Monday, August 4, 2008

Monday News Feed 8/4/08

You gotta love it...
http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=9111581&taxonomyId=17&intsrc=kc_top

August 4, 2008 (IDG News Service) In an attempt to rid its Blogger service from spam blogs (splogs), Google mistakenly flagged a number of legitimate sites last week, prompting the company to scramble to unlock them.

A bug in Google's data processing code caused the problem, leading the detection system to lock Blogger blogs that had otherwise passed the inspection by the company's spam algorithms, Google said on Saturday in an official blog.






Gartner: 'Caveats apply' for enterprise iPhone use
August 4, 2008 (Computerworld) After three weeks of testing and reviewing Apple Inc.'s new iPhone 2.0 firmware and an iPhone 3G for use in large businesses, analyst firm Gartner Inc. said the device can be supported by IT shops — but only for a narrow set of uses such as voice, e-mail, Web browsing and the storage of personal information.

The reason for the restrictions? Security concerns.

The newest iPhone "does not deliver sufficient security for [running] custom applications" commonly used on handhelds in enterprise settings, Gartner analyst Ken Dulaney wrote in a nine-page research note. The report, "iPhone 2.0 Is Ready for the Enterprise, but Caveats Apply," concludes: "Enterprises should approach expanded use of the iPhone slowly and with close examination."
...






IE6 more vulnerable to unpatched Microsoft flaw, Symantec says







Firewall vendors scramble to fix problem with DNS patch






Beijing Braces for Olympic Cyber-War - 8/4/2008 9:10:00 AM Can the world's most futuristic data center protect the Olympics' storage?





Group offers tools to evade China's Web censorship
Reporters covering the Beijing Olympics who are frustrated by Chinese Internet censorship can use... ...1




Microsoft Access Snapshot Viewer ActiveX Control Vulnerability - Extremely critical - From remoteIssued 7 July, 2008. A vulnerability has been reported in Snapshot Viewer for Microsoft Access, which can be exploited by malicious people to compromise a user's system.






Freezing the Cold-Boot Attack - 8/1/2008 3:45:00 PM Researcher reveals new technologies he built to combat attacks that crack disk encryption on machines





Data Breach Fallout: Do CISOs Need Legal Protection?
Since the security executive is on the hot seat after a data breach, some industry experts suggest CISOs get themselves some form of liability protection. The downside is that such protection could shield those who deserve the blame for an incident.
Read more





Google Adwords Advertisers Targeted By Phishing Cyber Criminals From China By Grey McKenzie 07/25/2008






75 Percent Of Banking Websites Vulnerable To Cyber Thieves Study Shows By Grey McKenzie 07/24/2008





For all you number crunchers out there, CNNIC has released its 22nd Statistical Report on Chinese Internet Development. They have posted an English summary on their website, the full report is in Chinese:
With the Largest Amount of both Netizens and ccTLDs in the World, a Big Internet Power Is Taking Shape

By the end of June 2008, the amount of netizens in China had reached 253 million, surpassing that in the United States to be the first place in the world. This is according to a newly released Suvery Repot by China Internet Network Information Center (CNNIC).

This report, the 22nd Statistical Report on the Internet Development in China, also indicates the number of broadband users has reached 214 million, which also tops the world. The CNNIC also announced that, by the time of July 22, the number of CN domain names, which was 12.18 million, had exceeded .de, the country-code Top Level Domain for Germany, thus becoming the largest country code Top-Level Domain names in the world. These three major breakthroughs show a big Internet power is taking shape.
Continue Reading »






How Much Is Antivirus Slowing Down Your PC?PC Magazine - Mon Aug 4, 8:33 AM ET
PC Magazine will be testing the major security suites on how their background tasks affect real-world actions.






InformationWeek - An RSA survey found the e-mail-borne malware and phishing that affected 69% of respondents' companies, may not have led to serious consequences in every instance.






For Ham Radio Operators:
Police Call Publisher Gene Hughes Dead at 80
The southern California man who published the radio scanning bible Police Call has passed away. Under the pen name Gene Hughes, Gene Costin became a household word among geeks in the 1970s when he started cataloging the radio frequencies used by various police and fire departments and other agencies, giving hobbyists something to do with the first generation of programmable scanners then hitting the market. I had the privilege of interviewing him for a profile in 2005, when he made the decision to close down Police Call after 41 years.





Tracking a Shopper's Habits
By Michael FitzgeraldMonday, August 04, 2008
Infosys's sensor network turns stores into mini-Internets.






Countrywide loses personal data in insider scam
Sue Marquette Poremba August 04, 2008
A former Countrywide Home Loans employee was one of two California men charged in a scam to steal and sell personal data of customers.






Attackers ramp up zero-day ActiveX exploits
Dan Kaplan August 04, 2008
Roughly one month after Microsoft disclosed that attackers were exploiting a zero-day Active X vulnerability, the attacks are multiplying; but mostly in China.






Facebook and MySpace attacked by new worms
Joy Persaud August 04, 2008
New worms attacking social networking sites Facebook and MySpace have been uncovered.





McAfee picks up DLP maker Reconnex for $46 million
Dan Kaplan August 01, 2008
McAfee filled out its data-loss prevention (DLP) portfolio on Thursday with the $46 million acquisition of Reconnex.







