Saturday, May 22, 2010

Internet (Lack of) Security News through 5/22





This Free IT-Security news feed is provided by E-Secure-IT; the most comprehensive and complete Business Risk Management Intelligence Service and IT-Security Risk and Threat Early Warning Service available in the market today.  Visit them at www.e-secure-it.com or email more-info@e-secure-it.com for more information on our available services.




























































































































































































































































































































































































































Mothers hook to internet for shopping for children
(from siliconIndia at 22-5-2010)
The internet which entered our lives gradually, took over the strings of shopping,knowledge and all other facilities from other sources in a very fast pace.Besides the children, now even the parents are hooked to the internet for various kinds of information. The online activities of the mothers also hinge on the age of their children with expectant women reckoning on sites that allow them to interact with other mothers, while those with older children rely on the web for email and searches.... read more»





Twitter Attack Pushes Online Banking Trojan
(from pindebit at 22-5-2010)
Attackers are targeting Twitter users with a Trojan stealing online banking credentials, according to researchers. "The initial Trojan is downloaded to the victim machine by a malicious Java archive file," explained Dmitry Bestuzhev of Kaspersky Lab. "It has several malicious features, for example: spreading through USB devices; it disables Windows task manager, the regedit application and also notifications from Windows Security Center. Also it creates a copy of itself in the system with the... read more»





Malware tops UAE's online threats
(from Gulfnews at 22-5-2010)
Internet users, whether companies, government organisations or home-based users, have been warned to stay well protected against cyber criminals who are increasingly creating havoc to steal personal information with financial gain as the key motivator. The warning aired by Mark Chaban, security and piracy director of Microsoft Middle East and Africa, follows the recent security intelligence report volume 8 by Microsoft which provides compelling evidence that cyber criminals are becoming more ... read more»





Facebook gives users' names to advertisers
(from The Register at 22-5-2010)
Facebook has been giving advertisers data that they can use to discover users' names and locations, contrary to its privacy policy. The dominant social network tells users it won't share their details without consent, but according to the Wall Street Journal, it has handed over information that advertisers can use to look up individual profiles. MySpace had a similar loophole, it's reported. Both sites said they were making changes to stop the handover. Advertisers were getting reports whenev... read more»





Hacking Yourself Pays Off In Tighter Security
(from Information Week at 22-5-2010)
The disclosure earlier this year of attacks originating in China and targeting Google and other large corporations proves that today's cybercriminals are sophisticated and out for financial gain, not bragging rights. These targeted, multipronged intrusions draw on a range of techniques and tools, including exploitable vulnerabilities, inside information, and attackers' sheer persistence. Could your systems stand up to these sophisticated threats? For many enterprises, the best way to find ou... read more»





Don’t be scammed on SMS
(from itnewsafrica at 22-5-2010)
Do you know how to spot an SMS 419 scam, phishing attack, or fake payment confirmation? If you value your money, you should know what to look out for. Although it is encouraging to see more and more businesses using SMS as a communication platform, it’s becoming easier for scammers to trick consumers as a result. South Africa has one of the highest mobile penetration rates in the world, so it is no wonder that local businesses are increasingly using SMS as a means of communication with their ... read more»





Federal CIO Says Cloud Standards Needed For Government Adoption
(from CRN at 22-5-2010)
The nation's top technology chief called for standards around security, interoperability and data portability before the U.S. government can fully embrace cloud computing. Federal CIO Vivek Kundra, speaking Thursday at a Washington D.C. cloud computing workshop, said that for the cloud to truly take hold in the government the feds must develop standards to avoid inefficiencies and security holes.... read more»





Beware Typhoid Adware - viable future threat, especially for network environments that are not well monitored
(from Information Week at 22-5-2010)
Computer security researchers at the University of Calgary have developed a way to distribute adware without having to convince potential victims to install the adware on their computers. The researchers -- associate professor John Aycock, assistant professor Mea Wang, and students Daniel Medeiros Nunes de Castro and Eric Lin -- call their attack as "Typhoid Adware" because it spreads like a contagion from an infected computer to other computers connected to the same WiFi hotspot or wired net... read more»





Techies slap Go Daddy with class action lawsuit
(from The Register at 22-5-2010)
Disgruntled former employees of domain-name registrar Go Daddy have filed a class action lawsuit against the company, claiming potentially millions of dollar in "stolen" bonuses and overtime. The suit claims that the domain-name market leader broke the law by using a "subjective and arbitrary" process to withhold commissions from its call centre techies, and then fired one when he blew the whistle. It also alleges that by treating sales commissions as discretionary bonuses, Go Daddy has avoid... read more»





Bugnets Could Spy on You via Mobile Devices
(from PC World at 22-5-2010)
Imagine sitting in a cafe and discussing the details of a business proposal with a potential client. Neither you nor the client has a laptop; you're just two people having a conversation. But unbeknownst to you, someone half a world away is listening to every word you say. Later, as you leave, you receive a text message referring to the proposal and demanding money in exchange for silence. Recent research from two universities suggests that such a remote-eavesdropping scenario may soon be pos... read more»





Twitter Fighting Pennsylvania Subpoena Seeking Names
(from The New York Times at 22-5-2010)
Pennsylvania’s attorney general is demanding that Twitter unmask two of its users, a move that civil liberties groups say violates free speech. A grand jury subpoena issued on May 6 ordered Twitter to disclose the identities of “casablancapa” and “bfbarbie,” two users who criticized the Pennsylvania attorney general, Tom Corbett. The subpoena was quickly attacked by advocacy groups. “Anonymous speech is a longstanding American right,” said Paul Alan Levy of the Public Citizen Litigation Grou... read more»





Media, magistrates slam Italy new phone tap rules
(from Reuters at 22-5-2010)
Italian magistrates and media are up in arms over a government attempt to restrict wiretaps and slap fines and jail sentences on newspapers that publish transcripts, saying it will help criminals and muzzle the press. While the centre-right coalition of Prime Minister Silvio Berlusconi says it wants to protect privacy, the opposition says the government is just scrambling to cover up widespread corruption in its ranks with yet another tailor-made law. Parliamentarians have been working late i... read more»





'Rogue' internet firm 3FN shut down
(from BBC at 22-5-2010)
An internet firm linked to many of the internet's criminal gangs has been shut down.The US Federal Trade Commission said Belize-based 3FN aided gangs that ran botnets, carried out phishing attacks and traded in images of child abuse. The servers and net hardware of 3FN have been seized and are due to be sold off as the firm is dismantled. The operators of 3FN must also pay back $1.08m (£750,000 ) they are reputed to have made by hosting criminal sites.... read more»





RapidShare didn't infringe on copyrights, says US court
(from Arstechnica at 22-5-2010)
The US District Court of California denied axxxx entertainment company Perfect 10's request for an injunction against file-sharing service RapidShare on Thursday, saying that the company did not offer sufficient proof that RapidShare itself had infringed on Perfect 10's copyrights. Perfect 10 filed its lawsuit against RapidShare in late 2009, alleging that the Germany-based service illegally hosted the company's images for its members to distribute and download.... read more»





Google keeps Street View's UK Wi-Fi data as privacy group seeks legal action
(from Guardian at 22-5-2010)
The UK Information Commissioner Christopher Graham said on Thursday that the ICO did not want to "declare war" on Google over the matter and that it thought its response – which was initially to accede to Google's offer to delete the data – was "proportionate". However, Google now appears to have decided to delay the deletion while it makes sure that no investigations have been opened; otherwise it might be deemed to have destroyed evidence.... read more»





Cybersecurity Discussion with General Keith B. Alexander, Director of the National Security Agency
(from CSIS at 22-5-2010)
Date: Thursday, Jun 3, 2010 | 9:30 am - 11:00 am Location: B1 Conference Center Center for Strategic and International Studies 1800 K Street, NW Washington DC, 20006 Speaker: - James Andrew Lewis, Director and Senior Fellow, Technology and Public Policy Program The Center for Strategic and International Studies (CSIS) invites you to join us for an event with keynote speaker LTG Keith Alexander, Director of the National Security Agency. LTG Alexander will speak about cyber securi... read more»





Upcoming webinar: How Zeus Attacks Out-of-Band Authentication
(from silver tail systems at 22-5-2010)
Over the past few months, the Zeus malware has changed its mechanism of attack. Due to the proliferation of out-of-band authentication put in place by banks and other organizations, the Zeus authors responded with even more insidious mechanisms for stealing credentials, money, and users’ trust. Silver Tail Systems is pleased to host Lawrence Baldwin of MyNetWatchman. Lawrence will give an overview of the new techniques used by the Zeus malware and explain how these techniques came about. I... read more»





Does Google have Wi-Fi data from your company?
(from InfoWorld at 21-5-2010)
Google is facing scrutiny and investigation around the world following revelations that it has been capturing and archiving Wi-Fi data collected by its Google Street View vehicles that drive around capturing the image data used by the Street View service. It is questionable whether Google should have done that, but what is not questionable is whether or not Google should have any data from your Wi-Fi network. France, Italy, and Germany -- which has some of the strictest privacy protection -- ... read more»





Malware-infected USB drives distributed at security conference
(from ZDNet at 21-5-2010)
The folks at Australian mega-telco Telstra are wiping eggs from their faces after distributing malware-infected USB drives to attendees at this year’s AusCERT security conference. AusCERT’s marketing manager Claire Groves confirmed the USB sticks came certified pre-owned (thanks Dan Geer) and were given out at a tutorial at the conference. According to a SearchSecurity report, the malicious file was of the “autorun” variety, programmed to be run automatically when removable drives are insert... read more»





Committee Approves Cybersecurity Overhaul Bill
(from thenewnewinternet at 21-5-2010)
The House Oversight and Government Reform Committee approved a bill that would overhaul the current federal cybersecurity laws. The bill will provide for continuous network monitoring, create permanent positions for federal CTO and Cyber Coordinator and remove the paper work driven compliance system. “This has truly been a bipartisan effort. This is a very good bill,” said Rep. Edolphus Towns, D-N.Y., chairman of the House Oversight and Government Reform Committee. The 2010 Federal Informati... read more»





Colebrook man arrested for alleged possession of child pxxxgraphy
(from register citizen at 21-5-2010)
A Colebrook man who claimed to police he utilized pxxxgraphic images in his work as a graphic artist is facing a criminal charge for possessing child pxxx. William Hurst, 54 Fritz Road, allegedly had 40 explicit images on his computer discs depicting minors under the age of 18 conducting sexual acts with other children and adults. That was the final tally obtained through a police forensic analysis of discs and a ZIP drive, which were seized in 2006. But his arrest warrant implicates he al... read more»





Twitter malware campaign with a banking Trojan and keylogger combo
(from Net-Security at 21-5-2010)
A malware campaign that uses fake Twitter accounts and sends out messages marked with popular hashtags, containing the text "haha this is the funniest video ive ever seen" and a malicious shortened link, is underway. The messages pop-up when users search for trending topics. The shortened links in the messages all point to a web page that hosts a Java exploit whose goal is to drop a keylogger/banking Trojan on the visiting computer.... read more»





Phishing attacks more than double in 2009’s second half
(from internetretailer at 21-5-2010)
Phishing attacks more than doubled in the second half of 2009 from the first half of the year, increasing to 126,697 from 55,698, according to the global phishing survey released earlier this month by the Anti-Phishing Working Group. One criminal gang—the so-called Avalanche phishing operation—accounted for nearly two-thirds of the attacks in the second half. An attack is defined as a phishing site that targets a specific brand or entity. One domain can host several discrete attacks, APWG say... read more»





