http://www.secuobs.com Observatoire de la securite Internet fr webmaster@secuobs.com 2010-03-16 17:49:49 - Packet Storm Security Headlines : http://www.secuobs.com/revue/news/202247.shtmlhttp://www.secuobs.com/revue/news/202247.shtml 2010-03-16 17:12:13 - F Secure Antivirus Research Weblog : Over the years, we have multiple times posted examples of what kind of boopy-trapped document files have been used in targeted espionage attacks For example Targeted examples New set of bait files H1N1 Themed Targeted Attack Intelligence Sector Hit by a Targeted Attack Targeted Malware Attacks Against Pro-Tibet Groups On-going Targeted Attacks Against US Military Contractors However, we've rarely shown how these documents were delivered to the targeted, ie what the emails looked like For that kind of information, we can recommend you to visit a blog called Contagio Malware Dump This blog, run by Mila co analyses targeted attacks in detail, typically showing the original spoofed emails that started the attacks Some good examples below - some of them are quite convincing Would you have opened the PDFs contagio malware dump contagio malware dump contagio malware dump More at contagiodumpblogspotcom On 16 03 10 At 02 56 PM http://www.secuobs.com/revue/news/202217.shtmlhttp://www.secuobs.com/revue/news/202217.shtml 2010-03-16 14:51:30 - securitystream.info : Protection layer flunks independent tests The vast majority of consumer anti-virus products are still failing to block the Operation Aurora exploits used in the high profile attack against Google and other blue-chip firms last December, according to independent tests Related posts 1 MS knew of Aurora exploit four months before Google attacks 2 How Bad Was the Google Aurora Hack Attack Bad 3 EDITORIAL Google searches for help http://www.secuobs.com/revue/news/202172.shtmlhttp://www.secuobs.com/revue/news/202172.shtml 2010-03-16 08:37:45 - Infosecurity USA Latest News : The St Louis Metropolitan Police Department is investigating a cyber attack that may have compromised the information of 24 people http://www.secuobs.com/revue/news/202090.shtmlhttp://www.secuobs.com/revue/news/202090.shtml 2010-03-16 07:59:23 - Security Bloggers Network : Brian Krebs wrote another article about the rising number of E-Banking funds transfer fraud incidents where the Zeus trojan botnet is used to compromise end point systems The man-in-the-browser MITB exploit is a version of the classic man-in-the-middle MITM attack where the user's bank credentials are stolen without the user realizing it In fact, the Zeus trojan goes on to control what the user sees on his or her browser One is left to ask, is there is no inline defense against the Zeus trojan In other words, is there no end point anti-malware product that can successfully defend against morphing http://www.secuobs.com/revue/news/202081.shtmlhttp://www.secuobs.com/revue/news/202081.shtml 2010-03-16 07:55:24 - PenTestIT : During Penetration testing it can be seen that thick-clients sometimes communicate with a server whose IP address is hardcoded in to itThe HTTP communication between such client and server is harder to intercept and test Sniff-n-Snip is a very useful utility in such scenariosIt sniffs for HTTP packets from the client to server and forwards IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE http://www.secuobs.com/revue/news/202076.shtmlhttp://www.secuobs.com/revue/news/202076.shtml 2010-03-15 17:34:07 - Packet Storm Security Headlines : http://www.secuobs.com/revue/news/201738.shtmlhttp://www.secuobs.com/revue/news/201738.shtml 2010-03-15 14:59:13 - News : Ruckus Wireless aims to lower the cost of entry to enterprise IEEE 80211n Wi-Fi gear with a stepped-down line of access points it is introducing on Monday IMAGE http://www.secuobs.com/revue/news/201678.shtmlhttp://www.secuobs.com/revue/news/201678.shtml 2010-03-15 14:02:05 - SANS Internet Storm Center InfoCON green : Observant reader Roy caught an interesting exploit attempt against his SMTP server His review of th more http://www.secuobs.com/revue/news/201663.shtmlhttp://www.secuobs.com/revue/news/201663.shtml 2010-03-14 23:08:05 - securitystream.info : Canadian software experts are adding their knowledge to the multinational investigation into January's high-profile cyber attack against Google Related posts 1 Google investigates China staff over cyber attack 2 FBI Investigating Costly Cyber Attack On Citibank 3 Google cyber attack highlights threat of malware http://www.secuobs.com/revue/news/201535.shtmlhttp://www.secuobs.com/revue/news/201535.shtml 2010-03-14 10:31:35 - Network World on Security : The spat between Microsoft, Cryptome and PayPal has led to some PayPal users withdrawing their accounts http://www.secuobs.com/revue/news/201459.shtmlhttp://www.secuobs.com/revue/news/201459.shtml 2010-03-14 07:04:25 - Computer Security News : The St Louis police department reported Friday it has been the victim of a cyber attack http://www.secuobs.com/revue/news/201453.shtmlhttp://www.secuobs.com/revue/news/201453.shtml 2010-03-13 22:00:42 - Rootsecure.net : Invisible Things Independent Attack Discoveries http://www.secuobs.com/revue/news/201406.shtmlhttp://www.secuobs.com/revue/news/201406.shtml 2010-03-13 14:56:27 - Computer Security News : NATO and America's European allies are sounding the alarm over what they say are increased cyber attacks originating from China that are targeting key government and intelligence computers http://www.secuobs.com/revue/news/201357.shtmlhttp://www.secuobs.com/revue/news/201357.shtml 2010-03-13 11:27:41 - Network World on Security : A former Barclays Bank programmer who helped launder money for the mastermind behind the data thefts at TJX Companies Inc and other retailers, was sentenced to four years in prison by a federal court in Boston http://www.secuobs.com/revue/news/201331.shtmlhttp://www.secuobs.com/revue/news/201331.shtml 2010-03-13 06:38:50 - Computer Security News : A cyber attack targeting computers in the St Louis Police Department compromised the personal information of two dozen people http://www.secuobs.com/revue/news/201309.shtmlhttp://www.secuobs.com/revue/news/201309.shtml 2010-03-13 03:52:45 - Office of Inadequate Security : B Mayhall reports 24 people may have had their personal information compromised following the cyber attack of one computer in the St Louis Metropolitan Police Department, authorities said The attack came through an e-mail in February The department s website was not attacked in any way, according to police spokeswoman Erica Van Ross Read more in the St Louis http://www.secuobs.com/revue/news/201304.shtmlhttp://www.secuobs.com/revue/news/201304.shtml 2010-03-12 23:05:04 - Infosecurity USA Latest News : Researchers from web security firm Websense warned Facebook users earlier today to refrain from clicking on URLs posted on the pages of some famous celebrities or even people on their friend list as links to alleged videos were actually portals to malware infection http://www.secuobs.com/revue/news/201243.shtmlhttp://www.secuobs.com/revue/news/201243.shtml 2010-03-12 22:01:37 - Rootsecure.net : Network World Security industry faces attacks it cannot stop Tests find that most AV is still not blocking Aurora exploit http://www.secuobs.com/revue/news/201211.shtmlhttp://www.secuobs.com/revue/news/201211.shtml 2010-03-12 08:45:29 - ISN InfoSec News Mailing List : InfoSec News State Web site breach tied to foreign attacker http wwwdesmoinesregistercom article 20100311 NEWS10 3110351 -1 networking State-Web-site-breach-tied-to-foreign-attacker By William Petroski The Des Moines Register March 11, 2010 A hacking incident on an Iowa homeland security Web site last week has http://www.secuobs.com/revue/news/201024.shtmlhttp://www.secuobs.com/revue/news/201024.shtml 2010-03-12 08:11:33 - Information Security Resources : By Anthony M Freed, Director of Business Development, Infosec Island Network Infosec Island has once again gained exclusive access to a video demonstration of the XerXeS DoS attack recently developed by the infamous patriot-hacker known only as The Jester As noted in an analysis of DoS vulnerabilities by security consultant Michael Menefee, more than half of all the websites in the world use Apache, which means this exploit potentially poses a very serious problem should it ever be utilized by nefarious elements http://www.secuobs.com/revue/news/201019.shtmlhttp://www.secuobs.com/revue/news/201019.shtml 2010-03-12 02:24:53 - Security Bloggers Network : Computer crooks stole more than 200,000 from an auto body shop in Ohio last month in a brazen online robbery The attack is yet another example of how thieves are using malicious software to bypass bank security technologies that are often touted as strong deterrents to this type of fraud The latest victim is Clarke Collision http://www.secuobs.com/revue/news/200952.shtmlhttp://www.secuobs.com/revue/news/200952.shtml 2010-03-12 00:45:14 - Hack In The Box : At the RSA Conference in San Francisco last week, security vendors pitched their next-generation of security products, promising to protect customers from security threats in the cloud and on mobile devices But what went largely unsaid was that the industry has failed to protect paying customers from some of today's most pernicious threats The big news at the show had to do with the takedown of the Mairposa botnet -- a massive network of hacked computers that has infected half of the Fortune 100 companies So-called advanced persistent threat APT attacks, such as the one that compromised Google systems in early December, were another hot topic Both Mariposa and the Google attacks illustrate the same thing, however Despite billions of dollars in security spending, it's still surprisingly hard to keep corporate networks safe http://www.secuobs.com/revue/news/200915.shtmlhttp://www.secuobs.com/revue/news/200915.shtml 2010-03-11 23:05:41 - MX Logic Security News : As web security professionals attempt to take down Koobface, the cyber criminals that designed the malware strain have altered the virus to escape potential elimination, according the Register, a technology news website based in the UK Koobface spreads malware via phishing attacks on popular social networking sites like Twitter and Facebook Kaspersky researchers noticed reduced activity of the malware in recent weeks, leading them to believe its programmers are making the virus stronger as social networking sites try to neutralize the threat The changes are a sign that botnet gangs are not just putting their malware out there but managing it like sys admins, David Emm, senior technology consultant at Kaspersky Lab UK told the news provider Cybercriminals are constantly monitoring their infrastructure making sure the botnet is neither attracting too much attention nor running with too few command and control servers, which would risk them losing their control over the botnet, he continued USA Today reported last week that web security professionals struggled to control Koobface, but Twitter, the primary outlet for the malware's spread, announced on Wednesday that it had developed a new program to scan all links posted to the website ADNFCR-1765-ID-19664985-ADNFCR http://www.secuobs.com/revue/news/200863.shtmlhttp://www.secuobs.com/revue/news/200863.shtml 2010-03-11 18:27:36 - Help Net Security News : Adobe is having a hard time fighting its bad reputation when it comes to products riddled with vulnerabilities Adobe Reader exploits seem the weapon of choice of many a cyber criminal - as can be att http://www.secuobs.com/revue/news/200733.shtmlhttp://www.secuobs.com/revue/news/200733.shtml 2010-03-11 18:25:18 - McAfee Avert Labs : As we were working through URLs identified as suspicious due to our GTI technology, one of the URLs that presented itself was an average com site that loaded a php As we processed this it was interesting to see that this php actually reached out to download a file that ended with the string http://www.secuobs.com/revue/news/200730.shtmlhttp://www.secuobs.com/revue/news/200730.shtml 2010-03-11 01:40:19 - Hack In The Box : If you worry that your organization's applications are vulnerable to attack, then you're not alone, according to study results released yesterday In a survey at the RSA Conference 2010 in San Francisco last week, researchers from security vendor Fortify found that most security pros are stressed about potential attacks on their apps In fact, 73 percent of respondents thought the applications in their companies had vulnerabilities that hackers could exploit In fact, most agreed it would be ignorant to say they didn't Twenty-six percent said they either did not know the answer or did not want to disclose the information http://www.secuobs.com/revue/news/200484.shtmlhttp://www.secuobs.com/revue/news/200484.shtml 2010-03-11 00:55:28 - Zero Day : Malicious hackers have pounced on a newly patched Adobe PDF Reader vulnerability to plant Trojan downloaders on tardy Windows users IMAGE http://www.secuobs.com/revue/news/200470.shtmlhttp://www.secuobs.com/revue/news/200470.shtml 2010-03-11 00:38:55 - Computer Security News : The cyber attacks that targeted Google Inc were carried out by amateur-level botnets -- networks of computers commandeered by hackers -- according to US security company Damballa Inc http://www.secuobs.com/revue/news/200457.shtmlhttp://www.secuobs.com/revue/news/200457.shtml 2010-03-10 23:35:08 - News : The Chinese government is likely behind recent cyberattacks on US government Web sites and on US companies in an apparent effort to quash criticism of the government there, an expert on US and Chinese relations said Wednesday IMAGE http://www.secuobs.com/revue/news/200436.shtmlhttp://www.secuobs.com/revue/news/200436.shtml 2010-03-10 23:35:08 - News : Hackers are exploiting the just-disclosed unpatched bug in Internet Explorer IE to launch drive-by attacks from malicious Web sites, security researchers said today IMAGE http://www.secuobs.com/revue/news/200434.shtmlhttp://www.secuobs.com/revue/news/200434.shtml 2010-03-10 21:05:20 - Slashdot Your Rights Online : 52-year-old Anthony Digati was arrested for trying to extort 200,000 from an insurance firm by threatening to spam them with six million emails unless they paid up Digati said he would use a spam service and his amazing talents as a huge social networker to drag the company through the muddiest waters imaginable and presumably unfriend everyone He added that the price would increase to 3 million if they failed to pay up by Monday, according to