Mark Fiore: Bear Flag Banana Republic
More Mark Fiore brilliance.
Via The San Francisco Chronicle.
More Mark Fiore brilliance.
Via The San Francisco Chronicle.
Cathy Young writes in The Weekly Standard:
Until last month, I had never heard of the Economic Forum, a Polish-run venture whose annual conference in the resort town of Krynica has been described in the European press as the gathering place for the political elites of Central and Eastern Europe. Then in late May, I found myself in attendance (as a panelist, unpaid except for travel reimbursement) at one of the group's smaller meetings: the fifth annual Europe-Russia Forum, held in Romania's capital. I was not quite sure what to expect from the event, whose Russian participants were mostly of the official or semi-official kind. What I got was a fascinating glimpse into Russia's continuing struggle to define its post-Communist identity and its prickly relationship with its former satellites.More here.
The conference venue added a touch of eerie symbolism. Bucharest is still haunted by the legacy of Nicolae Ceausescu, whose barbaric rule made Romania a hellhole even by the low standards of the Soviet bloc. The Europe-Russia Forum met in the building that is the most conspicuous legacy of his rule: the Palace of the Parliament, formerly the House of the People. Ceausescu had it built in his final years as both personal residence and seat of government, razing much of the city's historic district to make room for the gargantuan edifice. After his overthrow and execution, some wanted to dynamite it. Yet it still stands, a monument to megalomania and to the dark age from which this part of the world only recently emerged. Has a different kind of dark age descended on Russia? Most Russian speakers pooh-poohed the idea. At the opening session, Konstantin Simonov, president of the Russian Center for Current Politics--a think tank with strong Kremlin ties--introduced his report on Russia in 2008, which, he claimed, avoided the pitfalls of either a too-bleak or too-rosy picture.
His grounds for optimism included the fact that the war in Georgia had not led to a reimposition of the Iron Curtain or to wholesale militarization. (I was reminded of the old Soviet joke in which the pessimist says, "Things can't possibly get worse," while the optimist retorts, "Oh yes, they can!") In a deft balancing act, Simonov asserted that President Dmitry Medvedev was more "Western-oriented" than his predecessor (puppet master?) Vladimir Putin but also decried the "'good Medvedev, bad Putin' stereotype."
The Battle of Normandy was fought in 1944 between the German forces occupying Western Europe and the invading Allied forces as part of the larger conflict of World War II. Over sixty years later, the Normandy invasion, codenamed Operation Overlord, still remains the largest seaborne invasion in history, involving almost three million troops crossing the English Channel from England to Normandy in then German-occupied France.
The majority of the Allied forces were composed of American, British, Canadian, and French units. Other countries including Australia, Belgium, Czechoslovakia, Greece, the Netherlands, New Zealand, Norway, and Poland also took a major part.
The Normandy invasion began with overnight airborne paratrooper and glider landings, massive air attacks and naval bombardments, and an early morning amphibious assault on June 6, "D-Day". The battle for Normandy continued for more than two months, with campaigns to establish, expand, and eventually break out of the Allied beachheads. It concluded with the liberation of Paris and the fall of the Falaise Pocket.
Stephen Labaton writes in The New York Times:
Millions of households will lose television reception next week when about 1,000 broadcasters around the nation shut off their analog signals and complete their conversion to digital programming, federal officials say.More here.
The government has spent more than $2 billion to ease the transition to digital television, and in the last few months has cut in half the number of households that are unprepared for the final conversion on June 12. But the latest survey by the Nielsen Company indicates that as of the end of May, more than 10 percent of the 114 million households that have television sets are either completely or partly unprepared.
Kim Zetter writes on Threat Level:
Forget the new cyber security czar position that President Barack Obama announced last week.More here.
The real sign that the White House might be finally taking cyber security seriously came in an announcement on Friday that Jeff Moss, aka “Dark Tangent” and the former hacker behind the annual DefCon hacker confab in Las Vegas, has been appointed to the Department of Homeland Security’s Advisory Council (HSAC).