Goodbye, Employer-Sponsored Insurance
(from The Wall Street Journal at 21-5-2010)
Millions of American workers could discover that they no longer have employer-provided health insurance as ObamaCare is phased in. That's because employers are quickly discovering that it may be cheaper to pay fines to the government than to insure workers. AT&T, Caterpillar, John Deere and Verizon have all made internal calculations, according the House Energy and Commerce Committee, to determine how much could be saved by a) dropping their employer-provided insurance, b) paying a fine of $2... read more»





IBM distributes malware-infested freebies at AusCERT
(from risky at 21-5-2010)
Risky.Biz has confirmed IBM staff distributed malware-infected USB drives at the AusCERT security conference this week. In a highly embarrassing admission, the company has sent a broadcast e-mail to all AusCERT attendees warning them of the security lapse. "At the AusCERT conference this week, you may have collected a complimentary USB key from the IBM booth," the message reads. "Unfortunately we have discovered that some of these USB keys contained malware and we suspect that all USB keys... read more»





RB2: SPONSOR PODCAST: Microsoft's Steve Adegbite on avoiding a computing nanny state
(from risky at 21-5-2010)
In the following interview, Microsoft's Steve Adegbite joins me for this interview about the potential for a nanny state operating system. With all this rogue AV stuff floating about, the Microsofties are encountering a few fairly significant dilemmas on how to deal with this stuff. Should the OS only accept certain, known brands of AV? Well, then they're acting as a gateway and telling people what they can and can't run. Can't do that. What about a warning system like they did with device dr... read more»





Wal-Mart pushing for chip-and-pin payment cards in U.S., report says
(from NetworkWorld at 21-5-2010)
Wal-Mart wants to see chip-and-pin payment cards adopted in the United States in effort to better secure financial transactions, according to a report from the Smart Card Alliance event this week in Scottsdale, Ariz. "We are working on implementing it in the U.S. It's time for chip-and-PIN in the U.S.," said Jamie Henry, Wal-Mart director of payment services, according to online publication StorefrontBacktalk. Payment cards in the United States are based on simpler magnetic stripe tec... read more»





Symantec's $1.28B VeriSign gambit draws mixed reviews
(from NetworkWorld at 21-5-2010)
Symantec's stunning decision to put $1.28 billion in cash on the table to buy most of the security services within VeriSign is a gambit that is drawing mixed reactions in the analyst community, but Symantec insists the VeriSign certificate and authentication services are key elements in what's shaping up to be one of the biggest self-transformations ever in the security industry. It even comes down to the Symantec logo, which will be changed to a new one that includes the telltale VeriSign ch... read more»





IBM Hands Out Malware-infected USB At AusCERT Security Conference
(from cyberinsecure at 21-5-2010)
IBM has apologised after supplying a malware-infected USB stick to delegates of this week’s IBM AusCERT security conference. The unlovely gift was supplied to an unknown number of delegates to the Gold Coast, Queensland conference who visited IBM’s booth. IBM’s apology email does not identify the strain of malware involved in the attack beyond saying it’s a type of virus widely detected for at least two years which takes advantage of Windows autorun to spread.... read more»





Two thirds of data security breaches come from small companies
(from SecurityPark at 21-5-2010)
Under the new rules, the Information Commissioner’s Office (ICO) is able to fine businesses up to £500,000, equivalent to 10 per cent of the highest annual turnover of a small company, if they lose individuals' confidential data. Previously the ICO had the power to fine just £5,000 for serious breaches of the Data Protection Act, but these new measures are expected to act as an effective deterrent to improve data security within the UK economy. Shred-it welcomes these new powers as a sign... read more»





DARPA plans to SMITE insider enemies
(from Government Computer News at 21-5-2010)
The Defense Advanced Research Projects Agency is looking for technology to address insider threats. DARPA will use the technology, called Suspected Malicious Insider Threat Elimination (SMITE), to predict insider attacks, determine when one is underway and to detect one that has already taken place, according to the request for information issued May 10. DARPA defines an insider threat as "malevolent (or possibly inadvertent) actions by an already trusted person with access to sensitive infor... read more»





Clegg vows to restore British privacy
(from SecureComputing at 21-5-2010)
The UK's new coalition government has promised to give data back to the people in a radical overhaul of public sector databases, surveillance cameras and DNA storage. The restoration of individuals' privacy was a central campaign of both the Conservative and Liberal Democrat parties while in opposition. Under Labour, the UK became one of the most watched societies in the world. Surveillance was higher than in any other European Union country, and at the same level as Russia and China, acco... read more»





Microsoft chases 'click laundering'
(from NetworkWorld at 21-5-2010)
Microsoft said it has uncovered a new kind of click fraud, filing two lawsuits against people it says are using the scam. One of the suits, filed in the U.S. District Court for the Western District of Washington, accuses the Web site RedOrbit.com and the site's president Eric Ralls, of using click laundering, a term Microsoft came up with to describe a new way of boosting the number of clicks on advertisements on a Web site. "What was at one point thought to be highly or almost impossible... read more»





Judge orders permanent shutdown of rogue ISP, forfeit $1 million to FTC
(from SearchSecurity at 21-5-2010)
A rogue ISP that housed the backbone of a number of cybercriminal operations, including botnet command and control servers, malware and child pxxgraphy, has been permanently shut down by a court order Wednesday. U.S. District Court Judge Ronald M. Whyte ordered all operations of Web hosting provider Triple Fiber Network (3FN.net), operated by Pricewert LLC, permanently halted and said the rogue ISP's servers, facilities and other equipment would be sold by a court-appointed receiver in 120 d... read more»





Public trust at risk in data breach
(from hotelnewsnow at 21-5-2010)
It could be argued that when companies are attacked by computer hackers who loot customer credit card numbers or other personal data, they are as much the victims as their customers. The question for the hotel industry is, who will guests hold accountable—the hackers or the hotel brands? As data breaches become more commonplace in the hotel industry, with Radisson Hotels & Resorts, Wyndham Worldwide and a Westin hotel most recently falling prey to cyber criminals, the public’s patience with ... read more»





The missing ingredient in cybersecurity
(from FCW at 21-5-2010)
Many of the most common problems with cybersecurity could be alleviated if the federal government made a concerted effort to raise awareness and educate the public about the issues, says one expert. There’s no getting around the fact that there are some sophisticated hackers out there looking to disrupt critical systems. But it’s also true that hackers often exploit some of the simplest vulnerabilities. If the federal government were to put more energy into educating the public — including... read more»





New website tracking Google's impact on privacy
(from usatoday at 21-5-2010)
The advocacy group Consumer Watchdog has launched a new website, insidegoogle.com, whose purpose is to keep a bright light shining on anything Google does that affects privacy. "Google advocates openness and transparency for everyone else, but when it comes to their own activities, the company is extremely secretive," said Consumer Watchdog spokesman John Simpson. "Inside Google will focus needed public attention on Google's activities."... read more»





Facebook leaks more private data: déjà vu all over again
(from Sophos at 21-5-2010)
The F, A, C, E, B, O, and K keys on my keyboard are becoming well worn. The Wall Street Journal is reporting another major privacy gaffe by Facebook and a few other social networking sites. This time, counter to its own privacy commitments, the site leaked information that identified individual users to third-party advertisers. Some of the other sites named leaked unique IDs related to users, but the case with Facebook is more concerning. Facebook requires everyone to use their real identitie... read more»





Government adjourns key hearing for Pentagon hacker Gary McKinnon
(from ComputerWorldUk at 21-5-2010)
The government has cancelled a court hearing for Gary McKinnon who hacked US military computers while it reconsiders an extradition order that would send him to face a US trial. A judicial review scheduled to begin next Tuesday in the High Court has been adjourned by the Home Office, which oversees criminal justice affairs, according to lawyers for McKinnon. "I hope this may be a signal of a more compassionate and caring home secretary and one that is willing to defend the rights of our ci... read more»





US judge orders shutdown of rogue ISP
(from TechTarget at 21-5-2010)
A rogue ISP that housed the backbone of a number of cybercriminal operations, including botnet command and control servers, malware and child pornography, has been permanently shut down by a court order Wednesday. U.S. District Court Judge Ronald M. Whyte ordered all operations of Web hosting provider Triple Fiber Network (3FN.net), operated by Pricewert LLC, permanently halted and said the rogue ISP's servers, facilities and other equipment would be sold by a court-appointed receiver in 120 ... read more»





Business Intelligence for today's demands
(from The Register at 21-5-2010)
If you're struggling to get your head round how business intelligence can be used to good effect in your business - or struggling to contend with the end user demands for business intelligence in your organisation - then we may have just the tonic. At 11am today we’ll be broadcasting live from our central London bunker with a webcast that promises to help you make sense of the new capabilities and demands of business intelligence in your organisation.... read more»





YouTube among many websites blocked
(from TheNews at 21-5-2010)
Following the ban on Facebook over a competition of blasphemous caricatures the government on Thursday blocked many websites including the popular video-sharing YouTube in Pakistan in a bid to stop the flow of blasphemous material amid countrywide protests. Thousands of protesters belonging to all walks of life took to the roads and main avenues in different cities throughout the country to protest the competition of blasphemous caricatures of the holy Prophet (SAW) on the Facebook on Thursda... read more»





Britons spending more time on web
(from BCS at 21-5-2010)
New research has found that web users in Britain are spending 65 per cent more time online than they did just three years ago. The study by The UK Online Measurement Company also found a change in the sort of websites that people accessed most often. More than one minute out of every four and a half online was spent on social networking or blog sites, far outstripping the previously popular instant messenger category. ... read more»





You Tube blocked as Muslim concerns trigger Pakistani web bans
(from nzherald at 21-5-2010)
Pakistan has blocked YouTube and many other internet sites in a widening crackdown on online content deemed offensive to Islam, reflecting the secular government's sensitivities to an issue that has ignited protests in the Muslim country. The move came a day after the government obeyed a court order to block Facebook over a page called "Everybody Draw Mohammed Day!" that encourages users to post images of Islam's Prophet Muhammad. Most Muslims regard depictions of the prophet, even favourable... read more»





McKinnon hacker extradition case on hold
(from Channel4 at 21-5-2010)
The High Court has granted an adjournment in the case of computer hacker Gary McKinnon's who faces extradition to the US giving new hope to his family, writes Alex Thomson. On Wednesday the press officer at the Home Office said they would be acting on the case made by campaigners on behalf of Gary McKinnon "ASAP". I did not expect a call this morning whilst coming into work on the train.... read more»





UK government to reconsider US extradition of alleged hacker
(from Jurist at 21-5-2010)
A member of the newly formed UK coalition government indicated Thursday that the extradition of alleged hacker Gary McKinnon to the US will be delayed. Home Secretary Theresa May considered an adjournment request from McKinnon's legal team and agreed to delay a scheduled judicial review in order to determine if he is medically fit for extradition.... read more»





Facebook and Others Caught Sending User Data to Advertisers
(from Mashable at 21-5-2010)
The Wall Street Journal is reporting on what could be a major scandal brewing for Facebook, MySpace and other social networks: despite assurances to the contrary, the sites have apparently been sending personal and identifiable information about users to their advertisers without consent. Large advertising companies including Google’s DoubleClick and Yahoo’s Right Media were identified as having received information including usernames or ID numbers that could be traced back to individual pro... read more»





NASA security chief orders bold change to secure networks
(from nextgov at 21-5-2010)
In what is being described as a break away movement that security professionals say will better secure porous computer systems, NASA's top security chief ordered his staff on Tuesday to shift their focus from certifying that networks are compliant with a nearly decade-old law to monitoring systems for holes and real-time reporting of threats. The change is a watershed moment for federal information technology managers, who since 2002 have been required to follow a law that critics say forces ... read more»





