Aurora Report: Around The Horn vol.1,160

Zero Day

Tracking the hackers

Thousands of web sites compromised, redirect to scareware

By Dancho Danchev on Web 2.0

Security researchers have detected a massive blackhat SEO (search engine optimization) campaign consisting of over 200,000 compromised web sites, all redirecting to fake security software, commonly refered to as scareware.

Microsoft confirms 'detailed' Windows 7 exploit

By Ryan Naraine on Windows Vista

Exploit code for the vulnerability was released by researcher Laurent Gaffié after failed attempts to get Microsoft's security response center to acknowledge that this was an issue that needs to be patched.

Man-in-the-middle attacks demoed on 4 smartphones

By Dancho Danchev on Wi-Fi security

Security researchers test four smartphones (Nokia N95, Windows HTC tilt, Android G1 and Apple iPhone 3G S) and demonstrate man-in-the-middle attacks conducted through compromised Wi-Fi spots.

Microsoft bracing for malware attacks from embedded fonts

By Ryan Naraine on Spyware and Adware

It's only a matter of time before malicious hackers start exploiting a critical Windows vulnerability via booby-trapped Web pages or Office (Word or PowerPoint) documents.

Apple Safari exposes Windows to drive-by download attacks

By Ryan Naraine on Vulnerability research

A high-priority Safari update patches vulnerabilities that allow remote code execution (drive-by downloads) if a user simply surfs to a maliciously rigged Web site.

Adobe plugs security hole in Photoshop Elements

By Ryan Naraine on Pen testing

Adobe has shipped a patch to cover a security vulnerability affecting its Photoshop Elements software product.

Yahoo! News: Security News

Security News

GAO: Los Alamos computer security has weaknesses (AP)

In us

AP - Security weaknesses uncovered in Los Alamos National Laboratory's classified computer network could increase the risk of a breach of classified information, the U.S. Government Accountability Office said in a new report.

Computer security co. Fortinet plans IPO this week (AP)

In business

AP - Fortinet Inc. plans to go public Wednesday in an initial public offering, giving investors a chance to tap a network security provider with sales expected to grow.

Obama Administration Unsure About New Cybersecurity Laws (PC World)

In technology

PC World - Current laws addressing cyber crime aren't adequate to address growing attacks on the government and businesses, a representative of U.S. President Barack Obama's administration said Tuesday.

Cyber laws must punish individuals not society: specialist (AFP)

In technology

AFP - Laws regulating cybercrimes must target individuals and not society as a whole, an IT specialist told an Internet governance forum at the Egyptian resort of Sharm el-Sheikh on Tuesday.

Shadowserver to Take Over as Mega-D Botnet Herder (PC World)

In technology

PC World - An effort is underway to clean up tens of thousands of computers infected with malicious software known for churning out thousands of spam messages per hour.

FBI says hackers targeting law firms, PR companies (AP)

In technology

AP - Hackers are increasingly targeting law firms and public relations companies with a sophisticated e-mail scheme that breaks into their computer networks to steal sensitive data, often linked to large corporate clients doing business overseas.

UK Hails First Cybercrime Cooperation With Banks (PC World)

In technology

PC World - U.K. police are hailing the sentencing of four people who used a sophisticated Trojan horse program to siphon money out of online bank accounts and send it to Eastern European countries and Russia.

Fake Verizon 'balance-checker' Is a Trojan (PC World)

In business

PC World - Cyber-criminals have started preying on Verizon Wireless customers, sending out spam e-mail messages that say their accounts are over the limit and offering them a "balance checker" program to review their payments.

DNS Problem Linked to DDoS Attacks Gets Worse (PC World)

In technology

PC World - Internet security experts say that misconfigured DSL and cable modems are worsening a well-known problem with the Internet's DNS (domain name system), making it easier for hackers to launch distributed denial-of-service (DDoS) attacks against their victims.

First Windows 7 Exploit Appears To Evade SDL Process (NewsFactor)

In business

NewsFactor - Windows 7 escaped the monthly patching process earlier this week, but it didn't escape the notice of hackers. What some security researchers are calling the first zero-day exploit in Windows 7 has been identified and Microsoft is investigating the issue.

Modded Xbox 360s Jailbroken With 'Un-Ban' Hack? (PC World)

In technology

PC World - A hacker eager to reconnect modded Xbox 360s banned by Microsoft in recent days may be on the verge of releasing a workaround. According to 360Mods (by way of DailyTech), user 'c4eva' has shifted gears from developing Lite-on and Hitachi optical drive mods to creating a firmware rev that would allow modded Xbox 360s to bypass Microsoft's online security tests.

New Malware Affects Jailbroken iPhones (PC World)

In technology

PC World - Late last week, an Australian hacker dubbed ikee deployed the Rickrolling wormâ€" a harmless and humorous worm that installs a picture of 80's one hit wonder Rick Astley to affected users' home screens.

New IPhone Malware Steals Data From Jailbroken Phones (PC World)

In technology

PC World - Another piece of dangerous code that attacks iPhones has been found, although it puts at risk only a very small subset of the smartphone's users.

Estonians, Russian, Moldovan charged in credit card hack (AFP)

In us

AFP - Alleged computer hackers from Estonia, Russia and Moldova have been indicted in a scheme that netted nine million dollars from cash dispensers, the US Justice Department said on Tuesday.

FireEye Moves Quickly to Quash Mega-D Botnet (PC World)

In technology

PC World - A computer security company known for battling botnets moved last week to try to shut down a persistent spam player.

WindowSecurity.com

WindowSecurity.com provides Windows security news, articles, tutorials, software listings and reviews for information security professionals.

Microsoft Azure: Security in the Cloud

By deb@shinder.net (Deb Shinder)

What Microsoft is doing to address the biggest cloud security hot spots.

TaoSecurity

Richard Bejtlich's blog on digital security and the practices of network security monitoring, incident response, and forensics.

