Saturday, March 01, 2008

Late Night Flashback: Living Colour - Cult Of Personality

Some of the smartest lyrics of the early '90's.

- ferg

Toon of The Day: File 13

Click for larger image.

U.S., China Sign Pact on Military Hotline

Via The Hindu.

China and the United States on Friday officially signed an agreement to set up a military hotline between the defence departments of both countries, in a reflection of the improving Sino-American security ties.

The hotline, the first of its kind Beijing has ever established with any country at the defence ministry level, would enable Chinese and the US defence and military leaders to remain in constant touch on major issues of common concern, specially in emergencies.

The agreement was signed at the end of a working meeting between the two defence departments in Shanghai as a follow-up to the announcement on the hotline made by both countries during the visit of US Defence Secretary Robert Gates to China in November last year.

Both sides had said earlier that the hotline would "reduce the risk of misunderstanding".

More here.

Hat-tip: China Digital Times

ShadowServer: RBN 'Rizing' - Abdallah Internet Hizmetleri


Russian Business Network (RBN)

In the last few months, there has been a significant amount of press coverage given to insidious cyber activity associated with the segment of the Internet known as the “Russian Business Network,” or RBN. Previous studies have suggested that the RBN has ties to nearly every area of cybercrime, including: phishing, malware, DDOS activity, pornography, botnets, and anonymization.

In November 2007, media reporting indicated that a large portion of the RBN “went dark.” Since that time, the Shadowserver Foundation has been more closely analyzing outlying networks implicated as being associated with RBN. One of these suspected outliers is AS9121, known as TurkTelekom. reported in early December 2007 that while not everything in TurkTelekom appears to be malicious, there are some ranges that are “particularly bad” and analysis of Shadowserver Foundation data agrees. Several subranges quickly stand out as being deeply involved in malicious cyber activity: and IP registration indicates these ranges are listed under the name “ABDALLAH INTERNET HIZMETLERI” (AIH).

Abdallah Internet Hizmetleri (AIH)

In one of the most thorough RBN studies to date, David Bizeul reported that AIH ranges and - are among the “most used network ranges used by RBN affiliates’ domain names.” The purpose of this paper is to take a deeper look at these two class C ranges of AIH based out of Rize, Turkey, available information from the Internet, and statistics collected by the Shadowserver Foundation to provide further insight into the scope and depth of the RBN.

More here.

Read the full paper here [.pdf].

House Democrats May Split On Domestic Spying Bill

Greg Miller writes in The Los Angeles Times:

Under pressure to end an impasse over espionage legislation, House Democrats are considering a plan to vote on a bill next week that would give the government broad new eavesdropping authorities but strip out a provision that would protect phone companies from lawsuits.

Senior Democratic aides said the plan would set up a separate vote on the divisive issue of whether to grant legal immunity to phone companies that took part in a secret wiretapping program authorized by President Bush after the Sept. 11 terrorist attacks.

"The objective would be to pass something that is less controversial," yet still allow Democrats to register their objections to the immunity provision, said one senior Democratic aide, speaking on condition of anonymity because House Speaker Nancy Pelosi (D-San Francisco) and other party leaders have yet to reach a decision on the matter.

The proposal emerged Friday as a possible endgame in the drawn-out congressional debate over how to overhaul laws that govern when and how American spy agencies can intercept international e-mails and phone calls coming into the United States.

More here.

Quote of The Day: The Hacker Webzine

"With Javascript and CSRF as our tools it is possible to smash your network security, your firewalls, your switches and your AV software or any other network based protection measure. If you are into network security and don't have much knowledge about web application security, it is time to start reading up on it."

- The Hacker Webzine, on hacking home routers.

Human Error Responsible for Massive Florida Power Outage

Via The Herald Tribune.

Florida Power & Light said that a preliminary investigation has found that human error was responsible for the massive power outage on Tuesday that affected more than 584,000 customers.

A field engineer was diagnosing a switch that had malfunctioned at FPL’s Flagami substation in west Miami. Without authorization, the engineer disabled two levels of relay protection — something contrary to the Juno Beach-based company’s procedures.

During the diagnostic process, a fault occurred. With both levels of relay protection removed, the outage affected 26 transmission lines and 38 substations.

One of the substations served three of the generation units at the company’s Turkey Point nuclear plant, which was designed to automatically shut down if there is a lack of enough power. Also affected were two other generation plants in FPL’s system. The system lost 3,400 megawatts of generating capacity.

More here.

Cyber Crimes in Japan Hit Record in 2007

Via Red Orbit News.

