Spy Drones Will Monitor U.K. Citizens
Camera-equipped drones, developed by the British military for use in war, will be used in England to keep an eye on civilians from the sky, officials say.
Police in Kent and Essex counties plan to start using them in 2012 for routine monitoring of motorists, protesters, agricultural thieves and illegal dumping, The Daily Telegraph reported Saturday.
Collaboration between the police departments and BAE Systems, maker of the drones, began in 2007, the Telegraph said.
A prototype for police use is expected to fly this year. Its high-resolution cameras can capture images from 20,000 feet.
Image of the Day: Motif of Conan O'Brien in Cheetos
In celebration -- and sadness -- of Coco's last Tonight Show.
In Passing: Jean Simmons
Cyber Crooks Cooked the Books at Florida Library
Jan. 7, 2010 was a typical sunny Thursday morning at the Delray Beach Public Library in coastal Florida, aside from one, ominous dark cloud on the horizon: It was the first time in as long as anyone could remember that the books simply weren’t checking out.
Sure, patrons were still able to borrow tomes in the usual way — by presenting their library cards. The trouble was, none of the staff could figure out how or why nearly $160,000 had disappeared from their bank ledgers virtually overnight. The money was sent in sub-$10,000 chunks to some 16 new employees that had been added to the usual outgoing direct deposit payroll.
80% of U.S. Government Web Sites Miss DNS Security Deadline
Carolyn Duffy Marsan writes on NetworkWorld:
Most U.S. federal agencies -- including the Department of Homeland Security -- have failed to comply with a Dec. 31, 2009, deadline to deploy new authentication mechanisms on their Web sites that would prevent hackers from hijacking Web traffic and redirecting it to bogus sites.
Agencies were required to roll out an extra layer of security on their .gov Web sites under an Office of Management and Budget mandate issued in August 2008, although at least one expert calls that yearend deadline "a little aggressive."
Aggressive or not, independent monitoring indicates that only 20% of agencies show signs of deploying this new security mechanism, which is called DNS Security Extensions, or DNSSEC for short.
Mark Fiore: Aid Quake
More Mark Fiore brilliance.
Via The San Francisco Chronicle.
Aurora Attack Malware Components May Be Four Years Old
Dennis Fisher writes on Threatpost.com:
Although the first known attacks using the Aurora malware that compromised Google weren't discovered until late last year, some parts of the malware codebase has been in existence in China for nearly four years, raising questions about how many other attacks it might have been used in during that time frame.
Researcher Joe Stewart of SecureWorks in Atlanta analyzed the Aurora codebase in great detail and found that several components of the malware were written in mid-2006, more than three years before the attacks on Google, Adobe and others were first discovered. The Aurora codebase comprises several discrete modules that each perform separate tasks during the exploitation, installation and remote-control process. Stewart said that although the Aurora malware itself isn't necessarily the most advanced attack tool, the authors, as well as the attackers who used it, knew what they were doing.
"I'd say it's of average sophistication for this kind of Trojan backdoor these days. It's not of any staggering technical complexity," Stewart said in an interview. "But the attackers did some things right. They used the code sparingly in highly targeted attacks, they didn't just use something off the shelf and they didn't pack and encrypt the binaries, because that looks suspicious. Using custom code was a smart move."
Microsoft to Issue Emergency IE Patch Thursday
Gregg Keizer writes on ComputerWorld:
Microsoft will release its emergency patch for Internet Explorer (IE) on Thursday, the company said today as it also admitted that attacks can be hidden inside rigged Office documents.
"We are planning to release the update as close to 10:00 a.m. PST as possible," Jerry Bryant, a program manager with the IE group, said in an entry on the Microsoft Security Response Center (MSRC) blog.
Yesterday, Microsoft confirmed speculation that it would issue an "out-of-band" update for the IE vulnerability, but postponed specifying a ship date until today.
China's Baidu Sues U.S. Domain Registrar After Hack
Owen Fletcher writes on PC World:
Top Chinese search engine Baidu.com has sued its U.S. domain registrar over a hack that took down the Web site, alleging negligence by the U.S. company, Baidu said Wednesday.Link
Users had trouble accessing Baidu.com for several hours last week after the company's domain name server in the U.S. was tampered with. The Iranian Cyber Army, the same group that took down Twitter last month, also appeared to be behind the attack on Baidu.
Baidu's lawsuit, filed in a court in New York, seeks related damages and alleges "gross negligence" by Register.com led to the service disruption, Baidu said in a statement. Baidu only said Baidu.com was hit by the outage, and that mirror site Baidu.com.cn had not been affected. Domain service providers including Register.com provide the setup needed to take Internet users to the correct Web site when they type a domain name like Baidu.com.
No one at Register.com was available to comment.
