Friday, August 7, 2009

Around The Horn vol.1,145

Microsoft Patch Tuesday for August 2009: nine bulletins

By emil.protalinski@arstechnica.com (Emil Protalinski) on Patch Tuesday

According to the Microsoft Security Response Center, Microsoft will issue nine Security Bulletins on Tuesday, and it will host a webcast to address customer questions on the bulletin the following day (August 12 at 11:00am PST, if you're interested). Five of the vulnerabilities are rated "Critical," and the other four are marked as "Important." All of the Critical vulnerabilities earned their rating through a remote code execution impact, meaning a hacker could potentially gain control of an infected machine. At least seven of the nine patches will require a restart.

Malware, oversharing lead Marines to ban social networks

By jacqui@arstechnica.com (Jacqui Cheng) on US Marine Corps

Marines who are fans of Twitter, Facebook, and MySpace will have to wait till they go home to get their social networking fix. The US Marine Corps has just instituted a ban on social networking sites (SNS) on the Marine Corps Enterprise Network (MCEN) due to malware concerns and "information exposure" to adversaries. The ban will be in effect for one year and effective immediately.

All publicly available social networks fall under the ban. According to the all-caps order (hey, let's all be like Kanye), "THE VERY NATURE OF SNS CREATES A LARGER ATTACK AND EXPLOITATION WINDOW, EXPOSES UNNECESSARY INFORMATION TO ADVERSARIES AND PROVIDES AN EASY CONDUIT FOR INFORMATION LEAKAGE THAT PUTS OPSEC, COMSEC, PERSONNEL AND THE MCEN AT AN ELEVATED RISK OF COMPROMISE." This includes, but is not limited to, Twitter, Facebook, and MySpace. "THESE INTERNET SITES IN GENERAL ARE A PROVEN HAVEN FOR MALICIOUS ACTORS AND CONTENT AND ARE PARTICULARLY HIGH RISK DUE TO INFORMATION EXPOSURE, USER GENERATED CONTENT AND TARGETING BY ADVERSARIES," reads the order.

One In Two Security Pros Unhappy In Their Jobs?

By Robert A. on IndustryNews

Darkreading posted the following article on a infosec job survey that I found highly intriguing. "Kushner and Murray say they were surprised by security's high number of unhappy campers -- 52 percent of the around 900 security pros who participated in the survey are less than satisfied with their current jobs....

Hacking Short CSRF Tokens using CSS History Hack

By Robert A. on Research

Securethoughts has posted an entry on combining CSS history theft hacking to brute force short CSRF tokens and has created a POC demonstrating it. While not fast this is certainly achievable (assuming the token is still valid/hasn't expired once identified) on short CSRF token values, and has the advantage in that...

Nmap 5.00 Released

By Robert A. on Tools

"Insecure.Org is pleased to announce the immediate, free availability of the Nmap Security Scanner version 5.00 from http://nmap.org/. This is the first stable release since 4.76 (last September), and the first major release since the 4.50 release in 2007. Dozens of development releases led up to this. Considering all the changes,...

Threat Classification v2 and the need for change

By Robert A. on XSS

As I recently posted the WASC Threat Classification v2 is currently in a public working state and there's been a buzz on the mailing lists about it compared to other related projects. Vishal Garg posed a question I was expecting for awhile which is why does the TCv2 look so much...

Microsoft Security Bulletin Summary for July 2009

By Robert A. on IndustryNews

It is Microsoft patch Tuesday and the following issues have been addressed. MS09-029 Vulnerabilities in the Embedded OpenType Font Engine Could Allow Remote Code Execution (961371) This security update resolves two privately reported vulnerabilities in the Microsoft Windows component, Embedded OpenType (EOT) Font Engine. The vulnerabilities could allow remote code execution....

Firefox 3.5 0Day published

By Robert A. on Vulns

"The exploit portal Milw0rm has published an exploit for Firefox 3.5. The exploit demonstrates a security vulnerability by starting the Windows calculator. In testing by heise Security, the exploit crashed Firefox under Vista, but security service providers Secunia and VUPEN confirmed that attackers using prepared websites can infect PCs. The cause...

Static Analysis Tools and the SDL (Part Two)

By Robert A. on Security Tools

"Hi, Bryan here. Michael wrote last week on static analysis for native C/C++ code, and this week I’ll be following up by covering the tools we use for managed static analysis. The SDL requires teams writing managed code to use two static analysis tools: FxCop and CAT.NET. Both of these tools...

Static Analysis Tools and the SDL (Part One)

By Robert A. on Security Tools

"This is part one of a two part series of posts by myself and Bryan Sullivan; I will cover the static analysis tools we use at Microsoft (and make available publicly) for analyzing unmanaged (ie; Native) C and C++ code, and Bryan will cover managed code static analysis in a later...

Antisec hackers replace all imageshack images!

By Robert A. on IndustryNews

The hacking group/movement antisec has replaced every image on imageshack with a hacked image and has posted the following to the full disclosure mailing list.

FAQ: The ins and outs of DoS attacks

By Elinor Mills

Thursday's denial-of-service attack that knocked Twitter offline for a few hours and affected Facebook, LiveJournal, and Google Sites and Blogger wasn't your average attack.

Typically, someone who has a bone to pick with a specific Web site will round up some hijacked PCs and use them to try ...

Twitter, Facebook attack targeted one user

By Elinor Mills

A Georgian blogger with accounts on Twitter, Facebook, LiveJournal and Google's Blogger and YouTube was targeted in a denial of service attack that led to the site-wide outage at Twitter and problems at the other sites on Thursday, according to a Facebook executive....

Symantec: Phishing activity up in July

By Lance Whitney

Phishing attacks rose 52 percent in July while spam as a percentage of all e-mail stayed about the same compared with the previous month, according to the latest reports from Symantec that tracked spam and phishing activity for the month.

The State of Spam (PDF) and State of Phishing (PDF) ...

Microsoft to fix critical Windows, Office holes

By Elinor Mills

Microsoft will issue fixes for five critical holes affecting Windows and a variety of other software on Patch Tuesday next week.

The critical holes, which could allow an attacker to remotely run code on a PC and take control of it, affect Windows 2000, Windows XP, Windows Vista, Windows Server ...

Is Adobe the next (pre-2002) Microsoft?

By Elinor Mills

If you're a criminal and you want to break into a network, a common attack method is to exploit a hole in software that exists on most computers, has its fair share of holes, and isn't automatically updated.

In 2002, that would have been Windows. Today, it's ...

Apple fixes hole with Mac OS X image viewing

By Elinor Mills

Apple on Wednesday issued a security update that fixes 18 vulnerabilities including several that put computers running Mac OS X at risk of remote code execution if a maliciously crafted image is viewed.

In addition to fixing a problem with how PNG images are handled, Security Update 2009-003 fixes issues ...

Denial-of-service attack downed Gawker Media

By Caroline McCarthy

Hackers launched a distributed denial-of-service (DDOS) attack that sporadically downed popular blog network Gawker Media over the weekend and on Monday, the company confirmed in a blog post early Tuesday morning.