Porn Star Name Suit Heading for Dismissal?
By MATTHEW HELLER
A Houston woman who alleges an actress in a porn film stole her name has admitted she has no "ownership interest" in the name Syvette Wimberly, perhaps dooming her hopes of winning an unusual privacy case. more






Should The Next President Use A Computer?





Top Botnets Pushing Rogue 'Antivirus' ProgramJuly 30, 2008Four of the top spamming botnets are sending malicious spam in order to install a rogue anti-virus program on victims' machines.





Intel's reveals multi-core 'Larrabee'






Did Apple forget to patch something?
Ryan Naraine: Less than 24 hours after Apple released a patch for the DNS cache poisoning vulnerability, there are reports that the DNS client on the OSX 10.4.11 distribution still has not been patched.






Deploying Service Pack 3 directly on top of a fresh installation of Windows XP Service Pack 2 will kill all subsequent updates from Microsoft's servers. The Redmond giant warned that integrating SP3 into the operating system straight after performing a new installation of XP SP2 via Windows Update will result in the failed implementation of any additional releases from Windows Update, Microsoft Update or through Automatic Updates. In this context, installing the third and last service pack for Windows XP onto a freshly-deployed copy of XP SP2 will virtually cut off the operating system from the life-line represented by the company's updates, served either through WU, MU or AU.

"This problem occurs when the latest Windows Update client has been installed and then you install Windows XP SP3 before restarting the computer. This causes the new Wups2.dll file not to be enabled (registered). When Windows XP SP3 is installed, it does not detect the Wups2.dll file, and it sets the registry to point to the original Wups.dll file version that is included in Windows XP SP2 and Windows XP SP3. Because the registry files that correspond to the Wups2.dll file are missing, update installations are unsuccessful," Microsoft indicated.





ValueClick agrees to $1m settlement fund over adware
Online advertising network ValueClick has agreed to a preliminary settlement in a class-action lawsuit over its business practices when it comes to dealing with adware. The company and its subsidiaries plan to pay $1 million into a settlement fund and its has agreed to an independent audit of its practices.
August 04, 2008 - 12:10PM CT - by Jacqui Cheng





Active Administrator - Voted WindowSecurity.com Readers’ Choice Award Winner - Group Policy Management
by The Editor
Site News
Active Administrator was selected the winner in the Group Policy Management category of the WindowSecurity.com Readers’ Choice Awards. Active GPOAdmin and Special Operations Suite were first runner-up and second runner-up.





Worm builds botnets with MySpace, FacebookNews Brief, 2008-08-04
Two variants of a worm advertise a fake Flash update in an attempt to infect victims' computers with bot software.






Washington State Supreme Court Rules in Support of Privacy
Fifteen teachers accused of sexually abusing students, but cleared of suspicion, sued their school districts to block release of their names to news organizations. The court stated that the names of teachers must be disclosed only in cases where sexual misconduct has been found.
Washington Supreme Court says privacy trumps identifying teacher in cases of unsubstantiated sexual misconduct,
Seattle Times, August 1, 2008
Posted by EPIC on August 4, 2008.Permanent link to this item.





New Browsers Fight the Malware Scourge The just-released Firefox 3 and Opera 9.5, and the upcoming IE 8, respond to the growing threat with enhanced blocking features.
Posted by at No comments:

Friday, August 1, 2008

Friday News Feed 8/1/08

DHS stays mum on new 'Cyber Security' center
http://news.cnet.com/8301-13578_3-10004266-38.html?tag=nl.e703
The Bush administration's newly created National Cyber Security Center remains shrouded in secrecy, with officials refusing to release information about its budget, what contractors will run it, and how its mission relates to Internet surveillance.

In correspondence with the U.S. Senate posted on Thursday, the Bush administration said it would not provide that information publicly. An 18-page, partially redacted letter from DHS said that disclosure could affect "the conduct of federal programs, or other programs or operations essential to the interests of our nation."





This IT shop isn't worried about bandwidth demands from the Olympics
The 2008 Olympic Games in Beijing are just a week away. Is your IT department ready to handle the impact on your business from employees downloading online video of the opening ceremonies or the latest gymnastic feat?





IOC admits it accepted China Internet censorship






Hackers start DNS attacks, researcher says






FBI warns of new Storm worm attacks






Study: Companies need to address telework security





Some Web sites blocked at China Olympic press center






The Real Dirt on Whitelisting - 7/30/2008 5:50:00 PM The choice for blacklisting versus whitelisting isn’t really black and white






Hacking Without Exploits - 7/29/2008 4:30:00 PM Black Hat researchers will demonstrate how the bad guys are quietly raking in big bucks without ninja hacking skills, tools, or exploit code






New Video Surveillance Technology 'Recognizes' Abnormal Activity - 7/28/2008 10:05:00 AM BRS software can establish 'normal' on-camera activity – and alert security staff when something unusual occurs






Anthrax Scientist Kills Himself
washingtonpost.com — A top U.S. biodefense researcher apparently committed suicide just as the Justice Department was about to file criminal charges against him in the anthrax mailings that traumatized the nation in the weeks following the Sept. 11, 2001, terrorist attacks, according to a published report. More… (World News)







Identity Theft Monitoring Services Called 'Waste' The Privacy Rights Clearinghouse reports that many services are available for free, and that paying for extras doesn't buy much.