The number of cyber crime-related arrests in Japan last year grew 23.7 pct from the previous year to hit an all-time high, the National Police Agency said Friday.

The number came to 5,473, reflecting surges in phishing, which is an act of sending emails to users pretending to be a legitimate enterprise in an attempt to entrap users into providing their personal information such as identification numbers to certain Web sites.

As the number of phishing-related arrests surged 5.3-fold to 1,157, arrests related to unauthorized access jumped 2.1-fold to an all-time high of 1,442, according to the agency.

More here.

Hat-tip: Global Security News

Friday, February 29, 2008

Customer Notification Finally Starts in TJX Hack

An AP newswire article, via MSNBC, reports that:

Notices are going out to millions of customers who may have had credit card information compromised in a data breach at stores such as T.J. Maxx and Marshalls.

The notices contain information about eligibility for compensation such as vouchers and credit monitoring to be provided under a proposed settlement with TJX Cos., the operator of more than 2,500 discount stores.

TJX said last March that at least 45.7 million cards were exposed to possible fraud in a breach of its computer systems. Court filings by banks that also sued TJX estimated the number of cards affected at more than 100 million.

More here.

Note: Better late than never? Not even. A year after divulging the breach, this attempt at "notification" is appalling. -ferg

FISA Fact Check: Setting the Record Straight on the White House


As the House of Representatives takes the time it needs to negotiate a bill to amend the Foreign Intelligence Surveillance Act (FISA), the White House has launched a public assault on the legislative body. The administration claims that the House has endangered the country by letting the Protect America Act (PAA) expire and should pass the bill already approved by the Senate. The Senate bill, however, is unconstitutional and contains immunity for the telecommunications companies that aided the president’s warrantless wiretapping program. The American Civil Liberties Union (ACLU) is urging the House to continue to stand strong for the Constitution.

In a February 22nd letter to the House Permanent Select Committee Chairman Silvestre Reyes, Attorney General Michael Mukasey and Director of National Intelligence Mike McConnell made several misleading claims. A corrective statement was released by the Justice Department and Office of the Director of National Intelligence regarding the cooperation of “private partners” the following day. Here, the ACLU refutes some of the administration’s arguments.

More here.

Leap Day Causes Confusion for South Carolina DMV Computers


Leap Day is causing quite a stir at Department of Motor Vehicle offices across the state.

According to Beth Parks with the DMV, computers are currently down due to a glitch with one of the programs that calculates the day. The system did not recognize February 29.

This programming error has affected office statewide; however, the offices are not closed. The DMV has continued to serve customers as much as possible while the system has been down.

More here.

Hat-tip: Threat Level

Judge Backtracks: WikiLeaks Resumes U.S. Operations

David Kravets writes on Threat Level:

A federal judge on Friday allowed whistle-blower site WikiLeaks to resume operation in the United States, a week after ordering its U.S. hosting company and domain registrar to shut down and lock the renegade's site from the internet.

The judge conceded the futility of attempts to censor information, in this instance private banking records, after it has been posted to the internet.

"When this genie gets out of the bottle, it's out for all purposes," U.S. District Judge Jeffrey White said after a more than 3-hour-long hearing here. Earlier, White said he had "an obligation to get it right" and that "I took an oath to uphold the Constitution."

More here.

Prolific Spammer's Conviction Upheld

An AP newswire article, via, reports that:

A divided Virginia Supreme Court affirmed the nation's first felony conviction for illegal spamming on Friday, ruling that Virginia's anti-spamming law does not violate free-speech rights.

Jeremy Jaynes of Raleigh, N.C., considered among the world's top 10 spammers in 2003, was convicted of massive distribution of junk e-mail and sentenced to nine years in prison.

Almost all 50 states have anti-spamming laws. In the 4-3 ruling, the court rejected Jaynes' claim that the state law violates both the First Amendment and the interstate commerce clause of the U.S. Constitution.

"This is a historic victory in the fight against online crime," state Attorney General Bob McDonnell said in a written statement. "Spam not only clogs e-mail inboxes and destroys productivity; it also defrauds citizens and threatens the online revolution that is so critical to Virginia's economic prosperity."

More here.

House Lawmakers Question Privacy in Cyber-Security Plan

Brian Krebs writes in The Washington Post:

House lawmakers yesterday raised concerns about the privacy implications of a Bush administration effort to secure federal computer networks from hackers and foreign adversaries, as new details emerged about the largely classified program.

The unclassified portions of the project, known as the "cyber initiative," focus on drastically reducing the number of connections between federal agency networks and the Internet, and more closely monitoring those networks for malicious activity. Slightly more than half of all agencies have deployed the Department of Homeland Security's program.