FakeIKEd – Fake IKE Daemon Tool For MITM

By Darknet on mitm

FakeIKEd, or fiked for short, is a fake IKE daemon supporting just enough of the standards and Cisco extensions to attack commonly found insecure Cisco PSK+XAUTH VPN setups in what could be described as a semi MitM attack. Fiked can impersonate a VPN gateway’s IKE responder in order to capture XAUTH login credentials; it doesn’t [...]

New Cyber-Sec Institute Cuts on CAG

In Risk Management

The newly approved Consensus Audit Guidelines are a nice first step, but fall far short of the mark, according to one emerging government security watchdog.

Attackers Took Shots at Wi-Fi Network at Black Hat

In Vulnerability Research

Aruba Networks released statistics on how the Wi-Fi network it provided fared at the Black Hat security conference last week. The news was mixed.

DOD wrestles with Web 2.0

Policy review to tackle security, privacy concerns.

DOD to review use of social-media technology

Deputy Defense Secretary William Lynn orders a review to detail the threats and benefits from using social-networking tools such as Facebook and Twitter.

Airline crew members get fingerprint IDs

TSA has approved standards for a fingerprint identification program for pilots and other airline crew members.

Agencies told to target money for tech projects

Agencies should design their science and technology spending plans for fiscal 2011 around priorities reflected in the economic stimulus law and the fiscal 2010 budget, administration officials say.

Hathaway's departure renews worries about cyberczar vacancy

The resignation of Melissa Hathaway, the Obama administration’s acting senior director for cyberspace, has brought renewed scrutiny on the administration's effort to secure the online world.

Biometrics said vital for combat success

Biometrics said to give combat troops critical capabilities to carry out their missions.

Marines: Facebook is not for the few good men

The Marine Corps has banned using social-networking Web sites on the service’s networks because of security concerns.

Cops: Former Worker Hacked Casino Computers

Posted by InfoSec News on Aug 7

http://www.wnep.com/wnep-luz-hornbacker-hacked-casino-computer,0,6360932.story

By Sarah Buynovsky
WNEP.com
August 6, 2009

New information is coming to light about the case against a man from Luzerne County accused of hacking into a casino's computer system to get revenge.

Latvian botnet host canned

Posted by InfoSec News on Aug 7

http://www.theinquirer.net/inquirer/news/1496304/latvian-botnet-host-canned

By Stewart Meagher
The Inquirer
5 August 2009

A LATVIAN HOSTING COMPANY that was thought to have harboured the world's biggest phishing botnet has been forced to shut up shop by the Swedish telecoms outfit Telis...

Hackers Target House.gov Sites

Posted by InfoSec News on Aug 7

http://voices.washingtonpost.com/securityfix/2009/08/hackers_target_housegov_sites.html

By Brian Krebs
Security Fix
washingtonpost.com
August 6, 2009

Hackers broke into more than a dozen Web sites for members of the U.S. House of Representatives in the past week, replacing portions of...

Twitter, Facebook attack targeted one user

Posted by InfoSec News on Aug 7

http://news.cnet.com/8301-27080_3-10305200-245.html

By Elinor Mills
InSecurity Complex
CNet News
August 6, 2009

A Georgian blogger with accounts on Twitter, Facebook, LiveJournal and Google's Blogger and YouTube was targeted in a denial of service attack that led to the site-wide outage...

Microsoft to Fix Windows, Office Bugs in Critical Updates

Posted by InfoSec News on Aug 7

http://www.eweek.com/c/a/Security/Microsoft-to-Fix-Windows-Office-Bugs-in-Critical-Updates-641093/

By Brian Prince
eWEEK.com
2009-08-06

Microsoft is releasing nine security bulletins for Patch Tuesday on Aug. 11. Among them is a patch for a vulnerability Microsoft warned in July

Dot-org zone offers lessons learned in implementing DNSSEC

Posted by InfoSec News on Aug 7

http://gcn.com/articles/2009/08/06/dnssec-lessons-from-.org-050609.aspx

By William Jackson
GCN.com
Aug 06, 2009

Federal agencies are working with the Internet community to develop a process for securing the Internet’s Domain Name System by implementing the DNS Security Extensions...

Gaming execs: Despite reports, hackers didnât touch ATMs

Posted by InfoSec News on Aug 6

http://www.lasvegassun.com/news/2009/aug/05/gaming-execs-despite-reports-hackers-didnt-touch-a/

By Steve Green
Las Vegas Sun
Aug. 5, 2009

Gaming executives Wednesday disputed reports that hackers in town for the annual DEFCON conference over the weekend perpetrated frauds involving...

Farcical security breach at Lavarack barracks

Posted by InfoSec News on Aug 6

http://www.news.com.au/couriermail/story/0,23739,25889112-953,00.html

By Peter Michael, David Earley and Stefanie Balogh Courier Mail
August 06, 2009

SECURITY at Queensland's largest army base is so lax that would-be terrorists could drive through the front gate under the guise of playing...

Weaponizing Apples iPod Touch

Posted by InfoSec News on Aug 6

http://darkreading.com/security/attacks/showArticle.jhtml?articleID=219100135

By Kelly Jackson Higgins
DarkReading
Aug 05, 2009

It fits behind a coffee machine, inside a desk drawer, or in your pocket, and it doesn't arouse suspicion if you walk into a bank or office tapping away on it...

Council workers sacked for snooping personal details

Posted by InfoSec News on Aug 6

http://www.computerweekly.com/Articles/2009/08/04/237162/council-workers-sacked-for-snooping-personal-details.htm

By Mark Ballard
ComputerWeekly.com
04 Aug 2009

Nine staff have been sacked from their local authority jobs for snooping on personal records of celebrities and personal...

Hathaways departure renews worries about cyberczar vacancy

Posted by InfoSec News on Aug 6

http://fcw.com/articles/2009/08/05/web-obama-cyber-coordinator.aspx

By Ben Bain
FCW.com
Aug 05, 2009

The resignation of Melissa Hathaway, the Obama administration’s acting senior director for cyberspace, has brought renewed scrutiny on the administration's effort to secure the online...

Defence steps up computer theft probe

Posted by InfoSec News on Aug 5

http://news.ninemsn.com.au/world/846035/defence-steps-up-computer-theft-probe

By Ron Corben
9 News
Aug 4, 2009

Australia's Defence Department has stepped up an investigation into the theft of a departmental notebook computer from the hotel room of an Australian naval officer attending a...

Feds at DefCon Alarmed After RFIDs Scanned

Posted by InfoSec News on Aug 5

http://www.wired.com/threatlevel/2009/08/fed-rfid/

By Kim Zetter
Threat Level
Wired.com
August 4, 2009

LAS VEGAS -- It’s one of the most hostile hacker environments in the country -- the DefCon hacker conference held every summer in Las Vegas.

But despite the fact that attendees...

Korean journalists booted from Defcon

Posted by InfoSec News on Aug 5

http://www.computerworld.com/s/article/9136182/Korean_journalists_booted_from_Defcon?taxonomyId=17

By Robert McMillan
IDG News Service
August 3, 2009

Four South Korean journalists were booted from the Defcon hacking conference this week after conference organizers decided their story...

