Saturday, December 08, 2007

Vermont State Police Say They Overstepped Boundaries on Drug Investigation

Terri Hallenbeck writes in The Burlington Free Press:

Vermont State Police acknowledged Friday that three detectives had asked three pharmacies for lists of customers who bought certain prescription drugs, and said the requests were against policy and would be discontinued.

State police often seek the help of pharmacists when investigating prescription drug fraud, but in these cases last week, police made a blanket request not associated with a particular suspect, Flannigan said. That doesn't violate the law but does go against state police procedure because it violates customers' privacy, he said.

More here.

Image from the film: Super Troopers

Image of the Day [2]: I Can Has Bastet...

One of our cats, Bastet. She likes baskets.

Made with LOLcat Builder.

Cop in Taser Probe Fired for MySpace Pics

David Schoetz writes on ABC News:

An Ohio police officer whose decision to Taser a pregnant woman last month in the lobby of a police station triggered FBI and internal probes is out of a job before those investigations are even complete.

Michael Wilmer, a 29-year-old probationary officer with the Trotwood Police Department, was fired from the department for posting photos of evidence from police investigations on the Internet, according to Michael Etter, the town's head of public safety.

During the investigation into the Taser incident, officials discovered "items that are not consistent" with the standards of the local police department. Specifically, Wilmer had posted photos on his personal page on the social networking site MySpace that showed behavior the department considered unbecoming of an officer.

More here.

Image of the Day: Merry Chrifsmas


Friday, December 07, 2007

In Remembrance: Pearl Harbor

USS California sinking.
Pearl Harbor Collection of pictures taken by military personnel.

Image source: Wikimedia

You Are Not Forgotten

On this day in 1941 -- a day that will live in infamy -- the Imperial Japanese Navy made its attack on Pearl Harbor.

The surprise attack on Pearl Harbor, Oahu, Hawaii, was aimed at the Pacific Fleet of the United States Navy and its defending Army Air Corps and Marine air forces. The attack damaged or destroyed twelve U.S. warships, destroyed 188 aircraft, and killed 2,403 American servicemen and 68 civilians.

Admiral Isoroku Yamamoto planned the raid as the start of the Pacific Campaign of World War II, and it was commanded by Vice Admiral Chuichi Nagumo, who lost 64 servicemen. However, the Pacific Fleet's three aircraft carriers were not in port and so were undamaged, as were oil tank farms and machine shops. Using these resources the United States was able to rebound within six months to a year.

The U.S. public saw the attack as a treacherous act and rallied strongly against the Japanese Empire, resulting in its ultimate defeat.

It absolutely "...awakened the sleeping U.S. behemoth".

Sixty-six years later, we haven't forgotten you.

- ferg

U.S. Toll in Iraq, Afghanistan

Iraq and Afghanistan statistics via The Boston Globe (AP).

As of Friday, Dec. 7, 2007, at least 3,886 members of the U.S. military have died since the beginning of the Iraq war in March 2003, according to an Associated Press count. The figure includes eight military civilians. At least 3,165 died as a result of hostile action, according to the military's numbers.

The AP count is one higher than the Defense Department's tally, last updated Friday at 10 a.m. EST.

As of Friday, Dec. 7, 2007, at least 401 members of the U.S. military had died in Afghanistan, Pakistan and Uzbekistan as a result of the U.S. invasion of Afghanistan in late 2001, according to the Defense Department. The department last updated its figures Dec. 1 2007, at 10 a.m. EST.

Of those, the military reports 271 were killed by hostile action.

More here and here.

And as always, keeps a very, very extensive list here, as does the Iraq Coalition Casualty Count website here.

Quote of the Day: Gene Spafford

"Certainly, anyone following the news and listening to what we’ve been saying here will recognize these trends. All are natural consequences of increased connectivity and increased presence of valued information and resources online, coupled with weak security and largely ineffectual law enforcement."

"If value is present and there is little or no protection, and if there is also little risk of being caught and punished, then there is going to be a steady increase in system abuse."

- Professor Eugene H. Spafford (someone who I have long respected & admired), in a very insightful comment on the CERIAS Blog regarding the 2008 McAfee Virtual Criminology Report.

Group Wants to Rename Portland's 42nd Blvd. to Douglas Adams Blvd.

Via The Website at The End of The Universe.

A group in Portland is lobbying the local government to rename 42nd Blvd. to Douglas Adams Blvd. to commemorate the deceased author.

Adams fans will instantly get the reference as he once had a computer famously answer the question of what is the meaning of life, the universe and everything as 42.

More here.

New Zealand Botmaster Facing Extradition to U.S.

Phil Taylor writes on The New Zealand Herald:

The teenager at the centre of an international cyber scam could face extradition to the United States, where cyber crimes carry strong penalties including long jail sentences.

Malicious software that Whitianga 18-year-old Owen Walker is suspected of having created is central to investigations in Holland and the United States.

If evidence is found that warrants charges, Walker could be charged either here or in the United States.

More here.

Ex-Microsoft Employee Charged With Fraud

Robert McMillan writes on InfoWorld:

The former Microsoft employee associated with the company's notorious December 1999 Hotmail outage has been charged with fraud.

