http://www.secuobs.com Observatoire de la securite Internet fr webmaster@secuobs.com 2010-03-18 02:19:26 - Information Security Resources : From the Infosec Island Network Unfortunately for the frequent flyers among us, recent industry research from TrustWave s Spider Labs showed that hackers went after hotel networks more than any other destination in 2009, accounting for 38pourcents of all known security breeches, more than the financial services industry 19pourcents and retail industries 142pourcents combined http://www.secuobs.com/revue/news/202837.shtmlhttp://www.secuobs.com/revue/news/202837.shtml 2010-03-18 01:49:32 - Hack In The Box : Unidentified hackers struck the computerized system used to transmit voting data in Colombia's legislative elections, disrupting the vote count, the private contractor responsible for the system charged Wednesday Ivan Ribon, spokesman for Arolen, a company hired to transmit results of Sunday's voting over the Internet, told local media Wednesday that hackers struck at the moment polls closed at 2100 GMT Early reviews show that there were 75,000 hits a second, which does not happen even on the busiest sites in the world, Ribon told RCN radio That went on all night Sunday into Monday, which forced us in order to safeguard the integrity and confidentiality of the data, to downgrade service on Internet results, he explained http://www.secuobs.com/revue/news/202825.shtmlhttp://www.secuobs.com/revue/news/202825.shtml 2010-03-17 23:47:03 - Computer Security News : More than 100 Austin car buyers had their vehicles disabled or triggered to continuously honk after police said a former employee hacked into the company's account http://www.secuobs.com/revue/news/202759.shtmlhttp://www.secuobs.com/revue/news/202759.shtml 2010-03-17 22:17:23 - Threat Level : More than 100 drivers in Austin, Texas found their cars disabled or the horns honking out of control, after an intruder ran amok in a web-based vehicle-immobilization system normally used to get the attention of consumers delinquent in their auto payments Police with Austin s High Tech Crime Unit on Wednesday arrested 20-year-old Omar Ramos-Lopez, a former http://www.secuobs.com/revue/news/202728.shtmlhttp://www.secuobs.com/revue/news/202728.shtml 2010-03-17 21:47:14 - eSecurity Planet Features : The SEC convinced a US federal judge to freeze the assets of a Russian company accused of using investors' stolen passwords and usernames to game equity trades on some 38 stocks http://www.secuobs.com/revue/news/202715.shtmlhttp://www.secuobs.com/revue/news/202715.shtml 2010-03-17 19:53:00 - Rootsecure.net : Wired SEC - Hacker Manipulated Stock Prices http://www.secuobs.com/revue/news/202691.shtmlhttp://www.secuobs.com/revue/news/202691.shtml 2010-03-17 17:53:31 - Packet Storm Security Headlines : http://www.secuobs.com/revue/news/202638.shtmlhttp://www.secuobs.com/revue/news/202638.shtml 2010-03-17 03:16:42 - Hack In The Box : The Securities and Exchange Commission said on Tuesday that US District Judge Richard Holwell had granted its request on Monday to freeze the assets of BroCo Investments Inc and Valery Maltsev, BroCo's president and sole officer, pending a preliminary hearing In its complaint, filed in Manhattan federal court, the SEC alleged that BroCo and Maltsev had manipulated the markets of at least 38 securities issuers between August 2009 and December 2009 by acquiring positions in their own accounts before placing buy orders minutes later at above-market prices in the compromised accounts They then allegedly sold the positions in their own accounts at artificially inflated prices In other cases, the complaint alleged, the defendants profited by covering short positions previously established in their account while placing unauthorized sell orders through the compromised accounts at substantially lower prices http://www.secuobs.com/revue/news/202441.shtmlhttp://www.secuobs.com/revue/news/202441.shtml 2010-03-17 03:16:42 - Hack In The Box : Serbian police have arrested 15 hackers for defrauding hundreds of cars and several apartments in a TV auction gameshow, but the man who invented the scheme has provoked an outpouring of public support The man, Predrag Beciric, admitted to the police that he â wonâ 120 automobiles and seven apartments in an auction organised by the state lottery on Serbian state television and on a private television station Pink â I just used my brain, but Iâ m not a crook,â he told the police Members of the group were arrested last week and, as investigation details slowly poured out, the affair was quickly described by local media as a â fraud of the centuryâ http://www.secuobs.com/revue/news/202434.shtmlhttp://www.secuobs.com/revue/news/202434.shtml 2010-03-16 22:03:06 - threatpost The First Stop for Security News : An exploit writer at Core Security Technologies has discovered a serious vulnerability that exposes users of Microsoft s Virtual PC virtualization software to malicious hacker attacks The vulnerability, which is unpatched, essentially allows an attacker to bypass several major security mitigations -- Data Execution Prevention DEP , Safe Exception Handlers SafeSEH and Address Space Layout Randomization ASLR -- to exploit the Windows operating system Shorten URL http threatpostcom en_us 3hj Click to copy to clipboard or post to Twitter http://www.secuobs.com/revue/news/202345.shtmlhttp://www.secuobs.com/revue/news/202345.shtml 2010-03-16 21:08:17 - Threat Level : United States regulators are moving to freeze the assets and trading accounts of a Russian accused of hacking into personal online portfolios and manipulating the price of dozens of stocks listed on the Nasdaq Stock Market and New York Stock Exchange The Securities and Exchange Commission is asking a federal judge to freeze all movement of http://www.secuobs.com/revue/news/202313.shtmlhttp://www.secuobs.com/revue/news/202313.shtml 2010-03-16 13:39:03 - Security Bloggers Network : Remember the ghastly story from last year of how ESPN sports presenter Erin Andrews was secretly filmed naked in her hotel room The video was predictably posted on the internet If that wasn't unsavoury enough, hackers weren't slow to take advantage as they created webpages that pretended to be the video but really installed malware http://www.secuobs.com/revue/news/202154.shtmlhttp://www.secuobs.com/revue/news/202154.shtml 2010-03-16 07:03:31 - Packet Storm Security Headlines : http://www.secuobs.com/revue/news/202068.shtmlhttp://www.secuobs.com/revue/news/202068.shtml 2010-03-16 00:48:55 - Hack In The Box : Scammers using a Brazilian domain name have targeted customers of large Australian domain name and hosting company NetRegistry, seeking usernames and passwords in order to launch new malware attacks NetRegistry, which lays claim to being Australia's largest domain name registrar and second largest web host, today warned its customers to ignore emails being sent from the domain corascombr with the subject line Please Update The offending message asks that NetRegistry subscribers provide their username and password in order to verify a subscriber's profile - and warns that failure to do so would render your email address deactivated http://www.secuobs.com/revue/news/201940.shtmlhttp://www.secuobs.com/revue/news/201940.shtml 2010-03-16 00:48:55 - Hack In The Box : Albert Gonzalez, the convicted ringleader of a major hacking and thieving operation that cost credit unions millions of dollars, still awaits sentencing by a federal court But as he awaits his fate, the cases of his co-conspirators are being resolved, according to court documents The latest is Humza Zaman, 33, former network programmer for Barclay's Bank Zaman pled guilty to being part of the back-end, money laundering part of the Gonzalez operation rather than the hacking part Prosecutors charged Zaman with helping Gonzalex repatriate American currency that purchasers of the stolen card data paid for the information http://www.secuobs.com/revue/news/201937.shtmlhttp://www.secuobs.com/revue/news/201937.shtml 2010-03-15 23:52:30 - terminal23 : It's a long story how I got there, but I found this gem of a post over at the pcianswerscom blog The post by cmark relates his training and experiences as a sniper to that of the motivation and skills of a malicious hacker I admit, in another life I'd love to give the life of a sniper a try Not because of the stereotypical lone gun persona, but rather because of the patience, intelligence, and autonomy required, which does fit my personality Some brief quotes By evaluating the terrain on a map, we could determine the natural lines of drift with some accuracy Many people may not know this but Humans drift toward the path of least resistance Humans traveling would naturally drift toward these lines By understanding these drift lines, you can determine where a patrol will move, get ahead of them and intercept their movement Sounds familiar in business as well In fact, I see this daily from normal users to technical workers to offsite workers to highly skilled software developers They will drift towards least resistance As a sniper, I only need one small mistake I would wait and watch until a unit made a mistake or exposed a vulnerability To protect against me, a unit had to be nearly perfect They had to cover all vulnerabilities and make no mistakes does this sound familiar Point well made, from personal experience So what is the best defense against snipers or hackers Quit simply, other snipers or hackers US sniper doctrine states that the best defense against a sniper is another sniper They possess the same skills, and mentality and can counter the snipers actions and operations And there's the discussion-starter http://www.secuobs.com/revue/news/201907.shtmlhttp://www.secuobs.com/revue/news/201907.shtml 2010-03-15 22:50:43 - News : The newest version of Zeus, a do-it-yourself crimeware kit responsible for millions of dollars in losses by consumers and businesses, comes with anti-piracy provisions similar to those used by Microsoft's Windows, a researcher said today IMAGE http://www.secuobs.com/revue/news/201874.shtmlhttp://www.secuobs.com/revue/news/201874.shtml 2010-03-15 20:58:11 - Computer Security News : Routt County staffers are working to find who hacked the county's Web site The county's director of information systems, Terry Barber, says hackers breached the Web site Friday evening http://www.secuobs.com/revue/news/201824.shtmlhttp://www.secuobs.com/revue/news/201824.shtml 2010-03-15 20:54:53 - Rootsecure.net : The Telegraph Casinos conned by IT hackers who printed false betting slips The pair simply made the machines print out winning vouchers for sums of up to 600, whatever the outcome on the wheel http://www.secuobs.com/revue/news/201823.shtmlhttp://www.secuobs.com/revue/news/201823.shtml 2010-03-15 17:34:07 - Packet Storm Security Headlines : http://www.secuobs.com/revue/news/201739.shtmlhttp://www.secuobs.com/revue/news/201739.shtml 2010-03-15 17:34:07 - Packet Storm Security Headlines : http://www.secuobs.com/revue/news/201738.shtmlhttp://www.secuobs.com/revue/news/201738.shtml 2010-03-15 09:45:07 - securitystream.info : Posted by InfoSec News on Mar 14 http blogsforbescom firewall 2010 03 12 hancock-fabrics-hackers-switch-stores-pin-pads By Andy Greenberg The Firewall Forbescom March 12, 2010 Targeting point-of-sale devices with malicious software is standard practice, as the wave of retail hackings over the last few years have shown But targeting them with malicious hardware -- that requires another level of brazenness altogether According to a letter that retailer Hancock Related posts 1 Hancock Fabrics Linked to Fraud in 3 States 2 Oracle Hacker Gets The Last Word 3 Pentagon expands exclusive deal with McAfee http://www.secuobs.com/revue/news/201611.shtmlhttp://www.secuobs.com/revue/news/201611.shtml 2010-03-15 01:11:11 - Hack In The Box : COMPUTER hackers linked to the Russian mafia robbed Royal Bank of Scotland customers of  6million in 12 hours The crooks pulled off the massive sting by dispatching an army of thieves using cloned debit cards to blitz more than 2000 cash machines in 280 cities worldwide Stunned bosses at the Edinburgh bank were helpless to stop  6million of cash being plundered from the ATMs in Scotland's biggest bank heist But, we can reveal gang leader Viktor Pleshchuk, 28, has been snared in the Russian city of St Petersburg following a massive FBI investigation Acting US Attorney Sally Quillian Yates described the heist as perhaps the most sophisticated and organised computer fraud attack ever conducted http://www.secuobs.com/revue/news/201562.shtmlhttp://www.secuobs.com/revue/news/201562.shtml 2010-03-15 01:11:11 - Hack In The Box : Andrew Ashley, 30, and Nimesh Bhagat, 31, stole more than  33,000 by infiltrating software controlling remote betting machines covering live roulette wheels at four Gala Casinos in London, a court heard The pair simply made the machines print out winning vouchers for sums of up to  600, whatever the outcome on the wheel But they were caught out when a cashier realised a payout was impossible as only  10 had been wagered at odds of 35-1, Croydon