Team Cymru - Internet Security News

Internet Security News

This Internet Security news feed is provided through a partnership with E-Secure-IT. E-Secure-IT provides a wide range of IT-related news feeds. Visit them at www.e-secure-it.com for more information on their available services.

Last Updated: Thu Jul 24 18:33:00 2008 UTC

Apacs reports surge in phishing scams (from Finextra at Thu Jul 24 18:33:00 2008 UTC)

"There were more than 20,000 reported phishing incidents in the first half of 2008, an increase of more than 180% from the same period last year, according to figures from UK payments association Apacs. Reported phishing attacks increased to nearly 26,000 in 2007 from 14,000 the year before. But despite this rise, reported losses to online banking fraud fell last year by 33% to 34 million, says Apacs...." (Read more)

NY AG Will Sue Comcast If They Don't Pretend To Fight Child Pxxx (from dslreports at Thu Jul 24 18:27:00 2008 UTC)

"New York AG Andrew Cuomo recently conducted a "sting" on broadband ISPs that consisted of discovering that Usenet is home to some horrible things (no, not TV show fan fiction). Under penalty of suit, the AG then got ISPs to agree to highly publicized deals that ISPs themselves admit don't have them doing anything differently. The deals seem aimed at providing good press for Cuomo, while allowing ISPs to justify their elimination of newsgroup services (AT&T now blocks the entire alt...." (Read more)

San Francisco Hack: Where Was the Oversight? (from Internet News at Thu Jul 24 18:25:00 2008 UTC)

"If the City of San Francisco were a public corporation and allowed a blunder on par with the recent Terry Childs case, it might find itself facing federal investigation and Mayor Gavin Newsom might be fighting to stay out of jail, experts said. Security experts contacted by InternetNews. com expressed dismay at the apparent lack of basic best practices in the city's IT department -- practices commonplace in the corporate world that they think may have stopped the debacle from ever happening...." (Read more)

Millicom moves into fixed market with Amnet takeover (from Telecom Paper at Thu Jul 24 18:21:00 2008 UTC)

"Emerging markets mobile operator Millicom has announced its first major move into the fixed-line market. The company has agreed to buy Central American cable and broadband operator Amnet for USD 510 million. Started in 1997 and owned by private investors, Amnet provides broadband and cable TV services in Costa Rica, Honduras and El Salvador, fixed telephony in El Salvador and Honduras, and corporate data services in the above countries as well as Guatemala and Nicaragua...." (Read more)

Greater Mobile Use Brings Bigger Virus Threat (from InternetNews at Thu Jul 24 18:21:00 2008 UTC)

"Mobile viruses are infecting more handsets than ever, and are much smarter than they were just one year ago, according to a report released today from AdaptiveMobile. Viruses are going well beyond initial quests centered around replication on devices. Today's aim to steal phone books and contact lists to initiate premium text messaging activity for money-making schemes...." (Read more)

3 Italia suspends data bills after regulatory investigation (from Telecom Paper at Thu Jul 24 18:20:00 2008 UTC)

"Italian mobile operator 3 Italia is suspending bill collection for some mobile data customers after the competition regulator launched an investigation into consumer complaints over high bills. Customers complained after receiving bills for up to EUR 10,000 for service plans such as the Tre. Dati Abbonamento...." (Read more)

Noted reverse engineer outs DNS flaw details (from TechTarget at Thu Jul 24 18:15:00 2008 UTC)

"Halvar Flake, a noted reverse engineer who criticized Dan Kaminsky s DNS Server flaw as overblown, has caused a stir among security researchers for possibly exposing the details in a blog post. Flake hypothesized on his blog about how an attacker could conduct DNS cache poisoning by overloading the server with requests until a legitimate answer is received. The goal is to get a DNS cache poisoning packet to match the transaction ID, according to Flake s post...." (Read more)

Sky to launch online music service, 1st partner is Universal (from Telecom Paper at Thu Jul 24 18:12:00 2008 UTC)