Extradition Appeal for British Hacker Dismissed UPDATE: A British hacker who broke into U.S. military computers looks set to be extradited to the U.S. after a British court ruling.





DNS Attack Writer a Victim of His Own Creation One week after releasing attack code, HD Moore has fallen victim to a cache poisoning attack.





Check Your Personal Data Before Your Employer Does Conducting your own preemptive background check can stave off nasty surprises.





AOL Sued for the Names of Bloggers Critical of Memphis Police Leadership
The city of Memphis, Tennessee sued AOL for the names of people contributing to the web blog MPD Enforcer 2.0. The blog is critical of law enforcement leadership and is very popular with Memphis police. The blog is credited with raising public discussion about the use of law enforcement resources.
Police director sues to find identity of blogger critical of MPD






Terrorists Using Open Wireless Networks
Remember when I said that I keep my home wireless network open? Here's a reason not to listen to me:

When Indian police investigating bomb blasts which killed 42 people traced an email claiming responsibility to a Mumbai apartment, they ordered an immediate raid.
But at the address, rather than seizing militants from the Islamist group which said it carried out the attack, they found a group of puzzled American expats.

In a cautionary tale for those still lax with their wireless internet security, police believe the email about the explosions on Saturday in the west Indian city of Ahmedabad was sent after someone hijacked the network belonging to one of the Americans, 48-year-old Kenneth Haywood.

Of course, the terrorists could have sent the e-mail from anywhere. But life is easier if the police don't raid your apartment.

EDITED TO ADD (8/1): My wireless network is still open. But, honestly, the terrorists are more likely to use the open network at the coffee shop up the street and around the corner.






Why You Should Never Talk to the Police
This is an engaging and fascinating video presentation by Professor James Duane of the Regent University School of Law, explaining why -- in a criminal matter -- you should never, ever, ever talk to the police or any other government agent. It doesn't matter if you're guilty or innocent, if you have an alibi or not -- it isn't possible for anything you say to help you, and it's very possible that innocuous things you say will hurt you.

Definitely worth half an hour of your time.

And this is a video of Virginia Beach Police Department Officer George Bruch, who basically says that Duane is right.
Posted on July 31, 2008 at 12:52 PM






3,000 Blank British Passports Stolen
Looks like an inside job.
Posted on July 31, 2008 at 6:08 AM






World War II Deception Story
Great security story from an obituary of former OSS agent Roger Hall:
One of his favorite OSS stories involved a colleague sent to occupied France to destroy a seemingly impenetrable German tank at a key crossroads. The French resistance found that grenades were no use.

The OSS man, fluent in German and dressed like a French peasant, walked up to the tank and yelled, "Mail!"

The lid opened, and in went two grenades.

Hall's book about his OSS days, You're Stepping on My Cloak and Dagger, is a must read.
Posted on July 29, 2008 at 1:50 PM





Poisoned DNS servers pop up as ISPs patch Robert Lemos, 2008-07-30 An online attacker poisons at least one domain-name server at a major Internet service provider to send Google lookups to a pay-per-click ad network.





Federal agencies slow to deploy cryptoNews Brief, 2008-07-29Despite high-profile data breaches, less than a third of U.S. government systems have encrypted sensitive data, states a report to Congress.





Yahoo relents, gives coupons, refunds to music DRM captives
Yahoo announced last week that it would be shutting down its DRM authentication servers in September, leaving Yahoo Music customers out in the cold. Now, the company says it will offer coupons to customers who want to repurchase their music from Rhapsody's DRM-free store, or refunds to those who just want their darn money back.
July 31, 2008 - 09:55AM CT - by Jacqui Cheng







Top Botnets Pushing Rogue 'Antivirus' ProgramJuly 30, 2008
Four of the top spamming botnets are sending malicious spam in order to install a rogue anti-virus program on victims' machines.






UPS, E-Tickets and MoreJuly 28, 2008
The Pushdo botnet has added three more spam themes to distribute malware along with its UPS theme.





The peaceful worm…. not :(







Backdoor scams emerge on phishing kits
Sue Marquette Poremba July 31, 2008
Nearly half of the live phishing kits identified online have backdoors designed to steal from the information thieves using them.






Senate OKs revamped identity theft legislation
Dan Kaplan July 31, 2008
The U.S. Senate on Wednesday passed the latest version of the Identity Theft Enforcement and Restitution Act.






Expert urges China visitors to encrypt dataReuters - Thu Jul 31, 11:30 PM ET
WASHINGTON (Reuters) - China's blocking of Web sites has embarrassed the International Olympic Committee, but a computer security expert said on Thursday that visitors to Beijing also needed to protect their data from prying eyes.






McAfee Expands Into Data Loss Prevention
McAfee agreed to spend $46 million in cash to acquire privately owned Reconnex, maker of data loss prevention solutions.
Posted by at No comments:

Monday, July 28, 2008

Monday News Feed 7/28/08

It's good to be back from vacation, and onto the news...





AOL Sued for the Names of Bloggers Critical of Memphis Police Leadership
The city of Memphis, Tennessee sued AOL for the names of people contributing to the web blog MPD Enforcer 2.0. The blog is critical of law enforcement leadership and is very popular with Memphis police. The blog is credited with raising public discussion about the use of law enforcement resources.
Police director sues to find identity of blogger critical of MPD, Commercial Appeal, July 22, 2008
Posted by EPIC on July 22, 2008.Permanent link to this item. --> -->






GMail Flaw Exposes Personal Information
Gmail privacy flaw reveals user name provided when the e-mail account was established. When Gmail users share Google Calendar items with each other the first and last name registered by the sender can be viewed by the recipient. This flaw can effect the privacy of Gmail users who use e-mail pseudonyms instead of their actual name.
Gmail Privacy Hole Shows User Names, Information Week, July 16, 2008
Posted by EPIC on July 17, 2008.Permanent link to this item.






