Pirate parties parade through Prague, Paris
June 29, 12:35 a.m. UTC - by Nate Anderson Posted in: Law & Disorder
After the electoral success of Sweden's Pirate Party earlier this month, Pirate Parties are a-popping in Europe. The newest ones have appeared in France and the Czech Republic over the last few weeks.
Read more
----------
Technology Company NSN Aids Iran's Repressive Regime?
Nokia Siemens Network (NSN), a joint venture of Nokia of Finland, and Siemens of Germany, designed and built a telecommunications system for Iran that allows monitoring and interception of communications of Iranians. There are conflicting messages from the company on whether the technology allows for the monitoring of data communications supported by social networking services. NSN's code of conduct commits the company to upholding "freedom from arbitrary detention; execution or torture; freedom of peaceful assembly and association; freedom of thought, conscience and religion; and freedom of opinion and expression." However, NSN sales material on the technology sold to Iran claims that it can be used to monitor and intercept "all types of voice and data communication on all networks."
Technology, Business, & Democratic Rights in Iran, Jason MacLean & Chip Pitts, CRS Law Blog
EPIC on June 25, 2009 9:43 AM
Permanent link to this item.
----------
Job Seekers: Get Ready for the 'Character' Interview
Employers are looking hard at a candidate's character to break ties among equally qualified candidates.
Read more
----------
Ex-DHS Cyber Chief Tapped as President of ICANN
Former Department of Homeland Security cyber chief Rod A. Beckstrom has been tapped to be the new president of the Internet Corporation for Assigned Names and Numbers (ICANN), the California based non-profit, which oversees the Internet's address system.
Most recently, Beckstrom was director of the National Cyber Security Center -- an organization created to coordinate security efforts across the intelligence community. Beckstrom resigned that post in March, citing a lack of funding and authority.
Permalink
----------
Protecting Against the Snatched Laptop Data Theft
Almost two years ago, I wrote about my strategy for encrypting my laptop. One of the things I said was:
There are still two scenarios you aren't secure against, though. You're not secure against someone snatching your laptop out of your hands as you're typing away at the local coffee shop. And you're not secure against the authorities telling you to decrypt your data for them.
Here's a free program that defends against that first threat: it locks the computer unless a key is pressed every n seconds.
Honestly, this would be too annoying for me to use, but you're welcome to try it.
Posted on June 29, 2009 at 6:51 AM
----------
"The European Commission is confident that all major cellphone companies have reached an agreement on a standard cellphone charger for consumers within the EU. 'People will not have to throw away their charger whenever they buy a new phone,' said EU Industry Commissioner Guenter Verheugen. Nokia, Sony Ericsson, Motorola, Apple, LG, NEC, Qualcomm, Research in Motion, Samsung and Texas Instruments have all signed the agreement."
Read More...
----------
FTP login credentials at major corporations breached
Greg Masters June 26, 2009
A trojan has reportedly been uncovered that is harvesting FTP login data of major corporations, including the Bank of America, BBC, Amazon, Cisco, Monster.com, Symantec and McAfee.
----------
Pirate Bay Unveils YouTube-Like Site
This is not your parents’ YouTube.
This is VideoBay, a YouTube-like service without the worries and hassles of those annoying copyright takedown notices.
And if you haven’t guessed by now, behind the service is The Pirate Bay. The new site, according to its operators, is in “beta extreme.”
“Don’t expect anything to work at all,” a message on the site reads.
The announcement of the “beta extreme” version of VideoBay comes as the four founders of the Pirate Bay face a year in prison following their April convictions for facilitating copyright infringement at the world’s most notorious BitTorrent tracker. ThePirate Bay told TorrentFreak “that there is still a lot of work to do behind the scenes. The encoder is not finished yet and he design is also a work in progress.”
----------
Consumer Groups Want Deep Packet Inspection HearingsIranian projests used for network neutrality debate...
01:01PM Monday Jun 29 2009 by Karl Bode
----------
Firefox Aims to Unplug Scripting Attacks
By Robert LemosMonday, June 29, 2009
How websites can block code from unknown sources.
Sites that rely on user-created content can unwittingly be employed to attack their own users via JavaScript and other common forms of Web code. This security issue, known as cross-site scripting (XSS), can, for example, allow an attacker to access a victim's account and steal personal data.
Now the makers of the Firefox Web browser plan to adopt a strategy to help block the attacks. The technology, called Content Security Policy (CSP), will let a website's owner specify what Internet domains are allowed to host the scripts that run on its pages.
...
----------
90 data breaches in 2008: What went wrong
Data breaches continue to plague organizations in virtually every industry. Since 2004, the Verizon...
----------
Symantec culls user data to spot unsafe programs
Symantec is to use the 'wisdom of the crowds' and introduce reputation-based security in the next...
----------
Generic Rootkit.d Strikes Again in New Variant
Monday June 29, 2009 at 5:32 am CST
Posted by Rachit Mathur
A few days ago I got a chance to look at a recent variant of the DNSChanger.ad. It drops a common rootkit that is mostly associated with FakeAlert and DNSChanger Trojans. Over a period of time the dropped sys file names have changed from tdss*.sys to seneka*.sys to skynet*.sys and so on. Our memory detection and cleaning for this rootkit is Generic Rootkit.d. The techniques of this threat are well known now. It basically uses inline hooks on IofCallDriver, IofCompleteRequest, NtFlushInstructionCache, NtEnumerateKey, etc. This Trojan removes permissions from its registry entries as well.
The malware has a hidden sys file in the system32\drivers directory with a name like skynet*.sys. One can use a rootkit analysis tool or just windbg to restore the inline hooks installed by the malware. Even though the malicious file is no longer hidden after hook restoration, the malware can recreate the file after its deletion. It is common that malware try to “watch” or recreate their components but the curious thing was that File Monitor (filemon) did not show any activity and other API-tracing approaches also didn’t point to anything that could explain the rebirth of this file.
...
----------
Most Parents Ignore Parental Controls for Kids
80% of parents surveyed admit they don't activate software parental controls, despite their kids' unsupervised surfing, McAfee reports.
----------
US, Russia in dispute over computer attacks: report
AFP – Sat Jun 27, 11:05 pm ET
WASHINGTON (AFP) - Less than two weeks before President Barack Obama's visit to Moscow, the United States and Russia cannot agree how to counter the growing threat of cyberwar attacks that could wreak havoc on computer systems and the Internet, according to The New York Times.
----------
US government blocks imports of Sharp TVs
IDG News Service - The U.S. International Trade Commission today issued a decision that blocks U.S. imports of LCD panels and LCD televisions made by Sharp, ruling that the company violated a patent held by rival Samsung Electronics.
----------
skip to main |
skip to sidebar
Rather than an introspective blog, I will use this location to gather all the news stories that apply to security professionals.
No comments:
Post a Comment