"UK pay-TV operator Sky is to launch an online music service for the UK and Ireland. Universal Music Group is the first to confirm its participation in the service, which will offer digital access to hundreds of thousands of songs from Universal Music artists. The new service offers, for a single monthly subscription, music fans of all ages can enjoy unlimited listening to a choice of songs as well as the opportunity to download tracks to own forever...." (Read more)

Telenor lowers FY sales outlook (from Telecom Paper at Thu Jul 24 18:09:00 2008 UTC)

"Telenor has lowered its annual sales growth forecast, saying it's starting to feel the pressure from high inflation in emerging markets such as Bangladesh, Pakistan and Thailand. The Norwegian company now expects annual sales up around 3 percent, versus a previous estimate for 5 percent growth, but maintained its EBITDA margin estimate of over 31 percent. In the second quarter, revenues rose 3 percent from a year earlier to NOK 27...." (Read more)

Small firms naive about security (from VNUNet at Thu Jul 24 18:07:00 2008 UTC)

"Small and medium sized businesses (SMBs) have developed a false sense of security and remain naive about the threats, according to McAfee. The security firm issued a new report which examined the attitudes of SMBs regarding security. Nearly a third of the companies surveyed had been attacked four or more times in the past three years...." (Read more)

Forrester: Vista is New Coke in the enterprise; Firefox, Apple gain a little (from ZDNet at Thu Jul 24 17:58:00 2008 UTC)

"Vista adoption in the enterprise is mired in the single digits, but is an option for companies that have Windows releases before XP. Nineteen percent of enterprise users use Firefox. And the Mac OS is making some headway in the enterprise, but Apple lacks a coherent strategy to pitch business customers...." (Read more)

Mould threatening VHS tape archives (from VNUNet at Thu Jul 24 17:55:00 2008 UTC)

"A UK digital archiving firm is using an interesting idea to pitch its backup products. Pinnacle claimed that many Brits are losing their home movies to an outbreak of mould which is destroying VHS tapes. The fungus, which appears as a fine white dust, eventually destroys the ability to playback content, according to the firm...." (Read more)

E-Gold chiefs admit money laundering (from VNUNet at Thu Jul 24 17:53:00 2008 UTC)

"Three directors of an online currency company have pleaded guilty to charges of money laundering. Executives at E-Gold and its corporate affiliate Gold & Silver Reserve Inc pleaded guilty and have paid a $1. 7m fine...." (Read more)

Dan Kaminsky's DNS Discovery: The Massive Multi-Vendor Issue and the Massive Multi-Vendor Fix (from Black Hat at Thu Jul 24 17:37:00 2008 UTC)

"Date: Thursday, July 24, 2008Time: 4:00 pm ET/1:00 pm PTDuration: 60 minutes (plus Q&A)Moderator: Jeff Moss, Founder, Black HatSource: Black HatEarly in 2008, security researcher Dan Kaminsky located a gaping hole the basic underpinnings of the internet. This fundamental flaw in DNS security renders almost all DNS serves open to cache poisoning (US CERT VU#800113). As the vulnerability arises from flaws in the design of the DNS protocol, the issue affects nearlyall vendors and nearly all products designed to work with DNS...." (Read more)

Money Laundering in Digital Currencies (from Usdoj.Gov at Thu Jul 24 17:32:00 2008 UTC)

"This assessment describes digital currencies and the digital currency system and how they are used to launder and move funds. Digital currencies provide an ideal money laundering instrument because they facilitate international payments without the transmittal services of traditional financial institutions. 1 Such currencies allow direct access to a remote payment mechanism and can be used to launder illicit funds by sending instant international remittances via the Internet...." (Read more)

MPs offered free laptop locks (from VNUNet at Thu Jul 24 17:25:00 2008 UTC)

"PC peripheral maker Kensington is offering MPs a free lock to ensure the physical security of their laptops. The firm said that the current furore around the theft of government laptops means that MPs need to be able to lock down their laptops wherever they are. With the recent publication of the O'Donnell, Poynter and Burton Reviews and the forthcoming Thomas/Wallport review, attention has once again been drawn to the safety of data held by government departments and agencies," said Stephen Hoare, product manager at Kensington Europe...." (Read more)

