Top Stories for Today
[425] How to Design a Secure DMZ [405] German ID cards hacked by the CCC [357] Malware hosted on Google Code project site [258] Apple's elephant in the cloud [230] Russian cops cuff 10 ransomware Trojan suspects [230] Algerian Hackers Attack Wrong Website [217] How Google attacks changed the security game [201] Feds crack phone clone scam that cost Sprint $15m [197] PSJailbreak code leaked online [193] US undergrads crash NASA satellite into Arctic [193] How Your Cloud Dream Is Becoming a Security Nightmare [192] Heartland to pay Discover $5M for 2008 data breach [192] Apple's iOS 4.1 ships Sept. 8 [185] Malaysian National Institute of Public Administration suffers cyber attack [162] DARPA launches insider threat detection effort for military [144] China demands real names from mobile phone users [138] VMWare Sees Big Business In Becoming The Internet Operating System [131] Windows Phone 7: Done View the Top 50 articles
Top 20 of the Last 2 Weeks
|
German ID cards hacked by the CCC
Posted by l33tdawg on Thursday, September 02, 2010 - 02:30 AM (Reads: 405)
|
Source: The Local
The sensitive personal information found on the new German identification cards with data chips scheduled for nationwide introduction this November can be easily hacked, according to testing done by a TV news show.
Public broadcaster ARD’s show “Plusminus” teamed up with the hacker organisation the Chaos Computer Club to find out how secure the controversial new radio-frequency (RIHD) chips were.
Set to air Tuesday evening, the report shows how they used the basic new home scanning machines that will go along with the cards, and found that scammers would have few problems extracting personal information. This includes two fingerprint scans, which German citizens can opt out of, and a new six-digit PIN number meant to be used as a digital signature for official government business and beyond. The home scanners will be necessary for use with home computers to process the personal data for official business and possibly even online shopping.
[   ]
| |
Apple's elephant in the cloud
Posted by l33tdawg on Thursday, September 02, 2010 - 02:29 AM (Reads: 258)
|
Source: ZDNet (UK)
Apple has an obsession with elegance. Just look at the line-up at yesterday's annual orgy of consumer desire. A new iPod Nano that looks like a tiny, animated, touch-sensitive, acid-drenched postage stamp - without losing a microgram of cool. An iPod Touch that generates and displays video, plays games and audio, and runs a kazillion apps, all with fewer buttons than a Mark 1 Walkman. An Apple TV that hooks together HD movies, Internet still and moving pictures, hewn from a minimalist block of ebony-black plastic.
On this count, Apple still has it - and has it with enough insouciance to carry off a pricing structure only explicable if they have their flash memory hand-carved by octogenarian Japanese craftsmen using unicorn horn instead of silicon. Not to mention a dollar-to-pound conversion rate uncontaminated by actual forex.
Yet there's one place where the whole business falls down. iTunes, now in its tenth incarnation, is the prog rock wig-out at the techno rave. And like the LPs of some of the 70s more behemothian bands, each new version is more overblown than the last. If iTunes was a record, by now it would be a quad album in a gatefold sleeve, with lyrics written in faux runescript and a free Roger Dean poster showing space-going whales dancing a quadrille around Planet Pomp. It is the app that taste forgot.
[ ]
| |
Russian cops cuff 10 ransomware Trojan suspects
Posted by l33tdawg on Thursday, September 02, 2010 - 02:29 AM (Reads: 230)
|
Source: The Register (UK)
Russian police have arrested 10 suspected members of a ransomware gang who allegedly made millions via a locked computer malware scam.
PCs infected by the WinLock Trojan at the centre of the scam were rendered unusable because the malware disabled key Windows components. More embarrassingly pornographic images were displayed on compromised machines, IDG adds.
The crooks claimed the damage could only be undone by sending premium rate SMS messages at a cost of between 300 rubles ($9.72) and 1,000 rubles. Tens of thousands of victims, mostly in Russia, were hit by the scam, Host Exploit reports. Web users in Ukraine, Belarus and Moldova were also reportedly affected by the scam, which reportedly earned crooks as much as $16m in just one month.
[ ]
| |
How to Design a Secure DMZ
Posted by l33tdawg on Thursday, September 02, 2010 - 02:28 AM (Reads: 425)
|
Source: eWeek
We have come a long way when it comes to DMZs (demilitarized zones). It's no longer a question of if your organization needs a DMZ, but rather, it's now a question of how you should design one.
