No More Free Music...Yeah Right!!!

October 2007

British, Dutch police close pirate site. British and Dutch police shut down what they say is one the world’s biggest online sources of pirated music Tuesday and arrested the Web site’s 24-year-old suspected operator. The invitation-only OiNK Web site specialized in distributing albums leaked before their official release by record companies, the International Federation of the Phonographic Industry said. Many among OiNK’s estimated 180,000 members paid donations “to upload or download albums, often weeks before their release, and within hours albums would be distributed through public forums and blogs across the Internet.” Users were invited to the site if they could prove they had music to share, the IFPI said. The IFPI said more than 60 major albums were leaked on OiNK so far this year, making it the primary source worldwide for illegal prerelease music. Prerelease piracy is considered particularly damaging to music sales as it leads to early mixes and unfinished versions of artists’ recordings circulating on the Internet months before the release. Police in Cleveland, in northeast England, said they were tracing the money generated through the Web site, expected to amount to hundreds of thousands of dollars. The arrest of a 24-year-old IT worker at a house in Middlesbrough, northeast England, followed a two-year investigation by Dutch and British police and raids coordinated by Interpol. Cleveland police said the man, whose name was not released, was arrested on suspicion of conspiracy to defraud and infringement of copyright law. OiNK’s servers, in Amsterdam, were shut down by Dutch police, the IFPI said.

50 / 50 Chance...

October 2007

ID thieves have a 50-50 chance of going to prison. If you are a convicted identity thief, you have about a 50 percent chance of avoiding jail. That is one of the findings of a new study of closed U.S. Secret Service case files, released Monday by Utica College's Center for Identity Management and Information Protection. This is the first time researchers have been allowed to sift through the Secret Service’s data. The study's authors based their findings on an analysis of 500 closed Secret Service cases. “Prosecutors had a slightly better chance of sending a convicted identity thief to prison than not (51 percent) and could expect to see the imprisoned offender sentenced to three years or less of incarceration,” the report said. The college has been working with a number of partners, including the Secret Service, IBM, and the Federal Bureau of Investigation, since the Center's creation in mid-2006 to study the methods used by ID thieves and to help corporations and law enforcement prevent this type of crime. Technology like printers, mobile phones, and computers were used in about half of the cases, but the Internet was the exclusive tool of ID thieves only about 10 percent of the time. The median loss from identity theft was just over $31,000, but in one case, investigated by the Secret Service's Dallas field office, the defendant spent millions on luxury vehicles and then managed to set up shell companies and defraud investors. Losses totaled $13 million. “In general,” however, “the more offenders involved in the case, the higher the victim loss,” the study stated. According to Javelin Strategy & Research, identity theft cost U.S. businesses and consumers an estimated $49.3 billion in 2006.

International Hackers...&

October 2007

International hackers going after U.S. networks. About 140 foreign intelligence organizations are trying to hack into the computer networks of the U.S. government and U.S. companies, a top counterintelligence official said. The national counterintelligence executive told CNN it is not accurate to blame only the Chinese government for recent penetrations of government computer systems. Because it is easy for hackers to disguise where an attack originates, he said, the best course of action is to tighten up one’s own networks rather than to place blame. The nation’s electronic systems are too easy to hack, and the number of world-class hackers is “multiplying at bewildering speed,” he said. That, he said, has transformed the nature of counterintelligence: “If you can exfiltrate massive amounts of information electronically from the comfort of your own office on another continent, why incur the expense and risk of running a traditional espionage operation?” He also warned that hackers could create chaos by manipulating information in electronic systems the government, military and private industry rely on. “Our water and sewer systems, electricity grids, financial markets, payroll systems, air and ground traffic control systems ... are all electronically controlled, electronically dependent, and subject to sophisticated attacks by both state-sponsored and freelance terrorists,” he said. The government must develop a better system for warning the private sector and universities about attacks, he said, and some laws might need to change: “We’ve got to rethink the adequacy of our legal authorities to deal with the cyber thieves and the vandals who I call the Barbary pirates of the 21st century.”

