Hacktivists protest Gaza blockade
From theregister.co.uk

The Jewish Chronicle website was defaced over the weekend by hackers calling themselves the "Palestinian Mujaheeds" who posted a rant against Israel's blockade of the Gaza Strip.
Hackers posted an image of the Palestinian flag alongside diatribes against Israeli security policy in both English and Turkish. Story is Here.
 

Aintitcool.com attack isn't cool.

Hackers exploited a vulnerability on Ain't It Cool News that redirected anyone visiting the movie review site to a server containing a malicious Adobe Reader .PDF file.

The attack targeted a vulnerable PHP script on one of AICN's servers that automatically appended the malicious link to banner ads served on the website. As a result, anyone visiting the website was silently redirected to speedconnection .cn (china) which served a malicious file named annonce.pdf.

The booby-trapped PDF exploited two vulnerabilities in Adobe .PDF Reader. When the file is opened by unpatched older versions of Reader, it launches malicious shell code that hijacks the machine. Only 12 of the 41 major anti-virus programs currently detect the trojan, according to this VirusTotal analysis.

----  Advice from BarryZ:
1.  Keep the software up to date on your computer.
2.  Use the SafeSpace software to eliminate possible attacks.

Waikato District Health Board has been crippled by the Conficker computer worm which has caused all 3,000 PCs in the organization to be shut down. DHB technicians were working on a computer upgrade overnight when things started to go awry. "About 2am they noticed there were some issues with the computers. By 4am they realized a computer virus had got into our whole system:   More details at NZHerald

Iraqi militants are intercepting sensitive video feeds from US predator drones using $26 off-the-shelf software, and the same technique leaves feeds from most military aircraft vulnerable to snooping, according to published reports.  Story is here.

Stolen bank data mixed into list of French tax dodgers
Swiss bank IT worker turned gov informant under protection
From theregister.co.uk

The legality of a French crackdown on suspected tax evaders earlier this year has been thrown into doubt after it emerged that stolen data was among the mix of information used by financial investigators.
A list of 3,000 French nationals suspected of using Swiss banking secrecy to evade paying taxes included data handed over
View the News Article

'Extremely large volumes' siphoned

The Chinese government is stepping up efforts to steal valuable information from high-technology companies in other countries, according to a congressional advisory panel, which detailed one operation that siphoned "extremely large volumes" of sensitive data.
Story here.
 

RSA Europe 2009: White hats get proactive on e-crime

The FBI and the UK's Serious and Organised Crime Agency have drawn up a program for dismantling and disrupting cybercrime operations. The effort relies on a better understanding of the business models of carders, malware authors and hacker groups which have increasingly come to resemble those of legitimate businesses.
Story here.

 

Story from ComputerWorld

http://www.theregister.co.uk/2009/03/20/call_centre_credit_card_fraud/
Story from theRegister

Former FBI agent Mark Rossini was sentenced to one year of probation for
using agency computers to search for information about a Hollywood
wiretapping case in which he was not involved.  Rossini admitted that
he gave the information to a woman he was dating who then gave it to an
attorney for Anthony Pellicano, a private investigator who is presently
serving a 15-year sentence for wiretapping celebrities' phones for
clients.  Rossini pleaded guilty to five counts of criminal computer
access late last year.   He also faces fines amounting to US $5,000.
http://www.nextgov.com/nextgov/ng_20090514_8408.php

[Editor's Note : The problem with a hand-slap type sentence at a time when the government is increasing access to private data about citizens, is that it sends the wrong signal. It needs to be clear that abusing lawful access is wrong. And the government needs to implement role-based access control.  Far too often, if you have access, you have access to everything.]
Consider moving your website to 1USA for better security and access control.

A Pentagon official has been charged with espionage conspiracy for
allegedly leaking confidential documents to a Chinese government
operative.  James Wilbur Fondren Jr. has been on administrative leave
from his job as Deputy Director, Washington Liaison Office, US Pacific
Command (PACOM) since February 2008.  Fondren was allegedly able to
access the sensitive information through his security clearance.  If he
is convicted of the charges against him, he could face five years in
prison and a fine of US $250,000.
http://www.nextgov.com/nextgov/ng_20090514_7707.php
http://www.scmagazineus.com/Defense-Department-insider-charged-with-espionage/article/136743/
http://www.usdoj.gov/opa/pr/2009/May/09-nsd-469.html

Note : Limiting access rights based on roles is essential.  Host your website at 1USA.

