Internet companies to block child porn sites
Providers also will pay to help remove child porn from the Web
http://www.msnbc.msn.com/id/25077224/
ALBANY, N.Y. - Internet providers Verizon, Sprint and Time Warner Cable have agreed to block access to child pornography and eliminate the material from their servers, New York's attorney general said Tuesday.
The companies also will pay $1.1 million to help fund efforts to remove the online child porn created and disseminated by users through their services, Attorney General Andrew Cuomo said. The changes will affect customers nationwide.
France to blacklist Web sites
Country plans to ban porn, like in the U.S., but also terrorism, racism
http://www.msnbc.msn.com/id/25080044/
PARIS - The French state and Internet service providers have struck a deal to block sites carrying child pornography or content linked to terrorism or racial hatred, Interior Minister Michel Alliot-Marie announced Tuesday.
The plan, part of a larger effort to fight cybercriminality, is to go into effect in September when a "black list" will be built up based on input from Internet users who signal sites dealing with the offensive material, the minister said.
Teens sending nude photos via cell phones
Pictures meant for boyfriend or girlfriend are ending up on the Internet
http://www.msnbc.msn.com/id/24970829/
"It used to be that kids would make mistakes, and it was local and singular and everyone knew it was part of growing up," said Catherine Davis, a PTA co-president in Westport, Conn., who had a frank talk with her two sons after several students' nude self-portraits recently spread through the wealthy New York City bedroom community. "Now a stupid adolescent mistake can take on major implications and go on their record for the rest of their lives."
School administrators in Santa Fe, Texas, confiscated dozens of cell phones from students in May after nude photos of two junior high girls began circulating. The girls had sent the photos to their boyfriends, who forwarded them to others, officials said.
In La Crosse, Wis., a 17-year-old boy recently was charged with child pornography, sexual exploitation of a child and defamation for allegedly posting nude photos of his 16-year-old ex-girlfriend on his MySpace page. The girl had taken the pictures with her cell phone at her mother's home and e-mailed them to the boyfriend, authorities said.
Tuesday, June 10, 2008
Monday, June 9, 2008
Monday News Feed 6/9/08
Microsoft slates seven fixes for next week
Stolen laptop teaches Stanford a lesson on need for encryption
Security firm asks for help cracking ransomware key
Posted at 09:30 AM ET, 06/ 9/2008
Ransomware Encrypts Victim Files With 1,028-Bit Key
Now more than ever, it's important that Windows users ensure their machines are safe from hackers. A dangerous new strain of malicious software that holds the victim's computers files for ransom has been unleashed, and Kaspersky Lab is warning that security researchers have yet to crack the encryption key.
The malware in this case is the latest version of Gpcode (Kaspersky calls it Gpcode.ak), a nasty piece of "ransomware" that scrambles all of the victim's data files with an encryption key known only to the attacker(s). Victims are told via a pop-up message that they need to purchase a special decryption program to regain access to their data.
Kaspersky and other anti-virus companies have previously unraveled the secret encryption key for all previous versions of Gpcode, but this time, the malware author apparently has learned from his previous mistakes. Now, the Gpcode author is encrypting victim files with an extremely strong 1,028-bit RSA encryption key.
"We estimate it would take around 15 million modern computers, running for about a year, to crack such a key," writes Aleks Gostev, senior virus analyst at Kaspersky, on the company's blog.Continue reading this post »»
Posted by Brian Krebs Permalink Comments (3)
Groups call for investigation of ISP ad targeting
Spear-phishing attacks have hooked 15,000, says VeriSign
Symantec tool cleans up XP SP3 registry corruption
Update: Amazon Web site slowly returning after shutdown
June 6, 2008 (Computerworld) The Web site of Amazon.com Inc. was shut down for at least two hours today and was slowing coming back online, the online retailer said.
An Amazon spokesman said the site went down at 10:25 a.m. Pacific time.
"We're bringing the site back up," said Craig Berman, a spokesman for Seattle-based Amazon, in an e-mail statement at 2:09 p.m. Pacific time. "Amazon's systems are very complex and on rare occasions, despite our best efforts, they may experience problems. We work to minimize any disruption and to get the site back as quickly as possible. Amazon's Web services were not affected nor were our international sites."
At 1:49 p.m. Pacific time, Amazon updated the posting on its sellers' forum. The company said it was currently investigating an issue that had impacted the availability of the Amazon.com Web site.
"As a part of this resolution, some customers may experience error messages that indicate that their access to the Amazon Web site has been blocked for various reasons. These reasons may not be directly related to the customer's account. Access to the Web site will return when this technical issue is resolved."
June 09, 2008 Stark warning as UK faces cybercrime boom
http://www.crime-research.org/news/09.06.2008/3404/
The Onion on Airport Security and Voting
"Reporters Expose Airport Security Lapses By Blowing Up Plane" and "Diebold Accidentally Leaks Results Of 2008 Election Early".
Linux Kernel ASN.1 BER Decoding Vulnerability
- Moderately critical - From local network
Issued 8 hours ago.
A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
Microsoft apologizes
Mary Jo Foley: Microsoft has pulled from its CodePlex site its Sandcastle project for failure to comply with the terms and conditions required in order to be qualify as bona-fide open source.
Expensive Patent Attorneys Know How To Cut & Paste, But Not Search & Replace
from the get-your-money's-worth dept
Well, it's a mistake plenty of folks are bound to make eventually, but that doesn't make it any less amusing. Joe Mullin has a short post about a big time patent law firm that has launched two recent patent lawsuits over the same basic patents held by a patent holding firm. The only problem? In filing the second lawsuit, it appears that the patent attorneys used cut & paste from the first lawsuit, but didn't use search & replace to get rid of the name of the original defendant. Hopefully, the patent holder didn't pay too much for the cost of filing that second lawsuit.
Sweden Considering Law To Let The Government Monitor All Forms Of Communications
Antigua Doesn't See Settlement With US Over WTO Plan To Let It Ignore US Copyrights
Why there won't be a security update for WkImgSrv.dll
Recently, there was a public post in milw0rm (http://www.milw0rm.com/exploits/5530), talking about an issue in the ActiveX control of Microsoft Works 7 WkImgSrv.dll. The PoC claims that it would achieve remote code execution. McAfee Avert Labs Blog also had a post about this (http://www.avertlabs.com/research/blog/index.php/2008/04/17/potential-microsoft-works-activex-0-day-surfaces/).
At first glance the issue sounds serious, right? Upon further investigation, there is no useful attack vector.
More Laws, Collaboration Required for Online Safety PC World - Thu Jun 5, 3:50 PM ET
Experts discussed ways to improve online safety and better prevent cybercrime at a security conference in Seattle.
Opera Browser and Haute Secure Partner To Prevent Drive By Downloads Of Malware From Compromised Websites
By Grey McKenzie Today
National Economies Threatened by Cybercrime By Grey McKenzie Today
Surge In Bank Account Hijacking Via Keyloggers & Phishing Says UK Threat Assessment By Grey McKenzie Today
Stolen laptop teaches Stanford a lesson on need for encryption
Security firm asks for help cracking ransomware key
Posted at 09:30 AM ET, 06/ 9/2008
Ransomware Encrypts Victim Files With 1,028-Bit Key
Now more than ever, it's important that Windows users ensure their machines are safe from hackers. A dangerous new strain of malicious software that holds the victim's computers files for ransom has been unleashed, and Kaspersky Lab is warning that security researchers have yet to crack the encryption key.
The malware in this case is the latest version of Gpcode (Kaspersky calls it Gpcode.ak), a nasty piece of "ransomware" that scrambles all of the victim's data files with an encryption key known only to the attacker(s). Victims are told via a pop-up message that they need to purchase a special decryption program to regain access to their data.
Kaspersky and other anti-virus companies have previously unraveled the secret encryption key for all previous versions of Gpcode, but this time, the malware author apparently has learned from his previous mistakes. Now, the Gpcode author is encrypting victim files with an extremely strong 1,028-bit RSA encryption key.
"We estimate it would take around 15 million modern computers, running for about a year, to crack such a key," writes Aleks Gostev, senior virus analyst at Kaspersky, on the company's blog.Continue reading this post »»
Posted by Brian Krebs Permalink Comments (3)
Groups call for investigation of ISP ad targeting
Spear-phishing attacks have hooked 15,000, says VeriSign
Symantec tool cleans up XP SP3 registry corruption
Update: Amazon Web site slowly returning after shutdown
June 6, 2008 (Computerworld) The Web site of Amazon.com Inc. was shut down for at least two hours today and was slowing coming back online, the online retailer said.
An Amazon spokesman said the site went down at 10:25 a.m. Pacific time.
"We're bringing the site back up," said Craig Berman, a spokesman for Seattle-based Amazon, in an e-mail statement at 2:09 p.m. Pacific time. "Amazon's systems are very complex and on rare occasions, despite our best efforts, they may experience problems. We work to minimize any disruption and to get the site back as quickly as possible. Amazon's Web services were not affected nor were our international sites."
At 1:49 p.m. Pacific time, Amazon updated the posting on its sellers' forum. The company said it was currently investigating an issue that had impacted the availability of the Amazon.com Web site.
"As a part of this resolution, some customers may experience error messages that indicate that their access to the Amazon Web site has been blocked for various reasons. These reasons may not be directly related to the customer's account. Access to the Web site will return when this technical issue is resolved."
June 09, 2008 Stark warning as UK faces cybercrime boom
http://www.crime-research.org/news/09.06.2008/3404/
The Onion on Airport Security and Voting
"Reporters Expose Airport Security Lapses By Blowing Up Plane" and "Diebold Accidentally Leaks Results Of 2008 Election Early".
Linux Kernel ASN.1 BER Decoding Vulnerability
- Moderately critical - From local network
Issued 8 hours ago.
A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
Microsoft apologizes
Mary Jo Foley: Microsoft has pulled from its CodePlex site its Sandcastle project for failure to comply with the terms and conditions required in order to be qualify as bona-fide open source.
