A Great analysis of botnets, their means of communications and their characteristics:
http://www.secureworks.com/research/threats/topbotnets/?threat=topbotnets
From the article:
One template-based botnet (Warezov/Stration/Opnis) that was a major player six months ago has completely dropped off of the radar. Warezov was known for sending Chinese pump-and-dump stock spam. Perhaps it is no coincidence that in the same time frame that we stopped seeing Warezov spam/malware, the notorious spam kingpin Alan Ralsky was arrested and charged (among other things) with sending pump-and-dump stock spam for Chinese companies.
http://en.wikipedia.org/wiki/Alan_Ralsky
Interesting story.
Monday, April 14, 2008
Monday News Feed
Microsoft patched critical Windows bug in XP SP3 early A perplexing problem with a build of the still-unreleased XP Service Patch indicates that a significant vulnerability was patched in that unreleased code weeks before the fix was made available for other versions of Windows. Read more...
Presidential campaigns clueless about Net threats
Attacks begin against critical Patch Tuesday bug
Report: E-voting firms in hostile-takeover tussle
Using lasers to trigger lightning strikes
eurekalert.org — A team of European scientists has deliberately triggered electrical activity in thunderclouds for the first time. At the top of South Baldy Peak in New Mexico during two passing thunderstorms, the researchers used laser pulses to create plasma filaments that could conduct electricity akin to Benjamin Franklin's silk kite string.More… (Environment)
http://www.theagitator.com/2008/04/13/so-about-that-tree-of-liberty/
Tonight, a group of about 20 D.C.-area libertarians headed down to the Thomas Jefferson Memorial for some flash mob fun. The prank was harmless revelry: To ring in Jefferson’s birthday, we would meet on the steps of the memorial at 11:55pm, wearing iPods, then dance for about 10 minutes, capture the whole thing on video, and leave.
Courtney and I were about 10 minutes late, but by the time we arrived it was already over. The National Park Police broke the whole thing up just a few minutes in, punctuating their lack of a sense of humor by arresting one of the dancers (we’re keeping her name private at least until she’s released later this morning). She was cuffed, taken out to a paddy wagon, then booked and held at a Park Police station. Everyone I spoke with says there was no noise, there were no threats, and no laws broken (the park police I spoke with–including the arresting officer (who, oddly enough, denied to me that he was the arresting officer)–declined to say why she had been arrested).
The police refused to answer any questions, referring all calls to the communication number of the Park Police, which at this hour is closed. They also refused to give their badge numbers.
It appears that Symantec has raised the Threatcon to Level 2 this afternoon.
www.symantec.com/security_response/threatcon/index.jsp
It seems that their honeypots have sniffed out "In-the-Wild Exploit attempts" targeting the vulnerability identified in MS08-021 which allows remote code execution in GDI if a user opens a specially crafted EMF or WMF image file. Microsoft announced this in their latest super Tuesday release.
www.microsoft.com/technet/security/Bulletin/MS08-021.mspx
If you haven't already patched do so now and don't forget to remind your users not to open image files.
People and Security Rules
In this article analyzing a security failure resulting in live nuclear warheads being flown over the U.S., there's an interesting commentary on people and security rules:
Indeed, the gaff [sic] that allowed six nukes out over three major American cities (Omaha, Neb., Kansas City, Mo., and Little Rock, Ark.) could have been avoided if the Air Force personnel had followed procedure.
"Let's not forget that the existing rules were pretty tight," says Hans Kristensen, director of the Nuclear Information Project for the Federation of American Scientists. "Much of what went wrong occurred because people didn't follow these tight rules. You can have all sorts of rules and regulations, but they still won't do any good if the people don't follow them."
Procedures are a tough balancing act. If they're too lax, there will be security problems. If they're too tight, people will get around them and there will be security problems.
Posted on April 14, 2008 at 06:47 AM • 3 Comments •
View Blog Reactions
ClamAV Upack Processing Buffer Overflow Vulnerability
- Highly critical - From remote
Issued 5 hours ago.
Secunia Research has discovered a vulnerability in ClamAV, which can be exploited by malicious people to compromise a vulnerable system.
HP OpenView Network Node Manager Multiple Vulnerabilities - Less critical - From local networkIssued 3 hours ago. Some vulnerabilities have been reported in HP OpenView Network Node Manager, which can be exploited by malicious people to disclose certain information or cause a DoS (Denial of Service).
EMC DiskXtender Multiple Vulnerabilities - Moderately critical - From local networkIssued 3 days ago. Some vulnerabilities have been reported in EMC DiskXtender, which can be exploited by malicious people to bypass certain security restrictions or by malicious users to compromise a vulnerable system.
U.S. gov't pushes cybersecurity at con Robert Lemos, 2008-04-12 Top Bush Administration officials descend on the RSA Security Conference laying out their plans for protecting critical networks and giving a small taste of the latest national cyber exercise, Cyber Storm II.
"Undersea telecom cable operator Reliance Globalcom was able to use satellite images to identify two ships that dropped anchor in the wrong place, damaging submarine cables and knocking Middle East nations offline in early February. The company used satellite images to study the movements of the two ships, and shared the information with officials in Dubai, who impounded the two vessels. The NANOG list has a discussion of where Reliance might have obtained satellite images to provide that level of detail. Google News links more coverage of the developments."
Earlier this week, NASA made a course adjustment for its Phoenix Mars Lander which puts it on a path to land in "Green Valley" on the Red Planet late next month. The site was chosen for being a broad, flat expanse that is relatively free of rocks capable of damaging the lander when it sets down. The location will be confirmed pending further reconnaissance from an orbiting satellite. The probe's mission, which we've previously discussed, is to investigate subsurface ice. "The landing area is an ellipse about 62 miles by about 12 miles (100 kilometers by 20 kilometers). Researchers have mapped more than five million rocks in and around that ellipse, each big enough to end the mission if hit by the spacecraft during landing. Knowing where to avoid the rockier areas, the team has selected a scientifically exciting target that also offers the best chances for the spacecraft to set itself down safely onto the Martian surface."
Judge: law protects Comcast's "Good Samaritan" spam filters
A federal judge has dismissed serial spammer e360insight’s lawsuit against Comcast, saying that the ISP’s use of spam filters to block its unwanted missives was covered by the “Good Samaritan” provision of the sometimes-controversial Communications Decency Act.
April 13, 2008 - 05:45PM CT - by John Timmer
Presidential campaigns clueless about Net threats
Attacks begin against critical Patch Tuesday bug
Report: E-voting firms in hostile-takeover tussle
Using lasers to trigger lightning strikes
eurekalert.org — A team of European scientists has deliberately triggered electrical activity in thunderclouds for the first time. At the top of South Baldy Peak in New Mexico during two passing thunderstorms, the researchers used laser pulses to create plasma filaments that could conduct electricity akin to Benjamin Franklin's silk kite string.More… (Environment)
http://www.theagitator.com/2008/04/13/so-about-that-tree-of-liberty/
Tonight, a group of about 20 D.C.-area libertarians headed down to the Thomas Jefferson Memorial for some flash mob fun. The prank was harmless revelry: To ring in Jefferson’s birthday, we would meet on the steps of the memorial at 11:55pm, wearing iPods, then dance for about 10 minutes, capture the whole thing on video, and leave.
Courtney and I were about 10 minutes late, but by the time we arrived it was already over. The National Park Police broke the whole thing up just a few minutes in, punctuating their lack of a sense of humor by arresting one of the dancers (we’re keeping her name private at least until she’s released later this morning). She was cuffed, taken out to a paddy wagon, then booked and held at a Park Police station. Everyone I spoke with says there was no noise, there were no threats, and no laws broken (the park police I spoke with–including the arresting officer (who, oddly enough, denied to me that he was the arresting officer)–declined to say why she had been arrested).
The police refused to answer any questions, referring all calls to the communication number of the Park Police, which at this hour is closed. They also refused to give their badge numbers.
It appears that Symantec has raised the Threatcon to Level 2 this afternoon.
www.symantec.com/security_response/threatcon/index.jsp
It seems that their honeypots have sniffed out "In-the-Wild Exploit attempts" targeting the vulnerability identified in MS08-021 which allows remote code execution in GDI if a user opens a specially crafted EMF or WMF image file. Microsoft announced this in their latest super Tuesday release.
www.microsoft.com/technet/security/Bulletin/MS08-021.mspx
If you haven't already patched do so now and don't forget to remind your users not to open image files.
People and Security Rules
In this article analyzing a security failure resulting in live nuclear warheads being flown over the U.S., there's an interesting commentary on people and security rules:
Indeed, the gaff [sic] that allowed six nukes out over three major American cities (Omaha, Neb., Kansas City, Mo., and Little Rock, Ark.) could have been avoided if the Air Force personnel had followed procedure.
"Let's not forget that the existing rules were pretty tight," says Hans Kristensen, director of the Nuclear Information Project for the Federation of American Scientists. "Much of what went wrong occurred because people didn't follow these tight rules. You can have all sorts of rules and regulations, but they still won't do any good if the people don't follow them."
Procedures are a tough balancing act. If they're too lax, there will be security problems. If they're too tight, people will get around them and there will be security problems.
Posted on April 14, 2008 at 06:47 AM • 3 Comments •
View Blog Reactions
ClamAV Upack Processing Buffer Overflow Vulnerability
- Highly critical - From remote
Issued 5 hours ago.
Secunia Research has discovered a vulnerability in ClamAV, which can be exploited by malicious people to compromise a vulnerable system.
HP OpenView Network Node Manager Multiple Vulnerabilities - Less critical - From local networkIssued 3 hours ago. Some vulnerabilities have been reported in HP OpenView Network Node Manager, which can be exploited by malicious people to disclose certain information or cause a DoS (Denial of Service).
EMC DiskXtender Multiple Vulnerabilities - Moderately critical - From local networkIssued 3 days ago. Some vulnerabilities have been reported in EMC DiskXtender, which can be exploited by malicious people to bypass certain security restrictions or by malicious users to compromise a vulnerable system.
U.S. gov't pushes cybersecurity at con Robert Lemos, 2008-04-12 Top Bush Administration officials descend on the RSA Security Conference laying out their plans for protecting critical networks and giving a small taste of the latest national cyber exercise, Cyber Storm II.