But administration officials have not said how far monitoring would go, and whether oversight would extend to networks operated by state, local, and private sector entities, including government defense contractors.

More here.

Thursday, February 28, 2008

RIPE NCC Publishes Case Study of Youtube Hijack

Daniel Karrenberg writes on CircleID:

As you may be aware from recent news reports, traffic to the website was ‘hijacked’ on a global scale on Sunday, 24 February 2008. The incident was a result of the unauthorised announcement of the prefix and caused the popular video sharing website to become unreachable from most, if not all, of the Internet.

The RIPE NCC conducted an analysis into how this incident was seen and tracked by the RIPE NCC’s Routing Information Service (RIS) and has published a case study.

The RIPE NCC RIS is a service that collects Border Gateway Protocol (BGP) routing information from roughly 600 peers at 16 Internet Exchange Points (IXPs) across the world. Data is stored in near real-time and can be instantly queried by anyone to provide multiple views of routing activity for any point in time.

More here.

Programming Note: ISOI IV


Posting to the blog is likely to be somewhere between light and non-existant for the next couple of days, due to the fact that I'll be attending ISOI IV (Internet Security Operations & Intelligence) here in Silicon Valley starting today (Thursday -- hosted by Yahoo!).

So, hang tight and I'll post as time allows.


- ferg

Wednesday, February 27, 2008

Late Night Flashback: Gorillaz - DARE


- ferg

More Mark Fiore Magic: Project Hillary


- ferg

DHS International Office Chief Quits Suddenly

Shaun Waterman writes for UPI:

The official responsible for the U.S. Department of Homeland Security's relationships with foreign countries has unexpectedly quit.

Marissa Lino, the assistant secretary for international affairs at the department, resigned suddenly earlier this week without giving notice, a former department official told United Press International.

DHS spokeswoman Laura Keehner confirmed Lino's departure to UPI.

More here.

Pentagon Scientists Seek 'Trusted Microchip'

Via UPI.

U.S. military scientists are trying to develop a system for ensuring that microchips used in defense equipment are not compromised by the nation's enemies.

The Defense Advanced Research Projects Agency recently awarded contracts to three companies for the first phase of the Trust in Integrated Circuits Program.

The military uses integrated circuit chips, commonly called microchips, in everything from computers and communications systems to weapons. But most are manufactured overseas, and there is currently no way of ensuring that they do not contain malicious code that could end up making equipment malfunction or fail.

Nearly three-quarters of the world's microchips are made in Taiwan and China.

More here.

Analysis: New Cyber Chief Faces Capitol Hill Anger

Shaun Waterman writes for UPI:

The new job of Scott Charbo, the man President Bush has picked to head up the protection of U.S. computer networks, involves countering threats from Russian hackers, Chinese cyber spies and Internet Jihadis. But perhaps his most immediately dangerous adversary is the chairman of the House Homeland Security Committee.

The two men will be face to face Thursday, when Charbo, the deputy undersecretary for the National Protection and Programs Directorate at the Department of Homeland Security, is to testify on Capitol Hill about the Bush administration's much-awaited cybersecurity initiative.

Earlier this month, less than 24 hours after Charbo, until then the department's chief information officer, was promoted into his new job, committee Chairman Rep. Bennie Thompson, D-Miss., fired off an angry letter to his boss.

The veteran federal official had been guilty of "an incredible and unacceptable dereliction of duty" while in charge of the department's information technology systems, Thompson wrote Homeland Security Secretary Michael Chertoff.

More here.

Healthcare Organizations Feeling Cyber Attacks Growing

Ellen Messmer writes on NetworkWorld:

Healthcare organizations are stepping up efforts to protect electronic patient information as they witness increased attacks against hospital networks, mindful how a data breach could hurt patients and their own reputations.

“There is definitely an uptick in attacks,” says Dr. John Halamka, CIO at both Beth Israel Deaconess Medical Center and Harvard Medical School in the Boston area. “Privacy is the foundation of everything we do. We don’t want to be the TJX of healthcare.” TJX is the Framingham, Mass-based retailer which last year disclosed a massive data breach involving customer records.

More here.

Bush's Double-Edged Cyber-Security Plan

Andy Greenberg writes on

Since January, the Bush administration has committed to spending billions to keep the government's computer networks safe from cyber-spies and other malicious hackers. But to keep digital intruders away from sensitive government information, some worry the government will have to do some spying of its own--on the U.S. private sector.