Software Updates Vulnerable To Hijacking

Posted by InfoSec News on Aug 5

http://www.informationweek.com/news/security/vulnerabilities/showArticle.jhtml?articleID=219000172

By Thomas Claburn
InformationWeek
August 4, 2009

The security risks posed by the use public Wi-Fi networks have been known for years, but even cautious computer users may be vulnerable to...

Researchers Hack IP Video

Posted by InfoSec News on Aug 5

http://www.darkreading.com/insiderthreat/security/app-security/showArticle.jhtml?articleID=219000196

By Kelly Jackson Higgins
DarkReading
Aug 04, 2009

Researchers put a new spin on an old attack at Defcon last week, demonstrating how to execute man-in-the-middle attacks on IP video.

Hanging with hackers can make you paranoid

Posted by InfoSec News on Aug 5

http://news.cnet.com/8301-27080_3-10302236-245.html

By Elinor Mills
InSecurity Complex
CNet News
August 4, 2009

At a hacker conference no one is safe.

When I first went to Defcon in 1995, the halls were mobbed with teenagers and attendees seemed more concerned with freeing Kevin.

Secure Network Systems, LLC (SNS) Enters SBA 8(a) Program

Posted by InfoSec News on Aug 5

Secure Network Systems, LLC
phone 303.637.7617
toll free phone 888-CRITSEC
fax 303.833.3677
www. SecureNetworkSystems.com
info_at_SecureNetworkSystems.com

CTA Radio Hacker Says He Didnt Mean Any Harm

Posted by InfoSec News on Aug 5

http://www.wbbm780.com/pages/4929502.php?

WBBM780.com
03 August 2009

CHICAGO (CBS)  Could you have been in danger on the CTA? A young Chicago man is accused of hacking into their radio system hundreds of times. The Feds say he even gave fake directions to some buses and trains. CBS...

Marine Corps Bans Social Media On Military Network

Wrestling with the changing nature of online communication and the need for operational security, the Marine Corps wants to formalize procedures for access to social sites on its network.

Mobile Data Startup Raises $9 Million

MobileIron's enterprise mobility platform offers a window on employees' smartphone use to increase security and cut costs.

Twitter Downed By Denial Of Service Attack

Following an denial of service attack on Thursday morning, Twitter is back online.

Apple Releases Mac OS X Leopard Update

The update, version 10.5.8, improves stability and security and includes many other improvements. Apple's next big operating system update, Snow Leopard, is due next month.

Apple Releases Mac OS X Leopard Update

The update, version 10.5.8, improves stability and security and includes many other improvements. Apple's next big operating system update, Snow Leopard, is due next month.

Mozilla Store Security Breached

GatewayCDI, which operates the Mozilla Store, suffered a security breach affecting an undisclosed number of customers.

Mozilla Store Security Breached

GatewayCDI, which operates the Mozilla Store, suffered a security breach affecting an undisclosed number of customers.

ID Management Remains Challenge For Federal Agencies

Some of the hurdles faced by the U.S. government include funding, organizational structure, and data protection.

Northrop Grumman Opens Security Center

Outsourcer will keep tabs on more than 100,000 customers and 10,000 servers in effort to eliminate cyber threats.

U.S. Cybersecurity Official Quits

The resignation of Melissa Hathaway comes as the Obama Administration continues its search for a top cybersecurity coordinator.

U.S. Cybersecurity Official Quits

The resignation of Melissa Hathaway comes as the Obama Administration continues its search for a top cybersecurity coordinator.

Software Updates Vulnerable To Hijacking

Public Wi-Fi networks present a risk to connected users even if they're not surfing the Internet, thanks to applications that try to update themselves automatically.

Rolling Review: Symantec's DLP-9

Symantec's DLP software provides robust leak prevention for endpoints and on the network.

FAQ: The ins and outs of DoS attacks

By Elinor Mills

Thursday's denial-of-service attack that knocked Twitter offline for a few hours and affected Facebook, LiveJournal, and Google Sites and Blogger wasn't your average attack.

Typically, someone who has a bone to pick with a specific Web site will round up some hijacked PCs and use them to try ...

Twitter, Facebook attack targeted one user

By Elinor Mills

A Georgian blogger with accounts on Twitter, Facebook, LiveJournal and Google's Blogger and YouTube was targeted in a denial of service attack that led to the site-wide outage at Twitter and problems at the other sites on Thursday, according to a Facebook executive....

Microsoft to fix critical Windows, Office holes

By Elinor Mills

Microsoft will issue fixes for five critical holes affecting Windows and a variety of other software on Patch Tuesday next week.

The critical holes, which could allow an attacker to remotely run code on a PC and take control of it, affect Windows 2000, Windows XP, Windows Vista, Windows Server ...

Is Adobe the next (pre-2002) Microsoft?

By Elinor Mills

If you're a criminal and you want to break into a network, a common attack method is to exploit a hole in software that exists on most computers, has its fair share of holes, and isn't automatically updated.

Apple fixes hole with Mac OS X image viewing

By Elinor Mills

Apple on Wednesday issued a security update that fixes 18 vulnerabilities including several that put computers running Mac OS X at risk of remote code execution if a maliciously crafted image is viewed.

Collateral Damage

By Dmitri Alperovitch on Web and Internet Safety

Twitter, LiveJournal, FaceBook, Youtube, Fotki – what do they have in common? They all hosted an account of a pro-Georgian blogger who went under the nickname ‘cyxymu’ (taken after Sukhumi, the capital of Abkhazia, one of Georgia’s pro-Russian breakaway republics and the city he professed to flee from in 1993 during the republic’s war with [...]

Hardware Firewalls Bring Security to Small Businesses

Think your business is too small for a serious security appliance? The truth may surprise you. For less than $500, a simple unified gateway device can protect even tiny offices from the very real threats posed by malware and hackers.

Adobe Reader's security woes a boon for up-and-coming rival Foxit

Foxit Reader, a free PDF-reading knockoff of Adobe Systems Inc.'s free Adobe Reader, has won what its maker estimates is 70 million users worldwide because of its speed and light weight.

Cyber attackers empty business accounts in minutes

The criminals knew what they were doing when they hit the Western Beaver County School District.

5 Lessons from Dark Side of Cloud Computing

While many companies are considering moving applications to the cloud, the security of the third-party services still leaves much to be desired, security experts warned attendees at last week's Black Hat Security Conference.

Novell, CA Push to Secure Identity, Security in Cloud

Two major identity management companies are forging ahead with products designed to satisfy what a cloud-computing consortium calls one of the trickiest problems preventing secure and automated connections between internal IT infrastructures and external service providers: identity and authentication.

Facebook confirms DoS attack same day as Twitter

Popular social-networking site Facebook was hit with a DoS (denial-of-service) attack Thursday, but the attack did not appear to be as severe as one that crippled Twitter the same day.

Researcher: Microsoft may launch 'month of ATL' patches on Tuesday

Microsoft today said it would deliver nine security updates on Tuesday, all but one affecting Windows. One researcher thinks several of the updates may be related to a buggy Active Template Library.

DDoS attack that downed Twitter also hit Facebook

The same denial-of-service attack that took down Twitter this morning also slammed Facebook but with much less dramatic results.