In computer security, a DMZ is a physical or logical subnetwork that contains and exposes an organization's external services to a larger, untrusted network—usually the Internet. The original DMZ designs included a simple network separated from the internal network, where everything that needed access to the Internet was placed.
Today, there are as many DMZ designs as there are vehicles on the road. You have industrial trucks designed to simply transport goods as cheaply as possible. You have economy cars designed to save money. And you have exquisite Italian sports cars that are sure to make your friends jealous (and fast enough that you always arrive with plenty of extra time for a nice cup of espresso). DMZ designs are a lot like cars: there are many varieties which go by a lot of different names but they all serve the same purpose.
[ ]
| |
Feds crack phone clone scam that cost Sprint $15m
Posted by l33tdawg on Thursday, September 02, 2010 - 02:27 AM (Reads: 201)
| |
Source: The Register (UK)
Federal prosecutors have uncovered a scam that used tens of thousands of cloned cellphones to defraud Sprint out of $15m in lost long distance revenue.
The operation dates back to at least the latter half of 2009, when cellular customers began complaining that they were billed for international calls they didn't make, according to court documents made public on Wednesday. When Sprint employees looked into the matter, they discovered that many of the calls were made from hundreds of miles away from where the customers lived and within minutes of other calls made from the customers' homes.
Eventually, the Sprint investigators discovered that electronic credentials belonging to “tens of thousands of its customers” were used to make international calls that would have cost $15m had they been billed at the going rate. What's more, many of the defrauded customers' online accounts were breached so that changes could be made to passwords, international calling features and other settings.
[ ]
| |
VMWare Sees Big Business In Becoming The Internet Operating System
Posted by l33tdawg on Thursday, September 02, 2010 - 02:26 AM (Reads: 138)
|
Source: Forbes.com
VMWare’s annual “VMWorld” conference is in full swing and on Tuesday the company announced vCloud Director, vShield Edge and four other new products. The products are an important development for virtualization despite sounding a little vSilly to non-IT professionals.
In case you don’t know your vSphere from a hole in the ground, here’s a quick summary of where VMware is today: the company has spent a decade evangelizing the value of virtualizing hardware resources to make them do more with less. The “cloud” proselytization efforts have been successful: People started deploying more virtual machines than physical ones starting last year, according to IDC, and VMware now claims 190,000 customers worldwide.
VMware’s flagship product is called vSphere and it can be thought of, more or less, like a Windows for the data center. On PCs operating systems like Windows play two roles: they offer an interface for the user to run applications and manage all the hardware (video cards, USB connections, etc.) via “device drivers” that speak their language.
[ ]
| |
How Your Cloud Dream Is Becoming a Security Nightmare
Posted by l33tdawg on Thursday, September 02, 2010 - 02:25 AM (Reads: 193)
| |
Source: NY Times
L33tdawg: Don't miss our special keynote panel on cloud computing security at HITBSecConf2010 - Malaysia featuring Mikko Hypponen, Dennis Maslennikov, Dr. Jose Nazario and Paul Ducklin.
After extracting a deal from Research In Motion that appears to give state authorities the ability to monitor messages sent over the company’s BlackBerry network — similar to a deal that RIM agreed to with the government of Saudi Arabia — the Indian government has suggested that it may go after both Google and Skype in an attempt to get similar kinds of security concessions.
India’s threat means that this is no longer just about Research In Motion and its specific network or security controls; it’s about gaining widespread and potentially unlimited access to a whole range of cloud-based services. In other words, it means that our growing use of the “cloud” — whether it’s web-based email or web-based voice calls such as those recently launched by Google, or mobile email and data from companies such as Research In Motion — is colliding headlong with the demands of foreign governments to control those services and applications, or at least their demands to monitor them whenever they wish.
[ ]
| |
China demands real names from mobile phone users
Posted by l33tdawg on Thursday, September 02, 2010 - 02:12 AM (Reads: 144)
| |
Source: IT World
China is now requiring people setting up new mobile phone accounts to register with their real identities as part of a new government measure to reduce anonymity among the country's 800 million mobile users.
All carriers are to adopt the real-name registration system starting this month, said China Telecom spokesman Xu Fei. Within three years, the carriers must also register the real identities of all existing users.
"The policy on existing users is not being carried out very forcefully," Xu said. "If existing users do not register their names, their service probably will not be discontinued." Street newsstands in China, where cell phone accounts were once conveniently sold, will also be prohibited from selling SIM cards, Xu added.