Tech company website hit by rogueware
(from Star-TechCentral at 21-5-2010)
The website address of a local technology company was hijacked and anyone trying to access the site from a web search list would instead be hit by “rogueware.” It is an attempt to trick users into installing an unauthorised program on their computers, which could be anything from a virus to a program that digs out passwords to bank accounts or other online services. Typing in the name of the company into Google resulted in a list of matching hits.... read more»





Pakistan blocking YouTube and Facebook
(from Neowin at 21-5-2010)
Pakistan is blocking the video sharing website YouTube one day after ISPs in the country received a court order to block Facebook. BBC News is saying reports are leading them to believe a number of Wikipedia and Flickr pages are also being censored. Pakistani officials say YouTube has been blocked because of its "growing sacrilegious content". Reuters reported on Wednesday the Pakistan Telecommunication Authority (PTA) told ISPs to indefinitely block access to Facebook due to a group on the ... read more»





Quantum encryption cracked
(from IT Web at 21-5-2010)
Yesterday, it was announced that physicists at the University of Toronto in Canada have successfully attacked a commercial quantum cryptography system for the first time in history. Quantum cryptography was supposed to be unbreakable, and up until this time it had been impossible for an eavesdropper to intercept communications sent using this type of technology. However, like many other security systems, the technology was built making various assumptions, and in the real-world not all the... read more»





Google Wi-Fi Breach Spurs Calls For Investigation
(from CNet at 21-5-2010)
Following reports of a privacy breach related to Google Street View, lawmakers in the United States and Europe are calling for an investigation into the search giant's collection of private data from homes' Wi-Fi networks. Google last Friday said it had mistakenly collected data sent over Wi-Fi networks using its Street View cars. The company had previously said that while its Street View cars collected publicly broadcast Wi-Fi network names and MAC addresses from Wi-Fi routers as the vehicle... read more»





Security engineering: broken promises
(from ZDNet at 21-5-2010)
On the face of it, the field of information security appears to be a mature, well-defined, and an accomplished branch of computer science. Resident experts eagerly assert the importance of their area of expertise by pointing to large sets of neatly cataloged security flaws, invariably attributed to security-illiterate developers; while their fellow theoreticians note how all these problems would have been prevented by adhering to this year’s hottest security methodology. A commercial industry th... read more»





IBM distributes malware-laden USBs at big Aus security conference
(from Finextra at 21-5-2010)
Big Blue was forced to send out an e-mail to all delegates at the AusCert conference warning them not to use the keys, which were doled out from its stand as a freebie item. "At the AusCERT conference this week, you may have collected a complimentary USB key from the IBM booth," IBM Australia chief technologist Glen Wightwick wrote. "Unfortunately we have discovered that some of these USB keys contained malware and we suspect that all USB keys may be affected."... read more»





Senate passes massive Wall Street regulation bill
(from mercurynews at 21-5-2010)
Prodded by national anger at Wall Street, the Senate on Thursday passed the most far-reaching restraints on big banks since the Great Depression. In its broad sweep, the massive bill would touch Wall Street CEOs and first-time homebuyers, high-flying traders and small town lenders. The 59-39 vote represents an important achievement for President Barack Obama, and comes just two months after his health care overhaul became law. The bill must now be reconciled with a House version that passed i... read more»





ACLU Helping Guard Twitter Users' IDs
(from FOXNews at 21-5-2010)
An American Civil Liberties Union lawyer said Thursday his organization is helping two anonymous Twitter users fight an effort by prosecutors to unmask them after they tweeted criticism of a Pennsylvania attorney general who is running for governor. "It's a prized American right to criticize government officials, and to do so anonymously," ACLU attorney Vic Walczak said.... read more»





Usenet's home shuts down today
(from The Register at 21-5-2010)
Duke University in North Carolina is where Usenet began, and today the institution is shutting down its Usenet server. The college cites "low usage and rising costs" for the decision. The first messages began flowing in 1980, after two Duke students Tom Truscott and Jim Ellis, developed the protocol, using UUCP as a transport and modems (two 300 baud auto-diallers) and telephone lines as the backbone.... read more»





Jeremy Hunt deletes all tweets critical of Nick Clegg and Liberal Democrats
(from Telegraph at 21-5-2010)
Jeremy Hunt, the new Culture Minister, has been accused of attempting to rewrite history by deleting his pre-election tweets critical of Nick Clegg and the Liberal Democrats. Messages mocking the Lib Dem's "shameless" U-turns on the euro and an immigrant amnesty were among the dozens of posts now deleted by Mr Hunt, whose Cabinet role includes responsibility for the internet. In one tweet now consigned to the cyber-dustbin, he derided Mr Clegg's discussion of morality during the second leade... read more»





An unfortunate choice of names
(from SunbeltBlog at 21-5-2010)
There has been an explosion of rogue security products with different names in the last year – which is clearly an attempt to avoid detection by the rogue peddlers. Now the names of LEGITIMATE companies’ LEGITIMATE products are getting mixed up with the names of rogues. Case in point: “Antivirus 2010.”... read more»





Call for strategy to fight cyber threats
(from KhaleejTimes at 21-5-2010)
The UAE should have a strategy to defend itself against cyber crimes, cyber espionage and the possibility of a cyber war, an expert on security said. “We should know who can and will attack us and we should be able to defend ourselves,” Richard A. Clarke, who has served three consecutive US presidents as senior White House advisor, said in a lecture, “Cyber War: The next Threat to the UAE’s National Security”, at the Emirates Centre for Strategic Studies and Research.... read more»





Real-world Web browser history detection results
(from What The Internet Knows About You at 21-5-2010)
For the last six months, this website has served as a tool to teach Internet users about Web browser history detection, which allows any website on the Internet to view the browsing history of most of its viewers. At the same time, we were analyzing the problem in more detail to determine how many of our visitors were affected by this attack, how difficult it is to scan browsers' histories for visited sites and resources, and how much information can be gathered about most of us in this manne... read more»





Quantum key security hacked for first time
(from NetworkWorld at 21-5-2010)
An important weakness has been discovered in the technology of quantum key distribution (QKD), which is increasingly being used by military and government to secure sensitive communications. Researchers at the University of Toronto have successfully attacked a QKD system from Swiss company, id Quantique, the first time an attack on a commercial system using the technology has been demonstrated. The highly-theoretical attack was based on disproving assumptions about the levels of errors whi... read more»





AusCert 2010: Hanmore back to CERT
(from NetworkWorld at 21-5-2010)
After less than a year at Microsoft, security officer Karl Hanmore has left the Redmond giant to return to work for Australia's national cyber security team. Hanmore has taken up an operations post at CERTAustralia, understood to be a rival of his former employer AusCert where he worked as operations manager. CERTAustraliabecame the country's official national Computer Emergency Response Team (CERT) after the organisation was announced in November last year.... read more»





Canada’s Super Spies 'Discover' Cybercrime is a Threat
(from Wordpress at 21-5-2010)
Canada’s Security Intelligence Service, CSIS, (Canada’s spies), according to a just released, heavily censored “TOP SECRET” memo, (no, I’m not making this up), has ferreted out a startling fact on cybercrime – it’s growing! I can appreciate why this startling discovery needed to be designated “top secret”. Panic in the streets, possible riots, a reverting to pre- Internet days, are all conceivable outcomes should the average Canadian become aware that CYBERCRIME IS GROWING! These “top secret... read more»





Coalition agreement website exposes database password
(from The Register at 21-5-2010)
A government website this morning wrongly exposed its database hostname, password and username to anyone wishing to read up on the coalition's agreement. The extremely embarrassing gaffe happened within about an hour of the Cabinet Office announcing the Programme for Goverment website. The website is, at time of writing, titsup and displaying a DNS lookup error."We are aware there's a technical problem, we're working to fix it," a Cabinet Office spokesman confirmed to The Register. However, h... read more»





Government launches own social network site
(from The Sydney Morning Herald at 21-5-2010)
Vietnam's communist government has launched its own social networking site, after allegations that it restricted Facebook and hacked numerous websites with political content. A pilot version of the go.vn site was launched this week and is the country's biggest-ever IT project, a notice on the website said. "Several people said I ordered the launching of the Vietnamese network to eliminate others like Google or Yahoo. It's not true," Minister of Information and Communication Le Doan Hop said i... read more»





Internet risk to children on rise
(from The Age - Australia at 21-5-2010)
A growing number of internet-savvy sxx predators are preying on vulnerable teenagers.Victoria Police have confirmed that organised criminal networks and individuals in and outside Australia have been grooming children for illegal sxx and the number of predators is rising. The prolific growth of online social network sites has provided a ready-made playground for predators to seek out potential victims, earn their trust and then sxxually exploit or abuse them.... read more»





School Spy Program Used on Students Contains Hacker-Friendly Security Hole
(from Wired at 21-5-2010)
A controversial remote administration program that a Pennsylvania school district installed on student-issued laptops contains a security hole that put the students at risk of being spied on by people outside the school, according to a security firm that examined the software. The LANrev program contains a vulnerability that would allow someone using the same network as one of the students to install malware on the laptop that could remotely control the computer. An intruder would be able to ... read more»





Ex-Hacker Adrian Lamo Institutionalized for Asperger’s
(from Wired at 21-5-2010)
Last month Adrian Lamo, a man once hunted by the FBI, did something contrary to his nature. He picked up a payphone outside a Northern California supermarket and called the cops. Someone had grabbed Lamo’s backpack containing the prescription anti-depressants he’d been on since 2004, the year he pleaded guilty to hacking The New York Times. He wanted his medication back. But when the police arrived at the Safeway parking lot it was Lamo, not the missing backpack, that interested them. Somethi... read more»





HP recalls more notebook computer batteries
(from Xinhuanet at 21-5-2010)
Hewlett-Packard Co. (HP) on Wednesday announced that it is recalling more notebook personal computer (PC) batteries that have the potential to overheat and pose a fire and burn hazard to consumers. The latest move is an expansion of a previous program initially launched on May 14, 2009, with additional battery packs and notebook models.The affected battery packs were distributed worldwide in certain notebook PCs manufactured between August 2007 and May 2008, according to information posted on... read more»





Heartland coughs $41m to settle MasterCard claims
(from The Register at 21-5-2010)
Heartland Payment Systems has agreed to pay up to $41m to Mastercard in settlement for claims arising from a high-profile breach involving the payment processing firm two years ago. Under the agreement, MasterCard issuers who suffered losses as a result of the intrusion will be eligible for compensation from a $41.4m fund, providing banks left in a hole agree to the arrangement by the end of June. The proposed settlement is the third Heartland has reached with major card brands. A previous ag... read more»





Most browsers silently expose intimate viewing habits
(from The Register at 21-5-2010)
The vast majority of people browsing the web are vulnerable to attacks that expose detailed information about their viewing habits, including news articles they've read and the Zip Codes they've entered into online forms. According to results collected from more than 271,000 visits to a site called What the internet knows about you, 76 percent of users exposed their browser histories, with the proportion of those using Apple's Safari and Google Chrome browsers even higher. Surprisingly, the p... read more»





US Senate approves sweeping reforms of Wall Street
(from BBC at 21-5-2010)
The US Senate has passed a bill providing the most sweeping overhaul of financial regulations since the 1930s. The Senate passed the bill by 59 votes to 39. It must still be merged with a version in the House. The bill creates new ways to watch for financial risks and makes it easier to liquidate large failing firms. President Obama said Americans would never again pay "for Wall Street's mistakes" adding that Wall Street had tried but failed to scupper the bill. The bill will create a new... read more»