Crown Court was told Officials began an inquiry and quickly traced a string of suspicious wins back to the two contractors, who were employed as problem analysts http://www.secuobs.com/revue/news/201555.shtmlhttp://www.secuobs.com/revue/news/201555.shtml 2010-03-13 18:12:59 - Packet Storm Security Headlines : http://www.secuobs.com/revue/news/201380.shtmlhttp://www.secuobs.com/revue/news/201380.shtml 2010-03-13 18:12:59 - Packet Storm Security Headlines : http://www.secuobs.com/revue/news/201378.shtmlhttp://www.secuobs.com/revue/news/201378.shtml 2010-03-13 07:14:16 - DarkReading All Stories : Internet gaming companies can be damaged by cyber attacks in a broader variety of ways than other companies http://www.secuobs.com/revue/news/201314.shtmlhttp://www.secuobs.com/revue/news/201314.shtml 2010-03-13 02:52:13 - Graham Cluley's blog : Authorities in Turkey have apprehended 23 people alleged to have been involved in hacking attacks on government websites According to media reports, the detainees are believed to be connected to the outlawed Kurdistan Workers Party PKK , and were following instructions from PKK leaders to break into the websites of Turkish state institutions Five of the alleged hackers http://www.secuobs.com/revue/news/201301.shtmlhttp://www.secuobs.com/revue/news/201301.shtml 2010-03-12 17:17:13 - Packet Storm Security Headlines : http://www.secuobs.com/revue/news/201135.shtmlhttp://www.secuobs.com/revue/news/201135.shtml 2010-03-12 12:38:37 - securitystream.info : PKK s'kiddies Turkey has arrested 23 hackers suspected of links with the outlawed Kurdistan Workers' Party PKK and attacks on government websites Related posts 1 Government websites hacked in protest 2 FBI Suspects Terrorists Are Exploring Cyber Attacks 3 Hacker Arrested in Billboard Porn Stunt http://www.secuobs.com/revue/news/201059.shtmlhttp://www.secuobs.com/revue/news/201059.shtml 2010-03-12 01:29:28 - Packet Storm Security Headlines : http://www.secuobs.com/revue/news/200935.shtmlhttp://www.secuobs.com/revue/news/200935.shtml 2010-03-12 01:29:28 - Packet Storm Security Headlines : http://www.secuobs.com/revue/news/200934.shtmlhttp://www.secuobs.com/revue/news/200934.shtml 2010-03-12 00:52:15 - LinuxSecurity.com Latest News : LinuxSecuritycom Andrei is a young man with immense power at his fingertips He's a reformed Russian hacker Back hunched, eyes fixed on the computer screen in front of him, he demonstrates what he can do http://www.secuobs.com/revue/news/200917.shtmlhttp://www.secuobs.com/revue/news/200917.shtml 2010-03-12 00:45:14 - Hack In The Box : Researchers at Rutgers University in the US have developed a proof-of-concept rootkit capable of compromising most aspects of a smartphone They have shown how a software attack could cause a smartphone to eavesdrop on a meeting or track its owner's location Unlike viruses, rootkits attack operating systems and can be detected only from outside a corrupted operating system with specialised tools We are showing that people with general computer proficiency can create rootkit malware for smartphones The next step is to work on defences, said professor of computer science Liviu Iftode http://www.secuobs.com/revue/news/200905.shtmlhttp://www.secuobs.com/revue/news/200905.shtml 2010-03-12 00:43:21 - eSecurity Planet Features : What started as 'targeted' attacks may now expand into a full-blown pandemic, since a hacker figured out how to turn hints into a Metasploit exploit module http://www.secuobs.com/revue/news/200896.shtmlhttp://www.secuobs.com/revue/news/200896.shtml 2010-03-11 19:55:39 - Security Bloggers Network : Hacker sites and foreign press are picking up the story today of the arrest of at least 23 hackers in 13 different provinces in Turkey The news was first seen in Russian on 09MAR2010, but is now spreading into the English speaking press, with more de http://www.secuobs.com/revue/news/200782.shtmlhttp://www.secuobs.com/revue/news/200782.shtml 2010-03-11 18:37:52 - Packet Storm Security Headlines : http://www.secuobs.com/revue/news/200750.shtmlhttp://www.secuobs.com/revue/news/200750.shtml 2010-03-11 18:37:52 - Packet Storm Security Headlines : http://www.secuobs.com/revue/news/200749.shtmlhttp://www.secuobs.com/revue/news/200749.shtml 2010-03-11 18:37:52 - Packet Storm Security Headlines : http://www.secuobs.com/revue/news/200748.shtmlhttp://www.secuobs.com/revue/news/200748.shtml 2010-03-11 18:33:17 - SANS Internet Storm Center InfoCON green : ------ Johannes B Ullrich, Ph more http://www.secuobs.com/revue/news/200742.shtmlhttp://www.secuobs.com/revue/news/200742.shtml 2010-03-11 15:59:07 - Infosecurity.US : News, via ComputerWorld Robert McMillan of the United States Federal Deposit Insurance Corporation s assertion of evidence leading the agency to guesstimate on-line banking fraud has led to over 120,000,000 in costs to small businesses who have fallen victim to scams, hacks, cracks and cons More information, inclusive of linkage to the original Related Posts 1 DHS Recruiting Ethical Hackers 2 Measurable Drop In Nefarious UCE Activity After Atrivo Demise 3 Network Solutions Drops The Ball 4 FBI Opens Anti-Fraud Hurricane Gustav Hotline 5 The Night McColo Came Down http://www.secuobs.com/revue/news/200693.shtmlhttp://www.secuobs.com/revue/news/200693.shtml 2010-03-11 09:50:42 - Computer Security News : Hackers are exploiting the just-disclosed unpatched bug in Internet Explorer to launch drive-by attacks from malicious Web sites, security researchers said today http://www.secuobs.com/revue/news/200612.shtmlhttp://www.secuobs.com/revue/news/200612.shtml 2010-03-11 05:37:19 - Computer Security News : Gregg Keizer 11 March, 2010 08 25 Hackers adore Adobe Reader, and have pushed it into first place as the software most often exploited in targeted attacks, a Finnish security company said today http://www.secuobs.com/revue/news/200591.shtmlhttp://www.secuobs.com/revue/news/200591.shtml 2010-03-11 01:40:19 - Hack In The Box : Hackers adore Adobe Reader, and have pushed it into first place as the software most often exploited in targeted attacks, a Finnish security company said today Helsinki-based F-Secure also urged users to update to the newest version of Reader to protect themselves against new attacks taking advantage of a vulnerability patched just three weeks ago According to F-Secure, 61pourcents of the nearly 900 targeted attacks it's tracked in the first two months of 2010 exploited a vulnerability in Reader, Adobe's popular PDF viewer By comparison, Microsoft's Word was exploited in just 24pourcents of the attacks, and bugs in its Excel spreadsheet and PowerPoint presentation maker were leveraged only a combined 14pourcents of the time http://www.secuobs.com/revue/news/200488.shtmlhttp://www.secuobs.com/revue/news/200488.shtml 2010-03-11 01:40:19 - Hack In The Box : Police have detained 23 suspects in operations in 13 provinces, charging them with membership in a terror organization and attacking public institutionsâ Web sites, the daily Radikal reported Wednesday The suspects, allegedly members of the outlawed Kurdistan Workersâ Party, or PKK, were taken to Diyarbak r for questioning The investigation of this case was still continuing when the Daily News went to print A hacker team for the outlawed organization was captured previously, but the members reorganized and attacked roughly 300 Web sites belonging to public institutions http://www.secuobs.com/revue/news/200480.shtmlhttp://www.secuobs.com/revue/news/200480.shtml 2010-03-10 23:55:49 - Skeptikal.org : My mom's uncle Bob passed away last night That's too bad, I never really spent a lot of time with him, and I didn't even know he existed until about a year ago, when I was traveling through southern Utah with my family and we decided to pop in and visit He was awesome While I'm not really active in the DIY community, I always had that mentality- when I was a kid, I'd spend days playing with my Erector set or taking apart toasters and hard drives, eventually graduating to cars and motorcycles, and finally getting into the software side of computers I consider breaking, fixing and building things an essential part of life, but anything I can do pales in comparison to Uncle Bob He lived through the Great Depression, and spent most of his life in a farming community that never really made it out of the depression He never threw anything away, and his back yard was a massive junk yard- the kind of place that car people fantasize about Old tractors, vintage Fords, Chevys, Cadillacs, and a weather-beaten-but-mostly-intact International Harvester remember Mater from the film Cars Most of them aren't salvageable, but there are some gems He flew a Cessna until its hangar collapsed in a windstorm, at which point he bought a Corvette so he could still fly Like many of us, he was a serial career changer, doing what he thought was interesting, moving on when he found something else Uncle Bob had a perpetual motion machine Except he didn't like people calling it that, because that's impossible It was a generator that would lift a weight up an inclined plane, let it slide down, powering a generator that charged a battery that in turn would lift the weight up I have no idea how it was supposed to work, because he never did figure out the friction issue Maybe somebody here has ideas It was a pretty cool bit of fabrication, at any rate No point to this post really, I've just been meaning to write about him since I met him We could all learn a lot from the hot rodders, builders, mechanics, and DIY-enthusiasts-by-necessity of past generations If not, they still have great stories http://www.secuobs.com/revue/news/200451.shtmlhttp://www.secuobs.com/revue/news/200451.shtml 2010-03-10 23:37:28 - Zero Day : Hackers using the freely available Metasploit tool can locate infected systems on the local network or gain access to a system running the Energizer backdoor IMAGE http://www.secuobs.com/revue/news/200445.shtmlhttp://www.secuobs.com/revue/news/200445.shtml 2010-03-10 23:35:08 - News : Hackers are exploiting the just-disclosed unpatched bug in Internet Explorer IE to launch drive-by attacks from malicious Web sites, security researchers said today IMAGE http://www.secuobs.com/revue/news/200434.shtmlhttp://www.secuobs.com/revue/news/200434.shtml 2010-03-10 19:28:00 - NovaInfosecPortal.com : Last night I attended the NoVA Hackers Association monthly dinner meetup Instead of having one or two longer talks, this meeting had four shortened 15 minute presentations often called fireside talks Firetalks The talks were great and there was plenty of time to catch up with some of the local infosec pros Approximately 15 people attended the http://www.secuobs.com/revue/news/200335.shtmlhttp://www.secuobs.com/revue/news/200335.shtml 2010-03-10 17:08:41 - Packet Storm Security Headlines : http://www.secuobs.com/revue/news/200257.shtmlhttp://www.secuobs.com/revue/news/200257.shtml 2010-03-10 14:52:20 - Infosecurity.US : In honor and recognition of the phenominal work of Charles P Thacker, the Association of Computing Machinery has awarded the Xerox PARC alumnus with the 2009 AM Turing Award Thacker, creator of the Alto, the first modern personal computer also cited was his co-creation of Ethernet Networking, in, and of itself, one of the great Related Posts 1 Genius Barbara Liskov, PhD, Named Winner Of 2008 ACM AM Turing Award 2 ACM Fellow Named Oscar Winner 3 Bletchely Park Slates 2009 Alan Turing Memorial Soiree 4 Genius Alan Mathison Turing, PhD, OBE, FRS 5 ACM Announces Awards Deadline http://www.secuobs.com/revue/news/200206.shtmlhttp://www.secuobs.com/revue/news/200206.shtml 2010-03-10 12:20:26 - Kernel Mustard : I just saw Sergey Bratus s talk at TROOPERS 10 He s an interesting guy, and his talk was good He s a CS professor at Dartmouth, and he s actually making an effort, on behalf of the academic community, to inject some genuine security clue into the education of CS students He obviously has a tough topic to http://www.secuobs.com/revue/news/200176.shtmlhttp://www.secuobs.com/revue/news/200176.shtml 2010-03-10 09:21:05 - Information Security Resources : From the Infosec Island Network If you choose believe the writings of Mandiant, you re under the impression that Chinese hackers are hellbent on taking over every large corporation in the United States http://www.secuobs.com/revue/news/200145.shtmlhttp://www.secuobs.com/revue/news/200145.shtml 2010-03-10 01:14:10 - Hack In The Box : Microsoft on Tuesday warned that hackers are targeting a freshly-uncovered weakness in some earlier versions of its Internet Explorer IE Web browser software Microsoft said it is investigating a hole that cyber attackers are taking advantage of in IE 6 and IE 7 At this time, we are aware of targeted attacks attempting to use this vulnerability, Microsoft said in an advisory posted along with a routine release of patches for Windows and Office software We will continue to monitor the threat environment and update this advisory if this situation changes Hackers could use the flaw to remotely seize control of computers The new IE 8 Web browser and an old IE 5 version are not affected, according to the US