[ ]
| |
Windows Phone 7: Done
Posted by l33tdawg on Thursday, September 02, 2010 - 02:11 AM (Reads: 131)
|
Source: OS News
It's been only a mere six months since its first unveiling, but Microsoft has already announced that Windows Phone 7 has been released to manufacturing. This means device makers can start tuning the software to their hardware, leaving plenty of time to release devices before the holiday season.
The news was announced by Microsoft's Terry Myerson. "Windows Phone 7 is the most thoroughly tested mobile platform Microsoft has ever released,"he details, "We had nearly ten thousand devices running automated tests daily, over a half million hours of active self-hosting use, over three and a half million hours of stress test passes, and eight and a half million hours of fully automated test passes. We've had thousands of independent software vendors and early adopters testing our software and giving us great feedback. We are ready."
[ ]
| |
US undergrads crash NASA satellite into Arctic
Posted by l33tdawg on Thursday, September 02, 2010 - 02:11 AM (Reads: 193)
| |
Source: The Register (UK)
Undergraduate students in America managed to get control of the manoeuvring thrusters of an orbiting 2000-lb NASA satellite at the weekend, sending it plummeting into the Earth's atmosphere to rain burning fragments across the chilly seas north of Norway and Russia.
"They ran calculations to determine where the spacecraft was located," said Darrin Osborne, flight director for the now-destroyed Ice, Cloud and Land Elevation Satellite, or ICESat. "The students did this seven days a week."
Rather than a posse of delinquent space hacker youths pranging satellites for lolz, however, the undergraduates in question were actually supposed to be in charge of the ICESat. They had been given a go on the controls as part of the ongoing operations of the Laboratory for Atmospheric and Space Physics (LASP) at the University of Colorado. LASP operates various science satellites for NASA from its space command centre on campus in Boulder, Colorado.
[ ]
| |
Apple's iOS 4.1 ships Sept. 8
Posted by l33tdawg on Thursday, September 02, 2010 - 02:07 AM (Reads: 192)
| |
Source: Apple Insider
Apple announced Wednesday that iOS 4.1 will fix proximity sensor and Bluetooth issues, and will add a new feature allowing users to take high dynamic range photographs that produce stunning pictures. The new software will ship Wednesday, Sept. 8 for the iPhone and iPod touch [Updated with HDR photos and details].
Following Wednesday's keynote, the golden master of iOS 4.1 was issued to developers. The new iPod touch, which will be available next week, comes with iOS 4.1 and Game Center preinstalled.
Apple Chief Executive Steve Jobs announced that Bluetooth and proximity sensor issues that currently exist with the iPhone 4 will be addressed with next week's release of iOS 4.1. Such problems have persisted since the handset was first launched in June. "All the bugs that we get mails on," Jobs said. "We think we've nailed a lot of them, and we think you're going to be pretty happy with it."
[ ]
| |
Malaysian National Institute of Public Administration suffers cyber attack
Posted by l33tdawg on Thursday, September 02, 2010 - 02:05 AM (Reads: 185)
| |
Source: The Star (Malaysia)
The website of the National Institute of Public Administration (Intan) has suffered a cyber attack believed to be by Indonesian hackers.
The website is believed to have been inactive since Monday, 6.54pm as shown on its cached version when checked yesterday. It had also been violated with profanity.
A minute after the website was accessed, a green cursor trail will appear on the page stating that it had been “hacked by vires-kucrit”. This is followed by a pop-up referring to the National Day celebration albeit in obscene language. Calls for comments from the Intan public relations officer or its director Datuk Dr Muhamad Hamzah went unanswered.
[ ]
| |
Algerian Hackers Attack Wrong Website
Posted by l33tdawg on Thursday, September 02, 2010 - 02:03 AM (Reads: 230)
| |
Source: IT Pro Portal
A group of misinformed Algerian 'cyber-pirates' attacked the official website of the Belvoir Castle, mistaking it for the Belvoir Fortress in Israel. The pirate group, known as Dz-SeC, hijacked the website and displayed anti-Jewish slogans in Arabic on the homepage, along with a picture of the Algerian national flag.
The Belvoir Castle, which acted as a Royalist stronghold during the English Civil War, now plays host to the annual teddy bears’ picnic. The Belvoir Fortress on the other hand, was initially a Christian military stronghold used for fending-off attacks from Muslim forces on the city of Jerusalem.