Expensive Patent Attorneys Know How To Cut & Paste, But Not Search & Replace
from the get-your-money's-worth dept
Well, it's a mistake plenty of folks are bound to make eventually, but that doesn't make it any less amusing. Joe Mullin has a short post about a big time patent law firm that has launched two recent patent lawsuits over the same basic patents held by a patent holding firm. The only problem? In filing the second lawsuit, it appears that the patent attorneys used cut & paste from the first lawsuit, but didn't use search & replace to get rid of the name of the original defendant. Hopefully, the patent holder didn't pay too much for the cost of filing that second lawsuit.
Sweden Considering Law To Let The Government Monitor All Forms Of Communications
Antigua Doesn't See Settlement With US Over WTO Plan To Let It Ignore US Copyrights
Why there won't be a security update for WkImgSrv.dll
Recently, there was a public post in milw0rm (http://www.milw0rm.com/exploits/5530), talking about an issue in the ActiveX control of Microsoft Works 7 WkImgSrv.dll. The PoC claims that it would achieve remote code execution. McAfee Avert Labs Blog also had a post about this (http://www.avertlabs.com/research/blog/index.php/2008/04/17/potential-microsoft-works-activex-0-day-surfaces/).
At first glance the issue sounds serious, right? Upon further investigation, there is no useful attack vector.
More Laws, Collaboration Required for Online Safety PC World - Thu Jun 5, 3:50 PM ET
Experts discussed ways to improve online safety and better prevent cybercrime at a security conference in Seattle.
Opera Browser and Haute Secure Partner To Prevent Drive By Downloads Of Malware From Compromised Websites
By Grey McKenzie Today
National Economies Threatened by Cybercrime By Grey McKenzie Today
Surge In Bank Account Hijacking Via Keyloggers & Phishing Says UK Threat Assessment By Grey McKenzie Today
Friday, June 6, 2008
Friday News Feed 6/6/08
Spear-phishing attacks have hooked 15,000, says VeriSign VeriSign estimates that spear-phishing attacks have taken in 15,000 victims over the past 15 months. Read more...
Security Advisories
Cisco Security Advisory: Multiple Vulnerabilities in Cisco PIX and Cisco ASA
Cisco Applied Mitigation Bulletin: Identifying and Mitigating Exploitation of the Multiple Vulnerabilities in Cisco PIX and Cisco ASA
Microsoft slates seven fixes for next week
http://blogs.technet.com/msrc/
As part of our regularly scheduled bulletin release, we’re currently planning to release:
· Three Microsoft Security Bulletins rated Critical, three Important, and one Moderate. These updates may require a restart and will be detectable using the newly released version of the Microsoft Baseline Security Analyzer.
XP SP3 omits critical security update
Full Appeals court hearing sought in border laptop search case
UnitedHealthcare data breach leads to ID theft at UC Irvine
Medical ID Theft Threatens Finances and Lives
Medical identity theft adds a new twist to identity theft by potentially creating not only financial problems, but health risks. The theft of health insurance benefits to obtain health care can add erroneous information to the health records of victims. These changes to health records may go unnoticed, if ever detected, for years before they are caught.
Medical ID Theft can injure finances, endanger lives, Dallas Morning News, June 2, 2008
Posted by EPIC on June 3, 2008.Permanent link to this item.
Why your privacy still comes at a cost
http://www.latimes.com/business/la-fi-lazarus4-2008jun04,1,7565391.column
In case you missed it, your elected representatives bowed to intense pressure from phone companies last week and voted to allow them to keep charging whatever they want to protect your privacy.I'm talking, of course, about the up to $24 a year that millions of Californians are charged to keep their numbers out of the phone book and its electronic cousins.
June 06, 2008 KY Attorney General Creates Unit To Combat Cybercrime
http://www.crime-research.org/news/06.06.2008/3402/
A New Spin on Adaptive Security - 6/5/2008 5:25:00 PM
Gartner's next-generation security model has its roots in other efforts
The real-time, adaptive security infrastructure (ASI) posed by Gartner this week has triggered déjà vu and debate among security experts. (See Gartner Details Real-Time 'Adaptive' Security Infrastructure.)
Neil MacDonald, vice president and fellow at Gartner, described the vision of this next-generation security model during his keynote at the Gartner Security Summit on Tuesday. ASI adapts to threats in real time rather than in the aftermath of an attack, with interconnected services and tools that communicate and share information so that network, host, application, database, and content security are no longer separate “silos,” but one synchronized security system.
But some experts say this concept unveiled by Gartner is really nothing new. Network Associates (now part of McAfee), for example, in the late 1990s offered the Active Security family of products, which integrated a security assessment scanner, an early generation policy manager, firewall, and a PKI server. But Active Security never really caught on.
...
Skype File URI Code Execution Vulnerability - Moderately critical - From remoteIssued 1 day ago. A vulnerability has been reported in Skype, which can be exploited by malicious people to compromise a user's system.
Software Update Prompts Nuclear Plant Shutdown
http://blogs.washingtonpost.com/securityfix/
A nuclear power plant in Georgia was recently forced into an emergency shutdown for 48 hours after a software update was installed on a single computer.
The incident occurred on March 7 at Unit 2 of the Hatch nuclear power plant near Baxley, Georgia. The trouble started after an engineer from Southern Company, which manages the technology operations for the plant, installed a software update on a computer operating on the plant's business network.
Opera sings anti-malware tuneNews Brief, 2008-06-06The alternative browser's next version will block Web sites and links that attempt to compromise users' computers.
The number of moves necessary to solve an arbitrary Rubik's cube configuration has been cut down to 23 moves, according to an update on Tomas Rokicki's homepage (and here). As reported in March, Rokicki developed a very efficient strategy for studying cube solvability, which he used it to show that 25 moves are sufficient to solve any (solvable) Rubik's cube. Since then, he's upgraded from 8GB of memory and a Q6600 CPU, to the supercomputers at Sony Pictures Imageworks (his latest result was produced during idle-time between productions). Combined with some of Rokicki's earlier work, this new result implies that for any arbitrary cube configuration, a solution exists in either 21, 22, or 23 moves. This is in agreement with informal group-theoretic arguments (see Hofstadter 1996, ch. 14) suggesting that the necessary and sufficient number of moves should be in the low 20s.
Kaspersky Lab found a new variant of Gpcode which encrypts files with various extensions using an RSA encryption algorithm with a 1024-bit key. After Gpcode.ak encrypts files on the victim machine, it changes the extension of these files to ._CRYPT and places a text file named !_READ_ME_!.txt in the same folder. In the text file the criminal tells the victims that the file has been encrypted and offers to sell them a decryptor. Is this a look into the future where the majority of malware will function based on extortion?
Study paints grim picture of automated P2P enforcement
University of Washington researchers show that BitTorrent DMCA complaints aren't always accurate, and they prove it by "framing" a printer, a PC, and a wireless access point.
June 05, 2008 - 07:50PM CT - by Nate Anderson
Brand-jacking threatens customer trust
Dancho Danchev: Increasingly, online scammers are abusing the reputation of trusted brands in order to build more legitimacy into their phishing campaigns.
How Could Anyone Possibly Mess With With E-Voting Machines... When They're Left Unguarded For Days?
from the oh,-that's-right,-it's-easy dept
One of the common complaints from the e-voting companies about the various independent security tests that find problems with their machines, is that those test occur under conditions that would never happen in the real world. Specifically, the e-voting companies like to claim that most of the "hacks" revealed would require a lot of access to the machines with no one noticing -- and that just wouldn't be feasible during an election with election officials all around. While even that might be questioned, a much bigger issue is that most polling places leave the e-voting machines totally unguarded and totally unprotected, sometimes for days before the election -- giving anyone with nefarious intent plenty of time to mess around with the machines. Ed Felten has been pointing this out for years. He took photos of such machines at Princeton in 2006 and then again at the primary election earlier this year. This past Tuesday was another election day in many places, including New Jersey, and Ed Felten, once again, took photos of a whole bunch of totally unguarded e-voting machines that any passerby could have accessed. Of course, given that the software itself doesn't seem to work maybe someone will actually adjust the machines to make them work better. Always look on the bright side.
15 Comments Leave a Comment..
Trend Micro to boycott security tests
Richard Thurston June 05, 2008
The security vendor's chief technology officer said today the company will withdraw from the popular VB100 anti-malware tests, launching a tirade against the testers' methodology.
Ethical hacking site falls victim to hackers
Richard Thurston June 05, 2008
Metasploit, the hacking tools site which is widely used by white hat hackers, has itself fallen victim to ARP poisoning, which led to the defacement of the site.
Security Advisories
Cisco Security Advisory: Multiple Vulnerabilities in Cisco PIX and Cisco ASA
Cisco Applied Mitigation Bulletin: Identifying and Mitigating Exploitation of the Multiple Vulnerabilities in Cisco PIX and Cisco ASA
Microsoft slates seven fixes for next week
http://blogs.technet.com/msrc/
As part of our regularly scheduled bulletin release, we’re currently planning to release:
· Three Microsoft Security Bulletins rated Critical, three Important, and one Moderate. These updates may require a restart and will be detectable using the newly released version of the Microsoft Baseline Security Analyzer.
XP SP3 omits critical security update
Full Appeals court hearing sought in border laptop search case
UnitedHealthcare data breach leads to ID theft at UC Irvine
Medical ID Theft Threatens Finances and Lives
Medical identity theft adds a new twist to identity theft by potentially creating not only financial problems, but health risks. The theft of health insurance benefits to obtain health care can add erroneous information to the health records of victims. These changes to health records may go unnoticed, if ever detected, for years before they are caught.
Medical ID Theft can injure finances, endanger lives, Dallas Morning News, June 2, 2008
Posted by EPIC on June 3, 2008.Permanent link to this item.
Why your privacy still comes at a cost
http://www.latimes.com/business/la-fi-lazarus4-2008jun04,1,7565391.column
In case you missed it, your elected representatives bowed to intense pressure from phone companies last week and voted to allow them to keep charging whatever they want to protect your privacy.I'm talking, of course, about the up to $24 a year that millions of Californians are charged to keep their numbers out of the phone book and its electronic cousins.