Extending Security Event Correlation

By Richard Bejtlich

Last year at this time I wrote a series of posts on security event correlation. I offered the following definition in the final post:
Security event correlation is the process of applying criteria to data inputs, generally of a conditional ("if-then") nature, in order to generate actionable data outputs.
Since then what I have found is that products and people still claim this as a goal, but for the most part achieving it remains elusive.
Please also see that last post for what SEC is not, i.e., SEC is not simply collection (of data sources), normalization (of data sources), prioritization (of events), suppression (via thresholding), accumulation (via simple incrementing counters), centralization (of policies), summarization (via reports), administration (of software), or delegation (of tasks).
So is SEC anything else? Based on some operational uses I have seen, I think I can safely introduce an extension to "true" SEC: applying information from one or more data sources to develop context for another data source. What does that mean?
One example I saw recently (and this is not particularly new, but it's definitely useful), involves NetWitness 9.0. Their new NetWitness Identity function adds user names collected from Active Directory to the meta data available while investigating network traffic. Analysts can choose to review sessions based on user names rather than just using source IP addresses.
This is certainly not an "if-then" proposition, as sold by SIM vendors, but the value of this approach is clear. I hope my use of the word "context" doesn't apply to much historical security baggage to this conversation. I'm not talking about making IDS alerts more useful by knowing the qualities of a target of server-side attack, for example. Rather, to take the case of a server side attack scenario, imagine replacing the source IP with the country "Bulgaria" and the target IP with "Web server hosting Application X" or similar. It's a different way for an analyst to think about an investigation.

Embedded Hardware and Software Pen Tester Positions in GE Smart Grid

By Richard Bejtlich

I was asked to help locate two candidates for positions in the GE Smart Grid initiative.
We're looking for an Embedded Hardware Penetration Tester (1080237) and an Embedded Firmware Penetration Tester (1080236).
If interested, search for the indicated job numbers at ge.com/careers or go to the job site to get to the search function a little faster.
I don't have any other information on these jobs, so please work through the job site. Thank you.
Update Mon 16 Nov: As noted by Charlene in the comments below, the jobs are no longer posted. If I hear they are back I will post an update here.

Reaction to 60 Minutes Story

By Richard Bejtlich

I found the new 60 Minutes update on information warfare to be interesting. I fear that the debate over whether or not "hackers" disabled Brazil's electrical grid will overshadow the real issue presented in the story: advanced persistent threats are here, have been here, and will continue to be here.
Some critics claim APT must be a bogey man invented by agencies arguing over how to gain greater control over the citizenry. Let's accept agencies are arguing over turf. That doesn't mean the threat is not real. If you refuse to accept the threat exists, you're simply ignorant of the facts. That might not be your fault, given policymakers' relative unwillingness to speak out.
If you want to get more facts on this issue, I recommend the Northrop Grumman report I mentioned last month.

SecurityFocus News

SecurityFocus is the most comprehensive and trusted source of security information on the Internet. We are a vendor-neutral site that provides objective, timely and comprehensive security information to all members of the security community, from end users, security hobbyists and network administrators to security consultants, IT Managers, CIOs and CSOs.

Brief: Survey: Majority of Web sites vulnerable

Survey: Majority of Web sites vulnerable

News: Researcher busts into Twitter via SSL reneg hole

Researcher busts into Twitter via SSL reneg hole

News: Security firm chokes sprawling spam botnet

Security firm chokes sprawling spam botnet

Brief: Microsoft fixes kernel, Office flaws

Microsoft fixes kernel, Office flaws

Microsoft warns of Windows 7 security hole

In Latest Warnings

Microsoft has confirmed reports of a security flaw in its Windows operating system that hackers could use to temporarily destabilize Windows 7 PCs. The software giant also acknowledged that blueprints for exploiting the flaw are now available online. At issue is a so-called "denial-of-service" vulnerability in the component of Windows that handles the sharing of files and folders. Microsoft said attackers could use exploit code now publicly available to cause vulnerable systems to stop functioning or become unreliable. The flaw is present in Windows 7 and Windows Server 2008 R2, and does not exist in older versions of the operating system, the software giant said. In a security bulletin published Friday, Microsoft said the vulnerability would not let attackers install malicious software or take control over an affected system, and that any ill effects from an attack on this flaw could be remedied by simply restarting the PC. In addition,

Security update for Apple's Safari Web browser

In New Patches

Apple has shipped a new version of its Safari Web browser that fixes at least seven security vulnerabilities. The Safari 4.0.4 update is available for both Mac and Windows versions of the browser. Mac users can grab the latest version through Software Update; Windows users will need to use the bundled Apple Software Update application.

Nastygram: Beware the NACHA gotcha

In Nastygram

Cyber thieves on Thursday began blasting out millions of e-mails impersonating NACHA - The Electronic Payments Association, a not-for-profit group that develops operating rules for organizations that handle electronic payments, from payroll direct deposits to online bill pay services. The missives in this latest scam arrive with various subject lines, but all complain about an unauthorized, rejected or failed ACH transaction. Most regular Internet users probably will ignore this message, as few people probably even know what ACH stands for (ACH, or "automated clearing house" refers to the electronic network used by banks to process credit and debit transactions in batches). That's likely just fine with the attackers, who appear to be targeting bookkeepers at small to mid-sized companies -- people who actually recognize what a failed or rejected ACH transaction can mean for their business's bottom line and reputation. According to an alert at the real NACHA Web

Brazilian Govt: Soot, not hackers, caused '07 blackouts

In From the Bunker

The Brazilian government is refuting a report aired on Sunday by the CBS news magazine 60 Minutes, which stated that power blackouts in the South American nation in 2005 and 2007 were caused by hackers. Meanwhile, a large swath of Central Brazil is still reeling from another massive blackout that occurred in the region Tuesday evening. Citing six unnamed sources in the intelligence, military and cybersecurity communities, 60 Minutes claimed that a two-day outage that affected 3 million people in the Brazilian state of Espirito Santo was caused by hackers hitting a utility company's control systems. Another, smaller outage in January 2005 also was caused by hackers, the report said. According to the Wired.com Threat Level blog, the utility company involved, Furnas Centrais Elétricas, said it "has no knowledge of hackers acting in Furnas' power transmission system." "Brazilian government officials disputed the report over the weekend, and Raphael Mandarino Jr.,

A year later: A look back at McColo

In Cyber Justice

A year ago today, the Internet community witnessed a remarkable event: The unplugging of McColo, a Web hosting facility in Northern California that for a long time controlled a majority of the spam-sending operations on the planet. McColo's two main Internet providers abruptly yanked the cord after Security Fix presented them with scads of evidence collected by security researchers tying massive amounts of spam and other illicit activity to McColo's network. The outcome, of course, is now well known: The volume of spam sent worldwide tanked overnight, and remained at diminished levels for many weeks. All sorts of other badness diminished as well (more on that later). But since then, the sizable chunk of virtual real estate previously occupied by McColo has remained eerily quiet. A review of more than 3,000 Internet addresses previously assigned to the hosting firm reveals an Internet ghost town, as if the entire neighborhood had