He was among 16 people sworn in to the council by Homeland Security Secretary Janet Napolitano. Former CIA Director William Webster and former FBI Director Louis Freeh are also on the council, which provides advice and recommendations to the secretary. Webster is the council chair.
Bob McMillan writes on PC World:
A Hampton, New Hampshire, man has pleaded guilty to fraud charges for his role in a scheme to empty brokerage accounts by installing malicious Trojan horse software on victims' computers.More here.
According to court documents, Alexey Mineev set up several "drop accounts" that were then wired funds stolen from banking and brokerage accounts between July and December 2007. He pleaded guilty to one count of money laundering on Wednesday, according to Mike Ruocco, deputy to Judge Paul Gardephe of the U.S. District Court for the Southern District of New York, who is presiding in the case.
The criminals would infect PCs with malicious Trojan software that would steal account numbers and passwords whenever victims logged into their accounts online. Authorities say that another conspirator, Alexander Bobnev, would e-mail Mineev screenshots of the hacked accounts showing how much money was being transferred into Mineev's drop account, along with instructions such as "Withdraw the money ... tomorrow."
Mineev would then move the cash, sometimes as much as US$10,000, to Russia, using services such as Western Union.
Carolyn Duffy Marsan writes on NetworkWorld:
Forget spam, viruses, worms, malware and phishing. These threats are apparently old school when compared to a new class of denial-of-service (DOS) attacks that threaten wireless data networks.More here.
The latest wireless network threats were outlined in a talk here Thursday by Krishan Sabnani, vice president of networking research at Bell Labs, at the Cyber Infrastructure Protection Conference at City College of New York.
Sabnani said the latest wireless data network threats are the result of inherent weaknesses in Mobile IP, a protocol that uses tunneling and complex network triangulation to allow mobile devices to move freely from one network to another.
Sabnani said the newest DOS attacks on wireless networks involve repeatedly establishing and releasing connections. These attacks are easy to launch and hard to detect, he added.
"One cable modem user with 500Kbps upload capacity can attack over 1 million mobile users simultaneously," he said.
J. Nicholas Hoover writes on InformationWeek:
The Air Force announced Thursday that Maj. Gen. Richard E. Webber would become the first commander of the Air Force's first numbered cyberwarfare component.More here.
The 24th Air Force, which will likely be based at Lackland Air Force Base in Texas, will focus exclusively on cyberwarfare as part of the larger Air Force Space Command. It will be a stripped-down version of the planned major command for cyberspace operations that had been headed up by Maj. Gen. William Lord, who was announced as the new Air Force CIO last month.
The Pentagon is reportedly setting up its own cybercommand that would include the National Security Agency and likely supersede earlier Air Force plans to be the hub of cyberwarfare for the U.S. military. It's unclear how this unit would work with the larger Pentagon-led cybercommand.
Ben Bain writes on FCW.com:
A senior House Democrat has introduced legislation that would kill the controversial National Applications Office (NAO), a Homeland Security Department-run program to make intelligence and military satellite imagery available to civilian agencies for domestic purposes.More here.
Rep. Jane Harman (D-Calif.), chairwoman of the Homeland Security Committee’s Intelligence, Information Sharing and Terrorism Risk Assessment Subcommittee, introduced a bill on June 4 that would require DHS to immediately close the NAO. She also introduced a measure, co-sponsored by Rep. Norman Dicks (D-Wash.), to prohibit DHS from spending any money on the NAO or any similar program.
Bush administration officials signed a charter to launch the office that would offer access to satellite imagery for homeland security, emergency response and possibly law enforcement purposes. NAO's charter gave the office no authority to accept requests to acquire or intercept communications, and DHS officials have said NAO would not do so.
However, privacy advocates worried the program could be used to spy on Americans and lawmakers who want more information on how the program will be run have fought the program’s advancement.