June 06, 2008 KY Attorney General Creates Unit To Combat Cybercrime
http://www.crime-research.org/news/06.06.2008/3402/
A New Spin on Adaptive Security - 6/5/2008 5:25:00 PM
Gartner's next-generation security model has its roots in other efforts
The real-time, adaptive security infrastructure (ASI) posed by Gartner this week has triggered déjà vu and debate among security experts. (See Gartner Details Real-Time 'Adaptive' Security Infrastructure.)
Neil MacDonald, vice president and fellow at Gartner, described the vision of this next-generation security model during his keynote at the Gartner Security Summit on Tuesday. ASI adapts to threats in real time rather than in the aftermath of an attack, with interconnected services and tools that communicate and share information so that network, host, application, database, and content security are no longer separate “silos,” but one synchronized security system.
But some experts say this concept unveiled by Gartner is really nothing new. Network Associates (now part of McAfee), for example, in the late 1990s offered the Active Security family of products, which integrated a security assessment scanner, an early generation policy manager, firewall, and a PKI server. But Active Security never really caught on.
...
Skype File URI Code Execution Vulnerability - Moderately critical - From remoteIssued 1 day ago. A vulnerability has been reported in Skype, which can be exploited by malicious people to compromise a user's system.
Software Update Prompts Nuclear Plant Shutdown
http://blogs.washingtonpost.com/securityfix/
A nuclear power plant in Georgia was recently forced into an emergency shutdown for 48 hours after a software update was installed on a single computer.
The incident occurred on March 7 at Unit 2 of the Hatch nuclear power plant near Baxley, Georgia. The trouble started after an engineer from Southern Company, which manages the technology operations for the plant, installed a software update on a computer operating on the plant's business network.
Opera sings anti-malware tuneNews Brief, 2008-06-06The alternative browser's next version will block Web sites and links that attempt to compromise users' computers.
The number of moves necessary to solve an arbitrary Rubik's cube configuration has been cut down to 23 moves, according to an update on Tomas Rokicki's homepage (and here). As reported in March, Rokicki developed a very efficient strategy for studying cube solvability, which he used it to show that 25 moves are sufficient to solve any (solvable) Rubik's cube. Since then, he's upgraded from 8GB of memory and a Q6600 CPU, to the supercomputers at Sony Pictures Imageworks (his latest result was produced during idle-time between productions). Combined with some of Rokicki's earlier work, this new result implies that for any arbitrary cube configuration, a solution exists in either 21, 22, or 23 moves. This is in agreement with informal group-theoretic arguments (see Hofstadter 1996, ch. 14) suggesting that the necessary and sufficient number of moves should be in the low 20s.
Kaspersky Lab found a new variant of Gpcode which encrypts files with various extensions using an RSA encryption algorithm with a 1024-bit key. After Gpcode.ak encrypts files on the victim machine, it changes the extension of these files to ._CRYPT and places a text file named !_READ_ME_!.txt in the same folder. In the text file the criminal tells the victims that the file has been encrypted and offers to sell them a decryptor. Is this a look into the future where the majority of malware will function based on extortion?
Study paints grim picture of automated P2P enforcement
University of Washington researchers show that BitTorrent DMCA complaints aren't always accurate, and they prove it by "framing" a printer, a PC, and a wireless access point.
June 05, 2008 - 07:50PM CT - by Nate Anderson
Brand-jacking threatens customer trust
Dancho Danchev: Increasingly, online scammers are abusing the reputation of trusted brands in order to build more legitimacy into their phishing campaigns.
How Could Anyone Possibly Mess With With E-Voting Machines... When They're Left Unguarded For Days?
from the oh,-that's-right,-it's-easy dept
One of the common complaints from the e-voting companies about the various independent security tests that find problems with their machines, is that those test occur under conditions that would never happen in the real world. Specifically, the e-voting companies like to claim that most of the "hacks" revealed would require a lot of access to the machines with no one noticing -- and that just wouldn't be feasible during an election with election officials all around. While even that might be questioned, a much bigger issue is that most polling places leave the e-voting machines totally unguarded and totally unprotected, sometimes for days before the election -- giving anyone with nefarious intent plenty of time to mess around with the machines. Ed Felten has been pointing this out for years. He took photos of such machines at Princeton in 2006 and then again at the primary election earlier this year. This past Tuesday was another election day in many places, including New Jersey, and Ed Felten, once again, took photos of a whole bunch of totally unguarded e-voting machines that any passerby could have accessed. Of course, given that the software itself doesn't seem to work maybe someone will actually adjust the machines to make them work better. Always look on the bright side.
15 Comments Leave a Comment..
Trend Micro to boycott security tests
Richard Thurston June 05, 2008
The security vendor's chief technology officer said today the company will withdraw from the popular VB100 anti-malware tests, launching a tirade against the testers' methodology.
Ethical hacking site falls victim to hackers
Richard Thurston June 05, 2008
Metasploit, the hacking tools site which is widely used by white hat hackers, has itself fallen victim to ARP poisoning, which led to the defacement of the site.
Wednesday, June 4, 2008
Wednesday News Feed 6/4/08
Full Appeals court hearing sought in border laptop search case
A three-judge panel already sided with U.S. Customs officials
http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=9093018&taxonomyId=17&intsrc=kc_top
June 3, 2008 (Computerworld) A man facing child pornography charges based on evidence gathered during a search of his laptop by airport customs officials is asking for an en banc review of his case by the full U.S. Court of Appeals for the Ninth Circuit.
The petition by Michael Arnold follows a ruling in April by a three-judge panel of the court that found customs officials needed no reasonable suspicion to search the contents of any individual's laptop at U.S. borders. Arnold contends the search was unreasonable.
In an en banc hearing, typically all the judges in a court reconsider a decision made by a smaller panel of the court. The decision to grant such a hearing depends on the court's view of the public importance of the case under review.
Arnold's case is being closely watched by privacy and civil rights advocates who are concerned that the Ninth Circuit's ruling will increase the number of suspicionless searches of laptops and other electronic devices at U.S. borders. Arnold was returning home from a three-week vacation in the Philippines in July 2005, when he was pulled aside for secondary customs screening at Los Angeles International Airport. A customs officer who was inspecting Arnold's luggage asked him to start his computer and had it examined by colleagues who found several images of what they believed were child pornography on the computer and in several storage devices Arnold was carrying with him.
After a grand jury charged Arnold with knowingly transporting child pornography in interstate and foreign commerce, he filed a motion with the U.S. District Court for the Central District of California asking for the evidence against him to be suppressed. In his motion, Arnold argued that the search of his computer and storage devices by Customs officers was unreasonable and unwarranted.
http://blogs.adobe.com/psirt/
- This is not a zero-day exploit. Despite various reports that have been circulating, the Flash Player Standalone 9.0.124.0 and Linux Player 9.0.124.0 are NOT vulnerable to the exploits discussed in conjunction with the previously disclosed vulnerability Symantec posted on 5/27/08. Symantec originally believed this to be a zero-day, unpatched vulnerability, but as their latest update on their Threatcon page indicates, they have now confirmed this issue does not affect any versions of Flash Player 9.0.124.0.
McAfee: Beware the .hk domain, among others
Security company's new report ranks riskiest and safest domains on the Internet. Damage from risky sites runs from the "apocalyptic to the annoying."
Tue, Jun 03 21:01:00 PDT 2008 Read full story
Gartner Details Real-Time 'Adaptive' Security InfrastructureFuture security model addresses arrival of multiple perimeters, mobile users
Army Hospital Breach May Be Result of P2P LeakData loss at Walter Reed exposed personal information on 1,000 soldiers
Gartner: Security Budgets Growing SlowlyDemand for security services drives security market
APPLE.COM Apple Releases Mac OS Leopard Security Guide
CYBERINSECURITY Multiple Cross-Site Scripting Vulnerabilities on EA Sites
Hacking Network Computers Explained In Detail By Grey McKenzie Yesterday
House of Hackers Web Portal For The Hacker Community By Grey McKenzie Yesterday
EU sees security threats lurking in printers AP - Tue Jun 3, 11:48 AM ET
BRUSSELS, Belgium - Printers and copiers could be the weak link in many corporate cyber defenses, the European Union's information security agency warned Tuesday.
New report identifies dangerous Web domainsAP - Wed Jun 4, 7:09 AM ET
SAN JOSE, Calif. - When surfing the Internet for safe Web sites, not all domains are equal.
"Of all ".hk" sites McAfee tested, it flagged 19.2 percent as dangerous or potentially dangerous to visitors; it flagged 11.8 percent of ".cn" sites and 11.7 percent of ".info" sites that way."
Exploiting Security Holes Automatically
By Erica NaoneTuesday, June 03, 2008
Researchers call for changes in how software patches are distributed.
Does Future Hold Malpractice Liability for Psychics?
http://www.onpointnews.com/
"“Defendants knew or should have known that the services they offered to plaintiff were of no value while they fraudulently represented that they could and would assist plaintiff with her personal problem,” she alleges in a complaint filed last week."
AT&T management staff data on stolen laptop
Dan Kaplan June 04, 2008
An undisclosed number of management-level workers at AT&T have been notified that their personal information was stored unencrypted on a stolen laptop.
Google chief exec targeted over privacy policy
Richard Thurston June 04, 2008
Fourteen U.S. privacy groups have written to Eric Schmidt arguing that Google is breaking Californian law by not including a link to its privacy policy on its homepage.
Walter Reed suffers peer-to-peer data breach
Sue Marquette Poremba June 03, 2008
Unauthorized file-sharing is to blame for a data breach at Walter Reed Army Medical Center that exposed the personal information of nearly 1,000 patients.
Spammers use hosted services to send unwanted mail
Dan Kaplan June 03, 2008
Spammers are increasingly turning to hosted services to ship out their junk mail, the latest threat report from MessageLabs revealed.
Patent Battles Continue Over Wireless Email
from the make-it-stop dept
While RIM is often portrayed as a victim for having to pay out $612.5 million in the patent infringement lawsuit filed by patent holding firm NTP, what gets less attention is that part of what kicked off NTP's lawsuit was the fact that RIM itself was going around suing pretty much everyone for patent infringement itself. And, of course, that kicked off all sorts of copycats, such as Visto -- a company that clearly learned the art of wielding patents against more successful companies from NTP. Visto and RIM ended up in quite the patent battle, with Visto even claiming that RIM should be shut down.