Microsoft plugs 15 holes in Windows, Office

In New Patches

Microsoft on Tuesday released software updates to fix at least 15 security flaws in Windows, Windows Server and Microsoft Office. One of the patches addresses a flaw so serious that users could find their Windows PCs compromised just by visiting booby-trapped Web sites. Richie Lai, director of vulnerability research for patch management firm Qualys, said the most dangerous vulnerability addressed in this month's updates is a flaw in the way Windows handles so-called "embedded font" files. An attacker could stitch specially made embedded fonts into a Web page and use this flaw to install malicious software when people merely browse the site with Internet Explorer on Windows 2000, Windows XP or Windows Server 2003 systems, Lai said. Microsoft said it believes hackers will quickly figure out a way to exploit this flaw for criminal gain. Andrew Storms, director of security operations for San Francisco-based security firm nCircle, agreed, saying the

Eight indicted in $9M RBS WorldPay heist

In Cyber Justice

Eight men have been indicted on charges that they hacked into credit card processing firm RBS Worldpay, and helped steal more than $9 million in a highly coordinated heist nearly a year ago, the U.S. Justice Department said Tuesday. The 16-count indictment, which names individuals from Estonia, Moldova and Russia, is the first major break in a case federal investigators are calling "perhaps the most sophisticated and organized computer fraud attack ever conducted." "Today, almost exactly one year later, the leaders of this attack have been charged," said Sally Quillian Yates, acting U.S. attorney of the Northern District of Georgia, in a written statement. "This investigation has broken the back of one of the most sophisticated computer hacking rings in the world." The men are accused of cracking the data encryption that RBS WorldPay used to protect customer data on payroll debit cards, allowing them to clone the cards. Some

Security - RSS Feeds

The Pirate Bay Cuts BitTorrent Tracker

The Pirate Bay has shut down its BitTorrent tracker, opting instead for a more decentralized approach.

Metasploit Project Releases Update to Security Testing Framework

A new version of Metasploit is out just weeks after the testing framework was acquired by Rapid7. Fresh off its acquisition by Rapid7, the Metasploit Project has released an updated version of its penetration testing framework that includes more than 440 exploits and hundreds of payloads. Rapid7 acquired Metasploit last month to add to the companys testing capabilities. Nick Selby, mana...

eWeek Newsbreak Nov 16 2009

Microsoft released a security advisory to help users mitigate a bug affecting Windows 7 and Windows Server 2008 Release 2. The bug lies within the SMB protocol and affects SMB versions 1 and 2. SMB is the file sharing protocol used by default on Windows-based computers. NetSuite and InsideView recently paired up to release an application that ports social networking functionality to both CRM and Enterprise Resource Planning. By doing so, the companies join others that have recently been attempting to leverage social networking within a business-process context. Dell Children's Medical Center of Central Texas is the first healthcare facility in the world to achieve a LEED Platinum Certification by the USGBC. This hospital was rated in six key categories, Sustainable Site development, Water Efficiency, Energy Atmosphere, Materials and Resources, Indoor Air Quality, and Innovation Design. Earlier this year Samsung Electronics announced the launch of Samsung Blue Earth, an environmentally friendly mobile phone with a full touch screen. The phone was first showcased at the Mobile World Congress 2009 in Barcelona and now were showing it to you. According to Samsung, Blue Earth is the first solar powered full-touch screen phone.
- Video Content....

Researcher Hacks Twittter Using SSL Vulnerability

A security researcher demonstrates how an SSL renegotiation vulnerability made public earlier in November could be exploited to steal Twitter log-in credentials.
- A security researcher has demonstrated how attackers could use a newly discovered vulnerability in the Secure Sockets Layer protocol to launch an attack on Twitter. The researcher, Anil Kurmus, posted details of the attack to his blog, The Secure Goose, Nov. 10. The exploit takes advantage of a...

Microsoft Issues Advisory on Windows 7 Security Bug

Microsoft releases an advisory to help users concerned about a new zero-day vulnerability affecting Windows 7 and Windows Server 2008 R2. The bug was made public last week after Patch Tuesday.
- Microsoft released a security advisory to help users mitigate a bug affecting Windows 7 and Windows Server 2008 Release 2. The security vulnerability was reported last week by researcher Laurent Gaffie and can be exploited to remotely trigger a denial-of-service condition in Windows 7 and Win...

DNS Security Makes Strides, but Challenges Remain

An annual survey from Infoblox and The Measurement Factory found that many external name servers are still open to recursion, a fact that leaves them vulnerable to being used to launch DDoS attacks. However, the survey also shows a growing interest in DNSSEC.
- A new survey painted a picture of domain name server security that was both troubling and hopeful. According to research released by Infoblox and The Measurement Factory, there has been a dramatic increase in the percentage of external name servers that are open to recursion. The study put th...

How Secure is Your Jailbroken iPhone?

Though the ikee worm and other recent incidents have highlighted security risks facing users of jailbroken iPhones, the question remains: If you are using a jailbroken iPhone, just how insecure is it and what can you do about it?
- iPhone security has been front and center the past two weeks, with much of the focus falling on jailbroken devices. Between the ikee worm and the discovery of a tool that allows attackers to steal data from jailbroken phones, some have wondered whether jailbroken iPhones are inherently insec...

IBM Reveals New Security Product for Virtual Environments

IBM announced plans for a new virtualization security product that extends protection to multiple layers of the virtual infrastructure by integrating with VMware's VMsafe technology.
- IBM is talking up virtualization security with a new product aimed at protecting enterprise virtual infrastructures. According to IBM, the product - known as IBM Virtual Server Security for VMware vSphere - is designed to help protect every layer of the virtual infrastructure, from the hyperv...

LABS GALLERY: Shavlik Netchk Protect 7 Gets Anti-Malware Boost

Shavlik Netchk Protect 7 adds anti-malware capabilities (in the form of Sunbelt's VIPRE engine) to the well-respected patch management solution. The management console GUI is excellent, as is support for virtual machines. Patch management is extremely strong, and anti-malware protection is very good, although the latter could be better integrated into the overall platform.
- ...

WhiteHat: Web Security Vulnerabilites Found on Most Sites

In the latest report on Website vulnerabilities by WhiteHat Security, researchers found 64 percent of Websites have at least one serious vulnerability. The most common flaw - cross-site scripting.
- New research from WhiteHat Security painted a bleak picture for Website security. In its latest iteration of its Website Security Statistics report, WhiteHat found 64 percent of the 1,364 sites the company analyzed have at least one serious vulnerability. But the news isnt all bad according to...