software colossus http://www.secuobs.com/revue/news/200038.shtmlhttp://www.secuobs.com/revue/news/200038.shtml 2010-03-09 23:13:46 - Rootsecure.net : Lifehacker Five Best VPN Tools http://www.secuobs.com/revue/news/199944.shtmlhttp://www.secuobs.com/revue/news/199944.shtml 2010-03-09 22:52:20 - Black Hat Announcements : By the end of this course, you will be able to research and develop an exploit from scratch by auditing code or fuzzing an application, reverse engineering the issue, and developing a exploit for the vulnerability you discovered This knowledge will help developers produce better code, and will help security researchers or malware analysts in their daily tasks http://www.secuobs.com/revue/news/199936.shtmlhttp://www.secuobs.com/revue/news/199936.shtml 2010-03-09 18:52:36 - Packet Storm Security Headlines : http://www.secuobs.com/revue/news/199833.shtmlhttp://www.secuobs.com/revue/news/199833.shtml 2010-03-09 18:52:36 - Packet Storm Security Headlines : http://www.secuobs.com/revue/news/199831.shtmlhttp://www.secuobs.com/revue/news/199831.shtml 2010-03-09 18:19:14 - LinuxSecurity.com Latest News : LinuxSecuritycom Ongoing computer scams targeting small businesses cost US companies US 25 million in the third quarter of 2009, according to the US Federal Deposit Insurance Corporation Online banking fraud involving the electronic transfer of funds has been on the rise since 2007 and rose to over US 120 million in the third quarter of 2009, according to estimates presented Friday at the RSA Conference in San Francisco, by David Nelson, an examination specialist with the FDIC http://www.secuobs.com/revue/news/199815.shtmlhttp://www.secuobs.com/revue/news/199815.shtml 2010-03-09 15:22:38 - Infosecurity.US : Excoriation time Focusing it s mighty lens of scrutiny on the founder of Facebook, Mark Zuckerberg, the UK s Daily Mail creates a rather small ripple in the sea of iniquity, swimming with scum of the earth aka Northern California s Silicon Valley A short snippet of the sorry tail, and allegations of nefarious conduct by Zuckerberg, Related Posts 1 US Targets Chinese State-Sponsored Hacker Responsible For Google Break-In 2 Another Facebook Scam Rears Ugly Little Head 3 Social Networker Is Your Life Empty 4 Dinosaur Comics A Billion Religions 5 Dilbert One Dollar http://www.secuobs.com/revue/news/199742.shtmlhttp://www.secuobs.com/revue/news/199742.shtml 2010-03-09 04:01:50 - Packet Storm Security Headlines : http://www.secuobs.com/revue/news/199612.shtmlhttp://www.secuobs.com/revue/news/199612.shtml 2010-03-09 03:27:48 - Infosecurity USA Latest News : In further proof that the hospitality industry is becoming a prime target for hackers, The Westin Bonaventure Hotel and Suites has admitted a likely data security breach http://www.secuobs.com/revue/news/199596.shtmlhttp://www.secuobs.com/revue/news/199596.shtml 2010-03-09 03:26:53 - Hack In The Box : If evidence is presented that attacks on Google originated in China, authorities there said they will punish those responsible However, Chinese sources reportedly said they have yet to receive proof of charges that hackers based in China were responsible for the recent hacks incurred by Google, as well as some 30 other high-profile corporations According to an item posted Saturday by the Chinese state news agency Xinhua, Google has yet to file a report with the Ministry of Industry and Information Technology over the attacks â If Google has had evidence that the attacks came from China, the Chinese government will welcome them to provide the information and will severely punish the offenders according to the law,â Vice Minister Miao Wei said in the report http://www.secuobs.com/revue/news/199589.shtmlhttp://www.secuobs.com/revue/news/199589.shtml 2010-03-09 00:20:17 - News : Ongoing computer scams targeting small businesses cost US companies US 25 million in the third quarter of 2009, according to the US Federal Deposit Insurance Corporation IMAGE http://www.secuobs.com/revue/news/199530.shtmlhttp://www.secuobs.com/revue/news/199530.shtml 2010-03-08 23:29:04 - securitystream.info : A Thai court has approved the extradition to the US of a Malaysian man allegedly involved in hacking credit card information, causing massive losses for victims in the US Gooi Kokseng will first be held in Thailand for 30 days in case he decides to appeal the court ruling, an employee at Thailand's Office of the Attorney General said by phone Related posts 1 Hacker charges 43, 000 in calls to Buffalo Grove firm s phone 2 TJX Hacker to Plead Guilty to Credit Card Breach 3 Computer hacker accused of stealing 130M credit card numbers plans to plead guilty http://www.secuobs.com/revue/news/199513.shtmlhttp://www.secuobs.com/revue/news/199513.shtml 2010-03-08 21:38:29 - Security Bloggers Network : I was happy to see that a second Hackerspace was starting in Belgium after the one in Brussels And now after finding a location, they are ready to open their doors More info at http hsgbn2vscom Opening_Weekend There will be presentations or workshops on topics like openWRT and IPv6 Let's not forget the opening drink pssttt, they have Club Mate Since it's a complete weekend, you don't have any excuse and have to drop by Related posts Hackerspace Antwerp in bootstrap mode The date for the Hackerspace Antwerp Startup Meeting Discussing about Hackerspace Antwerp What is a hackerspace What does a hackerspace look like And the next Hackerspace Brussels meetup Photo under creative commons from Laughing Squid's photostream IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE http://www.secuobs.com/revue/news/199455.shtmlhttp://www.secuobs.com/revue/news/199455.shtml 2010-03-08 17:32:59 - threatpost The First Stop for Security News : A Thai court has approved the extradition to the US of a Malaysian man allegedly involved in hacking credit card information, causing massive losses for victims in the US Read the full article Computerworld Shorten URL http threatpostcom en_us 3e4 Click to copy to clipboard or post to Twitter http://www.secuobs.com/revue/news/199375.shtmlhttp://www.secuobs.com/revue/news/199375.shtml 2010-03-08 17:17:47 - Packet Storm Security Headlines : http://www.secuobs.com/revue/news/199369.shtmlhttp://www.secuobs.com/revue/news/199369.shtml 2010-03-08 14:56:27 - Sophos security news : Movie-lovers at risk of infection from fake anti-virus traps http://www.secuobs.com/revue/news/199332.shtmlhttp://www.secuobs.com/revue/news/199332.shtml 2010-03-08 13:39:42 - Graham Cluley's blog : Last night saw Kathryn Bigelow's hard-hitting film The Hurt Locker , about a bomb disposal team in Iraq, scoop the major gongs at the Academy Awards It shouldn't probably be any surprise to hear that movie buffs around the world used the internet to keep track of who won which Oscars, and - sadly -that http://www.secuobs.com/revue/news/199312.shtmlhttp://www.secuobs.com/revue/news/199312.shtml 2010-03-08 12:18:23 - News : A Thai court has approved the extradition to the US of a Malaysian man allegedly involved in hacking credit card information, causing massive losses for victims in the US IMAGE http://www.secuobs.com/revue/news/199303.shtmlhttp://www.secuobs.com/revue/news/199303.shtml 2010-03-08 09:19:09 - securitystream.info : Posted by InfoSec News on Mar 07 http contentusatodaycom communities hotelcheckin post 2010 03 hackers-breach-westin-bonaventure-los-angeles-networks-cybercriminal 1 By Barbara De Lollis USA TODAY Hotel Check-In March 07, 2010 You may have to monitor your credit card statements - and even place a fraud alert on your card - if you ate or parked your car at the Westin Bonaventure Hotel Suites in Los Angeles between April 2009 and December 2009 Why The Westin Related posts 1 Plan to attack five-star hotel foiled 2 Bank s antifraud tactics stun security expert How much do they know 3 Verified by Visa bitchslapped by Cambridge researchers http://www.secuobs.com/revue/news/199275.shtmlhttp://www.secuobs.com/revue/news/199275.shtml 2010-03-08 00:59:59 - Computer Security News : Xocalinet web-site, containing archive of documents in relation to the issue of Khojaly, was attacked early on March 2 When the site administrators started investigating who is attacking their network, they found out Baku's IP-address 811790144 of the Bakinternet Network http://www.secuobs.com/revue/news/199210.shtmlhttp://www.secuobs.com/revue/news/199210.shtml 2010-03-07 06:20:19 - Computer Security News : Via Acquire Media NewsEdge Mar 4--A hacker who identifies himself only as Evil Taco has been in Pittsburgh since Y2K and describes himself as that one family member who everyone calls when they can't get the Google to work After teaching himself coding and getting a little help from his friends, Evil Taco said he had committed online piracy, http://www.secuobs.com/revue/news/199073.shtmlhttp://www.secuobs.com/revue/news/199073.shtml 2010-03-07 02:07:54 - Computer Security News : Bulgarian hackers-for-hire and good Streisand seats Bruce Springsteen, left, performs with Steven Van Zandt during a concert of his Working On A Dream tour at the Stade de Suisse stadium in Bern, Switzerland http://www.secuobs.com/revue/news/199045.shtmlhttp://www.secuobs.com/revue/news/199045.shtml 2010-03-06 18:37:01 - Packet Storm Security Headlines : http://www.secuobs.com/revue/news/199000.shtmlhttp://www.secuobs.com/revue/news/199000.shtml 2010-03-06 17:27:55 - Computer Security News : Hackers who breached Google and other companies in January targeted source code management systems, security firm McAfee asserted Wednesday, manipulating a little-known trove of security flaws that would allow easy unauthorized access to the intellectual property it is meant to protect http://www.secuobs.com/revue/news/198987.shtmlhttp://www.secuobs.com/revue/news/198987.shtml 2010-03-05 19:38:59 - Rootsecure.net : Mac World FBI Director - Hackers have corrupted valuable data http://www.secuobs.com/revue/news/198741.shtmlhttp://www.secuobs.com/revue/news/198741.shtml 2010-03-05 14:16:36 - Security Bloggers Network : When you think of those evil genius types who can hack into internet applications or just about anything with an electronic brain, you envision dark shadowy creatures But at a security conference in Vancouver called CanSecWest, a brilliant technique for taking all that pent up genius for hacking and putting it to work to http://www.secuobs.com/revue/news/198649.shtmlhttp://www.secuobs.com/revue/news/198649.shtml 2010-03-05 12:02:46 - Roger Halbheer on Security : Body In the world of Chinese Hackers there seems to be a group especially for female hackers I just read this post Chinese Female Hacker Group which show a pretty high growth rate of women joining The website for the China Girl Security Team was registered on 12 Mar 2007 and currently has 2,217 members The leader of the group Xiao Tian, is only 19 years old Roger Category CybercrimePublished 04062008 15 00 http://www.secuobs.com/revue/news/198564.shtmlhttp://www.secuobs.com/revue/news/198564.shtml 2010-03-05 12:02:46 - Roger Halbheer on Security : It will be interesting how you see it When I blogged on Suspended Jail for Hacking Tutorial in France, I got quite some negative feedback like do you have nothing better to do than to go after these guys , why should it be illegal to publish such a tutorial etc So, where do you draw the line I think I was clear about that in my last post and here again If you have a clear tutorial to commit a criminal activity, this should be punished Now, a Turkish hacker was arrested because he published a video with a lot of tips how to skim ATMs Turkish hacker arrested by FBI made video giving tips for installing ATM skimmers is this now going too far as well for you What about your bank account - Roger http://www.secuobs.com/revue/news/198506.shtmlhttp://www.secuobs.com/revue/news/198506.shtml 2010-03-05 08:14:01 - Information Security Resources : From the Infosec Island Network The US Department of Defense DoD announces the official approval of the EC-Council Certified Ethical Hacker CEH certification program as a new baseline skills requirement for UScyber defenders Specifically, the new Certified Ethical Hacker program is required for the DoD's computer network defenders CND's , a specialized personnel classification within the DoD's information assurance workforce http://www.secuobs.com/revue/news/198296.shtmlhttp://www.secuobs.com/revue/news/198296.shtml 2010-03-05 05:44:45 - Packet Storm Security Headlines : http://www.secuobs.com/revue/news/198270.shtmlhttp://www.secuobs.com/revue/news/198270.shtml 2010-03-05 03:23:51 - News : Hackers breaking into businesses and government agencies with targeted attacks have not only stolen intellectual property, in some cases they have corrupted data too, the head of the US Federal Bureau of Investigation said Thursday IMAGE http://www.secuobs.com/revue/news/198241.shtmlhttp://www.secuobs.com/revue/news/198241.shtml 2010-03-05 03:01:22 - Hack In The Box : The Criminal Court on Thursday decided to extradite a Malaysian suspected computer hacker to the United States for further legal action Gooi Kokseng, alias Delpiero, 44, is wanted by the US for being a