Friday, July 9, 2010

Facebook Can Get You Killed

"WHNT NEWS 19 is tracking down new details on a murder-suicide in South Huntsville including information that shows the shooter and victim were friends at one time.

"Alan Brown is the man police say shot and killed another man before taking his own life. A friend of Brown says he leaves behind two children, a teenage son and a young daughter.

"The murder-suicide happened at an apartment off South Memorial Parkway. Witnesses in the area say they heard the two men arguing before hearing gunfire.

"WHNT NEWS 19 has uncovered a string of internet activity that links Brown to Lowhorne. It's on the social networking site, Facebook. We found postings from April made by Brown on Lowhorne's business page on Facebook. The comments were in a joking nature indicating the two may have been friends.

"There is also a recent picture on Lowhorne's personal Facebook page showing him with Alan Brown's wife, Christine, atop Lookout Mountain. Other postings on the page point to Lowhorne and Christine Brown having a romantic relationship. The page also show just a matter of hours before his death, Lowhorne had just changed his status on Facebook to `in a relationship.`

"WHNT NEWS 19 spoke with one of Brown's friends. Adrienne Griggs said Alan Brown, Christine Brown, and Ben Lowhorne were indeed friends. She also says her friend never showed he had the ability to kill anyone. The same friend believes something set Brown off.

"`I just couldn't see him doing anything like this. He was an extremely nice person,` said Griggs."

From WHNT News...

Microsoft: Sleeping With The Enemy... Again

"Microsoft has signed a deal to open its Windows 7 source code up to the Russian intelligence services.

"Russian publication Vedomosti reported on Wednesday that Microsoft had also given the Russian Federal Security Service (FSB) access to Microsoft Windows Server 2008 R2, Microsoft Office 2010 and Microsoft SQL Server source code, with hopes of improving Microsoft sales to the Russian state.

"The agreement will allow state bodies to study the source code and develop cryptography for the Microsoft products through the Science-Technical Centre 'Atlas', a government body controlled by the Ministry of Communications and Press, according to Vedomosti."

More at ZDNet UK...

Monday, July 5, 2010

IT Contractor Of The Month

"A former IT worker for the Bank of New York has admitted to stealing personal information of 2,000 employees and using it to steal more than $1m from charity bank accounts, city prosecutors said.

"Adeniyi Adeyemi, 27, used his position as a contract computer technician at the bank's headquarters to steal the personal identifying information of 2,000 employees, most of whom worked in the IT department. Over an eight-year span, he used the information to set up dummy bank accounts in the employees' names and then transfer stolen funds from at least 11 charities throughout the world.

"Adeyemi used publicly available routing numbers for the charities to initiate wire transfers through financial sites such as ETrade and Fidelity and deposit them into the dummy accounts. To better cover his tracks, he then transferred the funds to a second layer of dummy accounts, according to a press release issued by the New York City District Attorney."

From The Register...

Friday, June 4, 2010

$30M ERP Clusterf*ck

"California's Marin County has sued Deloitte Consulting LLP for $30 million over an allegedly botched SAP Enterprise Resource Planning (ERP) project.

"The lawsuit, filed in Marin County Superior Court last Friday, accuses Deloitte of misrepresenting its skills and capabilities when originally pitching for the project in 2004.

"The 38-page complaint alleges that Deloitte was lying when the company promised to assemble a team of its "best resources" for the project and when it claimed to have `deep SAP and public sector knowledge` when marketing itself to the county.

"Deloitte's misrepresentation of facts resulted in a defectively designed and deficiently implemented project that resulted in the county having to pay millions of dollars to remedy, the lawsuit alleged.

"Meanwhile, Deloitte is claiming that it fulfilled all of its obligations under the contract..."

More at ComputerWorld...

Monday, May 31, 2010

Google To Defenestrate Windows

"Google is phasing out the internal use of Microsoft’s ubiquitous Windows operating system because of security concerns, according to several Google employees.

"The directive to move to other operating systems began in earnest in January, after Google’s Chinese operations were hacked, and could effectively end the use of Windows at Google, which employs more than 10,000 workers internationally.

"`We’re not doing any more Windows. It is a security effort,` said one Google employee.

"`Many people have been moved away from [Windows] PCs, mostly towards Mac OS, following the China hacking attacks,` said another.

"New hires are now given the option of using Apple’s Mac computers or PCs running the Linux operating system. `Linux is open source and we feel good about it,` said one employee. `Microsoft we don’t feel so good about.`"

More at

Tax Dollars To Fund Government Time-Waster

"Federal employees and managers will be able to meet, interact, train and learn together in a government-only online virtual world being created in the vGov project.

"The Agriculture and Homeland Security departments, Air Force and National Defense University iCollege have joined to create the vGov virtual world behind a secure firewall that can only be accessed by federal employees with authenticated identities.

"Paulette Robinson, assistant dean for teaching, learning and technology at the iCollege, said at the Gov 2.0 Expo today the project will use the three-dimensional immersive experience of virtual worlds to bring employees together from locations worldwide for real-time interactions. People will use avatars to appear in the virtual world, where they can chat with other avatars and interact with the environment."

More at Federal Computer Weekly...

Monday, May 24, 2010

Tech CEOs Play Fiddle While Rome Burns

"Data security and breach prevention ranks low as a risk factor for most big technical companies, according to new research that identifies the most widespread concerns among the 100 largest U.S. public technology companies. The research, released by BDO, a professional services firm, examines the risk factors listed in the fiscal year 2009 10-K SEC filings of the companies; the factors were analyzed and ranked in order by frequency cited.

"Among security risks, natural disasters, wars, conflicts and terrorist attacks were cited by 55 percent of respondents as a risk concern and was 16th on the list, much higher than breaches of technology security, privacy and theft, which was mentioned by 44 percent of the companies, putting it at 23rd on the list..."

More at NetworkWorld...