Carolyn Gudmundson was indicted Thursday on charges that she raked in more than $1 million during a four-year period by falsifying expense reports she filed for domain name registration charges.

Gudmundson, a former program manager at Microsoft's MSN division, is charged with using her position within the company to run a number of different scams between 2000 and 2004. According to U.S. attorneys, she would use her corporate American Express charge for domain name registration fees, but then submit copies of invoices that carried inflated charges.

In another alleged scam, she is charged with convincing a Microsoft contractor, Marksmen Inc., to send checks to her attention at Microsoft, claiming they were being used to repay a Microsoft employee, G.M. Lossman, for transferring domain names into Microsoft's control. Those checks were cashed in Gudmundson's mother's account, according to the U.S. Department of Justice.

More here.

U.S. Investigators Believe Chinese Hackers Carried Out 'Sophisticated' Attacks Against Labs

Jack Date, Jason Ryan, Richard Sergay, and Theresa Cook write for ABC News:

A "sophisticated cyberattack" has been detected at Oak Ridge National Laboratory over the last several weeks, and authorities suspect the hackers are based in China.

The breach might have compromised the personal information of thousands of visitors to the lab, according to a communiqué sent to employees.

The intrusion is under active investigation by multiple agencies. FBI and Department of Homeland Security officials tell ABC News they believe the attacks originated in China with Chinese entities probing U.S. systems.

Investigators have not been able to determine whether the attacks came from government or private entities in China.

More here.

Gartner: Victims of Online Phishing Up Nearly 40% in 2007

Jack Rogers writes on SC Magazine US:

An annual study by Gartner will report that the number of consumers who were taken in by bogus online offerings increased by nearly 40 percent in 2007 over the previous year.

Gartner vice president and research director Avivah Litan told that the report will reveal that 3.2 percent of adults in the United States who said they received phishing emails this year lost money as a result of these scams, compared with 2.3 percent of the total in 2006.

Industry analysts estimate that the overall cost to consumers of online fraud is approaching $3 billion for 2007, compared with $2 billion in losses reported last year, while more than three million consumers have been victimized. This upward trend is expected to continue as phishing expeditions get more sophisticated and security upgrades play catch-up.

More here.

South Africa: Web Fraudsters Hit Orphans' NGO

Lee Rondganger writes on

An online fraud syndicate hacked into the bank account of a non-profit organisation and stole more than R90 000 [US$13,415] from orphans and vulnerable children.

They have done this by developing a way that bypasses the bank's highest online security measure for its clients by eliminating the one time password (OTP) that they should receive.

A Joburg hacking syndicate recently stole R90 460 [US$13,483] from the Standard Bank Internet banking account of a Cape Town NGO by cloning the chief financial officer's SIM card.

The NGO, The Novalis Ubuntu Institute, which works with orphans and vulnerable children, had its bank account hacked into on November 15.

More here.

(Props, Flying Hamster.)

Thursday, December 06, 2007

U.S. Toll in Iraq

Via The Boston Globe (AP).

As of Thursday, Dec. 6, 2007, at least 3,886 members of the U.S. military have died since the beginning of the Iraq war in March 2003, according to an Associated Press count. The figure includes eight military civilians. At least 3,164 died as a result of hostile action, according to the military's numbers.

The AP count is two higher than the Defense Department's tally, last updated Thursday at 10 a.m. EST.

More here.

And as always, keeps a very, very extensive list here, as does the Iraq Coalition Casualty Count website here.

Hackers Get Data of U.S. Federal Lab Visitors

Duncan Mansfeild writes on The Daily News:

The Oak Ridge National Laboratory revealed on Thursday that a "sophisticated cyber attack" over the last few weeks may have allowed personal information about thousands of lab visitors to be stolen.

The assault appeared "to be part of a coordinated attempt to gain access to computer networks at numerous laboratories and other institutions across the country," lab director Thom Mason said in a memo to the 4,200 employees at the Department of Energy facility.

Oak Ridge officials would not identify the other institutions affected by the breach. But they said hackers may have infiltrated a database of names, Social Security numbers and birth dates of every lab visitor between 1990 and 2004.

More here.

Image of the Day: How To Determine The Truth on The Internet

Image source: Sean Bonner, via Boing Boing.

Microsoft Vista's IPv6 Raises New Security Concerns

Carolyn Duffy Marsan writes on NetworkWorld:

Members of the Internet engineering community have raised several new security concerns about Teredo, a mechanism for sending IPv6 traffic over IPv4 networks that comes turned on by default in Microsoft’s Vista software.

Symantec and Ericsson security experts who called attention to the issue say they are concerned that Teredo bypasses network security through such devices as firewalls. Microsoft officials could not be reached for comment.

In a 20-page document titled "Teredo Security Concerns," James Hoagland of Symantec and Suresh Krishnan of Ericsson, outline several new security concerns about running Teredo in managed, corporate network environments. The document is the result of an independent analysis of Teredo’s security implications that was conducted by Symantec.

More here.

Patch Tuesday: Microsoft Advance Notification

Via The Microsoft Security Response Center (MSRC).