federal authorities IMAGE IMAGE IMAGE Read more of this story at Slashdot IMAGE IMAGE IMAGE http://www.secuobs.com/revue/news/200383.shtmlhttp://www.secuobs.com/revue/news/200383.shtml 2010-03-10 20:24:34 - Computer Security News : Britain's security services are fending off daily attacks on UK computer systems by foreign states and terrorists, it was revealed today http://www.secuobs.com/revue/news/200362.shtmlhttp://www.secuobs.com/revue/news/200362.shtml 2010-03-10 19:33:46 - SANS Internet Storm Center InfoCON green : Yesterday Microsoft re-released KB973811 http wwwmicrosoft more http://www.secuobs.com/revue/news/200339.shtmlhttp://www.secuobs.com/revue/news/200339.shtml 2010-03-10 19:29:47 - Zero Day : If you're still tardy in applying security patches for the ever-present Adobe Reader software, this chart from F-Secure should jolt you into action IMAGE http://www.secuobs.com/revue/news/200338.shtmlhttp://www.secuobs.com/revue/news/200338.shtml 2010-03-10 17:55:59 - Neil MacDonald : After yesterday s patch Tuesday release, Microsoft also released this security bulletin affecting IE6 and IE7 but not IE8 Similar zero day attacks on IE6 made headlines earlier this year when Google and other organizations were attacked and intellectual property stolen With this latest zero-day, Microsoft reports that targeted attacks have been observed in the wild http://www.secuobs.com/revue/news/200279.shtmlhttp://www.secuobs.com/revue/news/200279.shtml 2010-03-10 17:38:56 - Infosecurity USA Latest News : Almost one in five participants at the RSA conference last week believe that their companies' security policies are being effectively enforced, according to figures released by data center fabric company Brocade That said, at least half of them seem to be unhappy with their companies' security technology solutions http://www.secuobs.com/revue/news/200273.shtmlhttp://www.secuobs.com/revue/news/200273.shtml 2010-03-10 16:58:55 - News : Increasing cyberattacks against the online bank accounts of small and mid-size businesses has prompted growing calls for improved online banking security IMAGE http://www.secuobs.com/revue/news/200244.shtmlhttp://www.secuobs.com/revue/news/200244.shtml 2010-03-10 15:31:58 - Computer Security News : Article Microsoft warns of new IE bug attacks under way g a 2010 03 09 urnidgns852573C400693880002576E1006A4E53DTL Article Microsoft warns of new IE bug attacks under way g a 2010 03 09 urnidgns852573C400693880002576E1006A4E53DTL 11 27 PST -- Microsoft today warned of a critical vulnerability in Internet Explorer that is already being http://www.secuobs.com/revue/news/200214.shtmlhttp://www.secuobs.com/revue/news/200214.shtml 2010-03-10 14:45:19 - Help Net Security News : Trend Micro has seen a recent rise in average of around 300 unique ZeuS samples per day, according to a recent threat report that examines the Eastern European criminal enterprise behind one of the wo http://www.secuobs.com/revue/news/200201.shtmlhttp://www.secuobs.com/revue/news/200201.shtml 2010-03-10 13:28:36 - Help Net Security News : Barracuda Labs released its annual report for 2009, in which they highlight the shifts in Internet user behavior and the resulting attacker trends Twitter Throughout 2009, Twitter experienced a n http://www.secuobs.com/revue/news/200188.shtmlhttp://www.secuobs.com/revue/news/200188.shtml 2010-03-10 09:04:36 - Rootsecure.net : ZDNet Blog New Microsoft IE zero-day flaw under attack http://www.secuobs.com/revue/news/200141.shtmlhttp://www.secuobs.com/revue/news/200141.shtml 2010-03-10 04:12:49 - securitystream.info : Trend Micro has seen a recent rise in average of around 300 unique ZeuS samples per day, according to a recent threat report that examines the Eastern European criminal enterprise behind one of the world's most prolific crimeware kits designed for wholesale monetary theft Related posts 1 Trend Micro Switches to Paid Security Services for the PSP R PlayStation R Portable System 2 Trend Micro s Negi Discusses Results, Business Strategy Video 3 Oil companies hit by state cyber attacks, says report http://www.secuobs.com/revue/news/200100.shtmlhttp://www.secuobs.com/revue/news/200100.shtml 2010-03-10 03:52:30 - McAfee Avert Labs : Earlier today, Microsoft released Security Advisory 981374 This advisory covers CVE-2010-0806, an unpatched vulnerability affecting Internet Explorer versions 6 and 7 This attack appears to be rather targeted at the moment, but as with other unpatched vulnerabilities in the past, this has the potential to explode now that the word is getting out McAfee Labs is http://www.secuobs.com/revue/news/200092.shtmlhttp://www.secuobs.com/revue/news/200092.shtml 2010-03-10 02:57:38 - Latest Blog Entries From Websense Security Labs : Nowadays it is not surprising when people's blogs are attacked, especially when the blog owner is a well-known person No matter how frustrated or disappointed the bloggers are, attacks still continue If you search my blog was hacked on Google, you get 4,230,000 results searching my blog was hacked again returns 2,380,000 matches, and the number keeps increasing daily What we can see from the these rough stats Apparently nearly 44pourcents of attacked blogs are lucky and aren't attacked again, but over 56pourcents of attacked blogs repeat the previous nightmare http://www.secuobs.com/revue/news/200083.shtmlhttp://www.secuobs.com/revue/news/200083.shtml 2010-03-10 02:29:41 - Computer Security News : Trend Micro has seen a recent rise in average of around 300 unique ZeuS samples per day, according to a recent threat report that examines the Eastern European criminal enterprise behind one of the world's most prolific crimeware kits designed for wholesale monetary theft http://www.secuobs.com/revue/news/200070.shtmlhttp://www.secuobs.com/revue/news/200070.shtml 2010-03-09 23:28:57 - Help Net Security News : Rapidly approaching the point when retaliation against countries suspected of launching cyber attacks and engaging in cyber espionage will be ordered, the UK Government's security and counter-terroris http://www.secuobs.com/revue/news/199957.shtmlhttp://www.secuobs.com/revue/news/199957.shtml 2010-03-09 22:31:40 - securitystream.info : IE 6 and 7 users targeted Online thugs are exploiting a security bug in earlier versions of Internet Explorer that allows them to remotely execute malicious code, Microsoft warned on Tuesday What is your recession sales strategy Related posts 1 Researcher spies new Adobe code execution bug 2 Microsoft warns of IE exploit code in the wild 3 Adobe squishes code execution bug in download manager http://www.secuobs.com/revue/news/199932.shtmlhttp://www.secuobs.com/revue/news/199932.shtml 2010-03-09 22:31:40 - securitystream.info : A zero-day unpatched vulnerability in Microsoft s Internet Explorer vulnerability is being exploited in the wild, the company warned in an advisory issued today On the same day it issued software fixes as part of its Patch Tuesday schedule, Microsoft released a pre-patch advisory to warn of the risk of remote code execution attacks against users of IE 6 and IE 7 Shorten URL http threatpostcom en_us 3tE Click to copy to clipboard or post to Twitter ZeroClipboardsetMoviePath 'http threatpostcom sites all modules threatpost_tweaks ZeroClipboardswf' var clip new ZeroClipboardClient clipsetHandCursor true clipsetText 'http threatpostcom en_us 3tE' clipglue 'short_url_link' , 'short_url_cont' Related posts 1 Microsoft Warns of New IE Code Execution Flaw 2 Microsoft Emergency IE Patch Coming 3 Microsoft Confirms New IE Data Leakage Flaw http://www.secuobs.com/revue/news/199931.shtmlhttp://www.secuobs.com/revue/news/199931.shtml 2010-03-09 22:10:22 - Zero Day : A zero-day unpatched vulnerability in Microsoft's Internet Explorer vulnerability is being exploited in the wild IMAGE http://www.secuobs.com/revue/news/199925.shtmlhttp://www.secuobs.com/revue/news/199925.shtml 2010-03-09 22:08:32 - Security Bloggers Network : I understand that we re now living in a world in which everyone feels like they deserve their 15 minutes of fame, but I found the way that unwitting journalists managed to get it for security researchers Andrea Pellegrini, Valeria Bertacco http://www.secuobs.com/revue/news/199918.shtmlhttp://www.secuobs.com/revue/news/199918.shtml 2010-03-09 18:10:42 - The Honeynet Project : Folks, its a frosty Tuesday morning in Seattle and the deadline for submissions to the forensic challenge 2010 2 browsers under attack has passed We received a total of 34 for submissions from folks all over the world Nicolas from the Singapore chapter will be judging the submissions in the next few days We will announce the top three winners on Monday, 22nd of March 2010 Alongside, we will post their submissions as well as our sample solution Since we were using a web form for this challenge, we will not acknowledge receipt of each submission If you are unsure whether submission was successful, please email forensicchallenge2010 honeynetorg and we can check the submission database Also, if you have any suggestions on how to improve the forensic challenge, please let us know Christian Seifert Chief Communications Officer The Honeynet Project PS Forensic Challenge 2010 3 is currently being prepared In this challenge, a memory dump needs to be analyzedso a bit different from our past couple of challenges that focus on network tracesI hope to see many submissions on it We expect to post it Tuesday, 23rd of March 2010 read more http://www.secuobs.com/revue/news/199813.shtmlhttp://www.secuobs.com/revue/news/199813.shtml 2010-03-09 18:09:14 - F Secure Antivirus Research Weblog : Microsoft schedules its security updates on the second Tuesday of the month Adobe recently began following this schedule as well, and while there are no Adobe updates today, there was an out-of-cycle security update two weeks ago That update should now be applied if you haven't already done so Why Because we're now seeing the vulnerability CVE-2010-0188 being exploited in targeted attacks Microsoft also Our sample was submitted by a European financial organization and the file name includes a reference to the G20 The exploit drops a downloader and attempts to make a connection to tiantianninthbiz We detect this attack as Exploit W32 PDFExploitG It doesn't surprise us to see this Adobe Reader vulnerability utilized so quickly Looking through our sample management system, we see a growing number of targeted attack files There were 1968 files in 2008 The number was 2195 during the year 2009 That isn't a very large increase in the overall total from 2008 to 2009 but we did see a greater percentage targeting Adobe And how about the first two months of 2010 Well, so far the number is 895, which will more than double last year's number if the current pace continues The percentage targeting Adobe Reader continues to rise Here's a graph with a breakdown of the most common attack vectors used in targeted attacks Targeted attacks 2008, 2009, 2010 Jan Feb On 09 03 10 At 03 30 PM http://www.secuobs.com/revue/news/199808.shtmlhttp://www.secuobs.com/revue/news/199808.shtml 2010-03-09 16:28:56 - Security Bloggers Network : In comments justifying a requested 15 million operating budget increase for fiscal 2011, the Senate Sergeant-at-Arms stressed the need to improve computer security in the face of an extraordinary rise in security events, which reported went from 8 m http://www.secuobs.com/revue/news/199755.shtmlhttp://www.secuobs.com/revue/news/199755.shtml 2010-03-09 12:08:03 - Computer Security News : On the face of it, research by Damballa appears to support Beijing's claims If the security hole in Internet Explorer was the smoking gun of the attacks, what Ollmann and his researchers looked at was the occupants and driver of the getaway van, he said http://www.secuobs.com/revue/news/199699.shtmlhttp://www.secuobs.com/revue/news/199699.shtml 2010-03-09 10:53:57 - Rootsecure.net : The Register Ubisoft undone by anti-DRM DDoS storm Ubisoft has confirmed its rights management servers were hit by a fierce DDoS attack over the weekend that left some customers unable to play its games for much of Sunday http://www.secuobs.com/revue/news/199681.shtmlhttp://www.secuobs.com/revue/news/199681.shtml 2010-03-09 10:53:57 - Rootsecure.net : H Security ZigBee - attack of the killer bees open source collection of Linux tools intended for testing the security of ZigBee networks http://www.secuobs.com/revue/news/199676.shtmlhttp://www.secuobs.com/revue/news/199676.shtml 2010-03-09 07:58:38 - Computer Security News : Sign in or join Seeking Alpha Cyber attacks against Google have recently been in the news http://www.secuobs.com/revue/news/199662.shtmlhttp://www.secuobs.com/revue/news/199662.shtml 2010-03-09 04:57:20 - Information Security Resources : From the Infosec Island Network The work of protecting information is becoming more difficult with time The recently discovered attacks on Google, Adobe, Marathon Oil, ExxonMobil, and ConocoPhillips illustrate an alarming trend The attacks even gave rise to a new attack model, the Advanced Persistent Threat APT http://www.secuobs.com/revue/news/199638.shtmlhttp://www.secuobs.com/revue/news/199638.shtml 2010-03-09 03:26:53 - Hack In The Box : The Government's security chief has issued a thinly veiled threat to state sponsors of cyber terrorism that the country could only stand by for so long before retaliating Lord West of Spithead, the parliamentary under-secretary for security and counter-terrorism, told The Observer yesterday that the UK had been the target for 300 significant attacks on core government networks over the past year, and said such attacks were only like to increase in scope and frequency He added that many of these daily attacks were clearly the work of foreign states, but the nature of the attacks made it difficult to acquire concrete proof â There is no doubt that some state actors have sucked out huge amounts of intellectual copyright, designs to whole aero engines, things that have taken years and years of development,â West said â The moment you mention a particular state, they will deny it The problem with cyberspace is that attribution is extremely difficult It's almost impossible to do it in terms of evidence that would be necessary in a court of lawâ http://www.secuobs.com/revue/news/199594.shtmlhttp://www.secuobs.com/revue/news/199594.shtml 2010-03-09 03:26:53 - Hack In The Box : Social networking sites such as Facebook, LinkedIn, and Xing have been reporting exponential growth rates These sites have millions of registered