member of a gang of credit cards data hackers which had committed computer crime in the US and Southeast Asia causing more than US 150 million or about 5,000 million baht The man was arrested in Thailand on Jan 13 last year after the US made a request through the Foreign Ministry http://www.secuobs.com/revue/news/198228.shtmlhttp://www.secuobs.com/revue/news/198228.shtml 2010-03-04 21:50:59 - Rootsecure.net : Wired Google Hackers Had Ability to Alter Source Code http://www.secuobs.com/revue/news/198135.shtmlhttp://www.secuobs.com/revue/news/198135.shtml 2010-03-04 20:11:39 - LinuxSecurity.com Latest News : LinuxSecuritycom Companies should take extra steps to secure their source code from the type of targeted attacks that hit Google, Adobe, Intel and others over the past few months That's according to security vendor McAfee, which released a report detailing the way software source code was accessed in some of these attacks http://www.secuobs.com/revue/news/198101.shtmlhttp://www.secuobs.com/revue/news/198101.shtml 2010-03-04 12:03:32 - SecurityPark.net : Imperva's latest report warns that hackers have become industrialized and represent an exponentially increased threat to individuals, organizations and Government Imperva's report says the emerging industrialization of hacking parallels the way in which the 19th century revolution advanced methods and accelerated assembly from single to mass production The result is that today's cybercrime ind more http://www.secuobs.com/revue/news/197978.shtmlhttp://www.secuobs.com/revue/news/197978.shtml 2010-03-04 05:48:56 - Threat Level : The hackers who targeted Google and other companies in January targeted the source code management systems of companies, allowing them to siphon source code as well as modify it, according to a new report More importantly, systems that the companies used to develop and manage their source code have numerous security flaws that would allow easy http://www.secuobs.com/revue/news/197920.shtmlhttp://www.secuobs.com/revue/news/197920.shtml 2010-03-04 01:02:39 - Hack In The Box : McAfee Inc, exploring the cyber attacks originating from China, discovered at least six incidents in which hackers broke into the computer systems that companies use to house valuable intellectual property â We know that these systems were absolutely targeted for the crown jewels of each organization -- potentially representing billions of dollars,â George Kurtz, McAfeeâ s chief technology officer, said today in an interview from Santa Clara, California â We want to shed light on a problem that many didnâ t realizeâ Many companies hold source codes, product formulas and other kinds of intellectual property in â software configuration management systems,â said McAfee, the second-largest maker of security software Companies typically set up these systems to support collaboration and version control, and they assume network security will keep their internal systems safe http://www.secuobs.com/revue/news/197821.shtmlhttp://www.secuobs.com/revue/news/197821.shtml 2010-03-03 10:31:38 - securitystream.info : Posted by InfoSec News on Mar 02 http wwwinformationweekcom news government security showArticlejhtml articleID 223101209 By Elizabeth Montalbano InformationWeek March 2, 2010 Official government cyber defenders are now required to have the skills of a hacker according to a mandatory certification approved this week by the Department of Defense The DoD now requires its computer network defenders CNDs pass Certified Ethical Hacker certification program from the Related posts 1 Military To Tighten Vendor Cybersecurity Policies 2 Homeland Security Plans Cybersecurity, Data Center Investments 3 Certifications A false sense of security http://www.secuobs.com/revue/news/197507.shtmlhttp://www.secuobs.com/revue/news/197507.shtml 2010-03-03 04:08:04 - Hack In The Box : IT companies spend billions on R D to improve their products and take advantage of the latest technologies But as it turns out, so do cybercriminals, and that strategy seems to be working pretty well Cloud computing, search engine optimization and security exploit frameworks are all examples of tools that can help both legitimate companies and hackers conduct their business more effectively, security researchers said Tuesday in a panel discussion at RSA 2010 in San Francisco Metasploit, the open-source penetration testing framework bought by Rapid7 last year, was originally created as an exploitation framework but is quickly morphing into a general purpose attack suite, according to Ed Skoudis, vice president of security strategy for Predictive Systems http://www.secuobs.com/revue/news/197419.shtmlhttp://www.secuobs.com/revue/news/197419.shtml 2010-03-03 02:16:52 - Hack In The Box : While Google called a cyber-attack against its network last January a highly sophisticated and targeted attack, security experts said the techniques show the attackers to be nothing more than amateurs According to a report that cybersecurity firm Damballa released Tuesday, the China-based Aurora hackers who targeted Google were more varied in their tactics and less advanced than early reports indicate The report could be a blow to Google's efforts to classify the attack as state-sponsored, giving it considerably less leverage as it attempts to negotiate with China about its continued operations in the country Damballa links the attacks to a group of botnets --collections of computers compromised with hidden software--that used software it said were over 5 years old, and deploying techniques it described as old school http://www.secuobs.com/revue/news/197393.shtmlhttp://www.secuobs.com/revue/news/197393.shtml 2010-03-03 01:28:03 - Threat Level : BOSTON Reuters - Spanish police have shut down a ring of computer hackers who infected more than 13 million PCs with a virus that stole credit card numbers and other valuable data in what may be the biggest cyber-raid to date Spain s Civil Guard said on Tuesday that it arrested three men suspected of running the http://www.secuobs.com/revue/news/197375.shtmlhttp://www.secuobs.com/revue/news/197375.shtml 2010-03-03 00:07:15 - HackBloc.org : An alleged hacker has been hailed as a latter-day Robin Hood for leaking data about the finances of banks and state-owned firms to Latvian TV Using the alias Neo - a reference to The Matrix films - the hacker claims he wants to expose those cashing in on the recession in Latvia He is slowly passing details of leading Latvian firms via Twitter to the TV station and has its audiences hooked The Latvian government and police are investigating the security breach Data leaked so far includes pay details of managers from a Latvian bank that received a bail-out It reveals that many did not take the salary cuts they promised Other data shows that state-owned companies secretly awarded bonuses while publicly asking the government for help More at http newsbbccouk 2 hi technology 8533641stm All tags hacktivism badassLogin or register to tag items http://www.secuobs.com/revue/news/197361.shtmlhttp://www.secuobs.com/revue/news/197361.shtml 2010-03-02 23:00:43 - Security : Department of Defense hackers must now pass the Certified Ethical Hacker certification program Read More InformationWeek Government Read the comments on this post IMAGE IMAGE IMAGE http://www.secuobs.com/revue/news/197321.shtmlhttp://www.secuobs.com/revue/news/197321.shtml 2010-03-02 13:43:56 - securitystream.info : Your shiny weapons are no good here Crooks have developed a man-in-the-middle-attack designed to circumvent authentication kit used by dedicated World of Warcraft gamers Related posts 1 China cages game Trojan hackers 2 Hackers rigging blogs, email, websites Websense 3 Hackers are defeating tough authentication, Gartner warns http://www.secuobs.com/revue/news/197106.shtmlhttp://www.secuobs.com/revue/news/197106.shtml 2010-03-02 13:41:07 - L'Atelier.fr Toute l'actualité : La méthode dite du ''pot de miel'', utilisée pour attirer les infections, connaît ses limites Les pirates peuvent contourner ces pièges en lançant un virus éclaireur qui vérifie si le serveur est opérationnel ou non IMAGE IMAGE IMAGE IMAGE http://www.secuobs.com/revue/news/197105.shtmlhttp://www.secuobs.com/revue/news/197105.shtml 2010-03-02 02:52:33 - Hack In The Box : Hereâ s some troubling news for my fellow World of Warcraft players It seems that hackers, account thieves, and other miscreants have now embraced man-in-the-middle MITM attacks to further their evil ways Blizzard says itâ s not a widespread issue, and itâ s rather difficult to pull off, but itâ s something yâ all should be aware of The deal is that WoW hackers are able to infect your PCâ this is a PC-only problem, mind you, so Mac players can more or less ignore all of thisâ with a bit of malware thatâ s then able to initiate the MITM attack The purpose of this is to intercept your login name, password, and authenticator number so that they can log into your account Once online, they can do whatever it is youâ d be able to do inside the game world sell items, mail gold to other players, etc They cannot, it should be noted, delete your actual account or anything like that Still, itâ s potentially devastating, selling all your epics for fast gold, then turning around and selling that gold for real money to someone else http://www.secuobs.com/revue/news/196964.shtmlhttp://www.secuobs.com/revue/news/196964.shtml 2010-03-02 02:52:33 - Hack In The Box : Data security vendor, Imperva, likens the 'industrialisation of hacking' to the way the industrial revolution of the 19th century revolutionised factories In its report - the Industrialisation of Hacking - Imperva cites the example of a new hacker scheme that is spawning educational servers worldwide with Viagra ads that go on to infect web users with malware when they visit the infected page on the legitimate education site In its study, the company argues that cybercriminals are using industrialised methods to automate an as-yet unreported search engine manipulation scheme that has infected hundreds, possibly thousands of web pages http://www.secuobs.com/revue/news/196957.shtmlhttp://www.secuobs.com/revue/news/196957.shtml 2010-03-02 00:44:20 - Office of Inadequate Security : Jennifer Fernandez reports A Bennett College official said today that someone hacked a computer in the business office the weekend of Feb 13, accessing personal information of potentially 1,100 employees and students DeQuan Jones, director of information technology, said he believes it is the first time that personal information has been hacked at the all-women s college The breach http://www.secuobs.com/revue/news/196803.shtmlhttp://www.secuobs.com/revue/news/196803.shtml 2010-03-01 23:54:44 - Hack a Day : Patrick Becker had an ancient PC on his hands with a blown PSU He converted this into a stylish home for his Betta splendens The aquarium itself is fashioned from a piece for construction glass block with the top cut off This allows for a window that looks through the tank and shows off the motherboard http://www.secuobs.com/revue/news/196780.shtmlhttp://www.secuobs.com/revue/news/196780.shtml 2010-03-01 23:15:59 - threatpost The First Stop for Security News : A ring of ticket brokers has been indicted in connection to an elaborate hacking scheme that used bots and other fraudulent means to purchase more than 1 million tickets for concerts, sporting events and other events The defendants made more than 25 million in profits from the resale of the tickets between 2002 and 2009 Read the full article Wired Shorten URL http threatpostcom en_us 3Ht Click to copy to clipboard or post to Twitter http://www.secuobs.com/revue/news/196763.shtmlhttp://www.secuobs.com/revue/news/196763.shtml 2010-03-01 23:07:20 - securitystream.info : Over the last two weeks, security researchers have reported eight different zero-day vulnerabilities in Apple's Safari browser Details of these vulnerabilities, all rated high risk, have been sold to Tippingpoint's Zero Day Initiative ZDI , a program that purchases the rights to vulnerability information in exchange for exclusivity to broker fixes with affected vendors Shorten URL http threatpostcom en_us 3HQ Click to copy to clipboard or post to Twitter ZeroClipboardsetMoviePath 'http threatpostcom sites all modules threatpost_tweaks ZeroClipboardswf' var clip new ZeroClipboardClient clipsetHandCursor true clipsetText 'http threatpostcom en_us 3HQ' clipglue 'short_url_link' , 'short_url_cont' Related posts 1 Hacker to Pentagon XSS Flaws Remain 2 Despite Security Hiccups, IE6 Usage Still High 3 Anonymous Hacker Exposes Voice Encryption Flaws http://www.secuobs.com/revue/news/196762.shtmlhttp://www.secuobs.com/revue/news/196762.shtml 2010-03-01 22:01:16 - threatpost The First Stop for Security News : Over the last two weeks, security researchers have reported eight different zero-day vulnerabilities in Apple's Safari browser Details of these vulnerabilities, all rated high risk, have been sold to Tippingpoint's Zero Day Initiative ZDI , a program that purchases the rights to vulnerability information in exchange for exclusivity to broker fixes with affected vendors Shorten