Several articles about the recent DNS Cache Poisining attacks:
http://isc.sans.org/diary.html?date=2008-07-25
New DNS exploit now in the wild and having a blast





Write-Once Read-Many Memory Cards
SanDisk has introduced Write-Once Read-Many Memory (WORM) cards for forensic applications.






Anti-Terrorism Stupidity at Yankee Stadium
They're confiscating sunscreen at Yankee Stadium:






RealNetworks RealPlayer Multiple Vulnerabilities - Highly critical - From remote
Issued 3 days ago. Updated 7 hours ago.
Some vulnerabilities have been reported in RealPlayer, which potentially can be exploited by malicious people to disclose certain information or compromise a user's system.






Man Gets 4 Years for ID Theft, Software Piracy
A 23-year-old Oregon man was sentenced this week to four years in federal prison for using computer viruses to steal financial data from dozens of consumers. Investigators say the man used the information to set up multiple eBay and PayPal accounts, which helped him sell more than $1 million worth of pirated software.

Jeremiah Joseph Mondello, of Eugene, Ore., admitted distributing keystroke logging programs via online instant message networks. Investigators say he then used bank account credentials stolen from victims to set up more than 40 online auction accounts in the victims' names.

The judgment is almost unheard of for a non-violent crime committed by an individual with no criminal history: Mondello will serve 48 months in jail, followed by three years of supervised release and 450 hours of community service. Federal investigators also seized computers and $220,000 in cash from Mondello.

The government also is entitled to seize his three-bedroom, 1,130 square foot house and surrounding land -- currently valued at $225,000.
http://blog.washingtonpost.com/securityfix/2008/07/man_gets_4_years_for_id_theft_1.html#more





Report: Small biz weak in cybersecurityNews Brief, 2008-07-25
Most small- and medium-sized companies believe that they operate under cybercriminals' radar, but a study finds that one-in-five firms have been attacked.





E-Gold pleads guilty to money laundering Robert Lemos, 2008-07-23
In a plea agreement with the U.S. government, the company's founders agree to charges of operating an unlicensed money transfer business, but the business aims to continue.





Metasploit releases double-whammy for DNSNews Brief, 2008-07-24
HD Moore and another researcher release two exploits for the high-profile domain-name system flaw under the Metasploit framework.





UPS Spammers Switch to the US Customs






UPS, E-Tickets and MoreJuly 28, 2008The Pushdo botnet has added three more spam themes to distribute malware along with its UPS theme.






Rustock malicious spam updateJuly 24, 2008Malicious spam from the Rustock botnet continues in large numbers.






SF Reveals Usernames And Password To City Network In Accidental Effort To Prove Terry Childs' Case For Him






What Is Undetectable Malware?
OMG, undetectable Trojans are coming to get us! At least that’s what a story in The Register says, referring to Limbo 2.
...







Get Ready For Google Gadget MalwareTechWeb - Fri Jul 25, 3:00 PM ET
InformationWeek - At Black Hat, RSnake is expected to demonstrate a zero-day vulnerability that allows for information theft, spoofing, and authentication issues.






Chinese hackers steal 9 million items of personal information from South Koreans





Google Adwords Advertisers Targeted By Phishing Cyber Criminals From China By Grey McKenzie 07/25/2008





There's still HOPE for hackers by Noah Schiffman
The seventh and last HOPE (Hackers on Planet Earth) conference took place last weekend, bringing the 14 year old biennial...





City Missed Steps to Avoid Network Lockout IT executives and analysts list some steps that San Francisco officials could have taken to prevent a disgruntled employee from locking IT administrators out of the citys fiber backbone network. Read more...




San Francisco DA discloses city's network passwords





Credit card firms investigate fraud at Canadian airport kiosks
Posted by at No comments:

Monday, July 14, 2008

Monday News Feed

DNS researcher convinces skeptics that bug is serious
"I broke a huge rule: I didn't bring in anyone else from the research community," said Kaminsky in explaining why he felt he needed to deviate from his plan to withhold technical details until early next month, when he presents at the Black Hat security conference. "I forgot that, no, you don't get to make a whole bunch of noise without some technical details to back it up," Kaminsky said. "[As] security researchers, we need the ability to call 'bullshit' on people."

Essentially, that's what Ptacek, Dai Zovi and others did. After the conference call, however, both Ptacek and Dai Zovi said they were convinced the DNS flaw was as significant as Kaminsky had promised.

"Dan's got the goods," said Ptacek in an entry on the Matasano blog Wednesday.






Former VP at HP faces 10 years for IBM trade-secret theft





Microsoft confirms WSUS patch problem
July 11, 2008 (Computerworld) Microsoft Corp. yesterday acknowledged that it may have to re-release a recent fix for a flaw that stymied some users' ability to grab security patches through Windows Server Update Services (WSUS).