users, and they are interesting from a security and privacy point of view because they store large amounts of sensitive personal user data In this paper, we introduce a novel de-anonymization attack that exploits group membership information that is available on social networking sites More precisely, we show that information about the group memberships of a user ie, the groups of a social network to which a user belongs is often sufficient to uniquely identify this user, or, at least, to significantly reduce the set of possible candidates To determine the group membership of a user, we leverage well-known web browser history stealing attacks Thus, whenever a social network user visits a malicious website, this website can launch our de-anonymization attack and learn the identity of its visitors http://www.secuobs.com/revue/news/199580.shtmlhttp://www.secuobs.com/revue/news/199580.shtml 2010-03-09 01:35:35 - MX Logic Security News : The social networking accounts of 356 global brands were phished by cyber criminals in the second half of 2009, according to the Anti-Phishing Working Group The number rose 44 percent from the same point in 2008, when 341 large organizations reported their account information was stolen Phishing an increasingly easy way for cyber criminals to gain access information and breach web security Social media sites like LinkedIn often provide detailed company directories, which are used to send targeted phishing attacks The number of unique phishing websites remained between 45,000 and 46,500 in 2009 Once, only the largest banks were targeted Now, every kind of enterprise from banks and credit unions of all sizes to charities to, in a recent case, a hardware manufacturer, are now seeing their brands exploited in all manner of fraud schemes, said Peter Cassidy, secretary general of the International Trade Association Twitter has become an especially viable medium for phishing attacks USA Today reported in February that cyber criminals utilized phishing attacks exploit the goodwill of people looking to donate to the Haitian earthquake relief effortADNFCR-1765-ID-19657252-ADNFCR http://www.secuobs.com/revue/news/199557.shtmlhttp://www.secuobs.com/revue/news/199557.shtml 2010-03-08 22:02:44 - securitystream.info : The Anti-Phishing Working Group APWG released its Q4, 2009 Phishing Activity Trends Report, which reveals that eCrime syndicates are expanding the base of brands they exploit for online fraud far beyond major financial institutions and online merchants, with the number of hijacked brands reaching a record 356 in October, up nearly 44 percent from the previous record of 341 in August 2009 Read the full article Help Net Security Shorten URL http threatpostcom en_us 3eG Click to copy to clipboard or post to Twitter ZeroClipboardsetMoviePath 'http threatpostcom sites all modules threatpost_tweaks ZeroClipboardswf' var clip new ZeroClipboardClient clipsetHandCursor true clipsetText 'http threatpostcom en_us 3eG' clipglue 'short_url_link' , 'short_url_cont' Related posts 1 Anti-Phishing Group Over 10 Mil Systems Infected 2 Over 50pourcents of Malware Are Phishing Attacks 3 IRS Phishing Scam Targets Corporations http://www.secuobs.com/revue/news/199461.shtmlhttp://www.secuobs.com/revue/news/199461.shtml 2010-03-08 21:57:48 - root labs rdist : A new paper, Fault-Based Attack of RSA Authentication pdf by Pellegrini et al, is making the rounds The general idea is that an attacker can disrupt an RSA private key operation to cause an invalid signature to be returned, then use that result to extract the private key If you re new to fault injection attacks http://www.secuobs.com/revue/news/199460.shtmlhttp://www.secuobs.com/revue/news/199460.shtml 2010-03-08 17:06:51 - Graham Cluley's blog : Suspicions are being raised that disgruntled online games players were behind an attack which bombarded a Ubisoft server with traffic over the weekend, effectively bringing game-playing to a standstill Video games publisher Ubisoft tweeted an apology to fans of Assassin's Creed II and Silent Hunter 5, after many PC gamers were left unable to play yesterday http://www.secuobs.com/revue/news/199365.shtmlhttp://www.secuobs.com/revue/news/199365.shtml 2010-03-08 14:56:27 - Sophos security news : Movie-lovers at risk of infection from fake anti-virus traps http://www.secuobs.com/revue/news/199332.shtmlhttp://www.secuobs.com/revue/news/199332.shtml 2010-03-08 14:34:59 - Computer Security News : 8 March 2010 - At the RSA conference, Symantec Corp announced its latest messaging security platforms, Symantec Brightmail Gateway 90 and Symantec Brightmail Gateway 90 Small Business Edition http://www.secuobs.com/revue/news/199327.shtmlhttp://www.secuobs.com/revue/news/199327.shtml 2010-03-08 07:34:57 - PenTestIT : Yesterday we talked about firefox extensions add to that list Heres one more Fireforce is a Firefox extension designed to make attacks like brute force on forms sent by GET or POST It is possible to use dictionaries and then generate passwords based on several types of characters The attack can be done simultaneously on 2 IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE http://www.secuobs.com/revue/news/199256.shtmlhttp://www.secuobs.com/revue/news/199256.shtml 2010-03-08 00:59:59 - Computer Security News : Xocalinet web-site, containing archive of documents in relation to the issue of Khojaly, was attacked early on March 2 When the site administrators started investigating who is attacking their network, they found out Baku's IP-address 811790144 of the Bakinternet Network http://www.secuobs.com/revue/news/199210.shtmlhttp://www.secuobs.com/revue/news/199210.shtml 2010-03-08 00:49:06 - Hack In The Box : Recent Internet attacks from China against Google and other US companies will more than double this year if the pace during the first two months continues, a security expert says This type of attack has been increasing over the past two years, with F-Secure spotting 1,968 such examples in 2008, 2,195 in 2009 and 895 so far this year, said Mikko Hypponen, chief research officer for F-Secure, who during RSA Conference held a private briefing on the attacks Unlike other malware attacks, these are fashioned for specific targets and are used only once In these cases, you are the only organizations in the world to get hit and no one else, and the attacker has done his homework, Hypponen said http://www.secuobs.com/revue/news/199190.shtmlhttp://www.secuobs.com/revue/news/199190.shtml 2010-03-08 00:25:39 - myf00 : For a month that I have been tracking down the requests that are made to my site, looking at the logs I was able to find fourteen attack attempts The attempts originated from the following IP addresses 41204218 5815099 210116103 The requests made in the attempts were crafted to test for remote file inclusions contrib yabbse pocphp poc_root_path http kr eco-max gboard lib id1txt include adminlibincphp site_path http coza content_old themes atxt The two files, atxt and id1txt, http://www.secuobs.com/revue/news/199187.shtmlhttp://www.secuobs.com/revue/news/199187.shtml 2010-03-07 16:41:38 - MX Logic Security News : Former United States government officials staged a massive attack on cell phone networks, internet service providers and the power grid to test the potential response of the country to such an attack The attack, called Cyber Shockwave by the bipartisan committee, which believes that the US is working toward complete preparedness for such an attack However, steps still need to made and further precautions taken to ensure national safety Several former government officials took part in the simulation including former Secretary of Homeland Security Michael Chertoff, who acted as National Security Advisor for the exercise, and Charles Wald, a retired general acting as Secretary of Defense I think the scenario we saw today is believable I think we're preparing for it I don't think we're as prepared as we should be, Wald told the Associated Press The goal of the event was to highlight vulnerabilities within policy should an event ever occur The US government has procedures in place to respond physical national disasters and attacks, but Matthew Stern, former head of US Army's protected networks believes the government needs to develop plans for a cyber disasterADNFCR-1765-ID-19635381-ADNFCR http://www.secuobs.com/revue/news/199137.shtmlhttp://www.secuobs.com/revue/news/199137.shtml 2010-03-07 16:41:38 - MX Logic Security News : A unique tool developed to prevent the spread of malware from social networking websites has been recommended Processorcom, a web and network security news provider The program, called PhishMe, is designed to simulate a spear-phishing attack, which are carried out by cyber criminals to trick social networking users into downloading dangerous programs on their computers If an employee clicks the link and downloads the program, PhishMe tells them what they did wrong and how it can affect their company's network Most companies have measures in place to prevent transmission of malware from older media such as email and links However, precautions taken against web 20-based sites like Facebook and Twitter is lagging There is a lot out there, and it's always changing Only when a company understands its specific information assets and risks, likely attackers, and potential for loss can it prioritize the effort and expense required to address vulnerabilities from social networks, according to Processorcom The Independent reported earlier this month that among the scams currently making their way through Twitter and Facebook, the most alarming recent trend has been the presence of cash scamsADNFCR-1765-ID-19638677-ADNFCR http://www.secuobs.com/revue/news/199125.shtmlhttp://www.secuobs.com/revue/news/199125.shtml 2010-03-07 07:27:44 - SecurityTube.Net : Attacking and Defending WPA Enterprise Networks Video Tutorial IMAGE http://www.secuobs.com/revue/news/199077.shtmlhttp://www.secuobs.com/revue/news/199077.shtml 2010-03-06 21:33:30 - Computer Security News : In an announcement that made big news last month , Google said that it and numerA A ous other companies had been hit by successful hacker attacks http://www.secuobs.com/revue/news/199022.shtmlhttp://www.secuobs.com/revue/news/199022.shtml 2010-03-06 21:27:31 - Security Aegis : Bruting web forms usually is part of a web app assessment We love to use Hydra or Medusa for this but we recently stumbled across a tool that makes it much easier It's called Fireforce It's a Firefox extension that gives you point and click bruting We ran it in our labs with about a 74pourcents http://www.secuobs.com/revue/news/199021.shtmlhttp://www.secuobs.com/revue/news/199021.shtml 2010-03-06 16:50:51 - SophosLabs blog : On Friday evening I was talking to a North American customer who had been fighting with infections caused by SEO poisoning They mentioned a particular search term that could generate new samples of FakeAVs The funny thing was that the website hacked by the SEO poisoner was a blog of someone trying to promote legitimate http://www.secuobs.com/revue/news/198983.shtmlhttp://www.secuobs.com/revue/news/198983.shtml 2010-03-06 14:46:48 - Security Bloggers Network : The eSoft Threat Prevention Team is warning customers today of a new email scam circulating very quickly These fraudulent emails claim to be from Google Staffing, Hallmark, Twitter as well as other social networks and legitimate businesses The email persuades the user to open the attached zip file to find out more information Users that follow through and open the file infect their own system and become part of the threat The very legitimate looking email below is just one example of the scam The email uses the actual Google logo downloaded directly from their website and easily hooks you into opening the attached file to find out more IMAGE In this case, the downloader infected the system with a bot which immediately begins spewing thousands more of infected emails including fake e-cards from Hallmark, and invitations from social networks like Twitter and Hi5 The Twitter email is also very well crafted to make the user believe they were invited by a friend and is legitimately from Twitter The from address is spoofed to invitations twittercom with a subject Your friend invited you to Twitter The body of the message begs the user to open the attached file - To join or see who invited you check the attachment Using this clever social engineering tactic the scammers are able to peak interest in finding out who may have sent them the message The user is tricked into opening the attachment and infecting their system As always, be very cautious opening any attachments and especially cautious when they are unexpected When in doubt verify with the sender or do not open them IMAGE IMAGE IMAGE IMAGE IMAGE http://www.secuobs.com/revue/news/198965.shtmlhttp://www.secuobs.com/revue/news/198965.shtml 2010-03-06 14:01:13 - Security Shell : Fireforce is a Firefox extension designed to perform brute-force attacks on GET and POST forms Fireforce can use dictionaries or generate passwords based on several character types Attacks can be performed on two separate fields using two distinct password sources Download Fireforce and Documentation http://www.secuobs.com/revue/news/198957.shtmlhttp://www.secuobs.com/revue/news/198957.shtml 2010-03-06 12:08:30 - Network World on Security : Fear, uncertainty and doubt is an integral part of the security industry Vendors sell FUD, the media loves reporting it, and trade shows thrive on it http://www.secuobs.com/revue/news/198947.shtmlhttp://www.secuobs.com/revue/news/198947.shtml 2010-03-06 03:51:28 - Computer Security News : Congress and other government agencies are under a cyber attack an average of 18 billion times a month, a number that has been growing exponentially since President Barack Obama took office http://www.secuobs.com/revue/news/198867.shtmlhttp://www.secuobs.com/revue/news/198867.shtml 2010-03-06 01:03:08 - Wired Danger Room : Forget the Oscars, the event I want an invitation to is the Army s annual mad scientists ball That s right, the Army actually holds an an annual conference formally titled the Mad Scientist Future Technology Seminar that brings together scientists, science fiction writers, futurists, academics and members of the government and the private sector http://www.secuobs.com/revue/news/198852.shtmlhttp://www.secuobs.com/revue/news/198852.shtml 2010-03-05 22:28:25 - Rootsecure.net : H Security Hardware attack on RSA implementation Researchers