Adobe expects to deliver security updates for Adobe Reader and Acrobat versions 7.x, 8.x, and 9.x for Windows and Macintosh on Tuesday, June 9. This is the first quarterly security update for Adobe Reader and Acrobat as described in our May 20 blog post, and incorporates the initial output of code hardening efforts.More here.
Adobe considers this a critical update and recommends users be prepared to apply the update for their product installations. Details of where to download updates will be posted to Adobe’s Security Bulletins and Advisories support page on June 9.
Details regarding security updates for the UNIX platform will be communicated when available.
Ryan Naraine writes on the ZDNet "Zero Day" Blog:
A Webmail service that touts itself as hack-proof and offered $10,000 to anyone who could break into the CEO’s e-mail has lost the challenge.
A trio of hackers successfully compromised the e-mail using persistent cross-site scripting (XSS) vulnerability and are now claiming the bounty.
The hacking team of Aviv Raff, Lance James and Mike Bailey set up the attack by sending an e-mail to the company’s CEO Darren Berkovitz. When he opened the e-mail, the team exploited an XSS flaw to take control of the account.
Ryan Naraine writes on the ZDNet "Zero Day" Blog:
Microsoft plans to ship 10 security bulletins next Tuesday (June 9, 2009) with fixes for a wide range of code execution vulnerabilities affecting Windows, Microsoft Office and Internet Explorer. Six of the ten bulletins will be rated “critical,” Microsoft’s highest severity rating.More here.
This month’s batch of patches will not include a fix for the DirectShow vulnerability that’s currently being used in drive-by download attacks against Windows Media Player.
Brian Krebs writes on Security Fix:
In an unprecedented move, the Federal Trade Commission has taken legal steps to shut down a Web hosting provider in Northern California that the agency says was directly involved in managing massive global spam operations.More here.
Sometime on Tuesday, more than 15,000 Web sites connected to San Jose, Calif., based Triple Fiber Network (3FN.net) went dark. 3FN's sites were disconnected after a Northern California district court judge approved an FTC request to have the company's upstream Internet providers stop routing traffic for the provider.
In its civil complaint [.pdf], the FTC names 3FN and its various monikers, including Pricewert LLC -- the business entity named on the 3fn.net Web site registration records. The FTC alleges that Pricewert/3FN operates as a "'rogue' or 'black hat' Internet service provider that recruits, knowingly hosts, and actively participates in the distribution of illegal, malicious, and harmful content," including botnet control servers, child pornography and rogue antivirus products. 3FN also operates by the names APS Telecom and APX Telecom.
In an interview with Security Fix, FTC Chairman Jonathan Leibowitz said the agency's action targets one of the Web's worst actors.
"Anything bad on the Internet, they were involved in it," Leibowitz said. "We're very proud, because in one fell swoop we've gone after a big facilitator of some of the utterly worst conduct."
Dan Goodin writes on The Register:
Security experts have discovered a family of data-stealing trojans that have burrowed into automatic teller machines in Eastern Europe over the past 18 months.More here.
The malware logs the magnetic-stripe data and personal identification number of cards used at an infected machine and provides an intuitive interface for retrieving the information using the ATM's receipt printer, according to analysts from SpiderLabs, the research arm of security firm Trustwave. Since late 2007 or so, there have been at least 16 updates to the software, an indication that the authors are working hard to perfect their tool.
"They're following more of a rapid development lifecycle," Nicholas Percoco, vice president and head of SpiderLabs, told The Register. "They're seeing what works and putting out new versions."
SpiderLabs researchers delved into four of the more recent versions and what they found was a highly capable family malware written with professional standards. Once installed, it monitors the ATM's transaction message queue for track 2 data stored on inserted cards. If it contains data belonging to a banking customer, it logs it, along with the PIN code that was entered.
It comes as no surprise that political and civic activists in Russia experience harassment from police. Members of the opposition have long complained that they have been followed, detained as they travel by train, or even threatened by the militsiya. Yet the scope and systematic nature of such activities is just beginning to come to light.More here.
