Saturday, July 4, 2009

Around The Horn vol.1,131

Apple fixing iPhone SMS security hole

By Elinor Mills

Apple expects to have a fix later this month for a vulnerability in the iPhone that could allow an attacker to gain control of the device remotely via SMS, a security researcher said on Thursday.

An attacker could exploit a weakness in the way iPhones handle SMS (short message service) ...

Waledac worm targeting July 4 spam offensive

By Elinor Mills

The Waledac worm is gearing up for a spam campaign related to the July 4 holiday, a security researcher warned on Thursday.

Researchers analyzing the code of the worm, which has been deploying updates to previously compromised PCs, have discovered that at least 18 domain names have been registered related ...

ATM vendor gets security talk pulled from conferences

By Elinor Mills

Last year it was smartcards and this year it's ATMs.

It's almost security conference season in Las Vegas and with one month to go, a presentation has been pulled from Black Hat and Defcon.

Juniper Networks says it pulled a talk about a flaw in ...

Postini: Google's take on e-mail security

By Elinor Mills

MOUNTAIN VIEW, Calif.--The computer security industry historically borrows military defense concepts to combat digital threats, literally creating war rooms where experts follow attacks in progress on huge screens with phones ringing off the hook.

Not so at Google's Postini e-mail security service ...

Botnets lead the way for spam

By Vivian Yeo

Spam made up 90.4 percent of all e-mail traffic in June, with botnets accounting for the vast majority of those unsolicited messages, according to a new report from Symantec's MessageLabs.

Spam sent out from botnets, or networks of zombie PCs, made up 83.2 percent of unsolicited e-mail ...

QuotesLOL - Laughing all the way to the bank

By Rik Ferguson on countermeasures

Yet another Twitter credential stealing website reveals its true colours as a vehicle for criminals to make money from the unwary.   I have had my suspicions about QuotesLOL for a little while now, the service describes itself as “Subscribe above to receive daily quotes on your twitter. These quotes are funny and people will enjoy them! Is [...]

The Middler – User Session Cloning & MITM Tool

By Darknet on user session cloning

The Middler is a Man in the Middle tool to demonstrate protocol middling attacks. Led by Jay Beale, the project involves a team of authors including InGuardians agents Justin Searle and Matt Carpenter. The Middler is intended to man in the middle, or “middle” for short, every protocol for which we can create code. In [...]

Hospital Hacker GhostExodus Owns Himself – Arrested

By Darknet on script kiddy

This story actually gave me a lot of LULZ, how stupid can you be seriously? Man this guy made so many mistakes for someone so paranoid (he had a web cam setup outside his appartment door so he could see who was coming).. But then he exposed his IP address on IRC, posted his face on [...]

New Tool Exposes Stealthy Metasploit Hack

Researchers will demonstrate forensics tool, technique for unmasking attacks using Metasploit's stealthy Meterpreter anti-forensics function

Month Of Twitter Bugs Goes Live With Mini-URL Flaws

Researcher launches Day One of daily third-party Twitter app vulnerability disclosures, while some members of Twitter christen July 1 "TwitterSec Day"

Month of Twitter Bugs Arrives

In Web 2.0

The Month of the Twitter Bugs began July 1 with reports of four cross-site scripting vulnerabilities. All four bugs have been patched.

Google: Spam Slows, Then Surges After Fall of 3FN

In Spam

Researchers at Google reported a surge in spam during the second quarter of 2009 on the back of image spam and e-mails sent out with viruses. The report largely echoes findings from MX Logic, which reported a 300 percent jump in spam since February.

Contract change puts personal data at risk

Thousands of customers are wondering what will happen to the fingerprint and personal data they provided to a Registered Traveler operator who went out of business.

Cyber Command: So much still to know

Defense and cybersecurity experts have lots of questions about the scope and operations of the military's newest command.

Agencies look inward for Web 2.0

When agencies are not able to use public services such as Facebook and Twitter, a growing collection of open-source tools is making it easier for them to create their own social-networking systems.

Justice tech a big winner in Senate spending bill

The Senate Appropriations Committee's plan to fund the Justice Department in fiscal 2010 includes more money for some large IT programs.

Virtualization: A guide to the latest lessons learned

Recent studies highlight the evolving role of virtualization and the troubles that agencies might encounter.