New Spyware (Wrongly) Claims It's Won PCMag Award (from Yahoo at Thu Jul 24 17:17:00 2008 UTC)

"This isn't news, but it's worth reminding everyone: there is a large category of malicious programs that present themselves as antispyware or antivirus programs. Having already established that they will lie about these things, they may lie about others. For instance, we recently came across one which claims to have won a number of awards, including the PC Magazine Editors' Choice...." (Read more)

McAfee: SMBs underestimate cybercrime risks (from Network World at Thu Jul 24 14:37:00 2008 UTC)

"The latest survey from security vendor McAfee has found that small to medium-size businesses in North America and Europe wrongly conclude their revenue is too low to draw the attention of cybercriminals. SMBs are in fact rich hunting ground for hackers, McAfee said. Although there may be less money or data to steal, the attacks are also less likely to gain the attention of law enforcement organizations such as the U.S. Federal Bureau of Investigation...." (Read more)

Aiming to make data-breach research easier (from Network World at Thu Jul 24 14:22:00 2008 UTC)

"The monstrous data breaches involving millions of records make all the headlines TJX, AOL, the Veterans Administration. However, it's those whoppers combined with the rat-a-tat-tat of seemingly daily divulgences involving lesser-known entities and fewer victims that add up to a costly and so-far-uncontrolled societal headache. Logging these incidents and assembling reliable research data about the problem has been a bailiwick of security Web site Attrition...." (Read more)

Just saying no - Internet service providers are running into something (from Government Computer News at Thu Jul 24 14:15:00 2008 UTC)

"Internet service providers are running into something that might look familiar to many government program managers plain old resistance to change. A recent study by the Pew Internet and American Life Project found that one reason dial-up users haven't switched to broadband is that they just don't want it. Pew's survey of dial-up users found that 35 percent say they won't switch because broadband prices are too high and 19 percent said they have dial-up by choice and they won't switch no matter what...." (Read more)

Design flaws impair security at banking sites (from Computer World at Thu Jul 24 12:49:00 2008 UTC)

"Banking Web sites suffer from design flaws that undermine their security, exclusive of software vulnerabilities, according to a University of Michigan study to be released Friday. Of 214 sites surveyed in 2006, more than 75% had at least one design flaw that could lead to a security problem, the university said. The flow and layout of the sites can make those sites riskier, and the problems can't be fixed with a patch unlike a software vulnerability...." (Read more)

Computer tapes with Social Security umbers lost (from Chicago Tribune at Thu Jul 24 12:09:00 2008 UTC)

"Computer backup tapes that contain thousands of Social Security numbers of Tinley Park residents have been lost but officials say there's not much chance of identity theft. Officials say the tapes containing information from as long ago as 15 years were lost while being transferred from the village hall to another site within the Chicago suburb on June 23. It's a common procedure to move the tapes so they won't be destroyed if a disaster happens at the village hall...." (Read more)

McAfee debunks recent vulnerabilities in AV software research, n.runs restates its position (from ZDNet at Thu Jul 24 12:05:00 2008 UTC)

"Several days after blogging about a research conduced by n. runs AG that managed to discover approximately 800 vulnerabilities in antivirus products, McAfee issued a statement basically debunking the number of vulnerabilities found, and providing its own account into the number of vulnerabilities affecting its own products...." (Read more)

Hospital warns of possible data leak (from RGJ at Thu Jul 24 12:01:00 2008 UTC)

"Saint Mary's Regional Medical Center sent warning letters this month to about 128,000 patients and clients after a possible intrusion into a proprietary databases. The database, used for Saint Mary's health education classes and wellness programs, contained personal information such as names and addresses, limited health information and some Social Security numbers. The database did not contain medical records or credit card information, said Gary Aldax, marketing manager for Saint Mary's...." (Read more)

Internet firms in piracy crackdown (from Channel4 at Thu Jul 24 11:23:00 2008 UTC)