at the University of Michigan have succeeded in accessing the private RSA key used by an embedded processor by manipulating the power supply to the processor http://www.secuobs.com/revue/news/198788.shtmlhttp://www.secuobs.com/revue/news/198788.shtml 2010-03-05 19:46:23 - 1 Raindrop : At RSA conference this week, I gave two talks on building a margin of safety into your software In various conversations during the week at least 25 different people brought up to me unprompted that they just used SSL for security on their web services Chris Walsh immediately picked up on the preposition that says it all - security on your web services instead of course security in your web services Of the legions of vendors on display, I could http://www.secuobs.com/revue/news/198742.shtmlhttp://www.secuobs.com/revue/news/198742.shtml 2010-03-05 17:58:28 - Security Shell : For any computing system to be secure,both hardware and software have to be trusted If the hardware layer in a secure system is compromised,not only it would be possible to extract secret information about the software,but it would also be extremely hard for the software to detect that an attack is underwayIn this work we detail a complete end-to-end fault-attack on a microprocessor system and practically demonstrate how hardware vulnerabilities can be exploited to target secure systems We developed a theoretical attack to the RSA signature algorithm, and we realized it in practice against an FPGA implementation of the system under attackTo perpetrate the attack, we inject transient faults in the target machine by regulating the voltage supply of the systemThus,our attack does not require access to the victim system s internal components,but simply proximity to it Download PDF http://www.secuobs.com/revue/news/198707.shtmlhttp://www.secuobs.com/revue/news/198707.shtml 2010-03-05 15:08:36 - Crabbyolbastard Ruminates : The AFCOM association, whose members include 4,500 administrators from 3,900 data centers around the world surveyed 436 data center sites last year Some of the findings of the survey indicated that cyberterrorism is an increasing concern, mainframe deployment is on the decline, storage deployment is on the rise, and green technologies are definitely http://www.secuobs.com/revue/news/198656.shtmlhttp://www.secuobs.com/revue/news/198656.shtml 2010-03-05 12:17:14 - Reverse Engineering : submitted by sanitybit link 1 comment http://www.secuobs.com/revue/news/198630.shtmlhttp://www.secuobs.com/revue/news/198630.shtml 2010-03-05 12:02:46 - Roger Halbheer on Security : Body There has been a lot of discussions in different blogs on the attacks on IIS servers Microsoft Security Response Center has publised a post on it Questions about Web Server Attacks Roger Category Incidents Microsoft ProductsPublished 29042008 22 00 http://www.secuobs.com/revue/news/198601.shtmlhttp://www.secuobs.com/revue/news/198601.shtml 2010-03-05 12:02:46 - Roger Halbheer on Security : Body We all remember the cyber-attacks on Estonia last April A lot of people are interested what really was going on during these attacks You find a lot of sites looking into the technical analysis of the attack which could be more or less speculation What I found recently and just had time to read today on a plane is more a political analysis of what was going on, putting it in the proper historical context and giving some ideas on what is needed and how you could and should look at critical infrastructure protection Here are some quotes from the paper Though the Estonian CERT was able, to a degree, to mitigate the impact of the attacks, due to its ad hoc, unofficial status, it lacked the authority to enforce its recommendations on all parties involved The technological systems in place to trace the sources of the cyber attack and those involved provide insufficient and unreliable information Preventing disruptions from accidents or attacks, however, is not enough In today's world, Internet security demands a robust response capability that can utilize defensive measures to ensure cyber, as well as civilian, order And here are some conclusions As the world becomes increasingly dependent on the Internet, coordinating effective global responses to cyber attacks is critical for national security However, international legal mechanisms and law enforcement authorities are hardpressed to keep pace with the complexities of cyber-crime While some politicians today often do not even recognize that the threat is plausible, denying its existence altogether, others willingly choose to neglect it Legal standards for the provable damages of cyber-crime need to be reformed since they inherently differ from physical damage Different national law enforcement agencies and operations should collaborate and establish a common framework that will help trace recent developments involving Internet security in a significantly faster fashion, as current measures have completely failed to cope Looking at the attacks and the conclusions in the paper, I am more than ever convinced of different facts I am fighting for since quite some time Critical Infrastructure Protection is a collaboration effort between the public and the private sector None of them can do it alone In the case of an incident, we need a strong and trusted central body to coordinate the response Information sharing and exchange not only during attacks but during peace time as well is crucial The Internet is part of the critical infrastructure of a country If you want to read the paper, there you go Battling Botnets and Online Mobs - Estonia's Defense Efforts during the Internet War Roger Category Terrorism Cybercrime Critical Infrastructure Protection Law Enforcement Processes SecurityPublished 21052008 18 22 http://www.secuobs.com/revue/news/198581.shtmlhttp://www.secuobs.com/revue/news/198581.shtml 2010-03-05 12:02:46 - Roger Halbheer on Security : Body Well, there was quite some chatter over the last few weeks with regards to the massive defacements we saw based on SQL Injection Attacks So, what was really new Close to nothing Well, this is not completely true The new thing we have seen with these attacks is automation however a lot of people did not really start with this at the beginning Just as an example, The Washington Post published an article called Hundreds of Thousands of Microsoft Web Servers Hacked and said Hundreds of thousands of Web sites have been hacked recently and seeded with code that tries to exploit security flaws in Microsoft Windows to install malicious software on visitors' machines Whereas the first part was true just giving a wrong impression the content in the article was definitely wrong as it was and still is no Windows or IIS vulnerability but just bad programming What we see are tools that use Google to find web application with potential SQL Injection vulnerabilities and then try to attack them From there on, they are trying to use the SQL Injection flaw to exploit vulnerabilities in Flash or other software So, what can you do about it Understand the current threat and read SQL Injection Attacks on IIS Web Servers on our IIS Blog and Questions about Web Server Attacks on the Microsoft Security Response Center Blog Once you have done that I think if you are not already you should familiarize yourself with these kind of attacks and there are some very good resources and engineer at Microsoft compiled for you General Guidance on SQL Injection Giving SQL Injection the Respect it Deserves from Michael Howard SQL Injection Mitigation Using Parameterized Queries from Neil Carpenter Incident Response with focus on SQL Injection Anatomy of a SQL Injection Incident from Neil Carpenter Anatomy of a SQL Injection Incident, Part 2 Meat Neil again And last but not least some MSDN guidance Explained SQL Injection SQL Injection How To Protect From SQL Injection in ASPNET Roger Category Incidents Processes Technology TrendsPublished 30052008 09 40 http://www.secuobs.com/revue/news/198571.shtmlhttp://www.secuobs.com/revue/news/198571.shtml 2010-03-05 12:02:46 - Roger Halbheer on Security : Body We just published yesterday two new pieces of guidance for the latest SQL Injection attacks, which I want to make sure you saw it Preventing SQL Injections in ASP SQL Injection Attack which is a great piece of work pulling the different views of the latest attacks together Roger Category Incidents TechnologyPublished 31052008 11 23 http://www.secuobs.com/revue/news/198569.shtmlhttp://www.secuobs.com/revue/news/198569.shtml 2010-03-05 12:02:46 - Roger Halbheer on Security : Body I guess you read it as it was pretty wide-spread in the press in the last few days On the Insecurity of Microsoft's Identity Metasystem CardSpace Well, is there any official Microsoft reaction to it No, not yet and if you look a little bit more in depth into it, I doubt that there will be Why Because the whole setup is ridiculous at least in my opinion To cut it short If you ignore all the warnings of the OS and pull down all the protection shields we built into Windows Vista, then it is possible to attack Cardspace This is true Is it making me nervous Not really There are mainly two things that you have to do to make the attack successful before you can steal the Cardspace token Spoof DNS and compromise the Root Cetificate Store Hmm, we all know that attacking a DNS could be possible even though they do not include it into their presentation you need the help of the user as well in order to get a certificate in the Trusted Root store or trick a Certificate Provider into issuing a cert to you for a website you do not own They failed to show in their proof of concept how they bring a root cert into the store without having serious support from the user Is this a Cardspace vulnerability I let you decide it Kim Cameron posted twice now on this claimed vulnerability Students enlist readers' assistance in CardSpace breach How to set up your computer so people can attack it You know that we take vulnerabilities in our software serious But what these students have done publically now is with all due respect for their work irresponsible It might be cool for them to blame Microsoft and show vulnerabilities in our software but if you do it, please make sure that you at least make the bar of a vulnerability without needing the in-depth help of the user Roger Category Incidents Microsoft Products Technology SecurityPublished 02062008 09 38 http://www.secuobs.com/revue/news/198568.shtmlhttp://www.secuobs.com/revue/news/198568.shtml 2010-03-05 12:02:46 - Roger Halbheer on Security : Body I just wanted to make sure that you have seen the Advisory Rise in SQL Injection Attacks Exploiting Unverified User Data Input where we added some additional information This is especially important as we did not only publish guidance but tools as well Detection HP Scrawlr a free scanner from HP Defense UrlScan version 30 Beta Identifying Microsoft Source Code Analyzer for SQL Injection Definitely tools worth looking at if you are running public applications Roger Category Incidents Processes SecurityPublished 24062008 22 38 http://www.secuobs.com/revue/news/198556.shtmlhttp://www.secuobs.com/revue/news/198556.shtml 2010-03-05 12:02:46 - Roger Halbheer on Security : Body Yes, I am back I was on vacation and therefore did not take the time to blog Just briefly IBM published a pretty good article on the latest DNS attacks You can read it here Responding to the DNS vulnerability and attacks Roger Category IncidentsPublished 05082008 11 41 http://www.secuobs.com/revue/news/198548.shtmlhttp://www.secuobs.com/revue/news/198548.shtml 2010-03-05 12:02:46 - Roger Halbheer on Security : As we were pushing on our Out-of-Band release earlier this month we tried to make you understand that immediate deployment is needed as the vulnerability is high risk Otherwise we would not have gone out of band Interestingly enough, we have not seen widespread attacks since now Earlier today now we released different pieces of information on the two key blogs on that Microsoft Security Response Center MS08-067 Update November 25 Microsoft Malware Protection Center More MS08-067 Exploits The reason why I post and why this attacks makes me a little bit nervous is that I hear from too many customers still that they did not yet deploy and the reason behind is that they heard that we might have issues with this update Sorry, this is blank nonsense To be clear Out of all support cases Microsoft has received regarding MS08-067, all of them and I mean all no exception turned out to be caused by another issue and or mis-configuration and not MS08-067 So, there were no issues with this update so far It is your choice now to decide whom you base your risk assessment on On some web pages telling you that they heard or on us Whatever you do, base your risk assessment on the fact that there is somebody out there exploiting the vulnerability Roger http://www.secuobs.com/revue/news/198493.shtmlhttp://www.secuobs.com/revue/news/198493.shtml 2010-03-05 12:02:46 - Roger Halbheer on Security : One of the questions I often get is my position on Cyber-Terrorism I doubt that there will be isolated technology-related terrorism What we see much more is the use of high-tech during classical terrorism attacks If you look at the recent terrorism events in Mumbai, there was some pretty interesting background on it In order to prepare for the attacks, the terrorists seem to have used Google Maps as any tourist would do and GPS and Satellite Phones This is definitely not surprising but shows the development in this area In this article Update Google Earth used by terrorists in India attacks on Infoworld there is an interesting quote Google Earth has previously come in for criticism in India, including from the country's former President, APJ Abdul Kalam Kalam warned in a 2005 lecture that the easy availability online of detailed maps of countries from services such as Google Earth could be misused by terrorists I do not think that it would have live much harder for terrorists if they would not have had Google Earth available but it shows the tension between economy and technology and law enforcement In certain countries I have been in recently, the pure possession of a GPS device is illegal The terrorists used everyday technology like Blackberries to stay ahead of Law Enforcement Terrorists turn technology into weapon of war in Mumbai The use of BlackBerrys by the terrorists to monitor international reaction to the atrocities, and to check on the police response via the