"Undersea telecom cable operator Reliance Globalcom was able to use satellite images to identify two ships that dropped anchor in the wrong place, damaging submarine cables and knocking Middle East nations offline in early February. The company used satellite images to study the movements of the two ships, and shared the information with officials in Dubai, who impounded the two vessels. The NANOG list has a discussion of where Reliance might have obtained satellite images to provide that level of detail. Google News links more coverage of the developments."
Earlier this week, NASA made a course adjustment for its Phoenix Mars Lander which puts it on a path to land in "Green Valley" on the Red Planet late next month. The site was chosen for being a broad, flat expanse that is relatively free of rocks capable of damaging the lander when it sets down. The location will be confirmed pending further reconnaissance from an orbiting satellite. The probe's mission, which we've previously discussed, is to investigate subsurface ice. "The landing area is an ellipse about 62 miles by about 12 miles (100 kilometers by 20 kilometers). Researchers have mapped more than five million rocks in and around that ellipse, each big enough to end the mission if hit by the spacecraft during landing. Knowing where to avoid the rockier areas, the team has selected a scientifically exciting target that also offers the best chances for the spacecraft to set itself down safely onto the Martian surface."
Judge: law protects Comcast's "Good Samaritan" spam filters
A federal judge has dismissed serial spammer e360insight’s lawsuit against Comcast, saying that the ISP’s use of spam filters to block its unwanted missives was covered by the “Good Samaritan” provision of the sometimes-controversial Communications Decency Act.
April 13, 2008 - 05:45PM CT - by John Timmer
Private Information of 71,000 Patients Accidentally Exposed on WebSensitive details of approximately 71,000 Georgia patients were published on the web,... [read >>]
SAN FRANCISCO -- Malicious hackers beware: Computer security expert Joel Eriksson might already own your box.
Eriksson, a researcher at the Swedish security firm Bitsec, uses reverse-engineering tools to find remotely exploitable security holes in hacking software. In particular, he targets the client-side applications intruders use to control Trojan horses from afar, finding vulnerabilities that would let him upload his own rogue software to intruders' machines.
He demoed the technique publicly for the first time at the RSA conference Friday.
http://blog.wired.com/27bstroke6/
http://www.crime-research.org/news/14.04.2008/3309/
The closest thing the world of computer forensics has to the Ten Commandments is the guidance set down in the Association of Chief Police Officers' Good Practice Guide for Computer-Based Electronic Evidence. These guidelines, built around four main principles, are used as the basis for all criminal computer investigations. They are quite broad in scope, making recommendations regarding the correct handling of forensic data.
First, no action taken by law enforcement agencies or their agents should change data held on a computer or storage media which may subsequently be relied upon in court.
Second, in circumstances where a person finds it necessary to access original data held on a computer or storage media, that individual must be competent to do so and be able to give evidence explaining the relevance and the implications of their actions.
Third, an audit trail or other record of all processes applied to computer-based electronic evidence is essential. An independent third party should be able to examine those processes and achieve the same result.
Finally, there should be someone in charge of the investigation with overall responsibility for ensuring that the law and these principles are adhered to.
Saturday, April 12, 2008
Friday News Feed
Presidential campaigns clueless about Net threats The 2008 presidential campaigns are apparently clueless about cyberthreats that could harm the candidates' reputations and fund-raising or disclose sensitive information, a security researcher said Friday. Read more...
Bot breaks Hotmail's CAPTCHA in 6 seconds
Research fingers ActiveX, QuickTime as buggiest browser plug-ins
Attacks begin against critical Patch Tuesday bug
DHS offers first take on Cyber Storm exercise
Server problems, not hack, blacked out Lieberman site in '06, says FBI
Three different hackers found 'Pwn To Own' bug
IBM: The Security Business 'Has No Future' - 4/10/2008 4:30:00 PM IBM executive tells RSA attendees that the security business is dead – and sustainable business is the future
The Sleaze Still Found Its Way Through - 4/9/2008 8:20:00 PM Untangle's test of five filtering vendors results in lots of porn sites that were missed and many false positives
SecureWorks Unveils Research on Spamming Botnets - 4/9/2008 4:00:00 PM Research firm contends that newly revealed 'Kraken' bot army is actually an older botnet
Top Botnets Control One Million Hijacked Computers
Storm is a shadow of its former self, Kraken is just another name for Bobax and the biggest botnet goes by the mouthful of... 09-Apr-2008
RSA Conference: Web Page Can Take Over Your Router
Researcher Dan Kaminsky to show attendees of the RSA security conference how a Web-based attack could be used to seize control of certain routers. 07-Apr-2008
In Pictures: How to Spot an E-Mail Scam
Wonder whether the message announcing that you've received an e-card is legit? Or whether PayPal is really trying to contact you? Here's a visual guide to spotting malware, fraud, and other dirty tricks in your inbox.
Washington, D.C., Police to Connect 5,000 Surveillance Cameras
D.C. officials are giving police access to more than 5,000 closed-circuit TV cameras citywide that monitor traffic, schools and public housing — a move that will give the District one of the largest surveillance networks in the country. "The primary benefit of what we're doing is for public health and safety," said Darrell Darnell, director of the city's Homeland Security and Emergency Management Agency. But camera opponents counter that the devices are not an effective crime deterrent and can result in an intrusion on citizens' privacy. "When you look at [police] statistics, the first thing you noticed was that they don't account for displacement, where you put a camera up on one street and the drug dealer goes to the next street," said Melissa Ngo, senior counsel and director of the Identification and Surveillance Project at the District-based Electronic Privacy Information Center. "That is not cutting down on crime so much as moving it."
D.C. police set to monitor 5,000 cameras, Washington Times, April 9, 2008.
Posted by EPIC on April 11, 2008.Permanent link to this item.
EMC DiskXtender Multiple Vulnerabilities - Moderately critical - From local networkIssued 1 day ago. Some vulnerabilities have been reported in EMC DiskXtender, which can be exploited by malicious people to bypass certain security restrictions or by malicious users to compromise a vulnerable system.
U.S. still worries over hacker havensNews Brief, 2008-04-11In cybercrime prosecutions, attempts to follow the money run afoul of nations with lax rules.
"At the 2008 RSA security conference, Microsoft's David Cross was quoted as saying, 'The reason we put UAC into the platform was 'to annoy users. I'm serious.' The logic behind this statement is that it should encourage application vendors to eliminate as many unnecessary privilege escalations as possible by causing users to complain about all the UAC 'Cancel or Allow' prompts. Of course, they probably didn't expect that Microsoft would instead get most of the complaints for training users to ignore meaningless security warnings."
Adobe Flash Pwn2Own details released by ZDI...
McAfee discovers malware that targets Tibet supporters
Sue Marquette Poremba April 11, 2008
Two pro-Tibet websites were attacked with a malware that can attack local or remote databases linked to the user's computer, McAfee discovered.
IBM's Faster, Denser Memory
By Kate GreeneFriday, April 11, 2008
Researchers led by Stuart Parkin are developing a new type of memory chip that combines the benefits of magnetic hard drives and flash.
Music Label's Copyright Argument is Rubbish
Tossing it like a Frisbee is OK. The kids, cat and dog scratching the hell out of it is just fine.
But throwing away that CD is copyright infringement.
Bot breaks Hotmail's CAPTCHA in 6 seconds
Research fingers ActiveX, QuickTime as buggiest browser plug-ins
Attacks begin against critical Patch Tuesday bug
DHS offers first take on Cyber Storm exercise
Server problems, not hack, blacked out Lieberman site in '06, says FBI
Three different hackers found 'Pwn To Own' bug
IBM: The Security Business 'Has No Future' - 4/10/2008 4:30:00 PM IBM executive tells RSA attendees that the security business is dead – and sustainable business is the future
The Sleaze Still Found Its Way Through - 4/9/2008 8:20:00 PM Untangle's test of five filtering vendors results in lots of porn sites that were missed and many false positives
SecureWorks Unveils Research on Spamming Botnets - 4/9/2008 4:00:00 PM Research firm contends that newly revealed 'Kraken' bot army is actually an older botnet
Top Botnets Control One Million Hijacked Computers
Storm is a shadow of its former self, Kraken is just another name for Bobax and the biggest botnet goes by the mouthful of... 09-Apr-2008
RSA Conference: Web Page Can Take Over Your Router
Researcher Dan Kaminsky to show attendees of the RSA security conference how a Web-based attack could be used to seize control of certain routers. 07-Apr-2008
In Pictures: How to Spot an E-Mail Scam
Wonder whether the message announcing that you've received an e-card is legit? Or whether PayPal is really trying to contact you? Here's a visual guide to spotting malware, fraud, and other dirty tricks in your inbox.
Washington, D.C., Police to Connect 5,000 Surveillance Cameras
D.C. officials are giving police access to more than 5,000 closed-circuit TV cameras citywide that monitor traffic, schools and public housing — a move that will give the District one of the largest surveillance networks in the country. "The primary benefit of what we're doing is for public health and safety," said Darrell Darnell, director of the city's Homeland Security and Emergency Management Agency. But camera opponents counter that the devices are not an effective crime deterrent and can result in an intrusion on citizens' privacy. "When you look at [police] statistics, the first thing you noticed was that they don't account for displacement, where you put a camera up on one street and the drug dealer goes to the next street," said Melissa Ngo, senior counsel and director of the Identification and Surveillance Project at the District-based Electronic Privacy Information Center. "That is not cutting down on crime so much as moving it."
D.C. police set to monitor 5,000 cameras, Washington Times, April 9, 2008.
Posted by EPIC on April 11, 2008.Permanent link to this item.
EMC DiskXtender Multiple Vulnerabilities - Moderately critical - From local networkIssued 1 day ago. Some vulnerabilities have been reported in EMC DiskXtender, which can be exploited by malicious people to bypass certain security restrictions or by malicious users to compromise a vulnerable system.
U.S. still worries over hacker havensNews Brief, 2008-04-11In cybercrime prosecutions, attempts to follow the money run afoul of nations with lax rules.
