http://www.secuobs.com Observatoire de la securite Internet fr webmaster@secuobs.com 2012-05-17 03:43:47 - Risky Business : Tagline A chat with Arbor Networks founder Rob Malan Media URL http mediariskybiz auscert2012 malanmp3Content HeadersContent Length 7859120 Content Type audio mpeg In this sponsored Arbor Networks founder and CTO Rob Malan If you're lucky enough to have met Rob, you'd know that not only has he built a crazily successful business, but he's one of the most technologically savvy people you will ever meet He lives and breathes his business, and lately he's been focussing on what he sees as a future problem area Denial of service attacks against mobile 3G and 4G LTE networks As you'll hear, Rob says the average mobile network is a bit of a disaster and there'll be plenty of opportunities for miscreants to wreak havoc on them Forum Topic SPONSOR PODCAST DDoS attacks against mobile networks http://www.secuobs.com/revue/news/376017.shtmlhttp://www.secuobs.com/revue/news/376017.shtml 2012-05-17 02:56:52 - ZDNet Zero Day Blog RSS : The Pirate Bay is down Wikileaks is down Visa was down Are all these Distributed Denial of Service DDoS attacks a coincidence Right now it s not clear, but something is definitely happening http://www.secuobs.com/revue/news/376012.shtmlhttp://www.secuobs.com/revue/news/376012.shtml 2012-05-17 02:35:50 - Dark Reading All Stories : Cyberespionage attackers more and more are injecting specific, legitimate websites with malware in hopes of snaring victims with common interests -- most recently, human rights organizations http://www.secuobs.com/revue/news/376009.shtmlhttp://www.secuobs.com/revue/news/376009.shtml 2012-05-17 02:00:07 - Computer Security News : The Pirate Bay, which enables people to download files, music and films without paying, was suddenly bombarded with internet traffic which overwhelmed its servers http://www.secuobs.com/revue/news/376005.shtmlhttp://www.secuobs.com/revue/news/376005.shtml 2012-05-16 21:44:08 - ZDNet Zero Day Blog RSS : The hacktivist group Anonymous has denied allegations that it is behind the Distributed Denial of Service DDoS attack against The Pirate Bay Meanwhile, The Pirate Bay remains down and out http://www.secuobs.com/revue/news/375954.shtmlhttp://www.secuobs.com/revue/news/375954.shtml 2012-05-16 19:53:32 - Network World on Security : The Information Commissioner's Office ICO website has been taken offline following a suspected distributed denial of service DDoS attack http://www.secuobs.com/revue/news/375928.shtmlhttp://www.secuobs.com/revue/news/375928.shtml 2012-05-16 17:57:17 - Ars Technica Risk Assessment : Angry Anons may be behind the attack http://www.secuobs.com/revue/news/375910.shtmlhttp://www.secuobs.com/revue/news/375910.shtml 2012-05-16 17:15:39 - ZDNet Zero Day Blog RSS : The Pirate Bay is down for me Is it down for you It may be, since the site has confirmed it is experiencing a quite big Distributed Denial of Service DDoS attack It s unclear who is behind it http://www.secuobs.com/revue/news/375895.shtmlhttp://www.secuobs.com/revue/news/375895.shtml 2012-05-16 17:11:48 - SecurityTube.Net : A DDOS attack is a method of grabbing packets and killing them before the get to their destination Distributed Denial of Service DDoS The basis of the attack is to overload a victim's computer resources by flooding them with traffic This is done by commanding multiple compromised systems to send high rates of traffic In addition, the traffic is often formulated in such a way that it consumes resources at abnormal rates The nature of the attack is such that it is very difficult to stop and next to impossible to prevent single-handedly Some sites have experienced several days of downtime while trying to restore services The core problem is the existence of the compromised computers used to create the attack note 1 The computers used in the attacks are compromised several ways including remote attacks on vulnerable, defective software and taking advantage of computers whose owners have loaded remotely controllable software such as remote control trojans and IRC bots Some reports have put the number of compromised systems in the thousands Many of the systems are compromised because patches for software defects that were reported and fixed months ago are never installed, because anti-virus tools are not kept up to date, and because the computer owners give away control of their computers by indiscriminately running unknown programs IMAGE http://www.secuobs.com/revue/news/375881.shtmlhttp://www.secuobs.com/revue/news/375881.shtml 2012-05-16 17:11:48 - SecurityTube.Net : WEBSITE http betterphpcouk In this video I explain what an XSS attack is and tell you one way to prevent them causing problems for your site IMAGE http://www.secuobs.com/revue/news/375879.shtmlhttp://www.secuobs.com/revue/news/375879.shtml 2012-05-16 17:03:16 - M unition : Earlier this week, I talked about malware threats Today, we ll address a new trend Turns out the perpetrators of targeted attacks are pragmatic, and are happy to borrow techniques that are even a decade old Trend 2 in M-Trends An Evolving Threat is titled Everything Old Is New Again, and talks about how we saw a real uptick in the use of web shells and miniport drivers for persistence in 2011 Read the rest http://www.secuobs.com/revue/news/375872.shtmlhttp://www.secuobs.com/revue/news/375872.shtml 2012-05-16 15:42:59 - TorrentFreak : With court-ordered ISP blockades popping up all over Europe, The Pirate Bay is no stranger to being silenced However, for the last 24 hours the site has been largely inaccessible world wide due to a completely different type of censorship After the site openly criticized Anonymous last week for DDoS'ing UK ISP Virgin Media, The Pirate Bay itself is now under attack Source Pirate Bay Under DDoS Attack From Unknown Enemy http://www.secuobs.com/revue/news/375853.shtmlhttp://www.secuobs.com/revue/news/375853.shtml 2012-05-16 14:46:36 - Computer Security News : The Detica study, called Business and The Cyber Threat Curiously Confident found that 85pourcents of UK business expect an increase in cyber attacks over the next few years, which is not surprising given the number of headline-grabbing attacks that have taken place recently http://www.secuobs.com/revue/news/375837.shtmlhttp://www.secuobs.com/revue/news/375837.shtml 2012-05-16 14:46:36 - Computer Security News : Six months after the launch of the UK government's Cyber Security Strategy, 85pourcents of businesses say they expect the number of cyber attacks to increase in the coming years, a survey shows http://www.secuobs.com/revue/news/375836.shtmlhttp://www.secuobs.com/revue/news/375836.shtml 2012-05-16 13:59:50 - Network World on Security : The launch of a cut-rate unlimited 39-a-month mobile plan offered by upstart Voyager Mobile was marred Tuesday by what the company claims is a malicious network attack to its primary website The company now says it's postponing the launch of its budget plan until an unspecified date http://www.secuobs.com/revue/news/375829.shtmlhttp://www.secuobs.com/revue/news/375829.shtml 2012-05-16 08:38:12 - Help Net Security News : Agari released its first TrustIndex, a quarterly measurement that applies Agari s big data insights to score email attack vulnerability and email trust by industry Similar to a credit score, the T http://www.secuobs.com/revue/news/375790.shtmlhttp://www.secuobs.com/revue/news/375790.shtml 2012-05-15 23:54:50 - Dark Reading All Stories : Cyberespionage attackers more and more are injecting specific, legitimate websites with malware in hopes of snaring victims with common interests -- most recently, human rights organizations http://www.secuobs.com/revue/news/375716.shtmlhttp://www.secuobs.com/revue/news/375716.shtml 2012-05-15 10:05:11 - Advanced Password Cracking Insight : Elcomsoft Phone Password Breaker and Elcomsoft iOS Forensic Toolkit have been around for a while, acquiring user information from physical iPhone iPad devices or recovering data from user-created offline backups Both tools required the investigator to have access to the device itself, or at least accessing a PC with which the iOS device was synced http://www.secuobs.com/revue/news/375549.shtmlhttp://www.secuobs.com/revue/news/375549.shtml 2012-05-15 08:37:18 - SecurityTube.Net : in this video you can learn, how to use the metasploit framework together with the social engineering toolkit to create and deliver a payload to a remote target IMAGE http://www.secuobs.com/revue/news/375540.shtmlhttp://www.secuobs.com/revue/news/375540.shtml 2012-05-14 23:42:05 - Dark Reading All Stories : Web application firewalls are a popular way to protect sites, but cloud and managed-security services offer strong benefits to protect against denial-of-service attacks and compromise http://www.secuobs.com/revue/news/375482.shtmlhttp://www.secuobs.com/revue/news/375482.shtml 2012-05-14 20:18:35 - Dark Reading All Stories : Web application firewalls are a popular way to protect sites, but cloud and managed-security services offer strong benefits to protect against denial-of-service attacks and compromise http://www.secuobs.com/revue/news/375459.shtmlhttp://www.secuobs.com/revue/news/375459.shtml 2012-05-14 19:29:36 - Network World on Security : Should the federal government combine legislative muscle with fear to pressure private enterprise leaders into funding defenses for a cyberwar Or should it be up to the government to fund and create a cyber army to protect private industry, just as it protects factories and infrastructure in the physical world http://www.secuobs.com/revue/news/375449.shtmlhttp://www.secuobs.com/revue/news/375449.shtml 2012-05-14 18:07:05 - Security Bloggers Network : The Bitcoin exchange Bitcoinica took its servers offline after they discovered 90,000 USD worth of bitcoins was stolen from its systems This is the second time this year Bitcoinica were targeted http://www.secuobs.com/revue/news/375424.shtmlhttp://www.secuobs.com/revue/news/375424.shtml 2012-05-14 10:48:01 - Security Bloggers Network : As discussed in the previous article of this series, knowing that hacktivists are indeed targeting high-profile networks is important, but let s look at what organizations are doing to