Tennessee's sinking data center gets help
July 11, 2008 (Computerworld) A data center in Tennessee that may be located in the worse spot in America for a data center -- on an unstable landfill, next to a railroad and a river and downstream from a large dam that the U.S. Army Corps of Engineers says has a risk of failing -- is getting relocated, at least partially...





Chip maker sues to quash research on RFID smart card security flaws
NXP Semiconductors filed suit in Court Arnhem in The Netherlands against Radboud University Nijmegen. The company is pushing the courts to keep university researchers from publishing a paper about reported security flaws in the MiFare Classic, an RFID chip manufactured by NXP Semiconductors.

The paper is slated to be presented at the Esorics security conference in Malaga, Spain, this October, according to Karsten Nohl, a graduate student who was part of a research group that originally broke the encryption last year. Nohl told Computerworld on Thursday that he gave his research to the Dutch university so it could build on what he had done, and he has been closely following its progress.





Criminal prosecutions eyed for passport snoopers





Developer fixes 33-year-old Unix bug





Texas Bank Dumps Antivirus for Whitelisting - 7/11/2008 1:10:00 PM Tired of AV and malware, First National Bank of Bosque County adopts application whitelisting instead





Chinese Cyber Attacks
The popular media conception is that there is a coordinated attempt by the Chinese government to hack into U.S. computers -- military, government corporate -- and steal secrets. The truth is a lot more complicated.
http://www.schneier.com/blog/






Posted at 03:20 PM ET, 07/11/2008
A Baker's Dozen of Security Updates for iPhone 2.0
As expected, the 2.0 version of iPhone released today includes a number of security updates, patching more than a dozen holes in the slimmed-down OS X operating system that powers the devices.
That means for those who already own Apple's mobile device, it's time to update.
http://blog.washingtonpost.com/securityfix/2008/07/a_bakers_dozen_security_update.html






NY attorney general gets more ISPs to block alt.* newsgroups
New York's Attorney General has turned his initial efforts against online sharing of child porn into a campaign, complete with its own website and a form letter to send to ISPs. The site's announcement coincides with AOL and AT&T reaching an agreement to block newsgroups where such porn appears.
July 11, 2008 - 02:28PM CT - by John Timmer






Kaspersky to Simulate Successful Hacking Attack on Intel CPUKris Kaspersky, co-founder of the security software company Kaspersky Lab, will demon... [read >>]







Berlin subway ticket machines go down
Michael Krigsman: Ticket dispensers in the Berlin subway system stopped working on July 1 after a faulty update from central HQ.






Turns Out Viacom Is Really Interested In What Google Employees Are Uploading/Viewing On YouTube







Lawyer's Lack of Brevity Not an Aberration
By MATTHEW HELLER
A Vancouver, Wash., attorney who was ordered last month to rewrite a 465-page complaint has a history of incurring judicial displeasure by filing lengthy pleadings. more







New trojan in the wild targeting multimedia files
Negar Salek July 14, 2008
A new trojan in the wild is infecting multimedia files on a victim's hard disk.






http://blogs.technet.com/swi/:
You should always set up your SQL server with best security practices as outlined in http://technet.microsoft.com/en-us/library/ms144228.aspx and http://www.microsoft.com/technet/prodtechnol/sql/2005/sql2005secbestpract.mspx






More-Searchable Flash
By Kate Greene 07/03/2008 0 Comments
Information from millions of Web pages that use the animation software is now available to search engines.





NY: 50 Percent of Sequoia Voting Machines Flawed






Trojans Over 60% Of New Malware Infections Says Panda Labs By Grey McKenzie 07/11/2008
Posted by at No comments:

Wednesday, July 9, 2008

Wednesday News Feed 7/9/08

Major DNS flaw could disrupt the Internet , 07/08/2008 The discovery of a flaw in Domain Name System protocol that would allow an attacker to remotely disrupt or even take control of the Internet has been discovered by a researcher, leading to a CERT advisory and a multi-vendor DNS patch released today that should be applied on vulnerable ISP and corporate DNS servers.

From ISC.SANS.ORG:
Multiple Vendors DNS Spoofing Vulnerability
The overall issue has been known for a long time, and is a fundamental problem with the way DNS currently works. However, full details about what makes this so special will be revealed at Blackhat.






Adware company refines opt-out, notification technology
It's hoping to reassure critics who claim NebuAd's targeted advertising spies on users

Senate Scrutinizes Privacy Issues of ISP User Tracking






Microsoft confirms active Word attacks
Microsoft Word Unspecified Code Execution Vulnerability - Extremely critical - From remoteIssued 8 hours ago. A vulnerability has been reported in Microsoft Word, which can be exploited by malicious people to compromise a user's system.





Microsoft plugs nine holes in Windows, DNS, SQL






Not patched yet:
Microsoft Access Snapshot Viewer ActiveX Control Vulnerability - Extremely critical - From remoteIssued 2 days ago. A vulnerability has been reported in Snapshot Viewer for Microsoft Access, which can be exploited by malicious people to compromise a user's system.