A US Department of Homeland Security official has acknowledged a
security breach of the platform the department uses to share sensitive,
unclassified information with state and local authorities.  Chief
Information Officer for DHS Office of Operations Coordination and
Planning Harry McDavid said that the US Computer Emergency Readiness
Team detected two intrusions into the Homeland Security Information
Network: one in March and one in April.  The intruders managed to gain
access to the system through an account belonging to a federal employee
or contractor.
http://fcw.com/Articles/2009/05/13/Web-DHS-HSIN-intrusion-hack.aspx

[Note: The new secretary of the Department of
Energy, Steven Chu, was recently quoted as saying "well-meaning people"
in the chief information officer's office and in the procurement and
finance offices "whose job it is to protect the Department of Energy"
actually hinder what the department can do." I hope he looks at this DHS
incident to make sure that DoE increases, vs. decreases, building
security into its systems and applications.

Highly targeted "whaling" emails single out corporate managers trick more than 15,000 recipients in 15 months into believing they were legitimate. The low-volume scams are attractive to fraudsters because they go after high-worth individuals who have higher levels of access to their corporate data.  http://www.theregister.co.uk/2009/05/14/steve_jobs_amazon_account/

http://www.vnunet.com/articles/print/2241609

To keep up on the threats to your computer, please take a look at the current  threats at http://isc.sans.org/newssummary.html

The Vancouver security researcher who recently won a hacking contest by breaking into a fully patched MacBook in a few seconds tells us that Apple's Safari is the easiest browser to break into - especially on a Mac.
He says IE 8, Firefox and Chrome are hard to exploit, but leaves no doubt that it can be done - so regardless of which browser you use, it's still important to practice safe surfing habits.

Home Office rapped over data-protection breach
http://news.zdnet.co.uk/itmanagement/0,1000000308,39600671,00.htm
Story from ZDNet

A routine security audit found a piece of Malware on their servers.
Full story:  http://www.theregister.co.uk/2009/01/20/heartland_payment_breach/

Hacktivists protest Gaza blockade
From theregister.co.uk

The Jewish Chronicle website was defaced over the weekend by hackers calling themselves the "Palestinian Mujaheeds" who posted a rant against Israel's blockade of the Gaza Strip.
Hackers posted an image of the Palestinian flag alongside diatribes against Israeli security policy in both English and Turkish. Story is Here.
 

Aintitcool.com attack isn't cool.

Hackers exploited a vulnerability on Ain't It Cool News that redirected anyone visiting the movie review site to a server containing a malicious Adobe Reader .PDF file.

The attack targeted a vulnerable PHP script on one of AICN's servers that automatically appended the malicious link to banner ads served on the website. As a result, anyone visiting the website was silently redirected to speedconnection .cn (china) which served a malicious file named annonce.pdf.

The booby-trapped PDF exploited two vulnerabilities in Adobe .PDF Reader. When the file is opened by unpatched older versions of Reader, it launches malicious shell code that hijacks the machine. Only 12 of the 41 major anti-virus programs currently detect the trojan, according to this VirusTotal analysis.

----  Advice from BarryZ:
1.  Keep the software up to date on your computer.
2.  Use the SafeSpace software to eliminate possible attacks.

Waikato District Health Board has been crippled by the Conficker computer worm which has caused all 3,000 PCs in the organization to be shut down. DHB technicians were working on a computer upgrade overnight when things started to go awry. "About 2am they noticed there were some issues with the computers. By 4am they realized a computer virus had got into our whole system:   More details at NZHerald

Iraqi militants are intercepting sensitive video feeds from US predator drones using $26 off-the-shelf software, and the same technique leaves feeds from most military aircraft vulnerable to snooping, according to published reports.  Story is here.

Stolen bank data mixed into list of French tax dodgers
Swiss bank IT worker turned gov informant under protection
From theregister.co.uk

The legality of a French crackdown on suspected tax evaders earlier this year has been thrown into doubt after it emerged that stolen data was among the mix of information used by financial investigators.
A list of 3,000 French nationals suspected of using Swiss banking secrecy to evade paying taxes included data handed over
View the News Article

'Extremely large volumes' siphoned

The Chinese government is stepping up efforts to steal valuable information from high-technology companies in other countries, according to a congressional advisory panel, which detailed one operation that siphoned "extremely large volumes" of sensitive data.
Story here.
 