GAO urges improvements to FISMA

GAO recommends more oversight by OMB to improve information security.

DHS to sweep up more data on employees, contractors

DHS says it is expanding the types of personal information it will collect on employees and contractors who require long-term access.

Apple Planning Fix For iPhone SMS Flaw

An SMS vulnerability in Apple's iPhone is slated for disclosure at the Black Hat conference later this month. Apple is reportedly rushing to get a fix ready.

Mobile Payments Startup Raises $8 Million

Bling Nation is entering the highly competitive space filled with deep-pocketed rivals such as Visa and MasterCard.

China's Green Dam 'Definitely' Coming

The controversial requirement that PCs in China come with the Green Dam Web filter may have been postponed, but the rule will be implemented, a Chinese official insists.

Google Sees Spam Surging

Spam, like movie zombies, just keeps coming. Despite the closure of spam ISPs, unwanted messages continue to spread.

Google Sees Spam Surging

Spam, like movie zombies, just keeps coming. Despite the closure of spam ISPs, unwanted messages continue to spread.

Zeus Trojan Variant Steals FTP Login Details

A new variant of the particularly malicious Zeus family of Trojans has surfaced and is compromising computers at an alarming rate.

FakeAlerts Uncovered

By Prashanth PR on Potentially Unwanted Programs

It has been almost a year since the rogue antivirus products, a.k.a. scareware, became rampant.  These Trojan families are typically spread via Drive by downloads, SEO poisoning, Spam campaigns and clever social engineering. Having these methods discussed in earlier blogs, today we will look into the protection mechanisms adopted by these fake alerts Trojan families to [...]

Apple may be exempt from China's Web filter mandate

Apple appears to be exempt from China's mandate that a controversial Internet filtering program be shipped with all computers sold in the country.

Conficker: Forgotten but not Gone

Conficker may not dominate the headlines any longer, but it's still going strong, according to Trend Micro's Malware Blog and stats from the Conficker Working Group.

Court orders spammers to pay $3.7 million

A U.S. district court has ordered members of an alleged international spam ring to give up US$3.7 million that they made while sending out illegal e-mail messages pitching bogus weight-loss products and human growth hormone pills.

Chinese security company shares huge malware database

A Chinese company that has created a massive database of malware found on Chinese Web sites opened up the information to other security organizations on Thursday.

Security guard charged with hacking hospital systems

The grainy video shows a bleary-eyed young man in a hoodie inside the Carrell Clinic in Dallas, Texas. As he hits the elevator button, the theme music from Mission Impossible plays in the background. "You're on a mission with me: Infiltration," he tells the camera.

China will still require Green Dam Web filter program

China has not lifted its requirement that an Internet filtering program be shipped with all computers sold in the country, even though the plan was postponed this week, state media said Thursday.

Apple patching serious SMS vulnerability on iPhone

Apple is working to fix an iPhone vulnerability that could allow an attacker to remotely install and run unsigned software code with root access to the phone.

Jailbroken iPhones leave users more vulnerable

Jailbreaking an iPhone leaves users vulnerable to attack by stripping away most of the handset's security protections, a security researcher warned Thursday.

Mozilla slates first Firefox 3.5 patch

Mozilla will patch the just-released Firefox 3.5 later this month to stamp out several bugs that went unfixed in the final version of the browser, the company said.

The notification chain when a breach is suspected

A few weeks ago, we provided best practice tips on preserving log data for a forensic investigation. Now that you've got the data set aside for your investigation, who else needs to get involved? Let's discuss the notification chain and how other experts support the investigation and its fallout.

Microsoft unleashes five service packs for its enterprise security wares

In the past week, Microsoft has launched five service packs for its enterprise security wares including Geneva, Forefront, Antigen.

Pirate Bay to become a legal file-sharing site

Swedish software firm Global Gaming Factory (GGF) has purchased BitTorrent search engine The Pirate Bay and plans to turn it into a legal downloading service.

Conficker cost Manchester council £1.5m

Manchester City Council has cancelled hundreds of fines for drivers caught on camera in bus lanes, after the Conficker worm hit its fine processing systems.

Fly-by SMS death threats hold Aussies to ransom

The federal government has issued a warning against fly-by criminals who are issuing SMS death threats to defraud victims.

New Trojan puts sneaky twist on click fraud

A new piece of malicious software has been discovered that cheats Google and potentially other search engines out of money.

