This section is devoted to featuring late-breaking cyber security news stories.
July 31, 2008 - Dan Goodin in San Jose
"Hacktivism" Threatens World of Nations
Politically motivated computer attacks like the one last year that crippled network traffic in Estonia for weeks are likely to increase, and there's not much victims can do to stop them, a security researcher says.
Indeed, just last week government websites in the former Soviet republic of Georgia were ransacked by a denial-of-service attack amid growing diplomatic tensions between the country and Russia. Other victims include Radio Free Europe and dissidents in Tibet and Burma.
July 31, 2008 - Brian Krebs
Senate Approves Bill to Fight Cyber-Crime
The Senate on Wednesday passed legislation to modernize the nation's computer crime laws and give prosecutors more leeway in pursuing cyber crooks.
Under current federal cyber-crime laws prosecutors must show that the illegal activity caused at least $5,000 in damages before they can bring charges for unauthorized access to a computer. Under the bill approved today, that threshold would be eliminated.
July 31, 2008 - Thoma Claburn
Phishing Kits Widely Compromised to Steal From Phishers
Would-be phishers can buy, or obtain for free, phishing kits, which include the files necessary to duplicate a targeted Web site and scripts to steal information submitted by phishing victims. They're widely available online, but they're also untrustworthy.
In January, Netcraft security researcher Paul Mutton identified a phishing tool kit distributed by a group of Moroccan cybercriminals that had been compromised with a back door. Unbeknownst to its users, the phishing kit sent copies of stolen information to its creators.
July 31, 2008 - Nick Farrell
HD Moore Not "Owned" By DNS Flaw
A story published by IDG claiming that the creator of the Metaploit hacking toolkit, H D Moore, had been caught by the Kaminsky DNS cache exploit, is a load of old pants.
The story claimed that Moore's company, BreakingPoint, had some of its Internet traffic redirected to a fake Google page that was being run by a scammer.
July 30, 2008 - Tom Young
McKinnon Loses Extradition Appeal
British hacker Gary McKinnon has lost his fight against extradition and now faces trial in the US. If found guilty, McKinnon could be given a life sentence for what US prosecuters allege is "the biggest military hack of all time".
The self-confessed "computer nerd" lost the appeal to Law Lords this morning after losing an appeal at the High Court in 2006.
(Click here to read news.) (Related Story)
July 29, 2008 - Thomas Claburn
Chinese Authorities Order Olympic Hotels to Install Spy Gear
In an apparent mistranslation of the concept of hospitality, Chinese authorities have ordered foreign-owned hotels to install Internet monitoring equipment to spy on hotel guests during the Olympic Games, U.S. Sen. Sam Brownback, R-Kansas, charged on Tuesday.
"I am very disappointed that the Chinese government will not follow through on its promise to the International Olympic Committee to maintain an environment free of government censorship during the Games," Brownback said in a statement.
July 29, 2008 - John Leyden
Cybercrooks Get Faster, Further and Sneakier
Cybercrooks are becoming faster at utilising newly-discovered browser exploits. More than nine in ten of all browser-related exploits occurred within 24 hours of an official vulnerability disclosure, according to a survey by IBM's X-Force security division.
July 29, 2008 - Matt Hines
Game Over for Neosploit?
Researchers at RSA's FraudAction Research Lab are reporting that the group behind the Neosploit malware infection tool kit may have thrown in the towel, which, if true, means an end to one of the badware industry's most successful and high-profile business ventures thus far.
July 28, 2008 - Toni Bowers, Head Blogs Editor
When IT Pros Go Bad
The recent case of the network administrator who shut down San Francisco’s FiberWAN network may cause some corporate executives to initiate unneeded policies. Would that be yet another example of too much time spent on something that, in reality, rarely happens?
July 28, 2008 - Security Rant posted by Jericho
A Decade of Oracle Security
Oracle Corporation, one of the largest software companies in the world, has been providing database software for 30 years. What began as a U.S. intelligence agency funded relational database designed on a PDP-11 and never officially released, later turned into perhaps the largest and most prevalent commercial database used around the world. With global companies relying on Oracle databases for information management, the need for database security is critical.