URL http threatpostcom en_us 3HQ Click to copy to clipboard or post to Twitter http://www.secuobs.com/revue/news/196714.shtmlhttp://www.secuobs.com/revue/news/196714.shtml 2010-03-01 21:43:42 - securitystream.info : Hackers broke into computer systems at Wyndham Hotels Resorts recently, stealing sensitive customer data The break-in occurred between late October 2009 and January 2010, when it was finally discovered This is the third data breach reported by Wyndham in the past year Read the full article Computerworld Shorten URL http threatpostcom en_us 3HN Click to copy to clipboard or post to Twitter ZeroClipboardsetMoviePath 'http threatpostcom sites all modules threatpost_tweaks ZeroClipboardswf' var clip new ZeroClipboardClient clipsetHandCursor true clipsetText 'http threatpostcom en_us 3HN' clipglue 'short_url_link' , 'short_url_cont' Related posts 1 Wyndham Hotels Hacked Again 2 Hotels Major Target of Credit Card Hacks 3 Trojan Hackers Get Prison in China http://www.secuobs.com/revue/news/196710.shtmlhttp://www.secuobs.com/revue/news/196710.shtml 2010-03-01 18:34:28 - Packet Storm Security Headlines : http://www.secuobs.com/revue/news/196647.shtmlhttp://www.secuobs.com/revue/news/196647.shtml 2010-03-01 16:22:38 - securitystream.info : Dave's websites made to spew 'Vote Labour' spam Conservative party websites have been attacked by mischievous hackers over the weekend, who defaced some of the sites and sent spam messages from others urging people to vote Labour Related posts 1 Hackers Spread Virus Through Bogus Vaccine Website 2 Tories We will set up a permanent War Cabinet 3 Chinese human rights sites hit by DDoS attack http://www.secuobs.com/revue/news/196598.shtmlhttp://www.secuobs.com/revue/news/196598.shtml 2010-03-01 02:05:16 - Hack In The Box : FRAUDSTERS stole the identity of a top Midland cop to bombard people with offers of porn and Viagra on social network site Twitter Internet conmen even tried to get users to reveal their own personal information by pretending to be Chief Inspector Mark Payne from West Midlands Police But the elaborate ruse, known as phishing, was quickly spotted by users of the popular social networking site who contacted the senior officer to alert him to his account being hacked into Last night the former detective, who now heads up the forceâ s public relations team, laughed off the attempted scam http://www.secuobs.com/revue/news/196457.shtmlhttp://www.secuobs.com/revue/news/196457.shtml 2010-03-01 02:05:16 - Hack In The Box : The cyber criminals who hacked into Googleâ s systems may have attacked over 100 other companies, according to new information from security consultancy Isec partners In a blog posting in December last year, Google first announced that its systems had suffered a hacking attack eminating from China, at the time indicating that â at least twenty other large companies from a wide range of businesses--including the Internet, finance, technology, media and chemical sectors--have been similarly targetedâ Other estimates put the figure at more like 30 companies, with Symantec, Adobe and Intel all named as potential victims But having discovered that a larger number of command and control servers than at first thought were involved in the attack, Isec Partners is estimating the number of affected companies to be more than three times that originally thought http://www.secuobs.com/revue/news/196456.shtmlhttp://www.secuobs.com/revue/news/196456.shtml 2010-03-01 02:05:16 - Hack In The Box : Nasa has turned to Nexus Management, a London-listed technology group, to defend its against internet attacks The deal, which Nexus is expected to announce t as early as tomorrow, will see a subsidiary, Resilience Technology provide firewalls to the US space agency as it takes on hackers and computer viruses The deal is one of several contracts that Resilience will detail this week Market sources said that the other contracts will be with a major American telecoms company and a bank based in the Caribbean The deals justify Nexus's acquisition of Resilience for 18m  13m in March The Nexus board, led by its chief executive, Roger Richardson, said at the time that it hoped Resilience would boost its 2010 earnings http://www.secuobs.com/revue/news/196455.shtmlhttp://www.secuobs.com/revue/news/196455.shtml 2010-02-28 21:38:33 - Packet Storm Security Headlines : http://www.secuobs.com/revue/news/196418.shtmlhttp://www.secuobs.com/revue/news/196418.shtml 2010-02-28 09:33:50 - Roer.com Information Security blog : IMAGE TO the horror of Latvia's political establishment, a mysterious group of computer hackers is threatening to expose the incomes of top officials after stealing millions of government tax records The group, calling itself the People's Army of the Fourth Awakening, claimed to have downloaded more than 75 million documents, including VAT receipts and income tax returns from the State Revenue Service after exploiting a security loophole on its website One hacker used the name Neo, in apparent tribute to the hero of The Matrix films, in which a vast system for enslaving humanity is exposed The purpose of the group is to unmask those who gutted the country, Neo told the Latvian television current affairs program Kas Notiek Latvija in an interview posted on its website Neo has been hailed as a digital Robin Hood by disgruntled Latvians after posting details from the documents on the internet to contrast the earnings of top officials with cuts experienced by other workers Latvia's economy shrank by almost a fifth last year and is the weakest in the EU The government slashed state salaries by up to 50 per cent and raised taxes in return for an EU-led bailout that saved the country from bankruptcy as revenues slumped and unemployment jumped to 23 per cent Neo published the salaries of Latvian police chiefs and urged rank-and-file officers to analyse the data and determine whether the salary reform is fair Read the article img voidspaceorguk http://www.secuobs.com/revue/news/196351.shtmlhttp://www.secuobs.com/revue/news/196351.shtml 2010-02-27 09:31:44 - Computer Security News : HACKERS are using the story of the killer whale that killed its US trainer to try to infect computers and steal people's credit card details, an Internet security company warned on Friday http://www.secuobs.com/revue/news/196230.shtmlhttp://www.secuobs.com/revue/news/196230.shtml 2010-02-27 07:22:50 - News : The hackers who broke into Google two months ago have gone after more than 100 companies, according to an estimate by security vendor Isec Partners IMAGE http://www.secuobs.com/revue/news/196223.shtmlhttp://www.secuobs.com/revue/news/196223.shtml 2010-02-26 22:45:25 - Security Bloggers Network : Very funny The story starts with an guy insulting everyone on the IRC channel Most people there believed it was rather funny, but it got even more funny For information The dangerous hacker is called bitchchecker and the one being hacked and origina http://www.secuobs.com/revue/news/196073.shtmlhttp://www.secuobs.com/revue/news/196073.shtml 2010-02-26 22:22:32 - Rootsecure.net : PC World Are Hollywood Hackers Bogus or Bright http://www.secuobs.com/revue/news/196062.shtmlhttp://www.secuobs.com/revue/news/196062.shtml 2010-02-26 22:21:18 - Reverse Engineering : submitted by Chomskyismyhero link comment http://www.secuobs.com/revue/news/196060.shtmlhttp://www.secuobs.com/revue/news/196060.shtml 2010-02-26 20:51:14 - SecurityFocus News : Latvian hacker tweets hard on banking whistle Advertisement Can you answer the ERP quiz These 10 questions determine if your Enterprise RP rollout gets an A http wwwfindtechinfocom as acs pl 781 ca 909 http://www.secuobs.com/revue/news/196016.shtmlhttp://www.secuobs.com/revue/news/196016.shtml 2010-02-26 19:09:28 - Infosecurity USA Latest News : Web application security company Mykonos Software has launched an appliance designed to watch what hackers are doing and take counter measures to confuse and divert them http://www.secuobs.com/revue/news/195982.shtmlhttp://www.secuobs.com/revue/news/195982.shtml 2010-02-26 13:14:22 - securitystream.info : Fat cat pay leaked all over the Baltics A hacker has become a popular hero in the Baltics, and scourge to the authorities, by leaking information on the finances of banks and state-run firms to Latvian TV Related posts 1 Latvians informed by computer hacker 2 Brit ISP knocked offline by Latvian DDOS 3 Boxer Suggests Leaked E-Mails Represent Hacker Conspiracy http://www.secuobs.com/revue/news/195901.shtmlhttp://www.secuobs.com/revue/news/195901.shtml 2010-02-26 10:59:51 - securitystream.info : Posted by InfoSec News on Feb 26 http wwwtimesonlinecouk tol news world europe article7041727ece By Tony Halpin The Times February 26, 2010 To the horror of Latvia s political establishment, a mysterious group of computer hackers is threatening to expose the incomes of top officials after stealing millions of government tax records The group, calling itself the People s Army of the Fourth Awakening, claimed to have downloaded more than 75 million documents, Related posts 1 Government websites hacked in protest 2 Report FBI investigating hacker attack on Citibank 3 Teen accused of hacking into school http://www.secuobs.com/revue/news/195870.shtmlhttp://www.secuobs.com/revue/news/195870.shtml 2010-02-26 06:56:48 - Computer Security News : Quick What's a hacker A pimply faced teenager in a dark bedroom trying to start World War Three, or a thirty-something professional with mad computer skills Although today's hacker is more likely to be a professional software developer or security expert, that pimply faced teenager image persists http://www.secuobs.com/revue/news/195827.shtmlhttp://www.secuobs.com/revue/news/195827.shtml 2010-02-26 01:43:41 - Computer Security News : A 17-year-old honor student from western Pennsylvania has entered the equivalent of a guilty plea to four felony charges in juvenile court for using a computer virus to crash a Sony Entertainment Corp http://www.secuobs.com/revue/news/195758.shtmlhttp://www.secuobs.com/revue/news/195758.shtml 2010-02-26 01:26:24 - Hack In The Box : A group of computer hackers in Latvia has downloaded millions of confidential tax documents from government computers and is posting the details online to expose waste and corruption among the countryâ s leaders The group, which calls itself the Peopleâ s Army of the Fourth Awakening, told local TV that it accessed the documents from the Latvian revenue serviceâ s computers over the course of several months, according to the Associated Press One of the hackers, who calls himself Neo after the main character in the Matrix movies, posted the salaries of members of the Latvian police force and challenged members of the police union to analyze the numbers He also posted the salary and bonus of the CEO of a heating company Some of the leaks have been sent to Latvia TV by way of Twitter, according to BBC News Neo is seen as a kind of Robin Hood figure, according to one of the presenters on Latvian TV http://www.secuobs.com/revue/news/195754.shtmlhttp://www.secuobs.com/revue/news/195754.shtml 2010-02-26 01:26:24 - Hack In The Box : Recent New York Times articles have stirred up the Chinese hacker issue again, which has not only peeved Chinese authorities, but also brought fame to Lanxiang, a little known vocational school in Shandong Province in one of the articles The paper admitted minor technical errors in the story on Wednesday by pointing out mistakes in the scrutiny of two Chinese educational institutions to which researchers have traced online attacks on American companies The correction said the report misstated the location of Duke University's planned campus in China and the date that plans for that campus were announced Both the location and time were mistaken The campus will be in Kunshan, near Shanghai, not in Shanghai itself, and the plans were announced on Jan 22, not 'last year' http://www.secuobs.com/revue/news/195750.shtmlhttp://www.secuobs.com/revue/news/195750.shtml 2010-02-26 01:26:24 - Hack In The Box : IT outsourcing users have been urged to protect themselves against the risk of hackers, as the consequences can be huge if they do not Luis Corrons, technical director for Panda Security, said that firms potentially stand to lose millions of pounds if gaps in their security systems are not plugged According to the specialist, many cybercriminals can take money out of a company bank account unnoticed and it can be months before any loss is registered, by which time it is far too late Mr Corrons told IT outsourcing users Small and medium companies, mainly, are the ones that are most in danger, because they don't have huge security teams in place We see cases of this on almost a daily b http://www.secuobs.com/revue/news/195745.shtmlhttp://www.secuobs.com/revue/news/195745.shtml 2010-02-26 01:26:24 - Hack In The Box : China's leading search engine claims a shocking lack of security nous at its chosen domain name registrar was responsible for a prolonged outage last month China's Baidu says in legal papers that that an obvious scammer was able to con Registercom support staff into handing over the keys