Friday, December 28, 2007

Quote of the Day: Patrick Smith


"Six years after the terrorist attacks of 2001, airport security remains a theater of the absurd. The changes put in place following the September 11th catastrophe have been drastic, and largely of two kinds: those practical and effective, and those irrational, wasteful and pointless."

- Patrick Smith, writing in The New York Times op-ed venue, Jet Lagged.

9/11 Six Years Hence: Fake Passports Easily Obtained to Cross Into U.S.


A Dateline NBC Special Investigative Report by Richard Greenberg, Adam Ciralsky, and Stone Phillips.

At the Santo Domingo airport in the Dominican Republic, a foreign visitor makes his way through the Immigration line. An agent swipes his passport through the computer. Everything checks out. The official stamps the passport. Another tourist has entered the country. In this case, though, the traveler is not who he appears to be. He is an undercover investigator. His passport is real, but it has been issued under a false identity. He has just demonstrated how easy it is to obtain and use fraudulent travel documents.

Six years after 9/11, an NBC News undercover investigation has found that the black market in fraudulent passports is thriving. On the streets of South America, NBC documented the sale of stolen and doctored passports, and travel papers prized by terrorists: genuine passports issued under false names. For a few thousand dollars, an undercover investigator was able to purchase several entirely new identities from organized criminal networks with access to corrupt government employees. The investigator obtained passports from Spain, Peru, and Venezuela and used the Peruvian and Venezuelan passports to travel widely in the Western Hemisphere, with practically no scrutiny.

Much more here.

Image source: MSNBC / Dateline NBC

U.S. Toll in Iraq, Afghanistan


Iraq and Afghanistan statistics via The Boston Globe (AP).

As of Friday, Dec. 28, 2007, at least 3,901 members of the U.S. military have died since the beginning of the Iraq war in March 2003, according to an Associated Press count. The figure includes eight military civilians. At least 3,175 died as a result of hostile action, according to the military's numbers.

The AP count is three higher than the Defense Department's tally, last updated Friday at 10 a.m. EST.

As of Friday, Dec. 28, 2007, at least 405 members of the U.S. military had died in Afghanistan, Pakistan and Uzbekistan as a result of the U.S. invasion of Afghanistan in late 2001, according to the Defense Department. The department last updated its figures Dec. 22, 2007, at 10 a.m. EST.

Of those, the military reports 274 were killed by hostile action.

More here and here.

And as always, cryptome.org keeps a very, very extensive list here, as does the Iraq Coalition Casualty Count website here.

Download Uproar: Record Industry Goes After Personal Use


Marc Fisher writes in The Washington Post:

Despite more than 20,000 lawsuits filed against music fans in the years since they started finding free tunes online rather than buying CDs from record companies, the recording industry has utterly failed to halt the decline of the record album or the rise of digital music sharing.

Now, in an unusual case in which an Arizona recipient of an RIAA letter has fought back in court rather than write a check to avoid hefty legal fees, the industry is taking its argument against music sharing one step further: In legal documents in its federal case against Jeffrey Howell, a Scottsdale, Ariz., man who kept a collection of about 2,000 music recordings on his personal computer, the industry maintains that it is illegal for someone who has legally purchased a CD to transfer that music into his computer.

The industry's lawyer in the case, Ira Schwartz, argues in a brief filed earlier this month that the MP3 files Howell made on his computer from legally bought CDs are "unauthorized copies" of copyrighted recordings.

More here.

Swedish Government Considers 'Relaxing' Internet Privacy

Via TheLocal.se.

The government is considering making it easier for police to track suspects' activities on the internet.

According to the political newspaper Riksdagen & Departement, the government is exploring a lower threshold for releasing IP-address information for use in criminal investigations.

Every time someone accesses the internet, that person is assigned a corresponding IP-address. IP-addresses are assigned and stored by internet service providers and can be used to trace a specific user's activities on the internet, including specific websites and dates visited. Such information is considered personal and sensitive and therefore afforded certain protections.

However, the exact level of protection is unclear.

More here.

Hat-tip: FIRST.org Global Security News

U.S.-Based Chinese News Site Gets DDoS'd

Kelly Jackson Higgins writes on Dark Reading:

A U.S.-based Chinese News Website has been hit by a massive distributed denial-of-service (DDOS) attack that journalists say may have been orchestrated by hackers in China.