As part of our regularly scheduled bulletin release, we’re currently planning to release:

  • Six Microsoft Security Bulletins affecting Microsoft Windows with a Maximum Severity rating of Critical. Some of these updates will require a restart and will be detectable using the Microsoft Baseline Security Analyzer and the Enterprise Scan Tool.
  • One Microsoft Security Bulletin affecting Internet Explorer with a Maximum Severity rating of Critical. This update will require a restart and will be detectable using the Microsoft Baseline Security Analyzer and the Enterprise Scan Tool.

As we do each month, the Microsoft Windows Malicious Software Removal Tool will be updated.

More here.

Air Force Cyber Command = Big Money

Sharon Weinberger writes on Danger Room:

One of the enduring dilemmas of modern defense contracting is the vicious circle: the Pentagon dreams up huge requirements for technology too complex to be managed by the Defense Department; the military contracts it out to a private company to oversee and integrate the various elements; the costs go up as the company attempts to meet the military's vastly unrealistic requirements; Congress gets angry; and everyone points fingers at someone else. So sad.

I suspect we may have the opportunity to see this at work at the very beginning stages with something that is inherently a good idea: Cyber Command. Aviation Week reports that already Air Force officials are talking about big money being available for contracts in this area...

More here.

Western Digital Network Drives Crippled -- No Serving Any Multimedia Files

Via Boing Boing.

This is the most extreme example I've seen yet of tech companies crippling data devices in order to please Hollywood: Western Digital is disabling sharing of any avi, divx, mp3, mpeg, and many other files on its network connected devices, due to "unverifiable media license authentication".

More here.

Wow. -ferg

Image source:

Quote of the Day: Emily Price

"This type of advertising makes Facebooks Beacons look benign."

- Emily Price, contributing PC World journalist, commenting on a WSJ report that Louisiana-based "...CenturyTel will be working with the company NebuAd to collect information about what their customers do while online. NebuAd will then take the information it collects about CenturyTel customers’ surfing habits and allow advertisers to reach CenturyTel customers with extremely well targeted online ads."

Aladdin: Search Engines Contain Page-Caching Flaw

Jim Carr writes on SC Magazine US:

Researchers at Aladdin Knowledge Systems have discovered a “significant” vulnerability in the page-caching technologies of three major search engines, allowing them to deliver malicious pages that have been removed from the web.

The researchers discovered the vulnerability when analyzing the content of a hacked university website. The site was cleaned, but malicious content was still reachable via search engine caches.

The flaw is a "glimpse of the future" of multifaceted web-based attacks, said Ofer Elzam, director of product management at Aladdin.

More here.

UK: Massive Hack in Fasthosts

Simon de Bruxelles writes in The Times Online:

Hundreds of websites have been shut down temporarily by one of the largest web hosting companies in Britain after the personal details of customers were stolen by computer hackers.

The hackers managed to access the “master database” of Fasthosts for information, including addresses, bank details, e-mails and passwords.

The action is expected to lose vital business for hundreds of small companies in the run-up to Christmas.

Fasthosts claimed that it had no option other than to perform an emergency shutdown after it discovered that the hackers had tried to use information gleaned from its servers. New passwords had to be sent out by post rather than e-mail to avoid the information being compromised again.

More here.

Wednesday, December 05, 2007

My 2008 Network Security Prediction: Bad to Worse


With assistance from the Add Letter Sign Generation Factory.

The Onion: Man on the Street: Iran Gave Up Nuke Program In 2003

Click for larger image.


Via The Onion, "America's Finest News Source".

U.S. Toll in Iraq

Via The Boston Globe (AP).

As of Wednesday, Dec. 5, 2007, at least 3,886 members of the U.S. military have died since the beginning of the Iraq war in March 2003, according to an Associated Press count. The figure includes eight military civilians. At least 3,163 died as a result of hostile action, according to the military's numbers.

The AP count is three higher than the Defense Department's tally, last updated Wednesday at 10 a.m. EST.

More here.

And as always, keeps a very, very extensive list here, as does the Iraq Coalition Casualty Count website here.

Government Employee e-Mail Retention Requirements Consistently Flaunted

Eric Kelderman writes on

E-mail has become the communications tool of choice in the past decade, but imbroglios involving the governors of Missouri and Texas show that the rules of paperless messaging are still evolving and can create problems for state government.

A newspaper columnist’s request in August for e-mail records triggered a political maelstrom in Missouri, and an investigation by the attorney general. In the aftermath, Gov. Matt Blunt (R) has fired one member of his legal team and replaced his chief of staff and top lawyer.

Meantime, Texas Gov. Rick Perry (R) is under fire from good government groups for his policy of deleting e-mail files after seven days. Perry’s woes are being exacerbated by an activist’s incessant demands for email records.

On one level, rules about how to preserve e-mail for public records have not caught up with the technology. Sunshine laws in 18 states do not refer to e-mail at all, according to the Reporters Committee for Freedom of the Press, an open government advocacy group. Even in states such as Missouri and Texas where laws or regulations explicitly require preserving some official e-mail, decisions on which emails to keep or discard vary by department and are sometimes left to individual employees.

More here.

