We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
Malicious hackers have fitted rootkit features into the newest mutants of the Bagle worm, adding a stealthy new danger to an already virulent threat. According to virus hunters at F-Secure, of Helsinki, Finland, the latest Bagle.GE variant loads a kernel-mode driver to hide the processes and registry keys of itself and other Bagle-related malware from security scanners.
In the second attack of its kind in the past few days, Domain Name System (DNS) servers at Network Solutions Inc. were hit by a denial-of-service attack this afternoon, resulting in a brief performance degradation for customers, according to the company. The attacks, which started at around 2:20 p.m. EST, were targeted at the company’s WorldNIC name servers and resulted in a service degradation for about 25 minutes before the server was restored to normal, a spokeswoman for the company said.
Domain-name registrar Joker.com acknowledged this weekend that distributed denial-of-service attacks had caused numerous problems for customers that use its domain-name service (DNS) servers to advertise the Internet addresses of their domains.
A married couple accused of using computer worms to conduct industrial espionage has received jail terms of four and two years after pleading guilty in an Israeli court. Ruth Brier-Haephrati, 28, and her husband Michael Haephrati, 44, were also ordered to pay damages of two million shekels (£245,000) to their victims.
Ernst & Young has lost another laptop containing the social security numbers and other personal information of its clients' employees. This time, the incident puts thousands of IBM workers at risk. Ex-IBM employees are also affected. The Register has learned that the laptop was stolen from an Ernst & Young employee's car in January. The employee handled some of the tax functions Ernst & Young does for IBM workers who have been stationed overseas at one time or another during their careers. As a result of the theft, the names, dates of birth, genders, family sizes, SSNs and tax identifiers for IBM employees have been exposed.
In the middle of February, Time Magazine ran a great article on Cyberinsurance or "Shock Absorbers", and I feel this future trend deserves a couple of comments, from the article: "As companies grow more dependent on the Internet to conduct business, they have been driving the growing demand for cyber insurance. Written premiums have climbed from $100 million in 2003 to $200 million in 2005, according to Aon Financial Services Group ...
The attraction of computer-based crime is obvious. Twenty years ago corporate spies would find it difficult to steal the entire contents of a filing cabinet, but today they can take far more by slipping a disc into their pocket or e-mailing data to an online electronic swag bag. It is much easier to steal, leak, manipulate or destroy electronic data. But just as in the physical world, cyber-criminals leave their electronic fingerprints all over a digital crime scene.
A Trojan making the rounds encrypts victims' files and demands a $300 payment to have them decrypted and unlocked, according to a report by security firm Lurhq Threat Intelligence Group. This so-called "ransomware" Trojan, dubbed Cryzip, is the second of its type to emerge in the past 10 months, following the PGPcoder Trojan. It also is the third such Trojan to appear since 1989.
I've recently stumbled upon an interesting behaviour of some Linux kernels that may be exploited by a remote attacker to abuse the ID field of IP packets, effectively bypassing the zero IP ID in DF packets countermeasure implemented since 2.4.8 (IIRC).
Cyber criminals are stepping up smaller, more targeted attacks as they seek to avoid detection and reap bigger profits by stealing personal and financial information, according to a report issued Monday. Symantec's Internet Security Threat report said during the second half of 2005 attackers continued to move away from broad attacks seeking to breach firewalls and routers and are now taking aim at the desktop and Web applications.
Gary McKinnon began the next stage in his fight against extradition to the US to face charges of hacking US Army, Navy, Air Force and NASA computers on Tuesday. The British hacker is facing extradition to the US on charges of hacking and causing damage to US defence sites. If found guilty he could face over $1m in fines and 60 years in jail.
In our news story published on 2 February 2006 entitled "Millionaire charged over hacking affair" we reported that Matthew Mellon, the well-known member of the Mellon family and successful businessman, had been arrested and charged in connection with allegations of phone tapping and illegal access to NHS systems and private medical records for the purpose of blackmailing famous individuals over controversial medical records.
It finally happened. We had a security breach that could have severe ramifications for a state agency. I was packing up to leave on a Friday when the webmaster came into my office and shut the door behind him. It was unusual for him to be in the office so late, and he looked particularly nervous. So I took off my coat, set down my briefcase and sat down. He refused the chair I offered him. "OK, what's going on?" I asked.
Vital US infrastructure including power grids and banking systems have been put under simulated attack in a week-long security exercise called Cyber Storm. The war game drew in 115 agencies from the FBI and CIA to the Red Cross, the Department of Homeland Security said. IT companies and state and foreign governments also played a role in responding to the mock attacks.
One day last year, things started going haywire at Northwest Hospital and Medical Center. Key cards would no longer open the operating-room doors; computers in the intensive-care unit shut down; doctors' pagers wouldn't work. This might have been just another computer-virus attack, a common and malicious scheme that sometimes is done for little more than bragging rights. But federal officials say it was something far more insidious.
All laptop computers at Hodgkins Middle School have been seized after students' passwords were circulated, officials said. Students using the passwords could obtain access to other students' work but they did not gain access to anything that would have allowed them to alter grades or otherwise hack into the school's network, said Principal Jeff Boston. "We decided to lock them up until tech support can fix the issue. I don't believe anyone hacked anything," Boston said.
Russian scammers used key logging Trojans to steal more than a €1m from French people accessing online bank accounts. The Trojans were sent by email but were not activated until people accessed their online bank accounts. Then the Trojan forwarded on user names and passwords to the crooks.
A Spanish hacker who launched a denial of service attack that hobbled the net connections of an estimated three million users has been jailed for two years and fined €1.4m. Santiago Garrido, 26, (AKA Ronnie and Mike25) launched the attack using a computer worm in retaliation for been banned from the popular "Hispano" IRC chat room for breaking its rules.
Two Massachusetts papers - the Boston Globe and the Worcester Telegram & Gazette - have apologised after exposing the credit card details of up to 240,000 subscribers. Most of those affected were Globe readers. Information security breaches by major US corporations are becoming an almost weekly event but the breach involving the two papers, both part of the The New England Media Group owned by The New York Times, was especially boneheaded.
Going through Kaspersky's latest summary of Malware - Evolution, October - December 2005, I came across a research finding that would definitely go under the news radar, as always, and while The Hackers seem to be more elite than the folks that actually found the vulnerability I think the issue itself deserves more attention related to the future development of a market for 0day vulnerabilities.
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