The House Committee on Homeland Security plans to hold the first public hearing Thursday on Presidential Directive 54, a project that could cost as much as $30 billion over seven years as it expands cyber-monitoring of all federal agencies' networks. Many former officials believe that the plan will go further, extending government surveillance to private companies, such as military contractors, that possess sensitive government information.

Some contractors' information technology officers are concerned that the new program will give the government access to data in their private networks. "Private contractors are not happy about this," says a source familiar with information security executives at contractors Northrup Grumman and Boeing. "The thought of the government watching the data flow through these corporations causes a lot of concern."

More here.

The Consumerist: Worst Company In America 2008: Preliminaries


- ferg

U.S. Intelligence Community Recognizes Cyber Threat

Kevin Coleman writes on Defense Tech:

In the 2008 Annual Threat Assessment of the Intelligence Community [.pdf] for the Senate Armed Services Committee for the first time the threat of cyber attacks were addressed (well, the first time in the report available to the public). The threat assessment was delivered by Director of National Intelligence Mike McConnell and Defense Intelligence Agency chief, Army Lt. Gen. Michael Maples, in testimony before the Senate Armed Services Committee Feb. 27.

The intelligence community listed "the vulnerabilities of the US information infrastructure to increasing cyber attacks by foreign governments, non-state actors and criminal elements" as the fourth major bullet of the fourth page in the opening of the forty-five page testimony delivered to the Senate by DNI McConnell. The testimony goes on to state that due to the significance of computers and telecommunications to our country's security, defense and economy, threats to our IT infrastructure are an important focus of the Intelligence Community.

Also stated were the trends seen over the past year, which included cyber exploitation activities that grew more sophisticated, more targeted and more serious. Finally, McConnell stated that the Intelligence Community expects these trends to continue in the coming year.

More here.

Many Companies Short on Security Skills

Tim Wilson writes on Dark Reading:

There is a wide gap between the IT security skills that organizations want and the corresponding skills that workers bring to the job, according to a survey published today by the Computing Technology Industry Association (CompTIA).

Security is at the top of the list of the technology skills that are most important to organizations today, according to the survey of more than 3,500 technology professionals in North America, Europe, and Asia. But there is a significant gap between what they want and what they can get, the survey indicates.

More here.

Extended Validation Certificates and XSS Considered Harmful

Via Netcraft.

A cross-site scripting vulnerability on the popular website shows how Extended Validation SSL certificates could be exploited by fraudsters. Piggybacking on the anticipated extra trust instilled by the presence of an EV SSL certificate, arbitrary content could be injected onto the secure page at SourceForge to create a very convincing phishing attack.

The green address bar displayed by the web browser would assure users that they are looking at a website that can be trusted, even though the page they are looking at may contain scripts or HTML created by a remote attacker.

More here.

Illegal Database With 8,700 Stolen FTP Credentials Discovered

Jaikumar Vijayan writes in ComputerWorld:

A fresh discovery by security vendor Finjan Inc. provides yet another example of how easy it is becoming for almost anyone to find the tools needed to break into, infect or steal data from corporate Web sites.

The San Jose-based vendor announced today that it has uncovered an illegal database containing more than 8,700 stolen File Transfer Protocol server credentials including usernames, passwords and server addresses. Anyone can purchase those credentials and use them to launch malicious attacks against the compromised systems.

The stolen credentials belong to companies from around the world and include more than 2,500 North American companies, some of whose Web sites are among the world's top 100 domains, according to Yuval Ben-Itzhak, Finjan's chief technology officer.

The FTP credentials would allow malicious hackers to break into and upload malware of their choice to compromised servers literally with a click or two, he said.

More here.

Report: Bank of America, HSBC Most Prone to I.D. Theft

Ryan Singel writes on Threat Level:

In a first ever study of which companies have the most identity theft incidents, Bank of America, HSBC, and Washington Mutual were named as the companies with the most incidents per billions of dollars of deposits, according to a study released Wednesday by Berkeley Law School fellow Chris Hoofnagle.

Among the nations' largest banks, ING Bank looks to be the safest, with only 0.085 identity theft complaints per billion dollars of insured deposits.

In terms of sheer numbers of complaints, Bank of America, AT&T and Sprint were named most often in the complaints, followed closely by Chase, Capital One and Citibank.

The study, entitled Measuring Identity Theft at Top Banks (Version 1.0), looks to be the first-ever attempt to name-and-shame companies based on their identity theft protections, or lack thereof.

More here.

