Friday, August 28, 2009
A bill proposed this spring giving the White House power to knock private sector companies off the Internet in a so-called "cyber security emergency" has civil liberties and Internet groups concerned. A new version has been drafted by aides of Democrat Jay Rockefeller from Virginia. CNET got their hands on a copy and says it's still troubling due to it's vagueness.
Details from CNET can be found here.
Details from CNET can be found here.
Thursday, August 27, 2009
August 26, Network World – (International) Trojan attacks up, phishing attacks down this year, IBM finds. Spam-based phishing attacks declined noticeably during the first half of the year, but cyber-criminals may simply be shifting to other technologies found to be more effective in stealing personal data, according to IBM in its semi-annual security threat report. “The decline in phishing and increases in other areas (such as banking Trojans) indicate the attackers may be moving their resources to other methods to obtain the gains that phishing once achieved,” is the explanation offered in the “IBM Internet Security Systems 2009 Mid-Year Trend & Risk Report.” It says Russia is the top country of origin for phishing e-mails, with 7.2 percent share, while China is the top hosting country for spam URLs. IBM’s semi-annual security report presents a broad view of trends based on its own analysis of volumes of sensor data, Web crawling technologies and other resources used to gather information through its Internet Security Systems division. In the first half of 2009, 55 percent of the new malware seen was Trojans, an increase of 9 percent over last year, the report says. Trojan malware, which includes components called downloaders and info- stealers, are mainly being used in the form of “public-available toolkits” that are “easy to use” by criminals, the report points out. The number of malicious Web links used to trick users into downloading malware or visiting dangerous sites has increased, up 508 percent in the first half of 2009 in comparison to the number discovered in the first half of 2008, says the report. The U.S. is the top country where such malicious Web links can be found, accounting for 36 percent of known malicious links, with China holding the second spot. Source: http://www.networkworld.com/news/2009/082609-ibm-malware-trojans.html
Friday, August 21, 2009
August 18, San Francisco Chronicle – (International) Apple looking into reports of exploding iPhone/iPod Touches. Apple’s iPhones and iPod Touches are being examined by the European Commission after a few incidents in which the devices exploded. There are reportedly two incidents in France involving an iPhone and one in Britain with an iPod Touch. A spokesperson for the commission said that Apple was cooperating and labeled the incidents “isolated.” An Apple spokesperson told Reuters that the company was aware of the reports but would not comment until receiving more information. In one case, a teenager in France was hurt when an iPhone overheated, hissed and shattered, sending glass into the boy’s eyes. A similar incident in Britain reportedly occurred with an iPod Touch that exploded and flew into the air. KIRO TV in Seattle obtained 800 pages of documents from the Consumer Product Safety Commission that found there have been 15 reports of burn and fire-related incidents involving iPods. Last year, after the Japanese government warned of fire risks from iPod Nanos, Apple offered to replace batteries in some of the devices. Source here.
Thursday, August 20, 2009
U.S. Army ITOC has released to the public the data sets of their recent 2009 Inter-Service Academy Cyber Defense Competition, which puts the military academies up against an NSA Red Team. If you would like to download them, they are available here. Full download is about 14 Gigs worth. Enjoy!
In the tradition of the Ed Skoudis Hacker Challenges, Jonathan Ham of the ISC has put out a Network Forensics Puzzle. Info on the ISC site here. this is more than just a little bit of fun for packet heads, this is free, hands on training.
Wednesday, August 12, 2009
Vulnerabilities found in WordPress software of a nasty variety. Allows a reset of the administrator password. As blogs are used more and more for political reasons, and especially by people living under repressive regimes, this could be bad news for theses folks, even more than the blogger who writes about gardening or his love of jazz music. If you use the software, WordPress has released a security release version, 2.8.4, found here.
- ► 2017 (10)
- ► 2016 (14)
- ► 2015 (12)
- ► 2014 (26)
- ► 2013 (29)
- ► 2012 (23)
- ► 2011 (40)
- ► 2010 (35)
- ▼ August (9)
- ► 2008 (16)