Don't give Google a free pass on data collection, privacy advocates say after YouTube ruling





French ruling on counterfeit goods could have far-reaching effects for eBay





iDefense Revamps Bucks for Bugs Contest - 7/8/2008 5:55:00 PM Changes aimed at making vulnerability research 'sexy' again, iDefense says





Washington Post: Justice Breyer among victims in data breach







MSRC Blog: Microsoft Security Advisory 953635
Posted Tuesday, July 08, 2008 6:55 PM by MSRCTEAM
Hello, Bill here,
I wanted to let you know that we have just posted Microsoft Security Advisory (953635).
This advisory contains information regarding a new public report of a possible vulnerability within Microsoft Office Word which could allow for remote code execution. Our investigation thus far has shown that this vulnerability affects Microsoft Office Word 2002 Service Pack 3 only.





How to Not Get Hacked Like Sony The U.S. Sony Playstation Web site is the latest high-profile victim of a hacker attack on business sites that's spreading...

The U.S. Sony Playstation Web site is the latest high-profile victim of a hacker attack on business sites that's spreading malware at breakneck pace, says a security vendor.

Sophos PLC reported that Sony had suffered an SQL injection attack last week. Malicious code was planted on pages of two popular Playstation games -- SingStar Pop and God of War.





Breaking the law: one-third of US residents rip DVDs
A third of consumers have made copies of DVDs in the last six months, according to new survey results from the US and UK. This number is up from a year ago, but a majority of these users say they only copy their own DVDs for personal use.
July 08, 2008 - 07:20PM CT - by Jacqui Cheng






Spiraling bandwidth demands spur undersea cable deployment
Food and fuel costs may be skyrocketing, but there's no sign yet that either expense is limiting worldwide demand for bandwidth, which is on track to grow by 50 percent or so between 2007 and 2008. International telecoms continue to lay cable across the globe, but if things continue as they are, demand may outstrip supply.
July 08, 2008 - 05:10PM CT - by Joel Hruska






Malicious Spam Using Dramatic Subjects to Lure Users
July 7, 2008

Storm Worm says the U.S have invaded Iran
Dancho Danchev: Right after the U.S Independence Day fireworks, Storm Worm latest campaign says the U.S have invaded Iran--attempting to once again exploit client-side vulnerabilities.






Microsoft to deliver SQL Server 2008 in August









Record $46M Awarded for Manager's Firing
By MATTHEW HELLER
Evidence including a "smoking e-mail" has helped persuade a Cleveland jury to award a record $46.6 million to a former trash company manager who was fired after he refused to dismiss three employees, all of whom were about 60 years of age. more








Survey says: Government employees enjoy wireless internet
Sue Marquette Poremba July 08, 2008
Nearly half of all federal government employees use wireless internet that allows them to work outside the office, according to a new survey.






Bejtlich on last month’s Cyber Panel
Published by jumper under Hacker Organization, Nationalism
Richard Bejtlich blogged about the AF Cyber Panel last month and provides a plug for the TDV book which he reviewed a while ago. The Cyber Panel had some informal discussion about the cyber-militia:

In the US, our DoD relies upon professional, uniformed military members, government civilians, and an immense contracting force to defend the nation and project its military power. In China, their PLA mixes uniformed military with ordinary civilians, some of whom act at the behest of the military and government, with others acting on their own for “patriotic means.”

The discussion turns into a comparison of the US/PRC capabilities and specifically how the US can recruit and retain qualified cyber warriors. The problem seems to be that the PRC can call up an army of qualified patriotic hackers while the US is having problems recruiting and retaining talent.






http://www.nationalcybersecurity.com/blogs/796/Virus-Scanners-Clear-Attackers-a-Path-To-Your-Computer-With-Approximately-800-Vulnerabilities-Detected.html
"During the past few months, specialists from the n.runs AG, along with other security experts, have discovered approximately 800 vulnerabilities in anti-virus products. The conclusion: contrary to their actual function, the products open the door to attackers, enable them to penetrate company networks and infect them with destructive code. The positioning of anti-virus software in central areas of the company now poses an accordingly high security risk."






Verizon data breach report
Learning from the Verizon Business RISK Team's valuable analysis of four years of data on security breaches among their clients.






Top Ten Worst Uses for Windows by Richard Stiennon
Posted by at No comments:

Monday, July 7, 2008

Monday News Feed 7/7/08

Trojan Poses as July 4th Video Hackers launched weekend attacks with the Storm botnet disguised as holiday videos but infecting systems instead.






http://blogs.washingtonpost.com/securityfix/
Posted at 12:10 PM ET, 07/ 3/2008
Lithuania Weathers Cyber Attack, Braces for Round 2
Hundreds of Lithuanian government and corporate Web sites were hacked and plastered with Soviet-era symbols and other digital graffiti this week in what appears to be a coordinated cyber attack launched by Russian hacker groups.

A New York Times story reports that Lithuanian officials did not directly accuse Russian hackers of initiating the attacks, but said they had come from foreign computers. However, iDefense, a security intelligence firm, based in Reston, Va., attributed the attacks to nationalistic Russian hacker groups protesting a new Lithuanian law banning the display of Soviet emblems, including honors won during World War II.

According to Lithuanian media reports, the attacks shut down the Web sites of the national ethics body, the securities and exchange commission, the Lithuanian Social Democratic Party, among others.
...






Diary of a Deliberately Spammed Housewife What happened when 'Penelope Retch' answered her spam e-mail.






The Internet Traffic Report monitors the flow of data around the world. It then displays a value between zero and 100. Higher values indicate faster and more reliable connections.
This graph shows the Global Traffic Index for the past 24 hours.
This graph shows the Global Response Time for the past 24 hours.
This graph shows the Global Packet Loss for the past 24 hours.