'Aurora' Exploit Retooled To Bypass Internet Explorer's DEP Security
Kelly Jackson Higgins writes on Dark Reading:
Security experts' worst fears about the Internet Explorer exploit used to hack Google and others has been realized: It can be retooled to beat IE's best defense, the Data Execution Protection (DEP) feature.
Chaouki Bekrar, CETO of VUPEN Security, says his team was able to bypass DEP on IE8 and execute arbitrary code. "We first used this technique a few weeks ago when we exploited another IEb8 vulnerability [that was] fixed with MS09-072," Bekrar says. He says VUPEN has sent its exploit code to Microsoft for review. IDS, IPS, and antivirus vendors also were given access to it via the company's vulnerability analysis service.
DEP is one of the key defenses against the original Aurora exploit code, which to date has been threatening only IE 6 users in the wild after being released in the wake of the recent hacks of Google and other firms.
Hundreds of Network Solutions-Hosted Sites Hacked
Web site domain registrar and hosting provider Network Solutions acknowledged Tuesday that hackers had broken into its servers and defaced hundreds of customer Web sites.
The hackers appear to have replaced each site’s home page with anti-Israeli sentiments and pictures of masked militants and armed with rocket launchers and rifles, along with the message “HaCKed by CWkomando.”
According to results for that search term entered into Microsoft’s Bing search engine, there may in fact be thousands of sites affected by this mass defacement.
One of the defaced pages belonged to Minnesota’s 8th District GOP, according to a story in The Minnesota Independent, which said the Arabic writing that accompanies the defaced pages contains the dedication “For Palestine,” and the repeated phrase “Allahu Akbar” [God is great].
FBI Broke Law For Years in Phone Record Searches
John Solomon and Carrie Johnson write in The Washington Post:
The FBI illegally collected more than 2,000 U.S. telephone call records between 2002 and 2006 by invoking terrorism emergencies that did not exist or simply persuading phone companies to provide records, according to internal bureau memos and interviews. FBI officials issued approvals after the fact to justify their actions.
E-mails obtained by The Washington Post detail how counterterrorism officials inside FBI headquarters did not follow their own procedures that were put in place to protect civil liberties. The stream of urgent requests for phone records also overwhelmed the FBI communications analysis unit with work that ultimately was not connected to imminent threats.
A Justice Department inspector general's report due out this month is expected to conclude that the FBI frequently violated the law with its emergency requests, bureau officials confirmed.
Evidence Found for Chinese Attack on Google
John Markoff writes on The New York Times:
An American computer security researcher has found what he says he believes is strong evidence of the digital fingerprints of Chinese authors in the software programs used in attacks against Google.
In the week since the announcement, several private computer security companies have made claims supporting Google’s suspicions, but the evidence has remained circumstantial.
Now, by analyzing the software used in the break-ins against Google and dozens of other companies, Joe Stewart, a malware specialist with the SecureWorks, a computer security company based in Atlanta, said he determined the main program used in the attack contained a module based on an unusual algorithm from a Chinese-authored technical paper that has been published exclusively on Chinese-language Web sites.
Microsoft Promises 'Out of Ban' Emergency IE Patch
Gregg Keizer writes on ComputerWorld:
Microsoft today announced that it will issue an emergency security update for Internet Explorer (IE), but postponed setting a ship date for the fix until tomorrow.
"Given the significant level of attention this issue has generated, confusion about what customers can do to protect themselves and the escalating threat environment, Microsoft will release a security update out-of-band for this vulnerability," said George Stathakopoulos, general manager of the Trustworthy Computing Security group, in an entry on the Microsoft Security Response Center (MSRC) blog.
"We take the decision to go out-of-band very seriously, given the impact to customers, but we believe releasing an update out-of-band update is the right decision at this time," Stathakopoulos said.
Software Firms Fear Hackers Who Leave No Trace
John Markoff and Ashlee Vance write on The New York Times:
The crown jewels of Google, Cisco Systems or any other technology company are the millions of lines of programming instructions, known as source code, that make its products run.
If hackers could steal those key instructions and copy them, they could easily dull the company’s competitive edge in the marketplace. More insidiously, if attackers were able to make subtle, undetected changes to that code, they could essentially give themselves secret access to everything the company and its customers did with the software.
The fear of someone building such a back door, known as a Trojan horse, and using it to conduct continual spying is why companies and security experts were so alarmed by Google’s disclosure last week that hackers based in China had stolen some of its intellectual property and had conducted similar assaults on more than two dozen other companies.
Hackers Wield Newest IE Exploit in Drive-By Attacks
Gregg Keizer writes on ComputerWorld:
Hackers are attacking consumers with an exploit of Internet Explorer (IE) that was allegedly used last month by the Chinese to break into Google's corporate network, a security company said Monday.
That news came on the heels of warnings by the information security agencies of the French and German governments, which recommended that IE users switch to an alternate browser, such as Firefox, Chrome, Safari or Opera, until Microsoft fixes the flaw.