Gov't official: We're serious about cybersecurity this time

The U.S. White House is determined to follow through on its efforts to make cybersecurity a top priority, despite earlier government efforts that have fallen flat, a top official said Wednesday.

Backup for spammers

Disaster recovery experts take note. One of the largest and most active botnets, US-based Cutwail, was able to recover in a few hours after the shutdown of its host ISP, Pricewert, an indication of how well spammers have adopted backup and recovery technology.

Google: Spammers regroup after ISP takedowns

Spammers are pumping out an increasing number of garbage messages as they regain their capacity to send spam through hacked PCs, according to the latest statistics released by Google on Wednesday.

Month Of Twitter Bugs exposes microblogging flaws
Making a hashtag of Web 2.0 security

The Month Of Twitter Bugs has begun with the publication of a flaw in a URL shortening service often used in conjunction with the microblogging service.…

Gamer embezzles virtual cash to settle real debts
Eve Online banker does a runner

As if high-profile investment scandals and the economic downturn weren't bad enough here on Earth, now folks have to deal with it outside our galaxy. Virtually, at least.…

iPhone crashing bug could lead to serious exploit
More fun with SMS

UpdatedThis story was updated to correct factual errors contained in an IDG News article that first reported the vulnerability.

Speculation mounts over AVG plans for OS X client
'Mac users have no antibodies'

AVG bosses aren't saying much, but there's new evidence the anti-virus maker is seriously considering building an application for the Mac.…

Boomerang attack against AES better than blind chance
Pesky algorithm not invulnerable

Cryptographic researchers have uncovered a chink in the armour of the widely used AES algorithm.…

Spam levels bounce back after botnet takedown
Even botnets have backup now

Spam levels are returning to normal following the recent takedown of crime-friendly ISP 3FN, which temporarily interrupted the operation of a significant spam spewing botnet.…

China not demolishing Green Dam
Censorware not going anywhere after all

China's controversial mandatory censorware has only been delayed rather than abandoned, according to state media.…

Stealthy click fraud tool exploits 9ball attack
Meet the Keyser Soze of malware

Miscreants have developed one of most sophisticated click fraud malware applications to date.…

Feds: hospital hacker's 'massive' DDoS averted
Arrest foils 'Devil's Day' scheme

The leader of a malicious hacker collective who used his job as a security guard to breach sensitive Texas hospital computers has been arrested just days before his group planned a "massive DDoS" attack for the July 4 Independence Day holiday.…

Jackson mass mailer adds to attack onslaught
More zombies than the Thriller video

Miscreants have created a Michael Jackson mass-mailing worm.…

Torrentreactor breach serves potent exploit cocktail
iframe redirection redux

Torrentreactor has long been regarded as one of the top bit torrent search engines, and with the demise of The Pirate Bay, it's likely bigger than ever. Now, it's been breached and is serving a potent cocktail of exploits to people browsing the site, Websense Security Labs says.…

Cold Fusion web sites getting compromised, (Thu, Jul 2nd)

There have been a high number of Cold Fusion web sites being compromised in last 24 hours. We receiv ...(more)...

Unpatched Bloatware on new PCs, (Thu, Jul 2nd)

I recently purchased a netbook, and while I like the highly portable on-the-go computing that it off ...(more)...

Getting the EXE out of the RTF, (Thu, Jul 2nd)

Recently, when the targeted attack with malicious RTF attachments was making the rounds, I wondered ...(more)...

Time to update updating on PCs for 3rd party apps, (Thu, Jul 2nd)

As Alan Paller wrote in last week's SANS @Risk Newsletter, home PCs contain a lot of software with a ...(more)...

Britain Faces Cyber Threats From China and Russia (June 25,26 & 29, 2009)

British Security Minister Lord West says that Britain faces cyber threats from China, Russia and Al-Qaeda.......

General Alexander Outlines Plans for Cyber Command - and Cyber Education (June 26, 2009)

Lt.......

Max Ray Butler Pleads Guilty (June 29, 2009)

Known computer criminal Max Ray Butler, a.......

Admitted Swatter Draws 135 Month Prison Sentence (June 29, 2009)

Matthew Weigman has been sentenced to 135 months in prison for hacking phone systems and harassing a Verizon

FTC Reaches Settlement with Man in Scareware Case (June 26, 2009)

James Reno and his company ByteHosting Internet Services have agreed to pay US $1.......