But, in the end, rather than the other way around, it turned out that it was Visto that was found to be infringing on RIM's patents. At this point, though, hasn't anyone realized how ridiculous it is that there are so many companies claiming to hold patents on some aspect of "wireless email" that no one can enter the space without having a bunch of infringement lawsuits waiting for them? This is not what the patent system was designed for.
4 Comments Leave a Comment..
CVE ALERT DETAIL : CVE-2008-2528
PRIMARYSOURCE
Source: cve
Description:
Unspecified vulnerability in Citrix Access Gateway Standard Edition 4.5.7 and earlier and Advanced Edition 4.5 HF2 and earlier allows attackers to bypass authentication and gain "access to network resources" via unspecified vectors.
Metasploit Project's site hijacked through ARP poisoning
Online brand-jacking increasing
Phoenix Mars Lander's mission site hacked
Another bogus malware study
Ed Bott: Here we go again, with yet another round of bogus reporting about the extent of malware infections in the United States--this time it's one in four. But we've got the real story.
40GB for $55 per month: Time Warner bandwidth caps arrive
We might want to alert our home VPN users abo9ut these rate caps...
FiReaNGeL notes research presented this morning at Penn State on the discovery of a new, ultra-small species of bacteria that has survived for more than 120,000 years within the ice of a Greenland glacier at a depth of nearly two miles. From the psu.edu announcement:
"The microorganism's ability to persist in this low-temperature, high-pressure, reduced-oxygen, and nutrient-poor habitat makes it particularly useful for studying how life, in general, can survive in a variety of extreme environments on Earth and possibly elsewhere in the solar system. This new species is among the ubiquitous, yet mysterious, ultra-small bacteria, which are so tiny that they are able to pass through microbiological filters. Called Chryseobacterium greenlandensis, the species is related genetically to certain bacteria found in fish, marine mud, and the roots of some plants."
"The GPL version 3 is getting some attention in legal circles, especially as it relates to its interaction with proprietary software and patents. Edmund J. Walsh penned an article for Law.com discussing the GPLv3 and the risks it poses for hardware and software companies."
Beware of Error Messages At Bank Sites
http://blogs.washingtonpost.com/securityfix/
If you own or work at a small to mid-sized business, and are presented with an error message about data synchronization or site maintenance when trying to access your company's bank account online, you might want to give the bank a call: A criminal group that specializes in deploying malicious software to steal banking data is presenting victims with fake maintenance pages and error messages as a means of getting around anti-fraud safeguards erected by many banks.
From http://www.schneier.com/blog/
Fax Signatures
Aren't fax signatures the weirdest thing? It's trivial to cut and paste -- with real scissors and glue -- anyone's signature onto a document so that it'll look real when faxed. There is so little security in fax signatures that it's mind-boggling that anyone accepts them.
Yet people do, all the time. I've signed book contracts, credit card authorizations, nondisclosure agreements and all sorts of financial documents -- all by fax. I even have a scanned file of my signature on my computer, so I can virtually cut and paste it into documents and fax them directly from my computer without ever having to print them out. What in the world is going on here?
And, more importantly, why are fax signatures still being used after years of experience? Why aren't there many stories of signatures forged through the use of fax machines?
Medical ID Theft Threatens Finances and Lives
Medical identity theft adds a new twist to identity theft by potentially creating not only financial problems, but health risks. The theft of health insurance benefits to obtain health care can add erroneous information to the health records of victims. These changes to health records may go unnoticed, if ever detected, for years before they are caught.
Medical ID Theft can injure finances, endanger lives,
Dallas Morning News, June 2, 2008
Posted by EPIC on June 3, 2008.Permanent link to this item.
At Gartner Summit, Experts Question Security's Future - 6/2/2008 1:30:00 PM Analysts, sci-fi authors challenge security pros to rethink the status quo
A three-judge panel already sided with U.S. Customs officials
http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=9093018&taxonomyId=17&intsrc=kc_top
June 3, 2008 (Computerworld) A man facing child pornography charges based on evidence gathered during a search of his laptop by airport customs officials is asking for an en banc review of his case by the full U.S. Court of Appeals for the Ninth Circuit.
The petition by Michael Arnold follows a ruling in April by a three-judge panel of the court that found customs officials needed no reasonable suspicion to search the contents of any individual's laptop at U.S. borders. Arnold contends the search was unreasonable.
In an en banc hearing, typically all the judges in a court reconsider a decision made by a smaller panel of the court. The decision to grant such a hearing depends on the court's view of the public importance of the case under review.
Arnold's case is being closely watched by privacy and civil rights advocates who are concerned that the Ninth Circuit's ruling will increase the number of suspicionless searches of laptops and other electronic devices at U.S. borders. Arnold was returning home from a three-week vacation in the Philippines in July 2005, when he was pulled aside for secondary customs screening at Los Angeles International Airport. A customs officer who was inspecting Arnold's luggage asked him to start his computer and had it examined by colleagues who found several images of what they believed were child pornography on the computer and in several storage devices Arnold was carrying with him.
After a grand jury charged Arnold with knowingly transporting child pornography in interstate and foreign commerce, he filed a motion with the U.S. District Court for the Central District of California asking for the evidence against him to be suppressed. In his motion, Arnold argued that the search of his computer and storage devices by Customs officers was unreasonable and unwarranted.
http://blogs.adobe.com/psirt/
- This is not a zero-day exploit. Despite various reports that have been circulating, the Flash Player Standalone 9.0.124.0 and Linux Player 9.0.124.0 are NOT vulnerable to the exploits discussed in conjunction with the previously disclosed vulnerability Symantec posted on 5/27/08. Symantec originally believed this to be a zero-day, unpatched vulnerability, but as their latest update on their Threatcon page indicates, they have now confirmed this issue does not affect any versions of Flash Player 9.0.124.0.
McAfee: Beware the .hk domain, among others
Security company's new report ranks riskiest and safest domains on the Internet. Damage from risky sites runs from the "apocalyptic to the annoying."
Tue, Jun 03 21:01:00 PDT 2008 Read full story
Gartner Details Real-Time 'Adaptive' Security InfrastructureFuture security model addresses arrival of multiple perimeters, mobile users
Army Hospital Breach May Be Result of P2P LeakData loss at Walter Reed exposed personal information on 1,000 soldiers
Gartner: Security Budgets Growing SlowlyDemand for security services drives security market
APPLE.COM Apple Releases Mac OS Leopard Security Guide
CYBERINSECURITY Multiple Cross-Site Scripting Vulnerabilities on EA Sites
Hacking Network Computers Explained In Detail By Grey McKenzie Yesterday
House of Hackers Web Portal For The Hacker Community By Grey McKenzie Yesterday
EU sees security threats lurking in printers AP - Tue Jun 3, 11:48 AM ET
BRUSSELS, Belgium - Printers and copiers could be the weak link in many corporate cyber defenses, the European Union's information security agency warned Tuesday.
New report identifies dangerous Web domainsAP - Wed Jun 4, 7:09 AM ET
SAN JOSE, Calif. - When surfing the Internet for safe Web sites, not all domains are equal.
"Of all ".hk" sites McAfee tested, it flagged 19.2 percent as dangerous or potentially dangerous to visitors; it flagged 11.8 percent of ".cn" sites and 11.7 percent of ".info" sites that way."
Exploiting Security Holes Automatically
By Erica NaoneTuesday, June 03, 2008
Researchers call for changes in how software patches are distributed.
Does Future Hold Malpractice Liability for Psychics?
http://www.onpointnews.com/
"“Defendants knew or should have known that the services they offered to plaintiff were of no value while they fraudulently represented that they could and would assist plaintiff with her personal problem,” she alleges in a complaint filed last week."
AT&T management staff data on stolen laptop
Dan Kaplan June 04, 2008
An undisclosed number of management-level workers at AT&T have been notified that their personal information was stored unencrypted on a stolen laptop.
Google chief exec targeted over privacy policy
Richard Thurston June 04, 2008
Fourteen U.S. privacy groups have written to Eric Schmidt arguing that Google is breaking Californian law by not including a link to its privacy policy on its homepage.
Walter Reed suffers peer-to-peer data breach
Sue Marquette Poremba June 03, 2008
Unauthorized file-sharing is to blame for a data breach at Walter Reed Army Medical Center that exposed the personal information of nearly 1,000 patients.
Spammers use hosted services to send unwanted mail
Dan Kaplan June 03, 2008
Spammers are increasingly turning to hosted services to ship out their junk mail, the latest threat report from MessageLabs revealed.
Patent Battles Continue Over Wireless Email
from the make-it-stop dept
While RIM is often portrayed as a victim for having to pay out $612.5 million in the patent infringement lawsuit filed by patent holding firm NTP, what gets less attention is that part of what kicked off NTP's lawsuit was the fact that RIM itself was going around suing pretty much everyone for patent infringement itself. And, of course, that kicked off all sorts of copycats, such as Visto -- a company that clearly learned the art of wielding patents against more successful companies from NTP. Visto and RIM ended up in quite the patent battle, with Visto even claiming that RIM should be shut down.
But, in the end, rather than the other way around, it turned out that it was Visto that was found to be infringing on RIM's patents. At this point, though, hasn't anyone realized how ridiculous it is that there are so many companies claiming to hold patents on some aspect of "wireless email" that no one can enter the space without having a bunch of infringement lawsuits waiting for them? This is not what the patent system was designed for.
4 Comments Leave a Comment..
CVE ALERT DETAIL : CVE-2008-2528
PRIMARYSOURCE
Source: cve
Description:
Unspecified vulnerability in Citrix Access Gateway Standard Edition 4.5.7 and earlier and Advanced Edition 4.5 HF2 and earlier allows attackers to bypass authentication and gain "access to network resources" via unspecified vectors.