Malware is Getting Smarter, F-Secure Warns Security vendor F-Secure cautions against new, efficient malware and other pests.







Malware, Spam, and other Net Pests Rev Up Trojans, botnets and other malware are growing faster than ever before, security researchers warn.






Security Firm Reports Trojan Targets Macs A rare Trojan horse program spotted in the wild threatens some Mac OS X systems.







Google Adds a Link to Its Privacy Policy
On the 30th Day following a letter by privacy advocates to Google about the missing link to its privacy policy the company changed the homepage to include the information. A California law requires that operators of commercial web sites must post a link to a privacy policy.
Ending tussle, Google adds privacy link to home page, Los Angeles Times, July 4, 2008
Posted by EPIC on July 7, 2008.Permanent link to this item.







Judge Orders YouTube to Hand Over A List of All Users to Viacom
Judge Louis Stanton of the US District Court of New York ruled in Viacom's favor and against online privacy. Viacom will obtain the logon names and Internet addresses of every person who viewed material on YouTube. The video service is owned by Google who argued against releasing the information to Viacom. Privacy advocates have challenged Google's collection and retention of user information as anti-privacy. The number of YouTube users, who will have their logon and Internet addresses shared, is expected to be in the tens of millions.
Ruling against YouTube worries privacy advocates, Los Angeles Times, July 4, 2008
Posted by EPIC on July 7, 2008.Permanent link to this item.






Encrypting Disks
The UK is learning:
The Scottish Ambulance Service confirmed today that a package containing contact information from its Paisley Emergency Medical Dispatch Centre (EMDC) has been lost by the courier, TNT, while in transit to one of its IT suppliers.

The portable data disk contained a copy of records of 894,629 calls to the ambulance service's Paisley EMDC since February 2006. It was fully encrypted and password protected and includes the addresses of incidents, some phone numbers and some patient names. Given the security measures and the complex structure of the database it would be extremely difficult to gain access to any meaningful information.
News story here.

That's what you want to do. There is no problem if encrypted disks are lost. You can mail them directly to your worst enemy and there's no problem. Well, assuming you've implemented the encryption properly and chosen a good key.

This is much better than what the HM Revenue & Customs office did in November.
I wrote about disk and laptop encryption previously.






Also:
Breach Exposes Info on Pre-'06 Google Hires
A data breach at a California company that administers benefit plans to businesses across the country involved personal information on all Google employees hired prior to Dec. 31, 2005, the search engine giant said.
Google's disclosure came in a letter (PDF) to the New Hampshire Attorney General, which revealed that Google was a victim of a break-in at Colt Express Outsourcing Services Inc.. Last month, Colt warned that the theft of computer equipment from its offices resulted in the loss of the names, birth dates and Social Security numbers of 6,500 CNET Networks employees. Google said that same information from its employees also was included on the missing equipment.






State admits flaws in passport controlNews Brief, 2008-07-07The U.S. State Department acknowledges that weak, or non-existent, controls limiting access to passport files allowed federal workers to peek at celebrity records.






Web surfers, it's time to patch Robert Lemos, 2008-07-02 Nearly 640 million Internet users visit sites with a behind-the-times Web browser, and that's only the tip of the iceberg, researchers say.







It's not just governments that lose private data. Germany's Chaos Computer Club (CCC) reports that market research firm TNS Infratest/Emnid has lost 41,000 private data records of their survey participants. By simply changing the customer ID number in the browser's address bar access could be gained to comprehensive survey results, including names, addresses, dates of birth, email addresses, phone numbers and much more sensitive data. A CCC spokesman described this as 'unprofessional, grossly negligent and above all deeply worrying' and sees this loss as a vindication for its calls for strict regulations for public and private sector data collectors.





FROM MICROSOFT BLOG:
Hello, Bill here.
I wanted to let you know that we just posted our Advance Notification for next week’s bulletin release which will occur on Tuesday, July 8, 2008 around 10 a.m. Pacific Standard Time.
It is important to remember that while the information posted below is intended to help with your planning, because it is preliminary information, it is subject to change.
As part of our regularly scheduled bulletin release, we’re currently planning to release:

· Four Microsoft Security Bulletins rated as Important. These updates may require a restart and will be detectable using the Microsoft Baseline Security Analyzer.





Laptop Losses Total 12,000 Per Week at US Airports - 7/2/2008 6:00:00 PM Nearly 70% are never recovered; many go unreported






July 07, 2008 Legal expert calls on Qatar to implement cybercrime legislation
http://www.crime-research.org/news/07.07.2008/3436/







July 04, 2008 EU cybercrime initiative is going to be expensive for ISPs
http://www.crime-research.org/news/04.07.2008/3435/
Posted by at No comments:

Wednesday, July 2, 2008

Wednesday News Feed 7/2/08

Survey: More than 10,000 laptops lost each week at airports




PCI Standards Expanded to Include Unattended Devices - 7/1/2008 5:40:00 PM New specs respond to emerging threats posed at kiosks, ATM devices





Cracking Physical Identity Theft - 6/30/2008 5:50:00 PM Social engineering expert reveals brick-and-mortar identity theft risks in banks, ISPs, and other firms






Apple patches 25 Mac OS X security vulnerabilities





MySpace users struggle to overcome cybervandalism





Teenage creator of Nugache worm reaches plea agreement





Hackers hijack critical Internet organization sites






Jury convicts Web site operator in P2P case
A former administrator at EliteTorrents.org has been convicted of conspiracy and felony copyright infringement in a Virginia court. It's the first time in the U.S. that a peer-to-peer user has been convicted by a jury of copyright infringement, the Department of Justice said today.