Windows Security Bug Revealed After Microsoft Patch Tuesday

A security researcher discovers a bug that could be used to trigger a crash in Windows 7 and Windows Server 2008 Release 2.
- Less than 24 hours after Microsoft's Patch Tuesday, a security researcher revealed a zero-day bug affecting Windows 7 and Windows Server 2008 Release 2. Researcher Laurent Gaffie posted proof-of-concept code as well as information about the flaw on his blog and the Full Disclosure mailing list ...

REVIEW: Shavlik Netchk Protect 7 Provides Patch Management, Anti-Malware in a Single Tool

Combining the Shavlik Netchk patch management system with the Sunbelt VIPRE anti-malware engine, Protect 7 is a full- featured security solution. Howewer, anti-malware is not fully integrated into the management console, and eWEEK Labs experienced some quirkiness with the GUI during tests.
- Perhaps the most time- and resource-consuming task on IT professionals security to-do list is patching applications and operating systems. The rise in popularity of virtual machine technology only intensifies the issue. Add to that the nightmare of malware. No longer simply a nuisance, todays ma...

iPhone Hacker Tool Steals Data from Jailbroken Phones

Researchers at Mac security firm Intego have uncovered a new tool hackers can use to steal data from jailbroken Apple iPhones. The tool leverages the same default password issue as the ikee worm targeting iPhone users in Australia.
- Security researchers have found a new tool targeting users of jailbroken iPhones. On the heels of the discovery of a worm targeting jailbroken iPhones in Australia, security researchers at Intego now say they have detected a program known as iPhone/Privacy.A that hackers can use to swipe person...

Hackers Charged in RBS WorldPay Breach

Federal prosecutors announced indictments against eight people in connection with the theft of more than $9 million from ATMs around the world.
- A U.S. grand jury has indicted eight people in connection with the theft of more than $9 million from over 2,100 ATMs in at least 280 cities around the world. The indictment accuses Viktor Pleshchuk, 28, of St. Petersburg, Russia; Sergei Tsurikov, 25, of Tallinn, Estonia; Oleg Covel...

Facebook Says Hijacked Groups No Threat to Confidential Data

Facebook confirms that a group called Control Your Info seized control of some Facebook groups. According to Facebook, no hacking is involved and no confidential data is at risk. As many as 200 groups are reported as being under the power of Control Your Info.
- An anonymous group going by the name Control Your Info hijacked hundreds of Facebook groups Nov. 10 to put a spotlight on the social networking site's security. Control Your Info seized control of the Facebook groups and renamed each Control Your Info. On the wall of every group was a message ...

Microsoft Issues Critical Windows Security Patches

Microsoft releases six security bulletins for November's Patch Tuesday, covering 15 vulnerabilities. Three of the bulletins are rated critical and address Windows security.
- Microsoft released six patches Nov. 10 to cover 15 security vulnerabilities. Three of the bulletins address critical Windows security issues. Those bulletins cover a variety of issues affecting the WSDAPI (Web Services on Devices Application Programming Interface), vulnerabilities in the Window...

10 Reasons Why Mac OS X Security Could Get Worse

News Analysis: Mac OS X might be considered far more secure than Windows today, but that may be changing over time. Apple's operating system is now a bigger target than ever. As more people jump on the Mac bandwagon, more and more malware makers will follow.
- Apple released another major Mac OS X security update Nov. 9. The update, Mac OS X 10.6.2, installs several fixes for quot;Snow Leopard, quot; including for a problem that logs users out unexpectedly. But it was the security side of the update that may cause the most alarm. According to Apple, ...

SecuriTeam

Welcome to the SecuriTeam RSS Feed - sponsored by Beyond Security. Know Your Vulnerabilities! Visit BeyondSecurity.com for your web site, network and code security audit and scanning needs.

Atheros Driver Reserved Frame DoS Vulnerability

The wireless driver in some Wi-Fi access points (such as the ATHEROS-based Netgear WNDAP330) do not correctly parse malformed reserved management frames.

Microsoft Windows License Logging Service Heap Corruption Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. Authentication is not required on certain configurations to exploit this vulnerability.

McAfee Security Manager Authentication Bypass and Session Hijacking Vulnerability

McAfee Network Security Manager is vulnerable to authentication bypass via HTTP session cookie hijacking. A remote attacker could exploit this vulnerability to hijack an existing session to the Network Security Manager.

Microsoft Office Excel Code Execution Vulnerabilities

Attackers using specially crafted XLS files can execute arbitrary code via memory corruptions, invalid index, and invalid pointer errors.

SearchSecurity: Security Wire Daily News

The latest information security news on IT threats, vulnerabilities and market trends from the award-winning SearchSecurity.com.

Russian cybercriminals target H1N1 Swine flu fears

By Robert Westervelt

Report outlines massive affiliate campaigns pushing counterfeit Tamiflu and making Russian hackers millions.

Russian cybercriminals target H1N1 Swine Flu fears

By Robert Westervelt

Report outlines massive affiliate campaigns pushing counterfeit Tamiflu and making Russian hackers millions.

H.D. Moore speaks about Metasploit Project deal, Release 3.3

By Neil Roiter

Founder talks about the community's reaction to the Rapid7 acquisition, big changes in the latest Metasploit Framework release and what the future might hold.

Windows 7 DOS flaw allows hackers to freeze Microsoft's newest OS

By Robert Westervelt

A Server Message Block (SMB) flaw in Microsoft's latest OS can be remotely exploited by an attacker to cause Windows 7 machines to stop responding.

Windows 7 DoS flaw allows hackers to freeze Microsoft's newest OS

By Robert Westervelt

A Server Message Block (SMB) flaw in Microsoft's latest OS can be remotely exploited by an attacker to cause Windows 7 machines to stop responding.

Secure your remote users in 2010

By Eric Ogren

As companies shave operational costs by hiring more remote workers, IT security teams should plan to protect sensitive data being used by a highly mobile workforce in 2010.

Web security firm ranks Firefox, Safari browsers as flaw prone

By Robert Westervelt

Penetration testing firm Cenzic says Mozilla Firefox and the Apple Safari browsers contain the most vulnerabilities in a study covering the first half of 2009.

Layoffs prompt insider threat fears, cybersecurity survey finds

By Robert Westervelt

The 12th annual Ernst & Young Global Information Survey found senior IT professionals worried about reprisals from disgruntled employees.

SANS%20RSS%20Feed

SANS NewsBites

All Stories From Vol: 11 - Issue: 91

GAO Report Finds Network Security Problems at Los Alamos (November 13 & 16, 2009)

A report from the Government Accountability Office (GAO) describes various computer network vulnerabilities at Los Alamos National Laboratory (LANL).......