internet, provided further evidence of the highly organized and sophisticated nature of the attacks The organization in these teams seems to have been very good and scaring therefore Analysis Mumbai attack differs from past terror strikes So, this is a really disgusting example of how terrorists use and leverage today s technology in order to commit their attacks Therefore I beleive that we will unfortunately see more of this rather than Internet-only terrorism but this is just a guess Roger http://www.secuobs.com/revue/news/198489.shtmlhttp://www.secuobs.com/revue/news/198489.shtml 2010-03-05 12:02:46 - Roger Halbheer on Security : Well, as I am not really working, just a quick one http iscsansorg diaryhtml storyid 6787 rss Roger http://www.secuobs.com/revue/news/198387.shtmlhttp://www.secuobs.com/revue/news/198387.shtml 2010-03-05 07:20:57 - DarkReading All Stories : Core Security Labs researcher releases code for spear phishing attacks on Twitter http://www.secuobs.com/revue/news/198287.shtmlhttp://www.secuobs.com/revue/news/198287.shtml 2010-03-04 20:37:53 - News : Recent Internet attacks from China against Google and other US companies will more than double this year if the pace during the first two months continues, a security expert says at RSA Conference IMAGE http://www.secuobs.com/revue/news/198116.shtmlhttp://www.secuobs.com/revue/news/198116.shtml 2010-03-04 19:21:49 - Internet Security News : Google and the other companies that were affected by Operation Aurora had some commendable security measures in place, according to a new report from McAfee you might consider them the virtual equivalents of steel doors with reinforced hinges However, it turned out that the companies might have left their internal safe doors unlocked George Kurtz, McAfee's CTO, explained late yesterday on the McAfee Security Insights Blog that he discovered some problems with respect to the companies' source code configuration management systems SCMs Enough problems to call them inherently insecure, in fact, as he found that attackers were able to siphon out source code or, worse, modify and add code Kurtz then continued, SCMs are used by software engineers to manage their projects and are used to store source code, the crown jewels of any tech company And as you might suppose, leaving one's intellectual property exposed isn't the best way to run a business In response, McAfee is taking a closer look at how SCMs should be secured, and Perforce, which is a popular management system, has been scrutinized in what's supposed to be the first in a series of white papers These lessons should benefit a wide range of individuals and companies, considering that many organizations have probably modeled their security systems after what Google, Adobe, Rackspace, and other corporations hit by Operation Aurora have in place Hopefully an Operation Aurora 2 will become impossible as a result Or at the least, perhaps some less organized and skilled hackers will be repelled Meanwhile, efforts to identify the people behind Operation Aurora haven't progressed much since the last time we discussed them A security company called Damballa did issue a statement earlier this week alleging that the hackers used a garden variety botnet and were more amateur than average, but Google has disputed this claim IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE http://www.secuobs.com/revue/news/198091.shtmlhttp://www.secuobs.com/revue/news/198091.shtml 2010-03-04 19:17:51 - Voice of VOIPSA : Remember the cyberattacks against Google and other businesses back in China Google blogged about A new approach to China and it was all over the news everywhere for a while Well, this week security firm Damballa released a detailed look into the Aurora botnet that was apparently responsible for these attacks The 31-page http://www.secuobs.com/revue/news/198083.shtmlhttp://www.secuobs.com/revue/news/198083.shtml 2010-03-04 12:19:04 - News : Companies should take extra steps to secure their source code from the type of targeted attacks that hit Google, Adobe, Intel and others over the past few months IMAGE http://www.secuobs.com/revue/news/197985.shtmlhttp://www.secuobs.com/revue/news/197985.shtml 2010-03-04 10:47:32 - PenTestIT : Today, we have this post from the p42us, which is written by Eduardo Vela sirdarckcat Our Favorite XSS Filters and How to Attack Them is a powerpoint presentation by the author at the BlackHat 2009 This tells us about different ways with which we can probably circumvent protection offered by different web application firewalls It employs IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE http://www.secuobs.com/revue/news/197966.shtmlhttp://www.secuobs.com/revue/news/197966.shtml 2010-03-04 10:32:42 - Rootsecure.net : Light Blue Touchpaper Evaluating statistical attacks on personal knowledge questions http://www.secuobs.com/revue/news/197961.shtmlhttp://www.secuobs.com/revue/news/197961.shtml 2010-03-04 08:32:34 - securitystream.info : Posted by InfoSec News on Mar 03 http wwwcomputerworldcom s article 9165638 Tracing_attack_source_key_to_cybersecurity_strategy_Chertoff_says taxonomyId 17 By Jaikumar Vijayan Computerworld March 3, 2010 SAN FRANCISCO -- The difficult task of identifying the true sources of cyber attacks remains one of the biggest challenges in the development of a national cybersecurity strategy, former Department of Homeland Security Secretary Michael Chertoff told Computerworld in an Related posts 1 Maryland aims to be cybersecurity epicenter 2 Wanted A Smokey Bear for cybersecurity 3 Homeland Security Plans Cybersecurity, Data Center Investments http://www.secuobs.com/revue/news/197943.shtmlhttp://www.secuobs.com/revue/news/197943.shtml 2010-03-04 08:17:07 - PenTestIT : Imposter is a flexible framework to perform Browser Phishing attacks Once the system running Imposter is configured as the DNS server to the victims, the internal DNS server of Imposter resolves all DNS queries to itself When the victim tries to access any website the domain resolves to the system running Imposter and Imposter s internal IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE http://www.secuobs.com/revue/news/197937.shtmlhttp://www.secuobs.com/revue/news/197937.shtml 2010-03-04 07:32:07 - securitystream.info : Security software maker Symantec Corp is working with the Department of Homeland Security to find out who launched cyber attacks against Google Inc Related posts 1 Symantec adds Stephen Bennett, former Intuit CEO, to board of directors 2 Symantec Shares Decline After Analyst s Downgrade 3 Symantec to buy Gideon, security software maker http://www.secuobs.com/revue/news/197932.shtmlhttp://www.secuobs.com/revue/news/197932.shtml 2010-03-04 04:40:45 - Light Blue Touchpaper : What is your mother s maiden name How about your pet s name Questions like these were a dark corner of security systems for quite some time Most security researchers instinctively think they aren t very secure But they still have gained widespread deployment as a backup to password-based authentication when email-based identification isn t available Free webmail providers, http://www.secuobs.com/revue/news/197883.shtmlhttp://www.secuobs.com/revue/news/197883.shtml 2010-03-04 04:00:43 - Security Bloggers Network : That s vulnerable to a man in the middle attack Alright, let s dive into the details of a this attack and understand exactly how it works Definition First, a quick definition, a man in the middle MitM attack is an attack where the communicatio http://www.secuobs.com/revue/news/197878.shtmlhttp://www.secuobs.com/revue/news/197878.shtml 2010-03-04 03:59:51 - News : Contrary to general perception, the recent cyberattacks against Google and more than 30 other high-tech companies were carried out by relatively unsophisticated attackers using outdated botnet tools, according to an Atlanta-based security firm IMAGE http://www.secuobs.com/revue/news/197873.shtmlhttp://www.secuobs.com/revue/news/197873.shtml 2010-03-04 03:11:11 - News : Michael Chertoff, former head of the US Department of Homeland Security, talked of the difficulties in creating a national cybersucurity plan during an interview with Computerworld IMAGE http://www.secuobs.com/revue/news/197857.shtmlhttp://www.secuobs.com/revue/news/197857.shtml 2010-03-03 23:58:41 - Packet Storm Security Last Files : This is a whitepaper called Google Gears for Attackers, Data Theft and Backdoor Placement Attacks on Google Gears' Users http://www.secuobs.com/revue/news/197795.shtmlhttp://www.secuobs.com/revue/news/197795.shtml 2010-03-03 18:59:06 - Packet Storm Security Headlines : http://www.secuobs.com/revue/news/197674.shtmlhttp://www.secuobs.com/revue/news/197674.shtml 2010-03-03 18:07:38 - Security Shell : Data Theft and Backdoor Placement Attacks on Google Gears Users This paper describes multiple stealthy and remote attacks against users of Google Gears which could have impacts ranging from stealing the entire Gmail Inbox of the victim to setting permanent backdoors in popular sites like Gmail, MySpace, WordPress, Google Docs etc For a website to make use of Google Gears, the user should explicitly permit the site to make use of Gears Once this is done the site can store data on the user s hard disk, in the form of SQLite databases The site can read, write and alter this database Gears also lets the site to save and serve pages locally from the user s system, in effect, creating a web server on the user s system All of Google Gears features are accessible using the Gears API from JavaScript Download PDF http://www.secuobs.com/revue/news/197653.shtmlhttp://www.secuobs.com/revue/news/197653.shtml 2010-03-03 15:50:23 - SecurityTube.Net : Defending Web Applications from 0 Day Attacks with ModProfiler Using Traffic Profiling Video Tutorial IMAGE http://www.secuobs.com/revue/news/197593.shtmlhttp://www.secuobs.com/revue/news/197593.shtml 2010-03-03 15:07:58 - Infosecurity.US : News of apparently critical vulnerabilities in the Global Positioning System GPS , supplying everything from exact Timing to Civil Government, Military and Merchant Marine GPS services, and mundane directions to the market, or grandmother s house via that great little GPS device firmly suction-cupped to your windshield Specifically, the issue noted is the severely restricted signal bandwidth Related Posts 1 US GAO Reports Worldwide GPS May Fail By 2010 2 Honeymoons Over Why Microsoft Windows 7 Is Already Deemed Unsafe 3 SuSE Linux Issues Two Highly Critical Security Updates 4 DNS Entropy Testers Is Your DNS Infrastructure Vulnerable 5 US-CERT Multiple DNS Implementations Vulnerable to Cache Poisoning http://www.secuobs.com/revue/news/197582.shtmlhttp://www.secuobs.com/revue/news/197582.shtml 2010-03-03 12:51:55 - Computer Security News : By George Bao The United States and China are two major countries with malicious computer activity, Vincent Weafer, Vice President of Symantec Security Response, the largest maker of personal computer security software in the world, told Xinhua in an interview http://www.secuobs.com/revue/news/197552.shtmlhttp://www.secuobs.com/revue/news/197552.shtml 2010-03-03 11:53:51 - SecurityPark.net : Imperva has announced the general availability of ThreatRadar, a new add-on to Imperva's Web Application Firewall WAF that provides automated, reputation-based defense against large scale industrialized cyber attacks Anyone using ThreatRadar with Imperva's WAF will have an effective means to mitigate http://www.secuobs.com/revue/news/197537.shtmlhttp://www.secuobs.com/revue/news/197537.shtml 2010-03-03 11:50:15 - Network World on Security : A new security advisory from Microsoft warns about a risk involving any version of Internet Explorer on Windows 2000 and Windows XP that can allow a malicious Web site to infiltrate your PC http://www.secuobs.com/revue/news/197532.shtmlhttp://www.secuobs.com/revue/news/197532.shtml 2010-03-03 10:05:41 - Rootsecure.net : Info World Fraudsters hone their attacks with spear phishing http://www.secuobs.com/revue/news/197494.shtmlhttp://www.secuobs.com/revue/news/197494.shtml 2010-03-03 10:05:41 - Rootsecure.net : eWeek Google Attack Performed by 'Amateur' Botnet pdf http://www.secuobs.com/revue/news/197493.shtmlhttp://www.secuobs.com/revue/news/197493.shtml 2010-03-03 09:33:17 - HolisticInfoSec.org : In keeping with my presentation this Friday at RSA, I managed to time my toolsmith topic to correlate precisely specifically, visualizing the recent Zeus attack against government and military For the article I discuss NetGrok and AfterGlow for the RSA presentation I'll be more focused on NetGrok and Maltego as the present more readily for a live audience Now that advanced persistent threat or APT is the latest buzz word acronym phrase we can reminisce that good old Zeus was amongst the best and brightest of early APT adopters - From the RSA presentation abstract The flood of raw data generated by intrusion detection systems IDS is often 0verwhelming for security specialists, and telltale signs of intrusion are sometimes overlooked in all the noise Security visualization tools provide an easy, intuitive means for sorting through the dizzying data and spotting patterns that might indicate intrusion the presentation will focus on specific tools and methodology to aid you in establishing security data visualization practices in your environment From the article I ll accentuate this theme as the crux of our toolsmith discussion this month while discussing NetGrok and After-Glow and additionally introduce timely sample analysis of the targeted Zeus bot attacks in early February against US government institutions See how that all pulls together - The article is here The RSA presentation is in Orange Room 306 at 10 10 on Friday, March 5 If you're attending RSA, I hope to see you there delicious digg Submit to Slashdot Please support the Open Security Foundation OSVDB http://www.secuobs.com/revue/news/197491.shtmlhttp://www.secuobs.com/revue/news/197491.shtml 2010-03-03 01:38:52 - Security Bytes : Every year Adi Shamir, one of the inventors of the RSA algorithm, brings something new to the table at the annual RSA Conference Cryptographers Panel This year, he gave a shout-out to Ross Anderson, Steven J Murdoch, Saar Drimer and Mike Bond for their work on breaking chip-and-PIN authentication in credit cards That team http://www.secuobs.com/revue/news/197380.shtmlhttp://www.secuobs.com/revue/news/197380.shtml 2010-03-02 22:32:38 - Tactical Web Application Security : Submitted by Ryan Barnett 03 01 2010 Hacks NSW