Image source: Threat Level, Chris Hoofnagle

U.S. Air Force Data-Mining Detects The Disaffected

Marin Perez writes on the C|Net "Military Tech" Blog:

The Air Force is developing a data-mining technology meant to root out disaffected insiders based on their e-mail activity--or lack thereof, according to an article in this month's International Journal of Security and Networks.

The technology, based on something called Probabilistic Latent Semantic Indexing [.pdf], scours an organization's e-mail traffic and constructs a graph of social network interactions illustrating employee activity. If a worker suddenly stops socializing online, abruptly shifts alliances within the organization, or starts developing an unhealthy interest in "sensitive topics," the system detects it and alerts investigators.

dvMore here.

German Court Says 'Policeware' a Violation of Privacy

Jacqui Cheng writes on ARS Technica:

Government surveillance of citizens' personal computers is a violation of privacy, Germany's highest court ruled today. Citizens' basic right to privacy is protected by Germany's constitution, the court said, a protection that extends to their stored data. "Collecting such data directly encroaches on a citizens' rights, given that fear of being observed... can prevent unselfconscious personal communication," said Judge Hans-Juergen Papier in the court's opinion.

The case began last year when officials in North Rhine-Westphalia began spying on computer-related activities using trojans and spyware (also known as "policeware"). The government apparently had few problems with this, saying that such activities were important in the fight against terrorism. Interior Minister Wolfgang Schäuble even suggested changing German law to give the government more freedom to use policeware and engage in other PC-related surveillance.

More here.

Tuesday, February 26, 2008

Triple Threat: Late Night Flashback: Linkin Park - Somewhere I Belong

Just in that frame of mind.


- ferg

Bonus: Late Night Flashback: Cake - Short Skirt, Long Jacket

Yeah. Enjoy.

- ferg

Late Night Flashback: Black Sabbath - Dirty Women


- ferg

U.S. Toll in Iraq

Via The Boston Globe (AP).

As of Tuesday, Feb. 26, 2008, at least 3,973 members of the U.S. military have died since the beginning of the Iraq war in March 2003, according to an Associated Press count. The figure includes eight military civilians. At least 3,234 died as a result of hostile action, according to the military's numbers.

The AP count is three higher than the Defense Department's tally, last updated Tuesday at 10 a.m. EST.

More here.

And as always, the Iraq Coalition Casualty Count keeps the grim watch on their website here.

Honor the Fallen.

IETF Journal: Security Protocol Failures

Phillip Hallam-Baker writes in The IETF Journal (Volume 3 Issue 3 - December 2007):

The Internet is insecure, so what went wrong? Contrary to widely held belief, the reasons for Internet security protocol failure are not primarily technical. Failure to understand the risk model and to meet the actual user requirements are much more significant causes of security failure.

The economics of security protocol deployment and security usability engineering are also key: a protocol might as well not exist if it is not used.

Much more here.

NY Attorney General's Office Subpoenas Comcast on Internet Traffic Throttling

An AP newswire article, via ABC News, reports that:

The New York attorney general's office has requested information from Comcast Corp. on the company's handling of Internet traffic.

Comcast, the nation's largest cable company, is the subject of several complaints to the Federal Communications Commission and has been sued by customers over its throttling of file-sharing traffic on its cable-modem service.

"We have requested information from the company via subpoena," Jeffrey Lerner, a spokesman for Attorney General Andrew Cuomo, said Tuesday.

Comcast said it was cooperating with the AG's office.

More here.

Quote of The Day: Ben Popkin

"There were so many bad companies that it broke our poll system."

- Ben Popkin, writing on The Consumerist, regarding the fact that so many people wanted to nominate candidates for their "Worst Company in America 2008" poll, it crashed their poll system.

EFF Files Lawsuit For Records of Contacts Between Former DoJ Official and Google

Via The EFF.

The Electronic Frontier Foundation (EFF) filed suit against the Department of Justice (DOJ) today, demanding information about communications between the DOJ's former top privacy official and Google, the official's current employer.

Jane C. Horvath was named the DOJ's first Chief Privacy and Civil Liberties Officer in February of 2006. At that time, Google was fighting a massive DOJ subpoena asking for the text of every query entered into the search engine over a one-week period. The DOJ request -- part of a court battle over the constitutionality of a law regulating adult materials on the Internet -- ignited a national debate about Internet privacy.

The DOJ later scaled back its request, and a judge eventually allowed access to only 5000 random Google search queries. In a subsequent news article, Horvath was publicly critical of the DOJ's initial subpoena, saying she had privacy concerns about the massive request for information. Horvath's new job as Google's Senior Privacy Counsel was announced in August of 2007.

More here.