defend themselves http://www.secuobs.com/revue/news/375333.shtmlhttp://www.secuobs.com/revue/news/375333.shtml 2012-05-14 10:45:17 - The Tech Herald Security News : As discussed in the previous article of this series, knowing that hacktivists are indeed targeting high-profile networks is important, but let s look at what organizations are doing to defend themselves http://www.secuobs.com/revue/news/375330.shtmlhttp://www.secuobs.com/revue/news/375330.shtml 2012-05-14 06:12:00 - Help Net Security News : Here's an overview of some of last week's most interesting news, podcasts and articles Phishers mimic OpenID to steal credentials New spam email campaigns are taking advantage of the users' vag http://www.secuobs.com/revue/news/375321.shtmlhttp://www.secuobs.com/revue/news/375321.shtml 2012-05-12 20:48:09 - SecurityTube.Net : This video describes the Oracle TNS vulnerability that was discovered in 2008 and left un-patched until April of this year Here are some links that describes this vulnerability and how it can be exploited http arstechnicacom business 2012 04 release-of-exploit-code-puts-oracle-database-users-at-risk-of-attack http seclistsorg fulldisclosure 2012 Apr 204 IMAGE http://www.secuobs.com/revue/news/375233.shtmlhttp://www.secuobs.com/revue/news/375233.shtml 2012-05-12 15:23:00 - Computer Security News : The National Security Agency does not have to release any information on internal communications it had with Google after a cyber attack in China two years ago http://www.secuobs.com/revue/news/375212.shtmlhttp://www.secuobs.com/revue/news/375212.shtml 2012-05-12 05:38:01 - Computer Security News : The FBI says hackers are targeting travelers abroad through pop-up windows while they're trying to establish a connection in their hotel rooms http://www.secuobs.com/revue/news/375193.shtmlhttp://www.secuobs.com/revue/news/375193.shtml 2012-05-12 00:34:13 - SECTORIX : Background To establish common ground, I would like to start by explaining some theory behind DoS attacks on the HTTP attack vector An HTTP DoS attack is usually not based on a vulnerability or known flaw in a web server or a service, instead its the attempt to bring a server down by using http://www.secuobs.com/revue/news/375176.shtmlhttp://www.secuobs.com/revue/news/375176.shtml 2012-05-11 22:01:51 - Ars Technica Risk Assessment : The group's UK website was compromised to host a notorious espionage trojan http://www.secuobs.com/revue/news/375132.shtmlhttp://www.secuobs.com/revue/news/375132.shtml 2012-05-11 21:45:55 - Computer Security News : In a vague warning, the FBI says overseas travelers could be at risk of a Web attacks on hotel Wi-Fi -- If you're traveling abroad, your laptop could be attacked http://www.secuobs.com/revue/news/375129.shtmlhttp://www.secuobs.com/revue/news/375129.shtml 2012-05-11 19:23:53 - Security Bloggers Network : Here are nine ways to keep systems secure http://www.secuobs.com/revue/news/375101.shtmlhttp://www.secuobs.com/revue/news/375101.shtml 2012-05-11 16:44:19 - Security Bloggers Network : Cyber security is not a top priority for state governments, and they are not well prepared to deal with cyber threats In fact, cyber security ranks at the bottom of 31 critical areas in terms of readiness, according to a report issued by the Federal Emergency Management Agency FEMA Though we tend I tend to see the world in terms Read more IMAGE http://www.secuobs.com/revue/news/375056.shtmlhttp://www.secuobs.com/revue/news/375056.shtml 2012-05-11 15:53:35 - Security Bloggers Network : File-sharing site The Pirate Bay has denounced an Anonymous DDoS campaign that took down Virgin Media, calling it an ugly method that's no better than the UK court order for ISPs to block users from getting to The Pirate Bay http://www.secuobs.com/revue/news/375051.shtmlhttp://www.secuobs.com/revue/news/375051.shtml 2012-05-11 13:58:15 - Network World on Security : Booby-trapped RTF documents are one of the most common types of malicious Microsoft Office files that are used to infect computers with advanced persistent threats APTs , according to security researchers from Trend Micro http://www.secuobs.com/revue/news/375033.shtmlhttp://www.secuobs.com/revue/news/375033.shtml 2012-05-11 13:58:15 - Network World on Security : Imagine what would happen if an attacker broke into the network for the industrial control systems for New York City's elevators and boiler systems and decided to disrupt them, imperiling the lives of hundreds of thousands of residents relying on them Think it could never happen Think again http://www.secuobs.com/revue/news/375031.shtmlhttp://www.secuobs.com/revue/news/375031.shtml 2012-05-11 01:31:54 - Ars Technica Risk Assessment : The company hosting Boxuncom, a US-based website that reports on Chinese http://www.secuobs.com/revue/news/374947.shtmlhttp://www.secuobs.com/revue/news/374947.shtml 2012-05-11 01:31:54 - Ars Technica Risk Assessment : Recently discovered security vulnerabilities in televisions made by Samsung http://www.secuobs.com/revue/news/374946.shtmlhttp://www.secuobs.com/revue/news/374946.shtml 2012-05-11 01:31:54 - Ars Technica Risk Assessment : Iran's National Oil Company and a number of related oil companies were targets http://www.secuobs.com/revue/news/374945.shtmlhttp://www.secuobs.com/revue/news/374945.shtml 2012-05-11 01:31:54 - Ars Technica Risk Assessment : A vulnerability in Oracle database leaves users vulnerable to serious attacks http://www.secuobs.com/revue/news/374937.shtmlhttp://www.secuobs.com/revue/news/374937.shtml 2012-05-11 00:34:32 - Computer Security News : A young man from a tiny village in northeastern Saskatchewan has pleaded guilty to two criminal charges after hacking into a social networking site in New York City http://www.secuobs.com/revue/news/374929.shtmlhttp://www.secuobs.com/revue/news/374929.shtml 2012-05-10 22:49:00 - Dark Reading All Stories : The FBI says attackers are trying to trick users into installing malware with promises of software updates http://www.secuobs.com/revue/news/374907.shtmlhttp://www.secuobs.com/revue/news/374907.shtml 2012-05-10 20:43:54 - Ars Technica Risk Assessment : Sites are targeting Android users with malware that can access private networks http://www.secuobs.com/revue/news/374880.shtmlhttp://www.secuobs.com/revue/news/374880.shtml 2012-05-10 20:43:54 - Ars Technica Risk Assessment : Attackers are targeting a PHP bug that can be used to remotely hijack websites http://www.secuobs.com/revue/news/374874.shtmlhttp://www.secuobs.com/revue/news/374874.shtml 2012-05-10 19:38:52 - Network World on Security : A cybersecurity consulting firm has documented the existence of a China-based espionage operation that has infiltrated the computer systems of at least 22 organizations in the government and private sectors in the US, Europe and Asia http://www.secuobs.com/revue/news/374862.shtmlhttp://www.secuobs.com/revue/news/374862.shtml 2012-05-10 18:22:51 - ZDNet Zero Day Blog RSS : You can t make this stuff up Virgin followed a court order to block The Pirate Bay Anonymous executed a DDoS attack against Virgin The Pirate Bay denounced Anonymous for its attack http://www.secuobs.com/revue/news/374839.shtmlhttp://www.secuobs.com/revue/news/374839.shtml 2012-05-10 17:24:23 - MSI State of Security : Twitter is downplaying a security breach that exposed tens of thousands of user emails and passwords The leaked information, comprising 58,978 username and password combinations, appeared Monday on Pastebin While Twitter said that it s investigating the breach, it s also downplayed Continue reading http://www.secuobs.com/revue/news/374830.shtmlhttp://www.secuobs.com/revue/news/374830.shtml 2012-05-10 16:35:04 - Computer Security News : We are fast approaching the day when someone develops a script that bypasses the DDoS part altogether and simply calls the police when you try to use it http://www.secuobs.com/revue/news/374819.shtmlhttp://www.secuobs.com/revue/news/374819.shtml 2012-05-10 16:00:03 - Help Net Security News : Two Norwegian teenagers believed to have led DDoS attacks on a number of Norwegian and international websites have been arrested last Friday and Monday The rather short notification by the Norwegi http://www.secuobs.com/revue/news/374810.shtmlhttp://www.secuobs.com/revue/news/374810.shtml 2012-05-10 15:22:03 - Slashdot Your Rights Online : judgecorp writes Anonymous launched a DDoS attack on Virgin Media, apparently in protest at Virgin's decision to block the Pirate Bay Now the Pirate Bay has criticized Anonymous, saying it doesn't support DDoS as a form of protest The statement is interesting, given that Anonymous has been attacking music industry sites and other targets for some years, saying it is in support of the Pirate Bay IMAGE IMAGE Share on Google Read more of this story at Slashdot IMAGE IMAGE IMAGE http://www.secuobs.com/revue/news/374798.shtmlhttp://www.secuobs.com/revue/news/374798.shtml 2012-05-10 06:54:44 - SecurityTube.Net : The following research is on IVR Interactive Voice Response systems which are currently used in Phone Banking, Call centers, Hospitals and corporate mainly for information retrieval and Remote Management via Telephone lines The paper explains a serious of security issues concerning these systems IVR and exploitation techniques and ways of carrying out attacks on internal network via Telephone lines A demonstration of few exploits on IVR systems and a real incident about a critical responsibly disclosed banking flow in its Phone Banking System would be done IMAGE http://www.secuobs.com/revue/news/374728.shtmlhttp://www.secuobs.com/revue/news/374728.shtml 2012-05-09 21:12:28 - Security Bloggers Network : Two teenagers have been arrested in Norway in connection with a series of distributed denial-of-service DDoS attacks against websites in the country, and elsewhere around the world http://www.secuobs.com/revue/news/374631.shtmlhttp://www.secuobs.com/revue/news/374631.shtml 2012-05-09 20:22:34 - Security Bloggers Network : ForensicVue enables complex correlation and forensic searches http://www.secuobs.com/revue/news/374624.shtmlhttp://www.secuobs.com/revue/news/374624.shtml 2012-05-09 19:21:38 - Computer Security News : Norwegian police say they have arrested two teenage hackers accused