Government alleges transport website hacked - sensitive information leakage Argentina Coach Diego Maradona's Website Hacked - defacement Kosovo s Presidency Website Hacked - defacement downtime National Theatre hack forces password reset - unauthorized access sensitive data leakage Attacks Baidu Registrar 'incredibly' changed our e-mail for hacker - domain hijacking http://www.secuobs.com/revue/news/197307.shtmlhttp://www.secuobs.com/revue/news/197307.shtml 2010-03-02 20:27:20 - threatpost The First Stop for Security News : A new report shows malware attacks through Web 20 applications continue to be the largest concern for IT professionals with 69pourcents of organizations reporting at least one Web 20-related attack Fourteen percent report data leakage over social networks and 18pourcents indicate incidents occurring over social networks where disciplinary action was required Read the full article Help Net Security Shorten URL http threatpostcom en_us 36v Click to copy to clipboard or post to Twitter http://www.secuobs.com/revue/news/197254.shtmlhttp://www.secuobs.com/revue/news/197254.shtml 2010-03-02 20:18:25 - securitystream.info : A new report shows malware attacks through Web 20 applications continue to be the largest concern for IT professionals with 69pourcents of organizations reporting at least one Web 20-related attack Fourteen percent report data leakage over social networks and 18pourcents indicate incidents occurring over social networks where disciplinary action was required Read the full article Help Net Security Shorten URL http threatpostcom en_us 36v Click to copy to clipboard or post to Twitter ZeroClipboardsetMoviePath 'http threatpostcom sites all modules threatpost_tweaks ZeroClipboardswf' var clip new ZeroClipboardClient clipsetHandCursor true clipsetText 'http threatpostcom en_us 36v' clipglue 'short_url_link' , 'short_url_cont' Related posts 1 Hackers Using Automation, Geolocation in Social Networking Attacks 2 Top 5 Social Networking Business Threats 3 SQL Injection Hits Social Net for Developers http://www.secuobs.com/revue/news/197251.shtmlhttp://www.secuobs.com/revue/news/197251.shtml 2010-03-02 18:36:33 - threatpost The First Stop for Security News : Crooks have developed a man-in-the-middle-attack designed to circumvent authentication kit used by dedicated World of Warcraft gamers The ruse relies on tricking gamers into installing Trojans disguised as gaming ad-ons Once applied the malware allows hackers to capture and relay authentication commands next time a victim logs on to Blizzard's servers Read the full article The Register Shorten URL http threatpostcom en_us 36y Click to copy to clipboard or post to Twitter http://www.secuobs.com/revue/news/197189.shtmlhttp://www.secuobs.com/revue/news/197189.shtml 2010-03-02 18:04:55 - Help Net Security News : A lot has been written already about the Aurora attacks on major US companies Speculation about and investigations into the origin of the attack and the code used has kept many researchers busy si http://www.secuobs.com/revue/news/197179.shtmlhttp://www.secuobs.com/revue/news/197179.shtml 2010-03-02 15:46:18 - Security Bloggers Network : Yesterday, a large number of Twitter users received from friends tweets titled this you which pointed to a false Twitter landing page If the victim enters their user name and password on the fake landing page, the attackers will be http://www.secuobs.com/revue/news/197136.shtmlhttp://www.secuobs.com/revue/news/197136.shtml 2010-03-02 10:54:13 - Rootsecure.net : Slashdot Aurora Attack - Resistance Is Futile pdf http://www.secuobs.com/revue/news/197065.shtmlhttp://www.secuobs.com/revue/news/197065.shtml 2010-03-02 10:16:51 - InSecurity Complex : Latest report on attacks targeting Google and others calls it just another old school botnet http://www.secuobs.com/revue/news/197060.shtmlhttp://www.secuobs.com/revue/news/197060.shtml 2010-03-02 02:52:33 - Hack In The Box : Hereâ s some troubling news for my fellow World of Warcraft players It seems that hackers, account thieves, and other miscreants have now embraced man-in-the-middle MITM attacks to further their evil ways Blizzard says itâ s not a widespread issue, and itâ s rather difficult to pull off, but itâ s something yâ all should be aware of The deal is that WoW hackers are able to infect your PCâ this is a PC-only problem, mind you, so Mac players can more or less ignore all of thisâ with a bit of malware thatâ s then able to initiate the MITM attack The purpose of this is to intercept your login name, password, and authenticator number so that they can log into your account Once online, they can do whatever it is youâ d be able to do inside the game world sell items, mail gold to other players, etc They cannot, it should be noted, delete your actual account or anything like that Still, itâ s potentially devastating, selling all your epics for fast gold, then turning around and selling that gold for real money to someone else http://www.secuobs.com/revue/news/196964.shtmlhttp://www.secuobs.com/revue/news/196964.shtml 2010-03-02 01:52:33 - Symantec Security Response Podcasts : This Symantec Security Response podcast is an analysis of staged attacks found in the latest Internet Security Threat Report Volume XII The goal of this podcast is to alert listeners to emerging threats and trends that Symantec has identified in the Symantec Internet Security Threat Report Volume XII http://www.secuobs.com/revue/news/196856.shtmlhttp://www.secuobs.com/revue/news/196856.shtml 2010-03-02 01:52:33 - Symantec Security Response Podcasts : This podcast provides a brief general overview of phishing attacks, and provides a few simple steps for Small Mid-Sized Business to follow in order to stay protected against them http://www.secuobs.com/revue/news/196840.shtmlhttp://www.secuobs.com/revue/news/196840.shtml 2010-03-02 01:52:33 - Symantec Security Response Podcasts : This podcast details how Small Mid-Sized Businesses can quickly and easily recover from virus attacks http://www.secuobs.com/revue/news/196839.shtmlhttp://www.secuobs.com/revue/news/196839.shtml 2010-03-02 01:52:33 - Symantec Security Response Podcasts : This podcast will cover the impact of web-based attacks, providing analysis and discussion of the data gathered by Symantec between January 1 and December 31, 2008 http://www.secuobs.com/revue/news/196831.shtmlhttp://www.secuobs.com/revue/news/196831.shtml 2010-03-02 00:02:58 - Packet Storm Security Headlines : http://www.secuobs.com/revue/news/196784.shtmlhttp://www.secuobs.com/revue/news/196784.shtml 2010-03-01 20:38:33 - Computer Security News : Many viewers have emailed or called 5 EYEWITNESS NEWS Monday morning, saying they are having trouble getting through to the Minnesota State Department of Commerce, trying to sign up for new appliance rebates http://www.secuobs.com/revue/news/196685.shtmlhttp://www.secuobs.com/revue/news/196685.shtml 2010-03-01 15:37:23 - eSecurity Planet Features : Gerry Blackwell looks into Gen Alexander's statement that his responsibility is to plan, coordinate, and conduct offensivecyberspace operations http://www.secuobs.com/revue/news/196586.shtmlhttp://www.secuobs.com/revue/news/196586.shtml 2010-03-01 14:07:21 - Help Net Security News : Imperva announced ThreatRadar, an add-on to Imperva's Web Application Firewall WAF that provides automated, reputation-based defense against large scale industrialized cyber attacks ThreatRadar http://www.secuobs.com/revue/news/196568.shtmlhttp://www.secuobs.com/revue/news/196568.shtml 2010-03-01 09:31:40 - Rootsecure.net : Network World Perfume business rescued from DDoS attack http://www.secuobs.com/revue/news/196506.shtmlhttp://www.secuobs.com/revue/news/196506.shtml 2010-03-01 09:09:42 - securitystream.info : As many as 100 companies pwned Most businesses are defenseless against the types of attacks that recently hit Google and at least 33 other companies, according to a report to be published Monday that estimates the actual number of targeted companies could top 100 Case Study WhatsUp keeps Legoland turnstyles ringing Related posts 1 Targeted attacks replace botnet floods in telco nightmares 2 Germans devise attacks on Windows BitLocker 3 US will complain to China about Google hacking http://www.secuobs.com/revue/news/196503.shtmlhttp://www.secuobs.com/revue/news/196503.shtml 2010-03-01 02:14:43 - Computer Security News : Hate group Anonymous member, Mahoud Samed Almahadin, pled guilty to Criminal Mischief today in the New York City Criminal Court in connection with a January 8, 2009 attack on the Church of Scientology of New York http://www.secuobs.com/revue/news/196461.shtmlhttp://www.secuobs.com/revue/news/196461.shtml 2010-02-28 19:54:21 - Network World on Security : No website, however unlikely, is beyond the reach of the dreaded distributed-denial-of-service attack DDoS , with cloud security outfit Prolexic publicising a pre-Christmas attack on a web perfume seller http://www.secuobs.com/revue/news/196396.shtmlhttp://www.secuobs.com/revue/news/196396.shtml 2010-02-28 11:50:09 - securitystream.info : The Chinese cyber attacks that Google Inc reported last month may have targeted more than 100 companies, a larger number than previously thought, according to security research firm ISEC Partners Inc Related posts 1 More Than 100 Companies Targeted by Google Hackers 2 Google investigates China staff over cyber attack 3 Security experts dissect Google China attack http://www.secuobs.com/revue/news/196354.shtmlhttp://www.secuobs.com/revue/news/196354.shtml 2010-02-28 09:27:14 - EFF.org Updates : This week, an Italian magistrate convicted three Google employees for an Internet video that none of them had produced, uploaded, or even seen The case arose from an Italian video that was uploaded in 2006 to Google Video, which showed a disabled child being bullied by other schoolchildren An advocacy organization and the boy's father in Milan pushed for a criminal prosecution a local prosecutor decided to pursue a case against four individual Google employees In the decision, a defamation charge was dropped, but three of the named executives were found guilty of a charge related to Italy's privacy laws, and each sentenced to a six month suspended sentences We may not see the Italian decision stand for long, and cannot imagine a similar case happening in most Western countries But it represents a growing temptation of courts and lawmakers worldwide to find excuses to strip away the protection the law grants to Internet intermediaries It's also an intimation of the very serious consequences to the Net and free speech if those safe harbors are weakened Europe has, in theory at least, at the EU level, strong protections for Internet intermediaries in its E-Commerce Directive Article 14 of that directive provides that hosting providers are not responsible for the content they host, as long as they are not informed of its illegal character, and they act promptly when informed of it Article 15 clarifies that hosts do not need to monitor hosted content for potentially illegal content This judgement guts both these principles The court dismissed the allegation of criminal defamation but upheld a charge of illegally handling personal data on the basis that a video is personal data, and that under EU data protection law, Google needed prior authority before distributing that personal data This interpretation of the law means that Google is co-responsible for the legality of content containing the images of persons -- before anyone has complained about the content That effectively means to comply with the decision, any intermediary working within Italy must now pre-screen every piece of video with anyone who appears within it, or risk prosecution As the judgement stands, it also presents such a wide definition of personal data that it might effectively require that all hosts pre-screen all content be it video, text, audio or data The unconscionable fact that this prosecution is of individuals, while devastating for those involved, is only part of the problem The whole Internet relies on the fact that third-parties can carry messages without having to self-police, interfere with those messages or take responsibility for millions of others' communications The Net is made of intermediaries, and attacks on the safe harbor protections for those intermediaries is under way across the world In China, it's called ISP self-discipline In the United States, it's rightsholders demanding secondary or even tertiary liability for infringement by users, or loopholes in net neutrality, or attempts to weaken the protections of CDA 230 Italy may choose to unfairly victimize three American executives in this case, but the openness of the entire Internet risks becoming a victim if the safe harbors are compromised elsewhere http://www.secuobs.com/revue/news/196347.shtmlhttp://www.secuobs.com/revue/news/196347.shtml 2010-02-28 09:09:22 - Security Shell : In this paper, new attacks against TKIP based IEEE 80211 networks are described Using the known Beck-Tews attack, we de ne schemas to con- tinuously generate new keystreams, which allow more and longer packets to be injected Also an attack against the Michael message integrity code is presented, that allows an attacker to reset the internal MIC state and building on top of that, concatenating a known message with an unknown message keeping the unknown MIC valid for the new entire packet Based on this, a schema to decrypt all tra c towards the client is described Download PDF http://www.secuobs.com/revue/news/196346.shtmlhttp://www.secuobs.com/revue/news/196346.shtml 2010-02-27 23:58:29 - Rootsecure.net : Wi-Fi Networking News Another, Better TKIP Attack That's Still Limited pdf http://www.secuobs.com/revue/news/196311.shtmlhttp://www.secuobs.com/revue/news/196311.shtml 2010-02-27 19:06:12 - The Honeynet Project : We have decided to extend the submission deadline for our second forensic challenge - browsers under attack to Monday, 8th of March 2010 This gives you another week to participate in our latest challenge Subsequently, the announcement of the results will also move another week to Monday, 22nd of March 2010 I have contacted all the folks that have already submitted their solution to us about this change They, of course, have the opportunity to resubmit their solution, if they so wish, until the new submission deadline on the 8th If you have submitted and did not receive an email from me, please contact us at forensicchallenge2010 honeynetorg Challenge 2 focuses on browser