Power Outage Hits South Florida - UPDATE

Monica Hatcher and Martin Merzer write in The Miami Herald:

Power outages are cascading through many parts of South Florida, with Florida Power & Light and others reporting blackouts in portions of Miami, Doral, Westchester, Pembroke Pines, Miramar and Boca Raton.

Many traffic lights are not working and nine accidents were reported in Miami-Dade County between 1:04 p.m. and 1:26 p.m. Police agencies were dispatching officers to as many intersections as possible.

The lights flickered off at several South Florida hospitals, which had to switch to generator power.

''We had a blip here and the generators kicked in immediately,'' Jackson Memorial Hospital spokeswoman Lorraine Nelson said.

Mount Sinai Medical Center in Miami Beach and Baptist Hospital in Southwest Miami-Dade reported similar situations.

A spokeswoman for FPL said the company was investigating the extent and cause of the problem.

More here.

CNN is reporting on television that eight (8) power generation plants are "down"... Stay tuned. -ferg

UPDATE: 11:51 PST: CNN now has more of a "developing story" URL available here. Apparentlt, this outage is much larger than first reported... -ferg

Monday, February 25, 2008

Late Night Music Flashback: Siouxsie and The Banshees - Kiss Them For Me


- ferg

The Onion: Pakistan Bans YouTube

Click for larger image.

Via The Onion, America's Finest News Source.


- ferg

U.S. Toll in Iraq

Via The Boston Globe (AP).

As of Monday, Feb. 25, 2008, at least 3,972 members of the U.S. military have died since the beginning of the Iraq war in March 2003, according to an Associated Press count. The figure includes eight military civilians. At least 3,228 died as a result of hostile action, according to the military's numbers.

The AP count is four higher than the Defense Department's tally, last updated Monday at 10 a.m. EST.

More here.

And as always, the Iraq Coalition Casualty Count keeps the grim watch on their website here.

Honor the Fallen.

Google Heads Under The Sea With Cable Investment

Duncan Riley writes on TechCrunch:

Google has announced that it has joined a consortium to build a new trans-Pacific cable between Japan and California.

The Unity consortium is a joint effort by Bharti Airtel, Global Transit, Google, KDDI Corporation, Pacnet and SingTel and will initially increase Trans–Pacific lit cable capacity by about 20 percent, with the potential to add up to 7.68 Terabits per second.

More here.

Analysis: Detroit Trial Shows Cyber-Scam

Shaun Waterman writes for UPI:

The case of a Michigan woman charged with identity theft has lifted a small corner of the veil over a huge series of credit-card scams, run from the former Soviet bloc, that have cost consumers and the card industry hundreds of millions of dollars.

The state attorney general's office told United Press International that Krystal Owens would go on trial Monday on three counts of identity theft and one of conspiring to commit identity theft.

But one independent investigator who has followed the case told UPI that publicly available details of the crime match a series of "identical" frauds that are netting conspirators more than $10 million a month.

The Michigan attorney general's office declined to comment further in advance of the trial, but a statement announcing the charges named her co-conspirator as Tomas Lasinkas, and identified his company and two Web sites they allegedly used to run the scam, which involved making small bogus charges to thousands of credit cards, whose numbers had been stolen.

More here.

Class Action Suit Against Network Solutions and ICANN

Via Domain Name News.

According to a press release from the law firm Kabateck Brown Kellner, a federal class action lawsuit has been filed in U.S. District Court, Central District of California against domain name registrar Network Solutions and ICANN. The suit clam that the NSI has forced customers into buying domains from the company rather than through potentially cheaper avenues, in effect netting the company millions of dollars.

ICANN is also named in the suit for their role in enabling and allowing Network Solutions to continue this practice.

More here.

Taliban Wants Cell Phone Networks Shut Down at Night

Jacqui Cheng writes on ARS Technica:

The towers and offices of mobile phone operators in Afghanistan are being pressured to shut down operations at night by the Taliban. The former rulers of Afghanistan and current insurgent group held "talks" with the four major mobile companies in Afghanistan today, and gave them three days to go dark for 14 hours per day—or else.

The reason for the threat is the Taliban's belief that American soldiers and rebels within Afghanistan are using mobile phones to track down remaining Taliban members. "Since the occupying forces stationed in Afghanistan usually at night use mobile phones for espionage to track down the mujahideen, the Islamic Emirate gave a three-day ultimatum to all mobile phone firms to switch off their phones from five in the afternoon until seven in the morning," Taliban spokesperson Qari Mohammad Yousuf told Reuters, ironically via mobile phone (and presumably during daylight).

More here.

