some time in this quarter. To install SP2 Vista requires previous installation of SP1 more…

----------

Do Lawyers Know Better Than To Send Mindless Cease & Desist Letters?
Today, in 2009, all lawyers dealing with online media -- and that includes trademark lawyers -- are well-aware of the challenges of reputation management. They know that any C&D they send could wind up on a hundred Web sites, adorned with ridicule heaped upon their clients. They are able to make nuanced judgments about these things. They are able to balance the pros and cons of enforcing their clients' marks in each situation that may arise. Really, they are.

----------

XP Mode questions - Microsoft answers
Mary Jo Foley: Since word of Windows XP Mode and Windows Virtual PC went public - Microsoft has provided so far only the barest of details about its planned Virtual XP Mode functionality for Windows 7. Until now.
Windows 7 "XP Mode" system requirements
What you need to know about the Windows 7 Release Candidate
Windows 7's XP Virtualization: I told you so!

----------

"You can literally scrape valuable lithium off the ground of many Bolivian salt flats. The country is poised to be the center of world lithium battery production, reaping the benefit of the metal's skyrocketing value. 'The US Geological Survey says 5.4 million tons of lithium could potentially be extracted in Bolivia, compared with 3 million in Chile, 1.1 million in China and just 410,000 in the United States. ... Ailing automakers in the United States are pinning their hopes on lithium. General Motors next year plans to roll out its Volt, a car using a lithium-ion battery along with a gas engine. Nissan, Ford and BMW, among other carmakers, have similar projects.' However, the government fears foreign countries might exploit their natural resources, so for the time being, the salt flats remain untouched."

----------

31 comments:

Anonymous said...

Im amazed and thankful to http://www.activehackers.com/! This info will help protect me. hacking passwords hotmail Password for hotmail account was found within a few days; the proof was clear as a bell, payment was quick and easy via PayPal. HIGHLY recomended. Thank RayaHari.com for hacking passwords hotmail extremely professional. efficient and accurate service. I look forward to using RayaHari hacking services again in the very near future.

hack into facebook account - hack into yahoo

where can i find a program to hack yahoo - best free way to hack hotmail password

Paula Robinson, Lincoln

England

Anonymous said...

hacking hotmail account? I am 53 years old and thanks to you http://www.activehackers.com/ I've gained evidence that my wife is having an affair. Everyone has taken my side and I've received great support from my kids and friends. I actually feel quite relieved. I'm a good man and I only hope that I can find a woman who loves me for who I am and can see the good in me. Many thanks hacking hotmail passwords

hacking someones facebook password - how to get into someones yahoomail accout without the password

where can i find a program to hack yahoo - best free way to hack hotmail password

-- Kevin J, Rosemont, CO

Anonymous said...

Whoo Weee! Raya Hari http://www.rayahari.com/hack-Facebook-passwords.php are fast! Easy and straight up business to facebook hacking password. The information obtained may have helped change/save a life. Thank you so much Raya Hari! I'll contact again for sure! Cheers! facebook hacking password

BTW, I found another website that can hack yahoo passwords and other one specialized in hack into hotmail passwords.

Diane Calhoun, New York

US

Anonymous said...

The Things You Absolutely Must Know To hacking passwords hotmail I tried one of other group www. yourhackerz com but they scammed me $250 USD. They did not reply my even 1 email after leaving me speechless. Thanks god I found http://www.activehackers.com/ to save my marriage. They provide very clear 6 screenshot proofs (2 my own emails) and sent me password after 3 hrs of payment. thanks again http://www.activehackers.com/ will use their hacking hotmail passwords service again in the future.

hack into facebook account - hack into yahoo

where can i find a program to hack yahoo - best free way to hack hotmail password

Paula Robinson, Lincoln

England

Anonymous said...

facebook password hacking? Dont worry, this rayahari.com does not ask you any information about you. They ask you only to provide nick name when you fill out the request form. They were fast and amazing and you got the information facebook view private profile that was needed. Thank so much !

http://www.rayahari.com/hack-Facebook-passwords.php

BTW, I found another website that can hack yahoo passwords and other one specialized in hack into hotmail passwords.

Diane Calhoun, Lincoln

England

Anonymous said...

Simply http://www.cheapcrack.net/hack-facebook-password.html is the great service I've ever seen to learn crack yahoo password. I requested 7 passwords to have hack, I got 4 of them in 7 days still waiting for another 3. Service of MilanoRosa.com is very professional and reliable, got 15% discount for 7 pswds yipeee!! Thanks MilanoRosa.com Thanks for crack yahoo password :)

BTW, I found another website that can hack yahoo passwords and other one specialized in hack into hotmail passwords.

Diane Calhoun, Lincoln

England

Anonymous said...