"Britain's six biggest internet service providers (ISPs) have signed up to a government-backed drive to clamp down on illegal downloading of music and films, it has been revealed. It is thought that around 6. 5 million Britons have downloaded files illegally over the past year and estimates suggest that the practice will cost the music industry up to 1 billion over the next five years...." (Read more)

London is still top card fraud hotspot (from ChannelWeb at Thu Jul 24 11:09:00 2008 UTC)

"London is still the top spot for credit card fraud according to the latest research from The 3rd Man. The organisation carried out the research of over 30 million good and bad card transactions in the six months to June 2008, in conjunction with 192business. com. Other areas appearing in the top ten hotspot list included Romford, Manchester, Ilford, Coventry, Nottingham and Dartford...." (Read more)

ID cards software 'to blame for passport service job cuts' (from ComputerWorldUk at Thu Jul 24 10:51:00 2008 UTC)

"The union representing passport service workers has slammed the planned roll out of automated passport and ID cards processing as it has lead to job cut plans at the Identity and Passport Service agency. The Public and Commercial Services Union said human processes were being automated, and resources were being diverted from passport processing to the introduction of ID cards. The government plans to close a key passport office in Glasgow, and has offered passport staff a below-inflation 2...." (Read more)

DNS Flaw Revealed (from community.plus at Thu Jul 24 10:47:00 2008 UTC)

"After a royal sphericals skyward by Matasano the other day, Metasploit have finally released an auxiliary module to their framework which exploits the flaw in the DNS protocol. This is the same flaw that we rolled a fix for (ok, really a workaround, but fixing an entire protocol isn t something which can be done in a matter of months, let alone weeks or days) recently, but as you already know we re not like other companies. We have a very quick turnaround on things of this nature, and for other projects in general...." (Read more)

Online security video - stay safe online - Barclays is doing to protect online customers (from Barclays at Thu Jul 24 10:35:00 2008 UTC)

"Our Online Banking service is a safe way to manage your money, however online crime is a growing area that everybody needs to be aware of. This short video will show what Barclays is doing to protect you from online fraud as well as explaining some simple things that you can do to help protect yourself. This short Barclays video explains simple things you can do to protect yourself from online fraud as well as explaining what Barclays is doing to protect online customers...." (Read more)

Spammer sent down for 47 months (from Yahoo at Thu Jul 24 10:34:00 2008 UTC)

"A man described by Microsoft as one of the top ten spammers in the world has been sentenced to nearly four years in jail after pleading guilty to charges of fraud, spamming and tax evasion. Robert Soloway, dubbed the Spam King, admitted to using a spamming utility called Dark Mailer to send more than 50,000 emails an hour to internet users. The software changed the headers of emails to that of the recipients address to fool spam filters...." (Read more)

Alert! Storm Worm Strikes Again! (from Techtree at Thu Jul 24 10:31:00 2008 UTC)

"Yesterday, a new Storm Worm iteration was discovered by Websense Security Labs. The worm works around the theme of the U.S. credit crunch. To entice victims, the Trojan uses attractive headlines like "The new currency is coming", "Amero arrives", "Amero currency Union is now the reality", and "The AMERO currency replacing the Dollar"...." (Read more)

Legislators urged to oppose cyber-crime bill likely to threaten online free expression (from RSF at Thu Jul 24 10:30:00 2008 UTC)

"Reporters Without Borders is worried about the impact of a proposed law on cyber-crime, adopted by the Senate on july 9th 2008, that will be submitted to the Chamber of Deputies in the next few days. The press freedom organisation calls on deputies to clarify the bill s wording so as to safeguard online free expression. The bill would punish 13 computer activities...." (Read more)

Malware-infected site detected every five seconds (from Silicon at Thu Jul 24 10:29:00 2008 UTC)

"A website infected with malware is detected every five seconds - a dramatic increase over the last 12 months due to the rise in SQL injection attacks. Websites poisoned with malware capable of infecting visitors' machines are being discovered at a rate of 16,173 per day - three times faster than in 2007. Antivirus firm Sophos found that more than 90 per cent of the web pages capable of spreading Trojan horses and spyware are legitimate websites...." (Read more)