As it turns out, the Russian police are creating databases used to the track the movements of law-abiding citizens. The project is overseen by a new department for countering extremism within the Russian police, but often targeted at individuals for no reason other than their political views or activism.
Journalist Irina Borogan documents these “black lists” in the third in a series of articles documenting the government campaign to battle extremism and strengthen control over the public. The series is a joint project between the Yezhednevny Zhurnal online newspaper and the Agentura.ru web portal, which specializes in investigating Russia’s intelligence agencies.
Elisabeth Leamy writes for ABC News:
For years, crimes have followed the same age old mantra: wrong place at the wrong time. For someone to commit a crime against someone else, they had to be physically in the same area. But that's no longer the case; it's now easier than ever to be victim of a crime, particularly identity theft, without even realizing it.More here.
Identity thieves snatch tens of billions dollars a year through credit card fraud, either outright, or by selling your card information to other crooks across the globe. The perpetrators come from a loosely organized international underworld working beyond the reach of the law and without limits.
"They can sit in an apartment in Kiev ... and steal your identity and you're going to be in a world of hurt," said Dan Clements, founder of Card Cops, a company that has been tracking hackers who buy and sell people's identities. "They blatantly ... trade credit cards. They trade social security numbers. They trade debit card pin numbers."
A Xinhua newswire article, via Enterprise Security Today, reports that:
Chinese police have detained four suspects for online hacking activities which eventually led to temporary but widespread failure of Internet access in China on May 19, the Ministry of Public Security said Tuesday.More here.
The ministry said the suspects were detained on May 29 following police investigations in Jiangsu, Zhejiang and Guangdong provinces.
Giving no more details than surnames of two suspects, Xu and Wang, the ministry said the suspects allegedly launched a Distributed Denial of Service (DDoS) attack against the servers of DNSPod, a Chinese DNS (domain name system) provider and domain registrar.
"This week much of the world remembers the Tiananmen Square massacre from twenty years ago. Unfortunately this remembrance will not take place where it matters most: in China itself."
- Will Inboden, writing in the Foreign Policy "Shadow Government" Blog.
Joby Warwick writes on The Washington Post:
A U.S. document containing sensitive details about hundreds of civilian nuclear sites across the country was posted online Monday, an apparently inadvertent security breach that had federal officials scrambling yesterday to remedy the mistake.More here.
The document, a draft declaration of U.S. nuclear facilities to the U.N. nuclear watchdog agency, contained descriptions of sensitive civilian sites, including the locations of facilities that store enriched uranium and other materials used in nuclear weapons. It was available for about a day on a Government Printing Office Web site before inquiries by news organizations prompted its hasty removal.
Nuclear experts said it was theoretically possible that the document could benefit terrorists contemplating an attack on one of the facilities. Still, because the information was unclassified and most of it is publicly available through other sources, the release generally was deemed more embarrassing than harmful.
"It is probably not that dangerous, but it is a violation of the law," said David Albright, a former U.N. nuclear inspector and president the Institute for Science and International Security, a nonprofit research group in Washington. "You don't want this information out there, any more than you would want a thief to know the location of a vault in your house."
David Kravets writes on Threat Level:
A federal judge on Wednesday dismissed lawsuits targeting the nation’s telecommunication companies for their participation in President George W. Bush’s once-secret electronic eavesdropping program.More here.
In his ruling, U.S. District Judge Vaughn Walker upheld summer legislation protecting the companies from the lawsuits. The legislation, which then-Sen. Barack Obama voted for, also granted the government the authority to monitor American’s telecommunications without warrants if the subject was communicating with somebody overseas suspected of terrorism.
Bush acknowledged the so-called Terror Surveillance Program in December 2005, and claimed as chief executive, his war powers gave him the authority to spy without court authorization.
