Sunday, January 31, 2010

NY Times: Britain Warned Businesses of Threat of Chinese Spying

British business executives dealing with China were given a formal warning more than a year ago by Britain’s security service, MI5, that Chinese intelligence agencies were engaged in a wide-ranging effort to hack into British companies’ computers and to blackmail British businesspeople over sexual relationships and other improprieties, according to people familiar with the MI5 document. ... The warning, in a 14-page document titled “The Threat from Chinese Espionage,” was prepared in 2008 by MI5’s Center for the Protection of National Infrastructure, and distributed in what security officials described as a “restricted” form to hundreds of British banks and other financial institutions and businesses. The document followed public warnings from senior MI5 officials that China posed “one of the most significant espionage threats” to Britain.

Read more ..
.

Zero-Days — The CyberCriminal's New Favorite Tool

Ever wonder how cybercriminals are able to bypass corporate firewalls and all those anti-virus anti-malware "solutions" that just don't seem to be as effective as they used to? Zero-days are computer programs that the cybercriminal runs on a victim's computer that takes advantage of bugs [flaws] in programs on the user's computer. A story on localtechwire describes the thriving black market for zero-days. The article quotes Ken Silva, chief technology officer of VeriSign Inc., that zero-days are so valuable that they can sell for hundreds of thousands of dollars.

Friday, January 29, 2010

Brian Krebs: Simmering Over a ‘Cyber Cold War’

New reports released this week on recent, high-profile data breaches make the compelling case that a simmering Cold War-style cyber arms race has emerged between the United States and China.

Read more ...

Tuesday, January 26, 2010

Texas Bank Sues Customer Hit by $800,000 Cyber Heist

KrebsOnSecurity.com: A machine equipment company in Texas is tussling with its bank after organized crooks swiped more than $800,000 in a 48-hour cyber heist late last year. While many companies similarly victimized over the past year have sued their banks for having inadequate security protection, this case is unusual because the bank is preemptively suing the victim.

Read more at KrebsOnSecurity.com ...

PC World: PlayStation 3 Hack Released Online

Days after announcing he'd managed to hack Sony's PlayStation 3 console to run his own software George Hotz has released the exploit online. Hotz, who is best known for cracking Apple's iPhone, said in a blog posting that he had decided to release the exploit to see what others could do with it and because he wanted to move on to other work.

Read more ...

Monday, January 25, 2010

Brian Krebs: A Peek Inside the ‘Eleonore’ Browser Exploit Kit

If you happen to stumble upon a Web site that freaks out your anti-virus program, chances are good that the page you’ve visited is part of a malicious or hacked site that has been outfitted with what’s known as an “exploit pack.” These are pre-packaged kits designed to probe the visitor’s browser for known security vulnerabilities, and then use the first one found as a vehicle to silently install malicious software.

Read more ...

NY Times: In Digital Combat, U.S. Finds No Easy Deterrent

WASHINGTON — On a Monday morning earlier this month, top Pentagon leaders gathered to simulate how they would respond to a sophisticated cyberattack aimed at paralyzing the nation’s power grids, its communications systems or its financial networks.... The results were dispiriting. The enemy had all the advantages: stealth, anonymity and unpredictability. No one could pinpoint the country from which the attack came, so there was no effective way to deter further damage by threatening retaliation. What’s more, the military commanders noted that they even lacked the legal authority to respond — especially because it was never clear if the attack was an act of vandalism, an attempt at commercial theft or a state-sponsored effort to cripple the United States, perhaps as a prelude to a conventional war.

Read more ...

Saturday, January 23, 2010

Brian Krebs: Adobe Ships Critical Shockwave Update

Last week, Adobe Systems Inc. shipped critical security updates for its PDF Reader software. Now comes an update that fixes at least two critical flaws in Adobe’s Shockwave Player, a commonly installed multimedia player.

Read more ...

Friday, January 22, 2010

Brian Krebs: Cyber Crooks Cooked the Books at Fla. Library

Jan. 7, 2010 was a typical sunny Thursday morning at the Delray Beach Public Library in coastal Florida, aside from one, ominous dark cloud on the horizon: It was the first time in as long as anyone could remember that the books simply weren’t checking out.