Wednesday, May 5, 2010

Treasury Department Web Sites PWN3D

"The Treasury Department has taken offline four public Web sites for the Bureau of Engraving and Printing after the discovery Monday of malicious code on a parent site.

"The bureau began using a third-party cloud service provider to host the sites last year, it said Tuesday in a statement about the incident. “The hosting company used by BEP had an intrusion and as a result of that intrusion, numerous websites (BEP and non-BEP) were affected,” the statement said. The Treasury Government Security Operations Center was alerted to the problem and notified the bureau, which responded by taking the sites offline."

More at Government Computer News...

Tuesday, May 4, 2010

Proxies Not Secure? duh.

"A widely used proxy service thought to provide anonymous Web surfing and used to skirt network administrator bans on access to sites like Facebook frequently reveals sensitive information about its users, according to a Swiss security researcher.

"Glype is a small bit of PHP code that routes requests for Web pages through other Web pages running its software, said the researcher, who runs the Swiss Security Blog and the Zeus Tracker project. He prefers to remain anonymous.

"The Glype code allows someone to, for example, access Facebook at work even if that page is blocked, as it appears the traffic is coming from the Web page running the proxy. Many companies now block sites such as Facebook.

"Glype's code is free, and anyone can install it on their Web page. But Glype is frequently misconfigured, the researcher said. It allow someone running a Glype proxy to turn on a log, which shows the IP (Internet protocol) address of the user, what site they requested and the time.

"Many of those people running a Glype proxy have not turned that logging function off, and worse yet, made it Web facing, meaning that URLs can be manipulated to reveal full logs.

"The researcher checked about 20 Glype proxies, found 1,700 logs files and more than one million unique IP addresses. `There are dozens of such 'insecure' proxies out there,` he said via instant message on Friday..."

From TechWorld...

Friday, April 23, 2010

Blippy Now An Officially Fucked Company

"One day after being profiled by the New York Times, the social buying site, Blippy, is finding out that being in the public eye cuts in both directions.

"The six-month-old site lets users link their credit cards and e-commerce accounts and share that information with friends and even strangers on their purchases. The venture capitalists seem to be intrigued. Blippy has raised $11.2 million in funding from August Capital and Charles River Ventures.

"But there are limits to sharing private data - especially when it's not done voluntarily. Some sleuths have found they can use Google to come up with the credit card numbers of Blippy users."

More at CBSNEWS...

Scammers Riding High On McAfee's FAIL

"Scammers have quickly piggybacked onto news of a buggy McAfee antivirus update that clobbered thousands of computers, security researchers said today.

"Early Wednesday, McAfee released a flawed signature update that wrongly tagged a crucial system file in Windows XP Service Pack 3 (SP3) as malware. After the software quarantined the `svchost.exe` file, thousands of PCs, most of them in businesses, crashed and rebooted repeatedly.

"Firms are still dealing with the aftermath, with some companies forced to manually reconfigure hundreds or even thousands of systems.

"The debacle made news not just in the technical press, but in more mainstream outlets, including the New York Times and USA Today.

"And news is scammers' bread and butter. Using their now-traditional technique of poisoning results at majorsearch engines like Google and Bing, `scareware` makers have pushed links touting fake antivirus software to at or near the top of the results lists, said Graham Closely, senior technology consultant with Sophos.

"The links appear when users type search terms such as `McAfee update` and `McAfee 5958,` the latter a reference to the faulty update's designation, added Panda Security in a post to its company blog today..."

More at ComputerWorld...

Wednesday, April 21, 2010

McAfee Steps On Its Dick

"PCs across the country rebooted continuously Wednesday, in a mass outbreak reminiscent of the widespread computer viruses from a decade ago. The cause this time wasn’t a virus, however, but a glitch on the part of a company that’s supposed to stop such malicious programs.

"Security company McAfee Wednesday morning issued a software update intended to give the computers that it’s contracted to protect a new list of malicious files to block and delete. Somehow a file that is part of Microsoft’s Windows operating system made it on to the list. And when McAfee’s software deleted this file, all hell broke loose.

"People all over the country reported that their computers stopped working. Among the victimized organization were a hospital in Rhode Island, police in Kentucky and the National Science Foundation, according to the AP.

"Jamal Mazhar, who runs LodgeXcode Inc., a consulting firm for hotels, says his computer and others in his office have been rebooting since morning. His tech staff downloaded a fix, but hasn’t yet been able to get the computers working again. `We’re down hard,` he says.

"McAfee said in a statement that the company was `not aware of significant impact on consumers.` In terms of numbers, it said the incident impacted less than `one half of one percent` of its consumer base and enterprise accounts globally."

More at The Wall Street Journal...

EDITORIAL COMMENT: I can't help but wonder if the McAfee employess who are going to get fired for this will turn to cybercrime.
- Hinky

Friday, April 16, 2010

Zeus Botnet Exploits PDF "Feature"

"The Zeus botnet is now using an unpatched flaw in Adobe's PDF document format to infect users with malicious code, security researchers said today.

"The attacks come less than a week after other experts predicted that hackers would soon exploit the `/Launch` design flaw in PDF documents to install malware on unsuspecting users' computers.

"The just-spotted Zeus variant uses a malicious PDF file that embeds the attack code in the document, said Dan Hubbard, CTO of San Diego, Calif.-based security company Websense. When users open the rogue PDF, they're asked to save a PDF file called `Royal_Mail_Delivery_Notice.pdf.` That file, however, is actually a Windows executable that when it runs, hijacks the PC.

"Zeus is the first major botnet to exploit a PDF's /Launch feature, which is, strictly speaking, not a security vulnerability but actually a by-design function of Adobe's specification. Earlier this month, Belgium researcher Didier Stevens demonstrated how a multistage attack using /Launch could successfully exploit a fully-patched copy of Adobe Reader or Acrobat..."

From ComputerWorld...