Microsoft offers Office 2008 fix for Open XML documents

Microsoft on Thursday posted Office 2008 for Mac 12.2.1 update, an update to their office productivity software suite for the Macintosh. The new update is available for download from their Web site. Office also features an auto update mechanism that did not recognize this update as available as Macworld posted this article.

Apple patches 18 Mac vulnerabilities, ships OS X 10.5.8

Apple on Wednesday patched 18 vulnerabilities in Mac OS X, including half a dozen that could let hackers hijack machines, and released Mac OS X 10.5.8.

Expect hacker attacks on XML flaws, analyst warns

One day after reports of vulnerabilities in XML libraries, an analyst is warning companies not to ignore the danger of attacks that exploit those flaws.

Twitter taken down by denial-of-service attack

The Twitter micro-blogging and social networking service has been hit with a denial of service attack Thursday morning that has rendered the site unavailable for users.

The cybersecurity job no one really wants

Eight weeks after President Obama announced a White House cybersecurity office, no one has been named to lead the office yet, and some wonder if the delay is because there are few takers for the job as outlined.

EFF: Technology can help in absence of privacy laws

If you're a developer and you're worried about digital privacy issues, the Electronic Frontier Foundation has a job for you.

Has unified mobile management for business arrived?

Whether IT likes it or not, mobile devices such as the iPhone, BlackBerry, and Windows Mobile families are becoming part of IT's job to manage. But the tools are uneven and scattered. Sure, iPhone 3.0, Palm Pre 1.1, and Windows Mobile 6.x devices support Exchange ActiveSync capabilities such as remote wipe and e-mail access for Exchange-based shops, and IBM's intended adoption of ActiveSync for Lotus Notes will extend that reach to mobile Notes users. However, managing e-mail is just part of the issue.

Mozilla shuts Firefox e-store after security breach

Mozilla closed its online store late Tuesday after finding out that the firm it hired to run the backend operations of its e-tailing business had suffered a security breach.

New malware tests find poor detection rates

Many Windows Vista anti-virus programs struggle to detect new and unusual malware, Virus Bulletin's state-of-the-art Reactive and Proactive (RAP) tests have found.

Microsoft slammed over Bing's sponsored online drug ads

Microsoft profits by selling online ads on its search engine to criminal gangs running pharmaceutical Web sites that offer medication to people without a proper prescription, according to a new study.

WatchGuard buys BorderWare to change tack

Reborn security vendor WatchGuard has continued its corporate overhaul by acquiring BorderWare Technologies, a Canadian maker of single-function security boxes with a foothold in online reputation services.

Security job security

It's a good time to work in the security field. Nemertes has completed it's research benchmark for the first half of 2009, incorporating interviews with IT and security executives during a recession. The research participants told us that they consider security and compliance spending to be "recession proof", third only to data network and voice/telecom spending.

InfoWorld confirms critical Windows 7 bug

InfoWorld's tests of the final Windows 7 version (the RTM, or "release to manufacturing") confirms a massive memory leak that occurs when the chkdsk.exe utility is run. Chkdsk.exe scans the PC's hard drives looking for errors in the files and file structures. The memory leak -- which can cause the PC to stop operating -- occurs when chkdsk.exe is run on secondary disks, as opposed to the disk Windows is installed on.

After links to cybercrime, Latvian ISP is cut off

A Latvian ISP linked to online criminal activity has been cut off from the Internet, following complaints from Internet security researchers.

Case studies in working with law enforcement (Part 1)

Should we work with law enforcement when we encounter security breaches?

Firefox Update Fixes Serious SSL, Other Bugs

A Firefox update released today fixes a recently disclosed flaw in the way Firefox 3.0 and other programs handle SSL certificates, which are used for (theoretically) secure online communications.

Pressure on Obama to move fast on cybersecurity appointment

Melissa Hathaway's decision to step down as acting senior director for cyberspace at the National Security Council could increase pressure on the Obama Administration to quickly find someone to serve as the White House cybersecurity coordinator.

Marines solidify ban on Facebook, Twitter

The U.S. Marine Corps made it official this week: Social networking sites such as Facebook and Twitter are banned from military networks.

LSN Password Safe Helps You Stow Your Secrets

The LSN Password Safe (free) helps you keep track of your plethora of passwords with a free encrypted 'safe' on your PC. Once you have it set up, it's easy to add a new record to your safe, with entries such as login, password, URL or e-mail. But using it for the first time might leave you scratching your head. LSN offers an impressive--sometimes daunting--number of security features, including a virtual keyboard, multiple encryption options, and CAPTCHAs to help keep your data safe from spying software.

Verity shows off CD destruction box

IT staff worried about leaving confidential data on old disc media are being offered an alternative to just binning them and hoping for the best. Verity Systems has come up with a destruction system that literally grinds the data off the surface of a CD or DVD.

Twitter meltdown raises questions about site stability
Micro-blogging site knocked over by stiff burst of wind

The paralysing effect of an internet attack against Twitter has raised questions about the site's apparent fragility.…

MS preps five critical fixes for busy Patch Tuesday
ATL clean-up

Microsoft is lining up nine updates - five critical - for the August edition of its regular Patch Tuesday update cycle.…

Researcher: Twitter attack targeted anti-Russian blogger
Joejobbing Cyxymu

As Twitter struggled to return to normal Wednesday evening, a trickle of details suggested that the outage that left 30 million users unable to use the micro-blogging service for several hours - at least in part - may have been the result of a spam campaign that targeted a single user who vocally supports the Republic of Georgia.

Feds seek $566m from man in online gambling case
File under 'online crime pays'

Federal prosecutors have accused a Canadian man of laundering more than $350m for offshore internet gambling operations to skirt US laws prohibiting payments to American citizens trying to cash out their winnings.

Websense sharpens the axe as sales fall
Pink slips for one in 20

Web filtering firm Websense is reportedly planning to lay off 5 per cent of its workforce to cut costs.

Twitter goes titsup
Mystery hackers knock-over micro-blogging service

Updated Twitter was knocked offline on Thursday after the site became the victim of a distributed denial of service attack.

Dastardly DDoSers down Gawker
Consumerist.com drags everything else down with it

New York-based media news and gossip blog network Gawker is recovering from a debilitating denial of service attack.

Top vendors flunk Vista anti-virus tests
Outstandingly mediocre

Security vendors including CA and Symantec failed to secure Windows systems without fault in recent independent tests.

Apple fixes critical Mac holes triggered by image files
Attack of the killer PNGs

Apple on Wednesday patched 18 holes in its Mac OS X operating system, seven that could allow an attacker to remotely take over a machine when a user does nothing more than view a booby-trapped image.

XML flaws threaten 'enormous' array of apps
Java, Python, and Apache - for starters

Updated Security researchers have uncovered critical flaws in open-source software that implements the Extensible Markup Language in a staggering array of applications used by banks, e-commerce websites, and consumers.

Microsoft gets personal on Windows 7 "show stopper" bug
Memory leak smack down

Microsoft has gotten personal in responding to reports of a "show stopper" bug in Windows 7 capable of delaying the planned roll-out, which starts Thursday.