UK Ministry of Defence Blocks Access to Wikileaks (June 25 & 26, 2009)

The UK Ministry of Defence (MoD) is taking quick action to block access to the Wikileaks website from its computers.......

VIP's Clear May Sell Registered Traveler Data to Another Provider (June 26 & 27, 2009)

Verified Identity Pass's (VIP) defunct Registered Traveler program Clear said it could sell the personal information it collected from customers to another provider of expedited airport security services if the government approves of the arrangement.......

Software Company Under Targeted Attack (June 29, 2009)

The California software company that says some of its code was used in the Green Dam Internet filtering software without permission is under attack.......

Stolen FTP Login Information Found on Server (June 26 & 29, 2009)

Researchers have discovered a server hosted in China that contains more than 68,000 FTP passwords, including a number for well-known sites such as the BBC, Cisco, Amazon and Bank of America.......

Google Briefly Mistakes Spike in Michael Jackson Searches for Attack (June 28 & 29, 2009)

For a short time last Thursday afternoon, the spike in Internet searches about Michael Jackson following the news of his death caused Google to think that it was the target of a distributed denial-of-service (DDoS) attack.......

Former DHS Cyber Security Chief Beckstrom Chosen to Head ICANN (June 26, 2009)

Former US Department of Homeland Security (DHS) National Cybersecurity Center director Rod Beckstrom has been chosen to take over for Paul Twomey as CEO and president of the Internet Corporation for Assigned Names and Numbers (ICANN) when Twomey steps down at the end of the year.......

nCircle statistics show rising Web application security threats

By Robert Westervelt

The number of Web application vulnerabilities detected by the vendor is on track to exceed 2008, according to the latest statistics.

nCircle statistics show rising Web application vulnerabilities

By Robert Westervelt

The number of Web application vulnerabilities detected by the vendor is on track to exceed 2008, according to the latest statistics.

Twitter vulnerability project highlights Bit.ly flaws

By Robert Westervelt

Link shortening service Bit.ly had several cross-site scripting flaws that could be used to view a user's browsing history, tamper with bit.ly settings and abuse Twitter accounts.

Twitter risks, Facebook threats trouble security pros

By Eric Ogren

Security can't slow down the Twitter phenomenon, but it can take steps to prevent data leakage.

How to Improve IT Cyber-Security with Visual Analytics

Few disciplines require the comprehension of as much information in so little time as computer security. With billions of data records piling up daily for large organizations, no technique holds as much promise as using computer-generated images to tell the story of what's in the data a process known as visual analytics. Here, Knowledge Center contributor Justin Wolf explains how to use visual analytics to improve IT cyber-security.
- Data visualization has been around for decades, but modern desktop computers finally possess the power to turn raw data into interactive displays for analysis, enabling computer security analysts to use visual analytics techniques to solve daily problems. Although many other tools exist to assi...

Michael Jackson Malware Rings in July 4 Weekend

Security researchers at Symantec and Sophos are reporting the prevalence of spam related to the death of pop star Michael Jackson last week. Rather than relying on just their normal Independence Day-related e-mails, spammers have launched a number of campaigns to infect users with malware using news about the singer as a lure.
- st1\:* st1\:* July 4 weekend is usually a time for barbecues, beach parties and Independence Day spam. But the death of pop superstar Michael Jackson may have changed the face of the annual spam barrage. Instead of just the typica...

Facebook Simplifies Security with Privacy Settings

Facebook looks to make a splash with changes designed to simplify and standardize its privacy settings. The push to improve privacy comes as Facebook is working to make profiles more searchable over the Web.
- Facebook is simplifying its privacy options as it simultaneously looks to make it easier for members of the social networking site to share content with anyone on the Internet. For starters, the company is consolidating about six privacy pages and roughly 40 settings onto one page. The site will...

Matthew Medeiros: Security Meets the Cloud and Social Nets

How do you keep your company's data secure in an era of economic uncertainty, when your employees are using Twitter and other social networks and mobility has dispersed your employees around the globe? SonicWall President and CEO Matthew Medeiros has looked at these challenges and believes data security is up to the challenge.
- Audio Podcast Content....

