Saturday, September 01, 2007

U.S. Toll in Iraq

Via The Boston Globe (AP).

As of Saturday, Sept. 1, 2007, at least 3,738 members of the U.S. military have died since the beginning of the Iraq war in March 2003, according to an Associated Press count. The figure includes seven military civilians. At least 3,061 died as a result of hostile action, according to the military's numbers.

The AP count is three higher than the Defense Department's tally, last updated Friday at 10 a.m. EDT.

More here.

And as always, cryptome.org keeps a very, very extensive list here, as does the Iraq Coalition Casualty Count website here.

Securing (Or Not) Your Right to Vote

Steven Levy writes in Newsweek:

It was the most devastating confirmation to date of what security experts have been saying for years: vulnerabilities in election machines are so severe that voters have no way of knowing for sure that the choices they enter into the touchscreens and ballots will actually be counted.

"The studies show that these machines are basically poison," says Avi Rubin, a Johns Hopkins computer-science professor and voting-security expert.

More here.

MPLS Proposal Spawns IETF, ITU Turf War

Carolyn Duffy Marsan writes on NetworkWorld:

The Internet Engineering Task Force (IETF) is at odds with the International Telecommunication Union (ITU) over a special transport network architecture the ITU’s Telecommunication Standardization Sector (ITU-T) is developing to allow Multiprotocol Label Switching (MPLS) traffic to run over an Ethernet backbone. Among the network equipment vendors that have been contributing to the development are Alcatel-Lucent, Ericsson, Fujitsu and Tellabs.

The problem, according to the IETF, is that the ITU’s Transport-MPLS (T-MPLS) specification will not work with the billions of dollars in routers and switches that carriers have installed in recent years based on the IETF’s MPLS standards.

"The situation is catastrophic," says Stewart Bryant, IETF liaison to the ITU-T on MPLS issues and a technical leader at Cisco. "There’s a fundamental opportunity for a major train wreck" between the IETF's MPLS and the ITU-T’s T-MPLS.

More here.

The Criminal Underground: A Walk on the Dark Side

Via The Economist.com.

According to VeriSign, one of the world’s largest internet security companies, RBN, an internet company based in Russia’s second city, St Petersburg, is “the baddest of the bad”. In a report seen by The Economist, VeriSign’s investigators unpick an extraordinary story of blatant cybercrime that implies high-level political backing.

In one sense, RBN (Russian Business Network) does not exist. It has no legal identity; it is not registered as a company; its senior figures are anonymous, known only by their nicknames. Its web sites are registered at anonymous addresses with dummy e-mails. It does not advertise for customers. Those who want to use its services contact it via internet messaging services and pay with anonymous electronic cash.

But the menace it poses certainly exists. “RBN is a for-hire service catering to large-scale criminal operations,” says the report. It hosts cybercriminals, ranging from spammers to phishers, bot-herders and all manner of other fraudsters and wrongdoers from the venal to the vicious. Just one big scam, called Rock Phish (where gullible internet users were tricked into entering personal financial information such as bank account details) made $150m last year, VeriSign estimates.

More here.


Programming Note: Highland Games


So, I'll be enjoying some great Scottish meat pies, Scottish Ale, and an all-around good time on Saturday at the 142nd Annual Scottish Highland Games at the Alameda County Fairgrounds.

I attended last year, and it was a blast. (My clan info here.)

If you're in the area, it's a grand event -- the largest in North America.

And blogging will undoubtedly be light.

Cheers!

- ferg

Friday, August 31, 2007

Gapingvoid: No one.

Via gapingvoid.com. Enjoy!


U.S. Toll In Iraq, Afghanistan

Iraq and Afghanistan statistics via The Boston Globe (AP).

As of Friday, Aug. 31, 2007, at least 3,737 members of the U.S. military have died since the beginning of the Iraq war in March 2003, according to an Associated Press count. The figure includes seven military civilians. At least 3,061 died as a result of hostile action, according to the military's numbers.

The AP count is two higher than the Defense Department's tally, last updated Friday at 10 a.m. EDT.

As of Friday, Aug. 31, 2007, at least 364 members of the U.S. military had died in Afghanistan, Pakistan and Uzbekistan as a result of the U.S. invasion of Afghanistan in late 2001, according to the Defense Department. The department last updated its figures Aug. 28, 2007.