Plug pulled Latvian cybercrime hub
Bullet proof host taken down

Upstream providers have pulled the plug on Latvian ISP Real Host over allegations it maintained cybercrime servers linked to the Zeus botnet.

Mozilla Store shuttered after vendor security breach
No schwag for you

The Mozilla Foundation closed its online stores on Tuesday after a third-party company it uses to run one of the sites' back-end operations suffered a security breach.

Image spam: the threat returns
Did it ever go away?

Off we trot to the Reg Library to select some popular whitepapers for review. This week we mainline on email security, or to be more precise, email insecurity.

Fraud groups ding Bing for illicit pharmacy promos
9 of 10 drug ads flout US law

Updated Microsoft's new search engine Bing is a haven for criminal enterprises operating unlawful online pharmacies, according to a report that estimates almost 90 percent of sponsored links advertising prescription drugs on the site are violating federal and state laws.

Obama's top cybersecurity director resigns
'Dismayed' and delayed

The top White House aide for cybersecurity said she will resign following months of delays by the Obama administration in appointing a permanent director to oversee the safety of the nation's vital computer networks.

Scareware package mimics Windows Blue Screen of Death
A fatal credulity has occurred

Miscreants have developed a scareware package that mimics Windows' infamous Blue Screen of Death.

Watchguard bags BorderWare to push content security
Small security firms have bigger phish to fry

Net security firm WatchGuard has acquired privately-held email and web security firm BorderWare Technologies, of Toronto, Canada.

Twitter DOS, (Thu, Aug 6th)

Due to the amount of people writing in, we thought it might be important to post something about Twi ...(more)...

Security Update 2009-003 / Mac OS X v10.5.8, (Wed, Aug 5th)

Details of these will be posted here soon: http://support.apple ...

Java Security Update , (Tue, Aug 4th)

Sun has released a new version of Java (6u15). Thanks go out to TommyB and DavidF who wrote in to ...(more)...

Firefox Updates, (Tue, Aug 4th)

Many of you have let us know that there is a new firefox version out that addresses a few issues. ...(more)...

NIST Issues Final Version of SP 800-53; Enables Rapid Adoption of the Twenty Critical Controls (Consensus Audit Guidelines) (August 3, 2009)

The National Institute of Standards and Technology (NIST) has published the final version of SP 800-53, Revision 3, "Recommended Security Controls for Federal Information Systems and Organizations.

DoD Revisiting Social Media Policy (July 31 & August 3, 2009)

US Strategic Command is reviewing the safety of social media like Facebook, MySpace and Twitter to help reevaluate Defense Department (DoD) policy regarding their use.

Contractor Repays Government for Inadequate Security (July 25, 2009)

A US government contractor has repaid US $1...

Hathaway to Step Down (August 3, 2009)

Acting cyber security coordinator Melissa Hathaway has announced that she will step down from that position later this month for personal reasons...

Man Faces Felony Charges for Allegedly Stealing and Reselling Domain Name (August 3, 2009)

A New Jersey man has been arrested and charged with theft by unlawful taking or deception, identity theft and computer theft for allegedly stealing the domain name P2P...

Boston Univ. Student Fined US $675,000 for Filesharing (July 31 & August 3, 2009)

Boston University student Joel Tenenbaum has been fined US $675,000 for illegally downloading 30 songs and making them available to others...

Adobe Issues Critical Updates for Reader and Acrobat (August 3, 2009)

Adobe has released updates for Reader and Acrobat on Windows, Mac, and Unix to address critical flaws related to Flash content...

Apple Issues Fix for SMS Vulnerability (July 31, August 1 & 3, 2009)

Apple has fixed a vulnerability that affects iPhones and other devices just one day after it was disclosed at the Black Hat security conference...

Data Security Breach Compromised Personal Data of 27,000 US Commerce Dept. Employees (August 3, 2009)

According to a letter sent to employees of the US Commerce Department, a National Finance Center employee sent an unencrypted Excel spreadsheet containing employees' personal information to a co-worker via email...

Twitter Filtering Some Malicious Links (August 3, 2009)

Twitter has begun notifying users when they post links to known malicious websites...

Suspicious ATMs at DefCon (August 2 & 3, 2009)

The US Secret Service is investigating several automatic teller machines (ATMs) discovered in Las Vegas at the DefCon security conference...

Twitter, Facebook hit by denial-of-service attacks

By Neil Roiter

Twitter was shut down for more than two hours and Facebook service slowed as the ubiquitous social networking websites were hit by denial-of-service attacks Thursday morning

Microsoft to address critical vulnerability in Office Web Components

By Neil Roiter

Microsoft will issue security updates for five critical vulnerabilities next week, including one that affects multiple software packages.

Report: Rogue pharmacies use Microsoft Bing to sell drugs illegally

By Carolyn E. Gibney

Rogue pharmacies are using Microsoft's Bing search engine to illegally sell drugs, including addictive substances without prescriptions, according to a report

Burton Group warns of cloud computing risks

By Christina Torode

There are many benefits to the various cloud computing models. But for each benefit, such as cost savings, speed to market and scalability, there are just as many risks and gaps in the cloud computing model.

Q2 2009 data shows IT security certification pay still climbing

By Carolyn Gibney, Assistant Site Editor

Despite the economic turmoil, IT security certification pay is still on the rise, due not only to increased regulations, but to businesses' greater focus on providing security to their customers as brand differentiation.

Mozilla shuts down online store after third-party security breach

By Staff, SearchSecurity.com

Mozilla took its e-store site, Mozilla Store, offline Tuesday after it learned that the vendor responsible for running it had suffered a security breach.

WatchGuard acquires email and Web security vendor BorderWare

By SearchSecurity.com Staff

Network security vendor WatchGuard bolsters its UTM offerings with acquisition of email and Web security firm.

Asterisk Open Source Crash Vulnerability in RTP stack

An attacker can cause Asterisk to crash remotely by sending malformed RTP text frames.

Adobe Flash Player Integer Overflow Code Execution

An integer overflow exists in the AVM2 abcFile parser code which handles the intrf_count value of the instance_info structure.

mChek 3.4 Information Disclosure

Credit card numbers and corresponding bank names are written in cleartext to mobile phone storage. Also, after a credit card is deleted from mCheck s user interface, the credit card number continues to exist in the phone file system.

Phorum Cross-Site Scripting Vulnerabilities

Phorum's filtering engine insufficiently filters some BBcode arguments. Using the bbcode tags [color] and [size] it is possible to execute Javascript using expression CSS property.

Hacking CSRF Tokens using CSS History Hack

Until now, it was considered infeasible for an attacker to discover your CSRF token using Brute Force Attacks on the server. I am going to change this belief by showing you a technique to quicky find csrf tokens without generating alerts.

Microsoft to Fix Windows, Office Bugs in Critical Updates

Microsoft is releasing nine security bulletins for Patch Tuesday on Aug. 11. Among them is a patch for a vulnerability Microsoft warned in July was being exploited by attackers.