The attack on Boxun also knocked down some 2,000 blogs hosted on its site. "We have never before experienced such a DDOS attack, which consists of bombarding the site with an almost infinite number of connection requests," Wei Shi, editor of Boxun, told Reporters Without Borders. "Our boxun.com/blog platform crashed on 24 December. We are not even sure if we will be able to recover all the data and we will have to find a new server."

More here.

Thursday, December 27, 2007

Websense: Attackers Exploiting News of Benazir Bhutto Assassination

Via The Websense Security Labs Blog.

Websense Security Labs has discovered malicious Web sites attempting to capitalize on the breaking news of the assassination of Benazir Bhutto. These sites attempt to infect users seeking more information about the event. This activity is similar to past news events, where attackers used malicious sites containing information about the event to infect visitors.

In this case, the first infected site found by Websense Security Labs was the second result in a Google search using a generic and simple keyword. Therefore, the site likely to receive large amounts of traffic. Clicking on the link in the search results did not trigger a warning from Google that the site may be malicious.

More here.

Counterfeit Cisco Components Sold to Federal and Military Air Traffic Controllers

Brad Reese writes on the NetworkWorld "Cisco Subnet" Blog:

Two Richmond, Texas brothers are now facing felony indictments, charged with conspiracy and trafficking in counterfeit Cisco goods. Michael Edman, 36, and Robert Edman, 28, are due in court on Jan. 4 to face a federal judge.

The men are charged with importing cartons full of phony stickers with the Cisco Systems logo and attaching the stickers to imitation computer components. They are also accused of importing empty boxes with Cisco logos to package the equipment for shipment to the military and other agencies to make them appear to be the higher priced, legitimate Cisco product.

More here.

Hypervisor Security a Growing Concern

Denise Dubie writes on CIO Today:

Server virtualization makes it possible to run multiple applications and operating systems on fewer hardware resources, and it lets customers quickly provision new resources based on demand. But the features that enable such flexible computing cause network and security managers to wonder whether a security threat in a virtualized environment could spread to the entire network.

"I am holding off on server virtualization because I have already been hearing about security issues with the hypervisor," says Craig Bush, network administrator at Exactech in Florida. "One server being breached doesn't take down our entire network, but if it is possible for a hypervisor to do that, I'll just wait until the security angle is more played out before I jump into virtualization."

Here we address four of the top concerns about securing virtual environments and attempt to discern the hype from reality.

More here.

U.S. Cites Cyber Threats to Businesses Abroad

An AP newswire article, via The Boston Globe, reports that:

Cyberattacks in Europe, theft of intellectual property in Asia, natural disasters in Latin America and terrorism on many continents were among the threats U.S. businesses faced in 2007, a State Department report said Thursday.

In Europe, two weeks of attacks by computer interlopers that crippled government and corporate Web sites beginning in late April raised a new worry that U.S. companies also could be vulnerable to attack by computer.

"It is vital to recognize that these attacks can easily be replicated against a new target, including the U.S. private sector," the State Department's Overseas Security Advisory Council warned in its annual report.

More here.

Hundreds of Blogger Pages Harboring New Year's Storm Links

Click for larger image.

There appears to be two separate ongoing issues with malicious content and Blogger.

The first one, which has been ongoing, but seemingly recently renewed with a vengeance, is the malicious nature of "fake" video which requires the user to install a new codec, and in turn, infects them with a ZLOB Trojan.

My colleagues over at Sunbelt Software blogged about this yesterday here.

However, in the past 24 hours, there seems to be hundreds of blogs which have appeared that now have singular links to a set of fast-flux servers that infects the user with the Storm Worm (a.k.a. NuWar). These "blogs" have nothing more than a reference to a "...Wishing You a Happy New Year..." or something similar, and a link to one of the server names which will infect the user with the Storm Worm.

Some of the "blogs" appear to be legitimate, some don't -- it's hard to say. It's also difficult to determine whether these are older blogs that haven't been updated in a while (and somehow unauthorized access was gained to them), or perhaps bad guys just created a bunch of bogus blogs and planted this stuff, or what.

In any event, if you see any links like the ones in the partial screenshot above, don't click on them.

And take a quick second or two to report them to Google as malicious.

- ferg


Additional background here.