Of those, the military reports 239 were killed by hostile action.

More here and here.

And as always, cryptome.org keeps a very, very extensive list here, as does the Iraq Coalition Casualty Count website here.

SWIFT: U.S. Cites ‘Secrets’ Privilege as It Tries to Stop Suit on Banking Records

Eric Lichtblau writes in The New York Times:

The Bush administration is signaling that it plans to turn again to a legal tool, the “state secrets” privilege, to try to stop a suit against a Belgian banking cooperative that secretly supplied millions of private financial records to the United States government, court documents show.

The suit against the consortium, known as Swift, threatens to disrupt the operations of a vital national security program and to disclose “highly classified information” if it continues, the Justice Department has said in court filings.

A hearing on the suit is scheduled for Friday in federal court in Alexandria, Va.

The “state secrets” privilege, allowing the government to shut down litigation on national security grounds, was once rarely used. The Bush administration has turned to it more than 30 times in terrorism-related cases, seeking to end public discussion of cases like the claims of an F.B.I. whistle-blower and the abduction of a German terrorism suspect.

More here.

U.S. Military Censors ThinkProgress


Via Think Progress.

ThinkProgress is now banned from the U.S. military network in Baghdad.

Recently, an avid ThinkProgress reader — a U.S. soldier serving his second tour in Iraq — wrote to us and said that he can no longer access ThinkProgress.org.

More here.

Storm Worm Dwarfs World's Top Supercomputers

Brian Krebs writes on Security Fix:

Lawrence Baldwin, chief forensics officer for myNetWatchman.com and a researcher who closely monitors the spread of the Storm worm, said the sheer power of the Storm network is "scary."

"People aren't respecting the threat this thing represents," Baldwin said. "But when you pit it against the biggest military and government supercomputing resources, they're like a speck on the back of a fly compared to the power that's under the control of this one criminal group."

More here.

California Bill Holding Retailers Responsible for Breach Costs Advances

Jaikumar Vijayan writes on ComputerWorld:

Retailers hoping to convince California lawmakers not to pass a proposed bill that would require them to pay banks and credit unions for the costs associated with a data breach lost another important round Thursday.

The state's Senate Appropriations Committee approved the landmark Consumer Data Protection Act or AB 779, by a 13-2 vote late Thursday. The measure, authored by Assemblyman Dave Jones, (D-Sacramento), won overwhelming approval (58-2) in the State Assembly in early June.

The bill is now expected to go before the full Senate in as little as a week. If approved, it would then go to Gov. Arnold Schwarzenegger for his approval.

More here.

German Spyware Plans Trigger Concerns

Via The BBC.

German government plans to spy on terror suspects by deploying malicious e-mails have drawn sharp criticism.

The e-mails would contain Trojans - software that secretly installs itself on suspects' computers, allowing agents to search the hard drives.

German Interior Minister Wolfgang Schaeuble is quoted as saying the spyware would be used only in a few cases and for a limited time.

The measure would form part of a new anti-terrorism bill.

A spokeswoman for the opposition Free Democrats, Gisela Piltz, called the proposal a totally unacceptable intrusion into privacy.

But a spokesman for Chancellor Angela Merkel said she supported the measure.

More here.

Thursday, August 30, 2007

U.S. Toll in Iraq, Afghanistan

Iraq and Afghanistan statistics via The Boston Globe (AP).

As of Thursday, Aug. 30, 2007, at least 3,735 members of the U.S. military have died since the beginning of the Iraq war in March 2003, according to an Associated Press count. The figure includes seven military civilians. At least 3,058 died as a result of hostile action, according to the military's numbers.

The AP count is three higher than the Defense Department's tally, last updated Thursday at 10 a.m. EDT.

As of Thursday, Aug. 30, 2007, at least 364 members of the U.S. military had died in Afghanistan, Pakistan and Uzbekistan as a result of the U.S. invasion of Afghanistan in late 2001, according to the Defense Department. The department last updated its figures Aug. 28, 2007.

Of those, the military reports 239 were killed by hostile action.

More here and here.

And as always, cryptome.org keeps a very, very extensive list here, as does the Iraq Coalition Casualty Count website here.