to its kingdom, resulting in millions of dollars of lost revenue Baidu, which commands 70 percent of the Chinese search market, was offline for at least four hours on the 12th of January During the incident, its baiducom home page instead showed the messaged â This site has been hacked by the Iranian Cyber Armyâ http://www.secuobs.com/revue/news/195742.shtmlhttp://www.secuobs.com/revue/news/195742.shtml 2010-02-26 01:26:24 - Hack In The Box : Existing threats such as phishing and document format vulnerabilities have continued to expand, even as users improve security, according to a new IBM report The X-Force report reveals three main threats that demonstrate how in 2009 attackers increasingly targeted people using the Internet for monetary gain or data theft The appearance of new malicious Web links has skyrocketed globally in the past year Phishing attacks, or sending email that falsely claims to be from a legitimate organization, also increased dramatically in the second half of 2009 It surpassed the monthly volume seen in 2008, with activity coming from countries that had not previously been in the game http://www.secuobs.com/revue/news/195741.shtmlhttp://www.secuobs.com/revue/news/195741.shtml 2010-02-25 21:47:50 - adafruit industries blog : MacGyver of the Day Electronics Hacker Jeri Ellsworth Makers Lifehacker Electronics hacker, chip maker, race car builder, pin ball machine maker, blowing-stuff-up er http://www.secuobs.com/revue/news/195680.shtmlhttp://www.secuobs.com/revue/news/195680.shtml 2010-02-25 20:34:36 - Rootsecure.net : Computer World Guilty plea for hacker who took Comcast off Web A member of a telephone hacking group known as Kryogeniks has pleaded guilty to taking Comcast Corp's Web site offline in May 2008 http://www.secuobs.com/revue/news/195659.shtmlhttp://www.secuobs.com/revue/news/195659.shtml 2010-02-25 18:33:18 - Packet Storm Security Headlines : http://www.secuobs.com/revue/news/195625.shtmlhttp://www.secuobs.com/revue/news/195625.shtml 2010-02-25 16:38:52 - Sophos security news : Scareware lurks behind websites claiming to contain video footage of death http://www.secuobs.com/revue/news/195565.shtmlhttp://www.secuobs.com/revue/news/195565.shtml 2010-02-25 14:23:55 - News : A member of a telephone hacking group known as Kryogeniks has pleaded guilty to taking Comcast's Web site offline in May 2008 IMAGE http://www.secuobs.com/revue/news/195526.shtmlhttp://www.secuobs.com/revue/news/195526.shtml 2010-02-25 10:24:16 - securitystream.info : Posted by InfoSec News on Feb 24 http wwwcomputerworldcom s article 9162118 Baidu_Registrar_incredibly_changed_our_e_mail_for_hacker taxonomyId 17 By Owen Fletcher and Robert McMillan IDG News Service February 24, 2010 A hacker who took down top Chinese search engine Baiducom last month broke into its account with a US domain name registrar by pretending to be from Baidu in an online chat with the registrar's tech help, according to a lawsuit filed by Baidu Support Related posts 1 Baidu sues registrar over DNS records hack 2 Baidu hacked by Iranian cyber army 3 Manchester, NH, Mayor s E-mail Account Breached http://www.secuobs.com/revue/news/195475.shtmlhttp://www.secuobs.com/revue/news/195475.shtml 2010-02-25 09:48:25 - Rootsecure.net : Net Security Hackers follow the money, IBM research shows http://www.secuobs.com/revue/news/195465.shtmlhttp://www.secuobs.com/revue/news/195465.shtml 2010-02-25 09:48:25 - Rootsecure.net : BBC News Latvian 'Robin Hood' hacker leaks bank details to TV http://www.secuobs.com/revue/news/195463.shtmlhttp://www.secuobs.com/revue/news/195463.shtml 2010-02-25 08:31:52 - Computer Security News : A Latvian computer hacker has been leaking secret bank details to a local TV station http://www.secuobs.com/revue/news/195410.shtmlhttp://www.secuobs.com/revue/news/195410.shtml 2010-02-25 07:45:36 - Packet Storm Security Headlines : http://www.secuobs.com/revue/news/195404.shtmlhttp://www.secuobs.com/revue/news/195404.shtml 2010-02-25 07:45:36 - Packet Storm Security Headlines : http://www.secuobs.com/revue/news/195402.shtmlhttp://www.secuobs.com/revue/news/195402.shtml 2010-02-25 07:45:36 - Packet Storm Security Headlines : http://www.secuobs.com/revue/news/195400.shtmlhttp://www.secuobs.com/revue/news/195400.shtml 2010-02-25 07:29:49 - News : Quick What's a hacker A pimply faced teenager in a dark bedroom trying to start World War Three, or a thirty-something professional with mad computer skills IMAGE http://www.secuobs.com/revue/news/195389.shtmlhttp://www.secuobs.com/revue/news/195389.shtml 2010-02-25 07:29:49 - News : A hacker who took down top Chinese search engine Baiducom last month broke into its account with a US domain name registrar by pretending to be from Baidu in an online chat with the registrar's tech help, according to a lawsuit filed by Baidu IMAGE http://www.secuobs.com/revue/news/195388.shtmlhttp://www.secuobs.com/revue/news/195388.shtml 2010-02-25 07:29:09 - Help Net Security News : Existing threats such as phishing and document format vulnerabilities have continued to expand, even as users improve security, according to a new IBM report The X-Force report reveals three main thr http://www.secuobs.com/revue/news/195384.shtmlhttp://www.secuobs.com/revue/news/195384.shtml 2010-02-25 03:47:40 - Terry Zink's Anti malware Blog : Joseph Menn has an article on CNNcom wherein the crux of the story is that US experts are closing in on the hackers that broke into Google last month It is believed by some that the Chinese government sponsored these hackers China, naturally, denied involvement My own take is that tools today are sophisticated enough such that you don t necessarily need state sponsorship in order to launch a cyber attack Here is an excerpt US analysts believe they have identified the Chinese author of the critical programming code used in the alleged state-sponsored hacking attacks on Google and other western companies, making it far harder for the Chinese government to deny involvement Their discovery came after another team of investigators tracked the launch of the spyware to computers inside two educational institutions in China, one of them with close ties to the military A freelance security consultant in his 30s wrote the part of the program that used a previously unknown security hole in the Internet Explorer web browser to break into computers and insert the spyware, a researcher working for the US government told the Financial Times Chinese officials had special access to the work of the author, who posted pieces of the program to a hacking forum and described it as something he was working on In other words, a hobbyist programmer with a lot of time on his hands, and a lot of knowledge in his head, was working on something where he was looking to break Microsoft s Internet Explorer web browser Continuing onward Beyond the immediate forensic inquiry, the work of US researchers sheds light on how cyber-operations are conducted in China The man who wrote code to take advantage of the browser flaw is not a full-time government worker, did not launch the attack, and in fact would prefer not be used in such offensive efforts, according to the US team that discovered his role This is similar to the Estonian cyber attacks in 2007 Back then, the Estonian government accused the Russian government of instigating the attacks, and the Russian government denied involvement As it turned out, an aide to a Russian state Duma representative did claim responsibility but specifically denied it as an act of the Russian government It appears that he was angry at the Estonian government for taking down a war monument and in response, launched a cyber riot Similarly in 2008, hackers launched a DOS attack on the Georgian government Like Estonia before it, this appears to have been a case of a group of nationalist people getting together, pooling their criminal resources and launching an attack at an enemy using cyber warfare In this case, the author of the code doesn t work for the Chinese government, and neither did the Estonian or Georgian attackers This code writer wouldn t even want his work to be used in cyber attacks, but that cat is out of the bag now Just like Alfred Nobel regretted his decision to invent dynamite, this guy can t take back what he was wrought If you are looking for security exploits in a browser to do nefarious things, someone can take your code and use it in ways that you didn t expect Continuing onwards If he wants to do the research he's good at, he has to toe the line now and again, the US analyst said He would rather not have uniformed guys looking over his shoulder, but there is no way anyone of his skill level can get away from that kind of thing The state has privileged access to these researchers' work It s unclear if the Chinese government was peering over his shoulder and stealing his code, or if someone in the middle stole it and delivered it to the Chinese government, or even if the Chinese government was even involved Continuing, we start to get some light shed on this situation A separate team of US contractors has traced the launch of the spyware to computers at Shanghai Jiaotong University and Lanxiang Vocational School, according to two people familiar with that inquiry Jiaotong University has one of the best security departments in the country, US analysts said, with former government cyber commanders in residence The state-run Xinhua news agency said officials at both schools denied involvement In theory, outsiders could have compromised both schools' machines before using them to collect data from the Western companies But US analysts said at least Jiaotong University's networks are closely monitored, making them an odd choice for an independent attacker seeking to avoid detection In addition, Our investigation shows the hosts that did the attacks were not compromised that we could tell , said an analyst involved in that probe In my experience, universities are breeding grounds for compromised servers Not a week goes by when we don t have at least one incident where somebody has been phished and then the account starts spewing out piles of outbound spam And this goes on all the time So, the fact that the spyware was launched from a university should come as no surprise If you ll allow me to craft a theory, it would go something like this Students like to play a lot of online role playing games like World of Warcraft One of the most common worms today is the Taterf worm, which steals passwords to MMORPG games like WoW This worm is spread via thumb drives and misconfigured network drives Perhaps some students in China were playing games, somebody spread around some malware inadvertently and installed a password stealer, or a code stealer The Chinese have lots of pirated software and don t have the best security practices China universities recipe for disaster Meanwhile, a security consultant read PhD student who knows tons and tons about security and was working on it for his thesis has caught the eye of the Chinese government, or someone else who wants to steal secrets from Google This grad student likes to relax and play video games every once in a while, and if you have ever been to China, you know that males between the ages of 18-29 are forever found in Internet cafes playing MMORPGs Maybe his network gets compromised, maybe his computer gets infected with malware, but somehow or another, his system gets hacked and his code is stolen Or maybe it isn t stolen Maybe he is experimenting one day and one of the side effects is that his worm gets out of control like a bad movie and steals Google credentials Or maybe he works for Baidu or perhaps they are funding his research and they steal the code and use it against Google Note the phrase that Jiaotong s network s are closely monitored and the hosts did not appear compromised That would indicate that whoever stole the information did so willingly and there was not malware installed on the networks It would have to be a deliberate act Or would it Many people who are infected wouldn t necessarily know it or recognize it The fact is we don t really know enough to determine if this was a conspiracy or not What it sounds like is that some guy wrote some software that exploits a security flaw and this was used by someone with malicious intent Was it the Chinese government Was it private enterprise Or was it some students using it to see if they could do it I don t know enough about the details of the case, but neither would surprise me IMAGE http://www.secuobs.com/revue/news/195359.shtmlhttp://www.secuobs.com/revue/news/195359.shtml 2010-02-24 22:09:59 - adafruit industries blog : On a roll MacGyver of the Day Instructables Christy Canida and Eric Wilhelm Makers Lifehacker http://www.secuobs.com/revue/news/195250.shtmlhttp://www.secuobs.com/revue/news/195250.shtml 2010-02-24 02:11:36 - Hack In The Box : Intel Corp was the target of cyber attacks in January, around the same time of the reported cyber attacks on Google Inc, the chip giant said in a regulatory filing Intel INTC 2040, 001, 006pourcents disclosed the incident in a Securities and Exchange Commission filing on Monday in