Malware Is South America's New Growth Industry
(from eSecurity Planet at 21-5-2010)
Malware syndicates in China have been implicated in a number of recent high-profile, targeted cyber attacks against American companies and organizations, but the latest data from security software vendor Zscaler indicates a new and equally dangerous threat is emerging in South and Central America. Honduras checked in with a ratio of 7.5 percent, good enough (or bad enough, depending on how you view it) for second in the world behind only the Cayman Islands (10.2 percent).... read more»





Government coalition document prioritises open data and open source software
(from Computer Weekly at 21-5-2010)
The Conservative and LibDem coalition document has some pointers on the new government's approach to IT, with a section dedicated to IT-related policies. The focus is on open source software and the publication of government data and the coalition also says steps will be taken to "open up government procurement and reduce costs". IT contracts will be published online and full online disclosure of central government spending over £25,000 will be required.... read more»





The West is "creamed" when it comes to cybercrime, says author
(from marketing magazine at 21-5-2010)
Menn stressed that Western governments need to do more in their dealings with less regulated countries—again, primarily Russia and China—when it comes to cybersecurity. "It's a little awkward to declare another power full of thugs, true as it may be," he said, adding that the U.S. should be talking about these issues at international summits. "But there are things we can do to be more effective. We've been so weak on this stuff, afraid to call anyone on to the carpet." But it wasn't quite all... read more»





EU unveils five-year digital economy plan
(from hostexploit at 21-5-2010)
European Commission Vice-President Neelie Kroes today (19 May) unveiled her strategy to create a "virtuous and self-replicating digital economy". The five-year plan concentrates on infrastructure for high-speed Internet and fostering a borderless market for online music and film. Kroes, who has held the Commission's new 'digital agenda' portfolio for almost three months, presented a 39-page plan to boost the digital economy.... read more»





Cyber war poses threat to national security: expert
(from hostexploit at 21-5-2010)
The UAE can lead international efforts to promote global cyber security and cyber peace and to avoid the use of cyberspace for conflict, said a former senior White House adviser on Tuesday. "The UAE can play a leading role in creating an international system for cyber peace. You can do that not just by computers. But you can do that by strategists and diplomats. And there is a great role for the UAE to play in helping the world step back from Cyber war to create an international system for cy... read more»





Latest Computer Threat Could Be Worst Yet
(from hostexploit at 21-5-2010)
The next looming threat to your computer is more insidious than anything experts have seen in the past, says a UT Dallas computer scientist. Dr. Kevin Hamlen is referring to a form of malicious software, or Malware, that he calls “reactively adaptive.” And although the threat is still hypothetical, he and his colleagues caution that unless adequate defenses are developed soon, reactively adaptive Malware could one day roam the Internet with impunity, producing potentially disastrous consequen... read more»





Second NJ exec pleads guilty to online fraud
(from hostexploit at 21-5-2010)
A New Jersey man has pleaded guilty to defrauding clients out of $10.2 million after being accused of running a scam on Craigslist and other websites, joining a colleague who pleaded guilty two weeks ago. Paul Bultmeyer, 70, admitted on Wednesday to one count of conspiracy to commit wire fraud before U.S. District Judge Jose Linares in Newark, New Jersey, U.S. Attorney Paul Fishman said. The Upper Saddle River resident was released on bail pending a September 1 sentencing. He faces a maxim... read more»





German minister stresses privacy rights with Google chief
(from Google at 21-5-2010)
German Foreign Minister Guido Westerwelle met Google co-founder Larry Page Thursday, the ministry said, amid tensions over its controversial Street View service and the sanctity of private data. In an unusual half-hour, closed-doors meeting at the ministry with a foreign business executive, Westerwelle also took up the issue of censorship in China and other countries which have posed challenges to the US-based Internet giant.... read more»





Blair to resign as US top spy: ABC News
(from Google at 20-5-2010)
President Barack Obama's Director of National Intelligence Dennis Blair will resign as soon as Friday, ABC News reported, saying the top US spy had lost the full confidence of the White House. Blair, who as DNI coordinates 16 US intelligence agencies, met Obama in the Oval Office on Thursday and offered to resign, and the president said he would accept, ABC said. Obama had held "serious conversations" about whether to ask Blair to step down for and had interviewed possible replacements, th... read more»





Alleged hacker sought in US to stay in UK for now
(from Yahoo at 20-5-2010)
Britain's Home Office says a man wanted in the U.S. for allegedly hacking into American military computers can stay in the U.K. for now because the new home secretary has agreed to grant more time to consider the case. The High Court adjourned the case of Gary McKinnon's extradition Thursday after Home Office chief Theresa May approved a pause in court proceedings. McKinnon is accused by U.S. prosecutors of hacking into computers shortly after the Sept. 11, 2001 attacks.... read more»





Hacker steals 22,000 email address, demands Astley tune
(from Computer World at 20-5-2010)
Dutch hacker Darkc0ke hijacked a radio station database containing 22,000 email addresses and threatened to publish them unless the station play Rick Astley's "Never Gonna Give You Up," a variation of an internet meme known as "rickrolling." Last weekend Darkc0ke mailed DJs from the Dutch nationwide radio station 3FM and issued his threat and demand. The DJs notified the station's IT department, which realised that a backdoor to their database was indeed open.... read more»





Microsoft $200 Million Settles VPN Patent Infringement Lawsuit
(from IT Channelplanet at 20-5-2010)
Microsoft Corp. said it will pay $200 million to VirnetX Holding Corp., a Scotts Valley, CA-based developer of technology for virtual private networks, to settle a 2007 patent infringement lawsuit and a subsequent filing charging the software giant incorporated VPN technology it did not own into its Windows and Office Communications Server products. Under terms of the settlement, Microsoft said it will license VirnetX’s technology but neither party disclosed additional details.... read more»





US scientists 'hack' into Indian voting machines
(from MSN at 20-5-2010)
India's voting machines - considered to be among the world's most tamperproof - can be hacked, American scientists claim. Researchers at the University of Michigan connected a home-made device to a voting machine and successfully changed results by sending text messages from a mobile. Moreover, they added a small microprocessor, which they say can change the votes stored in the machine between the election and the vote-counting session.... read more»





Microsoft sues unnamed parties for clicks on HelloMetro ads
(from Biz Journals at 20-5-2010)
Online publisher HelloMetro Inc. has been drawn into a lawsuit filed this week by technology giant Microsoft Corp. related to an alleged scheme to fraudulently boost revenue from online advertisers. In a lawsuit filed in the U.S. District Court for the Western District of Washington, Redmond, Wash.-based Microsoft (NASDAQ: MSFT) alleges that one or more unnamed parties — referred to in the lawsuit as John Does 1-20 — participated in a “sophisticated click-laundering scheme” by generating inva... read more»





FTC Kills Pxxx or Spam ISP
(from Mashable at 20-5-2010)
Today, the Federal Trade Commission permanently shut down 3FN, a Belize-based Internet service provider (ISP) notorious for hosting botnets, child pxxxography, phishing attacks and various other scams and malware. The ISP has been ordered to pay back $1.08 million which it earned by cooperating and conspiring with criminals. It took almost a full year in court for the FTC to win this battle against 3FN. When this ISP was put under a preliminary injunction last year, spam volume dropped by 15%... read more»





RSA Conference 2011- Call for Speakers
(from RSA Conference at 20-5-2010)
RSA Conference 2011 returns to San Francisco from February 14-18 for its 20th anniversary and we'd like you to join us for another year of ideas, exploration and celebration. This is your opportunity to address the latest issues facing today's information security professionals. Proposing topics and leading discussions help distinguish you as a thought leader and are a great way to showcase your knowledge as an industry expert. As a speaker, you'll receive a complimentary Delegate regist... read more»





Can VeriSign deal make Symantec the Web's identity broker?
(from CNet at 20-5-2010)
With its acquisition of VeriSign's authentication business, Symantec is making a big play for a piece of the market for services that validate the identity of users and content on the Web. The $1.28 billion cash deal--the third encryption-related purchase for Symantec in three weeks--would seem to be a natural extension of its desktop and server security offerings, several analysts said. But other observers question how well suited one of the leading antivirus providers really is to become th... read more»





UPDATE: Symantec To Buy VeriSign's Authentication Unit
(from The Wall Street Journal at 20-5-2010)
Symantec Corp. has agreed to purchase VeriSign Inc.'s (VRSN) identity and authentication business for $1.28 billion in an effort to round out its information-protection business. "Security technology is fragmented," Symantec President and Chief Executive Enrique Salem said in an interview. "Now our customers will have one way of managing all of security. Now we will be able to protect you and your information." The acquisition, which had been reported as likely by The Wall Street Journal o... read more»





The Team Cymru Route-server
(from Cymru at 20-5-2010)
This route server and associated BGP statistics are made possible thanks to the kind donation of peering by many organizations and individuals. If you are interested in peering with the Team Cymru route server please contact us at team-cymru@cymru.com. This list was last updated at Thu May 20 12:00:01 2010 GMT The list is updated every 2 hours... read more»





Ex-Taiwanese civilian spies break long silence
(from Asahi at 20-5-2010)
Lin Yi-lin stood before a tall, "faceless" member of Taiwan's intelligence community, in a room without windows at Taipei international airport. Lin, 40, had just returned to his homeland following his release from prison in mainland China, where he had spent 14 years and 10 months behind bars for espionage. A paper bag was on the table. Lin instinctively knew it was stuffed with cash.... read more»





UK data watchdog calls on Google to delete Wi-Fi data
(from v3 at 20-5-2010)
UK privacy watchdog the Information Commissioner's Office (ICO) has asked Google to delete the private Wi-Fi data it has collected from homes and businesses. Google admitted last week that it is holding the so-called 'pay-load' data, which includes Wi-Fi network names, MAC addresses and samples of information sent over networks. The company claimed that the information was collected "by mistake" in 2008, when its vans were gathering content for the Street View service.... read more»





Brits spend a day a month online
(from v3 at 20-5-2010)
British internet use has changed dramatically over the past three years, according to a survey into UK web habits by the UK Online Measurement Company (UKOM). Brits spent 884 million hours online in April 2010, two-thirds as much as they did in April 2007, and are spending that time in different ways, the firm explained. Three years ago social networking sites and blogs took up just nine per cent of UK browsing time, or one in every 11 minutes. The figure now is just under a quarter.... read more»





Teach customers about data breach fines
(from ChannelWeb at 20-5-2010)
Recent high-profile losses of government data have caused concern among the UK public. There are now several high-profile databases from which information could go missing, such as a national DNA database, which contains the genetic records of more than four million UK citizens. However, the Information Commissioner's Office (ICO) from 6 April has had the power to fine organisations up to £500,000 if they seriously breach the Data Protection Act. Action will now be taken if the ICO is conv... read more»





Microsoft Investigators Uncover Emerging Form of Click Fraud
(from Microsoft at 20-5-2010)
Microsoft Corp. has filed two lawsuits this week in the U.S. District Court for the Western District of Washington detailing evidence of an emerging form of click fraud in online advertising the company has dubbed “click laundering.” One lawsuit is a John Doe suit alleging that unidentified defendants engaged in this activity; the other lawsuit names Web publisher RedOrbit Inc. and its president, Eric Ralls, as defendants. Click laundering, a previously unknown form of pay-per-click (PPC) advert... read more»





Man charged with attacking O'Reilly, Coulter websites
(from SC Magazineus at 20-5-2010)
A former college student has been charged with using the school's computer network to control a botnet and launch distributed denial-of-service (DDoS) attacks against conservative websites belonging to Bill O'Reilly, Ann Coulter and Rudy Giuliani. Mitchell Frost, 22, of Bellevue, Ohio was charged Friday with one count each of damaging a protected computer system and possessing unauthorized access devices, according to the U. S. attorney's office for the Northern District of Ohio.... read more»