Verizon and U.S. Government Seek Dismissal of Data-Mining Programs on Secrecy and Free Speech Grounds

Ryan Singel writes on Threat Level:

Verizon and its government allies told a federal court judge Thursday that national security requires the dismissal of lawsuit accusing the phone provider of violating federal privacy laws by allegedly providing millions of phone records to a secret anti-terrorism data-mining program. Verizon also argues that the nation's telephone privacy laws interferes with the company's free speech rights.

Justice Department special counsel Anthony Coppolino argued that since the government has not confirmed or denied data mining call records, the program is a secret and the court needed to defer to the executive branch.

More here.

Cisco, Trend Micro in Collaboration Agreement

Via The Silicon Valley/San Jose Business Journal.

Cisco Systems Inc. and Trend Micro Inc. said Thursday they signed an agreement that will incorporate Trend Micro's security services into Cisco's network infrastructure products.

San Jose-based Cisco said the agreement advances the two companies' relationship, which started in 2004 when they began plans to incorporate Tokyo-based Trend Micro's content security services into Cisco's Adaptive Security Appliance family.

More here.

Full Disclosure: Trend Micro, Inc., is my employer...

Computer Hacking Conviction in San Diego

Via FBI.gov.

United States Attorney Karen P. Hewitt announced that Jon Paul Oson was convicted today by a federal jury in San Diego on federal computer hacking charges. Mr. Oson was charged in an indictment on August 25, 2006, with two counts of intentionally damaging protected computers. Following a trial before the Honorable Thomas J. Whelan, United States District Judge, that started on August 21, 2007, Oson was convicted on both counts.

The evidence at trial established that, among other things, as summarized below, Oson deleted patient data of the North County Health Services clinic (“NCHS”), which data was stored at the facilities of Oson’s former employer, the Council of Community Health Clinics (“CCC”), in San Diego. In addition to causing financial losses at CCC, NCHS and other CCC member clinics, the deletion of the data caused patient care at NCHS to suffer.

According to court documents, Mr. Oson was employed as a network engineer and as technical services manager for the Council of Community Health Clinics from May 2004 until October 2005. CCC is a non-profit organization that provides a variety of services to its membership and consists of seventeen Community Health Clinics located in San Diego and Imperial Counties. The largest member clinic is North County Health Services. NCHS, like the other member clinics of CCC, provides medical services to the poor, the uninsured and the under-insured. NCHS used CCC’s information technology services to host and manage its Practice Management system. This software is used by NCHS for billing, scheduling of patient appointments and for tracking medical information of NCHS patients, including diagnosis, treatment plans and case history. Mr. Oson’s resignation from CCC followed a performance evaluation that he perceived as negative.

More here.

Massive Online Games Malware Attack

Dancho Danchev writes on Mind Streams of Information:

Despite Storm Worm's worldwide media coverage, there're many other malware campaigns currently active in the wild, again exploiting outdated browser vulnerabilities such as this one aiming to steal passwords for MMORPGs.

The folks at the SANS ISC recently assessed yet another malicious URL following a lead from the recently breached site of Leuven, a city in Belgium. Apparently, the Chinese domain that's naturally exploiting an already patched vulnerability has been embedded within many other sites as well.

More here.

Local: EarthLink Out of San Francisco Wireless Plan

An AP newswire article, via The Mercury News, reports that:

EarthLink on Wednesday bowed out of a deal to join Google in providing free wireless Internet access throughout San Francisco, according to the mayor's office.

EarthLink Chief Executive Rolla Huff told Mayor Gavin Newsom during a telephone call "they were not going to be able to fulfill their end of the bargain," said Nathan Ballard, Newsom's spokesman.

Huff delivered the news a day after he announced that the Atlanta-based Internet service provider planned to cut costs by eliminating 900 jobs and closing its offices in four cities, including San Francisco.

More here.

Bank of India Website Hijacked, Launching Exploits


Ryan Naraine writes on the Zero Day Blog:

The Bank of India Web site has been hijacked by online criminals and is being used to serve up rootkits and backdoor Trojans on unpatched Windows machines.

Malware hunters at Sunbelt Software are warning that a snippet of code has been planted into the Bank of India Web site to redirect surfers to an exploit server.

There is evidence that the Russian Business Network (RBN), a group known for aggressive malware attacks, is behind this latest high-profile site compromise.

More here.

Note: This site is still hosting malicious content at this time -- PLEASE USE CAUTION.