IT Jobs: Too Many or Too Few?
Do we have a shortage of IT jobs in the US or not enough skilled professionals to fill them? Recent articles are sending conflicting messages, and we'd better get our facts straight.
Read more





July 01, 2008 Three strokes of a bamboo cane for Singapore forum 'scammer'
http://www.crime-research.org/news/01.07.2008/3433/





June 30, 2008 Azerbaijan: joining European Convention on Cybercrime
http://www.crime-research.org/news/30.06.2008/3431/





Reagan National Airport's Plans to Peer Under Travelers' Clothes
The airport plans to deploy body imaging devices that use millimeter wave length technology in an effort to virtually disrobe air travelers. The technology allows very detailed scans of persons entering the device and may disclose personal medical devices, surgeries, and medical conditions that are not otherwise apparent. Earlier versions of the technology were known as Backscatter X-ray systems.
Get Ready to Strip At Reagan National, Washington Post, June 22, 2008






More SQL Injection with Fast Flux hosting






Kill Switches and Remote Control
http://www.schneier.com/blog/
It used to be that just the entertainment industries wanted to control your computers -- and televisions and iPods and everything else -- to ensure that you didn't violate any copyright rules. But now everyone else wants to get their hooks into your gear.

OnStar will soon include the ability for the police to shut off your engine remotely. Buses are getting the same capability, in case terrorists want to re-enact the movie Speed. The Pentagon wants a kill switch installed on airplanes, and is worried about potential enemies installing kill switches on their own equipment.

Microsoft is doing some of the most creative thinking along these lines, with something it's calling "Digital Manners Policies." According to its patent application, DMP-enabled devices would accept broadcast "orders" limiting capabilities. Cellphones could be remotely set to vibrate mode in restaurants and concert halls, and be turned off on airplanes and in hospitals. Cameras could be prohibited from taking pictures in locker rooms and museums, and recording equipment could be disabled in theaters. Professors finally could prevent students from texting one another during class.
...






Posted at 01:04 PM ET, 07/ 1/2008
Amazon: Hey Spammers, Get Off My Cloud!
http://blogs.washingtonpost.com/securityfix/
...But the most interesting aspect of this attack (at least to me) was left out of the Websense advisory: All of the spam came from Amazon's Elastic Compute Cloud (EC2) servers, which are marketed to companies -- mainly small to mid-sized businesses -- that want to purchase access to any number of computer applications hosted on the Internet, from data crunching and storage to on-demand computer processing power...
Continue reading this post »»






Feds: Companies need to report cybercrimesNews Brief, 2008-06-30Corporations need to reliably report cybercrime incidents to federal law enforcement to help the government more effectively combat online attackers, officials say.





"Variety reports on a recent study that says TV viewership's median age is outside the 18-49 years demographic: "The broadcast networks have grown older than ever — if they were a person, they wouldn't even be a part of TV's target demo anymore."

These totals exclude DVR users, and apparently the oldest since they started tracking it. Of course you know what the means... TV is for old people! The internet has confirmed it.
Read More...






"In some shocking news out of Texas, PC repair will now require a PI License. Surely this stands to have a substantial impact on small repair shops around the state if upheld. Never fear, however, as the first counter-suit has already been filed."
Read More...






"For Tracy Mooney, a married mother of three in Naperville, Ill., the decision to abandon cyber-sense and invite e-mail spam into her life for a month by participating in a McAfee experiment was a bit of a lark. The idea of the Spammed Persistently All Month (S.P.A.M.) experiment — which fittingly started on April Fool's Day — was to have 50 volunteers from around the world answer every spam message and pop-up ad they got. Mooney was game, especially since McAfee was giving a free PC to all participants. She told her story to Network World."
Read More...







MS to make volume licenses 'evergreen'





European Politicians Discuss 'The Blogger Problem'





Face Scanning Vending Machine Fooled By Photos
from the like-we-couldn't-see-that-coming dept
Last year, we wrote about how cigarette vending machines in Japan were using facial recognition software to make sure the buyer was of an appropriate age. As we noted at the time, it seemed unlikely that such a system would work very well, and, indeed, The Raw Feed lets us know that it's easily fooled by a magazine photo of an older person. Not too surprising, of course, but you would think that someone would have tested for such things before putting the machines into practice. Unless, of course, they really don't care about the age of the buyers.






Class Of Attorneys Sues DOJ Over Job Denials Based on Ideology






The End of Exponential Malware Growth?






Robot Learns to Use Tools
By Kristina GrifantiniTuesday, July 01, 2008
By shoving objects around on a table, UMan figures out how they work.






China Inspired Interrogations at Guantánamo






PRC Cyber Space Capabilities
"...I would also point out on this slide that it’s really important to get the lexicon right. In the open source media and other forums, you hear the term “cyber attack” used rather liberally, and you won’t hear anyone in the Department of Defense use that term in the context of cyber reconnaissance or network intrusions. What we are seeing today are network intrusions."
Posted by at No comments:
Subscribe to: Posts (Atom)