Mac OS X's Reputation for Security Wearing Thin

News Analysis: After Apple announced 18 security fixes to Mac OS X on Aug. 5, the reputation of the operating system as a more secure personal computing platform is starting to wear thin. Is it finally time for the company to admit that its operating system is as susceptible to security issues as Windows? Apple would be doing a good service to Mac users if it started advising its customers to pay closer attention to security before hackers have a chance to prove just how vulnerable Mac OS X can be.

Twitter, Facebook Investigating Service Disruptions

Twitter co-founder Biz Stone confirmed in his blog that the social media site had been hit by a denial-of-service attack that knocked it offline for nearly two hours during the morning of Aug. 6. There were also online reports that Facebook was hit by a denial of service attack. However, Facebook officials would only say the company was investigating the reports and would update users as soon as possible. Both sites appeared to be operating normally by around noon EDT.

Apple Mac OS X Update Plugs 18 Security Vulnerabilities

Apple fixed 18 security flaws in the latest update to its Mac OS X operating system. Several of the bugs are tied to the handling of images.

Researchers Uncover Critical XML Library Flaws

Security researchers release details about vulnerabilities in XML libraries from Sun Microsystems, Python and Apache. Developers who use the libraries are advised to take action as soon as possible.

Microsoft Bing Benefits from Ads for Illegal Online Pharmacies, Report Charges

A report criticizes Microsoft's handling of sponsored search results in its Bing search engine, some of which lead to illegal pharmacies, according to KnujOn and LegitScript. Nearly 90 percent of the sponsored pharmacy results lead to sites that engage in illegal activity, such as selling counterfeit medicine, the report says.

How to Ensure Your Company's PCI DSS Compliance

Complying with the Payment Card Industry Data Security Standard ensures that your company can continue to do business with the Payment Card Industry, but it doesnt ensure that your company will be secure as well. Companies dont want to be in a position where they could have prevented a cybercrime if they had only gone beyond the minimal amount of work to truly become PCI-compliant. Here, Knowledge Center contributor John Linkous discusses seven requirements companies must meet to both improve security and ensure that they are compliant with the Payment Card Industry Data Security Standard.

Pentagon Orders Review of Social Networking

The Pentagon is reviewing its policy toward social networking sites amid security concerns. The order comes a day after the U.S. Marine Corps issued a ban on the use of Facebook, Twitter and MySpace.

Cyber-thief Sold Stolen Domain to NBA Player, Police Charge

A 25-year-old man is charged with stealing a company's domain name and selling it to NBA player Mark Madsen for $111,000. New Jersey State Police say they believe the arrest marks the first time the state has charged someone with stealing a domain name.

Hackers Target House.gov Sites

In U.S. Government

Hackers broke into more than a dozen Web sites for members of the U.S. House of Representatives in the past week, replacing portions of their home pages with digital graffiti, according House officials. The landing pages at house.gov for Reps. Duncan Hunter (R-Calif.), Jesse L. Jackson, Jr. (D-Ill.), and Spencer Bachus (R-Ala.) were among at least 18 member pages that were defaced in a series of break-ins that apparently began earlier this month, according to zone-h.com, a site that archives evidence of Web site attacks. Adam Bozzi, a spokesman for Rep. Harry Mitchell (D-Ariz.), confirmed that Mitchell's site was among those hacked. Bozzi said it appears the attackers broke in by guessing passwords used to administer the site. Bozzi said the messages that the hackers left behind had been erased, and that his office now has stronger passwords for the site.

Researchers: XML Security Flaws are Pervasive

In New Patches

Security researchers today unveiled details about a little-known but ubiquitous class of vulnerabilities that may reside in a range of Internet components, from Web applications to mobile and cloud computing platforms to documents, images and instant messaging products. At issue are problems with the way many hardware and software makers handle data from an open standard called XML. Short for "eXtensible Markup Language," XML has been used for many years as a fast and efficient way to transport, store and structure information across a wide range of often disparate applications.

Twitter Tries to Tame Tainted Links

In From the Bunker

Faced with a recent surge in the number of malicious software programs using its micro-blogging service to spread, Twitter is making an effort to block users from posting links to known malicious Web sites. The initiative, first noted in a blog posting by Finnish anti-virus maker F-Secure Corp., involves the use of Google's Safe Browsing program, which the search giant uses to prevent Internet users from visiting Web sites that Google's bots have flagged for installing malicious software.

Security Updates for iPhone, Adobe Reader

In New Patches

Apple has issued a security update for the iPhone. The patch fixes a vulnerability demonstrated recently at a hacker conference in Las Vegas, where security researchers showed they could hijack an iPhone simply by sending it a series of booby-trapped text messages. Apple's patch comes in response to research revealed at last week's Black Hat security conference, by well-known Apple hacker Charlie Miller and co-presenter Collin Mulliner, a Ph.D. student in telecommunications security at the Technical University of Berlin. The two showed that a specially designed text-message barrage could allow attackers to hijack various iPhone core functions, such as making calls and turning on the device's microphone and camera. The update is available only through iTunes, which should auto-detect that the update is available. If it doesn't, or you don't want to wait around for an auto-update notice (Apple says that process can take up to a week)

Brief: Twitter, Facebook fend off DoS attacks

Twitter, Facebook fend off DoS attacks

Brief: Top U.S. cybersecurity aide resigns, report says

Top U.S. cybersecurity aide resigns, report says

Brief: Apple patches iPhone SMS vulnerability

Apple patches iPhone SMS vulnerability

Collapse

Death of VPN

By deb@shinder.net (Deb Shinder)

Secure Remote Computing with DirectAccess.

You don't know tech: The InfoWorld news quiz (InfoWorld)

In technology

InfoWorld - It's Apple versus the world this week, as it squared off against Google, hackers, and makers of not-safe-for-kindergarten iPhone dictionaries.

Cyber Attackers Empty Business Accounts in Minutes (PC World)

In technology

PC World - The criminals knew what they were doing when they hit the Western Beaver County School District.

White House Still Seeking Cybersecurity Czar (PC Magazine)

In technology

PC Magazine - President Barack Obama is still searching for the right person to lead the fight against an epidemic of cybercrime, the White House said on Tuesday as it came under fire following the resignation of a top cybersecurity adviser.

Apple keyboard firmware vulnerability demonstrated (Macworld.com)

In technology

Macworld.com - Apple may have rolled out a security patch for the iPhone SMS vulnerability demonstrated at last week's Black Hat security conference, but it wasn't the only Apple device under attack. One hacker demonstrated a way that a keylogging application-a piece of malware that keeps track of what you type-could be installed in the firmware of Apple's keyboards.

After Links to Cybercrime, Latvian ISP Is Cut off (PC World)

In technology

PC World - A Latvian ISP linked to online criminal activity has been cut off from the Internet, following complaints from Internet security researchers. 

White House still seeking cybersecurity czar (Reuters)

In technology

Reuters - President Barack Obama is still searching for the right person to lead the fight against an epidemic of cybercrime, the White House said on Tuesday as it came under fire following the resignation of a top cybersecurity adviser.

White House struggles to fill cyber czar post (AP)

In politics

AP - Nearly six months after the Obama administration turned its focus on computer security, the White House is still struggling to name a cyber coordinator, delaying efforts to better organize and manage the nation's increasingly vulnerable digital defense.