Also, there is embedded text in the HTML that says (in Russian), "Remember you are always being watched".

Any vulnerable Bank of India customers who have visited the compromised website should seek assistance in getting their PCs cleaned up or re-formatted -- they may have already been infected with malware which could steal their account information, or worse.

JPL Scientists Sue Federal Government and Caltech for NASA's Background Checks

Kristen Philipkoski writes on Wired Science:

Over his four decades at the California Institute of Technology's Jet Propulsion Laboratory, Dennis Byrnes worked on the Apollo 7 spacecraft, set the Galileo probe on a course to Jupiter and received a NASA Exceptional Engineering Achievement Award.

But because Byrnes won't let federal investigators snoop into intimate details of his personal life, he could lose his job.

Byrnes is one of 28 Jet Propulsion Lab (JPL) senior scientists and engineers who today sued NASA, the Department of Commerce and CalTech over background checks required of all federal employees by the Department of Homeland Security.

More here.

Chinese See Military Dependence on Computers as Weakness

David Lague writes in The International Herald Tribune:

Diplomatic tension this week over reported Chinese computer attacks on German government networks comes as security experts warn that China is expanding its capacity to wage cyberwar as part of its rapid military buildup.

U.S. and other foreign military analysts say that Chinese defense planners have identified the heavy dependence on computers of most modern military forces as a potential weakness that could be exploited in a conflict.

They cite articles and reports in Chinese military journals and magazines that suggest attacks aimed at extracting intelligence from enemy computer networks or disrupting communication and signals processing could deliver a decisive military advantage.

"It is part of China's concept of unlimited war," said Philip Yang, an expert on the Chinese military and professor of international relations at the National Taiwan University.

"The idea of unlimited war means employing all possible means including nontraditional or nonconventional means in the aim of winning the war."

More here.

Hacks Hit Embassy, Government E-mail Accounts Worldwide - UPDATE

A Computer Sweden article by Daniel Goldberg and Linus Larsson, via PC World, reports that:

Usernames and passwords for more than 100 e-mail accounts at embassies and governments worldwide have been posted online. Using the information, anyone can access the accounts that have been compromised.

Computer Sweden has verified the posted information and spoken to the person who posted them. The posted information includes names of the embassies and governments, addresses to e-mail servers, usernames and passwords. Among the organizations on the list are the foreign ministry of Iran, the Kazakh and Indian embassies in the U.S. and the Russian embassy in Sweden.

Freelance security consultant Dan Egerstad posted the information. He spoke openly about the leak when Computer Sweden contacted him.

"I did an experiment and came across the information by accident," he said. Egerstad says he never used the information to log in to any of the compromised accounts in order not to break any laws.

More here.

UPDATE: 12:27 PDT, 31 August 2007: Kim Zetter has additional details over on Threat Level.

Docs Show FBI Doesn't Understand Security

Ryan Singel writes on Threat Level:

Computer science professor Steven Bellovin -- one of the most knowledgeable outsiders on the government's eavesdropping mandates known as CALEA, pored over recently released documents that outline the FBI's extensive, eavesdropping architecture.

He concludes that they don't bode well for anyone.

More here.

NIST Issues Guidelines on Securing Web Services

William Jackson writes on GCN.com:

The National Institute of Standards and Technology has released a 128-page guide to help organizations understand the security challenges of Web services in service-oriented architecture.

NIST Special Publication 800-95, “Guide to Secure Web Services” [.pdf], provides practical guidance on current and emerging standards applicable to Web services in addition to background information on the most common security threats to SOAs based on Web services. The guidelines are hardware and software independent and do not address perimeter security devices such as firewalls or access control tools.

More here.

Sunday, August 26, 2007

China Counters German Hackers and Spying Reports

Via Reuters.

China rejected on Sunday a German magazine report that computer hackers believed to be linked to the Chinese army had infected German government ministries with spying programs.

The Der Spiegel magazine, in a report ahead of a visit by German Chancellor Angela Merkel to China, said that top German government ministries, including Merkel's office, had been infected by the attack.

More here.

Programming Note: ISOI III & Washington D.C.


I'm headed to D.C. later this morning (Sunday) for the Internet Security Operations and Intelligence (ISOI) III workshop, so blogging will be spotty for the next few days.

Cheers.

- ferg