"At the 2008 RSA security conference, Microsoft's David Cross was quoted as saying, 'The reason we put UAC into the platform was 'to annoy users. I'm serious.' The logic behind this statement is that it should encourage application vendors to eliminate as many unnecessary privilege escalations as possible by causing users to complain about all the UAC 'Cancel or Allow' prompts. Of course, they probably didn't expect that Microsoft would instead get most of the complaints for training users to ignore meaningless security warnings."
Adobe Flash Pwn2Own details released by ZDI...
McAfee discovers malware that targets Tibet supporters
Sue Marquette Poremba April 11, 2008
Two pro-Tibet websites were attacked with a malware that can attack local or remote databases linked to the user's computer, McAfee discovered.
IBM's Faster, Denser Memory
By Kate GreeneFriday, April 11, 2008
Researchers led by Stuart Parkin are developing a new type of memory chip that combines the benefits of magnetic hard drives and flash.
Music Label's Copyright Argument is Rubbish
Tossing it like a Frisbee is OK. The kids, cat and dog scratching the hell out of it is just fine.
But throwing away that CD is copyright infringement.
Wednesday, April 9, 2008
Wednesday News Feed
The April 2008 release contains 8 new bulletins, 5 of which have maximum severities of "Critical".
MS08-018 Vulnerability in Microsoft Project Could Allow Remote Code Execution (950183)
MS08-019 Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (949032)
MS08-020 Vulnerability in DNS Client Could Allow Spoofing (945553)
MS08-021 Vulnerabilities in GDI Could Allow Remote Code Execution (948590)
MS08-022 Vulnerability in VBScript and JScript Scripting Engines Could Allow Remote Code Execution (944338)
MS08-023 Security Update of ActiveX Kill Bits (948881)
MS08-024 Cumulative Security Update for Internet Explorer (947864)
MS08-025 Vulnerability in Windows Kernel Could Allow Elevation of Privilege (941693)
Symantec Chairman Calls for Information-Centric Approach to Security - 4/9/2008 9:00:00 AM Enterprises need to identify and protect sensitive information as it moves, Thompson says
DHS Chief Says Current Defenses 'Insufficient' to Handle Evolving Threats - 4/9/2008 5:00:00 AM Homeland Security secretary Michael Chertoff says federal government and industry need to do more
RSA Session Features Live Linksys Router Hack - 4/8/2008 5:05:00 PM Researcher Dan Kaminsky plans a live demo to show a DNS rebinding attack in action
RSA Conference: Web Page Can Take Over Your Router
Researcher Dan Kaminsky to show attendees of the RSA security conference how a Web-based attack could be used to seize control of certain routers. 07-Apr-2008
Coviello: Security's a Drag on Business - 4/8/2008 1:20:00 PM RSA exec says more than 80% of businesses have shied away from innovation due to security concerns
Cisco, RSA Partner to Secure Data in Motion, at Rest - 4/7/2008 5:00:00 PM Partnership leverages data loss prevention framework unveiled by RSA last week
April 08, 2008 Judge attacks child porn delays
http://www.crime-research.org/news/08.04.2008/3301/
More Privacy, Security Breaches at UCLA Medical Center
California first lady Maria Shriver is among more than 30 celebrities and other high-profile patients who had their confidential records breached at UCLA Medical Center, medical officials said. The woman responsible, whose name was not released, is the same employee who sneaked into actress Farrah Fawcett's medical records, officials told the Los Angeles Times on Sunday. That worker was fired in May 2007 after UCLA learned of the widespread breaches, but patients were not notified, the hospital said. In all, the woman improperly looked at 61 patients' medical records in 2006 and 2007, according to state and local medical officials.
More Snooping Into UCLA Medical Records, Associated Press, April 7, 2008.
Posted by EPIC on April 07, 2008.Permanent link to this item.
Critical vulnerabilities in Adobe Flash Player
Published: 2008-04-09,Last Updated: 2008-04-09 00:43:18 UTCby Raul Siles (Version: 1)
Adobe has released a security bulletin today, APSB08-11, to address multiple vulnerabilities in Adobe Flash Player 9.0.115.0 and earlier, and 8.0.39.0 and earlier, that could lead to the potential execution of arbitrary code remotely. Additionally the update includes DNS rebinding attack and cross-domain policy countermeasures.
It is strongly recommended to update to the newest Adobe Flash Player version, 9.0.124.0!
College Degrees in Homeland Security
It's a growing field:
More than 200 colleges have created homeland-security degree and certificate programs since 9/11, and another 144 have added emergency management with a terrorism bent.
Stolen hardware basis for most breaches News Brief, 2008-04-08While the number of unique variants of malicious software more than quadrupled in 2007, lost laptops and storage devices were the most common cause of a data breaches, a report finds.
"Hewlett-Packard has been selling USB-based hybrid flash-floppy drives that were pre-infected with malware, the company said last week in a security bulletin. Dubbed "HP USB Floppy Drive Key," the device is a combination flash drive and compact floppy drive, and is designed to work with various models of HP's ProLiant Server line. HP sells two versions of the drive, one with 256MB of flash capacity, the other with 1GB of storage space. A security analyst with the SANS Institute's Internet Storm Center (ISC) suspects that the infection originated at the factory, and was meant to target ProLiant servers. "I think it's naive to assume that these are not targeted attacks," said John Bambenek, who is also a researcher at the University of Illinois. Both versions of the flash-floppy drive, confirmed HP in an April 3 advisory, may come with a pair of worms, although the company offered few details. It did not, for instance, say how many of the drives were infected, where in the supply chain the infections occurred or even when they were discovered."
"Hubble is a system that operates continuously to find persistent Internet black holes as they occur. Hubble has operated continuously since September 17, 2007. During that time, it identified 881,090 black holes and reachability problems. In the most recent quarter-hourly round, completed at 04:40 PDT, 04/09/2008, Hubble issued 46,846 traceroutes to 1,815 prefixes it identified as likely to be experiencing problems (of 78,772 total prefixes monitored by the system). Of these, it found 195 prefixes to be unreachable from all its vantage points and 139 to be reachable from some vantage points and not others."
"One of the more interesting tidbits in Symantec's Global Internet Threat Report (PDF, 105 pages) is the price sheet, which suggests that someone's 'full identity' is worth in the range of $1-$15. Your email password goes for $4-$30 and your bank account might fetch $10-$1000. With those prices, I wonder how often they pay more for the bank account than is actually in it? There's also an executive summary (PDF, 36 pages)."
New Kraken worm evading harpoons of antivirus programs
Botnet research firm Damballa Solutions has discovered evidence that a botnet twice the size of Storm has made its home within 50 of the Fortune 500. Dubbed Kraken, the cyber-cephalopod has eluded most commercial antivirus scanners and remains lurking in the deep.
April 08, 2008 - 01:42PM CT - by Joel Hruska
Flood of revelations in Vista-capable suit paused for appeal
The "Vista Capable" lawsuit against Microsoft that has generated so many revelations about the company's deliberations surround Vista will be put on hold until the Ninth Circuit can rule on whether the case should be a class action.
April 08, 2008 - 12:41PM CT - by Nate Anderson
From saboteur to member: Microsoft joins Kerberos Consortium
MIT has turned development of the Kerberos authentication standard over to an executive committee, and Microsoft is now on the marquee. Once accused of trying to sabotage the standard's interoperability, Redmond will now have a hand in its future development.
April 08, 2008 - 05:56AM CT - by Joel Hruska
Buffalo Squeezes Palm-Sized Terabyte Network-Attached StorageIn a world where Network-Attached Storage devices easily fill up the space under your... [read >>]
in Storage, 09 April, 13:56 GMT
Genuine Advantage 'nag' coming to Office
Mary Jo Foley: Microsoft is set to begin a pilot of a new Genuine Advantage anti-piracy mechanism for Office that will add a "nag-like" feature, akin to what is now part of Windows Vista.
EMC buys Iomega
Larry Dignan: Remember Zip drives? Once the $213 million deal is completed, Iomega will be the core of a new EMC consumer and small business product division.
Storm CodecApril 8, 2008Storm's latest website asks users to install the 'Storm Codec' in order to view a phony video clip.
New RIAA Argument: Throwing A Promo CD In The Garbage = Unauthorized Distribution
Marilyn Monroe's Estate Loses Rights To Photos After Fighting To Make Her A New Yorker
from the figure-this-one-out dept
It appears Marilyn Monroe's estate didn't think all the way through its strategy of posthumously moving the famed star to New York. Apparently, her family convinced California tax authorities that Monroe had been a New York resident, in an attempt to avoid paying taxes on the estate in California. Unfortunately for the estate, that would also mean that Marilyn Monroe's publicity rights died with her. As Against Monopoly points out in the latest example of the bizarre effects of intellectual property rules, California allows "rights of publicity" to live on after death -- meaning that images of famous people still need to be licensed. However, New York says your right of publicity dies when you die. So, a court has now ruled that, thanks to Monroe's own estate claiming that she was a New Yorker, there's no longer a right of publicity for Monroe, and photographers who own Monroe photographs shouldn't have to pay her estate (as they've done since her death). This has photographers claiming that the estate has been unfairly demanding licenses for many years. Next time, perhaps Monroe's estate will just pay the taxes it owes. But, in the meantime, we get to see the bizarre impact of rules such as "publicity rights" which have forced photographers to pay to use photographs they took for many years.
4 Comments Leave a Comment..
Endpoint security products doomed, RSA exhibitors say
Jim Carr April 08, 2008
The endpoint security product is doomed, to be replaced by the umbrella coverage of overriding security solutions.
U.S. Has Launched a Cyber Security 'Manhattan Project,' Homeland Security Chief Claims
Hackers infiltrate search engines, social networks USATODAY.com - Wed Apr 9, 6:57 AM ET
SAN FRANCISCO - Consumers who use search engines, online social networks, browsers and the like face a gantlet of viruses and malicious software code, according to a cybersecurity report from Symantec, issued Tuesday as security experts gather here for the sprawling RSA Conference on tech security.