Lack of Jobs is Driving IT Pros to Malware

Tom Young writes in Computing:

The growing number of cyber criminals in areas of Asia and Eastern-Europe is the result of a lack of IT jobs for qualified professionals, according to a report from vendor Mcafee.

And the growing trade in malware means that authors can sell their code to other criminals without actually releasing their viruses.

Writing malware is a hard option to ignore, according to Joe Telafici, vice president of operations at Mcafee.

"The motivation to engage in illegal behavior is strong in Eastern Europe where technical skills were widely taught during the Cold War but economic opportunities are limited," he said.

More here.

Scotland Yard Careers Website Defaced

John Leyden writes on The Register:

Unknown hackers defaced the Metropolitan Police's careers website over the weekend.

Digital graffiti on featured a picture of a greenish cuddly monster (vaguely resembling Sulley from Monsters Inc) and a message mocking Scotland Yard's anti-terrorism unit.

More here.

Image source: The Register

Sunday, February 24, 2008

Quote of The Day: Kim Cameron

"OpenID provides Single Sign On to social networking sites and blogs. It means we can use a public personna across sites, and just log in once to use that persona."

"But OpenID doesn’t have the privacy characteristics that would make it suitable for government applications or casual web surfing. And it doesn’t have the security characteristics necessary for financial transactions or access to private data."

- Kim Cameron, writing on the Identity Weblog [My previous comments on OpenID here. - ferg]

xkcd: Grapefruit

Click for larger image.

Yes, we love xkcd.

Can We Now Expect AT&T To Provide Health Records to The U.S. Government, Too?

An AP newswire article by Erik Shelzig, via, reports that:

AT&T Inc. is partnering with Tennessee to provide the country's first statewide system to electronically exchange patient medical information, the telecommunications company said Monday.

The system is designed to securely transmit detailed patient information between medical professionals. It will allow doctors to access medical histories, prescribe medicines over the Internet and transfer images like X-rays, MRIs and CT scans.

"As patients we really want our information to be available to physicians whenever and wherever they're needed," said Diane Turcan, director of health care marketing for AT&T in Atlanta. "And we certainly don't want to be copying paper records."

Tennessee's program is seen as a model for other states and may be a springboard for interstate information sharing networks in the future, she said.

More here.

Note: If AT&T has been providing your call records & Internet activities to the U.S. Government without your knowledge or permission -- or more importantly, without a valid court order or any other judicial oversight -- why would anyone trust them with their health records? -ferg

Bush accuses Democtats of Blocking Spy Bill So Lawyers Can Sue

An AP newswire article by Deb Riechmann, via, reports that:

House Democratic leaders came under criticism Saturday from President Bush, who said they are blocking intelligence legislation so lawyers can sue telephone companies for helping the government eavesdrop on suspected terrorists.

Terrorists are plotting attacks "at this very moment," Bush said in his weekly radio address. He again urged the House to act on Senate-passed legislation needed to renew the intelligence law that expired last weekend.

The Senate bill provides retroactive protection for telecommunications companies that wiretapped U.S. phone and computer lines at the government's request, but without the permission of a secret court created 30 years ago to oversee such activities. The House version does not provide such immunity against lawsuits.

The Justice Department and Office of National Intelligence said Saturday that telecommunication companies are now complying with existing surveillance warrants. The agencies' statement reversed their declaration late Friday that some companies had refused to initiate wiretaps against people covered by orders issued under the expired law.

More here.

Yet Another Emerging Web 2.0 Security Threat: Adobe Integrated Runtime (AIR)

Paul Krill writes on InfoWorld:

Bridging the gap between desktop and Web applications, Adobe Systems is set to ship today its AIR (Adobe Integrated Runtime) 1.0 technology for melding applications from both of these realms. Formerly known by its code name Apollo, the free technology already is being used in applications at places such as NASDAQ and AOL.

AIR is a desktop runtime that allows Web applications to be run on the desktop in a disconnected fashion, said Michele Turner, vice president of the Adobe platform business unit. "We really believe the innovation in technology today is … on the Web and that the desktop has stagnated over the last couple of years," she said.

Supported on Windows and Macintosh, AIR extends to Web applications desktop capabilities such as drag-and-drop, system notification, and local file system access. Applications using AIR can be written using the same technologies commonly used to build Web applications, including Adobe Flex and Flash, HTML, and JavaScript.

More here.

U.S. Toll in Iraq

Via The Boston Globe (AP).