Most Security Products Require Multiple Testing Cycles for Certification (November 16, 2009)

A study from ISCA Labs, based on data from 20 years of security product testing, listed the top reasons products fail their initial certification testing.......

Yahoo! Closes SQL Injection Hole in HotJobs (November 16 & 17, 2009)

An SQL injection vulnerability on the jobs section of the Yahoo! website, HotJobs, could be exploited to gain access to personal information.......

Four Men Jailed for Using Trojan to Steal Funds From Bank Accounts (November 13 & 16, 2009)

A court in the United Kingdom has sentenced four men to prison for using malware to steal nearly GBP 600,000 (US $1 million) from bank accounts.......

Israeli Police Arrest Alleged Phisher (November 15, 2009)

Israeli police and the Israeli Defense Fund arrested a man suspected of launching a phishing attack on customers of Bank Leumi.......

Class Action Settlement Approved in Data Breach Case (November 12, 2009)

A judge has approved a class action lawsuit settlement in a case involving a data security breach at financial services firm D.......

Cyber War Expose (November 13, 2009)

The covers are off the cyber warfare story.......

For One-Third of US Government Agencies, Security Incidents Are a Daily Occurrence (November 10 & 11, 2009)

A CDW-Government survey of 300 US government IT professionals found that 44 percent of agencies noted an increase in the number of security incidents over last year.......

Researchers Describe Weakness in Government Wiretap Technology (November 11 & 12, 2009)

Researchers at the University of Pennsylvania say they have discovered a vulnerability in the technology the government uses to conduct wiretaps.......

Indian Outsourcer Arrested for Selling British Patients' Medical Files (November 10 & 12, 2009)

Police in India have arrested the chief of an outsourcing company for allegedly selling British patients' medical records.......

Modified Xbox Consoles Banned From Xbox Live (November 11 & 12, 2009)

In an attempt to combat piracy, Microsoft is permanently banning modified Xbox consoles from accessing Xbox Live.......

Eight Indicted in Massive, Coordinated ATM Fraud (November 10 & 11, 2009)

A US federal grand jury in Atlanta, Georgia has indicted eight men in connection with the RBS WorldPay security breach.......

Bank Fraud Linked to Stolen Employee Data (November 10, 2009)

A data security breach of a server at the Vancouver (Washington) School District exposed employee information, including Social Security numbers (SSNs) and bank account information of employees who use direct payroll deposit.......

Metasploit Framework 3.3 Released, (Tue, Nov 17th)

The Metasploit Project released Metasploit Framework 3.3 today ...(more)...

OpenVPN Fixed OpenSSL Session Renegotiation Issue, (Tue, Nov 17th)

OpenVPN released an update to respond to the OpenSSL vulnerability described in CVE-2009-3555. OpenV ...(more)...

Reports of a successful exploit of the SSL Renegotiation Vulnerability?, (Mon, Nov 16th)

Its a brand new week. ...(more)...

Microsoft advisory for Windows 7 / Windows Server 2008 R2 Remote SMB DoS Exploit released, (Sat, Nov 14th)

Microsoft has released an advisory for the Windows 7 / Windows Server 2008 R2 Remote SMB DoS Exploit ...(more)...

Flash Origin Policy Attack, (Fri, Nov 13th)

An apparently critical vulnerability in Adobe Flash has been identified that could allow sites with ...(more)...

WordPress 2.8.6 Available - security fixes, (Fri, Nov 13th)

...(more)...

Conficker patch via email?, (Fri, Nov 13th)

Microsoft does not send patches, updates, anti-virus, or anti-spyware via email (hopefully ever). Th ...(more)...

New challenge posted at ethicalhacker.net "SSHliders" due 23/11/09, (Fri, Nov 13th)

...(more)...

TLS & SSLv3 renegotiation vulnerability explained, (Fri, Nov 13th)

Thierry Zoller has written a nice summary of the TLS SSLv3 renegotiation vulnerability. He cov ...(more)...

It's Never Too Early To Start Teaching Them, (Fri, Nov 13th)

Last week it was my pleasure to visit a group of middle school students that are interested in anyth ...(more)...

Pushdo/Cutwail Spambot - A Little Known BIG Problem, (Fri, Nov 13th)

Today was another one of those days that all ISP's dread. I am the Abuse Coordinator for a sma ...(more)...

Windows 7 / Windows Server 2008 R2 Remote SMB Exploit, (Thu, Nov 12th)

Mikael wrote us yesterday, telling us about a site claiming to have a zero day for SMBon both ...(more)...

Apple Safari 4.0.4 Released, (Wed, Nov 11th)

Safari 4.0 ...(more)...

Layer 2 Network Protections against Man in the Middle Attacks, (Wed, Nov 11th)

Last month (Day 9 of Cyber Security Awareness Month) we discussed a Man in the Middle (MITM) attack ...(more)...

SANS%20RSS%20Feed

SANS Information Security Reading Room

Last 25 Computer Security Papers added to the Reading Room

Gathering Security Metrics and Reaping the Rewards

Category: Management & Leadership

Paper Added: November 16, 2009

Hey Dude! I Can Do a Great Humphrey Bogart!

Category: Network Devices

Paper Added: November 11, 2009

The Register - Security

Biting the hand that feeds IT

Romanian cops to $150,000 ATM skimming spree

'All your PINs are belong to us'

A Romanian national has admitted he defrauded Bank of America of about $150,000 in a scheme that secretly recorded customer information as it was entered into automatic teller machines.…

Trojans likely to follow Win 7 activation hack

Beware Greeks bearing security bypasses

Trojan attacks are likely in the wake of the Windows 7 product activation system cracks developed last week, less than a month after the release of Microsoft's latest operating system.…

Official Bruce Schneier action figure steps onto market

Coiffure options: 'Ponytail', 'Bald' or 'Cyborg'

Good news for devotees of ponytailed crypto guru of all our hearts Bruce Schneier: it's now possible to buy an officially endorsed "Bruce Schneier action figure".…

Spam net snared a quarter million bots, says conqueror

Putting the mega in Mega-D

Herders behind the Mega-D botnet may have corralled nearly a quarter million infected machines into their spam-churning enterprise before it was recently crippled by white hat hackers.…

DNSSec update deadline penciled in for 2011

Long awaited security upgrade heading for .com and .net

VeriSign announced plans on Monday to roll out the DNSSec security standard for the web's .com and .net Top Level Domain Names (TLDs) by the first quarter of 2011.…

Gang sentenced for UK bank trojan

Almost £600,000 siphoned

A British court has sentenced four men to prison after they admitted they used sophisticated trojan software to steal almost £600,000 from bank accounts and send it to Eastern Europe.…