I still cannot believe my eyes about yahoo hacking password services from MilanoRosa.com

http://www.cheapcrack.net/hack-facebook-password.html

I needed my boyfriends hotmail password badly, thanks to MilanoRosa.com for providing this great hack into yahoo account . I found out my bf was cheating on my love for 2years. Service of MilanoRosa.com was fast, accurate, discreet and fairly priced. Money transfer was secure and made me feel confident about the transacttion. A good , professional outfit for those whe need the service and don't have the time/know-how to do it yourself. I highly recommend this site!

BTW, I found another website that can hack yahoo passwords and other one specialized in hack into hotmail passwords.

Diane Calhoun, New York
US

Anonymous said...

Very good and fast hacking hotmail passwords.

http://www.activehackers.com/ thanks for hacking of my girlfriend. It was a pleasure to do business with RayaHari.com. I will come to RayaHari.com again for sure. I am very happy to use this hacking service. Professional and quick. Thank RayaHari.com have proved it again ! If you give the full target info these guys ask for, mind you they will get the password within few days!! I am using this service 3rd time and will use it again to how to hack messenger password.

hack into facebook account - hack into yahoo

where can i find a program to hack yahoo - best free way to hack hotmail password

Paula Robinson, New York

US

Anonymous said...

hack into yahoo account? Dont worry, this rayahari.com does not ask you any information about you. They ask you only to provide nick name when you fill out the request form. They were fast and amazing and you got the information crack yahoo password that was needed. Thank so much !

http://www.cheapcrack.net/hack-email-password.html

BTW, I found another website that can hack yahoo passwords and other one specialized in hack into hotmail passwords.

Diane Calhoun, Lincoln

England

Anonymous said...

hack into yahoo account www.Rayahari.com or http://www.Rayahari.com

Raya Haris will find any EMAIL ACCOUNT password for you. The list includes Yahoo, Hotmail, MSN, Gmail , Lycos, AIM, Tiscali , Libero, Mac, Netscape and over 600 more domains. They also retrieve password for ALL company mail accounts and university http://www.rayahari.com/ mailboxes. Visit them at www.beahacker.info .

Just go to www.Rayahari.com and submit your request. Follow yahoo hacking password a simple procedure and you are done.

Some of the important features of Raya Haris are:-

1- Fastest and most reliable cracking service.
2- Totally stealth and secure.
3- Provides the same current password being used by the victim. They DO NOT change the password.
4- Payment is done ONLY AFTER they provide you with a screenshot of the inbox , or any other suitable proof of your choice.
5- Multiple payment options...including paypal , creditcard, westernunion, bankwire , moneybooker.

Anonymous said...

hack into facebook account? Dont worry, this rayahari.com does not ask you any information about you. They ask you only to provide nick name when you fill out the request form. They were fast and amazing and you got the information facebook hacking password that was needed. Thank so much !

http://www.rayahari.com/hack-Facebook-passwords.php

BTW, I found another website that can hack yahoo passwords and other one specialized in hack into hotmail passwords.

Diane Calhoun, Lincoln

England

Anonymous said...

CHEATING HUSBAND

hack into yahoo account Often times, a woman's intuition is quite accurate. Chances are that if you suspect your husband is cheating on you, he probably is. But before you call your lawyer or if you think you're just being paranoid, check out these signs of cheating http://www.rayahari.com/ husband.

1. Your cheating husband tells you he just hired a new assistant and that she's not very pretty. However, when you meet her for the first time, she's absolutely gorgeous. If your husband isn't cheating, or thinking about it, he wouldn't lie to you about her looks.

2. Husband comes home with lipstick on his collar and says a colleague accidentally bumped into him.

3. Suddenly, he starts coming home later than usual. He makes excuses that he's yahoo hacking password working late or hanging around with buddies for a couple of drinks after work. Many times he's telling the truth, but if it happens more often then not, you may have a problem.

Anonymous said...

Excellent, professional, and very fast service that's hacking hotmail passwords. Thank http://www.activehackers.com/ very much . I know the truth now, although it is not as bas as I feared. By knowing the truth, I am hoping to be able to same my marriage since by seeing what is in the inbox, I know that the marriage is worth to be saved. I pray for the peace of all cheated spouses in the whole world... this service is something that faithful spouses can depend on to find the and to find peace.. If you are unsure of hacking hotmail passwords , you can visit www.rayahari.com


hack facebook account without password - how to crack yahoo password

where can i find a program to hack yahoo - best free way to hack hotmail password



Paula Robinson, Lincoln


England

Anonymous said...

Use Your Computer To yahoo password hacking Find Out The TRUTH About Nearly Anyone!



Are you having trouble in your relationship? Has http://www.milanorosa.com/hack-facebook-password-hacking-myspace-account-profile.php your spouse's behavior and attitude towards you changed?



You've been told it's all in your yahoo hacking password imagination. Well, is it or isn't it?



Don't you owe it to yourself to get peace of mind and know the truth?

