UFO Hack...

August 2008

UFO hack looked like terrorist attack. After the computer network at the Naval Weapons Station Earle in New Jersey was breached and crashed just a few weeks after the terrorist attacks of September 11, 2001, investigators thought it might be part of a larger al-Qaeda plot against the U.S. Investigators worked around the clock to figure out who had been in and out of the system that runs the weapons station for about five months, stealing passwords, installing remote access software, deleting data, and ultimately shutting down the network of 300 computers for an entire week. That weeklong shutdown meant that for that period of time – in the aftermath of attacks on the U.S. – the station could not replenish munitions and supplies to the Atlantic fleet. After throwing critical resources at the probe when the government was already investigating not only the 9/11 attacks but the anthrax killings, investigators did not track the breach to al-Qaeda. They tracked it to an unemployed system administrator in the U.K., who was subsequently charged with hacking into 92 computer systems at the U.S. Army, the U.S. Air Force, the Department of Defense, and NASA. His last appeal against extradition to the U.S. has now been dismissed by a British court.

DefCon Hackers...

August 2008

Hackers mull physical attacks on a networked world. Hackers at the DefCon conference demonstrated novel techniques for infiltrating facilities. For example, a hacker could ship a hacked iPhone to a nonexistent employee and hope the device sits in the mailroom, scanning for nearby wireless connections in order to break into a computer network in an ultra-secure building. Their talks served as a reminder of the danger of physical attacks as a way to breach hard-to-crack computer networks. As technology gets cheaper and more powerful, from cell phones that act as personal computers to minuscule digital bugging devices, it is enabling a new wave of clever attacks that, if pulled off properly, can be as effective and less risky for thieves than traditional computer-intrusion tactics.

Hack the Olympics??? NAh...

August 2008

Hackers leverage Olympics in new attacks. Internet and computer security firms report that the Summer Olympics have presented cyber criminals with an opportunity to leverage public interest in the games to launch new attacks. Olympic themed junk emails spiked before the games’ opening ceremony, with hackers sending malicious messages aiming to trick unsuspecting recipients into opening booby-trapped attachments or to visit phony Web sites. Some of the messages were disguised as fake award notifications, telling users that they had won an Olympic lottery and needed to respond to claim their prize.

Russia vs. Georgia...

August 2008

Cyberattacks knock out Georgia’s Internet presence. Hackers, perhaps affiliated with a well-known Russian criminal network, have attacked and hijacked Web sites belonging to Georgia, the former Soviet republic now in the fourth day of war with Russia, a security researcher claimed on Sunday. Some Georgian government and commercial sites are unavailable, while others may have been hijacked, said a researcher who tracks the notorious Russian Business Network (RBN), a malware and criminal hosting network. “Many of Georgia’s Internet servers were under external control from late Thursday,” he said early Saturday in an entry on his Web site. According to his research, the government’s sites dedicated to the Ministry of Foreign Affairs, the Ministry of Defense, and the country’s president have been blocked completely, or traffic to and from those sites’ servers have been redirected to servers actually located in Russia and Turkey. Statements from Georgia’s foreign ministry have appeared in a blog hosted on Google, perhaps in an attempt to circumvent attacks.

Malware Under the Radar

August 2008

Majority of malware attacks go undetected. Most malicious internet attacks go undetected by anti-virus software, according to a report released Monday by Cyveillance, a digital intelligence company. Data collected from several top anti-virus vendors during a 30-day period showed that more than half of the malware attacks went undetected. In addition, the Cyveillance 1H Online Fraud Report stated that malware attacks delivered via the web have more than doubled in frequency compared to the same period during the previous year. Essentially, new malware threats are developed quicker than the anti-virus companies can develop fixes, the director of product management at Cyveillance told SCMagazineUS.com on Monday. The most important change going on is the division of labor in the attacker underground, which is causing fast-changing malware, he said. “Today the threat environment has transformed to a more complex supply chain where players are highly specialized and consequently more productive,” he said. “Vulnerabilities are sold to ‘software developers’ who create packaged malware generation software that can then be used by multiple types of attackers and are capable of generating multiple unique targeted attacks and are continuously updated with new exploits.”

Pantom Moose Films: iDVD Tricks

August 2008

With Leopard and the new iLife 08 package, many of you may want to go back to the older version on iMovie and iDVD. Here is a family of filmmakers that have some great tips and tricks for editing and creating easter eggs and custom menus.
Thanks Rebekah, Jordan, and Ruth keep up all the great films and camps.

DNS Reports on Black Hat

August 2008

Black Hat: DNS flaw much worse than previously reported. The security researcher who discovered a major flaw with the internet’s DNS system finally revealed the full details of his reported DNS flaw. It turns out it is much worse than previously understood. “Every network is at risk,” he said at the Black Hat conference here Wednesday. “That’s what this flaw has shown.” he disclosed the security vulnerability in the Domain Name System on July 13 but promised to withhold details of the bug for one month to give DNS server owners a chance to patch their systems. But a week ago, some of the details leaked after security firm Matasano inadvertently posted information about it online. In addition to browsers, attackers could target numerous other applications, protocols and services, such as the File Transfer Protocol (FTP), mail servers, spam filters, Telnet, and the Secure Socket Layer that’s supposed to make online banking save from eavesdroppers. Another serious vulnerability involves sites that provide the ubiquitous “Forgot your password?” link for users who find themselves locked out of their accounts. He also showed how the DNS flaw could be exploited to provide hackers with a backdoor or “skeleton key” to the web accounts. He worked with major sites such as Google, Yahoo, PayPal, eBay, MySpace, Facebook, LinkedIn, and others to fix the issue before he disclosed information about that attack scenario today. He said that more than 120 million broadband consumers are now protected by patched DNS servers, which amounts to about 42 percent of broadband internet users. Seventy percent of Fortune 500 companies have also patched, while 15 percent have tried to patch but run up against problems. Another 15 percent have done nothing to fix the hole.

Facebook Photo Theft

August 2008

Researcher reveals Twitter ‘follow’ bug. Attackers can exploit a bug in Twitter to force victims to follow the hacker’s account, a security researcher said Thursday. According to one researcher, the Twitter vulnerability could expose users to malware-hosting Web sites. “It can force people to follow you, which means all your twits will be showed in their Twitter home page -- including potentially malicious links,” he said. An attacker can currently leverage the bug by tricking users into clicking on a link on a malicious or hacked Web site. From that point, the victim’s Twitter account is automatically set to follow the attacker’s. On Twitter, “following” another means receiving all updates, or “tweets,” sent by the other user. Those tweets are collected and displayed on the following user’s Twitter home page, or on their phone or in their instant messaging client. This Twitter bug is the newer of a pair that the researcher has found on the service. Last week, he reported another vulnerability that allowed spammers and phishers to send e-mails that included links to malicious sites to other Twitter users. Twitter patched that flaw today.

Olympics Malware Threat...

August 2008

Olympics ‘will increase malware threat’. The Olympics ‘will increase malware threat’ Spamming, phishing, and malware activity rises around the time of large sporting events like the Olympics or the Super Bowl, it has been claimed. Symantec has warned household and business broadband users to be vigilant in the run-up to the Beijing Olympics, which starts this month. Many phishing attacks can hide behind what appears to be innocuous Olympic-themed messages. Last month, a large amount of fraudulent spam was sent to broadband users that claimed to originate from the Beijing Olympic Committee, telling account holders they had won a prize. Symantec’s consumer marketing director said: “Hackers and spammers will see it as a massive opportunity to compromise the unwary.”