Microsoft: Ask us and we'll kill your ActiveX control
Microsoft calls for talks on Internet trust, safety
MS08-018 Vulnerability in Microsoft Project Could Allow Remote Code Execution (950183)
MS08-019 Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (949032)
MS08-020 Vulnerability in DNS Client Could Allow Spoofing (945553)
MS08-021 Vulnerabilities in GDI Could Allow Remote Code Execution (948590)
MS08-022 Vulnerability in VBScript and JScript Scripting Engines Could Allow Remote Code Execution (944338)
MS08-023 Security Update of ActiveX Kill Bits (948881)
MS08-024 Cumulative Security Update for Internet Explorer (947864)
MS08-025 Vulnerability in Windows Kernel Could Allow Elevation of Privilege (941693)
Symantec Chairman Calls for Information-Centric Approach to Security - 4/9/2008 9:00:00 AM Enterprises need to identify and protect sensitive information as it moves, Thompson says
DHS Chief Says Current Defenses 'Insufficient' to Handle Evolving Threats - 4/9/2008 5:00:00 AM Homeland Security secretary Michael Chertoff says federal government and industry need to do more
RSA Session Features Live Linksys Router Hack - 4/8/2008 5:05:00 PM Researcher Dan Kaminsky plans a live demo to show a DNS rebinding attack in action
RSA Conference: Web Page Can Take Over Your Router
Researcher Dan Kaminsky to show attendees of the RSA security conference how a Web-based attack could be used to seize control of certain routers. 07-Apr-2008
Coviello: Security's a Drag on Business - 4/8/2008 1:20:00 PM RSA exec says more than 80% of businesses have shied away from innovation due to security concerns
Cisco, RSA Partner to Secure Data in Motion, at Rest - 4/7/2008 5:00:00 PM Partnership leverages data loss prevention framework unveiled by RSA last week
April 08, 2008 Judge attacks child porn delays
http://www.crime-research.org/news/08.04.2008/3301/
More Privacy, Security Breaches at UCLA Medical Center
California first lady Maria Shriver is among more than 30 celebrities and other high-profile patients who had their confidential records breached at UCLA Medical Center, medical officials said. The woman responsible, whose name was not released, is the same employee who sneaked into actress Farrah Fawcett's medical records, officials told the Los Angeles Times on Sunday. That worker was fired in May 2007 after UCLA learned of the widespread breaches, but patients were not notified, the hospital said. In all, the woman improperly looked at 61 patients' medical records in 2006 and 2007, according to state and local medical officials.
More Snooping Into UCLA Medical Records, Associated Press, April 7, 2008.
Posted by EPIC on April 07, 2008.Permanent link to this item.
Critical vulnerabilities in Adobe Flash Player
Published: 2008-04-09,Last Updated: 2008-04-09 00:43:18 UTCby Raul Siles (Version: 1)
Adobe has released a security bulletin today, APSB08-11, to address multiple vulnerabilities in Adobe Flash Player 9.0.115.0 and earlier, and 8.0.39.0 and earlier, that could lead to the potential execution of arbitrary code remotely. Additionally the update includes DNS rebinding attack and cross-domain policy countermeasures.
It is strongly recommended to update to the newest Adobe Flash Player version, 9.0.124.0!
College Degrees in Homeland Security
It's a growing field:
More than 200 colleges have created homeland-security degree and certificate programs since 9/11, and another 144 have added emergency management with a terrorism bent.
Stolen hardware basis for most breaches News Brief, 2008-04-08While the number of unique variants of malicious software more than quadrupled in 2007, lost laptops and storage devices were the most common cause of a data breaches, a report finds.
"Hewlett-Packard has been selling USB-based hybrid flash-floppy drives that were pre-infected with malware, the company said last week in a security bulletin. Dubbed "HP USB Floppy Drive Key," the device is a combination flash drive and compact floppy drive, and is designed to work with various models of HP's ProLiant Server line. HP sells two versions of the drive, one with 256MB of flash capacity, the other with 1GB of storage space. A security analyst with the SANS Institute's Internet Storm Center (ISC) suspects that the infection originated at the factory, and was meant to target ProLiant servers. "I think it's naive to assume that these are not targeted attacks," said John Bambenek, who is also a researcher at the University of Illinois. Both versions of the flash-floppy drive, confirmed HP in an April 3 advisory, may come with a pair of worms, although the company offered few details. It did not, for instance, say how many of the drives were infected, where in the supply chain the infections occurred or even when they were discovered."
"Hubble is a system that operates continuously to find persistent Internet black holes as they occur. Hubble has operated continuously since September 17, 2007. During that time, it identified 881,090 black holes and reachability problems. In the most recent quarter-hourly round, completed at 04:40 PDT, 04/09/2008, Hubble issued 46,846 traceroutes to 1,815 prefixes it identified as likely to be experiencing problems (of 78,772 total prefixes monitored by the system). Of these, it found 195 prefixes to be unreachable from all its vantage points and 139 to be reachable from some vantage points and not others."
"One of the more interesting tidbits in Symantec's Global Internet Threat Report (PDF, 105 pages) is the price sheet, which suggests that someone's 'full identity' is worth in the range of $1-$15. Your email password goes for $4-$30 and your bank account might fetch $10-$1000. With those prices, I wonder how often they pay more for the bank account than is actually in it? There's also an executive summary (PDF, 36 pages)."
New Kraken worm evading harpoons of antivirus programs
Botnet research firm Damballa Solutions has discovered evidence that a botnet twice the size of Storm has made its home within 50 of the Fortune 500. Dubbed Kraken, the cyber-cephalopod has eluded most commercial antivirus scanners and remains lurking in the deep.
April 08, 2008 - 01:42PM CT - by Joel Hruska
Flood of revelations in Vista-capable suit paused for appeal
The "Vista Capable" lawsuit against Microsoft that has generated so many revelations about the company's deliberations surround Vista will be put on hold until the Ninth Circuit can rule on whether the case should be a class action.
April 08, 2008 - 12:41PM CT - by Nate Anderson
IBM set to lock down virtual machines with PHANTOM project
IBM has announced a new project, codenamed PHANTOM, that's aimed at securing virtual servers. True to its name, it's a bit wispy on details so far, but it does address a real need.
April 08, 2008 - 11:21AM CT - by Jon Stokes
From saboteur to member: Microsoft joins Kerberos Consortium
MIT has turned development of the Kerberos authentication standard over to an executive committee, and Microsoft is now on the marquee. Once accused of trying to sabotage the standard's interoperability, Redmond will now have a hand in its future development.
April 08, 2008 - 05:56AM CT - by Joel Hruska
Buffalo Squeezes Palm-Sized Terabyte Network-Attached StorageIn a world where Network-Attached Storage devices easily fill up the space under your... [read >>]
in Storage, 09 April, 13:56 GMT
Genuine Advantage 'nag' coming to Office
Mary Jo Foley: Microsoft is set to begin a pilot of a new Genuine Advantage anti-piracy mechanism for Office that will add a "nag-like" feature, akin to what is now part of Windows Vista.
EMC buys Iomega
Larry Dignan: Remember Zip drives? Once the $213 million deal is completed, Iomega will be the core of a new EMC consumer and small business product division.
Storm CodecApril 8, 2008Storm's latest website asks users to install the 'Storm Codec' in order to view a phony video clip.
New RIAA Argument: Throwing A Promo CD In The Garbage = Unauthorized Distribution
Marilyn Monroe's Estate Loses Rights To Photos After Fighting To Make Her A New Yorker
from the figure-this-one-out dept
It appears Marilyn Monroe's estate didn't think all the way through its strategy of posthumously moving the famed star to New York. Apparently, her family convinced California tax authorities that Monroe had been a New York resident, in an attempt to avoid paying taxes on the estate in California. Unfortunately for the estate, that would also mean that Marilyn Monroe's publicity rights died with her. As Against Monopoly points out in the latest example of the bizarre effects of intellectual property rules, California allows "rights of publicity" to live on after death -- meaning that images of famous people still need to be licensed. However, New York says your right of publicity dies when you die. So, a court has now ruled that, thanks to Monroe's own estate claiming that she was a New Yorker, there's no longer a right of publicity for Monroe, and photographers who own Monroe photographs shouldn't have to pay her estate (as they've done since her death). This has photographers claiming that the estate has been unfairly demanding licenses for many years. Next time, perhaps Monroe's estate will just pay the taxes it owes. But, in the meantime, we get to see the bizarre impact of rules such as "publicity rights" which have forced photographers to pay to use photographs they took for many years.
4 Comments Leave a Comment..
Endpoint security products doomed, RSA exhibitors say
Jim Carr April 08, 2008
The endpoint security product is doomed, to be replaced by the umbrella coverage of overriding security solutions.
U.S. Has Launched a Cyber Security 'Manhattan Project,' Homeland Security Chief Claims
Hackers infiltrate search engines, social networks USATODAY.com - Wed Apr 9, 6:57 AM ET
SAN FRANCISCO - Consumers who use search engines, online social networks, browsers and the like face a gantlet of viruses and malicious software code, according to a cybersecurity report from Symantec, issued Tuesday as security experts gather here for the sprawling RSA Conference on tech security.
Microsoft: Ask us and we'll kill your ActiveX control
Microsoft calls for talks on Internet trust, safety
Monday, April 7, 2008
Monday News Feed
Companies struggle as Safari pops up on networks
New Massive Botnet Twice the Size of Storm - 4/7/2008 8:00:00 AM 400,000-strong 'Kraken' botnet has infiltrated 50 Fortune 500 companies -- and now usurps Storm as world's biggest botnet
'Transient' Hacks Become Attackers' New Favorites - 4/4/2008 4:45:00 PM Some attackers now prefer making quick, precision strikes on a Website to evade detection -- and then moving on to another one
KeyCorp Unlocks Method for Extending Single Sign-on - 4/4/2008 4:15:00 PM Financial services firm looks to stretch SSO to business partners
Failure to patch flaw exposes data on 60,000 at Antioch
HP unveils encryption add-ons for storage products
Number of viruses to top 1 million by 2009
Olympic Committee accepts China's Internet-access assurances
Symantec confirms ActiveX bugs in its own consumer software
Adobe claims it knew of 'Pwn to Own' bug
The evolution of CyberCrime Inc.