Thursday, April 15, 2010

Oracles Relents, Offers "Quick & Dirty" Patch

"Oracle today patched a critical Java vulnerability that is being exploited by hackers to install malicious software.

"The security update to Java SE 6 Update 20 patches a bug disclosed last Friday by Google security researcher Tavis Ormandy, who spelled out how attackers could run unauthorized Java programs on a victim's machine by using a feature designed to let developers distribute their software. Only systems running Windows are at risk.

"Oracle's patch appears quick and dirty, Ormandy said. `They've completely removed the vulnerable feature, literally replaced with 'return 0,'` he said on Twitter...

"Other researchers noted Oracle's turnaround today. `So it turns out that Oracle can actually patch Java in less than a week! Funny how vendors only care to do this after full-disclosure,` said noted browser researcher Alexander Sotirov, also on Twitter..."

From ComputerWorld...

Oracle To Users: FUCK YOU

"Just five days after a Google researcher published information of an unpatched Java bug, a compromised song lyrics site is sending users to a Russian attack server exploiting the flaw to install malware, an antivirus firm said today.

"Last Friday, Google's Tavis Ormandy posted details of the Java vulnerability to the Full Disclosure security mailing list, spelling out how attackers could run unauthorized Java programs on a victim's machine by using a feature designed to let developers distribute their software. According to Ormandy, all versions of Java for Windows since SE 6 update 10 -- which debuted two years ago -- are vulnerable. Other operating systems running Java are unaffected, he said...

"Although Ormandy reported the flaw to Sun -- now part of Oracle -- he said the company declined to rush out a patch. `They informed me they do not consider this vulnerability to be of high enough priority to break their quarterly patch cycle,` Ormandy wrote on the mailing list. `I explained [to them] that I did not agree, and intended to publish advice to temporarily disable the affected control until a solution is available.`

"Oracle patched Java last week; its next regularly-scheduled update is slated for July."

More at ComputerWorld...

Tuesday, April 13, 2010

Another Day, Another Facebook Hack

"For all the credit Facebook has received for its privacy controls and user safety, the site still falls prey to an unsettling number of security issues and potential data breaches. Last month a botched code push accidentally revealed private user email addresses, and before that Facebook accidentally sent private messages to the wrong recipients. Today, security engineer Joey Tyson, AKA theharmonyguy, has detailed a major security hole in Facebook Platform — one that would allow a malicious website to silently access a user’s profile information, photos, and in some cases, messages and wall posts, with no action required on the user’s part..."

From TechCrunch...

McAfee: Partnering With Scumbags To Rip You Off

"Two California women have sued security company McAfee, accusing it of duping customers into subscribing to third-party services and passing consumers' credit or debit card information to the service supplier without their permission.

"The lawsuit, which was filed by Melissa Ferrington and Cheryl Schmidt, asked a San Francisco federal court to grant the case class-action status, and demanded that McAfee be barred from continuing the practice. The pair also asked for compensatory and punitive damages, which would be decided at trial.

"When customers purchase McAfee security software online, but before the download beings, a pop-up with a large "Try It Now" button appears.

"`The pop-up, mimicking the look of the other pages on the McAfee site, thanks the customer for purchasing McAfee software, and prompts McAfee's customers to click a red button to 'Try it Now,'` the lawsuit alleged.

"`The pop-up contains no obvious visual cues or conspicuous text indicating that it is an advertisement for another product, or that clicking on 'Try it Now' will lead not to the delivery of the McAfee product but rather to the purchase of a completely different product. Instead, all the visual cues suggest that 'Try It Now' is a necessary step in downloading the McAfee software.`

"By clicking on the pop-up, users agree to a $4.95 per month fee charged by Arpu, a company that creates Web ads "enabling an advertised product or service to be obtained with a single click," according to the Washington D.C. firm's Web site.

"Arpu's site lists McAfee as one of its partners...

"`A single click on the deceptive pop-up causes the purchase of an unwanted product from Arpu, a sale made without the knowledge or authorization of customers, using credit/debit card billing information that they have entrusted solely to McAfee,` said the women's lawsuit."

More at ComputerWorld...

Friday, April 9, 2010

Chinese Fire Drill Borks The Interwebs

"For the second time in two weeks, bad networking information spreading from China has disrupted the Internet.

"On Thursday morning, bad routing data from a small Chinese ISP called IDC China Telecommunication was re-transmitted by China's state-owned China Telecommunications, and then spread around the Internet, affecting Internet service providers such as AT&T, Level3, Deutsche Telekom, Qwest Communications and Telefonica.

"`There are a large number of ISPs who accepted these routes all over the world,` said Martin A. Brown, technical lead at Internet monitoring firm Renesys.

"According to Brown, the incident started just before 10 a.m. Eastern Time on Thursday and lasted about 20 minutes. During that time IDC China Telecommunication transmitted bad routing information for between 32,000 and 37,000 networks, redirecting them to IDC China Telecommunication instead of their rightful owners.

"These networks included about 8,000 U.S. networks including those operated by Dell, CNN, Starbucks and Apple. More than 8,500 Chinese networks,1,100 in Australia and 230 owned by France Telecom were also affected.

"The bad routes may have simply caused all Internet traffic to these networks to not get through, or they could have been used to redirect traffic to malicious computers in China.

"While the incident appears to have been an accident, it underscores the weakness of the Border Gateway Protocol (BGP), a critical, but obscure, protocol used to bind the Internet together."

More at NetworkWorld...

Thursday, April 8, 2010

IT Worker Of The Month

"A Bank of America computer specialist is set to plead guilty to charges that he hacked the bank's automated tellers to dispense cash without recording the activity.

"Rodney Reed Caverly, of Charlotte, North Carolina, is scheduled to plead guilty to a computer fraud charge next Tuesday in federal court in Charlotte, according to his lawyer Christopher Fialko, who declined to comment further on the case.