In a Monday alert Websense said it identified "limited public use" of the unpatched IE vulnerability in drive-by attacks against users who strayed onto malicious Web sites. The site Websense cited in its warned has since been yanked from its hosting server.
Foreign Journalists' Gmail Hijacked in China
Brian Prince writes on eWeek:
An association of journalists based in Beijing said reporters have recently had their Google Gmail accounts hijacked.
In a statement, the Foreign Correspondents' Club of China (FCCC) stopped short of accusing the Chinese government or any other entity of taking part in the hijacking, but warned members to be mindful of security.
“Foreign correspondents in a few bureaus in Beijing have recently discovered that their Gmail accounts had been hijacked,” the group said. “Their emails were being forwarded to a stranger’s address.”
When Google first announced Jan. 12 that it had been the victim of a cyber-attack, it noted there had also been repeated attempts to access Gmail accounts belonging to Chinese human rights activists.
Poisoned PDF Pill Used to Attack U.S. Military Contractors
John Leyden writes on The Register:
Unidentified hackers are running an ongoing cyber-espionage attack targeting US military contractors.
Booby-trapped PDF files, posing as messages from the US Department of Defense, were emailed to US defence contractors last week. The document refers to a real conference due to be held in Las Vegas in March.
Opening the malicious PDF file attached to the spoofed emails triggers an attempt to exploit an Adobe Reader vulnerability only patched by the software firm last Tuesday (12 January).
The infection of vulnerable systems opens up a backdoor that connects to a server hosted in Taiwan, though the hackers who set up the attack may potentially be located anywhere.
It's Not Just a Holiday: 'I'm Not Fearing Any Man'
Dr. Martin Luther King, Jr.
A great man:
Well, I don't know what will happen now. We've got some difficult days ahead. But it doesn't matter with me now. Because I've been to the mountaintop. And I don't mind. Like anybody, I would like to live a long life. Longevity has its place. But I'm not concerned about that now. I just want to do God's will. And He's allowed me to go up to the mountain. And I've looked over. And I've seen the promised land. I may not get there with you. But I want you to know tonight, that we, as a people will get to the promised land. And I'm happy, tonight. I'm not worried about anything. I'm not fearing any man. Mine eyes have seen the glory of the coming of the Lord.
Today we celebrate the birth - and life - of Dr. King, a man of conviction, and a role model for us all.
It's not "just a holiday" or a day off from work - it's an opportunity for us all to reflect on who we are, the content of our own individual character, and a moment to reflect on the depths (of lack) of truth in our own convictions, beliefs, and compassion for our fellow man, and our ability to act upon them.
I am not a religious man, personally, but don't squander the opportunity to reflect on the importance of Dr. King's words, deeds, and impact on the world around us.
His words are universal and still relevant in these troubled times.- ferg
Networks, Intrusions, Compromises: The Lock That Says 'Pick Me'
Steve Lohr writes in The New York Times:
The recent computer attacks on the mighty Google left every corporate network in the world looking a little less safe.
Google’s confrontation with China — over government censorship in general and specific attacks on its systems — is an exceptional case, of course, extending to human rights and international politics as well as high-tech spying. But the intrusion into Google’s computers and related attacks from within China on some 30 other companies point to the rising sophistication of such assaults and the vulnerability of even the best defenses, security experts say.
“The Google case shines a bright light on what can be done in terms of spying and getting into corporate networks,” said Edward M. Stroz, a former high-tech crime agent with the F.B.I. who now heads a computer security investigation firm in New York.
Computer security is an ever-escalating competition between so-called black-hat attackers and white-hat defenders. One of the attackers’ main tools is malicious software, known as malware, which has steadily evolved in recent years. Malware was once mainly viruses and worms, digital pests that gummed up and sometimes damaged personal computers and networks.
It's Official: NY Jets Advance to AFC Championship Game
Rookie NY Jets Quarterback, Mark SanchezAwesome!
My New York Jets managed to beat
the San Diego Chargers, so they will be going to Indianapolis to play the Colts next Sunday.J-E-T-S, Jets, Jets, Jets!
Fingers crossed for next Sunday's game!- ferg
Indian Security Chief: China Tried to Hack Our Computers
Richard Beeston and Jeremy Page write on The Times Online:
Chinese hackers are believed to have attempted to penetrate India’s most sensitive government office in the latest sign of rising tensions between the two rival Asian powers, The Times has learnt.
M. K. Narayanan, India’s National Security Adviser, said his office and other government departments were targeted on December 15, the same date that US companies reported cyber attacks from China.
“This was not the first instance of an attempt to hack into our computers,” Mr Narayanan told The Times in a rare interview.
He said that the attack came in the form of an e-mail with a PDF attachment containing a “Trojan” virus, which allows a hacker to access a computer remotely and download or delete files. The virus was detected and officials were told not to log on until it was eliminated, he said.