As of Sunday, Feb. 24, 2008, at least 3,970 members of the U.S. military have died since the beginning of the Iraq war in March 2003, according to an Associated Press count. The figure includes eight military civilians. At least 3,228 died as a result of hostile action, according to the military's numbers.

The AP count is seven higher than the Defense Department's tally, last updated Friday at 10 a.m. EST.

More here.

And as always, the Iraq Coalition Casualty Count keeps the grim watch on their website here.

Honor the Fallen.

Oklahoma Judge Says TV Station Hired Hackers to Steal Her e-Mail

Via The Norman Transcript.

The trial of Kevin Underwood, accused of the gruesome murder of a young girl in Purcell took a strange twist last week in Cleveland County District Court as presiding Judge Candace Blalock accused a local TV station of hiring hackers to break into her computer and steal her e-mail.

According to reports published on Valentine’s Day by state newspapers, controversy swirled around the trial after Oklahoma City television station KWTV-9 posted a story dated Feb. 11 on their Web site. The story revealed the details of what was supposed to be a “sealed” decision by Judge Blalock, a decision that allowed certain statements to be admitted into evidence.

More here.

Hat-tip: Flying Hamster

Routing FUBAR: Pakistan Declares War on YouTube

Richard Stiennon writes on the ZDNet "Threat Chaos" Blog:

What could at first have been just one of those days on the Internet where some newbie engineer accidentally announces a spurious route and takes out a segment of the network has turned into an international fiasco. But no, Pakistan has ordered all ISP’s to block YouTube.

So an ISP in Pakistan decided to announce a route that would re-direct anyone trying to get to YouTube to some other site that probably hosted a warning about the blasphemous content. Results were predictable. YouTube itself disapeared from the Internet, and, I suspect that most of Pakistan is experiencing performance issues as they are receiving ALL of the YouTube requests from around the world. By 2:30 the Internet watch guards had alerted the backbone provider for Pakistan to filter out those malicious route announcements and alerted YouTube to announce more granular routes that would supercede the Pakistani routes, at least in the US.

As of this writing, 3:30 Eastern most of the rest of world can still not get to YouTube.

More here.

Note: It appears to have been just recently resolved. -ferg

White House Backtracks on Claims of Lost Intelligence

Josh Meyer writes in The Los Angeles Times:

A day after warning that potentially critical terrorism intelligence was being lost because Congress had not finished work on a controversial espionage law, the U.S. attorney general and the national intelligence director said Saturday that the government was receiving the information -- at least temporarily.

On Friday evening, Atty. Gen. Michael B. Mukasey and Director of National Intelligence J. Michael McConnell had said in an unusually blunt letter to Congress that the nation "is now more vulnerable to terrorist attack and other foreign threats" because lawmakers had not yet acted on the administration's proposal for the wiretapping law.

But within hours of sending that letter, administration officials told lawmakers on the House and Senate intelligence committees that they had prevailed upon all of the telecommunications companies to continue cooperating with the government's requests for information while negotiations with Congress continue.

More here.

Critical VMware Bug Lets Attackers Zap 'Real' Windows

Gregg Keizer writes on ComputerWorld:

A critical vulnerability in VMware Inc.'s virtualization software for Windows lets attackers escape the "guest" operating system and modify or add files to the underlying "host" OS, the company has acknowledged.

As of Sunday, there was no patch available for the flaw, which affects VMware's Windows client virtualization programs, including Workstation, Player and ACE. The company's virtual machine software for Windows servers, and for Mac- and Linux-based hosts, are not at risk.

The bug was reported by Core Security Technologies, makers of the penetration testing framework CORE IMPACT, said VMware in a security alert issued last Friday. "Exploitation of this vulnerability allows attackers to break out of an isolated Guest system to compromise the underlying Host system that controls it," claimed Core Security.

More here.

Over 1,000 Danish Websites Hacked Over Cartoon Row

Mohammed Aly Sergie writes on Emirates Business 24-7:

More than a 1,000 Danish websites have been infiltrated following a new controversy over the publication of a cartoon that insults Islam.

Meanwhile, on Friday prominent Muslim scholar Dr Yusuf Al Qaradawi called to boycott Danish goods and peacefully protest against the recent republication of cartoons ridiculing Prophet Mohammed (PBUH) in 17 Danish newspapers. However, businesses do not expect the issue to snowball as it did in 2006 when the cartoon row first came to light.

The hacker, calling himself United Arab Hackers and reportedly from Saudi Arabia, inundated online forums with exploits and links to infiltrated Danish sites. It seems the hits were indiscriminate – common factor being “.dk” at the end of the URL, which means the website is based in Denmark.

More here.

Hat-tip: Global Security News