Sure, patrons were still able to borrow tomes in the usual way — by presenting their library cards. The trouble was, none of the staff could figure out how or why nearly $160,000 had disappeared from their bank ledgers virtually overnight. The money was sent in sub-$10,000 chunks to some 16 new employees that had been added to the usual outgoing direct deposit payroll.

Read more ...

CSO Online: Botnets: "The Democratization of Espionage"

The cyber attacks against Google, Adobe and a raft of other top U.S. corporations late last year were by most accounts sophisticated and targeted attempts to steal proprietary data. But lost in all of the resulting media hoopla over who the remaining victims were and whether Chinese hackers or indeed the Chinese government itself were responsible is the simple, terrifying truth that individual hackers now have access to the same arsenal of cyber weapons once reserved only for nation states.

Read more ...

The Biz Coach: How to Protect Yourself from the Internet Crime Wave

Thanks to my friend and colleague Terry Corbell for publishing this interview on his web site. Terry is Seattle's "Biz Coach" and he publishes a wealth of valuable business information on his web site. Read his blog post ...

Thursday, January 21, 2010

FTC Says Mortgage Broker Broke Data Security Laws: Dumpster Wrong Place for Consumers’ Personal Information

FTC: The Federal Trade Commission has charged a mortgage broker with discarding consumers’ tax returns, credit reports, and other sensitive personal and financial information in an unsecured dumpster, in violation of federal law.

Read more ...

Brian Krebs: Microsoft Issues Emergency Fix for IE Flaw

Microsoft has issued an emergency security update to plug a critical hole in its Internet Explorer Web browser. The IE bug is the same flaw that is being blamed in part for fueling a spate of recent break-ins at Fortune 100 companies, including Google and Adobe.

Read more ...

Wednesday, January 20, 2010

NY Times: The 3 Facebook Settings Every User Should Check Now

In December, Facebook made a series of bold and controversial changes regarding the nature of its users' privacy on the social networking site. The company once known for protecting privacy to the point of exclusivity (it began its days as a network for college kids only - no one else even had access), now seemingly wants to compete with more open social networks like the microblogging media darling Twitter.

Read more ...

NY Times: If Your Password Is 123456, Just Make It HackMe

Back at the dawn of the Web, the most popular account password was “12345.” ...Today, it’s one digit longer but hardly safer: “123456.” ... Despite all the reports of Internet security breaches over the years, including the recent attacks on Google’s e-mail service, many people have reacted to the break-ins with a shrug. ...According to a new analysis, one out of five Web users still decides to leave the digital equivalent of a key under the doormat: they choose a simple, easily guessed password like “abc123,” “iloveyou” or even “password” to protect their data.

Read more ...

Tuesday, January 19, 2010

NY Times: Fearing Hackers Who Leave No Trace

MOUNTAIN VIEW, Calif. — The crown jewels of Google, Cisco Systems or any other technology company are the millions of lines of programming instructions, known as source code, that make its products run. ... If hackers could steal those key instructions and copy them, they could easily dull the company’s competitive edge in the marketplace. More insidiously, if attackers were able to make subtle, undetected changes to that code, they could essentially give themselves secret access to everything the company and its customers did with the software.

Read more ...

Monday, January 18, 2010

FoxNews: Google Hack Leaked to Internet; Security Experts Urge Vigilance

The code that was used to hack Gmail accounts in China is now publicly available on the Internet, and security experts are urging computer users throughout the world to be highly vigilant until a patch can be developed. ... The hack involves Internet Explorer 6, the browser that came with the Windows XP operating system that, while outdated, still powers millions of businesses and home computers and is now dangerously compromised.

Read more ...

Sunday, January 17, 2010

NY Times: Companies Fight Endless War Against Computer Attacks

The recent computer attacks on the mighty Google left every corporate network in the world looking a little less safe. ... Google’s confrontation with China — over government censorship in general and specific attacks on its systems — is an exceptional case, of course, extending to human rights and international politics as well as high-tech spying. But the intrusion into Google’s computers and related attacks from within China on some 30 other companies point to the rising sophistication of such assaults and the vulnerability of even the best defenses, security experts say.

Read more ...

Saturday, January 16, 2010

Washington Post: U.S. plans to issue official protest to China over attack on Google

The United States will issue an official protest to the Chinese government over a major espionage attack targeting Google's computer systems and rights activists' e-mail accounts that the search-engine giant said originated in China.