of so-called denial-of-service attacks against websites in Norway, the US and other countries http://www.secuobs.com/revue/news/374614.shtmlhttp://www.secuobs.com/revue/news/374614.shtml 2012-05-09 19:18:03 - Network World on Security : Researchers have noticed one of the first examples of Android drive-by malware from an ordinary website, a dangerous type of automatic attack more commonly used to infect Windows PCs http://www.secuobs.com/revue/news/374609.shtmlhttp://www.secuobs.com/revue/news/374609.shtml 2012-05-09 16:15:45 - M unition : There is no such thing as perfect security As CEO and President of McAfee, I saw first-hand how some of the largest companies with the most sophisticated security programs were routinely compromised They were diligent They were compliant It wasn t enough Read the rest http://www.secuobs.com/revue/news/374545.shtmlhttp://www.secuobs.com/revue/news/374545.shtml 2012-05-09 14:53:04 - Help Net Security News : A malware delivery campaign that doubles its infections efforts to really make sure the users get compromised has been recently spotted by F-Secure researchers One of them landed on a website that http://www.secuobs.com/revue/news/374527.shtmlhttp://www.secuobs.com/revue/news/374527.shtml 2012-05-09 14:36:43 - Network World on Security : There is now an ongoing and massive cyberattack targeting the American gas-pipeline industry, aimed at giving the attacker a way to gather sensitive information by compromising business systems and possibly even subverting industrial control systems The Department of Homeland Security's investigative division, called the ICS-CERT, says it's taking the somewhat unusual step of issuing an alert and speaking publicly about it to heighten awareness of a dangerous situation http://www.secuobs.com/revue/news/374523.shtmlhttp://www.secuobs.com/revue/news/374523.shtml 2012-05-09 07:06:45 - John Melton's Weblog : What is it and why should I care Reducing the attack surface of an application or system means reducing the ways that you can interact with the application, and may involve reducing the functionality the application provides To most business folks, this sounds very, very bad However, at its core, it s really just a matter http://www.secuobs.com/revue/news/374449.shtmlhttp://www.secuobs.com/revue/news/374449.shtml 2012-05-09 07:02:58 - Computer Security News : For the past six months, an unidentified group of hackers has been mounting an ongoing, coordinated cyber attack on the control systems of US gas pipelines, prompting the Department of Homeland Security to issue alerts http://www.secuobs.com/revue/news/374448.shtmlhttp://www.secuobs.com/revue/news/374448.shtml 2012-05-09 04:09:48 - Stratagem 13 : Attackers target unpatched PHP bug allowing malicious code execution Updated http://www.secuobs.com/revue/news/374414.shtmlhttp://www.secuobs.com/revue/news/374414.shtml 2012-05-08 23:48:42 - Dark Reading All Stories : A single incident uncovered adversaries who, using intermediate hosts, conducted a sustained espionage campaign against a score of private- and public-sector targets http://www.secuobs.com/revue/news/374380.shtmlhttp://www.secuobs.com/revue/news/374380.shtml 2012-05-08 21:45:13 - ZDNet Zero Day Blog RSS : The Patch Tuesday batch for May 2012 covers at least 23 documented vulnerabilities in Microsoft Office, Microsoft Windows, the Microsoft NET Framework and Microsoft Silverlight http://www.secuobs.com/revue/news/374357.shtmlhttp://www.secuobs.com/revue/news/374357.shtml 2012-05-08 21:43:03 - Dancho Danchev's Blog Mind Streams of Information Security Knowledge : The Lizamoon mass SQL injection attacks gang is continuing to efficiently inject malicious code on hundreds of thousands of legitimate sites, for the purpose of serving fake security software -- also known as scareware -- and client-side exploits The latest round of the campaign is serving client-side exploits through multiple redirections taking place once the end user loads the malicious IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE http://www.secuobs.com/revue/news/374352.shtmlhttp://www.secuobs.com/revue/news/374352.shtml 2012-05-08 16:11:22 - Computer Security News : Homeland Security says the attacks on the computer networks controlling natural gas pipelines began in December, with three alerts issued since March 29 USA TODAY Homeland Security has warned US utilities that the computer networks controlling natural gas pipelines have been under attack since December, according to news reports out of more http://www.secuobs.com/revue/news/374290.shtmlhttp://www.secuobs.com/revue/news/374290.shtml 2012-05-08 14:26:18 - Dark Reading All Stories : Cyber campaign against multiple US utility companies began four months ago, agency says http://www.secuobs.com/revue/news/374264.shtmlhttp://www.secuobs.com/revue/news/374264.shtml 2012-05-08 13:42:10 - Network World on Security : The United States Industrial Control Systems Cyber Emergency Response Team ICS-CERT has issued a warning about an active spear phishing campaign targeting companies in the natural gas pipeline sector http://www.secuobs.com/revue/news/374258.shtmlhttp://www.secuobs.com/revue/news/374258.shtml 2012-05-08 13:14:56 - Help Net Security News : Unknown attackers are actively targeting natural gas pipeline sector companies in the US with spear phishing emails, the US Department of Homeland Security's Industrial Control Systems Cyber Emergency http://www.secuobs.com/revue/news/374251.shtmlhttp://www.secuobs.com/revue/news/374251.shtml 2012-05-08 09:55:17 - Computer Security News : Spam is continuing to decline as hackers more frequently choose malicious attacks to steal corporate data and personal information, according to Symantec's annual Internet Security Threat Report The report uses data collected in 2011 to identify security threats across the globe and finds that targeted attacks are being used more frequently, and more http://www.secuobs.com/revue/news/374230.shtmlhttp://www.secuobs.com/revue/news/374230.shtml 2012-05-08 06:02:33 - Computer Security News : Monday afternoon Dr Jack Kruse sat inside his home overlooking Old Hickory Lake http://www.secuobs.com/revue/news/374211.shtmlhttp://www.secuobs.com/revue/news/374211.shtml 2012-05-08 00:32:22 - Reverse Engineering : As I reverse my main issue is obfuscated code, is there any general ways or tools to analyse obfuscated code submitted by Milent link comment http://www.secuobs.com/revue/news/374190.shtmlhttp://www.secuobs.com/revue/news/374190.shtml 2012-05-07 23:45:37 - Computer Security News : In the world of embedded and computer security, one of the often debated topics is whether 128-bit symmetric key, used for AES is computationally secure against brute-force attack http://www.secuobs.com/revue/news/374186.shtmlhttp://www.secuobs.com/revue/news/374186.shtml 2012-05-07 20:31:58 - Security Bloggers Network : TrustVault uses data already present in enterprise email systems to build a social graph of known and trusted senders http://www.secuobs.com/revue/news/374141.shtmlhttp://www.secuobs.com/revue/news/374141.shtml 2012-05-07 17:09:01 - Security Bloggers Network : Not in favor of the new law that was just passed, immigration policies too racist, the Catholic Church too corrupt, it is possible or organize a demonstration or take the fastest, easiest and most effective way and launch a virtual attack on the offensive website Take down the parliament portal to protest unfair laws or policies, shut down the local police s website or the website of any offensive organization Hacktivists have been very effective launching attacks on government websites and their motivation increases with each successful attack http://www.secuobs.com/revue/news/374094.shtmlhttp://www.secuobs.com/revue/news/374094.shtml 2012-05-07 14:36:12 - Security Bloggers Network : One of the selling points around virtualization is about its perceived added level of security But virtualization, like any other piece of software can be implemented incorrectly, and itself have flaws Last year, NIST came out with http://www.secuobs.com/revue/news/374056.shtmlhttp://www.secuobs.com/revue/news/374056.shtml 2012-05-07 14:14:45 - Network World on Security : Almost 50,000 separate network attacks each week take aim at the California State University, San Bernardino, and the latest trend is seeing attackers go after students' Google Android and Apple iPhone mobile devices http://www.secuobs.com/revue/news/374050.shtmlhttp://www.secuobs.com/revue/news/374050.shtml 2012-05-07 11:36:48 - Security Bloggers Network : A recent spate of attacks launched in April involved the use of distributed denial of service DDoS attacks on the DNS server of a well-known worldwide organization http://www.secuobs.com/revue/news/374041.shtmlhttp://www.secuobs.com/revue/news/374041.shtml 2012-05-07 08:22:00 - Computer Security News : Lockheed Martin has won a 454m contract from the Department of Defense Cyber Crime Center to help the agency in controlling cyber attacks on US government networks http://www.secuobs.com/revue/news/374031.shtmlhttp://www.secuobs.com/revue/news/374031.shtml 2012-05-07 04:54:29 - Computer Security News : NaturalA gas companies in the United States have been under cyber attack for theA last 4 months and no let up in the attack is seen http://www.secuobs.com/revue/news/374008.shtmlhttp://www.secuobs.com/revue/news/374008.shtml 2012-05-07 02:52:38 - The Tech Herald Security News : A recent spate of attacks launched in April involved the use of distributed denial of service DDoS attacks on the DNS server of a well-known worldwide organization http://www.secuobs.com/revue/news/374005.shtmlhttp://www.secuobs.com/revue/news/374005.shtml 2012-05-06 19:32:18 - Computer Security News : The increasing reach of the National Broadband Network means the elderly will be at risk of cyber attacks, authorities warn http://www.secuobs.com/revue/news/373997.shtmlhttp://www.secuobs.com/revue/news/373997.shtml 2012-05-06 15:45:49 - CYBER ARMS Computer Security : Natural Gas Pipeline companies are currently facing a major targeted phishing attack from a single source according to the Christian Science Monitor The attacks that seemed to have begun in December 2011 have caused the DHS to