July 28, 2008
Police: 9 Million Stolen Files Traded By Loan Ring
Some 9 million files of Korean credit information stolen by a Chinese hacker ended up back in Korea and were illegally sold and distributed to Korean loan firms, police say.
The Seoul Metropolitan Police Agency's Cyber Crime Investigation Division on Sunday said it had requested an arrest warrant for a 42-year-old loan go-between, identified by his surname Chun, who has fled to China.
July 27, 2008 - Jamie Doward, Home Affairs Editor
Briton Facing 60 Years in U.S. Prison After Hacking Into Pentagon
When he wakes up this morning, Gary McKinnon will be 72 hours from learning whether he is on the fast track to a 60-year prison sentence, thanks to his obsession with aliens.
McKinnon, 42, from Enfield in north London, is accused by American prosecutors of illegally accessing top-secret computer systems in what they claimed in one legal document was 'the biggest military computer hack of all time'.
July 25, 2008 - Robert McMillan, IDG News Service
San Francisco DA Discloses City's Network Passwords
In its bid to protect the city from one computer security risk, the San Francisco District Attorney's Office may very well have created another.
The office of San Francisco District Attorney Kamala Harris has made public close to 150 usernames and passwords used by various departments to connect to the city's virtual private network. The passwords were filed this week as Exhibit A in a court document arguing against a reduction in $5 million bail in the case of Terry Childs, who is accused of holding the city's network hostage by refusing to give up administrative networking passwords. Childs was arrested July 12 on charges of computer tampering and is being held in the county jail.
(Click here to read news.) (Related Story)
July 25, 2008 - Dan Goodin, San Francisco
World's Biggest ISPs Drag Feet On Critical DNS Patch
More than two weeks after security researchers warned of a critical defect in the net's address lookup system, some of the world's biggest internet service providers - including AT&T, BT, Time Warner and Bell Canada - have yet to install a patch inoculating their subscribers against attacks.
According to an informal survey of Register readers, 15 ISPs failed the "Check my DNS" test (see button to the right) on the website of researcher Dan Kaminsky, who discovered the bug. Now that attack code exploiting the vulnerability has been leaked into the wild, millions of subscribers are at risk of being silently redirected to impostor sites that try to install malware or steal sensitive information. Comcast and Plusnet were the only two ISPs we found that weren't vulnerable.
July 24, 2008 - Tara Perkins and Brent Jang
Fraud Probe Shuts Airport Kiosks
WestJet has stopped allowing customers to check in with their credit cards at the self-service kiosks in 28 Canadian airports, as the federal Transport Minister seeks answers in the wake of an investigation into the security of the kiosks.
Visa started investigating after banks noticed apparent fraud on cards of some people who had flown out of Toronto.
July 24, 2008 - Robert McMillan, IDG News Service
DNS Attack Code Out In Wild
Hackers have released software that exploits a recently disclosed DNS flaw. The attack code was released Wednesday by developers of the Metasploit hacking toolkit.
Internet security experts warn that this code may give criminals a way to launch virtually undetectable phishing attacks against Internet users whose service providers have not installed the latest DNS server patches.
(Click here to read news.) (Related Story)
July 22, 2008 - Craig Silverman, Globe and Mail Update
RenderMan To the Rescue
Dressed in a black trench coat and his trademark fedora, Brad Haines cruises city streets and malls on the hunt for wireless networks that are prime targets for hacking. Just be grateful he's one of the good guys.
July 22, 2008 - Thomas Claburn
Philadelphia TV Anchor Accused of Hacking Rival's E-mail
Former Philadelphia news anchor Larry Mendte on Monday was charged with hacking into the e-mail accounts of Alycia Lane, his co-anchor at CBS affiliate KYW-TV and reported rival, hundreds of times over the course of two years.
During this time, Mendte allegedly leaked privileged legal information about Lane's personal life to the press "in an attempt to undermine his colleague's ongoing legal cases," said Acting U.S. Attorney Laurie Magid at a press conference on Monday.