European Commission launches ambitious Digital Agenda
(from v3 at 20-5-2010)
The European Commission has set out its long-awaited Digital Agenda action plan, promising long-term investment and the removal of obstacles to maximising the potential of information and communication technologies (ICTs) to speed up the region's economic recovery. The initiative, which has been touted by Digital Agenda commissioner Neelie Kroes for some time, focuses on seven key areas with the aim of creating a virtuous circle. The EC is hoping to create a situation where attractive serv... read more»





PAX East expo hacker charged with attempted theft
(from TGDaily at 20-5-2010)
There were a lot of announcements at this year's PAX East conference in Boston, but the biggest news story came from a man who tried to steal a prototype of Atomic Games' upcoming title Breach. 20-year-old Justin May was actually able to hack into an Xbox 360 debug system at the Atomic booth and start downloading the beta game file to his laptop. However, an Atomic employee noticed him and questioned what he was doing. At that moment he ran away with laptop in tow while being chased by oth... read more»





CA World: Cloud computing is new turning point, says CEO
(from NetworkWorld at 20-5-2010)
Cloud computing marks a new "inflexion" point in the IT industry, according to CA Technologies. In his keynote speech to the 7,000 delegates at the CA World conference in Las Vegas, William McCracken, president and CEO of CA made the announcement as the company launched a range of new cloud solutions, including SaaS monitoring product Nimsoft on Demand. "We are at a new inflexion point in the industry. There will be significant change by this time next year - it's started," said McCracken... read more»





How to get ready for the 'net generation'
(from Government Computer News at 20-5-2010)
The Defense Department has released a new manual that deals with social networking and the workplace. The “Net Generation Guide,” put together by the Federal Chief Information Officers Council, notes that 957,000 federal employees will be eligible for retirement during the next few years, creating a shrinking workforce that has evolved considerably during the rise of the Internet. The report also discusses how to draw in and keep up-and-coming workers – the Net Generation, defined as those... read more»





VA IT official defends work on data protection
(from Government Computer News at 20-5-2010)
Roger Baker, assistant secretary for information and technology at the Veterans Affairs Department, today defended the department’s efforts to protect against data theft and unauthorized access at a House hearing where the VA was criticized for two recent breaches of veterans’ personal data in Texas. Rep. Harry Mitchell (D-Ariz.), who chairs the House Veterans' Affairs Committee’s Oversight and Investigations Subcommittee that held the hearing, said the panel is evaluating two recent incident... read more»





Social sites pose a threat to safety
(from Nation at 20-5-2010)
Despite their popularity especially among the youth, social networking sites pose the greatest threat to internet security. Players estimate that by the end of the year, social media users will be the most vulnerable to different forms of cyber crime. These are such as fraud, identity theft, spread of malware and even physical harm following updates on ones profile.... read more»





Security of Internet, phone top priority in Xinjiang
(from China Daily at 20-5-2010)
Reinforcing the security of telecommunications in Northwest China's Xinjiang Uygur autonomous region is a priority for officials, because the Internet, phone and mobile services have become major tools for overseas extremists and separatists to instigate terrorist events in the region, a senior official said. "The July 5 riot last year shows the Internet has become a major platform for the 'three evil forces' - extremists, separatists and terrorists - to spread rumors and plot sabotage activi... read more»





FTC to investigate photocopier security risks
(from TGDaily at 20-5-2010)
It's a hideous thought: all over the world, every time some idiot photocopies their butt, the image is stored for posterity. According to the FTC, which is looking into the issue, the majority of photocopiers store all scanned images, forever. And while all those rear ends may not be pleasant, it's more sensitive information that really concerns the Commission. The technology could potentially enable thieves to view Social Security numbers, private medical and bank records and other sensitiv... read more»





Search for 10,000 Cyber Experts Aims to Guard Cyberspace
(from theepochtimes at 20-5-2010)
Three days remain in the United States Cyber Challenge competition. The contest is, essentially, a “talent search to find and develop 10,000 cyber security specialists to help the United States regain the lead in cyberspace,” according to a White House document on the contest. The contest has drawn an estimated 1,500 high school and college students, who will need to gather as much information as they can about the U.S. Cyber Challenge, and then take two online quizzes about the competition. ... read more»





German Court Determines Unprotected Wireless Networks a Threat
(from TMCnet at 20-5-2010)
Is your wireless network password protected? If you live in Germany and the answer is no, you could be facing a hefty fine. According to a ZDnet blog, a recent ruling by Germany’s top criminal court determined those who leave a wireless network unprotected can be fined as much as 100 euros or roughly $127 dollars. The ruling is in response to a lawsuit between a musician and a user whose unprotected wireless network was used for downloading and sharing music over P2P. The court said users are... read more»





Nanotech will be focus for future criminal hackers
(from NetworkWorld at 20-5-2010)
Criminal hackers once rejoiced in manipulating the new digital phone systems in the 1960s and 1970s; then they moved on to using modems and hacking into mainframes in the 1970s and 1980s; then they exploited the new local area network technology and the burgeoning Internet in the 1980s. Malware writers moved from boot-sector viruses on floppy disks in the 1980s to file-infector viruses and then to macro viruses in the 1990s and vigorously exploited worms and Trojans for botnets in the recent dec... read more»





Home secretary reconsiders McKinnon case
(from v3 at 20-5-2010)
Home secretary Theresa May has adjourned the pending judicial review of Nasa hacker Gary McKinnon while she reviews the case, offering his supporters the first glimpse that the government may be about to refuse his extradition to the US. Breaking reports suggest that May, who was appointed last week as part of the David Cameron administration, is now looking at McKinnon's medical evidence to assess whether he is fit to stand trial in the US. Former Labour home secretary Alan Johnson is sai... read more»





Five Ways to Keep Online Criminals at Bay – New York Times
(from win32virusremoval at 20-5-2010)
Criminals have found abundant opportunities to undertake stealthy attacks on ordinary Web users that can be hard to stop, experts say. Hackers are lacing Web sites — often legitimate ones — with so-called malware, which can silently infiltrate visiting PCs to steal sensitive personal information and then turn the computers into “zombies” that can be used to spew spam and more malware onto the Internet. At one time, virus attacks were obvious to users, said Alan Paller, director of research at... read more»





Google Faces German Investigation Over Wi-Fi Data
(from enterprise-security-today at 20-5-2010)
German prosecutors are investigating Google Inc. on suspicion of violating privacy laws by recording fragments of people's online activities through unsecured Wi-Fi networks. Hamburg prosecutor Wilhelm Moellers told the news agency DAPD that his office launched the investigation after a complaint was filed against undisclosed Google employees over the incident last Friday. "The tapping of data is believed to have taken place over unsecured Wi-Fi networks in connection with 'Street View'" a... read more»





Heartland reaches $41.4m MasterCard settlement over data breach
(from Finextra at 20-5-2010)
Heartland revealed last January that malicious software in its processing system had been found, potentially compromising the card data of millions of people. The firm has agreed to fund the $41.4 million in "alternative recovery offers" to settle loss claims by card issuers associated with the breach. MasterCard is recommending the offer is accepted. The deal is contingent upon financial institutions representing 80% of the claimed-on accounts accepting it by 25 June and waiving their rig... read more»





Computer hacker Gary McKinnon could win extradition reprieve
(from Telegraph at 20-5-2010)
The 44-year-old is wanted to go on trial for hacking into US military computers after the September 11 attacks in 2001. If convicted he could face as long as 60 years in prison. Lawyers for Mr McKinnon, who has Asperger's Syndrome, have urged Mrs May to overrule her predecessor's decision to send him to the US for trial. Alan Johnson ruled that he should be sent to America despite medical advice from Prof Jeremy Turk, a psychiatrist, that he was suicidal.... read more»





Pakistan blocks access to YouTube in internet crackdown
(from BBC at 20-5-2010)
Pakistan has blocked the popular video sharing website YouTube because of its "growing sacrilegious content". Access to the social network Facebook has also been barred as part of a crackdown on websites seen to be hosting un-Islamic content. On Wednesday a Pakistani court ordered Facebook to be blocked because of a page inviting people to draw caricatures of the Prophet Muhammad....read more»





P2P Networks Pose Serious Risks: Study
(from healthcareinfosecurity at 20-5-2010)
A new Dartmouth College study illustrates the risks involved in using peer-to-peer networks as well as the dangers of storing patient information in spreadsheets and documents outside of electronic health records. Researcher at Dartmouth's Tuck School of Business conducted keyword searches on several P2P networks and discovered patient information in spreadsheets, PDFs or other document formats, says Professor M. Eric Johnson. Their report, "Will HITECH Heal Health Patient Data Hemorrhages?" ... read more»





Virtual fingerprint might expose you online
(from Stuff at 20-5-2010)
A US privacy group has discovered the existence of a virtual fingerprint that can be matched up with most computers to monitor the online habits of individuals. According to the Electronic Frontier Foundation, most web browsers carry a unique signature that can help websites gather information about online activities. Although this data does not directly identify you as a person, it can be used to build a very detailed internet profile.... read more»





Australian Cyber Crime Nets $70 Million Annually
(from The New New internet at 20-5-2010)
Organized crime is estimated to be costing Australia $15 billion annually, according to The Age. Cyber crime alone account for nearly $70 million stolen each year. The major avenues for cyber crime are hacking and identity theft that defrauds the Australian government, companies and private citizens of millions annually. The United States and Australia are working closely together to combat the cyber threat and each government is increasing its efforts to curtail the growing rates of cyber cr... read more»





Collaboration is key to addressing cyber security challenges
(from FT at 20-5-2010)
The stakes are so high that reducing the impact of cybercrime is an issue businesses should be taking very seriously. But they are not always looking for solutions in the right place. Security tends to be seen as a technical problem, requiring a technical solution – and indeed, in many cases a technical solution already exists. The real problem is that unless we know what problem we are solving, we can’t use technology to do it.... read more»





PCI Update Gets Mixed Reviews
(from Bankinfosecurity at 20-5-2010)
The new point of sale standard released by the PCI Security Standard Council receives mixed reactions from industry security experts. The revised standard is meant to enhance and prevent payment card fraud on devices that accept payment transactions, and will cover everything from retail point of sale card readers to unattended payment terminals at gas stations and parking lots.... read more»





Businesses faced with £10 billion bill after fraud attacks
(from Pr-inside at 20-5-2010)
A new report by financial firm PwC has demonstrated that it is not just individuals who are at risk from identity fraud, and not just individuals perpetrating the crime either. There has been a dramatic increase in the level of cyber hacking attacks on businesses in the past two years, which is costing UK businesses billions in reparation costs. The report from Pricewaterhouse Coopers released recently said that 90 per cent of UK businesses surveyed reported malicious security breaches of the... read more»





Britons 'spending more time than ever' online
(from BCS at 20-5-2010)
The amount of time the average Briton spends on the internet has more than doubled over the past three years, it has been revealed. New figures from the UK Online Measurement Company (UKOM) revealed that the typical internet user in Britain now spends 22 hours and 15 minutes online each month. This represents a 65 per cent increase on the figure recorded in 2007, with the rise being attributed largely to people making use of social sites.... read more»





Britons 'wising up' to online security
(from BCS at 20-5-2010)
Britons are becoming increasingly aware of the importance of taking steps to stay safe online, Ofcom has said. While cyber crime levels continue to rise, the latest research carried out by the regulator found that four in five adults who make use of social networking sites only allow their friends of family members to see their own profile. This compares to the figure of just 48 per cent recorded back in 2007, suggesting more people are waking up to the dangers posed by online fraudsters ... read more»