Metasploit Project's site hijacked through ARP poisoning
Online brand-jacking increasing
Phoenix Mars Lander's mission site hacked
Another bogus malware study
Ed Bott: Here we go again, with yet another round of bogus reporting about the extent of malware infections in the United States--this time it's one in four. But we've got the real story.
40GB for $55 per month: Time Warner bandwidth caps arrive
We might want to alert our home VPN users abo9ut these rate caps...
FiReaNGeL notes research presented this morning at Penn State on the discovery of a new, ultra-small species of bacteria that has survived for more than 120,000 years within the ice of a Greenland glacier at a depth of nearly two miles. From the psu.edu announcement:
"The microorganism's ability to persist in this low-temperature, high-pressure, reduced-oxygen, and nutrient-poor habitat makes it particularly useful for studying how life, in general, can survive in a variety of extreme environments on Earth and possibly elsewhere in the solar system. This new species is among the ubiquitous, yet mysterious, ultra-small bacteria, which are so tiny that they are able to pass through microbiological filters. Called Chryseobacterium greenlandensis, the species is related genetically to certain bacteria found in fish, marine mud, and the roots of some plants."
"The GPL version 3 is getting some attention in legal circles, especially as it relates to its interaction with proprietary software and patents. Edmund J. Walsh penned an article for Law.com discussing the GPLv3 and the risks it poses for hardware and software companies."
Beware of Error Messages At Bank Sites
http://blogs.washingtonpost.com/securityfix/
If you own or work at a small to mid-sized business, and are presented with an error message about data synchronization or site maintenance when trying to access your company's bank account online, you might want to give the bank a call: A criminal group that specializes in deploying malicious software to steal banking data is presenting victims with fake maintenance pages and error messages as a means of getting around anti-fraud safeguards erected by many banks.
From http://www.schneier.com/blog/
Fax Signatures
Aren't fax signatures the weirdest thing? It's trivial to cut and paste -- with real scissors and glue -- anyone's signature onto a document so that it'll look real when faxed. There is so little security in fax signatures that it's mind-boggling that anyone accepts them.
Yet people do, all the time. I've signed book contracts, credit card authorizations, nondisclosure agreements and all sorts of financial documents -- all by fax. I even have a scanned file of my signature on my computer, so I can virtually cut and paste it into documents and fax them directly from my computer without ever having to print them out. What in the world is going on here?
And, more importantly, why are fax signatures still being used after years of experience? Why aren't there many stories of signatures forged through the use of fax machines?
Medical ID Theft Threatens Finances and Lives
Medical identity theft adds a new twist to identity theft by potentially creating not only financial problems, but health risks. The theft of health insurance benefits to obtain health care can add erroneous information to the health records of victims. These changes to health records may go unnoticed, if ever detected, for years before they are caught.
Medical ID Theft can injure finances, endanger lives,
Dallas Morning News, June 2, 2008
Posted by EPIC on June 3, 2008.Permanent link to this item.
At Gartner Summit, Experts Question Security's Future - 6/2/2008 1:30:00 PM Analysts, sci-fi authors challenge security pros to rethink the status quo
Monday, June 2, 2008
Monday News Feed 6/2/08
Microsoft urges Windows users to shut down Safari Microsoft is warning Windows users to avoid Apple's Safari Web browser until a patch is available for holes that could let attackers compromise computers. Read more...
Security Advisory 953818 PostedPosted Friday, May 30, 2008 3:56 PM by MSRCTEAM
Hi,
This is Tim Rains.
Very quickly, I wanted to let you know that we’ve just posted Microsoft Security Advisory 953818. This security advisory talks about new public reports of a blended threat that allows remote code execution on all supported versions of Windows XP and Windows Vista when Apple’s Safari web browser for Windows has been installed. Safari is not installed with Windows XP or Windows Vista by default: it must be installed independently or through the Apple Software Update application.
If you run Safari on the affected platforms, we encourage you to review this advisory.
We’ve activated our Software Security Incident Response Process (SSIRP) and are working with our colleagues at Apple to investigate the issue. We have identified steps customers can take to protect themselves in the workaround section of the advisory.
Bank loses tapes with data on 4.5M clients
FAA: Sun box disk failure caused NOTAM database crash
RIM reportedly gets ultimatum over BlackBerry service in India
Apple patches 40 Mac OS X security bugs
Microsoft beta-tests free online diagnostic tools for Windows
Maiffret Starts New Security Venture - 6/2/2008 9:00:00 AM Former co-founder, CTO, and chief hacking officer of eEye Digital Security will provide consulting, training, and vulnerability research
Web 2.0 Sites a Thriving Marketplace for Malware
Malicious software makers are using social networks, video sites, and blogs to peddle their wares to other online criminals. 01-Jun-2008
U.S., China Lead in Hack Attacks
Two countries accounted for 30% of Internet-attack traffic for 2008 so far, researchers say. 01-Jun-2008
DR Case Study:
The Planet outage - what can we all learn from it?
...Next I saw they were "requiring us to take down all generators as instructed by the fire department". I had seen plans for BCP/DRP derail before due to officials stepping in and doing their response to an emergency in their way and not in the way the organization itself had planned it.
Ant ssnds in a disturbing report in The Scientist on an imminent threat to worldwide banana production. "The banana we eat today is not the one your grandparents ate. That one — known as the Gros Michel — was, by all accounts, bigger, tastier, and hardier than the variety we know and love, which is called the Cavendish. The unavailability of the Gros Michel is easily explained: it is virtually extinct. Introduced to our hemisphere in the late 19th century, the Gros Michel was almost immediately hit by a blight that wiped it out by 1960. The Cavendish was adopted at the last minute by the big banana companies — Chiquita and Dole — because it was resistant to that blight, a fungus known as Panama disease... [Now] Panama disease — or Fusarium wilt of banana — is back, and the Cavendish does not appear to be safe from this new strain, which appeared two decades ago in Malaysia, spread slowly at first, but is now moving at a geometrically quicker pace. There is no cure, and nearly every banana scientist says that though Panama disease has yet to hit the banana crops of Latin America, which feed our hemisphere, the question is not if this will happen, but when. Even worse, the malady has the potential to spread to dozens of other banana varieties, including African bananas, the primary source of nutrition for millions..."
Microsoft's CAPTCHA successfully broken
Sharing your login is a criminal offense
Phil Wainewright: Think about that next time you pass those notes around so everyone can get access to the Dun & Bradstreet credit reports, look up the Xignite currency data or share a single WebEx account. What you're doing is tantamount to criminal larceny.
Adobe's Acrobat.com an Office killer?
Larry Dignan: Adobe unveiled Acrobat.com, a suite that allows you to create word processing documents, share files, convert PDFs and hold Web conferences. What remains to be seen is whether online office users care about aesthetics.
Prince And Radiohead Fight Over YouTube Song
from the this-is-what-it's-come-to? dept
For years, Prince was the poster child for "getting" the internet and new media distribution opportunities. He experimented with a variety of different creative business models that suggested he got how the economics of music worked these days. It was working too -- with his efforts to give away his music helping him sell out concert after concert around the world. But then something changed, and Prince went ballistic, suing YouTube, The Pirate Bay and eBay and even threatening fan sites while demanding that even videos with tiny snippets of Prince music in the background get taken offline. The whole thing is quite surprising, and if he keeps this up, he's risking taking all that goodwill he built up for years, and turning himself into another Metallica. Becoming anti-fan is never a good idea. The latest story, though, has a twist. Prince apparently did a cover of a Radiohead song at a recent concert. Someone filmed it and put the video on YouTube. Given his newfound hatred for YouTube, Prince demanded that the song be taken down. And here's where it gets interesting: Radiohead's Thom Yorke is demanding that it be put back online, noting that he owns the copyright on the song: "Really? He's blocked it?... Well, tell him to unblock it. It's our ... song." Of course, as that LA Times report notes, in true Streisand Effect fashion, the effort to take down the song has only driven much more interest in people trying to find the song. If Prince weren't suing so many people, you might even think he was canny enough to have done this on purpose as a marketing campaign.
Publishers Demand Damages For ReportReleased 3 Minutes Ahead Of Time
CHICAGO (CN) - In an Internet age complaint, the publishers of the monthly "Chicago Business Barometer" claim Trade the News Inc. released their copyrighted report 3 minutes early, damaging them economically and harming their business relationships.
Alarming Open-Source Security Holes
By Simson Garfinkel 05/20/2008 29 Comments
How a programming error introduced profound security vulnerabilities in millions of computer systems.
Industry View
Five Ways to Turn Employees into Security Assets for Protecting Data
http://www2.csoonline.com/article/343968/Five_Ways_to_Turn_Employees_into_Security_Assets_for_Protecting_Data
Make data security part of the company culture
Integrate data leak prevention processes into overall workflow
Make employees feel like security assets, not liabilities
Prevent the temptation to engage in "harmless" policy violations
Teach employees about policies while enforcing them
Security Advisory 953818 PostedPosted Friday, May 30, 2008 3:56 PM by MSRCTEAM
Hi,
This is Tim Rains.
Very quickly, I wanted to let you know that we’ve just posted Microsoft Security Advisory 953818. This security advisory talks about new public reports of a blended threat that allows remote code execution on all supported versions of Windows XP and Windows Vista when Apple’s Safari web browser for Windows has been installed. Safari is not installed with Windows XP or Windows Vista by default: it must be installed independently or through the Apple Software Update application.
If you run Safari on the affected platforms, we encourage you to review this advisory.
We’ve activated our Software Security Incident Response Process (SSIRP) and are working with our colleagues at Apple to investigate the issue. We have identified steps customers can take to protect themselves in the workaround section of the advisory.
Bank loses tapes with data on 4.5M clients
FAA: Sun box disk failure caused NOTAM database crash
RIM reportedly gets ultimatum over BlackBerry service in India
Apple patches 40 Mac OS X security bugs
Microsoft beta-tests free online diagnostic tools for Windows
Maiffret Starts New Security Venture - 6/2/2008 9:00:00 AM Former co-founder, CTO, and chief hacking officer of eEye Digital Security will provide consulting, training, and vulnerability research
Web 2.0 Sites a Thriving Marketplace for Malware
Malicious software makers are using social networks, video sites, and blogs to peddle their wares to other online criminals. 01-Jun-2008
U.S., China Lead in Hack Attacks
Two countries accounted for 30% of Internet-attack traffic for 2008 so far, researchers say. 01-Jun-2008
DR Case Study:
The Planet outage - what can we all learn from it?