UK officials going snoop crazy (from Silicon at Thu Jul 24 10:26:00 2008 UTC)

"Officials made more than 500,000 requests to snoop on private phone and internet information in the UK last year. More than 1,400 requests per day were made to spy on phone call records and web traffic last year, up on the average of less than 350,000 per year over the previous two years. Public bodies made 519,260 requests to phone and internet service providers under the Regulation of Investigatory Powers Act, according to a report by the interception of communications commissioner Sir Paul Kennedy...." (Read more)

AT& T Profit Climbs 30%, Helping Shares (from Washington Post at Thu Jul 24 10:24:00 2008 UTC)

"AT&T's second-quarter financial results reported yesterday indicated that the weak economy is catching up to the nation's largest telecommunications company, but investors were largely satisfied with what they saw. AT&T earned $3. 77 billion, up 30 percent from $2...." (Read more)

Attack Code Released for New DNS Attack (from PCWorld at Thu Jul 24 10:22:00 2008 UTC)

"Hackers have released software that exploits a recently disclosed flaw in the Domain Name System (DNS) software used to route messages between computers on the Internet. The attack code was released Wednesday by developers of the Metasploit hacking toolkit. Internet security experts warn that this code may give criminals a way to launch virtually undetectable phishing attacks against Internet users whose service providers have not installed the latest DNS server patches...." (Read more)

Govt websites compromised by new virus (from Politics at Thu Jul 24 10:20:00 2008 UTC)

"The infected websites include those run by Norfolk NHS and 12 local councils. Security experts believe the virus has spread to two million computers worldwide after striking US corporate websites such as Sony Playstation and Snapple. The infection only became obvious after people discovered money had been removed from their bank account...." (Read more)

VTel picks Alcatel to deploy WiMAX Rev-e network in Georgia (from Telecom Paper at Thu Jul 24 10:13:00 2008 UTC)

"Alcatel-Lucent has been selected by UAE-based telecommunications company VTel Holding to design, deploy and maintain a commercial WiMAX 802. 16e-2005 (Rev-e) network in Georgia. VTel Georgia, a greenfield operator established by VTel Holding, plans to launch the new WiMAX services under the brand Maximali in major cities by September...." (Read more)

Professional Soldier - Analogy between professional soldiers and professional penetration testers (from Gnucitizen at Thu Jul 24 10:12:00 2008 UTC)

"I would like to draw a simple analogy between professional soldiers and professional penetration testers. I find a lot in common between them and I believe that this exercise may help some members of the audience to clarify their understandings regarding our industry. We will drill into several categories where both professions will be compared to each other:Both, professional soldiers and penetration testers, have professional set of skills which were build over years of experience...." (Read more)

Internal security threats multiply (from Government Computer News at Thu Jul 24 10:11:00 2008 UTC)

"An evaluation of more than 100,000 endpoint devices at private-sector enterprises showed that significant numbers were missing essential software such as antivirus or security patches and were using unauthorized applications such as file sharing and remote control software. Network management company Promisec Inc., of New York, scanned client endpoints with its Spectator tool in the first six months of this year...." (Read more)

Serious security flaws riddle online banking: NRI scientist (from Netindia123 at Thu Jul 24 10:11:00 2008 UTC)

"More than 75 percent of bank websites were flawed and could expose customers to cyber thieves eyeing their money or their identity, according to a survey by University of Michigan. Atul Prakash, an electrical engineering professor and doctoral students Laura Falk and Kevin Borders based their findings on an in-depth study of websites of 214 financial institutions in 2006. These design flaws stem from the flow and the layout of these websites...." (Read more)

SK Telecom's net income drops 26% on marketing costs (from Telecom Paper at Thu Jul 24 10:11:00 2008 UTC)

"SK Telecom saw its net income drop by 26 percent in the second quarter on high marketing expenses. Revenues went up by 3 percent to KRW 2. 93 trillion, from KRW 2...." (Read more)

UK ISPs agree deal on combating illegal file-sharing (from Telecom Paper at Thu Jul 24 10:10:00 2008 UTC)