Date: April 07, 2008
Source: Iht.com/By: Doreen Carvajal
PARIS: There is no storefront or corporate headquarters for Cybercrime Inc., but savvy salesmen in a murky, borderless economy are moving merchandise by shilling credit card numbers - "two for the price one.""Sell fresh CC," promised one salesman who offered teaser credit card numbers for samples in New Jersey and Canada. "Visa, MasterCard, Amex. Good Prices. Many countries!!!!!"Electronic crime is maturing, according to security experts, and with its evolution, clever criminals are adopting conventional approaches that reflect cold business sense - from supermarket-style pricing to outsourcing to specialists acting as portfolio managers, coders, launchers, miners, washers and minders of infected "zombie" computers."It's a remarkable development of a whole alternative business environment that's occurred over the last couple years," said Richard Archdeacon, a senior director of global services for Symantec, an Internet security company with 11 research centers around the world tracking crime trends. "What's been so astonishing is the speed with which it's developed and the effect with which the market has grown and matured."In the United States alone, victims of reported Internet fraud lost $239 million in 2007, with average losses running about $2,530 per complaint recorded by a special Web-based hot line operated by the FBI and the National White Collar Crime Center, a nonprofit corporation focusing on electronic crime. Original article
Police probe 'new KGB poison attack'
dailymail.co.uk — Special Branch is investigating an alleged attempt to murder Oleg Gordievsky, the KGB double-agent who spied on Russia for British intelligence in the Cold War. The former Soviet colonel, who escaped to Britain in 1985, says he was poisoned by a Russian assassin at his secret safe-house in Surrey More… (World News)
April 7, 1964: IBM Bets Big on System/360
wired.com — 1964:IBM unveils the System/360 line of mainframe computers.In what some consider the biggest business gamble of all time, the International Business Machines Corp. invested $5 billion ($34 billion in today's dollars) in a family of six mutually compatible computers and 40 peripherals that could work together and be expanded in multiple combinationMore… (Tech Industry News)
As part of our regularly scheduled bulletin release, we’re currently planning to release:
· Five Microsoft Security Bulletins rated Critical and three that are rated as Important. These updates may require a restart and will be detectable using the Microsoft Baseline Security Analyzer.
As we do each month, the Microsoft Windows Malicious Software Removal Tool will be updated.
Finally, we are planning to release five high-priority, non-security updates on Windows Update and Windows Server Update Services (WSUS) as well as three high-priority, non-security updates on Microsoft Update and Windows Server Update Services (WSUS).
http://blogs.technet.com/msrc/
Internet Service Providers Test Increasingly Track Users' Keystrokes
The online behavior of a small but growing number of computer users in the United States is monitored by their Internet service providers, who have access to every click and keystroke that comes down the line. The companies harvest the stream of data for clues to a person's interests, making money from advertisers who use the information to target their online pitches. The practice represents a significant expansion in the ability to track a household's Web use because it taps into Internet connections, and critics liken it to a phone company listening in on conversations.
Every Click You Make, Washington Post, April 4, 2008.
Posted by EPIC on April 04, 2008.Permanent link to this item.
HP USB Keys Shipped with Malware for your Proliant Server
A review of Access Denied, edited by Ronald Deibert, John Palfrey, Rafal Rohozinski and Jonathan Zittrain, MIT Press: 2008.
Access Denied is a survey of the practice of Internet filtering, and a sourcebook of details about the countries that engage in the practice. It is written by researchers of the OpenNet Initiative (ONI), an organization that is dedicated to documenting global Internet filtering around the world.
Apple QuickTime Multiple Vulnerabilities
http://blogs.washingtonpost.com/securityfix/
Beware Targeted Data-Stealing Tax Scam
A fresh round of targeted e-mail attacks is underway, arriving in messages that personally address both the recipient and his or her employer. One pretends to be sent from the IRS requesting more information about company tax filings. Another set of targeted e-mails purport to be sent from Microsoft, urging recipients to download and install a new security update. Both try to trick the user into installing software that steals personal and financial data from the victim's PC.
The messages spoofing the IRS are very convincing (you can see a copy of one sent to one of the corporate finance officer for Sunbelt Software at this link here). The attached file, a screensaver file made to look like an Adobe PDF file named "tax_refund_file.scr", when clicked, silently downloads malware and pops up a seemingly random PDF document as a diversion.
FBI: Cybercrime racks up more profitsNews Brief, 2008-04-04Damages from online fraud jumped more than 20 percent, according to the latest data from the U.S. Federal Bureau of Investigation.
Europe asks ISPs to help battle cybercrimeNews Brief, 2008-04-02At a Council of Europe conference on cybercrime, Estonia and other countries push for more cooperation from Internet service providers to combat online attacks.
"If you use an insecure OS in the UK and someone drains your bank account, the banks say it's your fault. The Register reports: 'The Banking Code produced by the British Bankers' Association (BBA), and followed by most banks, makes it clear that banks will not be responsible for losses on online bank accounts if consumers do not have up to date anti-virus, anti-spyware, and firewall software installed on their machines.'"
A class of copyright thieves? A lawsuit over lecture notes
A case involving a professor, the University of Florida, and a lecture notes service highlights how complex the world of copyright is, now thanks to the presence of “multimedia” lectures and entrepreneurial professors. But where does this leave the students?
April 06, 2008 - 04:54PM CT - by John Timmer
IC3 report: Internet crime up to $240 million in 2007
Jim Carr April 04, 2008
Internet-related criminal activities resulted in nearly $240 million in reported losses, according to the 2007 Internet Crime Report released by the Internet Crime Complaint Center (IC3) and the FBI.
Spammers use Angelina, Britney gossip as lures
Sue Marquette Poremba April 04, 2008
Cybercriminals are playing off the interest in celebrity gossip by sending email that promises erotic pictures of stars such as Angelina Jolie and Britney Spears but are instead sending a trojan, Panda Security researchers have found.
2008 on pace for record number of breaches
Jim Carr April 04, 2008
In the first three months of 2008, the number of data breaches more than doubled over the same period last year, according to the Identity Theft Resource Center (ITRC), a nonprofit that helps victims of identity theft.
Report finds IRS computer security flawsAP - 31 minutes ago
WASHINGTON - A week before the tax filing deadline, Treasury Department watchdogs are saying that inadequate controls over the IRS computer system could make confidential taxpayer information more vulnerable to hacking and theft.
Cybercrime Treaty Gains Momentum PC World - Sun Apr 6, 5:30 PM ET
Twice as many countries may sign onto the cooperative legal agreement this year, proponents say.
New Massive Botnet Twice the Size of Storm - 4/7/2008 8:00:00 AM 400,000-strong 'Kraken' botnet has infiltrated 50 Fortune 500 companies -- and now usurps Storm as world's biggest botnet
'Transient' Hacks Become Attackers' New Favorites - 4/4/2008 4:45:00 PM Some attackers now prefer making quick, precision strikes on a Website to evade detection -- and then moving on to another one
KeyCorp Unlocks Method for Extending Single Sign-on - 4/4/2008 4:15:00 PM Financial services firm looks to stretch SSO to business partners
Failure to patch flaw exposes data on 60,000 at Antioch
HP unveils encryption add-ons for storage products
Number of viruses to top 1 million by 2009
Olympic Committee accepts China's Internet-access assurances
Symantec confirms ActiveX bugs in its own consumer software
Adobe claims it knew of 'Pwn to Own' bug
The evolution of CyberCrime Inc.
Date: April 07, 2008
Source: Iht.com/By: Doreen Carvajal
PARIS: There is no storefront or corporate headquarters for Cybercrime Inc., but savvy salesmen in a murky, borderless economy are moving merchandise by shilling credit card numbers - "two for the price one.""Sell fresh CC," promised one salesman who offered teaser credit card numbers for samples in New Jersey and Canada. "Visa, MasterCard, Amex. Good Prices. Many countries!!!!!"Electronic crime is maturing, according to security experts, and with its evolution, clever criminals are adopting conventional approaches that reflect cold business sense - from supermarket-style pricing to outsourcing to specialists acting as portfolio managers, coders, launchers, miners, washers and minders of infected "zombie" computers."It's a remarkable development of a whole alternative business environment that's occurred over the last couple years," said Richard Archdeacon, a senior director of global services for Symantec, an Internet security company with 11 research centers around the world tracking crime trends. "What's been so astonishing is the speed with which it's developed and the effect with which the market has grown and matured."In the United States alone, victims of reported Internet fraud lost $239 million in 2007, with average losses running about $2,530 per complaint recorded by a special Web-based hot line operated by the FBI and the National White Collar Crime Center, a nonprofit corporation focusing on electronic crime. Original article
Police probe 'new KGB poison attack'
dailymail.co.uk — Special Branch is investigating an alleged attempt to murder Oleg Gordievsky, the KGB double-agent who spied on Russia for British intelligence in the Cold War. The former Soviet colonel, who escaped to Britain in 1985, says he was poisoned by a Russian assassin at his secret safe-house in Surrey More… (World News)
April 7, 1964: IBM Bets Big on System/360
wired.com — 1964:IBM unveils the System/360 line of mainframe computers.In what some consider the biggest business gamble of all time, the International Business Machines Corp. invested $5 billion ($34 billion in today's dollars) in a family of six mutually compatible computers and 40 peripherals that could work together and be expanded in multiple combinationMore… (Tech Industry News)
As part of our regularly scheduled bulletin release, we’re currently planning to release:
· Five Microsoft Security Bulletins rated Critical and three that are rated as Important. These updates may require a restart and will be detectable using the Microsoft Baseline Security Analyzer.
As we do each month, the Microsoft Windows Malicious Software Removal Tool will be updated.
Finally, we are planning to release five high-priority, non-security updates on Windows Update and Windows Server Update Services (WSUS) as well as three high-priority, non-security updates on Microsoft Update and Windows Server Update Services (WSUS).
http://blogs.technet.com/msrc/
Internet Service Providers Test Increasingly Track Users' Keystrokes
The online behavior of a small but growing number of computer users in the United States is monitored by their Internet service providers, who have access to every click and keystroke that comes down the line. The companies harvest the stream of data for clues to a person's interests, making money from advertisers who use the information to target their online pitches. The practice represents a significant expansion in the ability to track a household's Web use because it taps into Internet connections, and critics liken it to a phone company listening in on conversations.
Every Click You Make, Washington Post, April 4, 2008.
Posted by EPIC on April 04, 2008.Permanent link to this item.
HP USB Keys Shipped with Malware for your Proliant Server
A review of Access Denied, edited by Ronald Deibert, John Palfrey, Rafal Rohozinski and Jonathan Zittrain, MIT Press: 2008.