July 21, 2008 - Elinor Mills
For the Love of Lock Picking
I feel much less secure after attending the Last HOPE conference this weekend.
Not only is my personal information at risk every time I log onto the Internet and use a cell phone headset or passport, but even my gym locker, bike, and home can easily be accessed with the proper tools and manual dexterity.
July 18, 2008 - Linda McGlasson, Managing Editor
Banks Targeted for Malicious Attacks
Financial institutions should brace themselves for more malicious attacks, as the recent Threat Horizon 2010 report from the Information Security Forum (ISF) warns of an increase in such threats -- including attacks from organized crime and industrial espionage.
"In general, financial services probably represent the most attractive target," says Andy Jones, CISSP and ISF's Principal Research Consultant, who was the report's primary author. The report draws on the knowledge and hands-on experiences of ISF members, representing more than 300 of the world's largest business and public sector organizations.
(Click here to read news.) (registration or login required)
July 18, 2008
Naver Hit By New Hacking Method
Hackers recently targeted Naver, Korea's largest Internet portal, in a never-before-seen kind of attack. Choi Whee-young, CEO of Naver's parent NHN, said in a meeting with reporters Thursday that Naver users recently had trouble accessing the portal's cafes because it had to temporarily block access after detecting new kinds of hacker attacks.
July 17, 2008 - Elinor Mills
HOPE Conference Highlights Everyday Hacking
From sessions on how-to create fluorescent mice and crack safes to discussions on losing your privacy in a taxi and complaints about Wikipedia, the Last HOPE conference starting here Friday has something for just about everyone.
The conference is the brainchild of Emmanuel Goldstein, aka Eric Corley, who publishes the notorious 2600 magazine. Corley has seen the community grow from its early days in the1980s with kids going to jail for breaking into the AT&T network, to millions of regular citizens skirting the law with their digital entertainment consumption and iPhone hacking.
July 16, 2008 - Bob Bragdon, Publisher
Olympic Security, China and Intellectual Property
Occasionally it's tough to write a column—not for a lack of topics, but because the topics all seem so old: browser vulnerabilities, more government regulations, the latest and greatest breaches, the Celtics' victory over the Lakers (apologies to Lakers fans, but I'm from Boston), and so on.
Then last month I had dinner with a group of security and technology folks in San Francisco, and Jason Hoffman from Kaiser Permanente handed me a topic on a silver platter. Jason asked what businesses are doing if their employees are attending the Summer Olympics in Beijing. Are organizations securing the corporate secrets that may be on the laptops employees carry into China?
July 16, 2008 - Antone Gonsalves
San Francisco Computer System Hijacker Has Criminal Record
A San Francisco computer engineer arrested for allegedly locking out system administrators from the city's network has a criminal record for aggravated robbery in another state.
In addition, Terry Childs, 43, of Pittsburg, Calif., is still being paid his six-figure salary while he sits in jail, refusing to divulge the password he created to hijack the computer system that stores 60% of all city government data, including e-mails, law enforcement records, and payroll documents, the San Francisco Chronicle reported Wednesday.
(Click here to read news.) (Related Story)
July 16, 2008 - Noah Shachtman
Obama Wages Cyberwar
Since the start of the year, the Bush administration has kickstarted a $30 billion effort to shore up cyber security, installed a new "czar" for online defense, and reserved the right to snoop on everyone's net traffic, to ward off a digital attack.
Democratic presidential candidate Barack Obama says the White House is still asleep at the switch, when it comes to network defense.
July 16, 2008 - Elinor Mills
Cyber-Capos: How Cybercriminals Mirror the Mafia and Businesses
Cybercrime, the harvesting and sale of credit card and other data for online fraud and theft, is a "shadow economy" that mimics the real business world in its practices and the mafia in its structure, according to a new report from security firm Finjan.
"The current cybercrime organizations bear an uncanny resemblance to organized crime organizations such as 'La Cosa Nostra,'" concludes Finjan's Malicious Code Research Center's Web Security Trends Report for the second-quarter of 2008.