NIST May Urge Federal Agencies to Conduct Penetration Attacks

Jack Rogers writes on SC Magazine US:

In the final draft of its upcoming security guidelines for protecting federal information systems, the National Institute of Standards and Technology (NIST) is recommending that federal agencies conduct regular penetration tests to determine whether their networks can be breached.

The NIST draft guidelines, which will be published next March, suggest that federal agencies “should consider adding controlled penetration testing to their arsenal of tools and techniques used to assess the security controls” in their information systems.

NIST recommends that government agencies train selected personnel in penetration testing tools and techniques, which should be updated on a regular basis to address newly discovered exploitable vulnerabilities.

More here.

Pr0n Industry Frets Over Security Breach

Lisa Friedman writes on the LA Daily News:

A New Jersey company that helps run thousands of pornography Web sites acknowledged a major security breach Wednesday, sparking widespread concern in the adult-entertainment industry that consumers' personal data could be endangered.

According to industry chat boards that have been buzzing about the problem, the violation so far appears to be limited to e-mail addresses, with an avalanche of spam e-mail hitting Web site customers' inboxes - including unique addresses created for joining specific porn sites.

John Albright, owner of the Too Much Media Corp., said in a statement Wednesday that no credit-card information was affected by the October incident.

Officials with both Visa and MasterCard said they were unaware Wednesday of any problems in connection with the company.

More here.

Hat-tip: Pogo Was Right

SCADA Watch: Hackers May Threaten Economy

A Newshouse News Service article by Garry Lenton, via The Houston Chronicle, reports that:

In the action movie Live Free or Die Hard, Bruce Willis' character, John McClane, battles leap-frogging villains, launches cars into helicopters and regularly defies the laws of physics, all to stop a madman trying to take over government computer systems.

But could a hacker really take control of a vital computer system and sabotage it?

It already has been done, and thousands of attempts occur every day.

In October 2006, a virus was slipped into the computer system at a Pennsylvania water filtration plant. Though the future of the free world did not hang in the balance — the incident was relatively minor and caused no damage or threat — it drew the attention of computer security experts nationwide because it wasn't supposed to happen.

More here.

Wednesday, December 26, 2007

RBN: New and Improved Storm Botnet for 2008

Via RBN Exploit.

Obviously the Russian Business Network (RBN) is working overtime during the Christmas and New Year holiday, no doubt planning for many in the ISP security and anti-spam arena to be on skeleton staff.

Many will now have already seen reports of the Storm Botnet outbreak which started on December 24th “MerryChristmasDude” with good write up at ComputerWorld and for technical details at ISC Sans or HolisticInfoSec (links on footer). This picture is changing rapidly and by December 26th there were new web sites “Uhavepostcard” , “HappyCards2008” and no doubt more to come over the next few days.


Three of the key web sites have the following registrant information, all registered via “ANO REGIONAL NETWORK INFORMATION CENTER DBA RU (Russia)” in chronological order:

  • Domain Name: MERRYCHRISTMASDUDE.COM - Creation Date: Nov 27 2007
  • Domain Name: UHAVEPOSTCARD.COM - Creation Date: Dec 23 2007
  • Domain Name: HAPPYCARDS2008.COM - Creation Date: Dec 26 2007

More here.

U.S. Military Deaths in Iraq at 3,900, Afghanistan Deaths at 405


Iraq and Afghanistan statistics via The Boston Globe (AP).

As of Wednesday, Dec. 26, 2007, at least 3,900 members of the U.S. military have died since the beginning of the Iraq war in March 2003, according to an Associated Press count. The figure includes eight military civilians. At least 3,173 died as a result of hostile action, according to the military's numbers.

The AP count is four higher than the Defense Department's tally, last updated Wednesday at 10 a.m. EST.

As of Wednesday, Dec. 26, 2007, at least 405 members of the U.S. military had died in Afghanistan, Pakistan and Uzbekistan as a result of the U.S. invasion of Afghanistan in late 2001, according to the Defense Department. The department last updated its figures Dec. 15, 2007, at 10 a.m. EST.

Of those, the military reports 274 were killed by hostile action.

More here and here.

And as always, cryptome.org keeps a very, very extensive list here, as does the Iraq Coalition Casualty Count website here.