Internet companies urged to protect data privacy
(from BCS at 20-5-2010)
Internet companies need to act responsibly to protect the privacy of their users, Liberty has stated. The civil liberties organisation has stated that online firms need to step up their efforts to make users feel secure. It comes days after the blog All Facebook reported that the popular social networking site held a major meeting aimed at addressing concerns surrounding its use of potentially-sensitive information. Liberty policy officer Anita Coles said that the internet can be 'fantast... read more»





Pakistan blocks YouTube access
(from Guardian at 20-5-2010)
The Pakistani government says it has blocked access to YouTube because of growing "sacrilegious" content on the video-sharing website. The move comes a day after the government blocked Facebook because of a page on the social networking site that encourages users to post images of Islam's prophet Muhammad, which are considered blasphemous under Islam. The Pakistan Telecommunications Authority said the government took action after it failed to convince the two websites to remove "derogatory... read more»





Muslim anger prompts Pakistan to block Facebook
(from Boston at 20-5-2010)
Pakistan's government ordered Internet service providers to block Facebook on Wednesday amid anger over a page that encourages users to post images of Islam's Prophet Muhammad. The page on the social networking site has generated criticism in Pakistan and elsewhere because Islam prohibits any images of the prophet. The government took action after a group of Islamic lawyers won a court order Wednesday requiring officials to block Facebook until May 31. By Wednesday evening, access to the s... read more»





FTC takes out notorious pxxn- and botnet-spewing ISP
(from NetworkWorld at 20-5-2010)
The Federal Trade Commission today got a judge to effectively kill off the Internet Service Provider 3FN who the agency said specialized in spam, porn, botnets, phishing and all manner of malicious Web content. The ISP's computer servers and other assets have been seized and will be sold by a court and the operation has been ordered to give back $1.08 million to the FTC. According to the FTC in June 2009, it charged that 3FN, which does business as Triple Fiber Network, APS Telecom, APX... read more»





Man in court over Facebook killing
(from The Sydney Morning Herald at 20-5-2010)
The man accused of killing an 18-year-old Sydney girl he befriended on Facebook will stay in custody as investigators continue to sift through his computer files. Christopher James Dannevig, 20, appeared via video link at Campbelltown Local Court this morning, charged with murder in connection with the death of Nona Belomesoff. More than a dozen members of the teenager's family packed into the court to watch the brief proceedings.... read more»





Travellers to be searched for pxxx
(from The Sydney Morning Herald at 20-5-2010)
Australian customs officers have been given new powers to search incoming travellers' laptops and mobile phones for pxxxography, a spokeswoman for the Australian sxx industry says. Fiona Patten, president of the Australian Sxx Party, is demanding an inquiry into why a new question appears on Incoming Passenger Cards asking people if they are carrying "pxxxography". Patten said officials now had an unfettered right to examine travellers' electronic devices, marking the beginning of a new era o... read more»





Almost 90% of parents worry about what kids share online
(from vancouversun at 20-5-2010)
Almost 90 per cent of Canadian parents are concerned with the amount of information their children share online, according to an Ipsos Reid survey released Wednesday. Raimund Genes, chief technology officer for Trend Micro, a cyber security company that commissioned the survey, said young people may not realize how wide the information they share can spread.... read more»





AusCert 2010: China set for net blackout on Tiananmen Square anniversary
(from Computer World at 20-5-2010)
The Chinese Government is set to terminate circumvention methods of its mandatory Internet filter ahead of the anniversary of the Tiananmen Square Massacre next month, according to the Tor Project founder. Tor is an anonymiser network used to bypass Internet filters, help cops catch criminals, and criminals elude cops. Its creator, Roger Dingledine, said the network needs volunteers around the world to offer their computers as traffic relays which will help obfuscate user identities and prote... read more»





Hacker 'stole $7m game code at tech show'
(from News at 20-5-2010)
A BOSTON man appeared in court today charged with trying to download the code of a soon-to-be released video game at a tech convention. Justin May, 20, of Delaware, was attending the March PAX East 2010 in Boston where he allegedly used his laptop to hack into an Xbox 360 Test Kit that was demonstrating the game Breach, and downloaded the code, WBZ reported. Breach, an unreleased game due out this northern summer worth $US6m ($7.1m), was being shown for the first time at the convention by Ato... read more»





Expert: Skype Worm No Cause for Panic
(from PCWorld at 20-5-2010)
Security research firm Bkis earlier this month warned of a vicious virus targeting both Skype and Yahoo! Messenger. BKIS said in a blog post the attack involved inserting malicious URLs into chat windows with sophisticated social engineering hooks. Each time, the messages sent have different contents, noted Bkis researchers. Examples include "Does my new hair style look good? bad? perfect?" "My printer is about to be thrown through a window if this pic wont come our right. You see anything wr... read more»





UK to get Diet Facebook
(from The Register at 20-5-2010)
Facebook Zero, the cut-down version of the social networking service that comes without data costs, has been launched in 45 countries with the UK to be added soon. Facebook Zero is a text-based version similar to the existing Facebook Mobile but with one key difference - users don't have to pay for the data used to access the service, until they click on a picture or video. That free data is only possible by arrangement with network operators, and only with network operators whose billing sy... read more»





WikiLeaks works to expose government secrets, but Web site's sources are a mystery
(from The Washington Post at 20-5-2010)
For an organization dedicated to exposing secrets, WikiLeaks keeps a close hold on its own affairs. Its Web site doesn't list a street address or phone number, or the names of key officers. Officially, it has no employees, headquarters or even a post office box. Yet, about 30 times a day, someone submits a sensitive document to this cyber-whistleblower to be posted online for all to see. Politicians' private e-mails, secret CIA reports, corporate memos, surveillance video -- all have been fa... read more»





2010 SCIP Latin American Summit Call for Proposals
(from Scip at 20-5-2010)
The Society of Competitive Intelligence Professionals (SCIP) and Informa present the 2nd Latin American Competitive Intelligence Summit, October 5-7, 2010 at the Grand Mercure Hotel in São Paulo, Brazil. The conference theme is CI with a Global Focus. SCIP continues to develop and provide educational programming and networking opportunities for its members all over the world. In an effort to appeal to the Latin American audience this Summit will feature one track. The 2010 Latin American Com... read more»





Pakistan court orders blocking of Facebook over Muhammad cartoon
(from Times Online at 20-5-2010)
Facebook was sucked into a growing row over Islam and freedom of speech yesterday after a Pakistani court ordered the site to be blocked over a page advertising a contest to draw cartoons of the Prophet Muhammad. Creators of the “Everybody Draw Mohammed Day” page, which invites users to send in caricatures, said that it was a response to Muslim bloggers who threatened people involved with the television show South Park for depicting the Prophet in a bear suit. The competition has infuriated m... read more»





VA ramps up enforcement of contractor data security
(from Goverment Health IT at 20-5-2010)
The Veterans Affairs Department will step up enforcement of its contractors to make certain that they meet information security requirements in protecting veterans’ personal health data. VA includes a clause in its contracts requiring information security safeguards, including encryption and policies limiting who can access personal data. But that is no guarantee that vendors follow through, said VA senior IT and procurement officials at a hearing May 19 of the House Veterans Affair Committee... read more»





Black duck eggs and other secrets of Chinese hackers
(from Network World at 20-5-2010)
Black duck eggs on the menu of a Chinese restaurant drew the suspicions of a security consultant reporting to renowned security expert Ira Winkler. The colleague, a former Russian security agent named Stan, was at a new Chinese restaurant in "the middle of nowhere" in the United States, but conspicuously near the R&D center of a Fortune 5 U.S. business. "That's an example of how they work," said Winkler, president of Internet Security Advisors Group, in a Web cast today hosted by the RSA. It ... read more»





Judge Permanently Shuts Down ISP Catering to Spam, Pxxx
(from Yahoo News at 20-5-2010)
A U.S. district court judge has ordered the permanent closure of an Internet service provider long accused of hosting and distributing spam, spyware, child pxxxography and other illegal content, at the request of the U.S. Federal Trade Commission.... read more»





Small ISPs to be exempt from net piracy measures?
(from NetworkWorld at 20-5-2010)
ISPs with less than 400,000 subscribers will not have to issue warning letters to customers accused of illegally downloading, under proposals from Ofcom. The watchdog is responsible for creating a code of practice for ISPs regarding the internet piracy measures set-out in the Act, which was passed by MPs last month.... read more»





Harris' new cyber center cloaked in secrecy
(from Washington Technology at 20-5-2010)
Harris Corp. is building what it calls the nation’s first cyber integration center to provide government and commercial customers with a specialized managed hosting service in a trusted environment. The new Harris Cyber Integration Center will be located in a recently acquired 140,000-square-foot facility in the mid-Atlantic region, according to a company announcement today.... read more»





House votes to expand national DNA arrest database
(from CNet at 20-5-2010)
Millions of Americans arrested for but not convicted of crimes will likely have their DNA forcibly extracted and added to a national database, according to a bill approved by the U.S. House of Representatives on Tuesday. By a 357 to 32 vote, the House approved legislation that will pay state governments to require DNA samples, which could mean drawing blood with a needle, from adults "arrested for" certain serious crimes. Not one Democrat voted against the database measure, which would hand o... read more»





Large collection of logins posted to Scribd.com
(from SunbeltBlog at 20-5-2010)
Scribd is a website that lets users share written content online, converting Powerpoint, PDFs and Word documents into web documents that can be viewed through sites such as Facebook and other social networking services. It was inevitable, then, that a scammer would decide to use such a service for foul means and “share” a little over 4,500 mail logins (mostly from .ru domains) in the form of a 77 page text document for anybody to download and plunder.... read more»





Malware and Search Warrant
(from circleID at 20-5-2010)
A recent decision from a federal district court addresses an issue I hadn't seen before: whether searching malware on the suspect's computer was outside the scope of the search warrant issued for that computer. It seems a narrow issue, and unfortunately the opinion issued in the case doesn't tell us a whole lot about what happened; but I thought the issue was worth writing about, if only to note that it arose. It arose in U.S. v. Kernell, 2010 WL 1491873 (U.S. District Court for the Eastern D... read more»





Police warn teens about Facebook
(from The Sydney Morning Herald at 20-5-2010)
Young people should be wary of unknown "friends" on social networking sites like Facebook and MSN, should lock their profiles and should think twice before posting photographs of themselves, after a young woman was allegedly murdered by a person she befriended online. They should ensure that only people they know are able to see their pictures and personal profile details such as their date of birth and school, Detective Superintendent Peter Crawford said. "I can see no reason why you would w... read more»





Large collection of logins posted to Scribd.com
(from SunbeltBlog at 20-5-2010)
Scribd is a website that lets users share written content online, converting Powerpoint, PDFs and Word documents into web documents that can be viewed through sites such as Facebook and other social networking services. It was inevitable, then, that a scammer would decide to use such a service for foul means and “share” a little over 4,500 mail logins (mostly from .ru domains) in the form of a 77 page text document for anybody to download and plunder. ... read more»





Daily Telegraph website hit by Canadian Pharmacy spammers
(from Sophos at 20-5-2010)
Spammers have created their own blogs on the website of one of the UK's leading newspapers, and stuffed them with adverts to purchase drugs from Canadian Pharmacy stores. A post by blogger Paul Carpenter, an SEO consultant, brought my attention to the problem which is affecting the website my.telegraph.co.uk.According to Paul, The Daily Telegraph was alerted to the problem of spammers clogging up its personal blogs some weeks ago, but sure enough when I visited this afternoon the problem was ... read more»





