Some news, some true
FBI: Cyber Criminals Using Photo-Sharing Programs to Compromise Computers. In the latest of what seems to be an ever-growing trend, hackers and internet criminals are finding new ways to get into computers and cause chaos. The FBI has seen an increase in cyber criminals who use online photo-sharing programs to perpetrate scams and harm victims’ computers. These criminals advertise vehicles online but will not provide pictures in the advertisement. They will send photos on request. Sometimes the photo is a single file sent as an e-mail attachment, and sometimes the victim receives a link to an online photo gallery. The photos can and often contain malicious software that infects the victim’s computer, directing the user to fake websites that look nearly identical to the real sites where the original advertisement was seen. The cyber criminals run all aspects of these fake websites, including “tech support” or “live chat support” and any “recommended” escrow services. After the victim agrees to purchase the item and makes the payment, the criminals stop responding to correspondence. The victims never receive any merchandise.
Oh the irony: Hacking group Anonymous has Twitter account hacked by rival group. YourAnonNews (YAN), a Tumblr blog and Twitter account that supports the hacktivist movement Anonymous and posts regular tweets about breaking news stories, appears to have been hacked today by a group known as the Rustle League. More than two dozen tweets have since been issued from the account, containing a wide range of racial and potentially offensive language. The main Anonymous Twitter account recognised the hack before sharing a report by Softpedia. It’s unclear whether the central Anonymous group is assisting YourAnonNews to restore order at this time. Anonymous has also tweeted, however, to say that it has notified both Reuters and the BBC about the takeover.
Belgian PM’s personal emails hacked and sent to newspaper. Hackers have sent emails from Belgium’s Prime Minister Elio Di Rupo’s personal account to De Morgen newspaper, the daily said on Friday. Dating from 2004 to 2008 when Di Rupo was president of Belgium’s socialist party and before he became prime minister in 2011, the emails were mostly of a private nature, although some did refer to his political activities, the paper said.
Stratfor hacker faces jail after admitting cyber-attack. Information taken from Stratfor was published by Wikileaks which defended Hammond after his guilty plea. A 28-year-old US man faces up to 10 years in prison after pleading guilty to carrying out a cyber-attack on global intelligence firm Stratfor. “Anarchist and hacker” Jeremy Hammond – who said he was part of activist group Anonymous – was charged with stealing information from Stratfor in 2011. The data included details of more than 850,000 clients, including government and law enforcement agencies.
Some of the accessed material was subsequently published by Wikileaks. Credit cards linked to some of the accessed details were used to spend more than $700,000 (£465,000) – with some of the money going to charities including the Red Cross and Save the Children.
NATO defence ministers to discuss cyber security. A meeting of NATO defence ministers will be held next week at NATO headquarters in Brussels. A key item on the agenda is the issue of cyber defence, which has become an issue of increasing concern for the security of tech-dependent western nations. Cyber defence is a particularly tricky issue; the attacks themselves are very diverse, ranging from simple distributed-denial-of-service (DDoS) attacks that make websites inaccessible to strikes that have the potential to cause physical destruction. Espionage is also a serious threat; in February the Washington Post reported on a US National Intelligence Estimate that blamed China for a massive cyber espionage campaign intended to steal military secrets. Estonia was subjected to a large, sustained cyber attack in 2007 that lasted several days and left commerce in the Baltic country paralysed. The campaign is thought to have originated in Russia, but it is still unclear exactly who was responsible. Georgia was subjected to a cyber attack in advance of its 2008 war with Russia over the border region of South Ossetia. The attack was limited to shutting down a handful of Georgian government websites, but was the first incident of a cyber campaign coinciding with a shooting war. Attribution is another aspect of cyber attacks that makes them very problematic. Due to the interconnected and largely anonymous nature of the internet, it is not difficult for the perpetrator of an attack to conceal their location. Even if the physical origin of an attack is located, determining the individuals or organisation responsible may not be possible. Unlike many traditional weapons, the knowledge and technology needed to conduct cyber attacks are largely unregulated and extremely prolific; one needs little more than access to an internet server and a modicum to technical skill to launch an attack. This means that cyber attacks can originate from any number of sources, ranging from state-directed campaigns to teenage pranksters.
Chinese military to launch cyber war games next month. The notion of a nation state conducting war games to test its military readiness is hardly a new idea, but China is approaching its next round of fake war with a new twist: This time, the war games will be conducted in the virtual realm. Somewhere, teenage Matthew Broderick is smiling. A report from the Xinhua news agency – the official press agency of the People’s Republic of China – has announced that the upcoming exercises will, in part, “test new types of combat forces including units using digital technology amid efforts to adjust to informationalised war.” The short report states that the exercises, which will be carried out next month at the country’s largest military training field at the Zhurihe training base in China’s Inner Mongolia Autonomous Region, will also “be the first time a People’s Liberation Army exercise has focused on combat forces including digitalized units, special operations forces, army aviation and electronic counter forces.” Eight military academies are forecast to participate in the war games, as well as members of the 38th and 68th combined corps of the Beijinh Military Area Command. The June date for the exercises mean that they are likely to follow a meeting between U.S. President Barack Obama and Chinese President Xi Jinping in California next week. The two are expected to discuss cyber security in light of renewed fears of Chinese cyber attacks into U.S. military networks.