Fake 'Blue Screen of Death' pushing scareware

By Ryan Naraine on Viruses and Worms

Hackers are using the infamous Windows Blue Screen of Death to trick computer users into downloading fake security software (scareware). According to a discovery by Sunbelt Software, a Windows users are being shown the recognizable blue screen that signifies an operating system crash with a bright red “Security Alert” notice. (click image below for full version) The [...]

U.S. Marines ban Facebook, MySpace, Twitter

By Ryan Naraine on Zero-day attacks

The U.S. Marine Corps has slapped an immediate ban on the use of social networking sites on its network, warning that sites like Facebook, MySpace and Twitter are a “proven haven for malicious hackers and content.” The ban, contained in an order issued Monday, will last for a year.  It specifically mentions Facebook, Twitter and MySpace [...]

TA09-218A: Apple Updates for Multiple Vulnerabilities

Apple Updates for Multiple Vulnerabilities

Microsoft Security Bulletin Advance Notification for August 2009

Revision Note: Advance Notification published.Summary: This advance notification lists security bulletins to be released for August 2009.

August 2009 Advance Notification

By MSRCTEAM

Advance Notification for the August 2009 Security Bulletin Release

In this month’s Advance Notification we are making customers aware that next Tuesday August 11th we plan to release 9 security bulletins at approximately 10:00 a.m. PDT (UTC -8). Those bulletins consist of:

· 8 bulletins affecting Windows five of which are rated critical and three are rated as important.

One of the critical Windows bulletins also affects Client for Mac.

One of the important Windows bulletins also affects the .NET Framework.

· One critical bulletin affecting Microsoft Office, Microsoft Visual Studio, Microsoft ISA Server and Microsoft BizTalk Server. This update addresses the issue discussed in security advisory 973472.

Concerning restart requirements, all of the updates for Windows will require a restart except one (this is the update also affecting the .NET Framework). The Office related bulletin may require a restart if the binaries being updated are in use. To reduce your chances of requiring a restart, please see Knowledge Base article 887012.

On release day, look for additional information on both this blog and the Security Research and Defense blog.  If you have questions or would like more information about this month’s release, please plan to attend our regularly scheduled security bulletin webcast on Wednesday, August 12, 2009, at 11:00 a.m. PDT (UTC –7). Click HERE to register.  

Thanks!

Jerry Bryant

*This posting is provided "AS IS" with no warranties, and confers no rights*

Oracle Security Alerts
Critical Patch Update - Julyl 2009

Vulnerabilities in Oracle mod_plsql and JSP in Oracle9i Application Server, v1.0.2.x

Alert #28, 06 February 2002, UPDATED 05 JULY 2002. Download the patch from MetaLink and follow the workarounds as described in the Alert.

Vulnerabilities in Oracle9iAS Webcache

Alert #27, 28 December 2001

DoS Against Oracle9iAS

Alert #26

Vulnerabilities in mod_plsql

Alert #25

Oracle Database Server DBSNMP Vulnerabilities

Alert #23, 29 November 2001

Security Implications of the Oracle9iAS Default SOAP Configuration

Alert #22, Updated 23 September 2002

Oracle Label Security Mandatory Security Patch

Alert #21, 18 October 2001

Oracle File Overwrite Security Vulnerability

Alert #20, 18 October 2001

Oracle Trace Collection Security Vulnerability

Alert #19, Updated 29 November 2001

Oracle9iAS Web Cache Overflow Vulnerability

Alert #18, 18 October 2001

Oracle Internet Directory Buffer Overflow

Oracle SQL*Net/Net8 Malformed Packet Denial of Service

Oracle SQL*Net/Net8 Denial of Service

Oracle SQL*Net/Net8 Redirect Denial of Service

Launch of Forms from Oracle e-business Suite

Execution of Oracle JSP Outside doc_root

Oracle JVM FilePermission Vulnerability

Oracle Internet Directory Buffer Overflows

Oracle Connection Manager Control SUID

Oracle XSQL Servlet Vulnerability

Oracle Internet Application Server

Oracle Enterprise Manager Backup and Recovery

Net8 Listener Vulnerability

Oracle Application Server: Remote Command Execution

Unintended Execution of Oracle JSP

The Smoking Gun exposes PrankNet as Internet badboys cower

By nate@arstechnica.com (Nate Anderson) on PrankNet

The Smoking Gun this week released the results of its lengthy investigation into PrankNet, an online community specializing in disturbing phone pranks. The operators operated under a veil of anonymity, covering their tracks and using Skype to place non-traceable phone calls. When TSG eventually exposed the ringleader as a young man living in Canada, however, the results were predictably pathetic.

On July 21, a pair of TSG reporters approached "Dex"'s building at 1637 Assumption Street in Windsor, where he lives in the ground-floor 'B' apartment. Calling to his mother, who was standing near an open living room window, a reporter asked her to summon her son. The woman disappeared into "Dex"'s adjoining bedroom, where the pair could be heard whispering. Despite repeated requests to come out and speak with TSG, "Dex" hid with his mother in his bedroom, the windows of which were covered with plastic shopping bags, a towel, and one black trash bag.

As the sun set and his room darkened, "Dex" did not reach to turn on a light. The notorious Internet Tough Guy, who has gleefully used the telephone to cause all kinds of havoc, was now himself panicking. He had been found. And, as a result, was barricaded in Pranknet World Headquarters with his mom, while two reporters loitered outside his window and curious neighbors wondered what was up. 

IT admin charged in Xmas Eve rampage on charity
Disunited Way

The former IT admin for a Florida-based charity stands accused of ransacking the organization's servers and phone systems last Christmas eve, more than a year after his employment there ended.…

Booming scareware biz raking in $34m a month
Panda dissects rogue security software market

Fraudsters are making approximately $34m per month through scareware attacks, designed to trick surfers into purchasing rogue security packages supposedly needed to deal with non-existent threats.…

Pro-Georgian blogger target of massive Internet attacks (AFP)

In technology

AFP - A pro-Georgian blogger was the target of cyber attacks that disrupted Twitter and hampered services at Facebook and Livejournal, Internet security company F-Secure said on Friday.

Targeted Twitter user blames Russia

By Elinor Mills

The blogger behind the Cyxymu accounts is blaming Russia for the attacks.

The Georgian blogger whose Twitter, Facebook, and YouTube accounts were targeted in denial-of-service attacks on Thursday, says he thinks Russia's federal security service is behind it.

Twitter & Facebook Taken Offline By DDoS Attacks

By Darknet on twitter ddos

Both Facebook and Twitter were hit with pretty severe DDoS attacks rendering them useless and unavailable to the majority of users. The thing is it seems like it wasn’t a traditional network based botnet style DDoS attack, but a ‘joejob‘ attack where spam is sent out containing a link and the users clicking on the link [...]

In cybersecurity, everyone’s a critic

After Melissa Hathaway's departure, what's next for the cybersecurity-coordinator position?