U.S. House Vote on 'Illegal Images' Sweeps in WiFi, Websites

Declan McCullagh writes on the C|Net "Iconoclast" Blog:

The U.S. House of Representatives on Wednesday overwhelmingly approved a bill saying that anyone offering an open WiFi connection to the public must report illegal images including "obscene" cartoons and drawings -- or face fines of up to $300,000.

That broad definition would cover individuals, coffee shops, libraries, hotels, and even some government agencies that provide WiFi. It also sweeps in social networking sites, domain name registrars, Internet service providers, and e-mail service providers such as Hotmail and Gmail, and it requires that the complete contents of the user's account be retained for subsequent police inspection.

More here.

Duke University Law School Website Infiltrated by Hackers

Dan Kaplan writes on SC Magazine US:

Hackers, possibly trying to embed links to improve search engine result rankings, may have viewed the sensitive information of 1,400 prospective applicants to Duke University on the institution's law school website, school officials said today.

Webmasters for the Durham, N.C.-based law school were notified of the intrusion last week when they detected unauthorized links on the website, spokeswoman Melinda Vaughn told today. Officials removed the unauthorized code and shut down the site last Thursday. It remains offline today.

An investigation revealed that the hackers burrowed their way in through a vulnerability in third-party blog software used on the site, she said, declining to name the provider.

This access permitted the intruders to view two databases, one containing the Social Security numbers of 1,400 individuals who had requested information about Duke Law School, she said.

The other database contained the contact information and passwords for 1,800 current applicants, Vaughn said. School officials worry that the students may use these same passwords in other, more sensitive places, such as banking websites.

More here.

GAO: U.S. Airports Face Risk of 'Catastrophic Runway Collision'

Alan Levin writes on USA Today:

The nation faces "a high risk of a catastrophic runway collision" and efforts to improve the problem have stumbled due to lackluster federal leadership, technology glitches and poor data collection, according to a congressional report released Wednesday.

The Federal Aviation Administration has failed to update its runway safety plan in five years, cut funding to its runway safety office and did not appoint a permanent head of the office for two years, the Government Accountability Office said. The GAO is the watchdog arm of Congress.

While the most serious incidents reported on the nation's runways fell to 24 in fiscal 2007 from 31 the previous year, the overall total of so-called "runway incursions" has gone up. The total number of incursions hit 370 in fiscal 2007, the highest since 2001.

The National Transportation Safety Board, which investigates aviation disasters, has declared runway safety a top national concern and has repeatedly called on the FAA to make safety improvements.

More here.

Toon of the Day: International Errorism

Click for larger image.

We love Mr. Fish.

Via Truthdig.

Cisco Security Agent for Windows Csatdi.sys Remote Buffer Overflow Vulnerability


A buffer overflow vulnerability exists in a system driver used by the Cisco Security Agent for Microsoft Windows. This buffer overflow can be exploited remotely and causes corruption of kernel memory, which leads to a Windows stop error (blue screen) or to arbitrary code execution.

The vulnerability is triggered during processing of a crafted TCP segment destined to TCP port 139 or 445. These ports are used by the Microsoft Server Message Block (SMB) protocol.

Cisco has released free software updates that address this vulnerability.

Common Vulnerabilities and Exposures (CVE) identifier CVE-2007-5580 has been assigned to this vulnerability.

More here.

UK: MI5 Calls in KPMG to Investigate Cyber Espionage

Russell Hotten writes in The Times:

The security service MI5 has asked consultants KPMG to lead a group to monitor cases of industrial espionage and co-ordinate information between Britain's leading companies.

MI5 is increasingly concerned at attempts by foreign governments to hack into the computer systems of major firms, and last week accused China of trying to steal corporate secrets.

KPMG, which works closely with the GCHQ listening station, is creating a "risk management information exchange", with a team of security and IT experts to assess "threat levels" and warn of imminent dangers.

More here.

Ron Paul is Not a Botmaster...

Dark Horse Republican Presidential Candidate Ron Paul

Robert McMillan writes on InfoWorld:

Ron Paul is not a botmaster. Security researchers have shut down a network of computers responsible for sending out nearly 200 million spam messages supporting the U.S. presidential candidate last month, and after analyzing the server's software, it's clear that there is no such thing as a Ron Paul botnet, according to Joe Stewart, a senior security researcher with SecureWorks.

"It probably wasn't even set up by a Ron Paul supporter," he said. "This whole system has been around since 2004. This [spam] somehow just landed in this underground spam economy."

When spam first surfaced, trumpeting Paul as the winner of a recent Republican presidential debate, the fact that it was being sent via illegally infected machines raised eyebrows. The spam messages have never been directly linked to the Ron Paul campaign, which has denied any involvement in the incident.

More here.

UK: Lost HMRC Data Discs 'Endanger Protected Witnesses'

Andrew Porter writes on The

Hundreds of people in police witness protection programmes have been put at risk by the loss of millions of child benefit records, The Daily Telegraph can reveal.

The missing data discs are understood to contain both the real names and the new identities of up to 350 people who have had their identities changed after giving evidence against major criminals.

The development is one of the most serious so far in the missing data discs scandal, in which the child benefit records of 25 million people - including their names, addresses, birth dates, national insurance numbers and bank account details - were lost by HM Revenue and Customs.