Spammers aim to profit from swine flu pandemic

Caution advised over modern day Harry Limes

Russian cybercrooks have laid the groundwork needed to build a business cashing in on swine flu panic-buying.…

iPhone worm hacker gets death threats, job offers

Mixed bug bag for chastened VXer

The creator of the rickrolling iPhone worm has spoken of possible job offers and death threats since the release of the Jesus Phone malware last weekend.…

Adobe Flash attack vector exploits insecure web design

User-supplied malware upload peril

An unpatched security risk involving Adobe Flash creates a possible mechanism for hackers to load exploits onto websites.…

Microsoft defends Hotmail's cookie requirement

Log out block 'good for security'

Microsoft has said its new policy of requiring users to accept third party cookies to log out of Hotmail improves security.…

MS patent looks just like Unix command, critics howl

'Sudo for dummies'

Microsoft has won a patent that covers functionality closely resembling security features that have been at the heart of Unix for more than two decades and more recently been folded into the Linux and Mac operating systems.…

Win 7 remote kernel crasher code released

File and print freeze menace revealed

Microsoft has reportedly begun investigating a potentially nasty denial of service vulnerability affecting Windows 7.…

Attackers conceal exploit sites with Twitter API

Trends technique suffers hacktile dysfunction

Drive-by exploit writers have been spotted using a popular Twitter command to send web surfers to malicious sites, a technique that helps conceal the devious deed.…

Wikipedia sued for publishing convicted murderer's name

Hey Wolfgang Werlé: Ever heard of the Streisand Effect?

A man who served 15 years for the gruesome murder of a famous German actor is taking legal action against Wikipedia for reporting the conviction.…

Malware cleans out jailbroken iPhones

Hack tool wriggles through Rickroll worm hole

Updated Miscreants have developed a hacking tool that attacks jailbroken iPhones.…

Lighter Patch Tuesday focuses on Windows flaws

Win 7 users get a month off for good behaviour

Microsoft released six patches on Tuesday night - three critical - as part of its regular Patch Tuesday update cycle.…

Security service protects PCs from attack

Start-up InZero Systems Tuesday makes its debut with a security service that promises to protect PCs from possible malware, intrusions and other types of attacks.

Michael Jackson is riskiest celebrity of 2009

Michael Jackson has been named the riskiest celebrity of 2009 by Symantec.

New security products underperform, says ICSA

Many security products simply do not work as advertised, or at least need a lot of tinkering to make them work, a report from the respected ICSA Lab has found.

Yahoo jobs site in SQL attack worry

Yahoo raced last Thursday to close a potentially serious vulnerability that could have exposed customer data from its online jobs website , a security company has revealed.

The Cloud Security Survival Guide

For companies increasingly dependent on cloud services, security challenges abound. Here's a collection of articles, columns and audio to help IT security practitioners plot the right course.

Endpoint security frustrates IT

There's a groundswell of frustration about today's endpoint security, as well as worries about how newer technologies such as virtualization or cloud computing will impact it, according to a new study.

Shadowserver to take over as Mega-D botnet herder

An effort is underway to clean up tens of thousands of computers infected with malicious software known for churning out thousands of spam messages per hour.

Bebo is work social network for cyberbulling

Bebo is the social network where teenagers are most likely to experience cyberbullying, says Beatbulling.

Network and Security Operations Convergence

Bringing network and security ops under one roof is translating into more efficiency and increased security for IT management and consulting firm American Systems

Google Street View Battle Highlights Privacy Challenge

Google is being sued by a Swiss watchdog agency for allegedly failing to take adequate measures to protect privacy. The legal battle in Switzerland is just the latest in a long line of privacy issues with Google and illustrates the challenge of providing as much information as possible without violating privacy concerns.

UK hails first cybercrime cooperation with banks

U.K. police are hailing the sentencing of four people who used a sophisticated Trojan horse program to siphon money out of online bank accounts and send it to Eastern European countries and Russia.

Washington Watch National ID Program in Deep Trouble, as Budget Is Cut 40%

Funding for the already troubled Real ID program has been cut 40%, amid criticism by privacy advocates and state governors.

InfoWorld's top 10 emerging enterprise technologies

2009's up-and-coming technologies for business that will have the greatest impact in years to come

Network-based e-mail – Ready for prime time?

In the prior newsletter, we raised the question of whether the time is here – or past due – for moving email from local PCs back to the network. This time we want to continue the discussion by looking at some of the key questions that need to be addressed.

Blue Coat unveils secure Web gateway appliances

Blue Coat on Monday unveiled new Web gateway security appliances that the company says achieve higher throughput and scalability compared with its earlier products.

VeriSign bolsters security for .com, .net sites

VeriSign says it will support DNS Security Extensions, dubbed DNSSEC, in the .net and .com top-level domains by March 2011.

Microsoft confirms first Windows 7 zero-day bug

Microsoft late on Friday confirmed that an unpatched vulnerability exists in Windows 7, but downplayed the problem, saying most users would be protected from attack by blocking two ports at the firewall.

Fake Verizon 'balance-checker' is a Trojan

Cyber-criminals have started preying on Verizon Wireless customers, sending out spam e-mail messages that say their accounts are over the limit and offering them a "balance checker" program to review their payments.

Job Search Scams: Protect Yourself Against Identity Theft

As U.S. unemployment has increased, so too has the number of job search scams identity theft rings are perpetrating against desperate job seekers.

Amazon called out over cloud security, secrecy

Amazon's cloud computing service should not be used for applications that require advanced security and availability, an analyst report claims.

DNS problem linked to DDoS attacks gets worse

Internet security experts say that misconfigured DSL and cable modems are worsening a well-known problem with the Internet's DNS (domain name system), making it easier for hackers to launch distributed denial-of-service (DDoS) attacks against their victims.

GAO: Los Alamos National Lab's cybersecurity lacking

Cybersecurity efforts to protect a leading U.S. nuclear laboratory's classified computer network remain lacking even after a series of security lapses, according to a new report from the U.S. Government Accountability Office.

Spam campaign targets payment transfer system

A new spam campaign is targeting a financial transfer system that handles trillions of dollars in transactions annually and has proved to be a fertile target of late for online fraudsters.

Shifting mobile cost to employees? Think twice

I've noticed a disturbing anecdotal trend in talking to enterprise customers lately, and some recent IDC numbers I just stumbled across seem to back it up. The unfortunate movement is away from corporate-liable mobile phone models and towards individual-liable setups, where employees procure their own wireless devices and services and may be reimbursed for their expenses by their employer.