attacks and can be accessed at Forensic Challenge 2010 2 The top 3 submissions will be awarded prizes read more http://www.secuobs.com/revue/news/196287.shtmlhttp://www.secuobs.com/revue/news/196287.shtml 2010-02-27 06:19:04 - Praetorian Prefect : Noted journalist and friend of the blog George V Hulme shared the picture below from CNBC, perhaps the most amusing way seen thus far of describing the patch for the 'Aurora bug' that famously affected Google late last year http://www.secuobs.com/revue/news/196212.shtmlhttp://www.secuobs.com/revue/news/196212.shtml 2010-02-27 01:57:54 - Aircrack ng News : A new paper about TKIP attacks was released by hirte Enhanced TKIP Micheal Attacks http downloadaircrack-ngorg wiki-files doc enhanced_tkip_michaelpdf http://www.secuobs.com/revue/news/196135.shtmlhttp://www.secuobs.com/revue/news/196135.shtml 2010-02-26 21:13:34 - Security Bloggers Network : SQL injection has, for a long time now, found its way to the top places of the list of favorite attack vectors of cyber criminals Its popularity is, without a doubt, due to the relative ease of use and high success rate For those who are not familiar with how an attack of this kind looks http://www.secuobs.com/revue/news/196035.shtmlhttp://www.secuobs.com/revue/news/196035.shtml 2010-02-26 20:10:27 - MSI State of Security : I just completed the slides for my new presentation on application security It is focused on understanding Remote File Include attacks against PHP implementations The preso covers what they are, how common they are, metrics, signatures, code examples and guidance for finding and mitigating them The slides are available as a PDF here If there is interest, I http://www.secuobs.com/revue/news/196001.shtmlhttp://www.secuobs.com/revue/news/196001.shtml 2010-02-26 19:33:48 - Help Net Security News : SQL injection has, for a long time now, found its way to the top places of the list of favorite attack vectors of cyber criminals Its popularity is, without a doubt, due to the relative ease of use a http://www.secuobs.com/revue/news/195992.shtmlhttp://www.secuobs.com/revue/news/195992.shtml 2010-02-26 17:07:10 - Security : Computer-based attacks are being leveraged by miscreants to gain a global economic and informational advantage over others This is the message presented by ScanSafe s 2009 Annual Global Threat Report, which was released last week Over the course of 2009, ScanSafe, which was acquired by Cisco in December, 2009, monitored customer web traffic and blocked malicious content through its cloud-based security service The results of their analysis uncovered some interesting points, the most widely reported being that 80pourcents of exploits in 2009 were based on malicious PDF files But the subtexts from the report regarding targeted theft and criminal exploitation deserve a deeper look http://www.secuobs.com/revue/news/195952.shtmlhttp://www.secuobs.com/revue/news/195952.shtml 2010-02-26 17:02:09 - security_watchdog : The Secretary for Energy and Climate Change, Ed Miliband, and Dunfermline and West Fife MP Willie Rennie are among the large number of Twitter users that have been snared by the latest Twitter phishing attack The two politicians sent their followers corrupt links, along with a message that reads Hhey, i've been having better sex and longer with this here Miliband was quick to respond to the scam earlier today Oh dear it seems like I've fallen victim to twitter's latest 'phishing' scam, he tweeted He then used the publicity to his advantage Now I've got your attention - I want your ideas for the manifesto, he wrote According to STV News, Rennie's Twitter account was linked to all his social networking accounts and so the message was sent to thousands of his followers Rennie told the broadcaster that he assumed most of his followers would know the link is a scam and not a genuine tweet Unlike Miliband, he has chosen not to post any Tweets about the scam in his feed Graham Cluley from security firm Sophos warned that unless Miliband has a strong and different password for every website he uses, he may have allowed hackers to access other more sensitive accounts Basically, his entire online life could be handed over to hackers, he wrote The news of the phishing scam comes as the Lord Chancellor is reportedly investigating fake Twitter accounts that have been set up for all of the Merseyside and NorthWest MPs http://www.secuobs.com/revue/news/195948.shtmlhttp://www.secuobs.com/revue/news/195948.shtml 2010-02-26 15:03:27 - News : The latest phishing attack on Twitter users swept the UK overnight claiming several prominent users IMAGE http://www.secuobs.com/revue/news/195926.shtmlhttp://www.secuobs.com/revue/news/195926.shtml 2010-02-26 08:45:49 - Information Security Resources : From the Infosec Island Network Symantec's 2010 State of Enterprise Security study also found that 100 percent of enterprises surveyed experienced cyber losses in 2009, with theft of intellectual property, customer credit card information or other financial information and customer personally identifiable information the most prevalent http://www.secuobs.com/revue/news/195844.shtmlhttp://www.secuobs.com/revue/news/195844.shtml 2010-02-25 23:09:07 - eSecurity Planet Features : IBM's X-Force security report finds that hackers have mastered the art of attacking Web browsers and document readers, even though application security has improved http://www.secuobs.com/revue/news/195711.shtmlhttp://www.secuobs.com/revue/news/195711.shtml 2010-02-25 21:55:11 - eSecurity Planet Features : SQL injection attacks pose a massive potential threat to your organization Learn ten ways to prevent or mitigate them http://www.secuobs.com/revue/news/195682.shtmlhttp://www.secuobs.com/revue/news/195682.shtml 2010-02-25 18:59:14 - eSecurity Planet Features : Chipmaker says it, too, was hit by a 'sophisticated' cyber attack in January, right around the same time that Google, Adobe, and a couple dozen other enterprises were hacked http://www.secuobs.com/revue/news/195633.shtmlhttp://www.secuobs.com/revue/news/195633.shtml 2010-02-25 18:17:52 - SearchSecurity Security Wire Daily News : Cloud computing concerns will share the spotlight at this year's 2010 RSA Conference, with ways to defend against the frequency of targeted cyberattacks against corporate networks IMAGE IMAGE IMAGE http://www.secuobs.com/revue/news/195611.shtmlhttp://www.secuobs.com/revue/news/195611.shtml 2010-02-25 18:00:22 - Security Balance : I m surprised that most of the MitB attacks are still just stealing credentials instead of changing transaction contents on the fly I can see that credentials have an intrinsic value on the black market , but the attack model of stealing credentials and then using them to log into the victim account to perform transactions seems http://www.secuobs.com/revue/news/195597.shtmlhttp://www.secuobs.com/revue/news/195597.shtml 2010-02-25 17:15:21 - threatpost The First Stop for Security News : SQL injection has become perhaps the most widely used technique for compromising Web applications, thanks to both its relative simplicity and high success rate It's not often that outsiders get a look at the way these attacks work, but a well-known researcher is providing just that Shorten URL http threatpostcom en_us 3o1 Click to copy to clipboard or post to Twitter http://www.secuobs.com/revue/news/195577.shtmlhttp://www.secuobs.com/revue/news/195577.shtml 2010-02-25 16:38:52 - Sophos security news : Scareware lurks behind websites claiming to contain video footage of death http://www.secuobs.com/revue/news/195565.shtmlhttp://www.secuobs.com/revue/news/195565.shtml 2010-02-25 16:38:42 - Graham Cluley's blog : Dawn Brancheau, a trainer at Sea World in Orlando, was killed yesterday after being attacked by a killer whale News of the tragedy sped quickly around the world, and now sick cybercriminals are exploiting the story of 40-year-old Brancheau's death for their own commerical gain Through SEO search engine optimisation techniques, hackers have created webpages stuffed with http://www.secuobs.com/revue/news/195564.shtmlhttp://www.secuobs.com/revue/news/195564.shtml 2010-02-25 11:56:42 - SecurityPark.net : ESG manufactures the versatile CERTIFIRE approved fire resistant safety glass range on the UK ESG Pyrotech Ultimate is the ultimate in fire resistant safety glass, allowing the specifier to combine fire resistance with a host of other properties These include safety, sound attenuation, attack resistance and privacy screening, all produced in-house at ESG Using highly technical sophistica more http://www.secuobs.com/revue/news/195492.shtmlhttp://www.secuobs.com/revue/news/195492.shtml 2010-02-25 08:49:12 - Help Net Security News : Online criminals are garnering greater success with increased technical sophistication affecting a wider range of industries With greater diversity and the use of targeted attacks, phishing remains o http://www.secuobs.com/revue/news/195441.shtmlhttp://www.secuobs.com/revue/news/195441.shtml 2010-02-25 07:45:36 - Packet Storm Security Headlines : http://www.secuobs.com/revue/news/195402.shtmlhttp://www.secuobs.com/revue/news/195402.shtml 2010-02-25 07:29:09 - Help Net Security News : As the Mac platform continues to gain popularity, attackers are increasingly exploiting weaknesses in Mac OS X applications to invade end-user systems This exploitation leads to application piracy, l http://www.secuobs.com/revue/news/195385.shtmlhttp://www.secuobs.com/revue/news/195385.shtml 2010-02-25 01:21:42 - Hack In The Box : Three quarters of Asia Pacific enterprises -- and two thirds of businesses in Singapore - have experienced cyber attacks in the past 12 months, according to new global research The 2010 Symantec State of Enterprise Security Study, released today, found that 38 per cent of Asia Pacific enterprises, and 67 per cent in Singapore, rank cyber risk as their top concern, more than natural disasters, terrorism, and traditional crime combined Initiatives that IT executives rated as most problematic from a security standpoint include infrastructure-as-a-service, platform-as-a service, server virtualisation, endpoint virtualisation, and software-as-a-service The study involved surveys of 2,100 enterprise CIOs, CISOs and IT managers from 27 countries in January this year, including 850 respondents from the Asia Pacific and 100 from Singapore http://www.secuobs.com/revue/news/195318.shtmlhttp://www.secuobs.com/revue/news/195318.shtml 2010-02-25 00:51:02 - Security Bloggers Network : A group of researchers have discovered a simple way to reveal the identity of a user based on his interactions with social networks The deanonymization attack uses social network groups as well as some traditional browser history-stealing tactics to narrow down and find the user behind the browser Check out the article Dark Reading Related Posts Card http://www.secuobs.com/revue/news/195312.shtmlhttp://www.secuobs.com/revue/news/195312.shtml 2010-02-24 22:08:51 - threatpost The First Stop for Security News : Twitter users were being hit on Wednesday with what seems to be the second phishing attack this week, according to researchers The latest attack features a message that says This you followed by a link that leads to a fake Twitter log-in page Read the full article cnet Shorten URL http threatpostcom en_us 3Ap Click to copy to clipboard or post to Twitter http://www.secuobs.com/revue/news/195247.shtmlhttp://www.secuobs.com/revue/news/195247.shtml 2010-02-24 21:45:31 - InSecurity Complex : Sophos warns of messages leading to fake Twitter log-in pages that come several days after an attack leading to pharmaceutical spam sent from compromised accounts http://www.secuobs.com/revue/news/195240.shtmlhttp://www.secuobs.com/revue/news/195240.shtml 2010-02-24 21:31:38 - Internet Security News : Online criminals are having greater success with increased technical sophistication affecting a wider range of industries, according to a new report by Cyveillance Cybercriminal Attacks Becoming More Targeted Cybercriminal Attacks Becoming More Targeted IMAGE Cyber criminals are focusing their efforts on developing more sophisticated and targeted attacks rather than using a far reaching blanket approach, in order to reap greater financial rewards, said Panos Anastassiadis, chief operating officer of Cyveillance From emails to social networks, online criminals have increasingly more information at their disposal and a growing array of attack vectors to appear credible and go undetected Organizations must be more vigilant in proactively protecting themselves and cannot rely solely on traditional security measures to keep their infrastructure and sensitive information safe While banks and credit unions continue to be the top targets of phishers, governments and the technology and energy industries are now seeing growing number of attacks During the second half of 2009, 399 brands were first-time targets of phishing attacks, nearly double the amount of first-time targets than in the first half of this year Averaging over 36,000 confirmed, unique attacks per month in the same period of 2009, phishing attacks continue to succeed despite added security measures and consumer education The United States hosted 35 percent of all phishing attacks for the second half of 2009, over 4 times as much as the closest country, Netherlands, hosting 8 percent of all attacks IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE http://www.secuobs.com/revue/news/195237.shtmlhttp://www.secuobs.com/revue/news/195237.shtml 2010-02-24 17:47:13 - Help Net Security News : A report about the state of the Web by Zscaler indicates that cyber criminals have transferred the focus of their attacks from web and email servers to end user systems Their goal is to compromise th http://www.secuobs.com/revue/news/195138.shtmlhttp://www.secuobs.com/revue/news/195138.shtml 2010-02-24 17:11:30 - eSecurity Planet Features : Symantec's 'State of Enterprise Security' report finds that 100pourcents of surveyed companies experienced cyber losses, with an average loss of 2 million each in 2009 http://www.secuobs.com/revue/news/195117.shtmlhttp://www.secuobs.com/revue/news/195117.shtml 2010-02-24 17:03:01 - threatpost The First Stop for Security News : A group of researchers have discovered a simple way to reveal the identity of a user based on his interactions with social networks The 'deanonymization' attack uses social network groups as well as some traditional browser history-stealing tactics to narrow down and find the user behind