"Caverly was charged last week with one count of computer fraud for allegedly writing a malicious program that ran on Bank of America's computers and ATMs, according to court filings. The documents say Caverly made more than the statutory minimum of US$5,000 from the scam, but they do not spell out the bank's total losses. That number could come out when his plea is entered next week.

"He faces a maximum sentence of five years in prison."

More at ComputerWorld...

Thursday, April 1, 2010

Microsoft's African Investments Start To Pay Off

"Imagine a network of virus-driven computers so infectious that it could bring down the world's top 10 leading economies with just a few strokes. It would require about 100 million computers working together as one, a `botnet` -- the cybersecurity world's version of a WMD. But unlike its conventional weapons equivalent, this threat is the subject of no geopolitical row or diplomatic initiative. That's because no one sees it coming -- straight out of Africa.

"Cybercrime is growing at a faster rate in Africa than on any other continent in the world, according to statistics presented at a conference on the matter in Cote D'Ivoire in 2008. Cybersecurity experts estimate that 80 percent of PCs on the African continent are already infected with viruses and other malicious software. And while that may not have been too worrisome for the international economy a few years ago, the arrival of broadband service to Africa means that is about to change. The new undersea broadband Internet cables being installed today will make Africa no further away from New York than, say, Boston, in the virtual world.

"Broadband Internet access will allow Africa's virus and malware problems to go global. With more users able to access the Internet (and faster), larger amounts of data can be transferred both out and inward. More spam messages in your inbox from Africa's email fraudsters will be only the beginning..."

More at

Sunday, March 28, 2010

Big Players To Spy On IPv6-Enabled Users

"Leading Web content providers -- including Google, Yahoo, Netflix and Microsoft -- are conducting early-stage conversations about creating a shared list of customers who can access their Web sites via IPv6, the long-anticipated upgrade to the Internet's main communications protocol.

"The DNS Whitelist for IPv6 would be a list of IP addresses that have functioning IPv6 connectivity. Content providers would use this shared DNS Whitelist to serve up content to these IP addresses via IPv6 rather than through IPv4, which is the current version of the Internet Protocol. Web site visitors not listed on the DNS Whitelist for IPv6 would receive IPv4-based content...

"Content providers say they need a DNS Whitelist for IPv6 because the Internet has so many broken IPv6 links due to problematic default behavior and incompatibilities in operating systems, home gateways and customer premises equipment. Without a whitelist to help sort out which customers can and cannot receive IPv6 content, Web developers say they will inadvertently block too many customers from accessing their content."

From NetworkWorld...

Friday, March 26, 2010

Tweeker Busted For High School Hack

"A 21-year-old former Evergreen Public Schools student has pleaded guilty to criminal charges in connection with a computerized payroll security breach in November that put more than 5,000 past and current Vancouver Public Schools employees at risk of identity theft.

"Christopher Berge, a 2006 Mountain View High School graduate last known to live in Oregon City, Ore., was sentenced to 10 years in prison on Wednesday by Clark County Superior Court Judge Roger Bennett.

"Berge pleaded guilty to 31 counts, including 24 counts of second-degree identity theft, first-degree computer trespass, forgery and possession of methamphetamine."

More at The Columbian...

MS, Adobe, Apple Bitch-Slapped At Pwn2Own

"The only researcher to `three-peat` at the Pwn2Own hacking contest said today that security is such a `broken record` that he won't hand over 20 vulnerabilities he's found in Apple's, Adobe's and Microsoft's software.

"Instead Charlie Miller will show the vendors how to find the bugs themselves.

"Miller, who yesterday exploited Safari on a MacBook Pro notebook running Snow Leopard to win $10,000 in the hacking challenge, said he's tired of the lack of progress in security. `We find a bug, they patch it,` said Miller. `We find another bug, they patch it. That doesn't improve the security of the product. True, [the software] gets incrementally better, but they actually need to make big improvements. But I can't make them do that.`"

From ComputerWorld...

Thursday, March 25, 2010

Unemployed IT Worker Of The Month

"A Frenchman who broke into Barack Obama and Britney Spears' Twitter feeds insisted Thursday he is no hacker but a `kind pirate` seeking to expose security weaknesses.

"`I did not act with a destructive aim ... I wanted to warn them, to show up the faults in the system,` said the 23-year-old, who was arrested Tuesday after an operation by French police and FBI agents.

"The curly-haired unemployed computer technician wore a pair of slippers adorned with smiley faces as he sat in his parents' home in central France and told of how he broke into the popular micro-blogging site.

"Francois C., who spoke to AFP on condition that his full surname not be used, is accused of breaking into Twitter and Google accounts, including ones used by US president Obama and pop star Spears..."

Full article at

Monday, March 22, 2010

Hinky Dink Publishes Koobface Data

"Mr. Hinky Dink, a Big Time Security Professional™ today released an analysis of the spread of the Koobface worm. Based on an exhaustive study of his database of over two and a half million open Web proxies collected over two years, Hinky’s findings demonstrate where the most vulnerable social networking users can be found.

"`With more losers piling into social networking sites this trend is very likely to continue,` said Hinky. `This study highlights the cities with the most gullible users on the Internet. This study will no doubt help cybercriminals, script kidz, and Cameroonian puppy scammers target their next online marketing campaigns.`"

Read the complete report here.

Can You Hack Me now?

"Malware-tainted memory cards may have ended up on as many as 3,000 HTC Magic phones, a greater number than first suspected, Vodafone said today.

"The problem came to light earlier this month after an employee of Panda Security plugged a newly ordered phone into a Windows computer, where it triggered an alert from the antivirus software.

"Further inspection of the phone found the device's 8GB microSD memory card was infected with a client for the now-defunct Mariposa botnet, the Conficker worm and a password stealer for the Lineage game.

"Vodafone said it was an isolated incident, but an employee at Spanish security company S21sec discovered another phone with an infected card, which it sent to Panda. That phone was purchased directly from Vodafone's Web site in the same week as the first phone, according to Panda.