The message has to be the message
(from Andyitguy at 20-5-2010)
One of the problems with policy is that the intended message and the delivered message are often not the same. They then get approved and put into practice at work. That is where the problem often begins. Once they are approved they are ignored. Not always purposefully but inadvertently. Someone sends out a notice to let everyone know that a new or updated policy in now in place and that they should read and become familiar with it.... read more»





Call for Papers - The OpenOffice.org Community Celebrates Its Tenth Anniversary!
(from ooocon at 20-5-2010)
This year's meeting will be held in one of Europe's most beautiful cities, Budapest, Hungary, from August 31st - September 3rd, 2010. We hope you will join us in our celebration and conference! Whether you are a dedicated developer, a contributor of any measure, or just interested in the Project and its technology, such as the OpenDocument Format (ODF), we want to hear from you. Please note the conference language is English, and all presentations must be delivered in that language. We par... read more»





German Cybercrime Forum Hacked, Members Details Uploaded Onto File-sharing Networks
(from cyberinsecure at 20-5-2010)
Carders.cc, a German online forum dedicated to helping criminals trade and sell financial data stolen through hacking, has itself been hacked. The once-guarded contents of its servers are now being traded on public file-sharing networks, leading to the exposure of potentially identifying information on the forum’s users as well as countless passwords and credit card accounts swiped from unsuspecting victims. The breach involves at least three separate files being traded on Rapidshare.com: The... read more»





Best Buy tech finds 'child abuse' wallpaper on broken PC
(from hackingexpose at 20-5-2010)
A man allegedly caught using child abuse images as a desktop wallpaper faces a string of charges after he took in the malfunctioning machine for repair. Daniel J Wagner of Sheboygan, Wisconsin reportedly took the laptop into his local Best Buy store in order to clean up a malware infection around a fortnight ago. The technician who dealt with the repair called in the police after apparently discovering that images of child abuse were used as a desktop background. Other such images were all... read more»





ISP shuttered for hosting 'witches' brew' of spam, child pxxx
(from hackingexpose at 20-5-2010)
A federal judge has permanently pulled the plug on a California web hosting provider accused of harboring a "witches' brew" of pernicious content on behalf of child pxxxographers, spammers, and malware purveyors. San Jose, Californiabased 3FN.net, which also operated under the name Pricewert, was also ordered to liquidate all assets and surrender more than $1m in illegal profits. The ruling by US District Judge Ronald M. Whyte was in response to a complaint filed in June in which Federal Trad... read more»





Watch out the latest scam trends of 2010
(from 419legal at 20-5-2010)
Each year crime trends are reaching new heights . With changing time there is significant changes in crime technology pattern as Internet fraudsters are growing their roots with leading to critical scams and frauds as more and more people losing billions each day. Looking at glance to the latest scams and frauds in this year 2010 seems not very much cheering in terms of it’s ratios. Same way each day 419 legal doing it’s best part to update it’s readers all over the world to fight ,avoid a... read more»





Nigeria: Country Now 70 in World Cybercrime
(from Allafrica at 20-5-2010)
Its no cheery news anyway, that Nigeria now ranks 70 in the world on malicious attacks and cybercrime. This was the result of Symantec latest internet security threat report, volume XV, released last week. The report highlighted trends in cybercrime from January 1, 2009 to Dececember 31, 2009.... read more»





Microsoft Settles VirnetX Patent Case For $200 Million
(from ITPro Portal at 20-5-2010)
Software giant Microsoft has paid $200 million to settle two patent infringement lawsuits filed by network security software maker VirnetX. VirnetX claimed that Microsoft had used VirnetX's patented virtual private network (VPN) without procuring a licence from the company. The two companies settled their differences out of court, with Microsoft paying VirnetX $200 million to withdraw the two lawsuits and gain a licence to use VirnetX technology in its core software development process.... read more»





Microsoft Sues Salesforce Over Enterprise Software Patents
(from ITPro Portal at 20-5-2010)
Microsoft has filed a patent infringement lawsuit against enterprise software maker Salesforce.com, accusing it of using nine Microsoft patents in its products. The lawsuit intensifies an on-going war as the two software makers rush to carve a niche for themselves in the cloud-based 'software as a service' (SaaS) domain.... read more»





Google Told To Hand Over Wireless Network Data
(from ITPro Portal at 20-5-2010)
German regulators have told Google to hand over the hard drive containing private Wi-Fi data the search giant says collected "mistake", or face legal action. Data protection officer for Hamburg, Johannes Caspar, has given Google until 26 May to hand over the hard drive containing 600GB of data from wireless networks, gathered by cars taking photograhs for its Street View feature.... read more»





Wikipedia Founder Gives Up Some Rights After Pxxx Controversy
(from ITPro Portal at 20-5-2010)
Jimmy Wales has responded to the rumours that he has given up his editorial rights. Writing on his Twitter account that the Fox News story is nonsense he stated that he is "still actively editing, every single day" before adding that he is "not stepping down or pulling back from anything". He has however given up some of his editorial rights, as this Wikimedia page confirms.... read more»





YouTube Hits Two Billion Viewers
(from ITPro Portal at 20-5-2010)
Popular online video sharing website YouTube has been receiving two billion hits a day, according to its parent company, the search engine Google. Google said the website registers more than double the prime-time viewing figures for three of the major US television networks combined.... read more»





Pakistan Court Orders Temporary Facebook Ban Over Prophet Caricatures
(from TechCrunch at 19-5-2010)
A Pakistani court this morning ordered authorities to temporarily block social networking service Facebook over a competition encouraging users to publish caricatures of the Prophet Mohammed on the site. The Facebook group “Everybody Draw Mohammed Day!” has generated heaps of criticism in the predominantly Muslim Islamic Republic of Pakistan – Muslims faithfuls set up online campaigns and other protests to grab the attention of the authorities.... read more»





Federal agencies have a window of opportunity to move on continuous monitoring
(from securityarchitecture at 19-5-2010)
The call now seems to coming from all sides that federal government agencies need to fully embrace risk-based approaches to information security and move towards continuous monitoring and enterprise situational awareness. OMB, in coordination with the Departments of Justice and Homeland Security, is pushing executive agencies to change the way they report security program information under FISMA, first by going to online submission via Cyberscope, and then moving to monthly reporting as a st... read more»





'Indiana Deputy AG warns seniors of ‘grandma scams’'
(from TribStar at 19-5-2010)
Senior citizens should beware of one of the more popular scams being perpetrated against them these days. It’s called the “grandma scam” and it involves a telephone call from an unknown person claiming that the senior citizen’s grandchild has been arrested out of state and needs bail money. An alternate story is that the grandchild has been in a terrible accident and needs money for emergency medical treatment.... read more»





Lawmaker: Pressing Need for Cybersecurity Law
(from Government Information Security at 19-5-2010)
Rep. Michael McCaul thinks many of his colleagues don't grasp the urgent needed for Congress to enact cybersecurity legislation sooner than later. Creating an Office of Cyberspace within the White House that's answerable to Congress would provide the leadership urgently needed to help combat the cyber threats to the government's and nation's critical information systems, said McCaul, who represents the Austin area. A lot of people don't understand the issue very well, but whether it's es... read more»





Dasient Helps Publishers Stop Malicious Ads
(from hostexploit at 19-5-2010)
Dasient, a Palo Alto, Calif.-based security start-up, on Tuesday introduced a new service to protect publishers and advertising networks from malicious online ads. Malicious online advertising, or malvertising, involves the insertion of infected ad files into ad networks. Viewers of the malicious ads are at risk of having their computers compromised by a drive-by-downloads or of being presented with a fake antivirus scam. Malvertising compounds the problems of Malware -- identity theft, fr... read more»





UK enterprises in danger of facing next ‘data breach’ crisis
(from hostexploit at 19-5-2010)
Recommind, the leader in search-powered Information Risk Management (IRM) software for enterprises and law firms, today announced the results of its information risk research*, revealing a stark disconnect between organizations’ awareness of the risks associated with electronically stored information (ESI) and their ability to address the situation with adequate budget. Many organizations recognize the challenges that they face in the here and now – however, the research shows that most still ar... read more»





Network watchdog warns of malicious websites surge
(from hostexploit at 19-5-2010)
China National Computer Network Emergency Technical Team (CNCERT) has alerted Chinese netizens that websites containing malicious software showed a sudden increase last week. There were 5,087 IP addresses connected to servers in the Chinese mainland that were controlled by Trojan horse viruses last week, up 12 percent from the previous week, according to a network security weekly report released by the CNCERT. The report said that more than 100 domain names registered in Poland with the su... read more»





Credit card criminal forum hacked
(from hostexploit at 19-5-2010)
Carders.cc, a German web forum devoted to the black market trading of stolen credit card details, has been hacked, and the entire contents of the site leaked. Whoever compromised the site has published a 100MB SQL dump of the forum's database, alongside a text file containing the email addresses of all of its users. The SQL dump appears to include not only the contents of the public forum, but also the private messages passed between members. Some IP addresses also appear to have been logg... read more»





Data stolen from NADRA office in Karachi
(from DailyTimes at 19-5-2010)
Unidentified men broke into the premises of the National Database and Registration Authority (NADRA) office at the Shah Faisal Colony in Karachi and stole some very important data, a private television channel reported on Monday. According to the channel, the thieves had sneaked into the NADRA office through a window and stole some computers, hard disks and significant documents. The local police have registered a case and started investigations. daily times monitor.... read more»





Four Kids From South Florida Led the World's Biggest Online Identity Heist
(from browardpalmbeach at 19-5-2010)
Andres Torres was dozing on a couch with the blinds drawn when he heard a chorus of boots pounding the stairs. The pudgy retiree with a fringe of white hair hobbled toward the door just as quiet settled over the yellow building of one-bedroom condos. In the distance, cars hummed off the Palmetto Expressway and onto Bird Road.... read more»





2 men face over 130 identity theft charges each
(from heraldtribune at 19-5-2010)
A traffic stop in Tampa has lead to the arrest of two men who forged documents using public jail inmate data. Police say 21-year-old Bobby Wilson Jr. and 24-year-old Sebastian Leonard face over 130 charges each of identity theft, including fraudulent use of personal information and obtaining credit cards by fraudulent means. Wilson is being held in the Hillsborough County Jail Tuesday. Leonard was in the Polk County Jail on an unrelated charge.... read more»





Is it a crime to get angry online?
(from nzherald at 19-5-2010)
About 10 years ago my then-wife left me for one of my best friends, which wasn't a cause for wild celebration. In fact, it altered my plans so radically that, in a very public place, I threatened to kill him. I suspect that he didn't take the threat too seriously, firstly because I'm a fairly placid and rather squeamish bloke with an aversion to guns and ammo, but mainly because of the context.... read more»





Shock at Sydney teenager's 'Facebook murder'
(from BBC at 19-5-2010)
Thousands of people have paid tribute on Facebook to an Australian teenager allegedly lured to her death by a man she met on the social networking site. The body of Nona Belomesoff was found two days after she went on a trip with the man, who told her they were going to rescue injured animals, police say. A 20-year-old man has been charged with Ms Belomesoff's murder at a creek south of Sydney.... read more»





Survey: Gov't agencies use unsafe methods to transfer files
(from ComputerWorld at 19-5-2010)
Employees at many US government agencies are using insecure methods, including personal email accounts, to transfer large files, often in violation of agency policy, according to a survey released recently. Fifty-two percent of the respondents to the survey, of 200 federal IT and information security professionals, said employees at their agencies used personal email to transfer files within their agencies or to other agencies.... read more»