which it listed cyber attacks as among the risk factors facing the semiconductor company These attempts, which might be the result of industrial or other espionage, or actions by hackers seeking to harm the company, its products, or end users, are sometimes successful, Intel said One recent and sophisticated incident occurred in January 2010 around the same time as the recently publicized security incident reported by Google, the company said http://www.secuobs.com/revue/news/194895.shtmlhttp://www.secuobs.com/revue/news/194895.shtml 2010-02-24 02:11:36 - Hack In The Box : In the name of improved security a hacker showed how a biometric passport issued in the name of long-dead rock 'n' roll king Elvis Presley could be cleared through an automated passport scanning system being tested at an international airport Using a doctored passport at a self-serve passport machine, the hacker was cleared for travel after just a few seconds and a picture of the King himself appeared on the monitor's display Adam Laurie and Jeroen Van Beek, who call themselves ethical hackers, say the exercise exposed how easy it is to fool a passport scanner with a fraudulent biometric chip The Presley test was carried out at Amsterdam's Schiphol airport in September 2008 -- by Laurie and Van Beek -- to highlight potential security shortcomings http://www.secuobs.com/revue/news/194890.shtmlhttp://www.secuobs.com/revue/news/194890.shtml 2010-02-23 21:16:14 - adafruit industries blog : B00m Phil has another post on Lifehacker with a favorite maker s he s profiling each day today MacGyver of the Day Mad Scientists Lenore Edman and Windell Oskay http://www.secuobs.com/revue/news/194801.shtmlhttp://www.secuobs.com/revue/news/194801.shtml 2010-02-23 19:53:20 - Rootsecure.net : CNN Hackers expose security flaws with 'Elvis Presley' passport http://www.secuobs.com/revue/news/194776.shtmlhttp://www.secuobs.com/revue/news/194776.shtml 2010-02-23 18:34:04 - Packet Storm Security Headlines : http://www.secuobs.com/revue/news/194737.shtmlhttp://www.secuobs.com/revue/news/194737.shtml 2010-02-23 16:18:05 - Infosecurity.US : According to published reports via the Financial Times, United States investigatory agencies have located the Peoples Republic of China Sponsored actor involved in the now infamous Google Inc NasdaqGS GOOG hack An excerpt appears after the page break From the Financial Times Joseph Menn US experts close in on Google hackers CDATA CDATA http://www.secuobs.com/revue/news/194652.shtmlhttp://www.secuobs.com/revue/news/194652.shtml 2010-02-23 11:47:53 - Roer.com Information Security blog : IMAGE US authorities have tracked down the man who wrote the code used in the hacker attack on Google He's a freelance security consultant in China, and his participation makes it even harder for the Chinese government to deny involvement The man's role was an oblique one while he wrote the code that took advantage of a security hole in Internet Explorer, he himself didn't do any actual hacking But according to the Financial Times, the Chinese government has special access to his work If he wants to do the research he's good at, he has to toe the line now and again, the US analyst said He would rather not have uniformed guys looking over his shoulder, but there is no way anyone of his skill level can get away from that kind of thing The state has privileged access to these researchers' work The research he's good at, apparently, being breaking into computers and inserting spyware on them Read more img dailyradarcom IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE http://www.secuobs.com/revue/news/194579.shtmlhttp://www.secuobs.com/revue/news/194579.shtml 2010-02-23 10:17:23 - Rootsecure.net : Wired US Pinpoints Coder Behind Google Attack US government analysts believe a Chinese man with government links wrote the key part of a spyware program used in hacker attacks on Google last year http://www.secuobs.com/revue/news/194555.shtmlhttp://www.secuobs.com/revue/news/194555.shtml 2010-02-22 22:00:16 - adafruit industries blog : Phil is writing up a maker-a-day over at Lifehacker, check it out Today s maker HAM radio enthusiast Diana Eng we posted about her last week, perfect timing http://www.secuobs.com/revue/news/194323.shtmlhttp://www.secuobs.com/revue/news/194323.shtml 2010-02-22 19:13:53 - Packet Storm Security Headlines : http://www.secuobs.com/revue/news/194255.shtmlhttp://www.secuobs.com/revue/news/194255.shtml 2010-02-22 12:24:56 - ISN InfoSec News Mailing List : InfoSec News Argentinian hackers plaster their country's flag over Falklands newspaper website as new conflict begins http wwwdailymailcouk news worldnews article-1252738 Argentinian-hackers-plaster-countrys-flag-Falklands-newspaper-website-new-conflict-beginshtml By David Gardner The Daily Mail 21st February 2010 Argentinian hackers drew first blood in the latest Falklands stand-off http://www.secuobs.com/revue/news/194085.shtmlhttp://www.secuobs.com/revue/news/194085.shtml 2010-02-22 09:16:57 - securitystream.info : Posted by InfoSec News on Feb 21 http wwwdailymailcouk news worldnews article-1252738 Argentinian-hackers-plaster-countrys-flag-Falklands-newspaper-website-new-conflict-beginshtml By David Gardner The Daily Mail 21st February 2010 Argentinian hackers drew first blood in the latest Falklands stand-off tonight by plastering the country's flag across the islands newspaper website The computer attack came as a British oil rig was set to begin searching for oil after Related posts 1 Britain s flagship Jewish newspaper s Web site attacked by Turkish-speaking hackers 2 Hackers Spread Virus Through Bogus Vaccine Website 3 Web attacks cripple Russia s biggest indie newspaper http://www.secuobs.com/revue/news/194056.shtmlhttp://www.secuobs.com/revue/news/194056.shtml 2010-02-22 09:16:57 - securitystream.info : Posted by InfoSec News on Feb 21 http wwwthemoscowtimescom news article hacker-arrested-in-billboard-porn-stunt 399895html By Alexandra Odynova The Moscow Times 17 February 2010 Police in the southern city of Novorossiisk have arrested a man accused of hacking into a video billboard in Moscow last month and showing a pornographic movie that spawned a traffic jam as curious drivers slowed to watch the film The suspected hacker, a 41-year-old unemployed man, was Related posts 1 Police nab porn hacker behind traffic mayhem 2 Hacker cuffed for Moscow big screen entertainment 3 First hacker trial powers up in Beijing http://www.secuobs.com/revue/news/194054.shtmlhttp://www.secuobs.com/revue/news/194054.shtml 2010-02-22 09:16:57 - securitystream.info : Posted by InfoSec News on Feb 21 http wwwwashingtonpostcom wp-dyn content article 2010 02 19 AR2010021902643html By Ellen Nakashima Washington Post Staff Writer February 20, 2010 Some of the computer codes used in the recent attacks on the networks of Google and dozens of other major US companies were developed by a diverse group of Chinese hackers, including security professionals, consultants and temporary contractors, according to an industry source The series Related posts 1 Google Hackers Targeted Source Code of More Than 30 Companies 2 Two Chinese Schools Said to Be Tied to Online Attacks 3 Chinese hackers blamed for cyber attack wave http://www.secuobs.com/revue/news/194052.shtmlhttp://www.secuobs.com/revue/news/194052.shtml 2010-02-22 06:55:26 - Computer Security News : A man walks past the company logo in front of the Google China headquarters building in Beijing on January 20, 2010 http://www.secuobs.com/revue/news/194036.shtmlhttp://www.secuobs.com/revue/news/194036.shtml 2010-02-22 03:30:12 - Hack In The Box : US analysts believe they have identified the Chinese author of the critical programming code used in the alleged state-sponsored hacking attacks on Google and other western companies, making it far harder for the Chinese government to deny involvement Their discovery came after another team of investigators tracked the launch of the spyware to computers inside two educational institutions in China, one of them with close ties to the military A freelance security consultant in his 30s wrote the part of the program that used a previously unknown security hole in the Internet Explorer web browser to break into computers and insert the spyware, a researcher working for the US government told the Financial Times Chinese officials had special access to the work of the author, who posted pieces of the program to a hacking forum and described it as something he was â working onâ http://www.secuobs.com/revue/news/194009.shtmlhttp://www.secuobs.com/revue/news/194009.shtml 2010-02-22 03:30:12 - Hack In The Box : Argentinian hackers drew first blood in the latest Falklands stand-off tonight by plastering the countryâ s flag across the islandsâ newspaper website The computer attack came as a British oil rig was set to begin searching for oil after arriving in the South Atlantic waters from Scotland The Argentine activists hacked into the English-language Penguin News to post a flag on the home page and an audio recording of the song â March of the Malvinas,â Argentinaâ s name for the Falklands The hackers posted the flag on the website of the Falklands newspaper Penguin News They also wrote â the islands are Argentineâ and claimed the move was a â tributeâ to the countryâ s soldiers who died during the Falklands War The material has now been removed http://www.secuobs.com/revue/news/194008.shtmlhttp://www.secuobs.com/revue/news/194008.shtml 2010-02-22 03:30:12 - Hack In The Box : A band of hackers who were recently discovered hoarding a trove of account logons pilfered from thousands of companies worldwide are garden-variety cyberthieves, security experts say The gang most likely began by hiring spam specialists to send out e- mail and social- networking posts to lure recipients into clicking on a tainted Web link, says Don Jackson, senior researcher at SecureWorks They then used a dated free version of a hacking tool called ZeuS and did nothing to hide their tracks, indicating that â they're probably amateurs, Jackson says That disclosure underscores how deeply cybercriminals -- from novices to elite gangs -- have now saturated the Internet with infections that allow them to take full control of Windows PCs Cybergangs slot newly infected PCs, called bots, into networks called botnets On any given day, 12pourcents to 15pourcents of the 16 billion computers connected to the Internet are bots, according to security firm Damballa http://www.secuobs.com/revue/news/194004.shtmlhttp://www.secuobs.com/revue/news/194004.shtml 2010-02-20 19:10:20 - Computer Security News : It seems that Apple has gone on a banning spree, cutting off access to the iTunes App Store to iPhone hackers http://www.secuobs.com/revue/news/193830.shtmlhttp://www.secuobs.com/revue/news/193830.shtml 2010-02-20 17:12:36 - usken.no VoIP news : Old news for us in the VoIP, but a reminder for you who think you can abuse VoIP systems and get away with it Dan York has a good overview of it on his blog Updating a story we have literally been following for years ever since it broke back in July 2006, the FBI recently issued http://www.secuobs.com/revue/news/193814.shtmlhttp://www.secuobs.com/revue/news/193814.shtml 2010-02-20 12:06:41 - securitystream.info : The hackers behind a breach of Google Inc Gmail accounts mounted similar attacks on Fortune 100 companies for at least the past year and a half, said a security expert who examined the incidents Related posts 1 The DoD s very cloudy thinking over Gmail 2 Security Bug Opens Google Buzz to Hackers 3 GMail Goes https-only By Default http://www.secuobs.com/revue/news/193779.shtmlhttp://www.secuobs.com/revue/news/193779.shtml 2010-02-20 10:50:31 - Computer Security News : The hackers behind a breach of Google Inc Gmail accounts mounted similar attacks on Fortune 100 companies for at least the past year and a half, said a security expert who examined the incidents http://www.secuobs.com/revue/news/193773.shtmlhttp://www.secuobs.com/revue/news/193773.shtml 2010-02-20 02:01:12 - Office of Inadequate Security : Helsinki police are investigating a computer system intrusion that gave hackers access to information about tens of thousands of different types of credit and bank cards So far, the information for only a few cards has been exploited by the criminals Altogether, the hackers accessed the numbers of over 100,000 payment cards from the poorly secured http://www.secuobs.com/revue/news/193724.shtmlhttp://www.secuobs.com/revue/news/193724.shtml 2010-02-19 12:25:24 - ISN InfoSec News Mailing List : InfoSec News Hackers, Troops Rejoice Pentagon Lifts Thumb-Drive Ban http wwwwiredcom dangerroom 2010 02 hackers-troops-rejoice-pentagon-lifts-thumb-drive-ban By Noah Shachtman Danger Room Wiredcom February 18, 2010 Soldiers, you are now cleared to use your thumb drives again US Strategic Command has lifted its ban on the tiny drives, memory sticks, http://www.secuobs.com/revue/news/193508.shtmlhttp://www.secuobs.com/revue/news/193508.shtml 2010-02-19 00:48:14 - Digital Forensics Magazine supporting the professional computer security industry : 13 years in prison cometh for the Iceman