July 16, 2008 - Alice Lipowicz
Power Grid Overseer Steps Up Cybersecurity
The organization that oversees reliability for the nation’s electrical power grid is stepping up its cybersecurity efforts by setting up a new program office and creating a task force to review cybersecurity standards for the power industry.
July 15, 2008
CFP for ClubHack2008
We are pleased to announce the opening of CFP for ClubHack2008. ClubHack
is India's own international hackers' convention started in 2007. We are expecting good deep knowledge technical presentations/demonstrations on topics from the world of Information Security.
July 15, 2008 - Jaxon Van Derbeken
S.F. Officials Locked Out of Computer Network
A disgruntled city computer engineer has virtually commandeered San Francisco's new multimillion-dollar computer network, altering it to deny access to top administrators even as he sits in jail on $5 million bail, authorities said Monday.
Terry Childs, a 43-year-old computer network administrator who lives in Pittsburg, has been charged with four counts of computer tampering and is scheduled to be arraigned today.
July 15, 2008 - Jessica Blanchard
Teachers Union Site Falls Victim to Hacker
The state teachers union got an unwanted lesson in Internet security recently when a Turkish hacker temporarily replaced its main Web page with a picture of the Turkish flag.
Weeks after the attack, the Washington Education Association's home page has been fixed, but much of the content still isn't accessible. An item there reads, "Hackers 1, WEA 0," and links to another page explaining the incident.
July 14, 2008 - Glenn Fleishman
Mac (In)security: How to Secure Macs in Business
Macs are immune from security threats, right? It's Windows we have to worry about. That water-cooler wisdom needs to be flipped on its head, security experts and IT managers warn. Microsoft has gotten its security act together with Vista and its current security-response program; meanwhile, Apple is fast becoming the company most in need of getting its security mojo going.
July 14, 2008 - Robert McMillan, IDG News Service
Webroot Founder Dies in Hawaii
Two weeks after going missing Webroot Software founder Steven Thomas has been found dead in Hawaii. His body was found Sunday by hikers at the Pali Lookout, a popular tourist destination at Oahu's Nuuanu Pali State Park. Firefighters hiked down the hill and retrieved the body late Sunday afternoon, according to a report in the Honolulu Advertiser.
Thomas, 36, died Sunday, according to a spokeswoman with the Honolulu medical examiner's office. She could not say the cause of death. He had been missing since June 30.
July 13, 2008 - Zoe Lofgren, U.S. Representative
Perspective: Rescinding My Applause for Chertoff
One year ago today, Secretary Michael Chertoff announced that the Department of Homeland Security was creating the post of an assistant secretary for cybersecurity and telecommunications--an initiative I had advocated for since Sept. 11.
At the time, I applauded Chertoff for recognizing the necessity of this position to better protect our nation's cyberinfrastructure from attacks by hackers, criminals and terrorists.
July 10, 2008 - Robert McMillan, IDG News Service
Hackers Gang Up on Kaminsky Over DNS Flaw
Computer security professionals have ganged up on Dan Kaminsky for violating a cardinal rule of hackerdom: publicising a flaw without providing the technical details to verify the finding.
Kaminsky made headlines earlier this week by talking about a major flaw in the DNS software used to connect computers to each other on the Internet.
(Click here to read news.) (Related Story)
July 10, 2008 - Andrew McIntosh
California State Worker Probed in ID Security Breach
A state worker recently married to a member of the Mexican Mafia who is in Corcoran State Prison for a gang murder is herself under investigation for downloading more than 5,000 names, addresses and Social Security numbers belonging to Department of Consumer Affairs staff, The Bee has learned.
The Department of Consumer Affairs disclosed that it suffered a data security breach last month, but at the time released few details about the incident.
July 10, 2008 - Neil A. Lewis
Spy Cases Raise Concern on China's Intentions
Gregg W. Bergersen, a retired Navy veteran, and Tai Shen Kuo, a native of Taiwan, along with a third accomplice, are awaiting sentencing in a federal court for their involvement in one of many cases brought in the last year involving the illegal transfer of information to China.