Exploit RealPlayer

October 2007

Attacks exploiting RealPlayer zero day in progress. Attackers are exploiting a zero-day vulnerability in RealPlayer in order to infect Windows machines running Internet Explorer, Symantec Corp. said late Thursday. The security company issued an alert that rated the threat with its highest possible score. According to a warning issued to customers of its DeepSight threat network, Symantec said an ActiveX control installed by RealNetworks Inc.’s RealPlayer program is flawed. When combined with Microsoft Corp.’s Internet Explorer (IE) browser -- which relies on ActiveX controls to extend its functionality -- the bug can be exploited and malicious code downloaded to any PC that wanders to a specially crafted site. Only systems on which both RealPlayer and IE have been installed are vulnerable. Symantec also referenced a blog that had posted some information about the RealPlayer vulnerability Wednesday morning. The blogger, identified only as Roger, claimed that the NASA space agency has warned workers not to use IE because of an unspecified problem with RealPlayer. Roger quoted from what he claimed was a NASA bulletin. “The malware appears to be spreading through a large variety of common and highly-respected Internet sites,” the NASA warning reportedly said. “However it does not appear these sites are themselves infected. The affected sites are serving solely as a mechanism to attract potential victims.” NASA’s public affairs team at the Ames Research Center in northern California was not available for comment Thursday night.

Code Green!!! Code Green!!!

October 2007

Code Green brings data loss prevention to SMBs. A new Data Loss Prevention (DLP) appliance has been launched by Code Green Networks Inc. of Santa Clara, California. The new CI-750 appliance enables small offices with 50-250 users and distributed enterprises to protect sensitive data leaving the organization. The company’s founder says small businesses face identical challenges as larger organizations in terms of protecting confidential data and safeguarding intellectual property - including having to comply with the same federal and state regulations and guidelines as organizations with more resources at their disposal. This is especially true with new guidelines set forth by the Federal Trade Commission (FTC) for protecting personal information, and recent amendments to the Federal Rules of Civil Procedure (FRCP) regarding the protection of electronic communications for e-Discovery purposes. However, unlike their large enterprise counterparts, small businesses typically do not have in-house security experts or compliance officers advising them on what they should be doing to secure their data. As a result, they are not quite in step with their larger industry counterparts when it comes to deploying technology and instituting and enforcing data protection policies. The appliance costs $10,000, which the company’s owner says is a price point intended for small businesses.

Hacker Break eBay...

October 2007

A malicious hacker broke into an eBay Inc. server on Friday and temporarily suspended the accounts of a “very small” number of members, the company said. “We were able to block the fraudster quickly before any permanent damage had been done. At no point did the fraudster get any access to financial information or other sensitive information,” an eBay spokeswoman said. EBay has “secured and restored” the affected accounts and is calling the affected users, she said, without specifying how many accounts the hacker accessed and tinkered with. The perpetrator of that confidential data disclosure posted the names and contact information of 1,200 eBay members on the company’s Trust & Safety discussion forum, along with credit card numbers that were later determined to be invalid. EBay eventually concluded that the attacker obtained the information via a phishing scheme, tricking individual members into disclosing the data. Friday’s hack has quite a few eBay members rattled, judging by a long discussion forum thread about the incident. In that thread, some affected eBay members report receiving e-mails from a hacker identified as Vladuz saying that he had targeted them for posting forum comments that were critical of him. Vladuz has in the past reportedly stolen login information that has allowed him to post messages to eBay discussion forums as if he were an eBay employee.

The Feds Pulled the Plug...

October 2007

The Federal government pulled the plug on the ca.gov Web domain used by the State of California on Tuesday, setting into motion a chain of events that threatened to grind government business to a standstill within the state. State IT staffers were able to fix the problem within a few hours, narrowly averting disaster, but the situation shed light on what observers are calling a shocking weakness in the state's IT infrastructure.

Could Adobe be vulnerable???

October 2007


Adobe Systems Inc.’s moves to support rich Internet applications are exposing the software vendor – and its developers and users – to the threat of more Web-based malware and efforts to take advantage of security holes in its products. For instance, a British security researcher claimed last month that an unpatched vulnerability in Adobe’s Portable Document Format (PDF) technology could be exploited to take control of systems running Windows XP; at the time, Adobe said it was researching the reported flaw. In January, Adobe issued a patch to fix a vulnerability in its PDF-based Adobe Reader and Acrobat software that left systems open to cross-site scripting attacks. There are also potential vulnerabilities lurking in Adobe’s newer, less mature technologies, such as its still-in-beta Adobe Integrated Runtime (AIR) software. The AIR framework enables Web applications built with HTML or AJAX to run offline. The problem is that doing so exposes users of AIR-based applications to many of the same security issues that other users face, if not more of them, according to an analyst at ZapThink LLC. “The current generation of spyware, virus and malware [detection] products have no visibility into running AIR programs,” he wrote in an e-mail. “As such, there is a high possibility for malicious AIR applications to spread into the wild.”