Hackers exploit Ruby on Rails vulnerability to compromise servers, create botnet. A vulnerability in Ruby on Rails that was patched in January has been seen being exploited by attackers to take over servers and create a botnet.
Deloitte Acquires Specialist Cyber Threat Firm Vigilant. Deloitte, recognized by Forrester Research, Inc. as both a leader and the largest information security consulting organization in the world, strengthened its cyber security capabilities today by acquiring substantially all of the assets of Vigilant, Inc., a specialist in security monitoring and cyber threat intelligence. Vigilant provides consulting, managed services, and information services that help organizations detect and respond to emerging cyber threats. The combined practices will operate under the Vigilant by Deloitte brand. Vigilant’s suite of cyber threat management services complements Deloitte’s market-leading security consulting practice and enhances Deloitte’s cyber threat offerings. As a result, Deloitte has expanded its ability to provide customized security solutions to the world’s leading enterprises in high-risk industry sectors, such as financial services, aerospace and defense, retail, manufacturing, technology, communications, energy, and pharmaceuticals.
Secunia accidentally discloses image viewing application vulnerabilities. A researcher accidentally emailed information on vulnerabilities in ERDAS ER Viewer to a public vulnerability mailing list. The large image file viewer is used by various organizations, including some in the defense industry.
Microsoft Launches Cyber Threat Intelligence Program To Battle Botnets, Malware In The Cloud. Microsoft launched the Cyber Threat Intelligence Program on Wednesday, a new system that uses the Windows Azure cloud computing platform to fight botnets and malware. The system will allow Microsoft to share information on computer virus infections with Internet Service Providers and Computer Emergency Response Teams in near real-time. Microsoft said in a blog post that it expects the program to dramatically increase the ability to keep up the changing cybercrime landscape. Microsoft is working with teams in Spain and Luxembourg, and said the new cloud-based program will, “allow these organizations to have better situational awareness of cyber threats, and more quickly and efficiently notify people of potential security issues with their computers.” C-TIP will send updated data related to computers infected with malware every 30 seconds using Windows Azure, giving antivirus teams nearly instant access to the most recent data on botnets and malware.
Experts find code execution flaw in PS3, password reset bug in Sony Entertainment Network. Researchers at Vulnerability Lab revealed that several vulnerabilities in Sony’s Playstation 3 firmware were disclosed to Sony and recently fixed. They also found that the Sony Entertainment Network Web site’s password recovery function could be exploited to reset users’ passwords.
Expert reports two security issues to Dropbox, only one fixed. A researcher at Security Pulse found and disclosed two vulnerabilities in Dropbox. The first, an open redirect flaw, was addressed by Dropbox, while the second, a bug that allows attackers to unsubscribe users from the Dropbox for Business mailing list, was not regarded as a security issue by the company.
DoS vulnerability in ModSecurity fixed. The developers of the ModSecurity firewall fixed a vulnerability that could be exploited to crash the firewall, among other fixes.
Chinese hackers breach top weapons designs. According to a report prepared by the Defense Science Board, Chinese hackers have gained access to the designs of many of the United States most sensitive advanced weapons systems.
Drupal.org compromised. Drupal.org’s security team discovered unauthorized access that exposed user names, countries, emails, and hashed passwords. Drupal.org reset all user passwords and was continuing to investigate to find out if other kinds of user information were also exposed.
Kelihos botnet used for “Only 24 hours left to shop” pharma spam campaign. Cisco researchers discovered a pharmaceuticals spam campaign using the Kelihos botnet. The campaign sends out massive amounts of spam instead of trying to bypass spam filters, and the site linked to in the emails uses various means to track users.
“Beta Bot” marks the latest banking malware to hit the online underground. A researcher at RSA reported the discovery of a new financial and root access malware dubbed Beta Bot. The malware has been seen for sale on underground forums and appears to have been created by a skilled programmer.
Motorola’s password in a pill and electronic tattoo. Always forgetting your password? Tech company Motorola is working on some rather unusual solutions! They’ve unveiled an electronic ‘tattoo’ that sticks to your skin. It has a circuit so gadgets can identify you. Another experimental idea is a password pill you swallow – that transmits a signal to devices outside the body. The pill doesn’t need batteries because it’s powered by stomach acid – but Motorola bosses say it won’t be on sale any time soon.