EU-US accord on SWIFT data hits political snag

Some of Europe's largest countries are backing away from a controversial draft agreement being negotiated with the U.S. that would allow that country's antiterrorism agencies access to the personal financial data of millions of European citizens, it emerged Friday.

Cyber-Ark unveils tool for managing Windows, Unix systems

Cyber-Ark Software introduced a single tool that can manage accounts that have privileged access on both Windows and Unix systems.

HP and 3Com: A good fit, but not without overlap

HP and 3Com fit remarkably well together when considering the target markets that drove them together in this week's blockbuster $2.7 billion deal: core Ethernet switching and China. But most of the rest – low-end, SMB and edge switching, plus wireless networking – faces considerable overlap.

Fortinet detects increase in malware levels

Fortinet, a network security provider and unified threat management (UTM) solutions specialist has observed the highest level of total malware detected in more than a year.

Undercover 1.5 ousts iPhone thieves with push notifications

It's 2 AM. Do you know where your iPhone is?

Web Site Security Holes Make Case for Protection

Two-thirds of the sites that tend to care most about security still have serious unfixed vulnerabilities, according to an analysis from web security firm WhiteHat Security.

Flash flaw puts most sites, users at risk, say researchers

Hackers can exploit a flaw in Adobe's Flash to compromise nearly every Web site that allows users to upload content, including Google's Gmail, then launch silent attacks on visitors to those sites, security researchers said today.

Global news recap, World Tech Update, Nov. 12

Click here to watch this week's World Tech Update.

Protect Your PCs from Windows 7's Zero-Day Exploit

It was a notable accomplishment when Windows 7 was not impacted in any way by the vulnerabilities addressed in the six Security Bulletins released by Microsoft for the November Patch Tuesday. It would be even more impressive if Windows 7 proved invulnerable to the zero-day exploit that hit the next day.

Apple issues week's second patch set, fixes 7 Safari flaws

Apple on Wednesday issued its second security update in three days, patching seven vulnerabilities in Safari, including one in the Windows version that the company fixed two months ago for most Mac users.

Facebook Tips: Staying Safe While Using Games and Apps

The maker of the popular FarmVille game has agreed to change its practices that subjected Facebook users to some scammy offers. But the more games and apps that you use on Facebook, the higher your risk for malware, phishing scams and hacking. Here are four tips for staying secure.

H1N1 drives demand for secure remote access

Vendors of remote access technologies are reporting an unexpected increase in demand for their products over the past several months as a result of companies' H1N1-related concerns.

How to DDOS a federal wiretap

Researchers at the University of Pennsylvania say they've discovered a way to circumvent the networking technology used by law enforcement to tap phone lines in the U.S.

Panda launches free 'cloud' antivirus scanner

After seven months in beta , Panda Security has released the first version of its cloud-based antivirus product, which will be free to consumers with a paid-for managed service for SMBs.

New iPhone malware steals data from jailbroken phones

Another piece of dangerous code that attacks iPhones has been found, although it puts at risk only a very small subset of the smartphone's users.

Federal Data Security Law: 'Careful What You Wish For'

A cybersecurity bill advanced further up the U.S. Senate gauntlet last week, and some IT security practitioners aren't happy about it.

iPhone worms, other smartphone malware in researchers’ sights

Georgia Tech researchers have received a $450,000 NSF grant to boost security of iPhones, BlackBerries and other smartphones and the wireless networks on which they run. And it’s those networks where the researchers are really zeroing in.

Data-stealing hack targets jailbroken iPhones

Once more into the breach, my iPhone-wielding compatriots. On Monday, we heard about the iPhone vulnerability that allowed dastardly hackers to place nefarious Rick Astley wallpaper on some jailbroken devices. Now, security firm Intego reports that the same loophole can allow hackers to do far worse.

iPhone security problems bring new risks

In just four days, not one but two worms targeting the iPhone have emerged. Both of the worms target the same vulnerability, a default password in the SSH server that is installed on jail-broken iPhones. While one worm is a mostly a nuisance, the second siphons personal information from the iPhone, which makes it a serious identity theft threat.

TalkTalk applauds new EU legislation

UK ISP TalkTalk has applauded the EU agreement regarding disconnecting illegal downloaders from the web, saying the legislation "puts into legal language what fair-minded people instinctively knew was right and just".

Microsoft releases Office 2004, 2008 updates

Microsoft on Tuesday issued updates for its venerable Office suite versions 2004 and 2008.

Windows 7 may be secure, but are Windows users safe?

Windows 7 users got a nice surprise on Tuesday when Microsoft released its first set of security patches since unveiling the new operating system last month. Of the 15 bugs patched, none affected Windows 7.

IA job prospects bright

No one reading this column needs general references to news about the economic difficulties we are living through in the United States and elsewhere. Just the other day, I spoke with a long-time friend and colleagues from the information security field who used to earn a decent living as a much sought-after consultant; last week he canceled his business telephone line to save money. He's looking for a permanent job.

Online users becoming less anxious over security, privacy

While surveys about security usually end up telling us about how bad people feel, a global survey released Tuesday indicates there's substantially less anxiety about Internet security, personal safety and national security than there was six months ago.

McAfee Avert Labs

Cutting edge security research as it happens.......

The McColo Effect: One Year Later

By Sam Masiello on Web and Internet Safety

One year ago today email administrators were astonished to notice the amount of spam hitting their mail servers had plunged precipitously. Email volumes dropped off as much as 60 percent to 70 percent, and the reason wasn’t immediately obvious to anyone except for the folks who knew that McColo, a major spam-hosting ISP had been taken [...]

InSecurity Complex

Keeping tabs on flaws, fixes, and the people behind them.

FAQ: Recognizing phishing e-mails

By Elinor Mills

Phishing attacks have spiked this year, recent reports show. Here's a primer on what phishing is and how to avoid it.

Report: Countries prepping for cyber war

By Elinor Mills

U.S., Israel, Russia, China, and France are gearing up for cyber offensives, according to a new McAfee report.

Antitrust concerns linger in Google Books deal

By Elinor Mills

Opponents of Google Books settlement say the search giant will still have exclusive rights to digitize orphaned out-of-print works.

Originally posted at News - Digital Media

Hackers create tools for disaster relief

By Elinor Mills

At the first-ever Random Hacks of Kindness event, developers work on technology tools that emergency relief workers can use in disasters.

Microsoft patching zero-day Windows 7 SMB hole

By Elinor Mills

Company warns customers that exploit code for the Server Message Block hole is available and suggests a workaround until a patch is ready.