Access Denied is a survey of the practice of Internet filtering, and a sourcebook of details about the countries that engage in the practice. It is written by researchers of the OpenNet Initiative (ONI), an organization that is dedicated to documenting global Internet filtering around the world.
Apple QuickTime Multiple Vulnerabilities
http://blogs.washingtonpost.com/securityfix/
Beware Targeted Data-Stealing Tax Scam
A fresh round of targeted e-mail attacks is underway, arriving in messages that personally address both the recipient and his or her employer. One pretends to be sent from the IRS requesting more information about company tax filings. Another set of targeted e-mails purport to be sent from Microsoft, urging recipients to download and install a new security update. Both try to trick the user into installing software that steals personal and financial data from the victim's PC.
The messages spoofing the IRS are very convincing (you can see a copy of one sent to one of the corporate finance officer for Sunbelt Software at this link here). The attached file, a screensaver file made to look like an Adobe PDF file named "tax_refund_file.scr", when clicked, silently downloads malware and pops up a seemingly random PDF document as a diversion.
FBI: Cybercrime racks up more profitsNews Brief, 2008-04-04Damages from online fraud jumped more than 20 percent, according to the latest data from the U.S. Federal Bureau of Investigation.
Europe asks ISPs to help battle cybercrimeNews Brief, 2008-04-02At a Council of Europe conference on cybercrime, Estonia and other countries push for more cooperation from Internet service providers to combat online attacks.
"If you use an insecure OS in the UK and someone drains your bank account, the banks say it's your fault. The Register reports: 'The Banking Code produced by the British Bankers' Association (BBA), and followed by most banks, makes it clear that banks will not be responsible for losses on online bank accounts if consumers do not have up to date anti-virus, anti-spyware, and firewall software installed on their machines.'"
A class of copyright thieves? A lawsuit over lecture notes
A case involving a professor, the University of Florida, and a lecture notes service highlights how complex the world of copyright is, now thanks to the presence of “multimedia” lectures and entrepreneurial professors. But where does this leave the students?
April 06, 2008 - 04:54PM CT - by John Timmer
Why modular Windows will suck for Microsoft and suck for you
There's a consensus forming that the next version of Windows will be "modular" in some manner. Here's a look at the possibilities for a modular Windows and why they mostly suck.
April 05, 2008 - 11:52PM CT - by Peter Bright
US Air Force to China: Our geeks can beat up your geeks
The US Air Force's new Cyber Command will not only serve as a standing reminder that "cyber" should've died in the '90s with "multimedia," but it will also mount online counter-attacks in response to military and economic espionage.
April 05, 2008 - 10:49AM CT - by Jon Stokes
Storm is using Blogspot to host it's latest campaign to infect more victims.
IC3 report: Internet crime up to $240 million in 2007
Jim Carr April 04, 2008
Internet-related criminal activities resulted in nearly $240 million in reported losses, according to the 2007 Internet Crime Report released by the Internet Crime Complaint Center (IC3) and the FBI.
Spammers use Angelina, Britney gossip as lures
Sue Marquette Poremba April 04, 2008
Cybercriminals are playing off the interest in celebrity gossip by sending email that promises erotic pictures of stars such as Angelina Jolie and Britney Spears but are instead sending a trojan, Panda Security researchers have found.
2008 on pace for record number of breaches
Jim Carr April 04, 2008
In the first three months of 2008, the number of data breaches more than doubled over the same period last year, according to the Identity Theft Resource Center (ITRC), a nonprofit that helps victims of identity theft.
Report finds IRS computer security flawsAP - 31 minutes ago
WASHINGTON - A week before the tax filing deadline, Treasury Department watchdogs are saying that inadequate controls over the IRS computer system could make confidential taxpayer information more vulnerable to hacking and theft.
Cybercrime Treaty Gains Momentum PC World - Sun Apr 6, 5:30 PM ET
Twice as many countries may sign onto the cooperative legal agreement this year, proponents say.
Friday, April 4, 2008
Friday News Feed
Intel to release anti-theft technology for laptops New capability to be added to Intel's Active Management Technology will allow IT managers to lock down systems and drives of machines gone AWOL. Read more...
Men fall harder than women for Internet fraud, study finds
Adobe claims it knew of 'Pwn to Own' bug
Apple patches 11 QuickTime bugs in year's third update
Microsoft to patch Vista SP1, Server 2008 next week
Vermont ski area reports Hannaford-like theft of payment card data
FaceTime security product scans Skype's encrypted IM
Next-Gen Crypto Method Will Help Secure Mobile Apps - 4/3/2008 4:55:00 PM Certicom will demo new Elliptic Curve Cryptography (ECC)-based mobile ticketing, RFID tag technologies at the RSA conference
Enterprise Networks Rife With Unauthorized Apps, Study Says - 4/3/2008 12:55:00 PM Employees use variety of tactics to circumvent IT policies and misuse the corporate network
Microsoft will extend life of Windows XP--again
news.com — Microsoft has decided to extend the life of Windows XP, although only for a limited class of machines. More… (Microsoft)
April 2008 Advance NotificationPosted Thursday, April 03, 2008 9:57 AM by MSRCTEAM
Hello, Bill here.
I wanted to let you know that we just posted our Advance Notification for next week’s bulletin release which will occur on Tuesday, April 8, 2008 around 10 a.m. Pacific Standard Time.
It is important to remember that while the information posted below is intended to help with your planning, because it is preliminary information, it is subject to change.
As part of our regularly scheduled bulletin release, we’re currently planning to release:
· Five Microsoft Security Bulletins rated Critical and three that are rated as Important. These updates may require a restart and will be detectable using the Microsoft Baseline Security Analyzer.
As we do each month, the Microsoft Windows Malicious Software Removal Tool will be updated.
Finally, we are planning to release five high-priority, non-security updates on Windows Update and Windows Server Update Services (WSUS) as well as three high-priority, non-security updates on Microsoft Update and Windows Server Update Services (WSUS).
Internet Service Providers Test Increasingly Track Users' Keystrokes
The online behavior of a small but growing number of computer users in the United States is monitored by their Internet service providers, who have access to every click and keystroke that comes down the line. The companies harvest the stream of data for clues to a person's interests, making money from advertisers who use the information to target their online pitches. The practice represents a significant expansion in the ability to track a household's Web use because it taps into Internet connections, and critics liken it to a phone company listening in on conversations.
Every Click You Make, Washington Post, April 4, 2008.
Posted by EPIC on April 04, 2008.Permanent link to this item. --> -->
Legal Questions Surround Surreptitious DNA Gathering
The two Sacramento sheriff detectives tailed their suspect, Rolando Gallego, at a distance. They did not have a court order to compel him to give a DNA sample, but their assignment was to get one anyway — without his knowledge. The practice, known among law enforcement officials as “surreptitious sampling,” is growing in popularity even as defense lawyers and civil liberties advocates argue that it violates a constitutional right to privacy. Critics argue that by covertly collecting DNA contained in the minute amounts of saliva, sweat and skin that everyone sheds in the course of daily life, police officers are exploiting an unforeseen loophole in the requirement to show “probable cause” that a suspect has committed a crime before conducting a search.
Lawyers Fight DNA Samples Gained on Sly, New York Times, April 3, 2008.
Posted by EPIC on April 04, 2008.Permanent link to this item.
VB detection: is it so difficult?
KeeLoq Still Broken
That's the key entry system used by Chrysler, Daewoo, Fiat, General Motors, Honda, Toyota, Lexus, Volvo, Volkswagen, Jaguar, and probably others. It's broken:
The KeeLoq encryption algorithm is widely used for security relevant applications, e.g., in the form of passive Radio Frequency Identification (RFID) transponders for car immobilizers and in various access control and Remote Keyless Entry (RKE) systems, e.g., for opening car doors and garage doors.
We present the first successful DPA (Differential Power Analysis) attacks on numerous commercially available products employing KeeLoq. These so-called side-channel attacks are based on measuring and evaluating the power consumption of a KeeLoq device during its operation. Using our techniques, an attacker can reveal not only the secret key of remote controls in less than one hour, but also the manufacturer key of the corresponding receivers in less than one day. Knowing the manufacturer key allows for creating an arbitrary number of valid new keys and generating new remote controls.
We further propose a new eavesdropping attack for which monitoring of two ciphertexts, sent from a remote control employing KeeLoq code hopping (car key, garage door opener, etc.), is sufficient to recover the device key of the remote control. Hence, using the methods described by us, an attacker can clone a remote control from a distance and gain access to a target that is protected by the claimed to be "highly secure" KeeLoq algorithm.
We consider our attacks to be of serious practical interest, as commercial KeeLoq access control systems can be overcome with modest effort.
I've written about this before, but the above link has much better data.
Posted on April 04, 2008 at 06:03 AM • 7 Comments •
View Blog Reactions
Ottawa-based VoIPshield Systems, a company that makes products to help secure voice-over-IP (VoIP) networks, said it located more than 100 security holes in Internet-based phones made by the biggest players in the business, including Avaya, Cisco and Nortel. The company currently displays information on 44 of the vulnerabilities on its Web site, and it says many of the flaws are medium- to high-risk, meaning they could be used to intercept, redirect or initiate phone calls, or to simply disable phone service for the targeted user or company.
FBI: Cybercrime racks up more profitsNews Brief, 2008-04-04
Damages from online fraud jumped more than 20 percent, according to the latest data from the U.S. Federal Bureau of Investigation.
Ruling: No safe harbor when the questions discriminate
The Ninth Circuit has reaffirmed a previous decision which ruled that Roommates.com is not entitled to Safe Harbor protection for asking discriminatory questions that could potentially violate the Fair Housing Act.
April 04, 2008 - 09:20AM CT - by Ryan Paul
Spam Message Size Lowest on RecordApril 3, 2008Small message size provide little comfort sys admins and end users inundated with spam
Pennsylvania is suing a website that promised to help people get access to unclaimed money they were owed after investigators determined that the site was convincing people to pay $24.95 for a membership by telling them they had unclaimed money, no matter who they were. Investigators used the scientific method of testing whether Spiderman, Batman and Wile E. Coyote had unclaimed money. After discovering that all three were told they did (on a free search, details only available if you paid), they decided that the site was perhaps being less than honest with users.