"UK ISPs have settled their long-running dispute with the music industry over illegal file-sharing in a new protocol agreement back by the government. The government had threatened to impose legislation on the industry if it did not reach an agreement on self-regulation. The agreement includes the ISPs Orange, BT, Virgin, Tiscali, BSkyB and Carphone Warehouse...." (Read more)

They Can Build It. They Have the Technology (from covertress at Thu Jul 24 09:30:00 2008 UTC)

"A top U.S. scientist warned American lawmakers of a possible catastrophic national security scenario: a possible development of Electromagnetic Pulse (EMP) weapons by rogue states, including North Korea, and a potential detonation of such a device on American soil. William Graham, chairman of the U.S. government-sponsored "Commission to Assess the Threat to the United States," told U.S. lawmakers that the Stalinist state has the required technologies to develop such weapons. In a testimony to the U.S. House Armed Services Committee this month, the scientist said EMP weapons are "one of a small number of threats that can hold our society at risk of catastrophic consequences."Graham told lawmakers that the detonation of such devices over the middle of the continental United States "has the capability to produce significant damage to critical infrastructures that support the fabric of U.S. society and the ability of the United States and Western nations to project influence and military power."He warned: "Several potential adversaries have the capability to attack the United States with a high-altitude nuclear weapon-generated electromagnetic pulse, and others appear to be pursuing efforts to obtain that capability."What's worse, he noted, is that "a determined adversary can achieve EMP attack capability without having a high level of sophistication.""For example, an adversary would not have to have long-range ballistic missiles to conduct an EMP attack against the United States...." (Read more)

With DNS Flaw Public, Attack Imminent (from CSOonline at Thu Jul 24 09:30:00 2008 UTC)

"One day after a security company accidentally posted details of a serious flaw in the Internet's Domain Name System (DNS), hackers are saying that software that exploits this flaw is sure to pop up soon. Several hackers are almost certainly already developing attack code for the bug, and it will most likely crop up within the next few days, said Dave Aitel, chief technology officer at security vendor Immunity. His company will eventually develop sample code for its Canvas security testing software too, a task he expects to take about a day, given the simplicity of the attack...." (Read more)

Lesson From the DNS Bug: Patching Isn't Enough (from Wired at Thu Jul 24 09:29:00 2008 UTC)

"Despite the best efforts of the security community, the details of a critical internet vulnerability discovered by Dan Kaminsky about six months ago have leaked. Hackers are racing to produce exploit code, and network operators who haven't already patched the hole are scrambling to catch up. The whole mess is a good illustration of the problems with researching and disclosing flaws like this...." (Read more)

'Romanian Pleads Guilty In US Phishing Case ' (from SecurityProNews at Thu Jul 24 09:29:00 2008 UTC)

"Ovidiu-Ionut Nicola-Roman admitted to one count of conspiracy to commit fraud in connection with access devices in US District Court in Connecticut, the US Attorney's Office for the state said. Nicola-Roman and six other Romanians had been indicted in January 2007 for their roles in a phishing scheme that sought banking information from victims. The group compromised a computer in Minnesota and published a fake site for Connecticut-based People's Bank...." (Read more)

DNS attack code out in wild (from TechWorld at Thu Jul 24 09:29:00 2008 UTC)

"The attack code was released Wednesday by developers of the Metasploit hacking toolkit. Internet security experts warn that this code may give criminals a way to launch virtually undetectable phishing attacks against Internet users whose service providers have not installed the latest DNS server patches. The attack is a variation on what's known as a cache poisoning attack...." (Read more)

E-Gold pleads guilty to money laundering (from SecurityFocus at Thu Jul 24 09:28:00 2008 UTC)

"On Monday, the Nevis, West Indies, company, its founder and two senior directors all agreed to plead guilty to various charges related to money laundering and the operation of an unlicensed money transfer business. The agreement ends a nearly four-year investigation into the company and its digital currency service, which -- because of the anonymity it provided account holders -- became a popular method for cybercriminals to turn ill-gotten proceeds into clean cash...." (Read more)