RSA Europe 2009: White hats get proactive on e-crime

The FBI and the UK's Serious and Organised Crime Agency have drawn up a program for dismantling and disrupting cybercrime operations. The effort relies on a better understanding of the business models of carders, malware authors and hacker groups which have increasingly come to resemble those of legitimate businesses.
Story here.

 

Story from ComputerWorld

http://www.theregister.co.uk/2009/03/20/call_centre_credit_card_fraud/
Story from theRegister

Former FBI agent Mark Rossini was sentenced to one year of probation for
using agency computers to search for information about a Hollywood
wiretapping case in which he was not involved.  Rossini admitted that
he gave the information to a woman he was dating who then gave it to an
attorney for Anthony Pellicano, a private investigator who is presently
serving a 15-year sentence for wiretapping celebrities' phones for
clients.  Rossini pleaded guilty to five counts of criminal computer
access late last year.   He also faces fines amounting to US $5,000.
http://www.nextgov.com/nextgov/ng_20090514_8408.php

[Editor's Note : The problem with a hand-slap type sentence at a time when the government is increasing access to private data about citizens, is that it sends the wrong signal. It needs to be clear that abusing lawful access is wrong. And the government needs to implement role-based access control.  Far too often, if you have access, you have access to everything.]
Consider moving your website to 1USA for better security and access control.

A Pentagon official has been charged with espionage conspiracy for
allegedly leaking confidential documents to a Chinese government
operative.  James Wilbur Fondren Jr. has been on administrative leave
from his job as Deputy Director, Washington Liaison Office, US Pacific
Command (PACOM) since February 2008.  Fondren was allegedly able to
access the sensitive information through his security clearance.  If he
is convicted of the charges against him, he could face five years in
prison and a fine of US $250,000.
http://www.nextgov.com/nextgov/ng_20090514_7707.php
http://www.scmagazineus.com/Defense-Department-insider-charged-with-espionage/article/136743/
http://www.usdoj.gov/opa/pr/2009/May/09-nsd-469.html

Note : Limiting access rights based on roles is essential.  Host your website at 1USA.

A US Department of Homeland Security official has acknowledged a
security breach of the platform the department uses to share sensitive,
unclassified information with state and local authorities.  Chief
Information Officer for DHS Office of Operations Coordination and
Planning Harry McDavid said that the US Computer Emergency Readiness
Team detected two intrusions into the Homeland Security Information
Network: one in March and one in April.  The intruders managed to gain
access to the system through an account belonging to a federal employee
or contractor.
http://fcw.com/Articles/2009/05/13/Web-DHS-HSIN-intrusion-hack.aspx

[Note: The new secretary of the Department of
Energy, Steven Chu, was recently quoted as saying "well-meaning people"
in the chief information officer's office and in the procurement and
finance offices "whose job it is to protect the Department of Energy"
actually hinder what the department can do." I hope he looks at this DHS
incident to make sure that DoE increases, vs. decreases, building
security into its systems and applications.

Highly targeted "whaling" emails single out corporate managers trick more than 15,000 recipients in 15 months into believing they were legitimate. The low-volume scams are attractive to fraudsters because they go after high-worth individuals who have higher levels of access to their corporate data.  http://www.theregister.co.uk/2009/05/14/steve_jobs_amazon_account/

http://www.vnunet.com/articles/print/2241609

To keep up on the threats to your computer, please take a look at the current  threats at http://isc.sans.org/newssummary.html

The Vancouver security researcher who recently won a hacking contest by breaking into a fully patched MacBook in a few seconds tells us that Apple's Safari is the easiest browser to break into - especially on a Mac.
He says IE 8, Firefox and Chrome are hard to exploit, but leaves no doubt that it can be done - so regardless of which browser you use, it's still important to practice safe surfing habits.

Home Office rapped over data-protection breach
http://news.zdnet.co.uk/itmanagement/0,1000000308,39600671,00.htm
Story from ZDNet

A routine security audit found a piece of Malware on their servers.
Full story:  http://www.theregister.co.uk/2009/01/20/heartland_payment_breach/