...Next I saw they were "requiring us to take down all generators as instructed by the fire department". I had seen plans for BCP/DRP derail before due to officials stepping in and doing their response to an emergency in their way and not in the way the organization itself had planned it.
Ant ssnds in a disturbing report in The Scientist on an imminent threat to worldwide banana production. "The banana we eat today is not the one your grandparents ate. That one — known as the Gros Michel — was, by all accounts, bigger, tastier, and hardier than the variety we know and love, which is called the Cavendish. The unavailability of the Gros Michel is easily explained: it is virtually extinct. Introduced to our hemisphere in the late 19th century, the Gros Michel was almost immediately hit by a blight that wiped it out by 1960. The Cavendish was adopted at the last minute by the big banana companies — Chiquita and Dole — because it was resistant to that blight, a fungus known as Panama disease... [Now] Panama disease — or Fusarium wilt of banana — is back, and the Cavendish does not appear to be safe from this new strain, which appeared two decades ago in Malaysia, spread slowly at first, but is now moving at a geometrically quicker pace. There is no cure, and nearly every banana scientist says that though Panama disease has yet to hit the banana crops of Latin America, which feed our hemisphere, the question is not if this will happen, but when. Even worse, the malady has the potential to spread to dozens of other banana varieties, including African bananas, the primary source of nutrition for millions..."
Microsoft's CAPTCHA successfully broken
Sharing your login is a criminal offense
Phil Wainewright: Think about that next time you pass those notes around so everyone can get access to the Dun & Bradstreet credit reports, look up the Xignite currency data or share a single WebEx account. What you're doing is tantamount to criminal larceny.
Adobe's Acrobat.com an Office killer?
Larry Dignan: Adobe unveiled Acrobat.com, a suite that allows you to create word processing documents, share files, convert PDFs and hold Web conferences. What remains to be seen is whether online office users care about aesthetics.
Prince And Radiohead Fight Over YouTube Song
from the this-is-what-it's-come-to? dept
For years, Prince was the poster child for "getting" the internet and new media distribution opportunities. He experimented with a variety of different creative business models that suggested he got how the economics of music worked these days. It was working too -- with his efforts to give away his music helping him sell out concert after concert around the world. But then something changed, and Prince went ballistic, suing YouTube, The Pirate Bay and eBay and even threatening fan sites while demanding that even videos with tiny snippets of Prince music in the background get taken offline. The whole thing is quite surprising, and if he keeps this up, he's risking taking all that goodwill he built up for years, and turning himself into another Metallica. Becoming anti-fan is never a good idea. The latest story, though, has a twist. Prince apparently did a cover of a Radiohead song at a recent concert. Someone filmed it and put the video on YouTube. Given his newfound hatred for YouTube, Prince demanded that the song be taken down. And here's where it gets interesting: Radiohead's Thom Yorke is demanding that it be put back online, noting that he owns the copyright on the song: "Really? He's blocked it?... Well, tell him to unblock it. It's our ... song." Of course, as that LA Times report notes, in true Streisand Effect fashion, the effort to take down the song has only driven much more interest in people trying to find the song. If Prince weren't suing so many people, you might even think he was canny enough to have done this on purpose as a marketing campaign.
Publishers Demand Damages For ReportReleased 3 Minutes Ahead Of Time
CHICAGO (CN) - In an Internet age complaint, the publishers of the monthly "Chicago Business Barometer" claim Trade the News Inc. released their copyrighted report 3 minutes early, damaging them economically and harming their business relationships.
Alarming Open-Source Security Holes
By Simson Garfinkel 05/20/2008 29 Comments
How a programming error introduced profound security vulnerabilities in millions of computer systems.
Industry View
Five Ways to Turn Employees into Security Assets for Protecting Data
http://www2.csoonline.com/article/343968/Five_Ways_to_Turn_Employees_into_Security_Assets_for_Protecting_Data
Make data security part of the company culture
Integrate data leak prevention processes into overall workflow
Make employees feel like security assets, not liabilities
Prevent the temptation to engage in "harmless" policy violations
Teach employees about policies while enforcing them
Friday, May 30, 2008
Friday News Feed 5/30/08
Bank loses tapes with data on 4.5M clients A New York bank confirmed that it lost a box of data storage tapes containing the unencrypted personal information of 4.5 million people during transit to an off-site facility. Read more...
Researchers breach Microsoft's CardSpace ID technology
Apple patches 40 Mac OS X security bugs
Keeping security relevant in the free-content era
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9084988
Kelly goes on to explain eight "generatives," things that can't be copied and so still hold value on the Internet: Immediacy, Personalization, Interpretation, Authenticity, Accessibility, Embodiment, Patronage, and Findability.
Man charged with using cartoon names to defraud brokerages
Microsoft beta-tests free online diagnostic tools for Windows
Stanford Medical School's Rx: Anomaly Detection - 5/30/2008 1:24:00 PM Appliance helps minimize bot, malware infections
Gartner Forecasts the Next Big Threats - 5/29/2008 5:05:00 PM A peek at some of the types of attacks on the horizon that Gartner will reveal at next week's Security Summit
May 30, 2008 Police say banks not reporting cybercrime in effort to protect image
http://www.crime-research.org/news/30.05.2008/3394/
Symantec backs off claim, says current Flash Player safe from attack
Will proposed treaty make border agents copyright cops?
A Little Sunshine Brings Out Rapid And Well Deserved Anger Towards ACTA Treaty
from the spreading-the-word dept
Last week, I wrote a post highlighting the faulty premises behind a secretly negotiated treaty between the US and many other countries, the so-called Anti-Counterfeiting Trade Agreement (ACTA). Since then a bunch of news articles have been written about ACTA, with most of the focus on how it will have border guards going through your iPod and computers to see if you have any infringing content. A bunch of folks have been submitting stories on this all week, despite the fact that we wrote about it last week. However, what's most interesting to me is how quickly this turned from a little story -- first posted to Wikileaks and a few blogs, into something that's been in major newspapers (oddly, mostly focused in Canada). Even more interesting, however, is how this has so quickly turned into activism, with some newspapers already already calling for people to stand up against ACTA to protect our privacy rights. Think about that for a second. This was a treaty on the "boring" topic of copyright, that was basically pitched by the entertainment industry to politicians who wrote it up in secret. It leaked out to a single website, and within a week there were major newspaper editorials calling for people to stand up against it, and thousands, if not millions, of people informed about the potential harm this treaty could cause. So much for slipping it under the radar. This is really the culmination of a few different factors, including the entertainment industry's misguided and rapidly backfiring battle against consumers, that has catapulted copyright from a boring "wonkish" issue into one that people recognize effects so many aspects of their daily lives. Combined with the wonderful communications ability of the internet, it makes it harder for the entertainment industry to simply pull one over on people like this. Of course, as we've noted, the industry keeps on trying, and they love sneaking through legislation and treaties before anyone recognizes it -- but the rapid response to ACTA (which is far from over, of course) suggests that some of the industry's advantages are slipping away. Hopefully, this issue will continue to receive the attention it deserves so that there's a real debate on whether or not such a treaty is needed (it's not).
13 Comments Leave a Comment..
Comcast Hackers Say They Warned the Company First
blog.wired.com — The computer attackers who took down Comcast's homepage and webmail service for over five hours Thursday say they didn't know what they were getting themselves into. In an hour-long telephone conference call with Threat Level, the hackers known as "Defiant" and "EBK" expressed astonishment over the attention their DNS hijacking has garnered.More… (Tech Industry News)
Web 2.0 Sites a Thriving Marketplace for Malware
Malicious software makers are using social networks, video sites, and blogs to peddle their wares to other online criminals. 29-May-2008
Good reference chart:
http://isc.sans.org/presentations/iscflyer.pdf
Electronic Crime Scene Investigation Handbook
Electronic Crime Scene Investigation: A Guide for First Responders, Second Edition, National Institute of Justice, U.S. Department of Justice, April 2008.
Hired gun blamed for business outage Robert Lemos, 2008-05-30 Video-content firm Revision3 accuses anti-piracy company MediaDefender -- known for its aggressive tactics against file sharers -- of attacking its servers over the weekend.
Barracuda hungry for OSS security developer Sourcefire
Security appliance maker Barracuda Networks has proposed a deal to acquire Sourcefire, the company behind the popular open source Snort and ClamAV security software. Barracuda is currently defending ClamAV from patent litigation and has a long history of contributing to open source security software projects.
May 30, 2008 - 09:09AM CT - by Ryan Paul
China hackers behind U.S. blackouts?
Larry Dignan: Chinese cyber-militia may have been behind power blackouts in Florida and the Northeast, according to a report in the National Journal.
Richard Koman: Did Chinese copy unattended U.S. laptop?
Reputation Is A Scarce Good... As Metallica Is Learning
Microsoft: It's Not The Broadcast Flag, It's A Different Flag
from the well,-that-makes...-um...-no-difference-at-all dept
After certain NBC TV shows wouldn't record on Microsoft's Vista Media Center a few weeks ago, Microsoft admitted that Media Center includes broadcast flag technology, while NBC Universal admitted that it accidentally set the flag. However, now Microsoft is trying to clarify, claiming that it's not actually the broadcast flag that it included, but an entirely different flag, called CGMS-A. NBC Universal concurs, saying that the mistake it made was in setting the CGMS-A flag. Of course... the real question is why does this matter at all? If the impact is identical (Microsoft willing to let TV networks declare a show un-recordable), then what does it matter which annoying copy protection scheme is used?
21 Comments Leave a Comment..
What CSOs Can Learn From Estonia
Security researcher Gadi Evron reviews lessons of the Estonian cyber attacks he helped to investigate last year.
