Friday 05/22/09

Malware knocks out U.S. Marshals Service network Malware on Wednesday crippled Windows-based computer systems at the U.S. Marshals Service, which hunts federal fugitives and operates the country's witness protection program, knocking the agency’s network offline. Read more...

----------

Guilty plea for man behind creative E-Trade scam
Michael Largent, 23, of Plumas Lake, Calif. pleaded guilty Thursday to computer fraud charges in connection with the scam, which ran between November 2007 and May 2008.

Largent's arrest was widely covered on the Internet last May, where it was likened to so-called Salami Slicing scams depicted in movies such as Superman III and Office Spaces.

----------

Twitter hit with phishing attacks
Twitter users who thought friends were directing them to a "funny blog" Thursday ended up experiencing something completely different: a phishing scam.

Twitter was hit by two different rounds of phishing Thursday, as criminals tried to take control of user accounts and then use them as a springboard to attack others.

----------

DNS attack downs Internet in parts of China
An attack on the servers of a domain registrar in China caused an online video application to cripple Internet access in parts of the country late on Wednesday.

Internet access was affected in five northern and coastal provinces after the DNS (domain name system) attack, which targeted just one company but caused unanswered information requests to flood China's telecommunications networks, China's IT ministry said in a statement on its Web site. The DNS is what computers use to find each other on the Internet.

The incident revealed holes in China's DNS that are "very strange" for such a big country, said Konstantin Sapronov, head of Kaspersky's Virus Lab in China.

----------

Conficker still infecting 50,000 PCs per day
The worm is infecting about 50,000 new PCs each day, according to researchers at Symantec, who reported Wednesday that the U.S., Brazil and India have been hit the hardest.. "Much of the media hype seems to have died down around Conficker/Downadup, but it is still out there spreading far and wide," Symantec said in a blog post.

----------

NebuAd closing doors after Internet privacy woes AP – Wed May 20, 5:11 pm ET
PHILADELPHIA - NebuAd Inc., a company that sought to target ads to consumers based on their online behavior, is going out of business after facing scrutiny over whether its technology infringed on the privacy of Internet surfers.

----------

Angered by Apple Delay, Hacker Posts Mac Java Attack PC World – Wed May 20, 4:30 pm ET
In an effort to draw attention to an long-standing security problem in Apple's Mac OS X operating system, a security researcher has posted attack code that exploits the flaw.

----------

Almost 30,000 Videos On YouTube Contain Comments With Links To A Malicious Web Page

----------

Half Of Social Networking Sites Keep Users' Photos After Deletion: Study

----------

19.7% of 2009 college grads who applied for work got a job
abcnews.go.com — In comparison, 51 percent of those graduating in 2007 and 26 percent of those graduating in 2008 who had applied for a job had one in hand by the time of graduation. More…

ERIC SAYS: I wonder what those unemployed but fully trained programmers are going to do while waiting for a job...

----------

Forbes reports on a new military-funded program aimed at leveraging an untapped resource: the population of geeky high school and college students in the US. The Cyber Challenge will create three new national competitions for high school and college students intended to foster a young generation of cybersecurity researchers. 'The contests will test skills applicable to both government and private industry: attacking and defending digital targets, stealing data, and tracing how others have stolen it. [...] The Department of Defense's Cyber Crime Center will expand its Digital Forensics Challenge, a program it has run since 2006, to include high school and college participants, tasking them with problems like tracing digital intrusions and reconstructing incomplete data sources. In the most controversial move, the SANS Institute, an independent organization, plans to organize the Network Attack Competition, which challenges students to find and exploit vulnerabilities in software, compromise enemy systems and steal data. Talented entrants may be recruited for cyber training camps planned for summer 2010, nonprofit camps run by the military and funded in part by private companies, or internships at agencies including the National Security Agency, the Department of Energy or Carnegie Mellon's Computer Emergency Response Team.'

----------

Where is Vista SP2?
Mary Jo Foley: Even though Microsoft seems increasingly reticent to say the "V" word (Vista), some users still do care. I've had several readers ask me when the Redmondians are going to release Vista SP2 on the Microsoft Download site.

----------

Instant Messenger Phishing
May 21, 2009
An MSN instant messenger phishing attack uses a personalized trick to deceive unsuspecting users.

----------

Cuomo Uses Craigslist To Bust Prostitution Ring... Still Blaming Craigslist

Following Craigslist's big announcement last week on the changes to how it handles "adult" ads, Andrew Cuomo angrily denounced the changes, claiming that several weeks before, "we informed Craigslist of an impending criminal case that implicated its website." It seems the details of that case have now become clear, as a prostitution ring that solely worked via Craigslist was busted by Cuomo. Yet, rather than recognize that the information on Craigslist allowed them to track down and arrest this crew, Cuomo is still lashing out at the site...

----------

Continental Sues Pilots Over Divorces
HOUSTON (CN) - Continental Airlines claims nine pilots got "sham divorces" from their wives to get their retirement money paid in lump sums to the women without retiring, and without really intending to split up.

----------

Experts offer tips to deal with Gumblar malware
Chuck Miller May 21, 2009
A number of security organizations are offering tips to deal with the Gumblar drive-by exploit, which is growing ever more pervasive.

----------

Report: Faulty Communications Imperil President
The U.S. Secret Service is asking for $34 million to help upgrade its communication system, and says that without the money the president’s life could be in danger, according to a news report.

The agency says that its communication system is incompatible with the White House communication system, resulting in a “dangerous gap” that could “prevent the attainment of the performance target of 100 percent protection.”

----------

…and boy are my arms tired
Hey guys, just got back from China and picked up a couple of books that should be of interest.
...
The second book is Internet Wars (Win the Internet, Win the Future) and the author is described as an internet researcher with a background in policy.

----------