July 10, 2008 - Shaun Nichols
Founder of Webroot Goes Missing
The co-founder of security firm Webroot Software has apparently gone missing in Hawaii. Steven Thomas reportedly vanished from his hotel room in Waikiki on 30 June. Family and authorities fear that Thomas, who is bipolar, may have been delusional or suicidal at the time of his disappearance.
Thomas co-founded WebRoot in 1997 in Boulder, Colorado. The company became famous for its SpySweeper anti-spyware tools and was most recently credited with a 26.8 per cent share of the retail security market.
July 10, 2008 - Biz/Tech
Nate.com Troubled By Chinese Hacking Claim
The claims of an unidentified Chinese hacker have alarmed Korea's Internet portals.
Nate.com, a leading Korean portal run by SK Communications, is dismayed by a message left on a Chinese website. Claiming to be a hacker, the writer offered to sell the personal information of 12 million Nate.com members for one million yuan (W100 million, US$1=W1,006). As if to prove the claims, the writer revealed the information of five or six Koreans.
July 9, 2008 - Bruce Schneier
How a Classic Man-in-the-Middle Attack Saved Colombian Hostages
Last week's dramatic rescue of 15 hostages held by the guerrilla organization FARC was the result of months of intricate deception on the part of the Colombian government. At the center was a classic man-in-the-middle attack.
In a man-in-the-middle attack, the attacker inserts himself between two communicating parties. Both believe they're talking to each other, and the attacker can delete or modify the communications at will.
July 9, 2008 - Patrick O'Connor
Leak Risks on the Hill: BlackBerrys
In the wake of revelations that Chinese hackers infiltrated congressional computers, lawmakers say they fear more breaches of laptops, BlackBerrys and other personal electronic devices.
But the culprit isn’t a foreign government so much as members and staffers still in the dark about the dangers that lurk in cyberspace.
July 8, 2008 - staff writers, San Francisco
Internet Flaw Could Let Hackers Take Over the Web
Computer industry heavyweights are hustling to fix a flaw in the foundation of the Internet that would let hackers control traffic on the World Wide Web. Major software and hardware makers worked in secret for months to create a software "patch" released on Tuesday to repair the problem, which is in the way computers are routed to web page addresses.
"It's a very fundamental issue with how the entire addressing scheme of the Internet works," Securosis analyst Rich Mogul said in a media conference call.
(Click here to read news.) (Related Story)
July 8, 2008 - Bruce Kelly
Hackers Compromised LPL Security
For the second time in a year, LPL Financial has experienced a major technology snafu, this time reporting that hackers “compromised” the logon passwords of 14 financial advisers and four assistants.The hackers’ goal was to use the passwords to gain access to customer accounts in order to “pump and dump” penny stocks.
The incidents, which began last July, affected 10,219 clients, Boston-based LPL said in a letter dated May 6 to Maryland Attorney General Douglas F. Gansler.
July 8, 2008 - Alyssa Rosenberg
Report Advocates Better Training for Wireless Internet Users
Many federal employees are using wireless Internet when they telework, but agencies could do more to increase wireless adoption and to train employees on information security, a report released Tuesday found.
Training is particularly important, said Cindy Auten, general manager of the Telework Exchange, an Alexandria, Va., public-private partnership that published the report along with Sprint Nextel. More employees are bringing home work after hours and on weekends, and they might not be aware of proper security measures, she said.
July 8, 2008 - Robert Vamosi
Researcher Offers Insight Into DNS Flaw
On Tuesday, security researcher Dan Kaminsky of IO Active calmly explained in a conference call with security reporters how he first stumbled upon a pervasive flaw deep within the Domain Name System (DNS), a series of servers used to translate common Internet names to IP addresses. Kaminsky said he wasn't even looking for a security vulnerability. What he found, however, could explain how criminal hackers have been able to redirect DNS queries recently.