» full story
Researchers breach Microsoft's CardSpace ID technology
Apple patches 40 Mac OS X security bugs
Keeping security relevant in the free-content era
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9084988
Kelly goes on to explain eight "generatives," things that can't be copied and so still hold value on the Internet: Immediacy, Personalization, Interpretation, Authenticity, Accessibility, Embodiment, Patronage, and Findability.
Man charged with using cartoon names to defraud brokerages
Microsoft beta-tests free online diagnostic tools for Windows
Stanford Medical School's Rx: Anomaly Detection - 5/30/2008 1:24:00 PM Appliance helps minimize bot, malware infections
Gartner Forecasts the Next Big Threats - 5/29/2008 5:05:00 PM A peek at some of the types of attacks on the horizon that Gartner will reveal at next week's Security Summit
May 30, 2008 Police say banks not reporting cybercrime in effort to protect image
http://www.crime-research.org/news/30.05.2008/3394/
Symantec backs off claim, says current Flash Player safe from attack
Will proposed treaty make border agents copyright cops?
A Little Sunshine Brings Out Rapid And Well Deserved Anger Towards ACTA Treaty
from the spreading-the-word dept
Last week, I wrote a post highlighting the faulty premises behind a secretly negotiated treaty between the US and many other countries, the so-called Anti-Counterfeiting Trade Agreement (ACTA). Since then a bunch of news articles have been written about ACTA, with most of the focus on how it will have border guards going through your iPod and computers to see if you have any infringing content. A bunch of folks have been submitting stories on this all week, despite the fact that we wrote about it last week. However, what's most interesting to me is how quickly this turned from a little story -- first posted to Wikileaks and a few blogs, into something that's been in major newspapers (oddly, mostly focused in Canada). Even more interesting, however, is how this has so quickly turned into activism, with some newspapers already already calling for people to stand up against ACTA to protect our privacy rights. Think about that for a second. This was a treaty on the "boring" topic of copyright, that was basically pitched by the entertainment industry to politicians who wrote it up in secret. It leaked out to a single website, and within a week there were major newspaper editorials calling for people to stand up against it, and thousands, if not millions, of people informed about the potential harm this treaty could cause. So much for slipping it under the radar. This is really the culmination of a few different factors, including the entertainment industry's misguided and rapidly backfiring battle against consumers, that has catapulted copyright from a boring "wonkish" issue into one that people recognize effects so many aspects of their daily lives. Combined with the wonderful communications ability of the internet, it makes it harder for the entertainment industry to simply pull one over on people like this. Of course, as we've noted, the industry keeps on trying, and they love sneaking through legislation and treaties before anyone recognizes it -- but the rapid response to ACTA (which is far from over, of course) suggests that some of the industry's advantages are slipping away. Hopefully, this issue will continue to receive the attention it deserves so that there's a real debate on whether or not such a treaty is needed (it's not).
13 Comments Leave a Comment..
Comcast Hackers Say They Warned the Company First
blog.wired.com — The computer attackers who took down Comcast's homepage and webmail service for over five hours Thursday say they didn't know what they were getting themselves into. In an hour-long telephone conference call with Threat Level, the hackers known as "Defiant" and "EBK" expressed astonishment over the attention their DNS hijacking has garnered.More… (Tech Industry News)
Web 2.0 Sites a Thriving Marketplace for Malware
Malicious software makers are using social networks, video sites, and blogs to peddle their wares to other online criminals. 29-May-2008
Good reference chart:
http://isc.sans.org/presentations/iscflyer.pdf
Electronic Crime Scene Investigation Handbook
Electronic Crime Scene Investigation: A Guide for First Responders, Second Edition, National Institute of Justice, U.S. Department of Justice, April 2008.
Hired gun blamed for business outage Robert Lemos, 2008-05-30 Video-content firm Revision3 accuses anti-piracy company MediaDefender -- known for its aggressive tactics against file sharers -- of attacking its servers over the weekend.
Barracuda hungry for OSS security developer Sourcefire
Security appliance maker Barracuda Networks has proposed a deal to acquire Sourcefire, the company behind the popular open source Snort and ClamAV security software. Barracuda is currently defending ClamAV from patent litigation and has a long history of contributing to open source security software projects.
May 30, 2008 - 09:09AM CT - by Ryan Paul
China hackers behind U.S. blackouts?
Larry Dignan: Chinese cyber-militia may have been behind power blackouts in Florida and the Northeast, according to a report in the National Journal.
Richard Koman: Did Chinese copy unattended U.S. laptop?
Reputation Is A Scarce Good... As Metallica Is Learning
Microsoft: It's Not The Broadcast Flag, It's A Different Flag
from the well,-that-makes...-um...-no-difference-at-all dept
After certain NBC TV shows wouldn't record on Microsoft's Vista Media Center a few weeks ago, Microsoft admitted that Media Center includes broadcast flag technology, while NBC Universal admitted that it accidentally set the flag. However, now Microsoft is trying to clarify, claiming that it's not actually the broadcast flag that it included, but an entirely different flag, called CGMS-A. NBC Universal concurs, saying that the mistake it made was in setting the CGMS-A flag. Of course... the real question is why does this matter at all? If the impact is identical (Microsoft willing to let TV networks declare a show un-recordable), then what does it matter which annoying copy protection scheme is used?
21 Comments Leave a Comment..
What CSOs Can Learn From Estonia
Security researcher Gadi Evron reviews lessons of the Estonian cyber attacks he helped to investigate last year.
» full story
Wednesday, May 28, 2008
Wednesday News Feed 5/28/08
Hackers exploiting Flash Player zero-day bug Attackers are already exploiting an unpatched bug in the latest version of Adobe's popular Flash Player, security researchers said today. Read more...
The bug, which is in the most up-to-date version of Flash, was reported by researchers at the SANS Institute's Internet Storm Center and by others from Symantec Corp.
"Adobe Flash Player is prone to an unspecified remote code-execution vulnerability," Symantec said in a warning posted to its SecurityFocus site. "An attacker may exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions.
"Symantec has observed that this issue is being actively exploited in the wild," the company added.
Followup to Flash/swf stories
We've received quite a bit of mail about our stories yesterday about the malicious SWF files attempting to exploit older versions of the Adobe Flash player. So, here are a few of the things that have come out of our discussions.
Our friends over at shadowserver.org (thanx, Steven) have a nice writeup that includes a bunch of domains they've noted that have the malicious SWF files.
If you aren't sure which version of the flash player you are using, Adobe provides this page where you can check for yourself.
On closer examination, this does not appear to be a "0-day exploit". Symantec has updated their threatcon info, as well.
It appears that this exploit may be included in the Chinese version of the MPack exploit toolkit (among others).
In case we weren't clear about it earlier, it appears that the infected web sites check which browser you are using in addition to the flash player version to determine which exploit to deliver.
There are several ways to protect yourself even if you have a vulnerable version of the Flash player.
In Firefox, you can use either of the following add-ons, NoScript (one of our favorites, found here or here) or FlashBlock (here or here).
In IE, see here for how to set the "killbit", the CLSID is BD96C556-65A3-11D0-983A-00C04FC29E36.
Symantec tells users: Disable protection before XP SP3 upgrade
"We have determined that the SymProtect feature is involved, though this issue is not exclusive to Symantec customers. To help prevent this issue from occurring, you should disable SymProtect prior to installing the Windows XP SP3 upgrade."
TJX staffer sacked after talking about security problems
U.S. convicts 15th in largest music piracy case
Gitarts, who used the alias Dextro, was the 15th member of the group to be convicted on piracy charges. All were charged in early 2004 when law enforcement agents around the world acted on search warrants aimed at several online piracy groups.
The other 14 members of the Apocalypse Production Crew who were charged have pleaded guilty.
Cisco Security Advisory: Cisco IOS Secure Shell Denial of Service Vulnerabilities
http://www.cisco.com/warp/public/707/cisco-sa-20080521-ssh.shtml
Summary
The Secure Shell server (SSH) implementation in Cisco IOS contains multiple vulnerabilities that allow unauthenticated users the ability to generate a spurious memory access error or, in certain cases, reload the device.
Shape Shifting Malware Threat Reported by Swiss Cybercrime Operation
http://www.crime-research.org/news/27.05.2008/3387/
"Self changing code designed to dynamically evade recognition is a fact of life, it automatically adapts to the anti-spam and anti-malware engines that it encounters. Unfortunately the knowhow and construction kits used to create this shape shifting threat are now readily available and are unleashing a wave of shape shifting malware based on social engineering techniques. Highly targeted emails containing personalised information and shape shifting trojan attachments are the latest development and each positive infection increases the 'hit rate' for the next wave of emails sent out by the self learning automated engines used by sophisticated attackers", continued Sweeney.
Deutsche Telecom Spied on Employees, Journalists - 5/27/2008 5:45:00 PM Major German service provider violated privacy laws by analyzing phone records in an attempt to stop leaks to the press.
New Smart Phone Hack Could Expose Cell Network - 5/27/2008 3:35:00 PM Researchers to release hacking tool that gathers information about the cellular network to which a smart phone is connected
Tracking People with their Mobile Phones
Not that we didn't think it was possible:
The surveillance mechanism works by monitoring the signals produced by mobile handsets and then locating the phone by triangulation measuring the phone’s distance from three receivers.
[....]
The Information Commissioner's Office (ICO) expressed cautious approval of the technology, which does not identify the owner of the phone but rather the handset's IMEI code -- a unique number given to every device so that the network can recognise it.
Adobe Flash Player Unspecified Vulnerability - Extremely critical - From remote
Issued 6 hours ago.
A vulnerability has been reported in Adobe Flash Player, which can be exploited by malicious people to compromise a user's system.
EMC AlphaStor Multiple Vulnerabilities - Moderately critical - From local network
Issued 8 hours ago.
Some vulnerabilities have been reported in EMC AlphaStor, which can be exploited by malicious people to compromise a vulnerable system.
Samba "receive_smb_raw()" Buffer Overflow Vulnerability - Highly critical - From remote
Issued 6 hours ago.
Secunia Research has discovered a vulnerability in Samba, which can be exploited by malicious people to compromise a vulnerable system.
Microsoft: Kraken nearly Storm's sizeNews Brief, 2008-05-27Early data from the software giant's anti-malware service indicates that the Kraken botnet is only about 20 percent smaller than Storm.