However, the fortress fell under Muslim control, which they later had to relinquish following a brutal attack by Israeli forces. The hacker group claims that the attack on the website was due to Israel's presence and thanked other Algerian pirates for contributing to the attack.
[ ]
| |
How Google attacks changed the security game
Posted by l33tdawg on Thursday, September 02, 2010 - 02:03 AM (Reads: 217)
| |
Source: GCN
As worldwide chief technology officer for security company McAfee, George Kurtz took part in the investigation — called Operation Aurora — earlier this year of the attacks against Google and a number of other companies that apparently targeted high-value sensitive information. He said the attacks illustrate the threat from motivated, well-resourced hackers who use social engineering to compromise information technology systems.
“We certainly learned some valuable lessons from Operation Aurora, and what we see as the next frontier in attacking systems in corporations is the mobile devices that are in use today,” Kurtz said. “We’re going to see the next wave of malware and attacks target specific devices.”
[ ]
| |
PSJailbreak code leaked online
Posted by l33tdawg on Thursday, September 02, 2010 - 02:02 AM (Reads: 197)
|
Source: Neoseeker
Recently, Sony blocked the sale of a device called PSJailbreak that would have let anyone run homebrew apps and play backed-up or copied games from their PlayStation 3. Now the same code running the device has been leaked out to the internet, allowing anyone to break open their PS3 if they have the right hardware.
The ability to play copied games is locked away in the code but we all know how long that is going to last. Having the code out there also means those who were dinged by the removal of OtherOS should be able to reactivate it.
With the PlayStation 3 cracked open, Sony will now have work on closing up any exploits for it on top of their efforts with the PSP. They made a good effort keeping it secure all these years but you really can't stop hackers from getting through.
[ ]
| |
Malware hosted on Google Code project site
Posted by l33tdawg on Thursday, September 02, 2010 - 02:00 AM (Reads: 357)
|
Source: ZDNet
Malicious hackers are using the Google Code repository to host Trojans horses, backdoors and password stealing keyloggers, according to researchers at Zscaler.
The researchers found a malicious project hosted on the free Google Code site with about 50+ malware executables stored in the download section of the project.
According to Zscaler’s Umesh Wanve, most of the files are executable files along with zipped “.rar” files. "The time stamps show that the files have been uploaded over the course of the last month. This suggests that an attacker is actively using this free service to spread malware."
[ ]
| |
Heartland to pay Discover $5M for 2008 data breach
Posted by l33tdawg on Thursday, September 02, 2010 - 01:59 AM (Reads: 192)
| |
Source: Associated Press
Payments processor Heartland Payment Systems Inc. on Wednesday said it will pay $5 million to Discover Financial Services Co. to resolve issues between the companies related to a 2008 data breach.
Hackers installed spying software on Heartland's computer network in 2008, giving them access to data including account numbers, expiration dates and in some cases customer names on the systems that process Visa, MasterCard, American Express and Discover Card transactions. The company revealed the problem in January 2009.
Heartland said Wednesday the deal with Discover marks its final agreement with a card brand related to the incident. According to a recent regulatory filing, Heartland had previously reached breach-related settlements totaling $114.7 million. That included a $3.5 million payment to American Express, $59.3 million in payments to Visa and several banks, and $41.4 million to MasterCard Worldwide.
[ ]
| |
DARPA launches insider threat detection effort for military
Posted by l33tdawg on Thursday, September 02, 2010 - 01:58 AM (Reads: 162)
| |
Source: Computer World (NZ)
The Defense Advanced Projects Agency (DARPA) has launched a project for detecting and responding to insider threats on Department of Defense networks.
Under the Cyber Insider Threat (CINDER) Program, DARPA will explore new approaches for improving the speed and accuracy of insider threat detection. The agency last week sought proposals for ways to identity hostile insider activity by monitoring specific user and network behaviors.
In the initial stage of the project, the goal is not necessarily to develop new ways of detecting individual malicious insiders themselves. Instead, DARPA hopes to figure out the tell-tale signs and network activities that organizations should monitor to accurately detect malicious activity.
[ ]
| |
Fake TweetDeck update on Twitter leads to trojan
Posted by l33tdawg on Wednesday, September 01, 2010 - 03:22 AM (Reads: 582)
| |
Source: SC Magazine (US)
Attackers took to Twitter on Monday to spread malware via links pointing to what they claimed was an update to the popular microblogging client TweetDeck.