More here.

Technical Report: Studying Malicious Websites and the Underground Economy on the Chinese Web


Together with the researchers from the Chinese Honeynet Project, we also examined the extend of malicious websites on the Chinese Web. Using high- and low-interaction honeyclients, we were able to find about 2,500 sites (1,49% of overall examined sites) that tried to compromise an unpatched system.

Furthermore, we also studied the underground black market which is used to trade exploits, malware, and stolen virtual goods. Several measurements provide an insight into the black market on the Chinese Web and show that the attackers are organized pretty well. We published our findings as a technical report [.pdf] to share the lessons we learned.

More here.

Verizon Forced to Turn Over Text Messages

Declan McCullagh writes on the C|Net "Police Blotter":

It may not be that well known outside of police and telecommunications circles, but odds are excellent that your mobile phone provider saves copies of your SMS text messages. In a case that Police Blotter wrote about last year, federal police obtained logs of archived text messages from two unnamed wireless providers.

In addition, a judge in the Kobe Bryant sex case ordered the phone provider to turn over archived messages. Text messages were also part of the trial involving the attempted murder of rapper 50 Cent.

The most recent case dealing with SMS text messages does not involve a celebrity, though. It involves Susan Jackson, who pleaded guilty to wire fraud involving unauthorized transfers from her employer's bank account to her own NASA Federal Credit Union account.

More here.

UK: Government 'Failing on e-Crime'

Rory Cellan-Jones writes for The BBC:

IT chiefs at some of the UK's biggest companies have accused the government of failing to take e-crime seriously.

Members of the Corporate IT Forum have demanded that the Home Office keeps a promise to establish a police unit to deal with high-tech criminal gangs.

They say the abolition of the National High Tech Crime Unit in 2006 left a vacuum in the investigation of e-crime.

The Home Office said it takes the issue "seriously" and has allocated funding to make reporting cyber-crime easier.

But members of the Corporate IT Forum, a professional body for industry computer experts, claim that crimes have to be reported to local police who do not have the training to understand complex cases.

"It's a practical nonsense," said David Roberts, Chief Executive of the Corporate IT Forum.

More here.

French Government Watchdog Says eBay is Illegal in France


A French Government watchdog is trying to shut down eBay in France. The Council of Sales regulates auction houses and has said that the site should be bound by strict French auction rules.

The French eBay site does not have one of the Council's permits to operate as an auctions service and so does not have to abide by regulations which were made law in 2000. This, said the Council, gives it an unfair advantage and should change.

“This is unfair competition, because other auctioneers have to make sure they are transparent and that they provide guarantees,” Council chairman Christian Giacomotto told The Times newspaper. "Our ambition is not to regulate the world, but we want groups such as eBay to accept their responsibility.”

The Council has filed a lawsuit against eBay in France and hopes that a court will rule that eBay is an auction house and must abide by French rules.

More here.

Tuesday, December 04, 2007

Image of the Day: LOLSheviks

LOLSheviks, via Laughing Squid.

How TJX Became a Lesson In Proper Security

Andy Patrizio writes on

The TJX security breach is threatening to rank as one of the most expensive lessons in corporate data security policies.

With the retailer facing anywhere from $500 million to nearly $1 billion in expenses, not to mention a black eye with the public over how their credit card data is secured, this experience should serve as a lesson to other retail outlets on securing their networks. How well they are learning is the question.

The latest chapter in this still-unfinished book is a settlement between TJX Companies and Visa U.S.A. Under the agreement, TJX will pay a maximum of $40.9 million to fund an alternative recovery payments program for customers affected by the breach. TJX has already taken the charge for the settlement, and by settling with Visa holders, staves of potential lawsuits.

More here.

Grisoft Acquires Exploit Prevention Labs

Via SC Magazine US.

Anti-virus vendor Grisoft announced today that it has acquired web-browsing security provider Exploit Prevention Labs.

Financial terms of the acquisition were not disclosed. The deal is expected to close by the end of the year, according to Grisoft.

Most of Exploit Prevention Labs' 18 employees will join Czech Republic-based Grisoft, representatives of the firm said on Tuesday.

Key Exploit Prevention Labs employees will move to new positions after the acquisition is completed. Roger Thompson, Exploit Prevention Labs' chief technology officer will become Grisoft's chief research officer, and Greg Mosher will move from vice president of development to vice president of engineering. Chris Weltzien, Exploit Prevention Labs' chief operating officer, will become Grisoft vice president of business development.

More here.

NSA Certifies New General Dynamics Secure VoIP Phone

The newly NSA-certified General Dynamics Sectéra® vIPer™ Phone.

Via UPI.

General Dynamics' new Sectera secure phone has been certified by the U.S. National Security Agency.

General Dynamics C4 Systems, a business unit of General Dynamics, said in a statement last week that the Sectera vIPer Phone had been "certified by the National Security Agency to protect classified communications via voice over Internet Protocol -- VoIP -- networks at the Top Secret level and below."

More here.

Image source: General Dynamics C4 Systems

U.S. Toll in Iraq

Via The Boston Globe (AP).