TJX completes Mastercard breach settlement
BobJacobsen writes "FCW has an article about a NASA employee that was suspended for blogging on government time. Seems the unnamed employee's "politically partisan" blog entries were a violation of the Hatch Act. The article ends with a chilling quote from the government's Special Counsel in the case: 'Today, modern office technology multiplies the opportunities for employees to abuse their positions and — as in this serious case — to be penalized, even removed from their job, with just a few clicks of a mouse'" Thing is, he was soliciting campaign donations and writing partisan stuff.
"Tickets to the Olympic opening and closing ceremonies will contain a microchip with information about the ticket holder, including a photograph, passport details, addresses, e-mail, and telephone numbers. The stated intent is to keep troublemakers out of the 91,000-seat National Statdium so that they cannot cause disruptions while China is on world-wide television, but it brings up serious concerns for privacy and identity theft."
Cram this: a firsthand account of my recent cramming
When my phone and Internet bill mysteriously doubled in a single month, I found myself on the wrong side of a good "cramming." Semi-shocking true story inside.
May 27, 2008 - 11:35PM CT - by Nate Anderson
...The ESBI firms all let slip bits of information about whoever had allegedly signed me up for these services, but it was ILD's operator who filled in the picture. Through her, I finally assembled the complete name and address that had been entered into an online form, and I finally got the address of the form in question: usprizedraw.com.
UK theme park bans PDAs, mandates family fun time
A UK theme park is experimenting with banning PDAs this week. The policy could be made permanent if successful, signaling an increased willingness to make people in public stop and smell the roses.
May 27, 2008 - 10:10AM CT - by David Chartier
Microsoft is hellbent on touch
Larry Dignan: Windows 7 will rely heavily on touch and it's really easy to be skeptical about Microsoft's latest plans. But this time could be different.
Mary Jo Foley: See the demo of Windows 7 multi-touch
Mary Jo Foley: Microsoft readies new 'don't blame Windows' tool
Windows 7: Now a late 2009 deliverable (again)
You got malware… with bugs included!!
Latest phishing schemes target Apple
Sue Marquette Poremba May 27, 2008
Apple's increasing popularity is leading to the company's users being targeted by phishing schemes.
Cisco IOS Rootkit Demonstrated
While rootkits for common operating systems, like Windows, are well known, they haven't been a security issue for Cisco's IOS until now.
http://www.informationweek.com/news/security/management/showArticle.jhtml?articleID=208400389
Hackers Blast Russian Nuclear Power Websites Offline By Grey McKenzie Today
China Launches Cyber Attack Against Tibetan Dissident By Grey McKenzie Today
European Union's Cyber Security Agency Calls For More Funding By Grey McKenzie Today
The bug, which is in the most up-to-date version of Flash, was reported by researchers at the SANS Institute's Internet Storm Center and by others from Symantec Corp.
"Adobe Flash Player is prone to an unspecified remote code-execution vulnerability," Symantec said in a warning posted to its SecurityFocus site. "An attacker may exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions.
"Symantec has observed that this issue is being actively exploited in the wild," the company added.
Followup to Flash/swf stories
We've received quite a bit of mail about our stories yesterday about the malicious SWF files attempting to exploit older versions of the Adobe Flash player. So, here are a few of the things that have come out of our discussions.
Our friends over at shadowserver.org (thanx, Steven) have a nice writeup that includes a bunch of domains they've noted that have the malicious SWF files.
If you aren't sure which version of the flash player you are using, Adobe provides this page where you can check for yourself.
On closer examination, this does not appear to be a "0-day exploit". Symantec has updated their threatcon info, as well.
It appears that this exploit may be included in the Chinese version of the MPack exploit toolkit (among others).
In case we weren't clear about it earlier, it appears that the infected web sites check which browser you are using in addition to the flash player version to determine which exploit to deliver.
There are several ways to protect yourself even if you have a vulnerable version of the Flash player.
In Firefox, you can use either of the following add-ons, NoScript (one of our favorites, found here or here) or FlashBlock (here or here).
In IE, see here for how to set the "killbit", the CLSID is BD96C556-65A3-11D0-983A-00C04FC29E36.
Symantec tells users: Disable protection before XP SP3 upgrade
"We have determined that the SymProtect feature is involved, though this issue is not exclusive to Symantec customers. To help prevent this issue from occurring, you should disable SymProtect prior to installing the Windows XP SP3 upgrade."
TJX staffer sacked after talking about security problems
U.S. convicts 15th in largest music piracy case
Gitarts, who used the alias Dextro, was the 15th member of the group to be convicted on piracy charges. All were charged in early 2004 when law enforcement agents around the world acted on search warrants aimed at several online piracy groups.
The other 14 members of the Apocalypse Production Crew who were charged have pleaded guilty.
Cisco Security Advisory: Cisco IOS Secure Shell Denial of Service Vulnerabilities
http://www.cisco.com/warp/public/707/cisco-sa-20080521-ssh.shtml
Summary
The Secure Shell server (SSH) implementation in Cisco IOS contains multiple vulnerabilities that allow unauthenticated users the ability to generate a spurious memory access error or, in certain cases, reload the device.
Shape Shifting Malware Threat Reported by Swiss Cybercrime Operation
http://www.crime-research.org/news/27.05.2008/3387/
"Self changing code designed to dynamically evade recognition is a fact of life, it automatically adapts to the anti-spam and anti-malware engines that it encounters. Unfortunately the knowhow and construction kits used to create this shape shifting threat are now readily available and are unleashing a wave of shape shifting malware based on social engineering techniques. Highly targeted emails containing personalised information and shape shifting trojan attachments are the latest development and each positive infection increases the 'hit rate' for the next wave of emails sent out by the self learning automated engines used by sophisticated attackers", continued Sweeney.
Deutsche Telecom Spied on Employees, Journalists - 5/27/2008 5:45:00 PM Major German service provider violated privacy laws by analyzing phone records in an attempt to stop leaks to the press.
New Smart Phone Hack Could Expose Cell Network - 5/27/2008 3:35:00 PM Researchers to release hacking tool that gathers information about the cellular network to which a smart phone is connected
Tracking People with their Mobile Phones
Not that we didn't think it was possible:
The surveillance mechanism works by monitoring the signals produced by mobile handsets and then locating the phone by triangulation measuring the phone’s distance from three receivers.
[....]
The Information Commissioner's Office (ICO) expressed cautious approval of the technology, which does not identify the owner of the phone but rather the handset's IMEI code -- a unique number given to every device so that the network can recognise it.
Adobe Flash Player Unspecified Vulnerability - Extremely critical - From remote
Issued 6 hours ago.
A vulnerability has been reported in Adobe Flash Player, which can be exploited by malicious people to compromise a user's system.
EMC AlphaStor Multiple Vulnerabilities - Moderately critical - From local network
Issued 8 hours ago.
Some vulnerabilities have been reported in EMC AlphaStor, which can be exploited by malicious people to compromise a vulnerable system.
Samba "receive_smb_raw()" Buffer Overflow Vulnerability - Highly critical - From remote
Issued 6 hours ago.
Secunia Research has discovered a vulnerability in Samba, which can be exploited by malicious people to compromise a vulnerable system.
Microsoft: Kraken nearly Storm's sizeNews Brief, 2008-05-27Early data from the software giant's anti-malware service indicates that the Kraken botnet is only about 20 percent smaller than Storm.
TJX completes Mastercard breach settlement
BobJacobsen writes "FCW has an article about a NASA employee that was suspended for blogging on government time. Seems the unnamed employee's "politically partisan" blog entries were a violation of the Hatch Act. The article ends with a chilling quote from the government's Special Counsel in the case: 'Today, modern office technology multiplies the opportunities for employees to abuse their positions and — as in this serious case — to be penalized, even removed from their job, with just a few clicks of a mouse'" Thing is, he was soliciting campaign donations and writing partisan stuff.
"Tickets to the Olympic opening and closing ceremonies will contain a microchip with information about the ticket holder, including a photograph, passport details, addresses, e-mail, and telephone numbers. The stated intent is to keep troublemakers out of the 91,000-seat National Statdium so that they cannot cause disruptions while China is on world-wide television, but it brings up serious concerns for privacy and identity theft."
Cram this: a firsthand account of my recent cramming
When my phone and Internet bill mysteriously doubled in a single month, I found myself on the wrong side of a good "cramming." Semi-shocking true story inside.
May 27, 2008 - 11:35PM CT - by Nate Anderson
...The ESBI firms all let slip bits of information about whoever had allegedly signed me up for these services, but it was ILD's operator who filled in the picture. Through her, I finally assembled the complete name and address that had been entered into an online form, and I finally got the address of the form in question: usprizedraw.com.
UK theme park bans PDAs, mandates family fun time
A UK theme park is experimenting with banning PDAs this week. The policy could be made permanent if successful, signaling an increased willingness to make people in public stop and smell the roses.
May 27, 2008 - 10:10AM CT - by David Chartier
Microsoft is hellbent on touch
Larry Dignan: Windows 7 will rely heavily on touch and it's really easy to be skeptical about Microsoft's latest plans. But this time could be different.
Mary Jo Foley: See the demo of Windows 7 multi-touch
Mary Jo Foley: Microsoft readies new 'don't blame Windows' tool
Windows 7: Now a late 2009 deliverable (again)
You got malware… with bugs included!!
Latest phishing schemes target Apple
Sue Marquette Poremba May 27, 2008
Apple's increasing popularity is leading to the company's users being targeted by phishing schemes.
Cisco IOS Rootkit Demonstrated
While rootkits for common operating systems, like Windows, are well known, they haven't been a security issue for Cisco's IOS until now.
http://www.informationweek.com/news/security/management/showArticle.jhtml?articleID=208400389
Hackers Blast Russian Nuclear Power Websites Offline By Grey McKenzie Today
China Launches Cyber Attack Against Tibetan Dissident By Grey McKenzie Today
European Union's Cyber Security Agency Calls For More Funding By Grey McKenzie Today
Subscribe to:
Posts (Atom)