"It is unclear how the batch of memory cards became infected and an investigation is under way, said a spokesman for Vodafone in Spain."

More at ComputerWorld...

Saturday, March 20, 2010


"Mozilla yesterday confirmed a critical vulnerability in the newest version of Firefox, and said it would plug the hole by the end of the month.

"Although the patch won't be added to Firefox before next week's Pwn2Own browser hacking challenge, researchers won't be allowed to use the flaw, according to the contest's organizer.

"`The vulnerability was determined to be critical and could result in remote code execution by an attacker,` Mozilla acknowledged in a post to its security blog late Thursday. `The vulnerability has been patched by developers and we are currently undergoing quality assurance testing for the fix.`

"Firefox 3.6, which Mozilla launched in January, is affected, Mozilla said, adding that it would be patched in version 3.6.2, currently slated to ship on March 30..."

From ComputerWorld...

Tuesday, March 16, 2010

Big Brother 2.0

"The Feds are on Facebook. And MySpace, LinkedIn and Twitter, too.

"U.S. law enforcement agents are following the rest of the Internet world into popular social-networking services, going undercover with false online profiles to communicate with suspects and gather private information, according to an internal Justice Department document that offers a tantalizing glimpse of issues related to privacy and crime-fighting.

"Think you know who's behind that `friend` request? Think again. Your new `friend` just might be the FBI..."

More at

Thursday, March 11, 2010

IE Users PWN3D By 0day... Again

"Hackers are exploiting the just-disclosed unpatched bug in Internet Explorer (IE) to launch drive-by attacks from malicious Web sites, security researchers said today.

"`This attack appears to be rather targeted at the moment, but as with other unpatched vulnerabilities in the past, this has the potential to explode now that the word is getting out,` said Craig Schmugar, a threat researcher at McAfee, in a blog post today.

"Attacks are launched from Web sites in a classic drive-by fashion, said Schmugar and others. `Visiting the page is enough to get infected,` Schmugar said."

From ComputerWorld...

The First Rule Of Govt. Info Security...

"Last week, Pennsylvania’s chief information security officer Robert Maley was at an information security conference in San Francisco talking about a hacking incident involving PennDOT’s computers. This week, Maley is gone.

"Gary Tuma, Gov. Ed Rendell’s press secretary, confirmed that Maley is no longer employed by the state, but he declined to comment further, saying it is a personnel matter.

"Attempts to contact Maley yesterday were unsuccessful.

"Danielle Klinger, a spokeswoman for the state Department of Transportation, said the agency is not aware of any hacking or breach that occurred involving scheduling system for its driving test. However, she said that a few weeks ago, `we did discover an anomaly and we have actually turned that over to [the state police] for further investigation. We’re not sure what that anomaly is, but it is being investigated. Unfortunately, I can’t provide any more details on it.`"

More at

Monday, March 8, 2010

Energizer Bunny Arrested, Charged With Battery

"A USB charger from Energizer uses software that contains a Trojan, according to US-CERT. The software was apparently developed outside the U.S. and may have been giving hackers access to PCs since 2007. An analyst said trust in the Energizer bunny may have led many consumers to install the DUO USB charger malware even with a warning.

"US-CERT researchers said Friday that the software that installs with the Energizer charger contains a Trojan horse that gives malicious hackers a back door into Windows machines.

"`An attacker is able to remotely control a system Relevant Products/Services, including the ability to list directories, send and receive files, and execute programs. The backdoor operates with the privileges of the logged-on user,` US-CERT said. `Removing the Energizer USB charger software will also remove the registry value that causes the backdoor to execute automatically when Windows starts.`"

More at

Trust No One 2.0

"Facebook founder Mark Zuckerberg has been accused of hacking into the email accounts of rivals and journalists.

"The CEO of the world's most successful social networking website was accused of at least two breaches of privacy in a series of articles run by
As part of a two-year investigation detailing the founding of Facebook, the magazine uncovered what it claimed was evidence of the hackings in 2004.

"In the first instance, it said that, when Zuckerberg discovered that Harvard's student newspaper The Crimson was planning on running an article on him in 2004, he used reporters' Facebook logins to hack into their accounts.

"In the second instance, the magazine claimed Zuckerberg hacked into the accounts of rivals at Harvard who accused him of stealing their idea for a social network. He then allegedly tried to sabotage the rival network they had set up..."

Read thw whole story here...

Thursday, March 4, 2010

Insurance Companies Leverage Facebook To Raise Your Rates

"Any town U.S.A. You walk into a store and notice someone you recognize, from Facebook. But you really don’t know the individual; only online have you “met” that person. You have shared a note, or played a game on Facebook, Myspace, or other media website. You can choose to say hello or ignore them. That choice is up to you.

"Sometime in the future, you wind up in a car accident and suffer physical injuries that you decide can be claimed in a lawsuit against the insurance company. Now your friends on Facebook may not have any choice of getting to know you up close and in person. You may not even be aware that they are being questioned.

"Insurance companies are beginning to demand access to information about you and they do not want your explicit consent. In a Globe and Mail report, the insurance industry wants to use sites such as Facebook to collect and use background information collected to contradict any evidence you have used in your claim for damages.

"The first thing the insurance lawyers will do in court is to ask plaintiffs if they have Facebook accounts and demand a court order to review those account — even if you have always had your privacy settings configured to be not searchable by Google or other services. And if somehow they find out that you are on Facebook and you said no, chances are your lawsuit against the insurance company may fail. And so the game begins. The lawyers will have access to everything about you; your friends are also now exposed and may be questioned about your online habits what you are doing online, personal messages are read and now your friend’s privacy is also vulnerable - even if you have never met them in person..."

Morre at ZDNet...