release three amber alerts, and the ICS-CERT team to release an incident response report on Friday That fact http://www.secuobs.com/revue/news/373989.shtmlhttp://www.secuobs.com/revue/news/373989.shtml 2012-05-06 14:51:33 - Computer Security News : A major cyber attack is currently under way aimed squarely at computer networks belonging to US natural gas pipeline companies, according to alerts issued to the industry by the US Department of Homeland Security http://www.secuobs.com/revue/news/373986.shtmlhttp://www.secuobs.com/revue/news/373986.shtml 2012-05-05 23:13:15 - Office of Inadequate Security : http://www.secuobs.com/revue/news/373959.shtmlhttp://www.secuobs.com/revue/news/373959.shtml 2012-05-05 14:09:54 - Computer Security News : From the editors and reporters of Scientific American , this blog delivers commentary, opinion and analysis on the latest developments in science and technology and their influence on society and policy http://www.secuobs.com/revue/news/373923.shtmlhttp://www.secuobs.com/revue/news/373923.shtml 2012-05-05 04:39:47 - Symantec Connect Security Response Billets : Adobe today issued a security bulletin for a vulnerability in Flash Player, which is currently being used in limited targeted attacks The targeted attacks leveraging the Adobe Flash Player CVE-2012-0779 Object Type Confusion Remote Code Execution Vulnerability CVE-2012-0779 have been in the wild for over a week The vector of infection, as in most targeted attacks we see, are custom crafted emails with malicious attachments For the exploit to successfully work, the malicious attachments need to be opened on a computer with a vulnerable version of Adobe Flash Player The malicious documents contain an embedded reference to a malicious Flash file hosted on a remote server When the Flash file is acquired and opened, it sprays the heap with shellcode and triggers the CVE-2012-0779 exploit Once the shellcode gains control, it looks for the payload in the original document, decrypts it, drops it to disk, and executes it Symantec detects this payload as TrojanPasam So far we have identified multiple targets across manufacturers of products used by the defense industry, but this is likely to change in the coming days Some of the subject lines observed in this campaign EMAIL USERNAME , The disclosure of REDACTED secret weapon deals with the Middle East EMAIL USERNAME , I heard about the consolidation of REDACTED , is that true COMPANY NAME is in the unpromising situation after acquisition by COMPANY Invitation Letter to REDACTED 2012 some questions about REDACTED China-Russia Joint Military Exercises FOR more information A sampling of file names for the documents used in this campaign Consolidation Scheduledoc COMPANY NAME REDACTED doc REDACTED Invitation Letter to REDACTED 2012 questions about your coursedoc military exercise detailsdoc When the user opens the malicious document the vulnerability is exploited in the background and the document is displayed to the end user The malware authors created several junk documents for such display Some used scraps of information from public press releases and some were written with the pretext of inviting the recipient to conferences Others contained random data The malicious files we have observed so far are contacting servers hosted in China, Korea, and the United States to acquire the necessary data to complete the exploitation This attack is targeting Adobe Flash Player on Internet Explorer for Windows only We have seen many of these files circulating in the wild, therefore we advise users to keep their security solutions up to date, and update to the latest version of Flash Player as quickly as possible http://www.secuobs.com/revue/news/373850.shtmlhttp://www.secuobs.com/revue/news/373850.shtml 2012-05-05 01:39:31 - Computer Security News : London, May 4 UK's Serious Organised Crime Agency's website had to be shut down after it fell victim to a cyber attack for the second time in less than a year http://www.secuobs.com/revue/news/373838.shtmlhttp://www.secuobs.com/revue/news/373838.shtml 2012-05-05 00:21:12 - Security Bloggers Network : Read previous Generations of DoS attacks 3 examples of attacks and insider s view of LulzSec story CloudFlare s CEO and co-founder Matthew Prince provides some additional details of the kerfuffle around Lulz Security s activities during June-July 2011 the origins of their website traffic spikes and the different types of DDoS attacks CloudFlare was experiencing in that http://www.secuobs.com/revue/news/373826.shtmlhttp://www.secuobs.com/revue/news/373826.shtml 2012-05-04 21:30:05 - Network World on Security : Is a cyberattack by Iran against the US a realistic threat And if so, could it be defeated by a technique called bullet time There is considerable disagreement http://www.secuobs.com/revue/news/373791.shtmlhttp://www.secuobs.com/revue/news/373791.shtml 2012-05-04 21:30:05 - Network World on Security : The website of the UK's Serious Organised Crime Agency SOCA has been downed by what is starting to look like the most serious cyberattack ever to hit the site http://www.secuobs.com/revue/news/373787.shtmlhttp://www.secuobs.com/revue/news/373787.shtml 2012-05-04 21:30:05 - Network World on Security : Text messaging is the most common non-voice use of a mobile phone There are trillions of text messages received around the world each day, and an increasing number of them are spam, or phishing attacks of some sort http://www.secuobs.com/revue/news/373783.shtmlhttp://www.secuobs.com/revue/news/373783.shtml 2012-05-04 18:58:22 - threatpost The First Stop for Security News : In a report commissioned by the Obama administration and conducted by the Federal Emergency Management Agency FEMA , state and local government officials expressed pessimism about their ability to respond to a cyberattacks read more http://www.secuobs.com/revue/news/373757.shtmlhttp://www.secuobs.com/revue/news/373757.shtml 2012-05-04 18:23:38 - Computer Security News : The activist hacker group Anonymous said on Friday it planned to attack Russian government websites in order to support opposition protests ahead of Vladimir Putin's inauguration as president http://www.secuobs.com/revue/news/373747.shtmlhttp://www.secuobs.com/revue/news/373747.shtml 2012-05-04 18:10:47 - threatpost The First Stop for Security News : Adobe has released a patch for a serious Flash vulnerability that is being used in targeted attacks right now The updates fix the vulnerability in Windows, Mac, Linux and Android systems read more http://www.secuobs.com/revue/news/373739.shtmlhttp://www.secuobs.com/revue/news/373739.shtml 2012-05-04 17:00:44 - Security Bloggers Network : With the Olympics coming to London, there may be opportunities for criminals, hacktivists and mischief-makers to make a high profile attack against the event's computer systems But what about your own computers, and your personal data and finances http://www.secuobs.com/revue/news/373728.shtmlhttp://www.secuobs.com/revue/news/373728.shtml 2012-05-04 15:25:34 - Security Bloggers Network : Once again, cybercriminals have spammed out emails claiming to come from the Better Business Bureau BBB , with the intention of infecting Windows computers with malware http://www.secuobs.com/revue/news/373713.shtmlhttp://www.secuobs.com/revue/news/373713.shtml 2012-05-04 09:45:36 - Help Net Security News : Application business logic flaws are unique to each custom application, potentially very damaging, and difficult to test Attackers exploit business logic by using deductive reasoning to trick and ult http://www.secuobs.com/revue/news/373669.shtmlhttp://www.secuobs.com/revue/news/373669.shtml 2012-05-04 06:40:24 - ZDNet Zero Day Blog RSS : Microsoft has discovered a new piece of Mac malware that exploits a three-year-old flaw in old versions of Office for Mac The software giant notes the malware is written specifically for Mac OS X http://www.secuobs.com/revue/news/373658.shtmlhttp://www.secuobs.com/revue/news/373658.shtml 2012-05-04 06:18:35 - Computer Security News : While the nation has made strides in preparing for a wide range of potential disasters, state and local officials said they feel least prepared for an emerging threat a cyber attack http://www.secuobs.com/revue/news/373655.shtmlhttp://www.secuobs.com/revue/news/373655.shtml 2012-05-04 04:05:14 - Security Bloggers Network : A lot has been written in the last week about the Oracle TNS Listener Poison Attack CVE-2012-1675 Not everything that has been published is correct I have spent a great deal of time investigating the topic and I want to share my views on the issue On April 18th, the security researcher Joxean Koret published the following advisory on the full disclosure mailing list http seclistsorg fulldisclosure 2012 Apr 204 Assuming it was fixed in the April 2012 CPU, he discusses a vulnerability that http://www.secuobs.com/revue/news/373645.shtmlhttp://www.secuobs.com/revue/news/373645.shtml 2012-05-03 23:11:13 - Dark Reading All Stories : NT Objectives lists the main vectors of attack that exploit not bugs, but weaknesses in an application http://www.secuobs.com/revue/news/373576.shtmlhttp://www.secuobs.com/revue/news/373576.shtml 2012-05-03 22:47:17 - Security Bloggers Network : Read previous Generations of DoS attacks 2 Layer 4, Layer 7 and Link-Local IPv6 attacks In this part, Sam Bowne exemplifies each major type of DoS attacks, showing the actual implementation process and the potential damage that may occur The CEO of CloudFlare Matthew Prince then takes the floor to talk about his story of http://www.secuobs.com/revue/news/373571.shtmlhttp://www.secuobs.com/revue/news/373571.shtml 2012-05-03 21:42:54 - Computer Security News : Retail systems are on the front lines of attack, where hackers look to steal cardholder data http://www.secuobs.com/revue/news/373493.shtmlhttp://www.secuobs.com/revue/news/373493.shtml 2012-05-03 19:56:12 - ZDNet Zero Day Blog RSS : In an attempt to slow down drive-by malware attacks, Mozilla plans to introduce click-to-play feature in upcoming versions of its flagship Firefox browser http://www.secuobs.com/revue/news/373465.shtmlhttp://www.secuobs.com/revue/news/373465.shtml 2012-05-03 18:43:39 - F Secure Antivirus Research Weblog : Somehow these SQL Injections targetting ASP ASPnet sites just never seem to abate First there was Lizamoon Surprising us with the millions of websites that got injected Then came a few others with the recent ones being nikjjucom and hgbyjucom Now came njukol google_results 256k image Although the name is no longer as catchy as Lizamoon, the idea remains the same This njukolcom is still pretty fresh out of the oven The domain was registered last April 28 The funny thing is, the registrant of the domain is still the same with all those previous ones registrant 6k image On 03 05 12 At 04 31 PM http://www.secuobs.com/revue/news/373449.shtmlhttp://www.secuobs.com/revue/news/373449.shtml 2012-05-03 18:36:59 - threatpost The First Stop for Security News : The Website of the United Kingdom s Serious Online Crime Agency SOCA remains offline this morning following a distributed denial of service DDoS attack read more http://www.secuobs.com/revue/news/373445.shtmlhttp://www.secuobs.com/revue/news/373445.shtml 2012-05-03 17:58:00 - threatpost The First Stop for Security News : In a post on the F-Secure Labs blog, Chief Research Officer Mikko Hypponen says the firm received a hard drive image from a contact within Syria who believed that his computer had been compromised An F-Secure analysis of the drive's contents and Web history revealed evidence of a targeted attack that used a malicious Skype chat link to install a copy of Xtreme RAT, a remote access tool that's commercially available online A report from anti virus firm F-Secure offers proof that malicious software is being pushed to political dissidents in targeted attacks - the first evidence that the embattled government is using cyber attacks to help squelch a domestic political uprising read more http://www.secuobs.com/revue/news/373426.shtmlhttp://www.secuobs.com/revue/news/373426.shtml 2012-05-03 14:26:05 - F Secure Antivirus Research Weblog : Syria has been at the center of international attention lately There's unrest in the country and the totalitarian government is using brutal tactics against dissidents These tactics include using technology surveillance, trojans and backdoors Some time ago we received a hard drive via a contact The drive had an image of the system of a Syrian activist who had been targeted by the local authorities syria The activist's system had become infected as a result of a Skype chat The chat request came from a fellow activist The problem was that the fellow activist had already been arrested and could not have started the chat Initial infection occured when the activist accepted a file called MACAddressChangerexe over the chat This utility was supposed to change the hardware MAC address of the system in order to bypass some monitoring tools Instead, it dropped a file called silviaexe which was a backdoor - a backdoor called Xtreme RAT Xtreme Rat is a full-blown malicious Remote Access Tool, sold for 100 euros Paypal via a page hosted at Google Sites https sitesgooglecom site nxtremerat xtremerat We have reasons to believe this infection wasn't just bad luck We believe the activist's computer was specifically targeted In any case, the backdoor calls home to the IP address 2166028 This IP block belongs to Syrian Arab Republic - STE syrian Telecommunications Establishment This would not have been the first case of using trojans for such purposes in Syria, either See these references for similar cases in the past http cnncom 2012-02-17 tech tech_web_computer-virus-syria_1_opposition-activists-computer-viruses-syrian-town http blogsnormancom 2012 security-research the-syrian-spyware http resourcesinfosecinstitutecom darkcomet-analysis-syria includes an interview with the author of another RAT used in similar attack SHA-1 hashes of the samples in question 2c938f4e85d53aa23e9af39085d1199e138618b6 a07209729e6f93e80fb116f18f746aad4b7400c5 On 03 05 12 At 12 19 PM http://www.secuobs.com/revue/news/373381.shtmlhttp://www.secuobs.com/revue/news/373381.shtml 2012-05-03 14:10:16 - Security Bloggers Network : The UK's Serious Organised Crime Agency SOCA has confirmed that its website has suffered a distributed denial-of-service DDoS attack, effectively preventing internet users from reaching it http://www.secuobs.com/revue/news/373378.shtmlhttp://www.secuobs.com/revue/news/373378.shtml 2012-05-03 13:53:53 - Computer Security News : This is a new distribution method, according to Lookout Hacked websites are frequently used to infect PCs with malware, but this is the first time the firm has seen hacked websites used to target mobile devices http://www.secuobs.com/revue/news/373374.shtmlhttp://www.secuobs.com/revue/news/373374.shtml 2012-05-02 20:12:38 - Network World on Security : Security engineers at the University of Tulsa have found a way to identify cyber attacks before they reach their target, enabling network administrators to take pre-emptive measures to protect their IT systems http://www.secuobs.com/revue/news/373198.shtmlhttp://www.secuobs.com/revue/news/373198.shtml 2012-05-02 20:12:38 - Network World on Security : Adding injury to insult, fraudsters have merged the phenomenon of ransom Trojans with banking malware, producing a hybrid that demands money before attempting to steal user logins http://www.secuobs.com/revue/news/373197.shtmlhttp://www.secuobs.com/revue/news/373197.shtml 2012-05-02 16:54:17 - LinuxSecurity.com Latest News : LinuxSecuritycom Internet criminals are sidestepping the need to launch DDoS attack from large networks of malware-compromised bot PCs by using simpler server 'booter shells', mitigation firm Prolexic has warned http://www.secuobs.com/revue/news/373158.shtmlhttp://www.secuobs.com/revue/news/373158.shtml 2012-05-02 13:39:28 - Network World on Security : Internet criminals are sidestepping the need to launch DDoS attack from large networks of malware-compromised bot PCs by using simpler server 'booter shells', mitigation firm Prolexic has warned http://www.secuobs.com/revue/news/373116.shtmlhttp://www.secuobs.com/revue/news/373116.shtml 2012-05-02 12:21:21 - Security Bloggers Network : Read previous Generations of DoS attacks some history and links to Jester, Anonymous and LulzSec Sam Bowne s primary focus in this section of his talk is on the technical part of different types of DoS attacks the relatively primitive Layer 4 DDoS, variations of the more sophisticated Layer 7 DoS and Link-Local IPv6 router advertisement http://www.secuobs.com/revue/news/373105.shtmlhttp://www.secuobs.com/revue/news/373105.shtml 2012-05-02 12:20:29 - Help Net Security News : The Citadel malware - a banking Trojan that is based on Zeus Trojan's source code and whose creators have adopted a Software-as-a-Service approach when it comes to the modifications of the crimeware k http://www.secuobs.com/revue/news/373103.shtmlhttp://www.secuobs.com/revue/news/373103.shtml 2012-05-02 02:36:10 - Computer Security News : Another month has passed and Anonymous remains an ever-present voice in the online world http://www.secuobs.com/revue/news/373048.shtmlhttp://www.secuobs.com/revue/news/373048.shtml 2012-05-01 23:18:20 - threatpost The First Stop for Security News : The Iranian government has discovered what it describes as a 'hidden agenda' behind a recent malware attack on the country's Oil Ministry, according to a report published by the FARS News Agency read more http://www.secuobs.com/revue/news/373019.shtmlhttp://www.secuobs.com/revue/news/373019.shtml 2012-05-01 20:03:31 - Network World on Security : The apparent cyberattack that disrupted IT systems at Iran's main oil terminal was serious enough to have wiped data from hard drives, news agencies in the country have claimed http://www.secuobs.com/revue/news/372974.shtmlhttp://www.secuobs.com/revue/news/372974.shtml 2012-05-01 19:35:59 - ZDNet Zero Day Blog RSS : The same Java vulnerability used in the infamous Flashback malware is now being used as an attack vector for a single piece of malware that can infect both Windows and Mac OS X computers http://www.secuobs.com/revue/news/372971.shtmlhttp://www.secuobs.com/revue/news/372971.shtml 2012-05-01 14:34:31 - Computer Security News : As TVs and the kit that we connect to them become more sophisticated and reliant on internet-based services, they could be open to the same kinds of attacks as computer networks http://www.secuobs.com/revue/news/372914.shtmlhttp://www.secuobs.com/revue/news/372914.shtml 2012-05-01 14:30:34 - Network World on Security : The latest Internet Security Threat Report by Symantec finds that targeted attacks are becoming more common and are going beyond the public sector and large enterprises to smaller, less well defended companies in the supply chain and partner ecosystem http://www.secuobs.com/revue/news/372912.shtmlhttp://www.secuobs.com/revue/news/372912.shtml 2012-05-01 14:03:51 - Security Bloggers Network : Sam Bowne from City College of San Francisco shares his expertise in the history of denial-of-service attacks, their technical aspects, and the major groups of hacktivists who use those for various purposes This Defcon presentation starts with the classification of DoS attacks and the analysis thereof in terms of Jester, Anonymous and LulzSec attackers activity http://www.secuobs.com/revue/news/372899.shtmlhttp://www.secuobs.com/revue/news/372899.shtml 2012-05-01 11:14:34 - Security Bloggers Network : Trusteer Intelligence researchers have discovered a clever new use of the Citadel malware platform a descendent of the Zeus Trojan to deliver code ransomware that poses as the US Department of Justice and highjacks victims computers This rans http://www.secuobs.com/revue/news/372883.shtmlhttp://www.secuobs.com/revue/news/372883.shtml 2012-05-01 06:51:13 - securitystream.info : Hackers stole 187 million personal identities last year, with the average yield per data breach amounting to 11 million identities, Symantec said Related posts 1 Symantec Protects Against Unique Scams and Phishing Attacks With Symantec Brightmail Gateway 90 2 Symantec security survey shows cyber attacks remain top risk for businesses 3 Attacks Cost 38 Million on Average Per Year http://www.secuobs.com/revue/news/372868.shtmlhttp://www.secuobs.com/revue/news/372868.shtml 2012-05-01 01:47:42 - Dark Reading All Stories : With