Read more ...

Friday, January 15, 2010

NY Times: McAfee Says Microsoft Flaw Was a Factor in Cyberattacks

McAfee, the big security software maker, has been investigating the China-based cyberattacks that prompted Google to threaten to pull out of China altogether. ... In a blog post on Thursday afternoon, McAfee said that after examining the malicious software code used in the attacks, it believes a vulnerability in Microsoft’s Internet Explorer browser was an important pathway for the attacks, which were directed at Google and more than 30 other companies:

These attacks will look like they come from a trusted source, leading the target to fall for the trap and clicking a link or file. That’s when the exploitation takes place, using the vulnerability in Microsoft’s Internet Explorer.

Once the malware is downloaded and installed, it opens a back door that allows the attacker to perform reconnaissance and gain complete control over the compromised system. The attacker can now identify high value targets and start to siphon off valuable data from the company.

Read more ...

BBC: Cybercriminals revive old scams to target smartphones

As mobile phones get more sophisticated, hi-tech criminals are dusting off some old tricks. ... Security companies have noticed a rise in trojans known as dialers that used to be popular during the days of dial-up net access. ... On a smartphone the dialers are being used to call premium rate lines leaving victims with a big bill.

Read more ...


Thanks to Terry Corbell for this

Thursday, January 14, 2010

NY Times: After Google’s Stand on China, U.S. Treads Lightly

Last month, when Google engineers at their sprawling campus in Silicon Valley began to suspect that Chinese intruders were breaking into private Gmail accounts, the company began a secret counteroffensive. ... It managed to gain access to a computer in Taiwan that it suspected of being the source of the attacks. Peering inside that machine, company engineers actually saw evidence of the aftermath of the attacks, not only at Google, but also at at least 33 other companies, including Adobe Systems, Northrop Grumman and Juniper Networks, according to a government consultant who has spoken with the investigators.

Read more ...

Washington Post: Google China cyberattack part of vast espionage campaign, experts say

Computer attacks on Google that the search giant said originated in China were part of a concerted political and corporate espionage effort that exploited security flaws in e-mail attachments to sneak into the networks of major financial, defense and technology companies and research institutions in the United States, security experts said.... At least 34 companies -- including Yahoo, Symantec, Adobe, Northrop Grumman and Dow Chemical -- were attacked, according to congressional and industry sources. Google, which disclosed on Tuesday that hackers had penetrated the Gmail accounts of Chinese human rights advocates in the United States, Europe and China, threatened to shutter its operations in the country as a result.

Read more ...

Wednesday, January 13, 2010

Brian Krebs: Microsoft, Adobe Issue Security Updates

Microsoft and Adobe Systems each issued security updates on Tuesday. Redmond released a single patch to plug a flaw that’s not terribly scary, unless you happen to be running Windows 2000. Adobe’s patch bundle, however, covers at least eight critical security flaws, including one that hackers have been exploiting in targeted attacks of late.

Read more ...

Tuesday, January 12, 2010

NY Times: Google Threatens Pullout from China After Cyberattacks on Dissidents

In a calm and understated blog post, Google said Tuesday that it had recently come under an unusual cyberattack from China. The Web giant said the attack was very different from previous ones because it was aimed at Chinese dissidents’ Gmail accounts.... Information on two accounts was accessed by the hackers, Google said. In addition, “the accounts of dozens of U.S.-, China- and Europe-based Gmail users who are advocates of human rights in China appear to have been routinely accessed by third parties…most likely via phishing scams or malware placed on the users’ computers,” the company wrote. ... Google said it had identified about 20 other companies that had been similarly targeted.


Read more ...

NY Times: Google, Citing Attack, Threatens to Exit China

BEIJING — Google said Tuesday that it would stop cooperating with Chinese Internet censorship and consider shutting down its operations in the country altogether, citing assaults from hackers on its computer systems and China’s attempts to “limit free speech on the Web.”

Read more ...

Monday, January 4, 2010

Buried Cybercrime Warning Signs

KrebsOnSecurity: In a year marked by record bank failures and Wall Street swindlers walking away with tens of billions of investor dollars, it’s perhaps not surprising that the activities of organized cyber gangs looting at least $100 million dollars from small to mid-sized businesses went largely unheralded.

Read more ...