Microsoft to deliver eight patches, five "critical"
Dan Kaplan April 03, 2008
Microsoft on Thursday announced it will to push out eight fixes next week, including five for flaws graded critical, as part of its monthly patch cycle.
TJX settles with MasterCard for $24 million
Jim Carr April 03, 2008
Discount retailer TJX, parent of T.J. Maxx and Marshalls, has agreed to a $24 million settlement with MasterCard over a security breach that left tens of millions of credit card accounts at risk to identity theft.
Microsoft: June 30 XP cut-off set in stone
Mary Jo Foley: Microsoft makes it official: There will be no new reprieves for Windows XP (other than on Ultra Low-Cost PCs).
The Vista license "loophole" that isn't
Men fall harder than women for Internet fraud, study finds
Adobe claims it knew of 'Pwn to Own' bug
Apple patches 11 QuickTime bugs in year's third update
Microsoft to patch Vista SP1, Server 2008 next week
Vermont ski area reports Hannaford-like theft of payment card data
FaceTime security product scans Skype's encrypted IM
Next-Gen Crypto Method Will Help Secure Mobile Apps - 4/3/2008 4:55:00 PM Certicom will demo new Elliptic Curve Cryptography (ECC)-based mobile ticketing, RFID tag technologies at the RSA conference
Enterprise Networks Rife With Unauthorized Apps, Study Says - 4/3/2008 12:55:00 PM Employees use variety of tactics to circumvent IT policies and misuse the corporate network
Microsoft will extend life of Windows XP--again
news.com — Microsoft has decided to extend the life of Windows XP, although only for a limited class of machines. More… (Microsoft)
April 2008 Advance NotificationPosted Thursday, April 03, 2008 9:57 AM by MSRCTEAM
Hello, Bill here.
I wanted to let you know that we just posted our Advance Notification for next week’s bulletin release which will occur on Tuesday, April 8, 2008 around 10 a.m. Pacific Standard Time.
It is important to remember that while the information posted below is intended to help with your planning, because it is preliminary information, it is subject to change.
As part of our regularly scheduled bulletin release, we’re currently planning to release:
· Five Microsoft Security Bulletins rated Critical and three that are rated as Important. These updates may require a restart and will be detectable using the Microsoft Baseline Security Analyzer.
As we do each month, the Microsoft Windows Malicious Software Removal Tool will be updated.
Finally, we are planning to release five high-priority, non-security updates on Windows Update and Windows Server Update Services (WSUS) as well as three high-priority, non-security updates on Microsoft Update and Windows Server Update Services (WSUS).
Internet Service Providers Test Increasingly Track Users' Keystrokes
The online behavior of a small but growing number of computer users in the United States is monitored by their Internet service providers, who have access to every click and keystroke that comes down the line. The companies harvest the stream of data for clues to a person's interests, making money from advertisers who use the information to target their online pitches. The practice represents a significant expansion in the ability to track a household's Web use because it taps into Internet connections, and critics liken it to a phone company listening in on conversations.
Every Click You Make, Washington Post, April 4, 2008.
Posted by EPIC on April 04, 2008.Permanent link to this item. --> -->
Legal Questions Surround Surreptitious DNA Gathering
The two Sacramento sheriff detectives tailed their suspect, Rolando Gallego, at a distance. They did not have a court order to compel him to give a DNA sample, but their assignment was to get one anyway — without his knowledge. The practice, known among law enforcement officials as “surreptitious sampling,” is growing in popularity even as defense lawyers and civil liberties advocates argue that it violates a constitutional right to privacy. Critics argue that by covertly collecting DNA contained in the minute amounts of saliva, sweat and skin that everyone sheds in the course of daily life, police officers are exploiting an unforeseen loophole in the requirement to show “probable cause” that a suspect has committed a crime before conducting a search.
Lawyers Fight DNA Samples Gained on Sly, New York Times, April 3, 2008.
Posted by EPIC on April 04, 2008.Permanent link to this item.
VB detection: is it so difficult?
KeeLoq Still Broken
That's the key entry system used by Chrysler, Daewoo, Fiat, General Motors, Honda, Toyota, Lexus, Volvo, Volkswagen, Jaguar, and probably others. It's broken:
The KeeLoq encryption algorithm is widely used for security relevant applications, e.g., in the form of passive Radio Frequency Identification (RFID) transponders for car immobilizers and in various access control and Remote Keyless Entry (RKE) systems, e.g., for opening car doors and garage doors.
We present the first successful DPA (Differential Power Analysis) attacks on numerous commercially available products employing KeeLoq. These so-called side-channel attacks are based on measuring and evaluating the power consumption of a KeeLoq device during its operation. Using our techniques, an attacker can reveal not only the secret key of remote controls in less than one hour, but also the manufacturer key of the corresponding receivers in less than one day. Knowing the manufacturer key allows for creating an arbitrary number of valid new keys and generating new remote controls.
We further propose a new eavesdropping attack for which monitoring of two ciphertexts, sent from a remote control employing KeeLoq code hopping (car key, garage door opener, etc.), is sufficient to recover the device key of the remote control. Hence, using the methods described by us, an attacker can clone a remote control from a distance and gain access to a target that is protected by the claimed to be "highly secure" KeeLoq algorithm.
We consider our attacks to be of serious practical interest, as commercial KeeLoq access control systems can be overcome with modest effort.
I've written about this before, but the above link has much better data.
Posted on April 04, 2008 at 06:03 AM • 7 Comments •
View Blog Reactions
Ottawa-based VoIPshield Systems, a company that makes products to help secure voice-over-IP (VoIP) networks, said it located more than 100 security holes in Internet-based phones made by the biggest players in the business, including Avaya, Cisco and Nortel. The company currently displays information on 44 of the vulnerabilities on its Web site, and it says many of the flaws are medium- to high-risk, meaning they could be used to intercept, redirect or initiate phone calls, or to simply disable phone service for the targeted user or company.
FBI: Cybercrime racks up more profitsNews Brief, 2008-04-04
Damages from online fraud jumped more than 20 percent, according to the latest data from the U.S. Federal Bureau of Investigation.
Ruling: No safe harbor when the questions discriminate
The Ninth Circuit has reaffirmed a previous decision which ruled that Roommates.com is not entitled to Safe Harbor protection for asking discriminatory questions that could potentially violate the Fair Housing Act.
April 04, 2008 - 09:20AM CT - by Ryan Paul
As April 15 approaches, tax-related spam is on the rise
Symantec's April spam report is now available, with information on the distribution of spam by topic and focus over the past thirty days. TurboTax users and US taxpayers in general may want to keep an eye on the inbox—the industry that brought you herbal Viagra would like to tell you about some sudden changes to the tax code.
April 04, 2008 - 05:27AM CT - by Joel Hruska
Spam Message Size Lowest on RecordApril 3, 2008Small message size provide little comfort sys admins and end users inundated with spam
Pennsylvania is suing a website that promised to help people get access to unclaimed money they were owed after investigators determined that the site was convincing people to pay $24.95 for a membership by telling them they had unclaimed money, no matter who they were. Investigators used the scientific method of testing whether Spiderman, Batman and Wile E. Coyote had unclaimed money. After discovering that all three were told they did (on a free search, details only available if you paid), they decided that the site was perhaps being less than honest with users.
Microsoft to deliver eight patches, five "critical"
Dan Kaplan April 03, 2008
Microsoft on Thursday announced it will to push out eight fixes next week, including five for flaws graded critical, as part of its monthly patch cycle.
TJX settles with MasterCard for $24 million
Jim Carr April 03, 2008
Discount retailer TJX, parent of T.J. Maxx and Marshalls, has agreed to a $24 million settlement with MasterCard over a security breach that left tens of millions of credit card accounts at risk to identity theft.
Microsoft: June 30 XP cut-off set in stone
Mary Jo Foley: Microsoft makes it official: There will be no new reprieves for Windows XP (other than on Ultra Low-Cost PCs).
The Vista license "loophole" that isn't
Wednesday, April 2, 2008
Wednesday News Feed
Internet has a trash problem, researcher says
April 1, 2008 (IDG News Service) Between 1% and 3% of all traffic on the Internet is meaningless packets of information, used in distributed denial of service attacks (DDOS) to knock Web sites offline.
A Peek at ISP DDOS, Spam Traffic Trends - 4/1/2008 5:50:00 PM An average of 1,300 distributed denial-of-service attacks hit each day, according to data from Arbor Networks's ISP customers
FaceTime security product scans Skype's encrypted IM The only product allowed to look at encrypted instant messages between Skype users detects harmful URLs. Read more...
Microsoft joins MIT's Kerberos Consortium
It's about time - Microsoft has been using Kerberos since Windows 2000.
Linux ignored, not immune, says hacker contest sponsor
'Fight Club' Aims to Test Pornography Filters - 4/1/2008 11:30:00 AM Last year, it proved that antivirus products don't stop all viruses. Now Untangle prepares to show how much porn can escape 'safe' content filters
5 reasons to ditch the Mac and return to PCs
computerworld.com — Productivity gains, compatibility issues drive a CTO (and Mac fan) to switch to Windows at his company.........More… (Apple)
Council of Europe, ISPs Draft Anti-Cybercrime Guide
A set of guidelines to help European ISPs and law enforcement cooperate on cybercrime investigations is almost done. 01-Apr-2008
Olympics Committee Calls On China to Open Internet During Games
The Internet must be open during the Beijing Olympics. That was the message a top-ranking International Olympic Committee official delivered Tuesday to Beijing organizers during the first of three days of meetings - the last official sessions between IOC inspectors and the Chinese hosts before the games begin in just over four months. Beijing routinely blocks Chinese access to some foreign news Web sites and blogs, a practice it has stepped up since rioting broke out over two weeks ago in Tibet. Kevan Gosper, vice chairman of the IOC coordinating commission, said restricting access to the Internet during the games "would reflect very poorly" on the host nation.
IOC Tells Beijing: Don't Block Internet, Associated Press, April 1, 2008.
Posted by EPIC on April 01, 2008.Permanent link to this item.