Walker’s decision [.pdf], if it survives, ends more than three years of litigation accusing the nation’s carriers of funneling Americans’ electronic communications to the Bush administration without warrants in the aftermath of the Sept. 11, 2001 terror attacks. The ruling also means that the public may never know how the Bush White House coaxed the telecoms to participate in the program without court warrants, as the Electronic Frontier Foundation alleged in a lawsuit lodged in federal court here three years ago.
NIST announces the release of the final public draft of Special Publication 800-53, Revision 3, Recommended Security Controls for Federal Information Systems and Organizations [pdf]. The final public draft of Special Publication 800-53, Revision 3, is historic in nature. For the first time, and as part of the ongoing initiative to develop a unified information security framework for the federal government and its contractors, NIST has included security controls in its catalog for both national security and non national security systems. The updated security control catalog incorporates best practices in information security from the United States Department of Defense, Intelligence Community, and Civil agencies, to produce the most broad-based and comprehensive set of safeguards and countermeasures ever developed for information systems.
The standardized set of management, operational, and technical controls provide a common specification language for information security for federal information systems processing, storing, and transmitting both national security and non national security information. The revised security control catalog also includes state-of-the-practice safeguards and countermeasures needed by organizations to address advanced cyber threats capable of exploiting vulnerabilities in federal information systems. The important changes in Special Publication 800-53, Revision 3 are part of a larger strategic initiative to focus on enterprise-wide, near real-time risk management; that is, managing risks from information systems in dynamic environments of operation that can adversely affect organizational operations and assets, individuals, other organizations, and the Nation. The final publication of Special Publication 800-53, Revision 3 is targeted for July 31, 2009. Comments will be accepted until June 30, 2009 and should be sent to email@example.com
An AP newswire article by Lolita C. Baldor , via MSNBC.com, reports that:
In the murky world of computer espionage, the United States faces hard choices on how to retaliate when government or privately owned networks come under cyber attack, senior military and intelligence officials said Tuesday.More here.
As the administration grapples with how best to defend its computer networks, debate is raging over how far the United States can go in pursuit of cybercriminals, and even what constitutes a digital act of war.
The most immediate challenge is to identify the hacker, terrorist or enemy nation that launched the attack in vast and anonymous cyberspace, officials said.
That hurdle is complicated by privacy debates over how deeply the government can wade into privately owned systems to investigate threats, and how it should handle attacks against a company, as opposed to a federal agency.
Andy Greenberg writes on Forbes.com:
For years, profit-motivated cybercrime has been exploiting the geographic flexibility of the Internet, migrating from the U.S. and Western Europe to Eastern Europe and Asia, where digital crimes are equally lucrative and far harder to prosecute. But over the last year, U.S. law enforcement has been increasingly willing to follow cybercriminals to those far-flung destinations, both to help local authorities track down and arrest cybercriminals and to extradite them into the American legal system.More here.
Though the U.S. Department of Justice doesn't track cybercrime statistics--domestic or international--department officials insist the number of computer crime prosecutions that reach beyond U.S. borders is on the rise. "Unquestionably, we're seeing an increase in the international cases of cybercrime and intellectual property crime," says John Lynch, the deputy chief of the Department of Justice's Computer Crime and Intellectual Property Section (CCIPS). "As a result, we're increasingly cooperating with our international partners."
"Most soldiers know: There’s stupid, and then there’s Army stupid."
- Tony Lombardo, writing in The Army Times. As a former U.S. Army Non-Commissioned Officer (NCO), I can attest to this fact. - ferg
Stuart Fox writes on PopSci.com:
After a year of alarm and hype, cybersecurity has finally made it to the top of the Obama administration's to-do list. President Obama, introducing a new report on U.S. cybersecurity in a speech on Friday, said cybersecurity represents "one of the most serious economic and national security challenges we face as a nation." The White House has even produced a web video and blog to help sell the new initiative.More here.