XP Users Helpless Against New Web Hack

"Microsoft told Windows XP users today not to press the F1 key when prompted by a Web site, as part of its reaction to an unpatched vulnerability that hackers could exploit to hijack PCs running Internet Explorer (IE).

"In a security advisory issued late Monday, Microsoft confirmed the unpatched bug in VBScript that Polish researcher Maurycy Prodeus had revealed Friday, offered more information on the flaw and provided some advice on how to protect PCs until a patch shipped.

"`The vulnerability exists in the way that VBScript interacts with Windows Help files when using Internet Explorer,` read the advisory. `If a malicious Web site displayed a specially crafted dialog box and a user pressed the F1 key, arbitrary code could be executed in the security context of the currently logged-on user.`"

From ComputerWorld...

Monday, February 22, 2010

Chuck Norris Wants Your Router

"If you haven't changed the default password on your home router, you may be in for an unwanted visit from Chuck Norris -- the Chuck Norris botnet, that is.

"Discovered by Czech researchers, the botnet has been spreading by taking advantage of poorly configured routers and DSL modems, according to Jan Vykopal, the head of the network security department with Masaryk University's Institute of Computer Science in Brno, Czech Republic.

"The malware got the Chuck Norris moniker from a programmer's Italian comment in its source code: `in nome di Chuck Norris,` which means `in the name of Chuck Norris.` Norris is a U.S. actor best known for his martial arts films such as `The Way of the Dragon` and `Missing in Action.`

"Security experts say that various types of botnets have infected millions of computers worldwide to date, but Chuck Norris is unusual in that it infects DSL modems and routers rather than PCs."

From PC World...

Tuesday, February 2, 2010

Massive Oracle PWN@G3 At Black Hat

"In 2001, Larry Ellison brashly proclaimed in a keynote speech at the computing conference Comdex that his database software was "unbreakable." David Litchfield has devoted the last nine years to making the Oracle chief executive regret that marketing stunt.

"At the Black Hat security conference Tuesday afternoon, Litchfield unveiled a new bug in Oracle's 11G database software, a critical, unpatched vulnerability that would allow a hacker to take control of an Oracle database and access or modify information at any security level. `Anything that God can do on that database, you can do,` Litchfield [said] in an interview following his talk.

"The attack that Litchfield laid out for Black Hat's audience of hackers and cybersecurity researchers exploits a combination of flaws in Oracle's software. Two sections of code within the company's database application--one that allows data to be moved between servers and another that allows management of Oracle's implementation of java--are left open to any user, rather than only to privileged administrators. Those vulnerable subroutines each have their own simple flaws that allow the user to gain complete access to the database's contents.

"Litchfield says he warned Oracle about the flaws in November, but they haven't been patched. Oracle didn't immediately respond to a request for comment."

More at

Monday, February 1, 2010

Hacking Twits For Fun And Profit

"According to researchers at Kaspersky Lab, cybercriminals are trying to sell hacked Twitter user names and passwords on-line for hundreds of dollars.

"Since 2005, the bad guys have been developing new data-stealing malware that is now a growing problem on the Internet. Some of these programs look for banking passwords, others hunt for on-line gaming credentials. But the fastest-growing data stealers are generic spying programs that try to steal as much information as possible from their victims, said Kaspersky Researcher Dmitry Bestuzhev, speaking at a press event Friday.

"In 2009, Kaspersky identified about 70,000 of these programs -- twice as many as the year before, and close to three times the number of banking password stealing programs.

"They're popular because criminals are starting to realize that they can do better than simply swiping credit card numbers. Bestuzhev has seen Gmail accounts for sale on Russian hacker forums, (asking price 2,500 rubles, or $82) RapidShare accounts going for $5 per month, as well as Skype, instant messaging and Facebook credentials being offered.

"Asking prices can vary greatly, depending on the name of the account and the number of followers, but attackers are looking for an initial, trusted, stepping stone from which to send malicious Twitter messages and, ideally, infect more machines.

"Bestuzhev said that one Twitter account, with just over 320 followers, was offered at $1,000 in an underground hacker forum. The user's name was a simple three letter combination that Bestuzhev thought might make it more valuable to criminals. Compare that to an MSN account, which Bestuzhev has seen priced at €1 ($1.40). `The price for Twitter accounts is really high,` he said."

More at ComputerWorld...

Sunday, January 31, 2010

Killer Robot In Custody

"An 81-year-old Australian man has shot himself dead with an elaborate suicide robot built using plans he downloaded from the Internet.

"The Gold Coast man, who lived alone, left notes of his plans and thoughts as he struggled to come to terms with demands by interstate relatives that he move out his home and into care.

"He spent hours searching the Internet for a way to kill himself, downloaded what he needed and then built a complex machine that would remotely fire a gun.

"He set the device up in his driveway about 7 a.m. Wednesday, placed himself in front of it and set it in motion.

"His notes explained that he chose the driveway as he knew there were tradesmen working next door who would find his body. The plan worked as the workmen heard the gunshots and ran to investigate.

"The machine was attached to a .22 semi-automatic pistol loaded with four bullets.

"It was able to fire multiple shots into the man's head after he activated it."

From FOX News...

Friday, January 29, 2010


"Insecurity outfit McAfee has named the US as the most likely source of cyber attacks, beating out the widely perceived favourites China and Russia.

"McAfee conducted a study that questioned 600 IT and security executives from various countries to discuss, rate and rank their biggest Internet security concerns. Most of the report just states the bleedin' obvious, except for the finding that the Americans are the most feared by the others.

"With the recent scuffles between Google and the Chinese government it comes as no surprise that almost 75 per cent of respondents believed that the Chinese government was involved in cyber attacks against their country. However, the figures for both the US and Russia were identical at 60 per cent. The UK government came in third from last with only 50 per cent or so believing that it was involved in naughty cyber aggression activities.

"Probably the most startling discovery was that it is the US, not China or Russia, that is feared the most. The majority of countries in the West listed the US ahead of China and Russia as the country `of most concern` when it came to attacks."