conventional wisdom now that 'advanced attacks happen,' has the time come to create the next-generation sandbox or other containment method http://www.secuobs.com/revue/news/372843.shtmlhttp://www.secuobs.com/revue/news/372843.shtml 2012-04-30 17:11:44 - Computer Security News : A new year-in-review report from Symantec holds some bad news for security administrators http://www.secuobs.com/revue/news/372740.shtmlhttp://www.secuobs.com/revue/news/372740.shtml 2012-04-30 16:37:38 - PenTestIT : You can think of Subterfuge as Firesheep on steroids If Firesheep allowed you to gain Facebook logins, Subterfuge can help you with much more The purpose of Subterfuge is to demonstrate pervasive vulnerabilities in the ARP protocol This framework is a frontend or collection of some of the most famous tools that can be used Subterfuge An Automated Man-in-the-Middle Attack Framework is a post from PenTestIT IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE http://www.secuobs.com/revue/news/372727.shtmlhttp://www.secuobs.com/revue/news/372727.shtml 2012-04-30 13:22:26 - Computer Security News : Can we compare a 26 11 type terror attack to an email hack Which one do you think is more threatening A recent joint survey done by FICCI and Pinkerton has found that the fear of cyber insecurity is today the topmost threat while that of a terror attack has moved to a second http://www.secuobs.com/revue/news/372679.shtmlhttp://www.secuobs.com/revue/news/372679.shtml 2012-04-28 21:04:08 - Security Bloggers Network : I ve been out of office for most of the past week, including several days in London for an industry meeting and the Infosec Europe meeting Good to meet so many fellow researchers, bloggers and journos by the way, including several colleagues at Infosecurity Magazine But events in the Mac universe have been rolling on Sophos http://www.secuobs.com/revue/news/372570.shtmlhttp://www.secuobs.com/revue/news/372570.shtml 2012-04-27 16:42:58 - Security Bloggers Network : A new malware attack is targeting Mac computers with a Python-based backdoor Trojan And Windows computers aren't getting away scott free either http://www.secuobs.com/revue/news/372430.shtmlhttp://www.secuobs.com/revue/news/372430.shtml 2012-04-27 14:24:54 - Security Bloggers Network : Yesterday, the US House of Representatives announced cybersecurity week, kicking it off with a Subcommittee Hearing entitled America is Under Cyber Attack Why Urgent Action is Needed Is using Hollywood-style language really the way to deal wi http://www.secuobs.com/revue/news/372404.shtmlhttp://www.secuobs.com/revue/news/372404.shtml 2012-04-27 14:24:28 - Schneier on Security : At the RSA Conference this year, I noticed a trend of companies that have products and services designed to help victims recover from attacks Kelly Jackson Higgins noticed the same thing Damage Mitigation as the New Defense That new reality, which has been building for several years starting in the military sector, has shifted the focus from trying to stop http://www.secuobs.com/revue/news/372403.shtmlhttp://www.secuobs.com/revue/news/372403.shtml 2012-04-26 22:48:51 - Wired Danger Room : The Office of Naval Research is asking for uniforms to be capable of measuring a soldier's vital signs, detecting the location and severity of their bullet wounds and even transmitting their location to medical personnel via GPS sensors implanted into clothing fabric http://www.secuobs.com/revue/news/372310.shtmlhttp://www.secuobs.com/revue/news/372310.shtml 2012-04-26 14:15:43 - Security Bloggers Network : This week, we released a report no reg required on automated hacking Many of you asked for the graphic explaining how automated cyber attacks work and some ideas on impeding them Here it is Download Automated Cyber Attacks http://www.secuobs.com/revue/news/372189.shtmlhttp://www.secuobs.com/revue/news/372189.shtml 2012-04-26 13:24:08 - TorrentFreak : The elimination of camcorder movie piracy has been high on the agenda of movie studios for many years, particularly so during the last decade Many approaches have been tried and there are signs that in the past 5 years the problem has significantly reduced The latest anti-cam system claims to be the most unobtrusive yet, negating the need for bag searches, cell phone confiscations or the employment of security guards Source Movie Spy Cameras Attack The Dying Art of Camcorder Piracy IMAGE IMAGE IMAGE IMAGE IMAGE http://www.secuobs.com/revue/news/372173.shtmlhttp://www.secuobs.com/revue/news/372173.shtml 2012-04-26 12:40:46 - Help Net Security News : The Conficker worm is still one of the biggest ongoing threats to enterprises, says Microsoft According to the newly released Microsoft Security Intelligence Report volume 12, quarterly detections http://www.secuobs.com/revue/news/372168.shtmlhttp://www.secuobs.com/revue/news/372168.shtml 2012-04-25 20:27:21 - Computer Security News : Moscow - Pro-Kremlin activists are increasingly using underground hacker networks to suppress the political opposition and independent media which they believe pose a danger to Vladimir Putin's hold on power in Russia, a report said on Wednesday http://www.secuobs.com/revue/news/372003.shtmlhttp://www.secuobs.com/revue/news/372003.shtml 2012-04-25 20:27:21 - Computer Security News : Nissan confirmed that it recently suffered a major cyber attack , but doesn't know who executed the operation or what information was extracted http://www.secuobs.com/revue/news/372002.shtmlhttp://www.secuobs.com/revue/news/372002.shtml 2012-04-25 20:15:24 - threatpost The First Stop for Security News : Old pieces of malware--especially successful ones--don't really die They typically will just sort of fade into the background as newer attacks come to the fore and grab the headlines Such is the case for one of the more notorious headline-grabbing pieces of malware of all time Conficker Not only has Conficker not disappeared, attacks from the worm have actually started to increase again, according to new data read more http://www.secuobs.com/revue/news/371999.shtmlhttp://www.secuobs.com/revue/news/371999.shtml 2012-04-25 19:57:07 - Security Bloggers Network : News, via Mercury News' Steve Johnson, of Secretary Janet Napolitano's consideration of a Public Sector Private Sector partnership of something she likes to call Proactive Cyberattacks http://www.secuobs.com/revue/news/371993.shtmlhttp://www.secuobs.com/revue/news/371993.shtml 2012-04-25 19:46:12 - CYBER ARMS Computer Security : Cybersecurity experts warned congress on April 24th that unless strong legislation is passed to enforce basic security standards for critical infrastructure, this country could face a major cyber attack If we don t do that this year, an attack is inevitable, Center for Strategic and International Studies Senior Fellow James Lewis told the congressional committee According http://www.secuobs.com/revue/news/371983.shtmlhttp://www.secuobs.com/revue/news/371983.shtml 2012-04-25 19:36:54 - Network World on Security : David Willetts, minister of state for universities and science, has called for businesses to disclose their experiences of successful and unsuccessful cyberattacks http://www.secuobs.com/revue/news/371978.shtmlhttp://www.secuobs.com/revue/news/371978.shtml 2012-04-25 19:36:54 - Network World on Security : A vulnerability in the firmware of several network-enabled Samsung TV models and possibly Blu-ray players allows potential attackers to put the vulnerable devices into an endless restart loop that requires the intervention of a technician to terminate, according to independent security researcher Luigi Auriemma http://www.secuobs.com/revue/news/371973.shtmlhttp://www.secuobs.com/revue/news/371973.shtml 2012-04-25 19:05:33 - Help Net Security News : Imperva released its April Hacker Intelligence Report Automation of Attacks, which analyzes how and why attacks on Web applications are automated As much as 98 percent of Remote File Inclusion http://www.secuobs.com/revue/news/371964.shtmlhttp://www.secuobs.com/revue/news/371964.shtml 2012-04-25 15:12:52 - Security Bloggers Network : QRadar Network Anomaly Detection appliance analyzes complex network activity in real-time http://www.secuobs.com/revue/news/371910.shtmlhttp://www.secuobs.com/revue/news/371910.shtml 2012-04-25 12:53:44 - Security Bloggers Network : In Austria, a 15-year-old boy has been arrested for hacking into 259 companies during a 90-day spree In other words, during the last quarter he successfully attacked an average of three websites per day In a broader view, cloud-security provider Inca http://www.secuobs.com/revue/news/371887.shtmlhttp://www.secuobs.com/revue/news/371887.shtml 2012-04-24 23:33:55 - SecurityTube.Net : DOS Attack on Win8 with Hping3 Packet Flooding IMAGE http://www.secuobs.com/revue/news/371810.shtmlhttp://www.secuobs.com/revue/news/371810.shtml 2012-04-24 23:22:27 - Computer Security News : This much is clear More nations are seeking to acquire cyber attack capabilities as a standard feature in their military planning http://www.secuobs.com/revue/news/371804.shtmlhttp://www.secuobs.com/revue/news/371804.shtml 2012-04-24 23:09:57 - Dark Reading All Stories : New HITRUST Cybersecurity Incident Response and Coordination Center lets healthcare organizations, US Department of Health and Human Services swap information, forensics from firsthand attack experiences, other threats http://www.secuobs.com/revue/news/371801.shtmlhttp://www.secuobs.com/revue/news/371801.shtml 2012-04-24 18:06:17 - Security Bloggers Network : There is a draft law by the EU that would make attacks on IT systems a criminal offense and punishable by at least two years in prison Additionally, possessing or distributing hacking software and tools would be an offense I understand the potential http://www.secuobs.com/revue/news/371725.shtmlhttp://www.secuobs.com/revue/news/371725.shtml 2012-04-24 17:39:49 - MSI State of Security : One of the least understood parts of MicroSolved is how the HoneyPoint Internet Threat Monitoring Environment HITME data is used to better protect our customers If you don t know about the HITME, it is a set of deployed HoneyPoints that Continue reading http://www.secuobs.com/revue/news/371717.shtmlhttp://www.secuobs.com/revue/news/371717.shtml 