Competitive intelligence gathering via LinkedIn's new Company Profile pages
Outsourcing Passports
The U.S. is outsourcing the manufacture of its RFID passports to some questionable companies.
This is a great illustration of the maxim "security trade-offs are often made for non-security reasons." I can imagine the manager in charge: "Yes, it's insecure. But think of the savings!"
The Government Printing Office's decision to export the work has proved lucrative, allowing the agency to book more than $100 million in recent profits by charging the State Department more money for blank passports than it actually costs to make them, according to interviews with federal officials and documents obtained by The Times.
Another story.
Posted on April 02, 2008 at 06:08 AM • 6 Comments •
View Blog Reactions
Macrovision InstallShield InstallScript One-Click Install ActiveX Control Code Execution
Flashing-image attack targets epilepticsNews Brief, 2008-03-31Vandals seed an epilepsy-community forum with an attack that redirects visitors to a site with a flashing image, triggering seizures in some victims.
Researchers dive into memory dumpsNews Brief, 2008-03-31Armed with a USB thumb drive or an iPod, an attacker can grab passwords from the physical memory of untended computers.
Comcast Shift a Nod to Political, Competitive Realities
Comcast's decision to cooperate with peer-to-peer (P2P) platform provider BitTorrent is a surprise that has the potential to shift the political debate and alter the technical landscape. Early reaction pointed to two possible reasons the cable operator did an about face. Some commentators said that the company is cutting its losses and seeking a graceful way out of a sticky situation. Others — and the groups are not mutually exclusive — feel that Comcast saw the issue as a competitive loser against Verizon, which already has said that it will work to allow P2P traffic to move more smoothly over its FiOS network. For whatever reason, this week, Comcast said that it will treat P2P the same as other protocols.
'Clear' Lanes Designed To Make Travelers Go Through Security Lanes FasterAt first, Oakland International Airport officials were skeptical of the new program that promised travelers a quick trip through security checkpoints. The checkpoints, they argued, didn't get that backed up. On Thursday morning's opening, those same officials were praising the Oakland arrival of Clear, the largest of three private companies that provide what amounts to a fast-track service for airport security. What are they saying about this program?
Study gives insight into iPhone usersIn recent online survey, a quarter of respondents say the Apple device is displacing a notebook computer.
Tue, Apr 01 21:03:00 PDT 2008 Read full story
Google does April Fools': 'Custom time' and a Mars trip
Microsoft's Office Open XML now an official ISO standard
Microsoft's Office Open XML format has achieved ISO approval after receiving support from 86 percent of the national bodies participating in the vote.
April 01, 2008 - 05:15PM CT - by Ryan Paul
Craigslist Ransacking Was To Cover Up Burglary
from the well-that-didn't-work dept
Remember that story last week about someone posting a fake ad on Craigslist, leading to people ransacking a house and taking all sorts of stuff? It turns out that the folks behind the fake ad were simply trying to cover up their own burglary of the house. Apparently, they had stolen some stuff from the garage and figured the best way to hide the theft was to get a ton of other people to steal stuff as well, via the Craigslist ad. Of course, by posting the ad, they made it that much easier to track them down, as police retrieved the IP address and were able to figure out who was responsible. Once again, despite those who tried to "blame" Craigslist, it looks like Craigslist helped the police catch the crooks.
Police Arrest Unsavvy Couple in Fake Craigslist Ad Case
Hannaford tells regulators how breach happened
Dan Kaplan April 01, 2008
Hackers used sophisticated methods to evade detection and place malware on nearly 300 Hannaford Bros. store servers to intercept payment information during the credit card transaction process, the grocery chain told Massachusetts authorities.
New rogue software targeting Mac users
Jim Carr April 01, 2008
Security researchers at Sophos have identified a new trojan targeting the Mac OS X operating system.
PGP Adds Encryption To Windows Mobile Smartphones TechWeb - Tue Apr 1, 2:31 PM ET
PGP Mobile encrypts Windows Mobile-based data automatically, but still allows mobile data to be shared securely with other mobile and desktop users.
April 1, 2008 (IDG News Service) Between 1% and 3% of all traffic on the Internet is meaningless packets of information, used in distributed denial of service attacks (DDOS) to knock Web sites offline.
A Peek at ISP DDOS, Spam Traffic Trends - 4/1/2008 5:50:00 PM An average of 1,300 distributed denial-of-service attacks hit each day, according to data from Arbor Networks's ISP customers
FaceTime security product scans Skype's encrypted IM The only product allowed to look at encrypted instant messages between Skype users detects harmful URLs. Read more...
Microsoft joins MIT's Kerberos Consortium
It's about time - Microsoft has been using Kerberos since Windows 2000.
Linux ignored, not immune, says hacker contest sponsor
'Fight Club' Aims to Test Pornography Filters - 4/1/2008 11:30:00 AM Last year, it proved that antivirus products don't stop all viruses. Now Untangle prepares to show how much porn can escape 'safe' content filters
5 reasons to ditch the Mac and return to PCs
computerworld.com — Productivity gains, compatibility issues drive a CTO (and Mac fan) to switch to Windows at his company.........More… (Apple)
Council of Europe, ISPs Draft Anti-Cybercrime Guide
A set of guidelines to help European ISPs and law enforcement cooperate on cybercrime investigations is almost done. 01-Apr-2008
Olympics Committee Calls On China to Open Internet During Games
The Internet must be open during the Beijing Olympics. That was the message a top-ranking International Olympic Committee official delivered Tuesday to Beijing organizers during the first of three days of meetings - the last official sessions between IOC inspectors and the Chinese hosts before the games begin in just over four months. Beijing routinely blocks Chinese access to some foreign news Web sites and blogs, a practice it has stepped up since rioting broke out over two weeks ago in Tibet. Kevan Gosper, vice chairman of the IOC coordinating commission, said restricting access to the Internet during the games "would reflect very poorly" on the host nation.
IOC Tells Beijing: Don't Block Internet, Associated Press, April 1, 2008.
Posted by EPIC on April 01, 2008.Permanent link to this item.
Competitive intelligence gathering via LinkedIn's new Company Profile pages
Outsourcing Passports
The U.S. is outsourcing the manufacture of its RFID passports to some questionable companies.
This is a great illustration of the maxim "security trade-offs are often made for non-security reasons." I can imagine the manager in charge: "Yes, it's insecure. But think of the savings!"
The Government Printing Office's decision to export the work has proved lucrative, allowing the agency to book more than $100 million in recent profits by charging the State Department more money for blank passports than it actually costs to make them, according to interviews with federal officials and documents obtained by The Times.
Another story.
Posted on April 02, 2008 at 06:08 AM • 6 Comments •
View Blog Reactions
Macrovision InstallShield InstallScript One-Click Install ActiveX Control Code Execution
Flashing-image attack targets epilepticsNews Brief, 2008-03-31Vandals seed an epilepsy-community forum with an attack that redirects visitors to a site with a flashing image, triggering seizures in some victims.
Researchers dive into memory dumpsNews Brief, 2008-03-31Armed with a USB thumb drive or an iPod, an attacker can grab passwords from the physical memory of untended computers.
Comcast Shift a Nod to Political, Competitive Realities
Comcast's decision to cooperate with peer-to-peer (P2P) platform provider BitTorrent is a surprise that has the potential to shift the political debate and alter the technical landscape. Early reaction pointed to two possible reasons the cable operator did an about face. Some commentators said that the company is cutting its losses and seeking a graceful way out of a sticky situation. Others — and the groups are not mutually exclusive — feel that Comcast saw the issue as a competitive loser against Verizon, which already has said that it will work to allow P2P traffic to move more smoothly over its FiOS network. For whatever reason, this week, Comcast said that it will treat P2P the same as other protocols.
'Clear' Lanes Designed To Make Travelers Go Through Security Lanes FasterAt first, Oakland International Airport officials were skeptical of the new program that promised travelers a quick trip through security checkpoints. The checkpoints, they argued, didn't get that backed up. On Thursday morning's opening, those same officials were praising the Oakland arrival of Clear, the largest of three private companies that provide what amounts to a fast-track service for airport security. What are they saying about this program?
Study gives insight into iPhone usersIn recent online survey, a quarter of respondents say the Apple device is displacing a notebook computer.
Tue, Apr 01 21:03:00 PDT 2008 Read full story
Google does April Fools': 'Custom time' and a Mars trip
Microsoft's Office Open XML now an official ISO standard
Microsoft's Office Open XML format has achieved ISO approval after receiving support from 86 percent of the national bodies participating in the vote.
April 01, 2008 - 05:15PM CT - by Ryan Paul
Updated IE Mobile to bring “real Internet” to Windows Mobile
iPhone users are browsing the web in droves, while Windows Mobile users are... not so much. Microsoft hopes to change that with the introduction of a desktop-grade browser into Windows Mobile later this year, though.
April 01, 2008 - 02:50PM CT - by Jacqui Cheng
Craigslist Ransacking Was To Cover Up Burglary
from the well-that-didn't-work dept
Remember that story last week about someone posting a fake ad on Craigslist, leading to people ransacking a house and taking all sorts of stuff? It turns out that the folks behind the fake ad were simply trying to cover up their own burglary of the house. Apparently, they had stolen some stuff from the garage and figured the best way to hide the theft was to get a ton of other people to steal stuff as well, via the Craigslist ad. Of course, by posting the ad, they made it that much easier to track them down, as police retrieved the IP address and were able to figure out who was responsible. Once again, despite those who tried to "blame" Craigslist, it looks like Craigslist helped the police catch the crooks.
Police Arrest Unsavvy Couple in Fake Craigslist Ad Case
Hannaford tells regulators how breach happened
Dan Kaplan April 01, 2008
Hackers used sophisticated methods to evade detection and place malware on nearly 300 Hannaford Bros. store servers to intercept payment information during the credit card transaction process, the grocery chain told Massachusetts authorities.
New rogue software targeting Mac users
Jim Carr April 01, 2008
Security researchers at Sophos have identified a new trojan targeting the Mac OS X operating system.
PGP Adds Encryption To Windows Mobile Smartphones TechWeb - Tue Apr 1, 2:31 PM ET
PGP Mobile encrypts Windows Mobile-based data automatically, but still allows mobile data to be shared securely with other mobile and desktop users.
Subscribe to:
Posts (Atom)
