My Blog » security

Hackers Find Home In Amazon EC2 Cloud

CmdrTaco — Thu, 10 Dec 2009 17:27:00 +0000

snydeq writes "Security researchers have spotted the Zeus botnet running an unauthorized command and control center on Amazon's EC2 cloud computing infrastructure. This marks the first time Amazon Web Services' cloud infrastructure has been used for this type of illegal activity, according to threat researcher Don DeBolt. The hackers got onto Amazon's infrastructure by hacking into a Web site hosted on Amazon's servers and then secretly installing their command and control infrastructure."

Read more of this story at Slashdot.

Malware Found Hidden In Screensaver On Gnome-Look

timothy — Wed, 09 Dec 2009 22:39:00 +0000

AndGodSed writes "OMG! UBUNTU! Reports the following: 'Malware has been found hidden inside an innocuous 'waterfall' screensaver .deb file made available on popular artwork sharing site Gnome-Look.org. The .deb file installs a script with elevated privileges designed to perform a DDoS attack as well as keep itself updated via downloads. The dodgy screensaver in question has since been removed from gnome-look, and this incident was a very basic, if potentially successful, attempt.'" A similar report at Digitizor.com says that similar malware was also found in a theme called Ninja Black. For those affected, both sites also provide instruction on cleansing your system.

Read more of this story at Slashdot.

TSA’s Sloppy Redacting Reveals All

kdawson — Tue, 08 Dec 2009 05:03:00 +0000

A travel blog breaks the story of a poor job of redacting by the TSA: they posted a PDF of airport screening policies, with certain sections blacked out — not realizing that simply laying a black rectangle over the text is hardly sufficient. Cryptome has posted a copy with the redaction removed (ZIP).

Read more of this story at Slashdot.

Facebook ID Probe Shows Things Getting Worse

CmdrTaco — Mon, 07 Dec 2009 14:44:00 +0000

An anonymous reader writes "According to Sophos, Facebook users are getting sloppier with their personal info, not better. Revisiting a 2007 survey in which a plastic frog got 87 hits out of 200 friend requests, this time a rubber duck and a cat got 87 out of 200 friend requests, plus a bonus 8 friends who decided to trust them anyway. The research also suggests that older Facebook users are sloppier than the young, being keener to build their list of friends. (The older users had more than 4x the friends each, on average, than the young.)"

Read more of this story at Slashdot.

Hackers vs. Phishers

CmdrTaco — Mon, 07 Dec 2009 13:57:00 +0000

An anonymous reader writes "'Some hackers out there don't like to do all the hard work of running a successful phishing campaign. Instead, they developed a simple online service to "steal" account details from the hard-working phishers. Named AutoWhaler, the service allows anyone to scan a phishing server for log files that contain juicy information such as usernames and passwords.'"

Read more of this story at Slashdot.

A Look At the Safety of Google Public DNS

kdawson — Fri, 04 Dec 2009 16:35:00 +0000

darthcamaro writes "Yesterday we discussed Google's launch of its new Public DNS service. Now Metasploit founder and CSO at Rapid7, H D Moore, investigates how well-protected Google's service is against the Kaminsky DNS flaw. Moore has put together a mapping of Google's source port distribution on the Public DNS service. In his view, it looks like the source ports are sufficiently random, even though they are limited to a small range of ports. The InternetNews report on Moore's research concludes: 'What Moore's preliminary research clearly demonstrates to me is that Google really does need to live up to its promise here. Unlike a regular ISP, Google will be subject to more scrutiny (and research) than other DNS providers.'"

Read more of this story at Slashdot.

Malware Could Grab Data From Stock iPhones

timothy — Fri, 04 Dec 2009 06:20:00 +0000

Ardisson writes "Swiss iPhone developer Nicolas Seriot presented last night a talk on iPhone Privacy in Geneva. He showed how a malicious application could harvest personal data on a non-jailbroken iPhone (PDF) and without using private APIs. It turns out that the email accounts, the keyboard cache content and the WiFi connection logs are fully accessible. The talk puts up several recommendations. There is also a demo project on github."

Read more of this story at Slashdot.

Cameroon the New Hotbed of Malware

samzenpus — Thu, 03 Dec 2009 04:18:00 +0000

garg0yle writes "According to McAfee, more than a third of Cameroon domains (TLD of .cm) are infested with viruses or other not-so-fun party treats. Given that it's very easy to mis-type .com as .cm, this puts the computers of a lot of fat-fingered typists in peril. Second place on the most-infested domains list goes to China (.cn), while Hong Kong (last year's 'winner') is now comfortably middle-of-the-pack."

Read more of this story at Slashdot.

Somali Pirates Open Up a “Stock Exchange”

kdawson — Wed, 02 Dec 2009 04:29:00 +0000

reginaldo writes to clue us that pirates in Somalia have opened up a cooperative in Haradheere, where investors can pay money or guns to help their favorite pirate crew for a share of the piracy profits. "'Four months ago, during the monsoon rains, we decided to set up this stock exchange. We started with 15 "maritime companies" and now we are hosting 72. Ten of them have so far been successful at hijacking,' Mohammed [a wealthy former pirate who took a Reuters reporter to the facility] said. ... Piracy investor Sahra Ibrahim, a 22-year-old divorcee, was lined up with others waiting for her cut of a ransom pay-out after one of the gangs freed a Spanish tuna fishing vessel. 'I am waiting for my share after I contributed a rocket-propelled grenade for the operation,' she said, adding that she got the weapon from her ex-husband in alimony. 'I am really happy and lucky. I have made $75,000 in only 38 days since I joined the "company."'"

Read more of this story at Slashdot.

SarBox Lawsuit Could Rewrite IT Compliance Rules

kdawson — Tue, 01 Dec 2009 20:45:00 +0000

dasButcher notes that the Supreme Court will hear arguments next week brought by a Nevada accounting firm that asserts the oversight board for the Sarbanes-Oxley Act is unconstitutional. If the plaintiffs are successful, it could force Congress to rewrite or abandon the law used by many companies to validate tech investments for security and compliance. "Many auditing firms have used [Sarbanes-Oxley Section] 404 as a lever for imposing stringent security technology requirements on publicly traded companies regulated by SOX and their business partners. SOX security compliance has proven effective for vendors and solution providers, as it forces regulated enterprises to spend billions of dollars on technology that, many times, doesn’t prevent security incidents but does make them compliant with the law."

Read more of this story at Slashdot.