2012-04-24 16:29:33 - Help Net Security News : Secure cloud hosting company, FireHost, has revealed details about type and origin of web attacks that it has blocked from causing harm to clients web applications and databases hosted at its secure http://www.secuobs.com/revue/news/371698.shtmlhttp://www.secuobs.com/revue/news/371698.shtml 2012-04-24 16:16:27 - Computer Security News : Presidential spokesperson Edwin Lacierda on Monday said that at 4pm on Sunday, the Presidential Communications Development and Strategic Planning Office noticed a significant spike in traffic with malicious URL requests from forged user-agents being channeled to the Official Gazette website , PCDSPO and to the Presidential Museum and Library more http://www.secuobs.com/revue/news/371695.shtmlhttp://www.secuobs.com/revue/news/371695.shtml 2012-04-24 14:52:47 - DDoS and Security Reports Arbor Networks Security Blog 2012 : SSL or TLS secures web services such as banking, online purchases, email and remote access Popular services such as Twitter, Hotmail and Facebook are increasingly migrating to SSL to improve security and address privacy concerns As more transactions and services are protected by SSL, DDoS attacks on SSL secured services are on the rise and http://www.secuobs.com/revue/news/371663.shtmlhttp://www.secuobs.com/revue/news/371663.shtml 2012-04-23 22:58:56 - Security Bloggers Network : RT markrussinovich I doubt this was a nation-state attack, but Iran announces that oil terminal was 'offline' after 'malware attack' h http://www.secuobs.com/revue/news/371569.shtmlhttp://www.secuobs.com/revue/news/371569.shtml 2012-04-23 22:08:56 - Security Bloggers Network : The Mehr news agency in Iran is reporting that the oil ministry and entire industry has been taken offline after suffering a malware attack http://www.secuobs.com/revue/news/371559.shtmlhttp://www.secuobs.com/revue/news/371559.shtml 2012-04-23 20:57:29 - Dark Reading All Stories : How the increased level and sophistication of of targeted attacks since 2008 may impact this year's US Presidential election campaigns http://www.secuobs.com/revue/news/371543.shtmlhttp://www.secuobs.com/revue/news/371543.shtml 2012-04-23 20:40:08 - Security Circus : RT markrussinovich I doubt this was a nation-state attack, but Iran announces that oil terminal was 'offline' after 'malware attack' h http://www.secuobs.com/revue/news/371539.shtmlhttp://www.secuobs.com/revue/news/371539.shtml 2012-04-23 20:08:16 - Dark Reading All Stories : Deja vu all over again as Iranian government-owned systems reportedly targeted by a 'worm' http://www.secuobs.com/revue/news/371520.shtmlhttp://www.secuobs.com/revue/news/371520.shtml 2012-04-23 19:27:18 - Computer Security News : Cyber crime is big business these days, and everyone from organized crime rings to governments are participating http://www.secuobs.com/revue/news/371509.shtmlhttp://www.secuobs.com/revue/news/371509.shtml 2012-04-23 17:14:41 - Security Bloggers Network : Bit9 survey also showed that IT executives are most concerned about malware and spear phishing attacks http://www.secuobs.com/revue/news/371483.shtmlhttp://www.secuobs.com/revue/news/371483.shtml 2012-04-23 16:09:07 - Dark Reading All Stories : How the increased level and sophistication of of targeted attacks since 2008 may impact this year's US Presidential election campaigns http://www.secuobs.com/revue/news/371467.shtmlhttp://www.secuobs.com/revue/news/371467.shtml 2012-04-23 13:23:56 - Help Net Security News : Concerns over hacktivism and targeted state-sponsored attacks are at the top of security professionals minds according to a new survey and research report sponsored by Bit9 The 2012 Cyber Securi http://www.secuobs.com/revue/news/371429.shtmlhttp://www.secuobs.com/revue/news/371429.shtml 2012-04-23 11:38:49 - Computer Security News : If you're computing with a Mac and you wound up with the Flashback malware on your system, don't take it personally http://www.secuobs.com/revue/news/371413.shtmlhttp://www.secuobs.com/revue/news/371413.shtml 2012-04-23 02:34:06 - The Tech Herald Security News : In March, Britain s largest abortion provider s website was breached by a Pro-Life supporter of Anonymous, who was subsequently arrested within 24-hours of his attack http://www.secuobs.com/revue/news/371372.shtmlhttp://www.secuobs.com/revue/news/371372.shtml 2012-04-22 19:59:29 - TorrentFreak : This week, with support from a Promo Bay campaign on The Pirate Bay, UK rap artist Dan Bull is aiming to send a message to the mainstream entertainment industry With the release of a brand new track called Sharing is Caring , Dan will attempt to break into the UK charts without the backing of a label and show that with the help of a free Internet and BitTorrent, there is another way Source Dan Bull Pirate Bay Attack the Music Charts With Sharing Is Caring IMAGE IMAGE IMAGE IMAGE IMAGE http://www.secuobs.com/revue/news/371347.shtmlhttp://www.secuobs.com/revue/news/371347.shtml 2012-04-22 01:30:43 - Computer Security News : Apple Mac users who visited the hijacked WordPress sites were infected by the malware, which morphed from a Trojan horse to a drive-by exploit, Kaspersky researchers said http://www.secuobs.com/revue/news/371289.shtmlhttp://www.secuobs.com/revue/news/371289.shtml 2012-04-21 13:10:30 - Computer Security News : The leading University, the sites of popular bloggers and writers, as well as news organizations web sites have noted a an increase in attempts to take over servers http://www.secuobs.com/revue/news/371246.shtmlhttp://www.secuobs.com/revue/news/371246.shtml 2012-04-20 22:40:11 - Security Bloggers Network : SpiderLabs is the corporate sponsor of the WASC Distributed Web Honeypots Project which is an awesome research project to identify automated web attacks I was looking in our central ModSecurity AuditConsole logging host today and I noticed a spike in traffic from some Russian IPs that were scanning for the PMASA-2010-4 vulnerability in the PhpMyAdmin setupphp script Let's look at the raw ModSecurity audit log data of the inbound request --4064df0e-A-- 10 Apr 2012 18 05 55 0000 T4R2gwowybkAAHp9G sAAAAF 2122461167 38767 XXXXXXXXXXXX 80 --4064df0e-B-- POST pma scripts setupphp HTTP 11 Connection close Host 17634207219 Referer 17634207219 User-Agent Mozilla 40 compatible MSIE 60 MSIE 55 Windows NT 51 Opera 701 http://www.secuobs.com/revue/news/371175.shtmlhttp://www.secuobs.com/revue/news/371175.shtml 2012-04-20 18:33:08 - Security Bloggers Network : Anonymous hacktivists appear to have successfully blasted the Formula 1 website off the net, with a distributed denial-of-service DDoS attack http://www.secuobs.com/revue/news/371110.shtmlhttp://www.secuobs.com/revue/news/371110.shtml 2012-04-20 16:44:16 - Computer Security News : The website of the British Pregnancy Advisory Service , the UK's largest abortion provider, has seen a spike in hacking attempts following news that the original hacker was sent to prison last week http://www.secuobs.com/revue/news/371085.shtmlhttp://www.secuobs.com/revue/news/371085.shtml 2012-04-20 12:16:51 - Help Net Security News : HP published the 2011 Top Cyber Security Risks Report, which identifies the growing sophistication and severity of security attacks and the resulting risks The report provides the information to h http://www.secuobs.com/revue/news/371034.shtmlhttp://www.secuobs.com/revue/news/371034.shtml 2012-04-20 03:38:17 - SecurityTube.Net : Post Attack Uploading Shell in Real Time IMAGE http://www.secuobs.com/revue/news/370998.shtmlhttp://www.secuobs.com/revue/news/370998.shtml 2012-04-19 23:26:17 - Dark Reading All Stories : Meanwhile, researchers await a possible Flashback comeback by the botnet operators http://www.secuobs.com/revue/news/370971.shtmlhttp://www.secuobs.com/revue/news/370971.shtml 2012-04-19 18:37:05 - LinuxSecurity.com Latest News : LinuxSecuritycom Security expert Wolfgang Ettlinger has discovered a vulnerability in the Austrian Citizen Card that allows attackers to spoof the credentials of their victims This is the second time the card has been hacked http://www.secuobs.com/revue/news/370908.shtmlhttp://www.secuobs.com/revue/news/370908.shtml 2012-04-19 15:30:53 - Computer Security News : MAHWAH, New Jersey, April 18, 2012 PRNewswire via COMTEX -- Radware , a leading provider of application delivery and application security solutions for virtual and cloud data centers, today announced recent agreements with two US-based social networking companies to deploy Radware's award winning Attack Mitigation System security solution to more http://www.secuobs.com/revue/news/370869.shtmlhttp://www.secuobs.com/revue/news/370869.shtml 2012-04-18 21:36:41 - Dark Reading All Stories : Shawn Henry now heading up services arm of CrowdStrike, the semi-stealth startup that plans to more aggressively profile, target, and ultimately help unmask, sophisticated cyberattackers http://www.secuobs.com/revue/news/370732.shtmlhttp://www.secuobs.com/revue/news/370732.shtml 2012-04-18 21:10:53 - SearchSecurity Threat Monitor : Expert Nick Lewis says an effective DoS attack responses demand better business continuity plans, including pre-negotiating with providers Add to digg Add to StumbleUpon Add to delicious Add to Google http://www.secuobs.com/revue/news/370726.shtmlhttp://www.secuobs.com/revue/news/370726.shtml 2012-04-18 15:21:04 - Computer Security News : Congress is getting more serious about cybersecurity Cybersecurity involves everything from a foreign power attacking our ability to control the national power grid, to a disgruntled employee hacking into the office computer and stealing proprietary corporate documents http://www.secuobs.com/revue/news/370630.shtmlhttp://www.secuobs.com/revue/news/370630.shtml 2012-04-18 13:42:49 - Network World on Security : A bill in the US Congress designed to encourage private companies and government agencies to share cyberthreat information with each other still allows the sharing of vast swaths of private communications, even after sponsors offered to make changes, critics said Tuesday http://www.secuobs.com/revue/news/370616.shtmlhttp://www.secuobs.com/revue/news/370616.shtml 2012-04-18 00:40:33 - Dark Reading All Stories : Pacific Northwest National Laboratory is building