A number of updates were sent from hacked Twitter accounts urging users to download a file called "tweetdeck-08302010-update.exe."
The tweets began with phrases, such as “Hurry up for tweetdeck update!” or “Download TweetDeck udate ASAP!,” and included a URL beginning with http://alturl.com/.
The links, however, did not lead to a legitimate TweetDeck update, but instead brought users to a trojan, Graham Cluley, senior security researcher at Sophos, wrote in a blog post Tuesday. Some of the malicious tweets referenced the U.K.'s national Bank Holiday, which occured on Monday. The tweets read, “Critical tweetdeck update Bank Holiday” and “Update TweetDeck! Bank Holiday.”
[ ]
| |
Huge spamming botnet injured but still alive
Posted by l33tdawg on Wednesday, September 01, 2010 - 03:20 AM (Reads: 399)
|
Source: Computer World
A botnet responsible for a significant amount of spam has been crippled but may reconstitute itself in a matter of weeks, according to vendor M86 Security.
The Pushdo or Cutwail network of hacked computers ranked in the top five or so botnets for spam, responsible for as much as 10 percent of all spam, said Ed Rowley, product manager for M86 Security. The spam often advertises fake software, so-called designer goods and questionable pharmaceutical products.
But security analysts with the computer security company LastLine took action last week, contacting ISPs that were hosting the command-and-control infrastructure for the botnet. About 30 servers at eight hosting providers were found to be supporting Pushdo. LastLine contacted the ISPs, and about 20 of the servers were taken offline, according to itsblog. Some ISPs, however, were unresponsive.
[ ]
| |
|
Last 15 Postings to HITB Forum
Topics
· All topics
· AMD News (Aug 10, 2010)
· Apple News (Sep 02, 2010)
· Articles (Mar 03, 2009)
· Ask Us (Feb 01, 2003)
· Audio/Video (Sep 01, 2010)
· Encryption (Aug 30, 2010)
· Games (Aug 27, 2010)
· Hardware (Sep 01, 2010)
· HITB News (Aug 19, 2010)
· Industry News (Sep 02, 2010)
· Intel News (Aug 31, 2010)
· Law and Order (Sep 02, 2010)
· Linux (Aug 30, 2010)
· Microsoft (Sep 02, 2010)
· Networking (Sep 01, 2010)
· PDAs (Feb 09, 2007)
· Privacy (Sep 02, 2010)
· Red Hat (Mar 30, 2010)
· Science (Aug 30, 2010)
· Security (Sep 02, 2010)
· Software & Programming (Sep 02, 2010)
· Spam (Sep 01, 2010)
· Technology (Aug 30, 2010)
· Transmeta (Jul 07, 2007)
· Viruses & Malware (Sep 02, 2010)
· Wireless (Aug 26, 2010)
Packet Storm Security Latest
· nullconGoa2011-CFP.txtThe Call For Papers for nullcon Dwitiya 2.0 is now open. It takes place February 25th through the 26th, 2011 in Goa, India.
· amirocmsfaq-xss.txtAmiro.CMS version 5.8.4.0 suffers from a stored cross site scripting vulnerability.
· advanced-xss.pdfWhitepaper called Advanced XSS. Written in Arabic.
· moaub01-cpanel.pdfMonth Of Abysssec Undisclosed Bugs - Cpanel suffers from a PHP restriction bypass vulnerability. Versions 11.25 and below are affected.
· moaub01-adobe.pdfMonth Of Abysssec Undisclosed Bugs - Adobe Acrobat Reader and Flash Player suffer from a newclass invalid pointer vulnerability.
· MDVSA-2010-168.txtMandriva Linux Security Advisory 2010-168 - Double free vulnerability in the ssl3_get_key_exchange function in the OpenSSL client in OpenSSL 1.0.0a, 0.9.8, 0.9.7, and possibly other versions, when using ECDH, allows context-dependent attackers to cause a denial of service and possibly execute some sources refer to this as a use-after-free issue. The updated packages have been patched to correct this issue.
· ZSL-2010-4961.txtLEADTOOLS version 16.5.0.2 suffers from buffer overflow, integer overflow and denial of service vulnerabilities related to Active-X Common Dialogs.
· cpanelcp-xss.txtcPanel Customer Portal suffers from a cross site scripting vulnerability.
Follow us
Join our Facebook Group 
Follow us on Twitter 
Follow our RSS feed 
|
Re: Permission problems for cmd commands in LAN