Recommended Reading: Michael Jackson, botnets and digital democracy

The 12 holy sites of IT; Measuring emotion in cyberspace; A toolkit for retooling democracy; Botnets: Be scared, very scared

Gov ID card program enters new phase

As most agencies get over the hump of issuing HSPD-12 computer identification cards to all employees and contractors, they must now tackle the next challenge of developing card-based security systems that will control access to government facilities and computer systems.

DOD health records project hinges on security

Electronic records could lead to a faster, more flexible and more cost-effective system.

Mobile data poses security risk

Multiple types of removable media and devices hold sensitive government information, and each presents its own security risks.

Twitter Attack Looks Politically Motivated

The denial of service attacks that hit Twitter, Blogger, Facebook and LiveJournal on Thursday appear to be an effort to silence a pro-Georgia blogger.

TSA OKs Biometric Security For Flight Crews

The stage is set for a Transportation Security Administration pilot program that accelerates flight crew security screening in airports.

NIST Lab Director Tackles Cybersecurity, Cloud Computing

Cita Furlani explains the nuts-and-bolts work of defining key government IT standards and the job of working with federal agencies on adoption and implementation.

Marine Corps Bans Social Media On Military Network

Wrestling with the changing nature of online communication and the need for operational security, the Marine Corps wants to formalize procedures for access to social sites on its network.

Targeted Twitter user blames Russia

By Elinor Mills

The blogger behind the Cyxymu accounts is blaming Russia for the attacks.

The Georgian blogger whose Twitter, Facebook, and YouTube accounts were targeted in denial-of-service attacks on Thursday, says he thinks Russia's federal security service is behind it.

"This hackers was from Russian KGB," the blogger, who ...

Collateral Damage (continued)

By Francois Paget on Web and Internet Safety

While Dmitri Alperovitch wrote his blog entry about the recent DDoS attack against Twitter and some other platforms hosting accounts of a pro-Georgian blogger nicknamed cyxymu, I browsed the Internet, searching for malicious websites taking advantage of this topic. In second place in my google search request, I was attracted by a link proposing to add the blogger [...]

Security experts scramble to decipher Twitter attack

Security analysts scrambled to find a motive behind the distributed denial-of-service attacks that brought down Twitter for several hours, and also hit Facebook, Google and LiveJournal.

Twitter DDoS Attack Politically Motivated, says Report

The distributed denial of service attack on Thursday that targeted Twitter, Facebook, LiveJournal and several Google sites may have been politically motivated. The reported target of these attacks was a blogger named Cyxymu from the Eastern European country of Georgia who is an outspoken supporter of his country. Facebook's chief security officer, Max Kelly has said the attack was coordinated to "keep his [Cxymu's] voice from being heard," according to Cnet.

Twitter DDoS Attack Reminder for Safe Web Habits

Facebook, LiveJournal, and most visibly Twitter were sabotaged by a distributed denial of service (DDOS) attack. What's not clear is exactly why these sites were targeted. Current speculation is that the Koobface worm, whose name is a Facebook anagram, may be responsible for the attacks. A fresh wave of infections from a new variant of the worm supports this possibility. Let this serve as a warning that we can never remind our users too often about safe surfing practices.

Twitter DOS attack targeted Georgian blogger

The denial of service (DOS) attacks which knocked Twitter offline and slowed down Facebook response times yesterday may have been designed to target just one individual.

Consortium proposes a way to secure DNS

A consortium of organisations have banded together to develop software aimed at making it easier for companies to deploy the DNS security standard DNSSEC. A team comprising Nominet, .SE, SIDN (respectively the Swedish and Dutch Internet registries) and various others have combined to produce OpenDNSSEC, software that the developers claim will reduce the pain of implementing DNSSEC.

Detecting "bot rot" using log management or SIEM

There are many kinds of tools that can help detect the presence of a bot. Log management and SIEM tools are helpful in detecting the communication that is a hallmark of a botnet. Experts provide their advice on how to use such tools to determine if a bot is at work on your network.

Man blames cat for child porn downloads
One kitty. One thousand pics

A Florida man accused of downloading more than 1,000 images of child pornography is blaming the offense on his cat, according to published reports.…

Weak Passwords Allow Congressional Web Site Defacements (August 6, 2009)

A rash of digital graffiti on the websites of at least 18 US Representatives has been blamed on weak administrative passwords established by a third party vendor...

US Marines Bans Social Networking Sites on its Networks (August 4, 2009)

An August 3 order bans US Marines from accessing social networking tools, including Facebook and Twitter, due to security concerns...

Twitter Downed by DDoS (August 6, 2009)

Twitter is recovering from a distributed denial-of-service (DDoS) that occurred on Thursday...

Jail Time for Internet Bank Fraud (August 5, 2009)

A woman in New Zealand has been sentenced to one year in jail for stealing more than NZ $110,000 (US $73,700)in an Internet banking fraud scheme...

National Cybersecurity Coordinator Role Watered Down (August 4 & 5, 2009)

Melissa Hathaway, the administration's acting cyber security coordinator, told the Washington Post that she stepped down from the position and removed herself from consideration for the permanent role because she was "not empowered ...

Stolen Laptop Holds Army National Guard Data (August 4 & 5, 2009)

A laptop computer belonging to an Army National Guard contractor was stolen on July 27; the computer holds personally identifiable information of approximately 131,000 current and former Army National Guard members...

XML Library Flaws Affect Numerous Applications (August 6, 2009)

Researchers have uncovered a significant number of flaws in Extensible Markup Language (XML) libraries that could be exploited to crash machines and execute malicious code...

Apple Releases Mac OS X Update (August 6, 2009)

Apple has released Mac OS X version 10...

Mozilla Issues Firefox Update (August 4, 2009)

On Monday, August 3, Mozilla issued an update for Firefox to address a number of critical security flaws...

Mozilla Closes Online Store After Third-Party Intrusion (August 5, 2009)

Mozilla shut down its online store after learning that a third-party company it had hired to run the site's back-end operations had experienced a breach...

Latvian ISP Cut Off Over Allegations of Hosting Botnet Command and Control Servers (August 4 & 5, 2009)

Latvian Internet service provider (ISP) Real Host has been disconnected from the Internet after its upstream provider, Junik, cut off service...

Blue Screen of Death Scareware (August 4 & 5, 2009)

A new scareware variant exploits the pit-of-the-stomach feeling that accompanies the Windows Blue Screen of Death...

Russia-Georgia Conflict Blamed for Twitter, Facebook Outages

In Misc.

The theories behind who and what attacked Twitter and Facebook yesterday -- causing intermittent outages at each -- are flying like so many tweets across the Internet. The prevailing theory suggests that the outage was due to a cyber skirmish stemming from simmering tensions between Russia and Georgia. CNet and CNN place blame for the incident on an elaborate, politically motivated vendetta timed to coincide with the one year anniversary of the Russia-Georgia war, a brief but costly skirmish in August 2008 accompanied by cyber attacks on Georgian government Web sites. In short: the outage at Twitter (and to a lesser extent Facebook & LiveJournal) was due to an effort to silence an anti-Russian blogger from Tbilisi who has been calling attention to a recent resurgence of tensions in the region. CNet cites Facebook's Chief Security Officer Max Kelly saying that a political blogger using the online name "Cyxymu"

No comments:

Post a Comment

My Blog List