out and offering up a tool that drills down into the processes and apps employed by the bad guys http://www.secuobs.com/revue/news/370531.shtmlhttp://www.secuobs.com/revue/news/370531.shtml 2012-04-17 19:51:41 - Network World on Security : It was always thought that as Apple products increased in popularity, so would the target on its back placed by cybercriminals Always looking to take down the king of the hill, cybercriminals finally got to Apple's Macs last week with a botnet that attacked more than 600,000 machines http://www.secuobs.com/revue/news/370464.shtmlhttp://www.secuobs.com/revue/news/370464.shtml 2012-04-17 19:51:41 - Network World on Security : Hackers are ramping up their attacks against Tibetan activists and are using increasingly sophisticated techniques to deliver malware, according to researchers from security firms FireEye and Trend Micro http://www.secuobs.com/revue/news/370459.shtmlhttp://www.secuobs.com/revue/news/370459.shtml 2012-04-17 18:07:37 - threatpost The First Stop for Security News : A British teenager beleived to be the hacker TriCk, a founding member of TeaMp0isoN has reportedly been arrested after launching a denial of service attack against an anti-terrorism hotline in the UK read more http://www.secuobs.com/revue/news/370440.shtmlhttp://www.secuobs.com/revue/news/370440.shtml 2012-04-17 17:38:47 - Arbor Networks Arbor Networks : Chelmsford, Mass April 17, 2012 Arbor Networks, Inc, a leading provider of security and network management solutions for enterprise and service provider networks, is teaming up with CSO Magazine to present a webcast, DDoS Attacks and the Ostrich Mentality How to avoid having a large egg on your face when you are hit by a DDoS attack, tomorrow, April 18 at 2pm ET WHO Rakesh Shah, Director Product Marketing and Strategy, Arbor Networks Jim Malone, Executive Editorial Director of IDG s Custom Solutions Group WHAT DDoS Attacks and the Ostrich Mentality How to avoid having a large egg on your face when you are hit by a DDoS attack DDoS attacks on data center operations and services have become both highly sophisticated yet easy to perpetrate As a result, enterprises, hosting providers and cloud service providers are experiencing DDoS attacks on their data centers more frequently and with more severe business consequences than ever before As its name implies, DDoS attacks are an attack on service availability Their goal is to prevent the data center from functioning whether that is transacting ecommerce delivering email, voice, or DNS services providing Web access or offering other business-critical services The consequences can be enormous to the bottom line and the brand How much will it cost your business if data centers or services go down for an hour How about 24 hours This webinar will help attendees gain an understanding of today s availability threats, the complex nature of these attacks and how best to defend against them WHERE Register for the webcast here http wwwarbornetworkscom ddos-attacks-and-the-ostrich-mentalityhtml WHEN Wednesday, April 18, 2012 at 2 00pm ET About Arbor Networks Arbor Networks, Inc is a leading provider of network security and management solutions for enterprise and service provider networks Arbor's proven network security and management solutions help grow and protect customer networks, businesses and brands Through its unparalleled, privileged relationships with worldwide service providers and global network operators, Arbor provides unequalled insight into and perspective on Internet security and traffic trends via the ATLAS Active Threat Level Analysis System Representing a unique collaborative effort with 100 network operators across the globe, ATLAS enables the sharing of real-time security, traffic and routing information that informs numerous business decisions For technical insight into the latest security threats and Internet traffic trends, please visit our website at arbornetworkscom and our blog at http ddosarbornetworkscom Trademark Notice Arbor Networks, Peakflow, ArbOS, How Networks Grow, ATLAS, Pravail, Arbor Optima, Cloud Signaling, the Arbor Networks logo and Arbor Networks Smart Available Secure are all trademarks of Arbor Networks, Inc All other brand names may be trademarks of their respective owners http://www.secuobs.com/revue/news/370434.shtmlhttp://www.secuobs.com/revue/news/370434.shtml 2012-04-17 17:27:38 - LinuxSecurity.com Latest News : LinuxSecuritycom A new security tool developed by Department of Energy engineers is designed to give security and IT administrators the ability to more quickly identify and respond to an issue on the network http://www.secuobs.com/revue/news/370431.shtmlhttp://www.secuobs.com/revue/news/370431.shtml 2012-04-17 14:47:37 - Help Net Security News : Customer, student, employee and patient information is most at risk for cyber attacks today, and defending that data is a top concern for IT professionals this year, according to a survey published by http://www.secuobs.com/revue/news/370397.shtmlhttp://www.secuobs.com/revue/news/370397.shtml 2012-04-17 13:49:16 - Computer Security News : Mac computers have long been noted for their immunity to many PC viruses But just weeks after over 600,000 Mac users were hit with the Flashback trojan , a new computer virus is infecting Apple computers - this time, through Microsoft Office http://www.secuobs.com/revue/news/370387.shtmlhttp://www.secuobs.com/revue/news/370387.shtml 2012-04-17 11:00:28 - SecurityTube.Net : In this video, I will show you how to crack the C encrypt decrypt program, that I have created in a previous video, all the code will be available for download ringneckparrot c License creativecommonsorg licenses by-nc-sa 30 Contact Me Email ringneckparrot hotmailcom Facebook facebookcom ringneckparrot Twitter twittercom pp4rr0t SecurityTube securitytubenet user ringneckparrot Pastebin Code pastebincom u ringneckparrot IMAGE http://www.secuobs.com/revue/news/370365.shtmlhttp://www.secuobs.com/revue/news/370365.shtml 2012-04-17 00:45:14 - Security Bloggers Network : FirePOWER appliances exceed Sourcefire s previous industry record http://www.secuobs.com/revue/news/370312.shtmlhttp://www.secuobs.com/revue/news/370312.shtml 2012-04-16 21:43:47 - TrendLabs Malware Blog by Trend Micro : Days after Microsoft released six bulletins, we now have just spotted a number of Trojanized RTF files circulating in-the-wild The said files are exploiting CVE-2012-0158, which is included in MS12-027 That particular bulletin affects a number of Microsoft programs, particularly versions of MS Office, Visual FoxPro, Commerce Server, BizTalk Server, as well as SQL Server We spotted Post from TrendLabs Malware Blog - by Trend Micro CVE-2012-0158 Now Being Used in More Tibetan-Themed Targeted Attack Campaigns http://www.secuobs.com/revue/news/370280.shtmlhttp://www.secuobs.com/revue/news/370280.shtml 2012-04-16 19:57:28 - Security Bloggers Network : Our web honeypots picked up some increased scanning for the following Exploit-DB vulnerability o Joomla Component S5 Clan Roster Local File Inclusion Vulnerability Software com_s5clanroster Vendor http wwwshape5com Author AntiSecurity s4va Vrs-hCk NoGe OoN_BoY Paman zxvf Contact public at antisecurity dot org Home http antisecurityorg o Exploit http localhost path indexphp option com_s5clanroster view LFI http localhost path indexphp option com_s5clanroster controller LFI o PoC http localhost indexphp option com_s5clanroster view etc passwdpourcents00 http localhost indexphp option com_s5clanroster controller etc passwdpourcents00 o Greetz Angela Zhang stardustmemory aJe martfella pizzyroot Genex H312Y yooogy mousekill - noname matthews wishnusakti skulmatic OLiBekaS ulga Cungkee k1tk4t str0ke kaka11 o April 14 2010 - GMT 07 00 Jakarta, Indonesia Here are some examples of the attacks we saw 82165134221 http://www.secuobs.com/revue/news/370255.shtmlhttp://www.secuobs.com/revue/news/370255.shtml 2012-04-16 18:16:14 - Security Bloggers Network : Less than 2 weeks ago we reported the use of perfectly formatted AT T Wireless emails that included multiple links to malware infested sites These have now been followed up with similar emails but the carrier has switched to Verizon Wi http://www.secuobs.com/revue/news/370221.shtmlhttp://www.secuobs.com/revue/news/370221.shtml 2012-04-16 16:38:09 - Help Net Security News : Pro-Tibetan activists and organizations currently seem to be one of the most targeted groups when it comes to emails with malicious attachments, and the people behind the attacks are constantly devisi http://www.secuobs.com/revue/news/370192.shtmlhttp://www.secuobs.com/revue/news/370192.shtml 2012-04-16 15:28:49 - threatpost The First Stop for Security News : Researchers at Kaspersky Lab says a new malicious program, dubbed SabPub, exploits the same Java security hole as the Flashback Trojan and enables targeted attacks against Mac users read more http://www.secuobs.com/revue/news/370173.shtmlhttp://www.secuobs.com/revue/news/370173.shtml 2012-04-16 12:10:40 - The Tech Herald Security News : Over the weekend, Anonymous continued its long running DDoS campaign against various government agencies by attacking the CIA, MI6, and the U http://www.secuobs.com/revue/news/370145.shtmlhttp://www.secuobs.com/revue/news/370145.shtml 2012-04-16 10:42:44 - Help Net Security News : Here's an overview of some of last week's most interesting news, podcasts and articles Smart meters vulnerable to false data injection False data injection attacks exploit the configuration of http://www.secuobs.com/revue/news/370135.shtmlhttp://www.secuobs.com/revue/news/370135.shtml 2012-04-16 01:35:08 - SecViz Security Visualization : I recently posted some new video s to Tenable s Youtube channel about how to visualize network attack and exploit paths in 3D The videos are located on this playlist They make use of data from Tenable s Nessus and the Passive Vulnerability Scanner products to identify exploitable internet facing systems, exploitable internet browsing clients and exploitable clients that are trusted by servers There is also a blog post and white paper on this sort of 3D analysis on the Tenable blog http://www.secuobs.com/revue/news/370107.shtmlhttp://www.secuobs.com/revue/news/370107.shtml