PC Invader Costs Ky. County $415,000

In Web Fraud 2.0

Cyber criminals based in Ukraine stole $415,000 from the coffers of Bullitt County, Kentucky this week. The crooks were aided by more than two dozen co-conspirators in the United States, as well as a strain of malicious software capable of defeating online security measures put in place by many banks. Bullitt County Attorney Walt Sholar said the trouble began on June 22, when someone started making unauthorized wire transfers of $10,000 or less from the county's payroll to accounts belonging to at least 25 individuals around the country (some individuals received multiple payments). On June 29, the county's bank realized something was wrong, and began requesting that the banks receiving those transfers start reversing them, Sholar said. "Our bank told us they would know by Thursday how many of those transactions would be able to be reversed," Sholar said. "They told us they thought we would get some of the

Spam Rates Recovering From 3FN Takedown

In From the Bunker

Google published a report on spam rates this past quarter indicating that spam volumes declined roughly 30 percent following the Federal Trade Commission's takedown of the troubled online hosting provider 3FN early last month. Google says spammers have already made up a significant amount of ground, climbing 14 percent from the initial drop. The stats differ from other figures Security Fix collected about the impact of the 3FN takedown. Google's spam data was drawn from Postini, the company's e-mail security and archiving service. The following graph shows Postini's view of spam volumes over the past six months: Read more about Google's view of spam trends, at their quarterly report, available here.

Brief: Mozilla adds more privacy in Firefox 3.5

Mozilla adds more privacy in Firefox 3.5

Brief: Juniper pulls talk on ATM vulnerabilities

Juniper pulls talk on ATM vulnerabilities

Conficker: Forgotten but not Gone (PC World)

In technology

PC World - Conficker may not dominate the headlines any longer, but it's still going strong, according to Trend Micro's Malware Blog and stats from the Conficker Working Group.

Court Orders Spammers to Pay $3.7 Million (PC World)

In technology

PC World - A U.S. district court has ordered members of an alleged international spam ring to give up US$3.7 million that they made while sending out illegal e-mail messages pitching bogus weight-loss products and human growth hormone pills.

Celebrity Deaths Drive Spam, with Jackson Pervasive (NewsFactor)

In business

NewsFactor - With recent celebrity deaths, spammers are shifting strategies in hopes of cashing in on the misfortunes of others. Although several celebrities have passed away in the last few weeks, pop star Michael Jackson's death is driving the greatest spam volume.

Warning over Michael Jackson email virus (AFP)

In technology

AFP - Computer security firm Sophos issued a warning about an Internet virus transmitted from a mass email claiming to contain secret songs and photos of Michael Jackson.

Chinese Security Company Shares Huge Malware Database (PC World)

In technology

PC World - A Chinese company that has created a massive database of malware found on Chinese Web sites opened up the information to other security organizations on Thursday.

Google: Spammers Regroup After ISP Takedowns (PC World)

In technology

PC World - Spammers are pumping out an increasing number of garbage messages as they regain their capacity to send spam through hacked PCs, according to the latest statistics released by Google on Wednesday.

Twitter Updates Make Photos, Squashing Spammers Easier (PC World)

In technology

PC World - The latest changes to Twitter are simple and unnoticeable at first, but they can make a world of difference for some users.

Event IDs for Windows Server 2008 and Vista Revealed!

By (Derek Melber)

How to track every event that is logged on a Windows Server 2008 and Windows Vista computer.

Conficker: Forgotten but not Gone

While the hype about Conficker may have died down, the botnet hasn't.

Court Orders Spammers to Pay $3.7 Million

A U.S. court orders alleged spammers to give up $3.7 million after an FTC complaint.

Microsoft Unleashes Five Service Packs for Its Enterprise Security Wares

In the past week, Microsoft has launched five service packs for its enterprise security wares including Geneva, Forefront, Antigen.

Microsoft Readies IE8 Business Push

Microsoft will begin pushing Internet Explorer 8 (IE8) to enterprises next month via Windows Server Update Services, the company said this week.

Chinese Security Company Shares Huge Malware Database

A Chinese company that has created a database of malware found on Chinese Web sites opened up the information to other security organizations.

Gov't Official: We're Serious About Cybersecurity This Time

The Obama administration is serious about fixing cybersecurity challenges in the U.S., a White House official says.

No comments:

Post a Comment

My Blog List