RSA reveals details behind re-shipping scam

By Elinor Mills

Desperate during the downturn, people are taking "jobs" as re-shippers, not realizing they're helping criminals move goods purchased with stolen credit cards, RSA says.

Expert says Adobe Flash policy is risky

By Elinor Mills

Adobe Flash Player allows arbitrary content to access applications without permission, says researcher at Foreground Security.

Microsoft probing Windows 7 zero-day hole

By Elinor Mills

One day after Patch Tuesday, researcher warns of unpatched security hole in Windows 7 and Server 2008.

Eastern Europeans charged in payment processor hack

By Elinor Mills

Grand jury indicts defendants accused of hacking into RBS WorldPay network and running "one of the most sophisticated computer hacking rings in the world."

Info Security News

Carries news items (generally from mainstream sources) that relate to security.

GMH data breached in stolen laptop

Posted by InfoSec News on Nov 17

http://www.guampdn.com/article/20091117/NEWS01/911170301/1002
By Laura Matthews
Pacific Daily News
November 17, 2009
The Guam Memorial Hospital suffered an information breach when a laptop
containing unsecured health information was stolen in late October.
It wasn't until late last week that they found out the machine contained
a file with personal information for approximately 2,000 employees,
volunteers, contractors and physicians....

Police probe breach of NHS smartcard security as e-records launched in London

Posted by InfoSec News on Nov 17

http://www.computerweekly.com/Articles/2009/11/16/239006/police-probe-breach-of-nhs-smartcard-security-as-e-records-launched-in.htm
By Tony Collins
ComputerWeekly.com
16 Nov 2009
An NHS trust at the forefront of work on the 12.7bn NHS IT scheme has
called in police after a breach of smartcard security compromised the
confidentiality of hundreds of electronic records.
Patients in Hull have expressed their dismay that an unauthorised NHS...

A different kind of antiviral donation for Africa

Posted by InfoSec News on Nov 17

http://www.networkworld.com/news/2009/111609-antivirus-africa.html
By M. E. Kabay
Network World
11/16/2009
Africa is suffering from yet another plague: this one infects their
computers instead of their communities.
Chris Michael, writing in the English newspaper The Guardian in August
2009, summarized the situation as follows: "...Africa has become a hive
of [T]rojans, worms and exploiters of all stripes. As PC use on the
continent...

Report: Countries prepping for cyber war

Posted by InfoSec News on Nov 17

http://news.cnet.com/8301-27080_3-10399141-245.html
By Elinor Mills
InSecurity Complex
CNet News
November 16, 2009
Major countries and nation-states are engaged in a "Cyber Cold War,"
amassing "cyber weapons," conducting espionage, and testing networks in
preparation for using the Internet to conduct war, according to a new
report to be released on Tuesday by McAfee.
In particular, countries gearing up for cyber...

Obama said to be close again to naming cybersecurity chief

Posted by InfoSec News on Nov 17

http://www.computerworld.com/s/article/9140948/Obama_said_to_be_close_again_to_naming_cybersecurity_chief?taxonomyId=17
By Jaikumar Vijayan
Computerworld
November 16, 2009
The Obama administration is once again reported to be close to naming a
White House cybersecurity coordinator.
A story in the Federal Times, quoting unnamed sources, said that an
announcement could come as soon as Thanksgiving.
The two people in the running for the post...

Researcher Hacks Twittter Using SSL Vulnerability

Posted by InfoSec News on Nov 17

http://www.eweek.com/c/a/Security/Researcher-Demonstrates-SSL-Vulnerability-on-Twitter-291904/
By Brian Prince
eWEEK.com
2009-11-16
A security researcher has demonstrated how attackers could use a newly
discovered vulnerability in the Secure Sockets Layer protocol to launch
an attack on Twitter.
The researcher, Anil Kurmus, posted details of the attack to his blog,
The Secure Goose, Nov. 10. The exploit takes advantage of a
vulnerability...

The Cyberwar Plan

Posted by InfoSec News on Nov 16

Forwarded from: William Knowles <wk (at) c4i.org>
http://www.nationaljournal.com/njmagazine/cs_20091114_3145.php
By Shane Harris
National Journal
Nov. 14, 2009
Cover Story
In May 2007, President Bush authorized the National Security Agency,
based at Fort Meade, Md., to launch a sophisticated attack on an enemy
thousands of miles away without firing a bullet or dropping a bomb.
At the request of his national intelligence director,...

Little to Show for $433 MM Infosec Investment

Posted by InfoSec News on Nov 16

http://www.govinfosecurity.com/articles.php?art_id=1937
By Eric Chabrow
Managing Editor
Gov InfoSecurity
November 13, 2009
Los Alamos National Laboratory has spent $433 million to secure its
classified computer network between fiscal years 2001 and 2008,
according to a report issued Friday by the Government Accountability
Office, yet significant weaknesses remain in safeguarding the
confidentiality, integrity and availability of information...

Evidence at issue in corporate espionage case involving WYCO employees

Posted by InfoSec News on Nov 16

http://www.knoxnews.com/news/2009/nov/13/evidence-at-issue-in-corporate-espionage-case-of/
By Hugh G. Willett,
Knoxvillebiz.com
November 13, 2009
There is an expectation of privacy for files stored on a laptop computer
but not for files stored on a central office server, a federal
magistrate judge ruled Thursday in a case of alleged corporate
espionage.
U.S. Magistrate Judge C. Clifford Shirley Jr. found that e-mail messages
of defendant...

14 tech firms form cybersecurity alliance for government

Posted by InfoSec News on Nov 16

http://gcn.com/articles/2009/11/12/tech-firms-form-cybersecurity-alliance.aspx
By Wyatt Kash
GCN.com
Nov 12, 2009
Thirteen leading technology providers, together with Lockheed Martin,
today announced the formation of a new cybersecurity technology
alliance. The announcement coincided with the opening of a new NexGen
Cyber Innovation and Technology Center in Gaithersburg, Md., designed to
test and develop new information and cybersecurity...

DNS problem linked to DDoS attacks gets worse

Posted by InfoSec News on Nov 16

http://www.computerworld.com/s/article/9140839/DNS_problem_linked_to_DDoS_attacks_gets_worse?taxonomyId=17
By Robert McMillan
IDG News Service
November 13, 2009
Internet security experts say that misconfigured DSL and cable modems
are worsening a well-known problem with the Internet's DNS (domain name
system), making it easier for hackers to launch distributed
denial-of-service (DDoS) attacks against their victims.
According to research set...