More at the Inquirer...

Tuesday, January 26, 2010

More Internet Explorer Fun

"Microsoft's Internet Explorer (IE) could inadvertently allow a hacker to read files on a person's computer, another problem for the company just days after a serious vulnerability received an emergency patch.

"The problem was actually discovered as long as two years ago but has persisted despite two attempts by Microsoft to fix it, said Jorge Luis Alvarez Medina, a security consultant with Core Security Technologies. He is scheduled to give a presentation at the Black Hat conference in Washington, D.C., on Feb. 3.

"The issue could allow a hacker to read files on a person's computer but not install other code. Nonetheless, the problem represents a serious security issue, Medina said. It affects all of Microsoft's operating systems from Windows NT through Windows 7 and every version of IE, including the latest one, IE8."

More at ComputerWorld...

Google's Downfall: Social Networking

"People behind the China-based online attacks of Google and other companies looked up key employees on social networks and contacted them pretending to be their friends to get the workers to click on links leading to malware, according to a published report on Monday.

"`The most significant discovery is that the attackers had selected employees at the companies with access to proprietary data, then learnt who their friends were,` the Financial Times reported. `The hackers compromised the social network accounts of those friends, hoping to enhance the probability that their final targets would click on the links they sent.`

"`We're seeing a lot more up-front reconnaissance, understanding who the players are at the company and how to reach them,` George Kurtz, chief technology officer at security firm McAfee, told the Financial Times. `Someone went to the trouble to backtrack: 'Let me look at their friends, who I can target as a secondary person.'`"

"The attackers used a popular instant-messaging program to distribute the malware link to target employees, Kurtz said. The malware exploited a hole in Internet Explorer that Microsoft patched just last week."

More at CNET...

AV Spending Seen As Pointless

"Following the highly publicized and successful malware attacks on Google, Symantec, Adobe, Dow Chemical, and others, business and government executives are questioning the value of their AntiVirus subscriptions. Their unprecedented skepticism will grow even more intense as more executives learn that all of these successful attacks were easily preventable.

"`In almost every meeting I’ve had since the mainstream media started reporting on these highly visible failures, executives and IT personnel have criticized their AntiVirus computer protection. This Aurora/Hydra outbreak could spark a big change in 2010 enterprise IT security spending, a multi-billion dollar change`, predicts Mike Fumai, CEO of Blue Ridge Networks.

"There’s nothing particularly novel about the exploitable vulnerabilities in Internet Explorer this month, or those in Adobe Acrobat Reader last month. These are merely new entries in a formulaic story re-written almost monthly. Last week’s out-of-cycle security patch from Microsoft is just a less frequently seen plot twist. Until now, these recurring stories only served to increase spending on AntiVirus software from well-known security vendors. However, these targeted organizations with deep pockets and large IT security staffs were successfully attacked because their name-brand AntiVirus software did not have signatures to detect the malware attack code."

More at PRWeb...

Friday, January 22, 2010

ID Theft Ring Included City Employees

"In a six-count indictment filed in U.S. District Court, federal prosecutors assert a Seattle Municipal Court employee passed account information into an identity theft ring in which four people are presently charged.

"Federal prosecutors claim Diamond Wendell Alexander Jr. and Crystal Loren Lee recruited others to copy credit card information from their places of employment and forward that information to them.

"Alexander and Lee would then use that credit card information to make purchases, chiefly Wal-Mart gift cards, according to prosecutors statements to the court. In total, they attempted to fraudulently charge more than $300,000 in gift cards and other merchandise using `skimmed` credit cards.

"Among those recruited for the scheme was a Seattle Municipal Court employee who handled payments, prosecutors allege. That employee would then pass on credit card numbers -- referred to by prosecutors as `access device information` -- to Alexander and Lee.

"Identified only by initials in court documents, the city employee is considered an unindicted co-conspirator in the scheme.

"`The Seattle Municipal Court employee would print access device information pertaining to people who used their cards to pay for traffic tickets and other transactions with the court,` according to a grand jury indictment filed Wednesday."

More at

Thursday, January 21, 2010

Firefox, Opera Benefit From IE Schadenfreude

"Mozilla yesterday reported a `huge increase` in downloads of Firefox in Germany after that country's computer security agency urged users of Microsoft's Internet Explorer (IE) to dump the browser and run a rival instead.

"German downloads of Firefox during a four-day stretch starting last Friday jumped by about 300,000 over normal, said Ken Kovash, Mozilla's director of analytics, on the company's `Blog of Metrics.` `Over the past few days there has been a huge increase in the number of Firefox downloads from IE users in Germany,` Kovash claimed.

"Norwegian browser maker Opera Software said that downloads in Germany of its desktop application were double the usual rate last weekend, and downloads in Australia were up 40% over normal.

"Mozilla and Opera cited recommendations by German, French and Australian authorities to stop using IE as the cause for the jump. Last Friday, Germany's Federal Office for Information Security, known by its German initials of BSI, and France's CERTA each called for users to stop running IE until Microsoft patches a critical vulnerability. `Pending a patch from the publisher, CERT recommends using an alternative browser,` a translation of the French advisory stated."

More at ComputerWorld...

Wednesday, January 20, 2010

Facebook Follies

"Vanessa Palm and Alexander Rust, two 20-something Americans vacationing in the Bahamas last February, decided to catch and eat an iguana - a species protected under Bahamian law. Unfortunately for them, they also decided to post pictures on Facebook of their illicit meal.

"Bahamian authorities were alerted to the photos, and promptly proceeded to track down and arrest the two tourists for killing and eating a protected iguana.

"Perhaps they used the jail time to debate whether or not it tasted like chicken.

"Similarly, a 20-year-old employee of a Petland pet store in Ohio not only drowned rabbits from the store, she creepily bragged about it on her Facebook "wall." Someone from People for the Ethical Treatment of Animals (PETA) learned of this, and she was soon charged with two counts of animal cruelty.