Beware of Hackers Controlling Your Automobile
(from Physorg at 19-5-2010)
The researchers focused their attacks of the automobile’s ECUs which are located all over a vehicle and control the workings of many car components. The hackers created software called ‘CarShark’ to monitor communications between the ECUs and used fake packets of data to carry out the attack. Access to the automobile’s computer system was done through the computer’s access port that is standard among cars and used by mechanics to diagnose car’s performance before servicing.... read more»





When Is a Cyber Attack an Act of Cyber War?
(from hostexploit at 19-5-2010)
Is there an undeclared war raging in cyberspace? Does apparently politically-motivated, possibly state-sponsored hacking in recent years constitute acts of war? The attacks on Google and others in China last year, on Georgian and Estonian targets two years ago, on the Tibetan government in exile as reported in the recent Shadows In The Cloud report—are they Cyberwarfare, or something else?... read more»





Flood of malware levels out in the first quarter
(from v3.co.uk at 19-5-2010)
The growth of malware seems to be levelling out somewhat, according to the latest figures from security vendor McAfee, although firms still need to be wary of USB-based infections and fake anti-virus scams. McAfee's Q1 2010 Threat Report (PDF) identified a year-on-year drop of around 500,000 pieces of malware to roughly 3.75 million. "The first-quarter results suggest that overall growth has levelled off, but we anticipate that we're on track to catalogue at least as much malware in 2010 a... read more»





Russian Anti-Spam Advisor Accused of Spamming
(from Slashdot at 19-5-2010)
Keith noted that Krebs has an interesting story on a Russian businessman being accused of running a spam ring while serving as an anti-spam adviser to the Russian government. It's a strange tale including an investigation in 2007 that was abandoned when the chief investigator was actually hired to work for the spammer. Not suspicious at all, no way.... read more»





Electronic Frontier Foundation knocks web browser privacy
(from TechWorld at 19-5-2010)
Even without cookies, popular browsers such as Internet Explorer and Firefox give web sites enough information to get a unique picture of their visitors about 94 percent of the time, according to research compiled over the past few months by the Electronic Frontier Foundation.... read more»





FTC Targets Privacy Concerns Related to Copy Machines
(from CIO at 19-5-2010)
The U.S. Federal Trade Commission has begun contacting copy machine makers, resellers and office-supply stores about privacy concerns over the thousands of images that can potentially be stored on the machines' hard drives. FTC Chairman Jon Leibowitz, in a letter to U.S. Representative Ed Markey, said the agency has been working to alert copy machine manufacturers and sellers of the privacy risks of the information that many copy machines store on their hard drives. The FTC is trying to "dete... read more»





Hong Kong man jailed for role in 10-million-US-dollar scam
(from hostexploit at 19-5-2010)
A former policeman in Hong Kong began a four-year jail sentence Tuesday for his part in a global scam in which 10 million US dollars was stolen using cloned credit cards. Cheung Hoi-wing, 40, was recruited as one of five Hong Kong "cashers" in the international plot masterminded by a gang of Russian and Eastern European computer hackers in November 2008, a Hong Kong court was told. The cashers stole 4.2 million Hong Kong dollars (538,000 US dollars) from Hong Kong branches of RBS WorldPay,... read more»





Indian cyber offensive against hacking poor: Experts
(from expressindia at 19-5-2010)
India has to step up on its cyber offensive to match Chinese and Pakistani hackers breaching the Indian cyber networks, says Ankit Fadia, the man who made his name as India's youngest and first certified ethical hacker. "The Indian intelligence and military agencies regularly use Indian hackers to carry out counter offensives. However, the quantum of such work being carried out here is a lot less than it is in countries such as China and Pakistan," says Fadia.... read more»





Man charged with attack on Web site of Fox News' Bill O'Reilly
(from ComputerWorld at 19-5-2010)
Federal prosecutors have charged a 22-year-old Bellevue, Ohio, man with launching a series of Internet attacks against conservative Web sites, including those of Bill O'Reilly, Ann Coulter and Rudy Giuliani. According to court filings, Mitchell Frost launched the distributed denial of service attacks from a 'botnet' network of hacked computers he controlled between March 7 and March 12, 2007. Frost is also accused of using his botnet to steal information including usernames, passwords and cre... read more»





Cyber Challenge: 10,000 security warriors wanted
(from Government Computer News at 19-5-2010)
Karen Evans understands the need for online security — and for people who really know how to implement it properly. Evans, who spent 28 years with the federal government in the Office of Management and Budget as administrator for e-government and information technology and chief information officer for the Department of Energy, among other positions, was in charge of a project during the Bill Clinton administration to bring Internet access to the Department of Justice.... read more»





Your Web browser's fingerprints can betray you, study finds
(from Government Computer News at 19-5-2010)
Browsers have fingerprints, too, which means that Web sites could be able to identify and track visitors even without the use of cookies or super cookies, according to a recent study by the Electronic Frontier Foundation. EFF set up a test site for what it calls its Panopticlick project and invited people to take part. Of the 470,161 visitors who did, 83.6 percent of the browsers had a unique fingerprint, EFF’s report said. And 94.2 percent of the browsers with Flash or Java installed were id... read more»





Public Blocklists of Suspected Malicious IPs and URLs
(from Zeltser at 19-5-2010)
Several organizations maintain and publish blocklists (a.k.a blacklists) of IP addresses and URLs of systems and networks suspected in malicious activities on-line. Here are the publicly-available lists: ATLAS from Arbor Networks: Free; registration required by contacting Arbor CLEAN-MX Realtime Database: Free; XML output available CYMRU Bogon List: Free... read more»





New Microsoft initiative will use computing to attack global problems like volcanoes and oil spills
(from TechRepublic at 19-5-2010)
On Monday, Microsoft announced a new focus on high-end distributed computing to help solve global problems and serve as a testbed for Microsoft’s cloud OS. The program is called the Technical Computing initiative and it was announced via email from Bob Muglia, the president of Microsoft’s server group.... read more»





Research: 1.3 million malicious ads viewed daily
(from ZDNet at 19-5-2010)
New research released by Dasient indicates that based on their sample, 1.3 million malicious ads are viewed per day, with 59 percent of them representing drive-by downloads, followed by 41 percent of fake security software also known as scareware. The attack vector, known as malvertising, has been increasingly trending as a tactic of choice for numerous malicious attackers, due to the wide reach of the campaign once they manage to trick a legitimate publisher into accepting it.... read more»





Pakistan court orders Facebook ban
(from Aljazeera at 19-5-2010)
A Pakistani court has issued a ban on the social networking site Facebook after a user-generated contest page encourged members to post caricatures of Prophet Mohammed. The Lahore High Court on Wednesday instructed the Pakistani Telecommunications Authority (PTA) to ban the site after the Islamic Lawyers Movement complained that a page called “Draw Mohammed Day” is blasphemous....read more»





FSA contacts 38,000 people to warn them they are targets of boiler room share fraudsters
(from FSA at 19-5-2010)
The Financial Services Authority (FSA) is contacting more than 38,000 people across the UK to warn them that they could be the target of share fraud after it recovered a master list used by boiler room fraudsters. The list contains the names and addresses of 38,242 people who the FSA believes may be contacted out of the blue and offered worthless shares. The greatest concentrations of targets are based largely in London and the South East, but there are significant numbers present in Yorkshir... read more»





Report: Canada vulnerable to cyberattack
(from United Press International at 19-5-2010)
Canadian government, college and industry computers are increasingly vulnerable to cyberattack, federal authorities said. Cyberattacks via social networking sites have grown "substantially" in Canada, said a censored report from Canada's Security Intelligence Service. The Canadian government needs to act now or risk being targeted by computer hackers who use social networking services to steal government, academic and corporate information, said the report obtained by the Canadian Broadcas... read more»





Microsoft to share vulnerability details with governments
(from ZDNet at 19-5-2010)
Microsoft today announced plans to share pre-patch details on software vulnerabilities with governments around the world under a new program aimed at securing critical infrastructure and government assets from hacker attacks. The program, codenamed Omega, features a Defensive Information Sharing Program (DISP) will offer governments entities at the national level with technical information on vulnerabilities that are being updated in our products.... read more»





Google’s Personal Wi-Fi Data Debacle Unravels
(from Softpedia at 19-5-2010)
As expected, the ramifications of Google’s admission of collecting personal data with its Street View cars are beginning to unfold. The company has already started destroying the data at the request and with the cooperation of regulators, but is facing increased scrutiny and, it has to be said, rhetoric, especially in Germany, a country where Google has been having this kind of problems for a while.... read more»





UK becoming more Internet security savvy
(from techwatch at 19-5-2010)
Ofcom’s latest adult media literacy report has revealed some interesting information about the growth of net security awareness in the UK. Back in 2007, less than half (48%) of adults kept social networking profiles so only friends could view them. Now that number has reached 80%, a clear majority who are aware of the necessity of protecting your personal details online. The flip side of this is that nearly a quarter (23%) of people still aren’t confident about installing security measures... read more»





Indian cyber offensive against hacking poor, say experts
(from The Economic Times at 19-5-2010)
India has to step up on its cyber offensive to match Chinese and Pakistani hackers breaching the Indian cyber networks, says Ankit Fadia, the man who made his name as India's youngest and first certified ethical hacker. "The Indian intelligence and military agencies regularly use Indian hackers to carry out counter offensives. However, the quantum of such work being carried out here is a lot less than it is in countries such as China and Pakistan," says Fadia.... read more»





Britons spend more than 'one day a month online'
(from BBC at 19-5-2010)
British web users are spending 65% more time online than three years ago, according to research of net habits. The average surfer spends 22 hours and 15 minutes on the net each month, according to the UK Online Measurement company (UKOM). The lion's share of that time is spent on social networks or blogs, which accounts for nearly a quarter of users' time online. Instant messaging (IM) has been one of the victims of social network growth.... read more»





Transport website leaking private information of 168,000 passengers
(from Sophos at 19-5-2010)
A hacker called "ins3ct3d" has demonstrated that he can access the personal information of 168,000 users of public transport in The Netherlands via an insecure website. A campaign to encourage residents living in the provinces of Gelderland, Overijssel and Flevoland to use public transport has been promoting a website called "Experience the OV" at www.ervaarhetov.nl, which allows people to request a card allowing them to try out public transport travel for free.... read more»





EFF: More than 80% of browsers have trackable signatures
(from h-online at 19-5-2010)
According to new research by the Electronic Frontier Foundation (EFF) citizens' rights organisation, more than 80% of web browsers have unique configuration signatures which can be tracked. The organisation says its latest findings show that "an overwhelming majority of web browsers have unique signatures – creating identifiable 'fingerprints' that could be used to track you as you surf the Internet."... read more»





U.K. officials ask Google to delete Wi-Fi data
(from CNet at 19-5-2010)
The fallout from Google's Wi-Fi data collection gaffe continues, with the U.K. government ordering it to destroy personal data collected through the Street View project. The Information Commission's Office in the U.K. issued the order Tuesday, according to the Guardian, following Google's disclosure Friday that it had inadvertently collected personal data from Wi-Fi hot spots as part of its Street View mapping project. Google has said that it collected random packets of Internet traffic sent ... read more»







FTC Investigating Privacy Risks of Digital Copiers
(from EWeek at 19-5-2010)
Beyond simply mailing educational material to businesses, the FTC is now looking deeper into the problem of personal documents retained in public copiers and is working with industry manufacturers and service vendors to close off worrisome security gaps in this sector. Each time you use a digital copier, you may be storing documents or photos into a hard drive that potentially can be accessed by identity thieves who can use the information for criminal financial gain.... read more»
Reblog this post [with Zemanta]

Disqus for ePayment News