However, while many experts applaud this new focus as vital to protecting critical U.S. infrastructure and economic institutions, some analysts have noted that the report fails to answer many key questions, contains a number of inconsistencies and possible inaccuracies, and generally exaggerates the threat to the country.
"It's a plan for a plan," said O. Sami Saydjari, chairman of the Professionals for Cyber Defense. "Given how bureaucracies work, they tend not to come up with bold plans in 60 days. The hard problems have yet to be grappled with."
Other analysts have gone much further in their criticisms of the report. George Smith, a senior fellow at Globalsecurity.org, said "it's set up to look remarkable, but it's only remarkable because it has an urban legend at the center of it." Smith was referring to a section in the report that repeats a questionable CIA claim about an Internet-based attack causing a multi-city blackout. While that may be far-fetched, online attacks has indeed played an important strategic role in recent conflicts, most notably in Russia's skirmish with Georgia in South Ossetia.
As of Monday, June 1, 2009, at least 4,307 members of the U.S. military had died in the Iraq war since it began in March 2003, according to an Associated Press count.More here and here.
The figure includes nine military civilians killed in action. At least 3,448 military personnel died as a result of hostile action, according to the military's numbers.
The AP count is two more than the Defense Department's tally, last updated Monday at 10 a.m. EDT.
As of Monday, June 1, 2009, at least 618 members of the U.S. military had died in Afghanistan, Pakistan and Uzbekistan as a result of the U.S. invasion of Afghanistan in late 2001, according to the Defense Department. The department last updated its figures Monday at 10 a.m. EDT.
Of those, the military reports 460 were killed by hostile action.
Rob Lemos writes on SecurityFocus:
The National Institute of Standards and Technology (NIST) delivered an update on Monday to the United States' electronic voting standards, adding more requirements to test systems for accuracy and reliability and additional rules to make paper audit trails easier to review.More here.
The draft revision, known as the Voluntary Voting System Guidelines (VVSG) version 1.1, adds more stringent recommendations for testing and auditing as well as requirements that election software and updates be digitally signed and improved ease-of-use for poll workers. The U.S. Election Assistance Commission (EAC) announced on Monday that the draft revision will be available for public comment for the next 120 days.
Dan Kaplan writes SC Magazine US:
Apple on Monday released an updated version of its popular QuickTime software.More here.
Version 7.6.2 closes 10 vulnerabilities, all of which could have been exploited to execute arbitrary code, according to an advisory. Attackers would have spread their exploits by persuading users into opening maliciously crafted movie files or images.
Apple on Monday also delivered the latest update to iTunes, according to a second advisory. Version 8.2 patches for one vulnerability, a stack buffer overflow issue that could be exploited if a user visits a malicious website.
By Mike Keefe, The Denver Post. Via Truthdig.com.
Amy Gardner writes in The Washington Post:
This part happens all the time: A construction crew putting up an office building in the heart of Tysons Corner a few years ago hit a fiber optic cable no one knew was there.More here.
This part doesn't: Within moments, three black sport-utility vehicles drove up, a half-dozen men in suits jumped out and one said, "You just hit our line."
Whose line, you may ask? The guys in suits didn't say, recalled Aaron Georgelas, whose company, the Georgelas Group, was developing the Greensboro Corporate Center on Spring Hill Road. But Georgelas assumed that he was dealing with the federal government and that the cable in question was "black" wire -- a secure communications line used for some of the nation's most secretive intelligence-gathering operations.
"The construction manager was shocked," Georgelas recalled. "He had never seen a line get cut and people show up within seconds. Usually you've got to figure out whose line it is. To garner that kind of response that quickly was amazing."
Black wire is one of the looming perils of the massive construction that has come to Tysons, where miles and miles of secure lines are thought to serve such nearby agencies as the Office of the Director of National Intelligence, the National Counterterrorism Center and, a few miles away in McLean, the Central Intelligence Agency. After decades spent cutting through red tape to begin work on a Metrorail extension and the widening of the Capital Beltway, crews are now stirring up tons of dirt where the black lines are located.