the browser Read the full article Dark Reading Shorten URL http threatpostcom en_us 3A8 Click to copy to clipboard or post to Twitter http://www.secuobs.com/revue/news/195116.shtmlhttp://www.secuobs.com/revue/news/195116.shtml 2010-02-24 16:38:21 - Security Bloggers Network : The Commtouch detection center has confirmed that an email I received yesterday on one of my private accounts was part of a mass phishing attack aimed at Blogger and Google users In this case I suspected it was a phishing email before opening it s http://www.secuobs.com/revue/news/195110.shtmlhttp://www.secuobs.com/revue/news/195110.shtml 2010-02-24 16:25:14 - Bill Mullins' Weblog Tech Thoughts : Most regular readers are aware, that Zemana recently gave way free licenses for their award winning security application, Zemana AntiLogger, through this site In the four days the offer was available, 2,000 readers were able to take advantage of Zemana s generosity But it could have been more Unfortunately, cybercriminals obviously saw in this free license http://www.secuobs.com/revue/news/195094.shtmlhttp://www.secuobs.com/revue/news/195094.shtml 2010-02-24 16:09:36 - Infosecurity USA Latest News : Intel was the target of a concerned cyberattack in January around the same time that Google identified the Operation Aurora attack, according to a 10-K filing that the chip maker made to the SEC http://www.secuobs.com/revue/news/195092.shtmlhttp://www.secuobs.com/revue/news/195092.shtml 2010-02-24 15:55:44 - Tactical Web Application Security : Submitted by Ryan Barnett 02 22 2010 HacksHackers Manipulate Gradercom of Twitter - compromised Twitter tools in order to send out SPAM tweets Falkland Islands website hacked to display pro-Argentinian flag and messages - defacement hacktivism Attacks Security Companies Warn Google on Spammers Targeting Google Buzz ---------------------------------------------------------------- VulnsGoogle Buzz Security Flaw - XSS flaw SANS RISK ListWeb Application - Cross Site Scripting 10821 - Coppermine Photo Gallery uploadphp Cross-Site Scripting 10822 - vBulletin Multiple Cross-Site Scripting Vulnerabilities 10823 - Joomla sh404SEF Component URI Cross-Site Scripting 10824 - Cisco Collaboration Server LoginPagejhtml Cross-Site Scripting 10825 - RSA SecurID WebID Cross-Site Scripting Web Application - SQL Injection 10826 - Newgen OmniDocs ForceChangePasswordjsp SQL Injection 10827 - CommodityRentals Books eBooks Rental Software indexphp SQL Injection 10828 - Joomla com_zcalendar Component eid Parameter SQL Injection 10829 - Joomla AWD Wall Component cbuser Parameter SQL Injection 10830 - Joomla com_jbook Component Itemid Parameter SQL Injection 10831 - Joomla JQuarks Component SQL Injection 10832 - Qualiteam X-Cart cartphp SQL Injection 10833 - CommodityRentals Vacation Rental Software indexphp SQL Injection 10834 - Joomla com_acmisc Component Itemid Parameter SQL Injection 10835 - Alqatari lessonphp SQL Injection Web Application 10836 - Drupal Graphviz Filter Module Arbitrary Command Execution 10837 - SAP WebDynpro Runtime Unspecified HTML Injection 10838 - vBulletin 23 Cross-Site Scripting and SQL Injection Vulnerabilities 10839 - Interspire Knowledge Manager callbacksnipshotphp Arbitrary File Creation 10840 - Joomla Webee Component SQL Injection and HTML Injection Vulnerabilities 10841 - Joomla Kide Shoutbox Security Bypass 10842 - Joomla EasyBook Component Multiple HTML Injection Vulnerabilities 10843 - Joomla F BB Component SQL Injection and HTML Injection Vulnerabilities http://www.secuobs.com/revue/news/195086.shtmlhttp://www.secuobs.com/revue/news/195086.shtml 2010-02-24 14:23:07 - Help Net Security News : A phishing attack on Twitter asks This you and links to a bogus login page Here's a video from Sophos that shows how it works http://www.secuobs.com/revue/news/195063.shtmlhttp://www.secuobs.com/revue/news/195063.shtml 2010-02-24 13:31:44 - Graham Cluley's blog : There is another widespread phishing attack hitting users of Twitter today Messages asking This you followed by a link are being sent via the system to unsuspecting users If you click on the link you are taken to a fake Twitter login page, where hackers are just waiting for you to hand over your credentials It's http://www.secuobs.com/revue/news/195047.shtmlhttp://www.secuobs.com/revue/news/195047.shtml 2010-02-24 12:19:05 - Help Net Security News : Among the 34 companies that have been targeted by sophisticated attacks in January was Intel The fact was acknowledged in the company's annual report for the 2009 fiscal year, in which one of the r http://www.secuobs.com/revue/news/195031.shtmlhttp://www.secuobs.com/revue/news/195031.shtml 2010-02-24 11:55:14 - Network World on Security : Intel was targeted by sophisticated attacks in January, about the same time that Google reported its network had been breached, allegedly by Chinese hackers http://www.secuobs.com/revue/news/195026.shtmlhttp://www.secuobs.com/revue/news/195026.shtml 2010-02-24 10:32:59 - securitystream.info : Posted by InfoSec News on Feb 23 http wwwtheregistercouk 2010 02 22 csoc_report By Chris Williams The Register 22nd February 2010 Exclusive - A digital attack against the UK causing even minor damage would have a catastrophic effect on public confidence in the government, GCHQ has privately warned Whitehall The Cheltenham spy agency's new Cyber Security Operations Centre CSOC makes the prediction in a document prepared for Cabinet Office and seen by Related posts 1 Cyber attacks will catastrophically spook public, warns GCHQ 2 MI5 warns of Chinese hacks on UK businesses 3 Google cyber attacks a wake-up call for US Intelligence chief http://www.secuobs.com/revue/news/195009.shtmlhttp://www.secuobs.com/revue/news/195009.shtml 2010-02-24 10:03:07 - Computer Security News : The latest Google hacking allegations 'are groundless', according to a spokesman for China's foreign ministry http://www.secuobs.com/revue/news/195006.shtmlhttp://www.secuobs.com/revue/news/195006.shtml 2010-02-24 09:59:57 - Rootsecure.net : BBC News Sat-nav systems under increasing threat from 'jammers' Technology that depends on satellite-navigation signals is increasingly threatened by attack from widely available equipment http://www.secuobs.com/revue/news/195003.shtmlhttp://www.secuobs.com/revue/news/195003.shtml 2010-02-24 08:37:01 - ISN InfoSec News Mailing List : InfoSec News Cyber attacks will 'catastrophically' spook public, warns GCHQ http wwwtheregistercouk 2010 02 22 csoc_report By Chris Williams The Register 22nd February 2010 Exclusive - A digital attack against the UK causing even minor damage would have a catastrophic effect on public confidence in the government, GCHQ has privately warned Whitehall http://www.secuobs.com/revue/news/194989.shtmlhttp://www.secuobs.com/revue/news/194989.shtml 2010-02-24 08:37:01 - ISN InfoSec News Mailing List : InfoSec News China cyber attacks against Google pure fabrication http englishpeoplecomcn 90001 90776 90883 6901058html People's Daily Online Xinhua February 24, 2010 The New York Times, the Wall Street Journal, Financial Times and some other newspapers have published articles indicating that cyber attacks targeting Google and several other US http://www.secuobs.com/revue/news/194985.shtmlhttp://www.secuobs.com/revue/news/194985.shtml 2010-02-24 08:10:05 - Hak5 Xvid Large : With a mixture of in-studio and on location in Dublin this week we're talking to Robin Wood about DHCP Exhaustion and DNS Man-in-the-Middle attacks, talking Metasploit modules and a Pineapple Monkey half-breed http://www.secuobs.com/revue/news/194982.shtmlhttp://www.secuobs.com/revue/news/194982.shtml 2010-02-24 07:20:48 - DarkReading All Stories : Researchers develop proof-of-concept that exploits social networking patterns to de-anonymize online users http://www.secuobs.com/revue/news/194974.shtmlhttp://www.secuobs.com/revue/news/194974.shtml 2010-02-24 07:00:11 - Slashdot Your Rights Online : An anonymous reader sends word that USB VOIP company Magicjack lost a lawsuit against Boing Boing when the judge declared the legal action a SLAPP strategic lawsuit against public participation Magicjack must pay more than 50,000 in legal costs Boing Boing has posted a page linking and summarizing all the legal documents relating to the lawsuit IMAGE Read more of this story at Slashdot IMAGE IMAGE IMAGE http://www.secuobs.com/revue/news/194972.shtmlhttp://www.secuobs.com/revue/news/194972.shtml 2010-02-24 05:00:42 - InSecurity Complex : A panel of experts urges passage of Cyber Security Act or risk continuing economic losses from daily cybersecurity attacks and even a catastrophic event or cyberwar that the US would lose http://www.secuobs.com/revue/news/194958.shtmlhttp://www.secuobs.com/revue/news/194958.shtml 2010-02-24 02:11:36 - Hack In The Box : Intel Corp was the target of cyber attacks in January, around the same time of the reported cyber attacks on Google Inc, the chip giant said in a regulatory filing Intel INTC 2040, 001, 006pourcents disclosed the incident in a Securities and Exchange Commission filing on Monday in which it listed cyber attacks as among the risk factors facing the semiconductor company These attempts, which might be the result of industrial or other espionage, or actions by hackers seeking to harm the company, its products, or end users, are sometimes successful, Intel said One recent and sophisticated incident occurred in January 2010 around the same time as the recently publicized security incident reported by Google, the company said http://www.secuobs.com/revue/news/194895.shtmlhttp://www.secuobs.com/revue/news/194895.shtml 2010-02-24 02:11:36 - Hack In The Box : Failure to Preserve SQL Query Structure aka 'SQL Injection' appears at number 2 in the CWE SANS TOP 25 Most Dangerous Programming Errors list published on February 16 And for good reason SQL injection attacks pose a massive potential threat to your organization That's because, if successful, they could allow hackers to compromise your network, access and destroy your data, and take control of your machines The principal behind SQL injection is pretty simple When an application takes user data as an input, there is an opportunity for a malicious user to enter carefully crafted data that causes the input to be interpreted as part of a SQL query instead of data http://www.secuobs.com/revue/news/194894.shtmlhttp://www.secuobs.com/revue/news/194894.shtml 2010-02-24 00:09:35 - Security : Intel was also a victim of a cyberattack at the same time as the high-profile attack on Google, adding it to the list of companies allegedly targeted by Chinese hackers The company revealed the information Tuesday in its annual filing with the Securities and Exchange Commission, noting that the attack could harm Intel's business operations if any intellectual property was stolen Intel didn't reveal much more in its filing except to say that a sophisticated incident occurred in January, around the same time as the recently publicized security incident reported by Google The company said it's investigating the incident, but warned investors that it may not be fully aware yet of the magnitude of what happened If valuable data was stolen the company won't say flat out that it has or hasn't been then it could affect Intel's ability to compete in the market What Intel did not say in its filing was whether the attacks came out of China, but it stands to reason that Intel was likely one of the 30 other companies affected by the China Google attacks Intel spokesperson Chuck Mulloy was very careful, in fact, not to imply much of anything about the situation The only connection between what we saw in January and the attacks on Google is timing, Mulloy the New York Times, adding that the attacks weren't as broad as the ones described by Google Because the company is subject to these kinds of attacks fairly often, it may well be coincidence, but we suspected it isn't Intel's filing comes just days after US researchers revealed that they discovered the programmer responsible for the code used in the Google attack Without releasing his name or their own, for that matter , the researchers said that the programmer in question was not responsible for carrying out the attacks, and that he was just a freelancer who happened to be working with the Chinese government But, as various security experts have pointed out, further research into the origins of the attack won't be possible without the cooperation of the Chinese government, which has been difficult to say the least to obtain thus far IMAGE IMAGE IMAGE http://www.secuobs.com/revue/news/194868.shtmlhttp://www.secuobs.com/revue/news/194868.shtml 2010-02-23 23:44:23 - Roer.com Information Security blog : IMAGE Intel was targeted by sophisticated attacks last month, about the same time that Google reported its network had been breached, allegedly by Chinese hackers In its annual report filed Monday with the US Securities and Exchange Commission SEC , Intel confirmed that it had been hit in January We regularly face attempts by others to gain unauthorized access through the Internet to our information technology systems by, for example, masquerading as authorized users or surreptitious introduction of software, read the 10-K filing These attempts, which might be the result of industrial or other espionage, or actions by hackers seeking to harm the company, its products, or end users, are sometimes successful One recent and sophisticated incident occurred in January 2010 around the same time as the recently publicized security incident reported by Google Intel did not reveal whether the attacks had accessed or stolen confidential company information, an admission that Google made last month when it broke the news that it, and other major Western corporations, had been struck with what it called highly sophisticated and targeted attacks Read the article img wwwnet-securityorg http://www.secuobs.com/revue/news/194858.shtmlhttp://www.secuobs.com/revue/news/194858.shtml 2010-02-23 23:14:18 - The Tech Herald Security News : In a recent 10-K filing with the SEC Securities and Exchange Commission , Intel makes mention of an attack around the same time as Google This disclosure, located in the risks section of the 10-K form, has sparked new waves of FUD and hype surrounding the attacks on Google and twenty others earlier this year Calling the latest news surrounding Intel FUD requires that the actual disclosure itself has an examination http://www.secuobs.com/revue/news/194844.shtmlhttp://www.secuobs.com/revue/news/194844.shtml