As of Tuesday, Dec. 4, 2007, at least 3,883 members of the U.S. military have died since the beginning of the Iraq war in March 2003, according to an Associated Press count. The figure includes eight military civilians. At least 3,163 died as a result of hostile action, according to the military's numbers as of Friday.

The AP count is the same as the Defense Department's tally, last updated Tuesday at 10 a.m. EST.

More here.

And as always, keeps a very, very extensive list here, as does the Iraq Coalition Casualty Count website here.

Pacific Northwest Storms Cut Wireless Service, Including 9-1-1


When storms washed out local phone networks up and down Oregon's coast early Monday, some folks turned to their cell phones. Wireless service, surely, could survive wind and water that blew down wires and washed out cables.

Turns out, though, that even cellular carriers rely on cables to carry their phone traffic from region to region. So the same floods that cut off more than 20,000 phone lines from the outside world turned off many cell phones, too.

Some coastal communities had phone service restored early Tuesday, but calls still weren't getting through to areas of the north coast from Astoria to at least Cannon Beach. Phone companies said they hoped to have most service restored overnight.

More here.

Data Loss: Companies Still Failing to Enforce Security Rules

Matt Hines writes on InfoWorld's "Zero Day Security" Blog:

Creating the most comprehensive and restrictive security policies in the world won't do your company any good if you don't enlist means of enforcing them.

Should this be news?

One might think not, but apparently -- based on a new study published by Ponemon Institute and sponsored by DLP vendor RedCannon -- many companies are failing to implement their existing security rules, or express them in a manner that actually drives users to obey them.

Based on a survey of just under 900 corporate IT workers, the researchers found that many people believe that they can continue to skirt their employers' security laws, in those cases where they have even been made aware of them.

More here.

'Here Comes Another Bubble'

Very, very apropos.

And very high on entertainment value. :-)

(Hat-tip: Good Morning, Silicon Valley)

eBay: Fraud is an 'Internet Problem, Not an eBay Problem,'

Via CBC News.

EBay is not responsible for criminals who abuse its online auction service, said a company spokeswoman after CBC News reported on a Calgary man who lost $20,000 on an eBay transaction.

"That's an internet problem, not an eBay problem," Erin Sufrin said Monday about criminals engineering scams through the service.

Shaqir Duraj, a Calgary bakery owner, won an eBay auction for a car in October from what he thought was a reputable seller. But someone had actually taken over the seller's page in a scam known as hijacking.

Duraj wired $20,000 from his bank account's line of credit, thinking he was using PayPal, eBay's protected payment service. But the thief actually sent Duraj a fake duplicate PayPal site.

There is no sign of the car or the money.

More here.

Can 'Legit' Spyware Harm You?

Ashley Phillips writes for ABC News:

Nearly every week, consumers are haunted by stories of online-identity theft and that 21st century buzzword that strikes fear in the hearts of Web surfers around the world: spyware.

But not all spyware is created by hackers with nefarious plans to steal your Social Security number; some are produced by legitimate companies for employers, concerned parents and perhaps even suspicious spouses.

But according to experts, all the intent in the world won't keep that spyware from falling into the wrong hands.

More here.

Canada: Passport Applicant Finds Massive Privacy Breach

Kenyon Wallace writes on The Globe and Mail:

A security flaw in Passport Canada's website has allowed easy access to the personal information - including social insurance numbers, dates of birth and driver's licence numbers - of people applying for new passports.

The breach was discovered last week by an Ontario man completing his own passport application. He found he could easily view the applications of others by altering one character in the Internet address displayed by his Web browser.

More here.

(Props, Michael Geist.)

Researcher: Al Qaeda-Linked Websites Number 5,600

Ibtihal Hassan writes for Reuters:

There are now about 5,600 Web sites spreading al Qaeda's ideology worldwide, and 900 more are appearing each year, a Saudi researcher told a national security conference on Tuesday.

Saudi Arabia, the world's biggest oil exporter, has identified the Internet as a key battlefield with militants who launched a campaign to topple the U.S.-allied ruling royal family in 2003.

More here.

Carriers Mobilize for $24B in Military Telecom Contracts

Carolyn Duffy Marsan writes on NetworkWorld:

It’s the high-tech spoils of war: The U.S. military plans to award telecommunications contracts worth as much as $24 billion, and the top-tier carriers are signing up to get a piece of the action.

The U.S. Department of Defense is working on six major telecom contracts, and four of them are expected to be awarded in 2008. All of the nation’s largest carriers -- AT&T, Qwest Communications, Sprint Nextel and Verizon Business -- are planning to bid on these megadeals.

More here.

UK: Research Indicates IT Departments Are Biggest Source of Data Leaks

Via ComputerWorld UK.

IT personnel are to blame in 30% of all data breach incidents, according to research from security services firm Orthus.

Orthus monitored more than 100,000 hours of user activity over the last year through its data leakage audit service. The software, installed on endpoints, servers and terminal servers, records how sensitive information is removed from the corporate infrastructure, providing time and date stamped visual evidence of these data leaks.

Orthus found that IT departments were responsible for 30% of incidents. The customer service department is also a common offender, responsible for 22% of the incidents identified.