"Meanwhile, it wasn't enough for 38-year-old Jacob Rehm of Morrisville, Vt., to steal a tour bus from his former employer, Lamoille Valley Transportation, and take it on a joyride. No, he had to go and make a four minute video of his little adventure (complete with a tour of the $500,000 bus itself) and post it on YouTube.

"After the bus was recovered in another town and Rehm was charged with the theft, the prosecutors found that video very helpful when they went to court."

More at The Southeast Texas Record...

Saturday, January 16, 2010

Firefox Über Alles

"In a statement issued today, the German Federal Office for Security in Information Technology (known as BSI) recommends that all Internet Explorer users switch to an alternative browser. They may resume using Explorer after a fix is issued by Microsoft for a critical vulnerability that has been implicated in the Chinese cyberattack against Google.

"According to the statement from BSI, even running Internet ExplorerInternet ExplorerInternet Explorer in “protected” mode is not enough to prevent a hacker from exploiting this security flaw.

"IE, while the world’s most popular browser, has been steadily losing marketshare over perceptions that it is slower and less secure than rival browsers, especially FirefoxFirefoxFirefox. This incident won’t help."

More at Mashable...

Wednesday, January 13, 2010


"Cloud computing will become so pervasive that by 2012, one out of five businesses will own no IT assets at all, the analyst firm Gartner is predicting.

"The shift toward cloud services hosted outside the enterprise's firewall will necessitate a major shift in the IT hardware markets, and shrink IT staff, Gartner said.

"`The need for computing hardware, either in a data center or on an employee's desk, will not go away,` Gartner said. `However, if the ownership of hardware shifts to third parties, then there will be major shifts throughout every facet of the IT hardware industry. For example, enterprise IT budgets will either be shrunk or reallocated to more-strategic projects; enterprise IT staff will either be reduced or reskilled to meet new requirements, and/or hardware distribution will have to change radically to meet the requirements of the new IT hardware buying points.`

"If Gartner is correct, the shift will have serious implications for IT professionals, but presumably many new jobs would be created in order to build the next wave of cloud services...."

From NetworkWorld...

Adobe Hoisted On Its Own Petard

"Adobe today confirmed that the cyberattack that hit its corporate network earlier this month was connected to the large-scale attacks Google cited yesterday as one reason it might abandon China.

"Meanwhile, some researchers have hinted, and others have claimed, that the attacks against both Google and Adobe were based on malicious PDFs that exploited a just-patched vulnerability in Adobe's popular Reader software...

"Security researchers hinted earlier today that the attacks against Google, Adobe and dozens of other major firms were conducted using malicious PDFs that exploited one or more vulnerabilities in Adobe Reader. Analysts at Verisign's iDefense security group told Robert McMillan of IDGNews today that hackers had launched targeted attacks using a malicious document attached to e-mail messages."

More at ComputerWorld...

McAfee To Leverage "Captive Audience" Marketing

"Facebook announced late Tuesday that it is offering free computer security software for six months to all of its 350 million members to head off increasing threats of hackers and computer viruses on the social network.

"Facebook has cut a deal with anti-virus maker McAfee Inc. of Santa Clara to provide the security software, available on McAffe's Facebook fan page.

"McAfee's Internet Security Software Suite will be free for six months and available for a "special discount subscription" afterwards, the companies said in a statement. The announcement did not detail how much the paid subscription would cost once the free period ends..."

More at SFGate...

Saturday, January 9, 2010

$15M Cyberscam PWN3D

"U.S. prosecutors indicted 19 people Friday – most in Dallas and Fort Worth – on charges related to a `massive cybercrime conspiracy` that they said defrauded local telecommunications companies and other merchants of $15 million worth of services and goods.

"The indictments follow raids by the FBI last year on two data hosting companies where computer servers were taken on suspicion of fraudulent activity. Friday's move expands a Sept. 2 indictment by U.S. Attorney James Jacks that targeted nine people.

"Several of those charged are believed to have fled the United States; one, Michael Faulkner of Southlake, is reported anonymously to have been killed trying to re-enter the U.S., Jacks' office said, though that has not been confirmed.

"The scheme went from 2003 to 2009 and involved the creation of shell companies through the data hosting companies run by Faulkner, according to the indictment."

More at

Friday, January 8, 2010

Crafty Packets PWN Juniper Routers

"Juniper Networks is warning customers of a critical flaw in its gateway routers that allows attackers to crash the devices by sending them small amounts of easily-spoofed traffic.

"In an advisory sent Wednesday afternoon, the networking company said a variety of devices could be forced to reboot by sending them internet packets with maliciously formed TCP options. The flaw affects versions 3 through 10 of Junos, the operating system that powers devices at ISPs, backbones, and other large networks. Software releases built on or after January 28, 2009 have already fixed the issue.

"`The Junos kernel will crash (i.e. core) when a specifically crafted TCP option is received on a listening TCP port,` the bulletin, which was issued by Juniper's technical assistance center, stated. `The packet cannot be filtered with Junos's firewall filter. A router receiving this specific TCP packet will crash and reboot.`

"There are `no totally effective workarounds,` the bulletin added."

More at The Register...

Wednesday, January 6, 2010

School District Locks Barn Door

"Over three days last month, about $3 million was drained by computer hackers from the bank account of the Duanesburg Central School District and deposited into overseas accounts. The cyber crime has prompted a joint probe into what banking and security officials say is a growing problem, underscoring the need for airtight internal controls.

"Duanesburg Superintendent Christine Crowley said during a news conference Tuesday at Duanesburg Elementary that the discovery of the unauthorized electronic transfers from the district coffers three days before Christmas left her in `total shock` and then `sheer anger.`

"...In response to the security breech, Crowley said Duanesburg school officials have closed all district bank accounts and established new ones with restricted online access."

More at