July 7, 2008 - Daniel Kuhn
Palestinian Hackers Breach Likud Web Site
The Likud Party's official Web site was hacked into twice Monday morning by Palestinian activists seeking to display political messages. The messages appeared primarily in English, although some were in Hebrew and Arabic. The main banner on the hacked page displayed an English message, "Only free men can negotiate," above a line that read, "Palestine. Dying to live," accompanied by the image of a Palestinian flag.
July 7, 2008 - SearchSecurity.com staff
Microsoft Warns of Attacks Against Microsoft Access Zero-Day Flaw
Microsoft issued an advisory Monday warning customers of active, targeted attacks using a zero-day flaw in the Snapshot Viewer ActiveX control for Microsoft Access.
The Snapshot Viewer is used to view database report snapshots that are created with any version of Microsoft Access. The flaw could allow an attacker to gain user rights on a system, Microsoft said.
July 6, 2008 - Eric M. Weiss
Consultant Breached FBI's Computers
A government consultant, using computer programs easily found on the Internet, managed to crack the FBI's classified computer system and gain the passwords of 38,000 employees, including that of FBI Director Robert S. Mueller III.
The break-ins, which occurred four times in 2004, gave the consultant access to records in the Witness Protection Program and details on counterespionage activity, according to documents filed in U.S. District Court in Washington. As a direct result, the bureau said it was forced to temporarily shut down its network and commit thousands of man-hours and millions of dollars to ensure no sensitive information was lost or misused.
July 4, 2008 - Jeremy Kirk, IDG News Service
Lithuania: Attacks Focused on Hosting Company
A vulnerability in a Web server contributed to attacks on some 300 Web sites in Lithuania earlier this week, a computer security expert said on Friday.
The Web sites were defaced after Lithuania passed a law prohibiting the public display of symbols dating from the Soviet Union era, as well as the playing of the Soviet national anthem.
July, 2008 - Adam L. Penenberg
The Black Market Code Industry
Juergen Marester, a 24-year-old French network consultant, needed seed capital to start his own computer-security company. So he turned to his off-hours hobby -- black-hat hacking -- and did what a growing number of hackers are doing: selling "0days" (pronounced "oh-days" or "zero days," it generally refers to unknown, or zero-hour, software threats). These are recipes and code for penetrating the software run by governments, corporations, and private citizens. When properly deployed, 0days can result in minor disruptions such as a Web site's temporary paralysis. At their extreme, they grant an attacker total control over a network.
July 2, 2008 - Robert McMillan, IDG News Service
Trojan Lurks, Waiting to Steal Admin Passwords
Writers of a password-stealing Trojan horse program have found that a little patience can lead to a lot of infections.
They have managed to infect hundreds of thousands of computers -- including more than 14,000 within one unnamed global hotel chain -- by waiting for system administrators to log onto infected PCs and then using a Microsoft administration tool to spread their malicious software throughout the network.
July 2, 2008 - U.S. Army News Release
Army Activates Network Warfare Unit
A new chapter for the Army began this morning, July 2, when the Army Network Warfare Battalion (Provisional) was activated during a ceremony at Fort George G. Meade, Md.
The battalion's cyber mission will provide support to the Army and the Department of Defense.
July 2, 2008 - The Yomiuri Shimbun
Public Institutions' Web Sites Target of Cyber-Attacks
Since March, many Web sites of public institutions such as municipal governments have been altered by cyber-attacks using the method called SQL injection, it has been learned.The attacks are conducted ingeniously by hacking into the server that manages the Web site and setting up a program that infects the site with computer viruses.
The National Police Agency is investigating such attacks, concerned that cyberterrorism targeting public institutions might occur before the Group of Eight summit meeting in Toyakocho, Hokkaido, which starts Monday.
July 1, 2008 - Austin Modine
Japanese Military Shamed by USB Device
Japan's Mainichi Daily News reports that Japan's military has confessed to losing a USB device that contained troop deployment maps for a joint Japan-US military exercise. Well, actually, the USB drive was stolen, recovered, then accidentally thrown away.