Bad Links Ballons...

October 2007

In a report published today, U.K.-based MessageLabs Ltd. said that 35 percent of the e-mail threats it now detects use embedded links to infect computers instead of the more traditional file attachments. In the March-June time frame, that figure was 20.2 percent, said the company. And in the opening quarter of 2007, a mere 3.3 percent of the intercepted threats carried links. The links, said a MessageLabs senior security analyst, lead unwary users directly to malware downloads or, increasingly, to purposefully-crafted sites that support maliciousjava_script code. “The volume of attacks using attachments has diminished over the last 18 months, while the number using links has shown a massive increase,” he said. MessageLabs’ data corroborates recent analyses by other security vendors, which have all noted the rapid increase in Web-based attacks – often from legitimate sites that have been compromised by criminals. Such trusted sites make perfect lures for drawing in users, whose browsers are then typically attacked through one or more unpatched vulnerabilities, allowing rogue code – often spyware or a Trojan horse that hijacks the PC to add it to a growing botnet – to be installed. “The bad guys know that most people have learned not to open attachments,” said the MessageLabs specialist. “E-mail is still the preferred attacker vehicle for getting their ‘message’ across, but now they're using links. They know people still follow links.”

Web2.0 Endangers Corporate Secuirty...

October 2007


With the Web becoming central to the way companies do business, cybercriminals are taking increasing advantage of Web 2.0 and social networking sites to launch attacks, said an International Data Corporation analyst at Kaspersky Lab Inc.’s Surviving CyberCrime conference in Waltham, Massachusetts on Tuesday. With the increased blending of people’s private lives with their corporate lives, employees’ personal lives become intermingled with the interactions they have at work with customers, fellow employees, partners and suppliers, he said. “So that creates a perforated perimeter where there isn’t a hard, fast separation between the corporate world and the personal world,” he said. The problem is that employees do not always follow their companies’ security policies – probably because they do not know what those policies are, just as they do not know what their companies’ acceptable use policies are. The latest threats to network security are now coming from collaborative and Web 2.0 environments, he said, where employees casually click on links that could lead them to malware. And they are coming from the wide variety of devices that may be accessing private as well as corporate networks, he said. “We’re seeing a change in the threat environment,” he said. “Instead of malicious code being distributed as e-mail attachments, we’re seeing more and more that they’re being embedded in Web 2.0 links.”

SUPERWORM

October 2007

An article in Computerworld theorizes that the creators of Storm Worm are preparing for phase two of their plan. Currently, Storm worm is not doing much, the article says, except gathering strength by continuing to infect Windows machines. The worm, which has been the most successful of a new breed of worm written by hackers seeking profit not fame, is currently unstoppable. “Storm has been around for almost a year, and the antivirus companies are pretty much powerless to do anything about it.” It is unknown what impact the worm has had and will have, since symptoms of infection do not appear quickly and infected computers can sit dormant for a long time.

Common Ground Collective: Solidarity Not Charity

October 2007

Common Ground's mission is to provide short term relief for victims of hurricane disasters in the gulf coast region, and long term support in rebuilding the communities affected in the New Orleans area. Common Ground is a community-initiated volunteer organization offering assistance, mutual aid and support. The work gives hope to communities by working with them, providing for their immediate needs and emphasizes people working together to rebuild their lives in sustainable ways.

Common Ground Community Adoption Program
Because of systematic political and economic neglect as well as the threat of rampant disenfranchisement, New Orleans’ working class and poor communities are in dire need of immediate support in their rebuilding efforts.


Efficient Microorganisms: Instead of Bleach
Efficient Microbes (EM), a non-toxic solution of beneficial microorganisms has been donated to Common Ground. Find out how it is being used to effectively remove mold from homes


Volunteers from Common Ground Relief joined tens of thousands of protesters in Jena, Louisiana to stand in solidarity with the families who have suffered a great injustice. Camping out in the backyard of one of the families the night before, volunteers marched from the starting point nearly three miles to the LaSalle parish courthouse, then back again to the park for a benefit concert. Working as a "relief" organization in New Orleans, it may not seem immediately apparent why Common Ground has been involved with the Jena 6 since mid July, long before it became an case of national significance. As the saying goes, "a threat to justice anywhere is a threat to justice anywhere." As Common Ground Relief works with the people of New Orleans to rebuild a just and sustainable city, we believe that the institutions and mindsets of racism that made the storm so catastrophic for poor, black people here, are the same structures at work in Jena: a criminal justice system that is disproportionately punitive to black men.