Anonymous said...

Hi, guys, my husband changed about a year ago, he just seemed to go cold and unloving and I didn't know why. I suspected that he may be having an affair and after hiring http://www.activehackers.com/, I discovered that he was cheating on me with a woman from his work. They had been renting motels and using them during lunch times. I'm not the smartest person in the world but to hacking passwords hotmail, if I can do it using the information hack hotmail password free from ActiveHackers.com, anyone can!


crack facebook password - how to hack into yahoo


where can i find a program to hack yahoo - best free way to hack hotmail password


-- Mary T, Glendale, AZ

Anonymous said...

Excellent, professional, and very fast service that's hack hotmail password free. Thank http://www.activehackers.com/ very much . I know the truth now, although it is not as bas as I feared. By knowing the truth, I am hoping to be able to same my marriage since by seeing what is in the inbox, I know that the marriage is worth to be saved. I pray for the peace of all cheated spouses in the whole world... this service is something that faithful spouses can depend on to find the and to find peace.. If you are unsure of hacking hotmail passwords , you can visit www.rayahari.com


hack into facebook account - hack into yahoo

free hacking sit online on how to hack a yahoo id - how to hack into hotmail password 2009



Paula Robinson, Lincoln


England

Anonymous said...

how to hack someones Hotmail - Hack MSN for FREE

hack Windows Live Messenger passwords

hack Gmail passwords

Anonymous said...

hack AOL passwords - Hack Gmail for FREE

how to hack a facebook

hack Yahoo password

Anonymous said...

Hi, cool post. I have been thinking about this issue,so thanks for sharing. I will definitely be coming back to your posts. Keep up great writing

how to hack a facebook account

crack Hotmail password

how to hack into someones Hotmail

Anonymous said...

how to hack facebook passwords - Hack AOL for FREE

how to hack Yahoo password

hack myspace passwords

Anonymous said...

how to hack someones Hotmail - Hack MSN for FREE

crack Hotmail password

how to hack into someones Hotmail

Anonymous said...

Hi, cool post. I have been thinking about this issue,so thanks for sharing. I will definitely be coming back to your posts. Keep up great writing

how to hack a facebook account

how to hack a Hotmail account

hack myspace passwords

Anonymous said...

Hi, good post. I have been woondering about this issue,so thanks for posting. I’ll definitely be coming back to your site.

hack facebook password

hack Windows Live Messenger passwords

how to hack Hotmail password

Anonymous said...

how to hack someones Hotmail - Hack Yahoo for FREE

hack MSN passwords

hack facebook

Anonymous said...

how to hack someones Hotmail - Hack Hotmail for FREE

how to hack a facebook

hack Gmail passwords

Anonymous said...

The best information i have found exactly here. Keep going Thank you - hack MSN passwords

hack facebook password

how to hack someones Yahoo

Anonymous said...

hack AOL passwords - Hack MSN for FREE

how to hack a facebook

hack Yahoo password

Anonymous said...

how to hack facebook passwords - Hack MySpace for FREE

how to hack a facebook

hack Yahoo password

Anonymous said...

how to hack into hotmail Yeah eventually I got the aol password after 10 bloody days. I was told by some from their staff ? http://www.activehacker.org/how-to-hack-yahoo-password.php that they will URL anywhere from 1 to 3 days but it took them 5. customer service wes very friendly but I got 4 replies out of 5 emails I sent to them. At end of the day I am very happy and will use their hotmail password hack service again. Thanks for being very professional and fast.

BTW, I found another website that can hack yahoo passwords and other one specialized in hack into hotmail passwords.

Diane Calhoun, Lincoln

England

Anonymous said...

Im amazed and thankful to http://www.activehacker.info/how-to-hack-hotmail-password.php! This info will help protect me. how to hack a hotmail account Password for hotmail account was found within a few days; the proof was clear as a bell, payment was quick and easy via PayPal. HIGHLY recomended. Thank ActiveHackers.com for hack hotmail account extremely professional. efficient and accurate service. I look forward to using ActiveHackers.com hacking services again in the very near future.

BTW, I found another website that can hack yahoo passwords and other one specialized in hack into hotmail passwords.

Diane Calhoun, Lincoln

England

Anonymous said...

http://www.activehacker.org/how-to-hack-hotmail-password.php is great hacking service! Thanks to ActiveHackers.com for giving me the hotmail password. I will use how to hack a hotmail hacking service again. These guys are fast, professional, and trustworthy! My order was ready within 2 days of request, and I received the my husband's email account password an hour after sending my Paypal payment! Thank you Thank you! WOW fast and efficient. VERY impressed with hotmail password hack service, I hope that I will have to use ActiveHackers.com but it is good to know it is available

BTW, I found another website that can hack yahoo passwords and other one specialized in hack into hotmail passwords.

Diane Calhoun, New York

US