Blu-ray Website Hacked - Redirects Vistors to HD DVD Website

Justin Berka writes on ARS Technica:

The format war between Blu-ray and HD DVD continues, but now the participants are really getting feisty. Both camps have been particularly aggressive this holiday season, offering a variety of discounts, free movies, and other incentives to convince consumers to back a particular format. The intense competition seems to have rubbed off on Internet fanboys, leading to Internet arguments that are even more ferocious than usual (which is saying something).

As part of the animosity, the official Blu-ray site was hacked this weekend, and an online forum had to shut down its format discussion section.

The Blu-ray site modifications occurred last Friday, when visitors to the Blu-ray site were redirected to "The Look and Sound of Perfect," the website for the HD DVD format operated by the North American HD DVD Promotional Group (including Universal Studios, HP, and Intel).

More here.

Yay! NFL to Simulcast Patriots-Giants on NBC, CBS


An AP newswire article, via MSNBC, reports that:

After weeks of insisting they wouldn’t cave in, NFL officials did just that Wednesday. Now all of America can see the Patriots’ shot at history.

Saturday night’s game between New England and the New York Giants on the NFL Network, which is available in fewer than 40 percent of the nation’s homes with TVs, will be simulcast on CBS and NBC.

The Patriots could become the first NFL team to go 16-0 in the regular season.

More here.

Background here.

Happy Boxing Day



Boxing Day is a public holiday celebrated in the United Kingdom, Canada, New Zealand, Australia and many other members of the Commonwealth of Nations on December 26, the day after Christmas Day

Cheers!

- ferg

Tuesday, December 25, 2007

SPOT: Screening Passengers by Observation Technique

Paul Shukovsky writes in The Seattle Post-Intelligencer:

If a pair of Transportation Security Administration officers strolling by a Sea-Tac Airport ticket counter wish you happy holidays and ask where you're traveling, it might be more than just Christmas spirit. Travelers at Sea-Tac and dozens of other major airports across America are being scrutinized by teams of TSA behavior-detection officers specially trained to discern the subtlest suspicious behaviors.

TSA officials will not reveal specific behaviors identified by the program -- called SPOT (Screening Passengers by Observation Technique) -- that are considered indicators of possible terrorist intent.

But a central task is to recognize micro-facial expressions -- a flash of feelings that in a fraction of a second reflects emotions such as fear, anger, surprise or contempt, said Carl Maccario, who helped start the program for TSA."In the SPOT program, we have a conversation with (passengers) and we ask them about their trip," said Maccario from his office in Boston. "When someone lies or tries to be deceptive, ... there are behavior cues that show it. ... A brief flash of fear."

More here.

Ghost of Christmas Past & Present: Saluting Our Soldiers

Cover of The Saturday Evening Post, 7 December 1918.


We Salute Our American Fighting Men and Women who are away from home this holiday season.


You are not forgotten.





Image source:
© 2003 SEPS: Licensed by Curtis Publishing, Indianapolis IN.
All rights reserved.


Monday, December 24, 2007

Quote of the Day: Will Chen


"I love It's a Wonderful Life because it teaches us that family, friendship, and virtue are the true definitions of wealth."

- Will Chen, writing on his blog Wise Bread (props, Boing Boing). He continues that "...in 1947, however, the FBI considered this anti-consumerist message as subversive Communist propaganda."

Merry Christmas. -ferg

Sunday, December 23, 2007

E-Greetings Gain Ground at Businesses This Season

Maria Aspan writes in The New York Times:

Have you sent out your holiday cards this year? What about your e-cards?

If your second answer was yes, you are in good company. Once seen as the tacky, last-minute substitute for pen and paper, e-cards have become more acceptable this holiday season, especially in the corporate world, where LinkedIn and Facebook have become popular places for sending holiday greetings.

In other words: It’s no longer just a Merry Christmas. It’s another networking opportunity.

More here.

Note: And let's be careful out there -- a little common sense goes a long way. There is lots of badness masquerading as e-cards just waiting for you to click on it, and steal your PC -- and your credit card information, your login IDs, etc.

Watch what you are clicking on. -ferg

One Thing I Love About The Holidays: Fruitcake



That's right, you read correctly. I love the stuff.

With a little brandy.

Happy Holidays, and Merry Christmas. -ferg

Happy Festivus!

Happy Festivus!