More here.

iPowerWeb Smackdown: Web Hosting Providers Let Security Sag

Lisa Vaas writes on eWeek:

Riddle: What do the city of Plainville, Kan., and the Transportation Authority of Marin County, Calif., have in common?

Answer: a Web hosting provider that can't seem to keep its DNS servers clean.

Both .gov domains in the past few months have seen their sites seeded with redirects to malicious servers in other countries that have pushed pornography, malware, Viagra ads and the like to site visitors.

TAM and Plainville are, in fact, two examples of what security researchers are calling an epidemic of sites being compromised through their hosting providers and injected with malicious Web attacker paths that lead to tool kits such as Icepack, Neosploit and Web Attacker. These malcode tool kits serve up anywhere from five to a dozen or more exploits that latch on to site visitors' machines through their browsers to infest the systems with malware.

More here.

DARPA Seeks 'Network Firing Ranges' for Cyber Weaponry

Lewis Page writes on The Register:

DARPA (Defence Advanced Research Project Agency), the Pentagon battle-boffins who would rather bet on a long shot than eat their dinners, are looking for the computer-net equivalent of a firing range or exercise training area [MS Word document details here].

The proposed "cyber network ranges" would be used to test revolutionary new cyber tactics and combat warez in the same way that meatspace firing ranges and test facilities are used to try out missiles and bombs.

More here.

Despite Controversy, DHS Continues Use of Data Mining

Alice Lipowicz writes on

Although the Homeland Security Department terminated a controversial visual analytics data mining program this summer, it continues to engage in visual analytics research in a separate program, a spokeswoman confirmed.

The ongoing visual analytics research at the Science and Technology Directorate is being publicized as a means of eventually identifying terrorists through potential use of data collected from video surveillance footage, cell phone calls, photos, bank records, chat rooms and e-mails. But no real-world, operational data is actually being used in the research, said DHS spokeswoman Amy Kudwa.

“It relies on synthetic data,’ Kudwa said. “It is purely research on ways to interact with data.”

Visual analytics is considered a form of data mining, which is defined as use of computer programs to find hidden patterns in large amounts of data and to use those patterns to predict behavior. Data mining is widely used in commerce, but it has been controversial in homeland security because of the fears of privacy loss and civil-rights violations. In visual analytics, the data is mapped in two- and three-dimensional formats and sometimes animated.

More here.

Monday, December 03, 2007

Australia: Storm Downs Aussie ISP Links

Andrew Colley writes on Australian IT:

Wild storms pounding the north western states of America have wiped out one of Australia's major internet traffic routes to the US.

Southern Cross Cable operations vice president, Dean Veverka, has confirmed that hurricane-strength storms and flooding have wiped out the carrier's Oregon cable route and halved its bandwidth between Australian and the US. Southern Cross's customers in Australia include iiNet, Internode and AAPT.

The cable had been severed between its Nedonna Beach and Hillsboro facilities, Mr Veverka said. The company has a secondary cable that reaches the US coast via Hawaii and California.

The outage has already begun hitting Australian internet providers. Greg Bader , the chief technology officer with Perth-based internet provider iiNet said it had already begun prioritising time-sensitive traffic to manage the outage.

More here.

U.S. Lawmakers To Probe FCC 'Transparency' Concerns

U.S. FCC Commissioner Kevin Martin

A Reuters newswire article, via InformationWeek, reports that:

A key House lawmaker said Monday he would investigate complaints about the way the U.S. Federal Communications Commission is being run by FCC chairman Kevin Martin.

House Energy and Commerce Committee Chairman John Dingell said a commerce subcommittee would look into "an apparent breakdown in an open and transparent regulatory process" at the FCC under Martin.

The chairman of the Energy and Commerce subcommittee on oversight and investigations, Bart Stupak, said he had received complaints about the FCC from the public and from communications industry professionals.

"It is one thing to be an aggressive leader, but many of the allegations indicate possible abuse of power and an attempt to intentionally keep fellow commissioners in the dark," said Stupak, a Democrat from Michigan.

FCC spokesman Clyde Ensslin said: "We will respond to the congressman as we do with all letters from members."

He declined further comment.

More here.

DSL Outage Hits Some AT&T Customers

An AP newswire article, via, reports that:

AT&T Inc. customers in the Southeast United States were unable to connect to the Internet through their DSL service for several hours Monday night because of an equipment problem, a company spokesman said.

Michael Coe, a spokesman for the San Antonio-based telecommunications company, said the digital subscriber line service was restored about 10 p.m. CST. Customers in nine states in the company's Southeast region were affected.

"The root cause of the disruption is still being investigated but appears to be an equipment impairment," Coe said in a statement.

Coe said the outage affected customers in Florida, Georgia, Louisiana, Mississippi, Alabama, North Carolina, South Carolina, Kentucky and Tennessee.

More here.

Technical Report: Characterizing the IRC-based Botnet Phenomenon

Thorsten Holz writes on The Honeyblog:

Together with a few researchers from China, we studied IRC-based botnets in order to understand the extent of this phenomenon. Using different kinds of honeypots and several sensors deployed across different regions in China, we were able to collect thousands of bot binaries. With the help of a behavior-based analysis mechanism similar to CWSandbox, we could extract the Command & Control (C&C) server in an automated way. In a third step, we used this information to connect to the actual C&C server and passively monitored the activity in the channel.