hacker A San Francisco man charged with hacking into financial institutions has been sentenced to 13 years in federal prison http://www.secuobs.com/revue/news/193341.shtmlhttp://www.secuobs.com/revue/news/193341.shtml 2010-02-18 21:51:08 - News : When a Russian hacker last month broke into a giant video advertising billboard located in Moscow to run a pornographic film on it, it caused some chaos in city traffic But Russian news sources Thursday report police in the southern city of Novorossiisk have arrested the suspected billboard hacker IMAGE http://www.secuobs.com/revue/news/193298.shtmlhttp://www.secuobs.com/revue/news/193298.shtml 2010-02-18 20:02:35 - Wired Danger Room : Soldiers, you are now cleared to use your thumb drives again US Strategic Command has lifted its ban on the tiny drives, memory sticks, CDs, and other removable flash media on military networks The repeal, first reported by InsideDefensecom, may be good news for troops, who depend on the drives to move data in bandwidth-starved locations http://www.secuobs.com/revue/news/193259.shtmlhttp://www.secuobs.com/revue/news/193259.shtml 2010-02-18 02:54:31 - Packet Storm Security Headlines : http://www.secuobs.com/revue/news/193011.shtmlhttp://www.secuobs.com/revue/news/193011.shtml 2010-02-18 02:54:31 - Packet Storm Security Headlines : http://www.secuobs.com/revue/news/193010.shtmlhttp://www.secuobs.com/revue/news/193010.shtml 2010-02-17 20:23:18 - Network World on Security : Apple has blocked two well-known iPhone hackers from accessing the iTunes app store http://www.secuobs.com/revue/news/192846.shtmlhttp://www.secuobs.com/revue/news/192846.shtml 2010-02-17 19:17:18 - Computer Security News : A man looks at his mobile phone during the Mobile World Congress in Barcelona on February 16, 2010 http://www.secuobs.com/revue/news/192828.shtmlhttp://www.secuobs.com/revue/news/192828.shtml 2010-02-17 14:44:33 - securitystream.info : Projected grumble flick on giant display Russian police have arrested the hacker who last month projected some adult entertainment on an enormous video screen in Moscow, giving locals around two minutes unexpurgated coverage of a white male and a black female having sex Related posts 1 Police nab porn hacker behind traffic mayhem 2 Prevx blames Microsoft for black hawk screen down 3 Latest MS Patches Causing Black Screen of Death http://www.secuobs.com/revue/news/192729.shtmlhttp://www.secuobs.com/revue/news/192729.shtml 2010-02-17 11:17:59 - Network World on Security : Hackers behind the rootkit responsible for crippling Windows machines after users installed a Microsoft security patch have updated their malware so that it no longer crashes systems, researchers said today http://www.secuobs.com/revue/news/192676.shtmlhttp://www.secuobs.com/revue/news/192676.shtml 2010-02-17 11:17:59 - Network World on Security : A curious thing happened recently to two prominent iPhone hackers Upon trying to log in to the iPhone's App Store, they get error messages saying their Apple ID was banned for security reasons http://www.secuobs.com/revue/news/192674.shtmlhttp://www.secuobs.com/revue/news/192674.shtml 2010-02-17 02:32:46 - News : A common Web programming error could give hackers a way to take over Google Buzz accounts, a security expert said Tuesday IMAGE http://www.secuobs.com/revue/news/192579.shtmlhttp://www.secuobs.com/revue/news/192579.shtml 2010-02-17 02:00:55 - Computer Security News : Russian police said on Tuesday they had arrested a prankster who hacked into a computer system to show a pornographic movie on a giant advertising screen, causing havoc on a busy Moscow thoroughfare http://www.secuobs.com/revue/news/192575.shtmlhttp://www.secuobs.com/revue/news/192575.shtml 2010-02-17 01:54:29 - Hack In The Box : An update released by Microsoft this month MS10-015 broke XP machines that were infected with the TDL3 rootkit also known as TDSS and Tidserv and many other names Well, a rootkit that causes crashes is bad for business, so the hackers had an update out in the matter of hoursOn last Tuesday Microsoft released a number of Windows updates, some of them critical because they fixed a 17 years old bug After some users updated their Windows operating systems, they got a scaring and really annoying blue screen of death Most of those users were angry with Microsoft, but the problem this time is not related to Microsoft Indeed a number of the users affected by this BSOD was infected by TDL3 TDSS rootkit More exactly, TDL3 rootkit looks incompatible with MS10-015 update This is the cause of the BSOD Problem resides in the lazyness of rootkit writers when writing the driver infection routine http://www.secuobs.com/revue/news/192573.shtmlhttp://www.secuobs.com/revue/news/192573.shtml 2010-02-16 23:39:15 - Rootsecure.net : Computer World Hackers at Pwn2Own to compete for 100K in prizes Contest targets to include iPhone, Droid and BlackBerry, IE, Firefox and Chrome http://www.secuobs.com/revue/news/192495.shtmlhttp://www.secuobs.com/revue/news/192495.shtml 2010-02-16 21:53:45 - Security Bloggers Network : An insurance firm in Michigan lost nearly 150,000 this month as a result of a single computer virus infection http://www.secuobs.com/revue/news/192443.shtmlhttp://www.secuobs.com/revue/news/192443.shtml 2010-02-16 20:58:42 - Computer Security News : A hacking contest next month will award cash prizes of 15,000 to anyone who can break into an iPhone, BlackBerry Bold, Droid or Nokia smartphone http://www.secuobs.com/revue/news/192421.shtmlhttp://www.secuobs.com/revue/news/192421.shtml 2010-02-16 20:52:38 - Rootsecure.net : The Register Apple bans iPhone hackers from App Store Apple has banned at least two prominent iPhone hackers from accessing its App Store http://www.secuobs.com/revue/news/192420.shtmlhttp://www.secuobs.com/revue/news/192420.shtml 2010-02-16 19:09:10 - threatpost The First Stop for Security News : In the wake of the attacks against Google, Adobe and other major high-tech companies, there was a lot of public shock and outrage that this kind of attack happened But it was really just a small part of what's been going on for years In a conversation with Dennis Fisher, Tom Kellermann of Core Security explains why the US government and private companies are so unprepared for these attacks Shorten URL http threatpostcom en_us 3vE Click to copy to clipboard or post to Twitter http://www.secuobs.com/revue/news/192386.shtmlhttp://www.secuobs.com/revue/news/192386.shtml 2010-02-16 19:01:25 - Packet Storm Security Headlines : http://www.secuobs.com/revue/news/192382.shtmlhttp://www.secuobs.com/revue/news/192382.shtml 2010-02-16 18:01:25 - threatpost The First Stop for Security News : The organizers of this year's CanSecWest Pwn2Own have painted a big bulls-eye on mobile devices, offering up an whopping 60,000 in prizes to entice hackers to exploit vulnerabilities on iPhones, Android, Nokia and BlackBerry smartphones Shorten URL http threatpostcom en_us 3vj Click to copy to clipboard or post to Twitter http://www.secuobs.com/revue/news/192362.shtmlhttp://www.secuobs.com/revue/news/192362.shtml 2010-02-16 18:01:25 - threatpost The First Stop for Security News : In a bid to demonstrate that the French Chatenay-Malabry laboratory made a mistake while analyzing his fateful urine sample that stripped him of his 2006 Tour de France win, Landis apparently commissioned a hacker to break into their computers and steal documents that would help his cause Read a security article HelpNet Security Read the original article San Diego Union-Tribune Shorten URL http threatpostcom en_us 3vK Click to copy to clipboard or post to Twitter http://www.secuobs.com/revue/news/192360.shtmlhttp://www.secuobs.com/revue/news/192360.shtml 2010-02-16 16:59:09 - threatpost The First Stop for Security News : Apple has banned at least two prominent iPhone hackers from accessing its App Store Read the full article The Register Shorten URL http threatpostcom en_us 3v1 Click to copy to clipboard or post to Twitter http://www.secuobs.com/revue/news/192343.shtmlhttp://www.secuobs.com/revue/news/192343.shtml 2010-02-16 15:27:07 - News : The hacking contest next month will award cash prizes of 15,000 to anyone who can break into an iPhone, BlackBerry Bold, Droid or Nokia smartphone IMAGE http://www.secuobs.com/revue/news/192304.shtmlhttp://www.secuobs.com/revue/news/192304.shtml 2010-02-16 15:00:07 - securitystream.info : And stay out Apple has banned at least two prominent iPhone hackers from accessing its App Store Related posts 1 Apple iPhone security, privacy claims exaggerated, researcher says 2 Apple patches critical flaws in iPhone, iPod Touch 3 Apple Plugs Critical iPhone Security Holes http://www.secuobs.com/revue/news/192296.shtmlhttp://www.secuobs.com/revue/news/192296.shtml 2010-02-16 13:24:08 - Musings of a CSM : No comment - http://www.secuobs.com/revue/news/192275.shtmlhttp://www.secuobs.com/revue/news/192275.shtml 2010-02-16 07:33:14 - Information Security Resources : By John-Patrick Skaar, Network Security Expert at Alcatel-Lucent Everyday the news bombards us with security issues of minor or major magnitude Currently, some of the hottest topics are the Chinese Google Hacking, Botnets, Online War between organized Crime Cartels, and Vigilante Hackers on a Jihad Crusade Applauding hacking vigilantes like The Jester is just another road to hell paved with good intentions http://www.secuobs.com/revue/news/192237.shtmlhttp://www.secuobs.com/revue/news/192237.shtml 2010-02-16 07:28:54 - Security Bloggers Network : It seems that Hackerspace Antwerp is taking on form We don't have a final name yet but we found a possible location to begin It needs some work but it has loads of possibilities Since my last post, we have a wiki and a mailinglist Weekly meetings are now on Wednesday to keep things going You'll find all the information on our wiki Feel free to join us next Wednesday to help clean our new space - Wiki http antwerphackerspacebe mw indexphp title Main_Page Mailinglist http discusshackerspacesbe listinfocgi antwerp-hackerspacesbe IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE IMAGE http://www.secuobs.com/revue/news/192234.shtmlhttp://www.secuobs.com/revue/news/192234.shtml 2010-02-16 01:07:03 - Hack In The Box : Readers of these posts are familiar with ATM skimming ATM skimming is a billion dollar problem and growing A relatively new scam over the past few years is electronic funds transfers at the point of sale EFTPOS skimming People commonly swipe both credit and debit cards through the in-store machines to pay for goods and services at these outlets In Australia, Fast-food, convenience and specialist clothing stores are bearing the brunt of the crime McDonaldâ s is among the outlets whose EFTPOS machines have been targeted Last year, legitimate EFTPOS devices at McDonaldâ s outlets across Perth Australia were replaced with compromised card-skimming versions, with 3500 customers cheated of 45 million They actually replaced the entire device you see at the counter when you order your Big Mac Officials say the problem is so bad they urged people to change credit and debit card pin numbers weekly to avoid the possibility of having their account balances wiped out, as it was likely more cases would be identified http://www.secuobs.com/revue/news/192143.shtmlhttp://www.secuobs.com/revue/news/192143.shtml 2010-02-16 01:07:03 - Hack In The Box : GEELONG police are investigating at least one report of cyber fraud a week as savvy hackers target email, Facebook and eBay accounts The cyber-crime statistics have come to light after a police probe into an online attack on Geelong businesswoman Katie Leishman Ms Leishman was forced to cancel her credit card and Pay Pal accounts after she logged on nine days ago to find she could not access her email or Facebook page The Essence Geelong Health and Welfare Centre owner had a personal Facebook profile attached to a business fan page and many clients contacted her for appointments through the site The hackers wrote obscene status updates and abused clients and friends using live chat and private messages They also changed privacy settings to make an ultrasound photo of her unborn child public http://www.secuobs.com/revue/news/192140.shtmlhttp://www.secuobs.com/revue/news/192140.shtml 2010-02-16 01:07:03 - Hack In The Box : In an attempt to stop hackers from exploiting their prized iPhone operating system, Apple has begun to ban well-known hackers of the iPhone from the iTunes App Store, according to Redmond Pieâ s Taimur Asad iPhone OS 313 exploiter Sherif Hashim recently found himself in a bit of a pickle, when he received a notification stating â This Apple ID has been disabled for security reasonsâ on his iPhone when attempting to access the App Store After posting about the incident on Twitter, another fellow iPhone hacker also noted that he too had been disabled from the App Store after contributing to an iPhone exploit Of course, the users will likely be able to sign up with another email address, so weâ re not exactly sure how this serves as a deterrent http://www.secuobs.com/revue/news/192139.shtmlhttp://www.secuobs.com/revue/news/192139.shtml