Retailers, creditors clash on security

October 2007Retailers and the credit card industry are at odds as they try to restore consumer confidence after recent massive thefts of credit card information. The National Retail Federation on Thursday urged a card industry organization to stop requiring retailers to keep customers’ card numbers for up to 18 months. The stored data helps track product returns and disputed or suspicious transactions. But retailers say the data would be more secure if only credit card companies and banks that issue the cards stored it. The biggest recent retail data breach involved TJX Cos., the Framingham, Mass.-based discount retailer, which said early this year that information from at least 45 million customer credit and debit cards had been exposed to potential fraud. Last month, Canadian investigators concluded TJX had kept data with insufficient encryption — and for years after it should have been purged. Less than half the nation’s biggest merchants appear to be complying with card industry security standards — which include encryption and other safeguards — despite a Sept. 30 deadline set by Visa USA, which plans to levy monthly fines up to $25,000 against merchant banks that noncompliant retailers rely on. The retail federation said U.S. retailers are increasingly at odds with the card industry over the security standards, known as PCI. Despite spending $1 billion on meeting the standards the past three years, their attempts to comply “are not enough to accomplish the ultimate goal of protecting the consumer,” the letter read. “Data breaches have continued to occur at an unacceptable rate.”

Security vendors bring zombie fighters to life

October 2007

Data leakage prevention might currently be the hottest IT security submarket, but vendors are also tuning up their product offerings to help customers ward off the presence of botnet-infected zombie computers. As botnet operators continue to advance the sophistication of their attacks and the manner in which they use and manipulate their armies of infected devices, businesses are asking technology providers for new defense mechanisms, vendors claim, with both anti-virus market leader Symantec and network security specialist Arbor Networks introducing new products to address the problem this week. According to Symantec’s most recent Internet Security Threat Report, published in September, the company’s sensors detected more than 5 million distinct botnet-infected computers during the first six months of 2007, which represents roughly a 7 percent increase when compared to the same period last year. Heightening the issue is the speed at which botnet operators are changing the locations of their command and control centers, which act as the brains of the distributed zombie computer systems. The average command and control center stays up and running for only four days at a time at this point, according to Symantec’s latest research. Arbor, which markets technologies used by enterprises, ISPs, and other carriers to monitor for attacks in the traffic flowing over large networks, launched an updated version of its PeakFlow SP platform, which includes new capabilities for sniffing out botnets. Among the upgrades to the package that will help its customers separate zombie activity from legitimate traffic are new capabilities that give network operators the ability to see what type of applications are responsible for individual packets of data, company officials said.

Bad things lurking on government sites

October 2007

The U.S. federal government took steps earlier this week to shut down Web sites in California in order to protect the public from hacked Web sites, but new incidents show that the problem is not going away any time soon. On Thursday, compromised pages hosted by the Brookhaven National Laboratory and the Superior Court of Madera County, California, were still hosting inappropriate content. Brookhaven had links that redirected visitors to pornographic Web servers, and the Madera County court site featured ads for pornography and Viagra. Brookhaven is a U.S. Department of Energy lab that specializes in nuclear and high-energy research. The security of U.S. government Web sites has been front-page news in California this week after the U.S. General Services Administration, which administers the .gov top-level domain, temporarily removed California's state servers from the Internet's Domain Name System (DNS) infrastructure, apparently because of a security problem on the Web site of a small state agency, the Transportation Authority of Marin. Security researchers have called for better awareness and responsiveness for website administrators – especially in the .gov and .edu domains – because of the constant danger those sites face by hackers. Even when outside researchers discover flaws, they have a very difficult time contacting Web site administrators to report the problem, one researcher said. “Everyone has really got to do a better job on securing the Internet. You can’t just put a Web server out there and forget about it any more,” he added.

Hit-man threat

October 2007

An Ocean County, New Jersey resident reported an email from a so-called Eddy saying “I know that this may sound very surprising to you but it’s the situation. I have been paid some ransom in advance to terminate you with some reasons listed to me by my employer.” The sender, then, demanded $8,000 in exchange for sparing his life. The email also warned the recipient not to contact any friends or relatives about the message because they might be involved in the murder plot. However, after conducting some research on the internet, the man discovered that a similar email scam had been running in Arizona. The F.B.I. received 115 reports of similar emails in less than one month last winter from around the country claiming amounts of money up to $80,000.