Furthermore, we also actively probed the C&C servers to find out other characteristics of these machines. The complete setup and our results are described in a technical report [.pdf] we just published.

More here.

Consumer Reports: More Than Half Of Cell Phone Users Dissatisfied

Elena Malykhina writes on InformationWeek:

Cell phone service is among the lowest-rated services, according to a survey released Monday by the Consumer Reports National Research Center.

The survey, due to be published in the 2008 issue of Consumer Reports, found that fewer than half of respondents were completely or very satisfied with their cell phone service. It has been among the lowest-rated services by Consumer Reports for the past six years. More than 47,000 people were surveyed in 20 major metropolitan areas across the United States.

Survey respondents were mainly dissatisfied with mandatory contract extensions imposed on them by wireless carriers, as well as the high cost of service. More than 60% of respondents that made changes to their service plan last year were required to extend their contract. In some cases, carriers aren't upfront with customers about extensions so the 60% survey result might downplay the problem, according to Consumer Reports.

More here.

Programming Note: Under the Weather...

Posting will most likely be light today as I am not feeling very well at all...


- ferg

Cyber Crime Pays - It Also Ruins Lives

Karen Keller writes on

Anthony Bender, a sixth-grade teacher in Passaic who lives in Clifton, has had to replace his wife's debit/credit bank card three times since the summer. Somebody used the card several times to buy six airline tickets worth about $2,500 to Caribbean destinations.

The Benders, who have a 7-year-old daughter, have never been to the Caribbean.

"I can't get out of Clifton," Bender said by telephone on Friday.

The timing for the stolen money from her checking account wasn't good for the Benders. They're tight on money now more than ever: Joni Bender, 38, who until recently built guitar amplifiers for a living, is currently unemployed.

More here.

(Props, Flying Hamster.)

Sunday, December 02, 2007

xkcd: IM Just Doesn't Cut It Sometimes

Click for larger image.

We love xkcd.

Report: Rolls-Royce IT Network Attacked by Chinese Hackers

An AFP newswire article, via Yahoo! News, reports that:

Chinese-backed computer hackers attacked the internal computer network of British airplane engine maker Rolls-Royce, The Times said in its Monday edition.

Citing unidentified security sources, the daily said that while the hackers did not manage to get through to the company's sensitive data, the attack earlier this year "nearly took them (Rolls-Royce) out".

According to The Times, Anglo-Dutch energy company Royal Dutch Shell uncovered a spy ring made up of Chinese nationals at its facilities in Houston, in the United States, also earlier this year.

The two companies declined to comment when contacted by The Times.

More here.

U.S. Plans to Screen All Who Enter, Leave Country

Ellen Nakashima and Spencer S. Hsu writes in The Washington Post:

The federal government disclosed details yesterday of a border-security program to screen all people who enter and leave the United States, create a terrorism risk profile of each individual and retain that information for up to 40 years.

The details, released in a notice published yesterday in the Federal Register, open a new window on the government's broad and often controversial data-collection effort directed at American and foreign travelers, which was implemented after the Sept. 11, 2001, attacks.

While long known to scrutinize air travelers, the Department of Homeland Security is seeking to apply new technology to perform similar checks on people who enter or leave the country "by automobile or on foot," the notice said.

The department intends to use a program called the Automated Targeting System, originally designed to screen shipping cargo, to store and analyze the data.

More here.

Image of the Day: Incoming U.S. West Coast Storm

Click for larger image.

A GOES-WEST satellite photo taken at 16:00 PST Sunday shows a second storm approaching the Northwest coast.

Hat-tip: The Oregonian Live

UK: Websites Sell Secret Bank Data and PINs

Alexi Mostrous and Dominic Kennedy write in The Times Online:

Security breaches that are allowing the financial details of tens of thousands of Britons to be sold on the internet are to be investigated by the country’s information watchdog.

Without paying a single penny, The Times downloaded banking information belonging to 32 people, including a High Court deputy judge and a managing director. The private account numbers, PINs and security codes were offered as tasters by illegal hacking sites in the hope that purchases would follow.

Richard Thomas, the Information Commissioner, will begin an investigation into the security breach today and Scotland Yard is also investigating.

More here.

Hacker Gets 110 Years for Threats on MySpace

Sarah Langbein writes on

A 33-year-old North Carolina man sentenced Friday to 110 years in prison used "tools of terror" to hack into the computers of Brevard County girls and extort nude pictures from them, an assistant U.S. attorney said.

Ivory Dickerson, a civil engineer, gained remote access to their computers, giving him the ability to type words onto their screens. He was arrested last December after girls at Rockledge High School told authorities their MySpace profiles had been hacked into and the person on the other end was demanding revealing and pornographic images.

He threatened to harm their family members, post nude pictures of them on the Web and, in one case, make a 17-year-old "the most well known girl at school" if they didn't do what he said, according to court records.

More here.

(Props, Global Security News.)